chore(deps): update pip: update fastmcp requirement from ~=3.2.0 to >=3.2,<3.4 in the python-version-updates group across 1 directory

[dependabot]

Updates the requirements on fastmcp to permit the latest version.
Updates fastmcp to 3.3.1

Release notes

Sourced from fastmcp's releases.

v3.3.1: Loop There It Is

FastMCP 3.3.1 is a hotfix for the 3.3 packaging split. Clean installs of 3.3.0 could fail on standalone component imports like from fastmcp.tools import tool because component modules reached auth and task primitives through fastmcp.server, pulling in the server/provider stack and exposing a circular import.

Component-level auth and task primitives now live in lightweight utility modules, with the old server import paths preserved as compatibility re-exports. Component imports stay lightweight, existing server-facing imports continue to work, and the release also includes small docs corrections from the 3.3 rollout.

What's Changed

Fixes 🐞

• fix(docs): use valid FA icon on client-only package page by @​jlowin in PrefectHQ/fastmcp#4139
• Decouple component imports from server by @​jlowin in PrefectHQ/fastmcp#4150

Full Changelog: PrefectHQ/fastmcp@v3.3.0...v3.3.1

Changelog

Sourced from fastmcp's changelog.

---

title: "Changelog" icon: "list-check" rss: true tag: NEW

v3.1.1: 'Tis But a Patch

Pins pydantic-monty below 0.0.8 to fix a breaking change in Monty that affects code mode. Monty 0.0.8 removed the external_functions constructor parameter, causing MontySandboxProvider to fail. This patch caps the version so existing installs work correctly.

Fixes 🐞

• Pin pydantic-monty below 0.0.8 to fix code mode by @​jlowin in #3497

Full Changelog: v3.1.0...v3.1.1

v3.1.0: Code to Joy

FastMCP 3.1 is the Code Mode release. The 3.0 architecture introduced providers and transforms as the extensibility layer — 3.1 puts that architecture to work, shipping the most requested capability since launch: servers that can find and execute code on behalf of agents, without requiring clients to know what tools exist.

New Features 🎉

• feat: Search transforms for tool discovery by @​jlowin in #3154
• Add experimental CodeMode transform by @​aaazzam in #3297
• Add Prefab Apps integration for MCP tool UIs by @​jlowin in #3316

Enhancements 🔧

• Lazy-load heavy imports to reduce import time by @​jlowin in #3295
• Add http_client parameter to all token verifiers for connection pooling by @​jlowin in #3300
• Add in-memory caching for token introspection results by @​jlowin in #3298
• Add SessionStart hook to install gh CLI in cloud sessions by @​jlowin in #3308
• Fix ty 0.0.19 type errors by @​jlowin in #3310
• Code Mode: Add resource limits to MontySandboxProvider by @​jlowin in #3326
• Accept transforms as FastMCP init kwarg by @​jlowin in #3324
• Split large test files to comply with loq line limit by @​jlowin in #3328
• Add -m/--module flag to fastmcp run and dev inspector by @​dgenio in #3331
• Add search_result_serializer hook and serialize_tools_for_output_markdown by @​MagnusS0 in #3337
• Add MultiAuth for composing multiple token verification sources by @​jlowin in #3335
• Adds PropelAuth as an AuthProvider by @​andrew-propelauth in #3358
• Replace vendored DI with uncalled-for by @​chrisguidry in #3301
• Decompose CodeMode into composable discovery tools by @​jlowin in #3354
• feat(contrib): auto-sync MCPMixin decorators with from_function signatures by @​AnkeshThakur in #3323
• Add Google GenAI Sampling Handler by @​strawgate in #2977
• Add ListTools, search limit, and catalog size annotation to CodeMode by @​jlowin in #3359
• Allow configuring FastMCP transport setting in the same way as other configuration by @​jvdmr in #1796
• Add include_unversioned option to VersionFilter by @​yangbaechu in #3349

... (truncated)

Commits

• d8dcc27 Decouple component imports from server (#4150)
• 255e3e4 fix(docs): use valid FA icon on client-only package page (#4139)
• 73df4dc chore: Update SDK documentation (#4096)
• ee48a0f Refine fastmcp-slim packaging (#4125)
• bb4894d Add fastmcp-slim for client-only installs (#4122)
• 8209093 fix(http): terminate active streamable-HTTP transports before lifespan shutdo...
• cf59a45 Fix OCI Provider issue in 3.x version. Add OCI auth provider example … (#4116)
• 89b99ec fix(proxy): fall back to live identifier for backend_* span attributes (#4109)
• 310314c fix: cli option --no-banner is NOT passed to cli but server-spec in-correctly...
• 28722f8 fix: drop exc_info for expected tool failures, remove unreachable ValidationE...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions