Bump the python-dependencies group across 1 directory with 7 updates

[dependabot]

Warning

Dependabot will stop supporting python v3.9!

Please upgrade to one of the following versions: v3.9, v3.10, v3.11, v3.12, v3.13, or v3.14.

Updates the requirements on ruff, clarifai-grpc, tqdm, pydantic-core, openai, pypdf and pydantic to permit the latest version.
Updates ruff from 0.15.12 to 0.15.16

Release notes

Sourced from ruff's releases.

0.15.16

Release Notes

Released on 2026-06-04.

Preview features

• [flake8-async] Implement yield-in-context-manager-in-async-generator (ASYNC119) (#24644)
• [pylint] Narrow diagnostic range and exclude cases without exception handlers (PLW0717) (#25440)
• [ruff] Treat yield before break from a terminal loop as terminal (RUF075) (#25447)

Bug fixes

• [eradicate] Avoid flagging ruff:ignore comments as code (ERA001) (#25537)
• [eradicate] Fix ERA001/RUF100 conflict when noqa is on commented-out code (#25414)
• [pyflakes] Avoid removing the format call when it would change behavior (F523) (#25320)
• [pylint] Avoid syntax errors in invalid character replacements in f-strings before Python 3.12 (PLE2510, PLE2512, PLE2513, PLE2514, PLE2515) (#25544)
• [pyupgrade] Avoid converting format calls with more kinds of side effects (UP032) (#25484)

Rule changes

• [flake8-pytest-style] Avoid fixes for ambiguous argnames and argvalues combinations (PT006) (#24776)

Performance

• Drop excess capacity from statement suites during parsing (#25368)

Documentation

• [pydocstyle] Improve discoverability of rules enabled for each convention (#24973)
• [ruff] Restore example code for Python versions before 3.15 (RUF017) (#25439)
• Fix typo bin/active → bin/activate in tutorial (#25473)

Other changes

• Shrink additional parser AST collections (#25465)

Contributors

• @​Redslayer112
• @​koriyoshi2041
• @​George-Ogden
• @​TejasAmle
• @​anishgirianish
• @​ntBre
• @​MichaReiser
• @​loganrosen
• @​RafaelJohn9
• @​adityasingh2400

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.16

Released on 2026-06-04.

Preview features

• [flake8-async] Implement yield-in-context-manager-in-async-generator (ASYNC119) (#24644)
• [pylint] Narrow diagnostic range and exclude cases without exception handlers (PLW0717) (#25440)
• [ruff] Treat yield before break from a terminal loop as terminal (RUF075) (#25447)

Bug fixes

• [eradicate] Avoid flagging ruff:ignore comments as code (ERA001) (#25537)
• [eradicate] Fix ERA001/RUF100 conflict when noqa is on commented-out code (#25414)
• [pyflakes] Avoid removing the format call when it would change behavior (F523) (#25320)
• [pylint] Avoid syntax errors in invalid character replacements in f-strings before Python 3.12 (PLE2510, PLE2512, PLE2513, PLE2514, PLE2515) (#25544)
• [pyupgrade] Avoid converting format calls with more kinds of side effects (UP032) (#25484)

Rule changes

• [flake8-pytest-style] Avoid fixes for ambiguous argnames and argvalues combinations (PT006) (#24776)

Performance

• Drop excess capacity from statement suites during parsing (#25368)

Documentation

• [pydocstyle] Improve discoverability of rules enabled for each convention (#24973)
• [ruff] Restore example code for Python versions before 3.15 (RUF017) (#25439)
• Fix typo bin/active → bin/activate in tutorial (#25473)

Other changes

• Shrink additional parser AST collections (#25465)

Contributors

• @​Redslayer112
• @​koriyoshi2041
• @​George-Ogden
• @​TejasAmle
• @​anishgirianish
• @​ntBre
• @​MichaReiser
• @​loganrosen
• @​RafaelJohn9
• @​adityasingh2400

0.15.15

... (truncated)

Commits

• 6c498ab Bump 0.15.16 (#25635)
• e51e132 [flake8-async] Implement yield-in-context-manager-in-async-generator (`AS...
• 7c6dcd9 [ty] Add caching for pattern match narrowing (#25613)
• 27058fc [ty] Compact retained definition and expression identities (#25606)
• bf80d05 Fix CODEOWNERS syntax (#25622)
• 10ccd51 Shrink additional parser AST collections (#25465)
• 0d7135f [ty] Upgrade Salsa (#25545)
• 49493a3 [ty] Show type alias value on hover (#25381)
• 85207d3 [ty] sys.implementation.version is not sys.version_info (#25608)
• a8a0614 [ty] Avoid retaining duplicate function signatures (#25609)
• Additional commits viewable in compare view

Updates clarifai-grpc to 12.4.5

Commits

• 7b65cce GRPC clients version 12.4.5
• 12edd51 [TP-2072] Fix stg SDH url - part 3 (#258)
• 1662916 GRPC clients version 12.4.4
• 3f49261 GRPC clients version 12.4.3
• 0f5b25b Remove test instance type ids (#257)
• 8d66375 [TP-2072] Fix stg SDH url - part 2 (#256)
• bf9c56d [TP-2072] Fix stg SDH url (#255)
• ff8b53e GRPC clients version 12.4.2
• 3381f17 GRPC clients version 12.4.1
• See full diff in compare view

Updates tqdm to 4.68.2

Release notes

Sourced from tqdm's releases.

tqdm v4.68.2 stable

• revert accidental change to ascii default (fixes #1760)
  • UnicodeEncodeError: 'charmap' codec can't encode characters in position 6-7: character maps to <undefined> can be fixed by installing tqdm!=4.68.0,!=4.68.1
• misc docs updates
  • fix links
  • replace stray rst -> md syntax
  • consistent "progress bar" terminology (#1737)
• tests: fix coverage (fixes #1760)

Commits

• 4b33952 revert accidental change to tqdm(ascii) default
• b10848f docs: fix links
• 85b62dd docs: replace stray rst -> md
• d2fb04a docs: mention OpenAI sponsorship
• 85940f9 docs: consistent progress bar terminology
• 9dbb36b tests: fix coverage
• 67cf355 Merge pull request #1751 from jaltmayerpizzorno/fix-atexit-monitor-deadlock
• cfa4a85 minor docstring updates
• f83290c Fix TMonitor deadlock at interpreter shutdown
• 59029c3 Set name for tqdm monitor thread (#1752)
• Additional commits viewable in compare view

Updates pydantic-core to 2.46.4

Changelog

Sourced from pydantic-core's changelog.

v2.14.0a1 (2026-05-22)

GitHub release

What's Changed

Packaging

• Add PyEmscripten platform tag support by @​Viicos, @​greateggsgreg and @​sinaatalay in #13199: pydantic-core now has a 3.14 wheel published with the pyemscripten_2026_0 platform tag. Note that this wheel can only be used with Pyodide 314.0 and greater, still in development. It is recommended to wait for the final 314.0 release (and for Pydantic to publish a new wheel in a future 2.14 release).

Changes

• Accept None in MultiHostUrl.build()'s hosts parameter by @​Viicos in #13068
• Drop support for Python 3.9 by @​Viicos in #13070
• Remove support for eval_type_backport() by @​Viicos in #13133
• Only deepcopy non-updated fields in model_copy() by @​connorcarpenter15 in #13087

Fixes

• Add Mypy plugin workaround for dynamic models defined in functions by @​ilevkivskyi in #13177
• Fallback to create_model() overload definition when __base__ is set to a type variable in the Mypy plugin by @​cyphercodes in #13146

New Contributors

• @​ilevkivskyi made their first contribution in #13177
• @​cyphercodes made their first contribution in #13146
• @​connorcarpenter15 made their first contribution in #13087

v2.13.4 (2026-05-06)

GitHub release

What's Changed

Packaging

• Bump libc from 0.2.155 to 0.2.185 by @​Viicos in #13109
• Adapt pydantic-core linker flags on macOS by @​washingtoneg and @​Viicos in #13147

Fixes

• Preserve RootModel core metadata by @​Viicos in #13129

... (truncated)

Commits

• cf67d4b Fix linting
• f0d8a21 Prepare release v2.13.4
• 5e3fe1d Check for pydantic tag pattern in CI
• 7f9edcc Document tagging conventions
• b46a0c9 Adapt pydantic-core linker flags on macOS
• 50629c8 Update to PyPy 7.3.22
• 8522ebb Preserve RootModel core metadata
• a37f3af Adapt MISSING sentinel test to work with unreleased typing_extensions ver...
• 909259a Remove Logfire example in documentation
• 2c4174c Bump libc from 0.2.155 to 0.2.185
• See full diff in compare view

Updates openai to 2.41.1

Release notes

Sourced from openai's releases.

v2.41.1

2.41.1 (2026-06-05)

Full Changelog: v2.41.0...v2.41.1

Build System

• Remove scheduled release workflow trigger (#3366) (2a91011)

Changelog

Sourced from openai's changelog.

2.41.1 (2026-06-05)

Full Changelog: v2.41.0...v2.41.1

Build System

• Remove scheduled release workflow trigger (#3366) (2a91011)

2.41.0 (2026-06-03)

Full Changelog: v2.40.0...v2.41.0

Features

• api: responses.moderation and chat_completions.moderation (87e46c2)

2.40.0 (2026-06-01)

Full Changelog: v2.39.0...v2.40.0

Features

• api: Add Amazon Bedrock Responses support

Bug Fixes

• api: allow setting bedrock api keys on the client directly (4d5bfde)

2.39.0 (2026-06-01)

Full Changelog: v2.38.0...v2.39.0

Features

• api: workload identity in audit logs, additional_tools item in responses, fix ActionSearch.query to be optional. (ab60d7a)

2.38.0 (2026-05-21)

Full Changelog: v2.37.0...v2.38.0

Features

• api: api update (33d1d01)
• api: manual updates (a21700a)
• api: update OpenAPI spec or Stainless config (00265c5)

Chores

• api: docs updates (ee10152)
• check release PR custom code sync (2638779)

... (truncated)

Commits

• 7198756 release: 2.41.1
• 3842a5e ci: use PyPI trusted publishing (#3365)
• 2a91011 build: Remove scheduled release workflow trigger (#3366)
• 2d955a1 Merge pull request #3359 from openai/release-please--branches--main--changes-...
• 519cd02 release: 2.41.0
• 87e46c2 feat(api): responses.moderation and chat_completions.moderation
• a28a3f6 Merge pull request #3352 from openai/release-please--branches--main--changes-...
• db6ccaf Update CHANGELOG.md
• 2264f70 release: 2.40.0
• 4d5bfde fix(api): allow setting bedrock api keys on the client directly
• Additional commits viewable in compare view

Updates pypdf from 6.10.2 to 6.13.2

Release notes

Sourced from pypdf's releases.

Version 6.13.2, 2026-06-10

What's new

Security (SEC)

• Detect multi-hop cyclic /Pages trees in _flatten to prevent SIGSEGV (#3847) by @​fredericoschardong

Robustness (ROB)

• Fix UnboundLocalError in _read_standard_xref_table on a malformed entry (#3841) by @​joszamama
• Raise PdfStreamError on non-hexadecimal bytes in hex readers (#3832) by @​metsw24-max

Full Changelog

Version 6.13.1, 2026-06-08

What's new

Security (SEC)

• Prevent infinite loops when processing threads/articles (#3839) by @​stefan6419846

Full Changelog

Version 6.13.0, 2026-06-05

What's new

Security (SEC)

• Avoid infinite loops for outlines and text extraction (#3830) by @​stefan6419846

New Features (ENH)

• Add Japanese predefined CMaps (#3800) by @​yasuhiroiwaki
• Font: Collect all character widths, not only those that can be unicode mapped (#3798) by @​PJBrs

Robustness (ROB)

• Recover a corrupt trailing startxref pointer (closes #3238) (#3826) by @​gaoflow
• Handle /Pages node without /Kids during flattening (#3825) by @​gaoflow
• Accept inline image EI marker at the end of a content stream (#3827) by @​gaoflow

Maintenance (MAINT)

• Type the always-raising deprecation helpers as NoReturn (#3819) by @​estelledc

Full Changelog

Version 6.12.2, 2026-05-26

What's new

Security (SEC)

• Optimize _decode_png_prediction regarding memory and speed (#3806) by @​stefan6419846
• Improve loop control in text extraction (#3805) by @​stefan6419846

Full Changelog

Version 6.12.1, 2026-05-22

... (truncated)

Changelog

Sourced from pypdf's changelog.

Version 6.13.2, 2026-06-10

Security (SEC)

• Detect multi-hop cyclic /Pages trees in _flatten to prevent SIGSEGV (#3847)

Robustness (ROB)

• Fix UnboundLocalError in _read_standard_xref_table on a malformed entry (#3841)
• Raise PdfStreamError on non-hexadecimal bytes in hex readers (#3832)

Full Changelog

Version 6.13.1, 2026-06-08

Security (SEC)

• Prevent infinite loops when processing threads/articles (#3839)

Full Changelog

Version 6.13.0, 2026-06-05

Security (SEC)

• Avoid infinite loops for outlines and text extraction (#3830)

New Features (ENH)

• Add Japanese predefined CMaps (#3800)
• Font: Collect all character widths, not only those that can be unicode mapped (#3798)

Robustness (ROB)

• Recover a corrupt trailing startxref pointer (closes #3238) (#3826)
• Handle /Pages node without /Kids during flattening (#3825)
• Accept inline image EI marker at the end of a content stream (#3827)

Maintenance (MAINT)

• Type the always-raising deprecation helpers as NoReturn (#3819)

Full Changelog

Version 6.12.2, 2026-05-26

Security (SEC)

• Optimize _decode_png_prediction regarding memory and speed (#3806)
• Improve loop control in text extraction (#3805)

Full Changelog

Version 6.12.1, 2026-05-22

Security (SEC)

• Limit input size and element count for XMP metadata (#3796)

... (truncated)

Commits

• 6490dff REL: 6.13.2
• d209c2c SEC: Detect multi-hop cyclic /Pages trees in _flatten to prevent SIGSEGV (#3847)
• 06d4106 ROB: Fix UnboundLocalError in _read_standard_xref_table on a malformed entry ...
• c64016a ROB: Raise PdfStreamError on non-hexadecimal bytes in hex readers (#3832)
• 6207d77 ROB: Guard truncated Type1 font program in _type1_alternative (#3835)
• e31de26 DEV: Bump actions/checkout from 6.0.2 to 6.0.3 (#3843)
• 7a3a870 REL: 6.13.1
• 5efe472 SEC: Prevent infinite loops when processing threads/articles (#3839)
• 80509e3 ROB: Avoid recursion errors for _doc_common (#3838)
• d74d95d MAINT: Remove unreachable return in read_until_regex (#3833)
• Additional commits viewable in compare view

Updates pydantic from 2.13.3 to 2.13.4

Release notes

Sourced from pydantic's releases.

v2.13.4 2026-05-06

v2.13.4 (2026-05-06)

What's Changed

Packaging

• Bump libc from 0.2.155 to 0.2.185 by @​Viicos in #13109
• Adapt pydantic-core linker flags on macOS by @​washingtoneg and @​Viicos in #13147

Fixes

• Preserve RootModel core metadata by @​Viicos in #13129

Full Changelog: pydantic/pydantic@v2.13.3...v2.13.4

Changelog

Sourced from pydantic's changelog.

v2.13.4 (2026-05-06)

GitHub release

What's Changed

Packaging

• Bump libc from 0.2.155 to 0.2.185 by @​Viicos in #13109
• Adapt pydantic-core linker flags on macOS by @​washingtoneg and @​Viicos in #13147

Fixes

• Preserve RootModel core metadata by @​Viicos in #13129

Commits

• cf67d4b Fix linting
• f0d8a21 Prepare release v2.13.4
• 5e3fe1d Check for pydantic tag pattern in CI
• 7f9edcc Document tagging conventions
• b46a0c9 Adapt pydantic-core linker flags on macOS
• 50629c8 Update to PyPy 7.3.22
• 8522ebb Preserve RootModel core metadata
• a37f3af Adapt MISSING sentinel test to work with unreleased typing_extensions ver...
• 909259a Remove Logfire example in documentation
• 2c4174c Bump libc from 0.2.155 to 0.2.185
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions