Bump the development-version-updates group across 1 directory with 7 updates

[dependabot]

Bumps the development-version-updates group with 7 updates in the / directory:

Package	From	To
coverage	7.13.0	7.13.1
ruamel-yaml	0.18.16	0.19.1
tox	4.32.0	4.33.0
uvicorn	0.38.0	0.40.0
astroid	4.0.2	4.0.3
nodeenv	1.9.1	1.10.0
psutil	7.1.3	7.2.1

Updates coverage from 7.13.0 to 7.13.1

Changelog

Sourced from coverage's changelog.

Version 7.13.1 — 2025-12-28

• Added: the JSON report now includes a "start_line" key for function and class regions, indicating the first line of the region in the source. Closes issue 2110_.

• Added: The debug data command now takes file names as arguments on the command line, so you can inspect specific data files without needing to set the COVERAGE_FILE environment variable.

• Fix: the JSON report used to report module docstrings as executed lines, which no other report did, as described in issue 2105_. This is now fixed, thanks to Jianrong Zhao.

• Fix: coverage.py uses a more disciplined approach to detecting where third-party code is installed, and avoids measuring it. This shouldn't change any behavior. If you find that it does, please get in touch.

• Performance: data files that will be combined now record their hash as part of the file name. This lets us skip duplicate data more quickly, speeding the combining step.

• Docs: added a section explaining more about what is considered a missing branch and how it is reported: :ref:branch_explain, as requested in issue 1597. Thanks to Ayisha Mohammed <pull 2092_>.

• Tests: the test suite misunderstood what core was being tested if COVERAGE_CORE wasn't set on 3.14+. This is now fixed, closing issue 2109_.

.. _issue 1597: coveragepy/coveragepy#1597 .. _pull 2092: coveragepy/coveragepy#2092 .. _issue 2105: coveragepy/coveragepy#2105 .. _issue 2109: coveragepy/coveragepy#2109 .. _issue 2110: coveragepy/coveragepy#2110

.. _changes_7-13-0:

Commits

• a6afdc3 docs: sample HTML for 7.13.1
• a497081 docs: prep for 7.13.1
• e992033 docs: polish up CHANGES
• 18bba6e chore: bump the action-dependencies group with 4 updates (#2111)
• 80fb808 refactor: (?x:...) lets us use re.VERBOSE even when combining later
• cc272bd docs: leave a comment so we'll find this when 3.12 is the minimum
• 70d007d types: be explicit
• a2c1940 types: fully import modules that will be patched
• 57b975d types: explicit Protocol inheritance permits changing parameter names
• 63ec12d types: clarify that morfs arguments can be a single morf
• Additional commits viewable in compare view

Updates ruamel-yaml from 0.18.16 to 0.19.1

Updates tox from 4.32.0 to 4.33.0

Release notes

Sourced from tox's releases.

4.33.0

What's Changed

• Pass LOCALAPPDATA by default on Windows (#3639) by @​clint-lawrence in tox-dev/tox#3640
• Docs: Add caution about ranges like py{39-314} by @​ferdnyc in tox-dev/tox#3652
• CLI Parser: Drop epilog message for Sphinx help by @​ferdnyc in tox-dev/tox#3653
• 📚 Integrate sphinx-issues extension by @​webknjaz in tox-dev/tox#3655
• Fix sphinx doc build by @​gaborbernat in tox-dev/tox#3662
• feat: add conditional set_env support via PEP-496 markers by @​gaborbernat in tox-dev/tox#3663

New Contributors

• @​clint-lawrence made their first contribution in tox-dev/tox#3640
• @​ferdnyc made their first contribution in tox-dev/tox#3652

Full Changelog: tox-dev/tox@4.32.0...4.33.0

Changelog

Sourced from tox's changelog.

v4.33.0 (2026-01-02)

Features - 4.33.0

- Add support for conditional ``set_env`` using PEP-496 environment markers. In INI format use
  ``VAR=value; marker`` syntax, in TOML format use ``set_env.VAR = { value = "...", marker = "..." }``
  -- by :user:`gaborbernat`. (:issue:`3663`)
Bugfixes - 4.33.0

• Added 'LocalAppData' to the default passed environment variables on Windows. (:issue:3639)

Improved Documentation - 4.33.0

- Sphinx is now set up to use :pypi:`sphinx-issues` for referencing
  GitHub issues and pull requests in the docs -- by :user:`webknjaz`. (:issue:`3202`)

Commits

• 9c5fe79 release 4.33.0
• c569868 feat: add conditional set_env support via PEP-508 markers (#3663)
• 7b9610e fix: update for Sphinx 9.1 compatibility (#3662)
• fa51801 [pre-commit.ci] pre-commit autoupdate (#3661)
• 29cdaab [pre-commit.ci] pre-commit autoupdate (#3659)
• 7d55a37 Bump actions/download-artifact from 6 to 7 (#3658)
• f2e33ac Bump actions/upload-artifact from 5 to 6 (#3657)
• 18ce76d 📚 Integrate sphinx-issues extension (#3655)
• 9ae4007 [pre-commit.ci] pre-commit autoupdate (#3654)
• 80ba0cb Parser: Drop epilog message for Sphinx help (#3653)
• Additional commits viewable in compare view

Updates uvicorn from 0.38.0 to 0.40.0

Release notes

Sourced from uvicorn's releases.

Version 0.40.0

What's Changed

• Drop Python 3.9 by @​Kludex in Kludex/uvicorn#2772

Full Changelog: Kludex/uvicorn@0.39.0...0.40.0

Version 0.39.0

What's Changed

• explicitly start ASGI run with empty context by @​pmeier in Kludex/uvicorn#2742
• fix(websockets): Send close frame on ASGI return by @​Kludex in Kludex/uvicorn#2769

New Contributors

• @​pmeier made their first contribution in Kludex/uvicorn#2742

Full Changelog: Kludex/uvicorn@0.38.0...0.39.0

Changelog

Sourced from uvicorn's changelog.

0.40.0 (December 21, 2025)

Remove

• Drop support for Python 3.9 (#2772)

0.39.0 (December 21, 2025)

Fixed

• Send close frame on ASGI return for WebSockets (#2769)
• Explicitly start ASGI run with empty context (#2742)

Commits

• 9ff6004 Version 0.40.0 (#2773)
• 19df042 Drop Python 3.9 (#2772)
• 865ce7c Run strict mypy on test suite (#2771)
• 4f40b84 Version 0.39.0 (#2770)
• 5692dfc fix(websockets): Send close frame on ASGI return (#2769)
• 4194764 chore(deps): bump the github-actions group with 2 updates (#2763)
• d94bf28 explicitly start ASGI run with empty context (#2742)
• 8ae0bcb chore(deps): bump the github-actions group with 2 updates (#2748)
• 4744ff9 Add groups configuration for GitHub Actions (#2747)
• 0391372 chore(deps): bump astral-sh/setup-uv from 6.8.0 to 7.1.2 (#2746)
• Additional commits viewable in compare view

Updates astroid from 4.0.2 to 4.0.3

Release notes

Sourced from astroid's releases.

v4.0.3

What's New in astroid 4.0.3?

Release date: 2026-01-03

• Fix inference of IfExp (ternary expression) nodes to avoid prematurely narrowing results in the face of inference ambiguity.

  Closes #2899

• Fix base class inference for dataclasses using the PEP 695 typing syntax.

  Refs pylint-dev/pylint#10788

Changelog

Sourced from astroid's changelog.

What's New in astroid 4.0.3?

Release date: 2026-01-03

• Fix inference of IfExp (ternary expression) nodes to avoid prematurely narrowing results in the face of inference ambiguity.

  Closes #2899

• Fix base class inference for dataclasses using the PEP 695 typing syntax.

  Refs pylint-dev/pylint#10788

Commits

• b978037 Bump astroid to 4.0.3, update changelog
• 5476bc3 [Backport maintenance/4.0.x] Wrong inference with default argument values (#2...
• ae761dc [Backport maintenance/4.0.x] Fix base class inference for dataclasses with PE...
• 077c51f [Backport maintenance/4.0.x] [typing] Add sys check guard for typing.Self for...
• f3255d1 [Backport maintenance/4.0.x] Skip mypy install for pypy (#2906)
• d2823f2 [Backport maintenance/4.0.x] [ci] Fix windows cache key (#2903)
• 05c79e1 [Backport maintenance/4.0.x] Improve self argument typing (#2904)
• See full diff in compare view

Updates nodeenv from 1.9.1 to 1.10.0

Release notes

Sourced from nodeenv's releases.

1.10.0 - drop

What's Changed

Fixed bugs 🐛

• Use lowercase lookup for archmap by @​robmoss2k in ekalinin/nodeenv#382

Improvements 🛠

• Add support for Python 3.13 by @​hugovk in ekalinin/nodeenv#367
• Add UV Virtual Environment support by @​Vizonex in ekalinin/nodeenv#386
• Use sh instead of bash by @​WhyNotHugo in ekalinin/nodeenv#389
• Replace additional use of which(1) with shutil.which() by @​mgorny in ekalinin/nodeenv#355

Other Changes

• Support leading v in .node-version by @​nix6839 in ekalinin/nodeenv#359
• Check host platform when finding node version by @​max0x53 in ekalinin/nodeenv#363

New Contributors

• @​hugovk made their first contribution in ekalinin/nodeenv#367
• @​nix6839 made their first contribution in ekalinin/nodeenv#359
• @​max0x53 made their first contribution in ekalinin/nodeenv#363
• @​robmoss2k made their first contribution in ekalinin/nodeenv#382
• @​Vizonex made their first contribution in ekalinin/nodeenv#386
• @​WhyNotHugo made their first contribution in ekalinin/nodeenv#389
• @​mgorny made their first contribution in ekalinin/nodeenv#355

Full Changelog: ekalinin/nodeenv@1.9.1...1.10.0

Commits

• 9dee547 chore: bump nodeenv version to 1.10.0
• d45aabb chore: add pyright ignore comments for compatibility
• 55d6c21 chore: update AUTHORS
• 5f694e6 test: update test test_node_system_creates_shim
• fa3fdfb Merge branch 'master' of github.com:ekalinin/nodeenv
• e868dbe Replace additional use of which(1) with shutil.which() (#355)
• b4cd00d test: enhance activation tests for nodeenv with custom prompts and file handling
• 0b5ea9d refactor(tests): improve readability of mock patches in nodeenv tests
• 37c0c30 ci: add GH workflow for testing and coverage in PR
• 326a7a4 test: add comprehensive tests for install_npm and install_npm_win functions
• Additional commits viewable in compare view

Updates psutil from 7.1.3 to 7.2.1

Changelog

Sourced from psutil's changelog.

7.2.1

2025-12-29

Bug fixes

• 2699_, [FreeBSD], [NetBSD]: heap_info()_ does not detect small allocations (<= 1K). In order to fix that, we now flush internal jemalloc cache before fetching the metrics.

7.2.0

2025-12-23

Enhancements

• 1275_: new heap_info()_ and heap_trim()_ functions, providing direct access to the platform's native C heap allocator (glibc, mimalloc, libmalloc). Useful to create tools to detect memory leaks.
• 2403_, [Linux]: publish wheels for Linux musl.
• 2680_: unit tests are no longer installed / part of the distribution. They now live under tests/ instead of psutil/tests.

Bug fixes

• 2684_, [FreeBSD], [critical]: compilation fails on FreeBSD 14 due to missing include.
• 2691_, [Windows]: fix memory leak in net_if_stats()_ due to missing Py_CLEAR.

Compatibility notes

• 2680_: import psutil.tests no longer works (but it was never documented to begin with).

Commits

• 6130c19 Fix #2699 / BSD: flush internal jemalloc cache before returning metrics.
• 899ee4e Mention psleak
• 704e218 Pre-release
• 1a946cf Take psleak from PYPI
• 5085421 Use external psleak module for memleak tests (#2698)
• ac56e6a CI: don't cancel CI in progress on 1st failure
• 10fe3d5 Merge branch 'master' of github.com:giampaolo/psutil
• ba507bd Fix various CI errors
• d5a1398 Update cpu_count docs: clarify differences from os.cpu_count (#2696)
• 556158f Refact memleak.py
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions