Bumps
[@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)
from 25.3.5 to 25.4.0.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Bumps [alembic](https://github.com/sqlalchemy/alembic) from 1.12.1 to
1.18.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sqlalchemy/alembic/releases">alembic's
releases</a>.</em></p>
<blockquote>
<h1>1.18.4</h1>
<p>Released: February 10, 2026</p>
<h2>bug</h2>
<ul>
<li>
<p><strong>[bug] [operations]</strong> Reverted the behavior of
<code>Operations.add_column()</code> that would
automatically render the "PRIMARY KEY" keyword inline when a
<code>Column</code> with <code>primary_key=True</code> is added. The
automatic
behavior, added in version 1.18.2, is now opt-in via the new
<code>Operations.add_column.inline_primary_key</code> parameter. This
change restores the ability to render a PostgreSQL SERIAL column, which
is
required to be <code>primary_key=True</code>, while not impacting the
ability to
render a separate primary key constraint. This also provides consistency
with the <code>Operations.add_column.inline_references</code> parameter
and
gives users explicit control over SQL generation.</p>
<p>To render PRIMARY KEY inline, use the
<code>Operations.add_column.inline_primary_key</code> parameter set to
<code>True</code>:</p>
<p>op.add_column(
"my_table",
Column("id", Integer, primary_key=True),
inline_primary_key=True
)References: <a
href="https://redirect.github.com/sqlalchemy/alembic/issues/1232">#1232</a></p>
</li>
</ul>
<h1>1.18.3</h1>
<p>Released: January 29, 2026</p>
<h2>bug</h2>
<ul>
<li>
<p><strong>[bug] [autogenerate]</strong> Fixed regression in version
1.18.0 due to <a
href="https://redirect.github.com/sqlalchemy/alembic/issues/1771">#1771</a>
where autogenerate
would raise <code>NoReferencedTableError</code> when a foreign key
constraint
referenced a table that was not part of the initial table load,
including
tables filtered out by the
<code>EnvironmentContext.configure.include_name</code> callable or
tables
in remote schemas that were not included in the initial reflection
run.</p>
<p>The change in <a
href="https://redirect.github.com/sqlalchemy/alembic/issues/1771">#1771</a>
was a performance optimization that eliminated
additional reflection queries for tables that were only referenced by
foreign keys but not explicitly included in the main reflection run.
However, this optimization inadvertently removed the creation of
<code>Table</code> objects for these referenced tables, causing
autogenerate
to fail when processing foreign key constraints that pointed to
them.</p>
<p>The fix creates placeholder <code>Table</code> objects for foreign
key targets</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/sqlalchemy/alembic/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Bumps [botocore](https://github.com/boto/botocore) from 1.35.99 to
1.42.66.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="537c33eaa6"><code>537c33e</code></a>
Merge branch 'release-1.42.66'</li>
<li><a
href="c640bbbedc"><code>c640bbb</code></a>
Bumping version to 1.42.66</li>
<li><a
href="8e7a97f138"><code>8e7a97f</code></a>
Update endpoints model</li>
<li><a
href="8eba3d800b"><code>8eba3d8</code></a>
Update to latest models</li>
<li><a
href="685dba3e59"><code>685dba3</code></a>
Update documentation.yml (<a
href="https://redirect.github.com/boto/botocore/issues/3638">#3638</a>)</li>
<li><a
href="9ed5c2f873"><code>9ed5c2f</code></a>
Merge branch 'release-1.42.65'</li>
<li><a
href="028c88334d"><code>028c883</code></a>
Merge branch 'release-1.42.65' into develop</li>
<li><a
href="df66c0c632"><code>df66c0c</code></a>
Bumping version to 1.42.65</li>
<li><a
href="51583f17b5"><code>51583f1</code></a>
Update to latest models</li>
<li><a
href="af281813f1"><code>af28181</code></a>
Add logic to skip invalid checksum feature id (<a
href="https://redirect.github.com/boto/botocore/issues/3639">#3639</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/boto/botocore/compare/1.35.99...1.42.66">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Bumps [aiosqlite](https://github.com/omnilib/aiosqlite) from 0.19.0 to
0.22.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/omnilib/aiosqlite/blob/main/CHANGELOG.md">aiosqlite's
changelog</a>.</em></p>
<blockquote>
<h2>v0.22.1</h2>
<p>Bug fix release</p>
<p>NOTE: Starting with <code>v0.22.0</code>, the
<code>aiosqlite.Connection</code> object no longer
inherits from <code>threading.Thread</code>. If not using aiosqlite as a
context manager,
clients must <code>await connection.close()</code> or call
<code>connection.stop()</code> to ensure
the helper thread is completed and terminated correctly. A
<code>ResourceWarning</code>
will be emitted for any connection that is garbage collected without
being
closed or stopped.</p>
<ul>
<li>Added synchronous <code>stop()</code> method to
<code>aiosqlite.Connection</code> to enable safe
cleanup and termination of the background thread without dependence
on having an active event loop (<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/370">#370</a>)</li>
</ul>
<pre lang="text"><code>$ git shortlog -s v0.22.0...v0.22.1
2 Amethyst Reese
</code></pre>
<h2>v0.22.0</h2>
<p>Feature release</p>
<ul>
<li>Support <code>set_authorizer</code> query access controls (<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/349">#349</a>)</li>
<li>Wait for transaction queue to complete when closing connection (<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/305">#305</a>)</li>
<li>Emit warning when connection goes out of scope without being closed
(<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/355">#355</a>)</li>
<li>Remove dependency on <code>typing_extensions</code> (<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/365">#365</a>)</li>
</ul>
<pre lang="text"><code>$ git shortlog -s v0.21.0...v0.22.0
1 Alec Berryman
1 Amethyst Reese
1 David Andreoletti
1 Markus Heidelberg
1 beerpsi
19 dependabot[bot]
</code></pre>
<h2>v0.21.0</h2>
<p>Maintenance release</p>
<ul>
<li>Fix: close connection correctly when BaseException raised in
connection (<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/317">#317</a>)</li>
<li>Metadata improvements</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9b127cecc7"><code>9b127ce</code></a>
Version bump v0.22.1</li>
<li><a
href="5c3f61c1ea"><code>5c3f61c</code></a>
Improve stop semantics for connections (<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/370">#370</a>)</li>
<li><a
href="a869d73678"><code>a869d73</code></a>
Version bump v0.22.0</li>
<li><a
href="1cd60adcab"><code>1cd60ad</code></a>
Emit warning if connection is deleted before it is closed (<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/355">#355</a>)</li>
<li><a
href="611d7b4f29"><code>611d7b4</code></a>
Add set_authorizer support for fine-grained access control (<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/349">#349</a>)</li>
<li><a
href="81d00c8f16"><code>81d00c8</code></a>
Bump actions/setup-python from 5 to 6 (<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/357">#357</a>)</li>
<li><a
href="7a26722f7e"><code>7a26722</code></a>
Bump coverage[toml] from 7.8.0 to 7.10.7 (<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/358">#358</a>)</li>
<li><a
href="445754087e"><code>4457540</code></a>
Bump flake8 from 7.2.0 to 7.3.0 (<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/346">#346</a>)</li>
<li><a
href="b650dad318"><code>b650dad</code></a>
Bump actions/checkout from 5 to 6 (<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/366">#366</a>)</li>
<li><a
href="065ffdd129"><code>065ffdd</code></a>
Bump mypy from 1.15.0 to 1.19.0 (<a
href="https://redirect.github.com/omnilib/aiosqlite/issues/367">#367</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/omnilib/aiosqlite/compare/v0.19.0...v0.22.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Bumps
[python-jose[cryptography]](https://github.com/mpdavis/python-jose) from
3.3.0 to 3.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/mpdavis/python-jose/releases">python-jose[cryptography]'s
releases</a>.</em></p>
<blockquote>
<h2>3.5.0</h2>
<ul>
<li>Remove support for Python 3.8</li>
<li>Added support for Python 3.12 & 3.13</li>
<li>Upgrade to pyasn1 0.5.1+</li>
<li>Upgrade to pytest and other dependencies</li>
<li>Add RTD config file to silence emailed deprecation warnings</li>
</ul>
<h3>Bug fixes and Improvements</h3>
<ul>
<li>Remove get_random_bytes from cryptography backend</li>
<li>Do not use <code>utc_now</code> on module level</li>
<li>Remove key data (sensitive information) from JWKError
exceptions</li>
<li>Added possibility to call jwk.construct() with a private RSA
key</li>
</ul>
<p><a
href="https://pypi.org/project/python-jose/3.5.0/">https://pypi.org/project/python-jose/3.5.0/</a></p>
<h2>3.4.0</h2>
<h3>News</h3>
<ul>
<li>Remove support for Python 3.6 and 3.7</li>
<li>Added support for Python 3.10 and 3.11</li>
</ul>
<h3>Bug fixes and Improvements</h3>
<ul>
<li>Updating <code>CryptographyAESKey::encrypt</code> to generate 96 bit
IVs for GCM block
cipher mode</li>
<li>Fix for PEM key comparisons caused by line lengths and new
lines</li>
<li>Fix for CVE-2024-33664 - JWE limited to 250KiB</li>
<li>Fix for CVE-2024-33663 - signing JWT with public key is now
forbidden</li>
<li>Replace usage of deprecated datetime.utcnow() with
datetime.now(UTC)</li>
</ul>
<h3>Housekeeping</h3>
<ul>
<li>Updated Github Actions Workflows</li>
<li>Updated to use tox 4.x</li>
<li>Revise codecov integration</li>
<li>Fixed DeprecationWarnings</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mpdavis/python-jose/blob/master/CHANGELOG.md">python-jose[cryptography]'s
changelog</a>.</em></p>
<blockquote>
<h2>3.5.0 -- 2025-05-28</h2>
<h3>News</h3>
<ul>
<li>Remove support for Python 3.8</li>
<li>Added support for Python 3.12 & 3.13</li>
<li>Upgrade to pyasn1 0.5.1+</li>
<li>Upgrade to pytest and other dependencies</li>
<li>Add RTD config file to silence emailed deprecation warnings</li>
</ul>
<h3>Bug fixes and Improvements</h3>
<ul>
<li>Remove get_random_bytes from cryptography backend</li>
<li>Do not use <code>utc_now</code> on module level</li>
<li>Remove key data (sensitive information) from JWKError
exceptions</li>
<li>Added possibility to call jwk.construct() with a private RSA
key</li>
</ul>
<h2>3.4.0 -- 2025-02-14</h2>
<h3>News</h3>
<ul>
<li>Remove support for Python 3.6 and 3.7</li>
<li>Added support for Python 3.10 and 3.11</li>
</ul>
<h3>Bug fixes and Improvements</h3>
<ul>
<li>Updating <code>CryptographyAESKey::encrypt</code> to generate 96 bit
IVs for GCM block
cipher mode</li>
<li>Fix for PEM key comparisons caused by line lengths and new
lines</li>
<li>Fix for CVE-2024-33664 - JWE limited to 250KiB</li>
<li>Fix for CVE-2024-33663 - signing JWT with public key is now
forbidden</li>
<li>Replace usage of deprecated datetime.utcnow() with
datetime.now(UTC)</li>
</ul>
<h3>Housekeeping</h3>
<ul>
<li>Updated Github Actions Workflows</li>
<li>Updated to use tox 4.x</li>
<li>Revise codecov integration</li>
<li>Fixed DeprecationWarnings</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="018b310ddb"><code>018b310</code></a>
Prepare release 3.5.0 (<a
href="https://redirect.github.com/mpdavis/python-jose/issues/388">#388</a>)</li>
<li><a
href="393c37476c"><code>393c374</code></a>
Improve jwt.decode key doc (<a
href="https://redirect.github.com/mpdavis/python-jose/issues/198">#198</a>)</li>
<li><a
href="50d43908ff"><code>50d4390</code></a>
utils.py: fix types in docstrings for base64url_encode/decode (<a
href="https://redirect.github.com/mpdavis/python-jose/issues/269">#269</a>)</li>
<li><a
href="8fd0b63186"><code>8fd0b63</code></a>
Add RTD config file to silence emailed deprecation warnings (<a
href="https://redirect.github.com/mpdavis/python-jose/issues/333">#333</a>)</li>
<li><a
href="6f03385e53"><code>6f03385</code></a>
Added possibility to call jwk.construct() with a private key (<a
href="https://redirect.github.com/mpdavis/python-jose/issues/295">#295</a>)</li>
<li><a
href="2f0aca6e2e"><code>2f0aca6</code></a>
Add python_requires arg to setup.cfg (<a
href="https://redirect.github.com/mpdavis/python-jose/issues/273">#273</a>)</li>
<li><a
href="895777e04a"><code>895777e</code></a>
Updated pyasn version to match latest (<a
href="https://redirect.github.com/mpdavis/python-jose/issues/338">#338</a>)</li>
<li><a
href="45bd1248f1"><code>45bd124</code></a>
Update jwk.py (<a
href="https://redirect.github.com/mpdavis/python-jose/issues/328">#328</a>)</li>
<li><a
href="1f0ae0a208"><code>1f0ae0a</code></a>
docs: Fix a few typos (<a
href="https://redirect.github.com/mpdavis/python-jose/issues/299">#299</a>)</li>
<li><a
href="ceaac3665d"><code>ceaac36</code></a>
Do not use <code>utc_now</code> on module level (<a
href="https://redirect.github.com/mpdavis/python-jose/issues/372">#372</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/mpdavis/python-jose/compare/3.3.0...3.5.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.3 to
9.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pytest-dev/pytest/releases">pytest's
releases</a>.</em></p>
<blockquote>
<h2>9.0.2</h2>
<h1>pytest 9.0.2 (2025-12-06)</h1>
<h2>Bug fixes</h2>
<ul>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13896">#13896</a>:
The terminal progress feature added in pytest 9.0.0 has been disabled by
default, except on Windows, due to compatibility issues with some
terminal emulators.</p>
<p>You may enable it again by passing <code>-p terminalprogress</code>.
We may enable it by default again once compatibility improves in the
future.</p>
<p>Additionally, when the environment variable <code>TERM</code> is
<code>dumb</code>, the escape codes are no longer emitted, even if the
plugin is enabled.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13904">#13904</a>:
Fixed the TOML type of the <code>tmp_path_retention_count</code>
settings in the API reference from number to string.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13946">#13946</a>:
The private <code>config.inicfg</code> attribute was changed in a
breaking manner in pytest 9.0.0.
Due to its usage in the ecosystem, it is now restored to working order
using a compatibility shim.
It will be deprecated in pytest 9.1 and removed in pytest 10.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13965">#13965</a>:
Fixed quadratic-time behavior when handling <code>unittest</code>
subtests in Python 3.10.</p>
</li>
</ul>
<h2>Improved documentation</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/4492">#4492</a>:
The API Reference now contains cross-reference-able documentation of
<code>pytest's command-line flags
<command-line-flags></code>.</li>
</ul>
<h2>9.0.1</h2>
<h1>pytest 9.0.1 (2025-11-12)</h1>
<h2>Bug fixes</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13895">#13895</a>:
Restore support for skipping tests via <code>raise
unittest.SkipTest</code>.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13896">#13896</a>:
The terminal progress plugin added in pytest 9.0 is now automatically
disabled when iTerm2 is detected, it generated desktop notifications
instead of the desired functionality.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13904">#13904</a>:
Fixed the TOML type of the verbosity settings in the API reference from
number to string.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13910">#13910</a>:
Fixed <!-- raw HTML omitted -->UserWarning: Do not expect
file_or_dir<!-- raw HTML omitted --> on some earlier Python 3.12 and
3.13 point versions.</li>
</ul>
<h2>Packaging updates and notes for downstreams</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13933">#13933</a>:
The tox configuration has been adjusted to make sure the desired
version string can be passed into its <code>package_env</code> through
the <code>SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST</code> environment
variable as a part of the release process -- by
<code>webknjaz</code>.</li>
</ul>
<h2>Contributor-facing changes</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13891">#13891</a>,
<a
href="https://redirect.github.com/pytest-dev/pytest/issues/13942">#13942</a>:
The CI/CD part of the release automation is now capable of
creating GitHub Releases without having a Git checkout on
disk -- by <code>bluetech</code> and <code>webknjaz</code>.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13933">#13933</a>:
The tox configuration has been adjusted to make sure the desired
version string can be passed into its <code>package_env</code> through
the <code>SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST</code> environment
variable as a part of the release process -- by
<code>webknjaz</code>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3d10b5148e"><code>3d10b51</code></a>
Prepare release version 9.0.2</li>
<li><a
href="188750b725"><code>188750b</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14030">#14030</a>
from pytest-dev/patchback/backports/9.0.x/1e4b01d1f...</li>
<li><a
href="b7d7bef90c"><code>b7d7bef</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14014">#14014</a>
from bluetech/compat-note</li>
<li><a
href="bd08e85ac7"><code>bd08e85</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14013">#14013</a>
from pytest-dev/patchback/backports/9.0.x/922b60377...</li>
<li><a
href="bc78386299"><code>bc78386</code></a>
Add CLI options reference documentation (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/13930">#13930</a>)</li>
<li><a
href="5a4e398ce8"><code>5a4e398</code></a>
Fix docs typo (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14005">#14005</a>)
(<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14008">#14008</a>)</li>
<li><a
href="d7ae6df394"><code>d7ae6df</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14006">#14006</a>
from pytest-dev/maintenance/update-plugin-list-tmpl...</li>
<li><a
href="556f6a22e1"><code>556f6a2</code></a>
pre-commit: fix rst-lint after new release (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/13999">#13999</a>)
(<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14001">#14001</a>)</li>
<li><a
href="c60fbe63a2"><code>c60fbe6</code></a>
Fix quadratic-time behavior when handling <code>unittest</code> subtests
in Python 3.10 ...</li>
<li><a
href="73d9b01118"><code>73d9b01</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/13995">#13995</a>
from nicoddemus/patchback/backports/9.0.x/1b5200c0f...</li>
<li>Additional commits viewable in <a
href="https://github.com/pytest-dev/pytest/compare/7.4.3...9.0.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
