Bump the prod-deps group across 1 directory with 7 updates

[dependabot]

Bumps the prod-deps group with 7 updates in the / directory:

Package	From	To
jq	1.8.0	1.9.1
click	8.1.8	8.2.1
termcolor	2.5.0	3.1.0
pydantic	2.11.5	2.11.7
starlette	0.45.3	0.46.2
together	1.5.13	1.5.15
prometheus-client	0.21.1	0.22.1

Updates jq from 1.8.0 to 1.9.1

Changelog

Sourced from jq's changelog.

1.9.1

• Apply a patch to jq to fix musl builds.

• Drop support for Python 3.7 and PyPy 3.8.

1.9.0

Note: this version was never released due a bug in jq breaking builds with musl.

• Update to jq 1.8.0.

• Drop support for Python 3.6.

• Distribute Cython sources instead of C sources to improve compatibility.

Commits

• b9930d4 Remove PyPy 3.8 from tests in GitHub Actions workflow
• 288ea0a Add dropping of PyPy 3.8 support in changelog
• 85131bb Drop support for PyPy 3.8
• 7b6092b Remove support for PyPy 3.7
• 4697b3a Use Python 3.13 instead of 3.13-dev in GitHub Actions workflow
• a837a9c Drop support for Python 3.7
• afc257c Update cython to 3.1.2
• 66cc0cc Update cibuildwheel to 2.23.3
• 41a3b57 Always build wheels for cp310-macosx_x86_64
• 19d6d10 Bump version to 1.9.1
• Additional commits viewable in compare view

Updates click from 8.1.8 to 8.2.1

Release notes

Sourced from click's releases.

8.2.1

This is the Click 8.2.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.2.1/ Changes: https://click.palletsprojects.com/page/changes/#version-8-2-1 Milestone: https://github.com/pallets/click/milestone/24?closed=1

• Fix flag value handling for flag options with a provided type. #2894 #2897
• Fix shell completion for nested groups. #2906
• Flush sys.stderr at the end of CliRunner.invoke. #2682
• Fix EOF handling for stdin input in CliRunner. #2787

8.2.0

This is the Click 8.2.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.

We encourage everyone to upgrade. You can read more about our Version Support Policy on our website.

PyPI: https://pypi.org/project/click/8.2.0/ Changes: https://click.palletsprojects.com/en/stable/changes/ Milestone https://github.com/pallets/click/milestone/15

• Drop support for Python 3.7, 3.8,and 3.9. #2588, #2893
• Use modern packaging metadata with pyproject.toml instead of setup.cfg. #2438
• Use flit_core instead of setuptools as build backend. #2543
• Deprecate the __version__ attribute. Use feature detection, or importlib.metadata.version("click"), instead. #2598
• BaseCommand is deprecated. Command is the base class for all commands. #2589
• MultiCommand is deprecated. Group is the base class for all group commands. #2590
• The current parser and related classes and methods, are deprecated. #2205
  • OptionParser and the parser module, which is a modified copy of optparse in the standard library.
  • Context.protected_args is unneeded. Context.args contains any remaining arguments while parsing.
  • Parameter.add_to_parser (on both Argument and Option) is unneeded. Parsing works directly without building a separate parser.
  • split_arg_string is moved from parser to shell_completion.
• Enable deferred evaluation of annotations with from __future__ import annotations. #2270
• When generating a command's name from a decorated function's name, the suffixes _command, _cmd, _group, and _grp are removed. #2322
• Show the types.ParamType.name for types.Choice options within --help message if show_choices=False is specified. #2356
• Do not display default values in prompts when Option.show_default is False. #2509
• Add get_help_extra method on Option to fetch the generated extra items used in get_help_record to render help text. #2516 #2517
• Keep stdout and stderr streams independent in CliRunner. Always collect stderr output and never raise an exception. Add a new output stream to simulate what the user sees in its terminal. Removes the mix_stderr parameter in CliRunner. #2522 #2523
• Option.show_envvar now also shows environment variable in error messages. #2695 #2696
• Context.close will be called on exit. This results in all Context.call_on_close callbacks and context managers added via Context.with_resource to be closed on exit as well. #2680
• Add ProgressBar(hidden: bool) to allow hiding the progressbar. #2609
• A UserWarning will be shown when multiple parameters attempt to use the same name. #2396
• When using Option.envvar with Option.flag_value, the flag_value will always be used instead of the value of the environment variable. #2746 #2788
• Add Choice.get_invalid_choice_message method for customizing the invalid choice message. #2621 #2622
• If help is shown because no_args_is_help is enabled (defaults to True for groups, False for commands), the exit code is 2 instead of 0. #1489 #1489
• Contexts created during shell completion are closed properly, fixing a ResourceWarning when using click.File. #2644 #2800 #2767
• click.edit(filename) now supports passing an iterable of filenames in case the editor supports editing multiple files at once. Its return type is now also typed: AnyStr if text is passed, otherwise None. #2067 #2068

... (truncated)

Changelog

Sourced from click's changelog.

Version 8.2.1

Released 2025-05-20

• Fix flag value handling for flag options with a provided type. :issue:2894 :issue:2897 :pr:2930
• Fix shell completion for nested groups. :issue:2906 :pr:2907
• Flush sys.stderr at the end of CliRunner.invoke. :issue:2682
• Fix EOF handling for stdin input in CliRunner. :issue:2787

Version 8.2.0

Released 2025-05-10

• Drop support for Python 3.7, 3.8, and 3.9. :pr:2588 :pr:2893

• Use modern packaging metadata with pyproject.toml instead of setup.cfg. :pr:2438

• Use flit_core instead of setuptools as build backend. :pr:2543

• Deprecate the __version__ attribute. Use feature detection, or importlib.metadata.version("click"), instead. :issue:2598

• BaseCommand is deprecated. Command is the base class for all commands. :issue:2589

• MultiCommand is deprecated. Group is the base class for all group commands. :issue:2590

• The current parser and related classes and methods, are deprecated. :issue:2205

  • OptionParser and the parser module, which is a modified copy of optparse in the standard library.
  • Context.protected_args is unneeded. Context.args contains any remaining arguments while parsing.
  • Parameter.add_to_parser (on both Argument and Option) is unneeded. Parsing works directly without building a separate parser.
  • split_arg_string is moved from parser to shell_completion.

• Enable deferred evaluation of annotations with from __future__ import annotations. :pr:2270

• When generating a command's name from a decorated function's name, the suffixes _command, _cmd, _group, and _grp are removed. :issue:2322

• Show the types.ParamType.name for types.Choice options within --help message if show_choices=False is specified. :issue:2356

• Do not display default values in prompts when Option.show_default is False. :pr:2509

• Add get_help_extra method on Option to fetch the generated extra items used in get_help_record to render help text. :issue:2516 :pr:2517

... (truncated)

Commits

• fd183b2 release version 8.2.1
• 262bdf0 Raise an exception on end of input in CliRunner (#2934)
• 80efdf6 Raise an exception on end of input in CliRunner
• cfa6f4a Flush sys.stderr when CliRunner finalizes (#2933)
• f3a4363 flush sys.stderr when CliRunner.invoke finalizes
• b7cf069 fix shell completion for nested groups (#2935)
• 7c575d6 parametrize test
• ac6a2ac Fix shell completion for nested groups
• 884af5c Fix flag value set when is_flag=True and type is provided (#2930)
• 4fd2fea Fix condition for setting flag value when type is provided
• Additional commits viewable in compare view

Updates termcolor from 2.5.0 to 3.1.0

Release notes

Sourced from termcolor's releases.

Release 3.1.0

Added

• Add true colour RGB option as input arguments (#102) @​icyveins7
• Cache system lookups to save invocation time (#107) @​miketheman
• Advertise typing via classifier (#104) @​miketheman

Changed

• Migrate coverage configuration to pyproject.toml (#105) @​miketheman

Release 3.0.1

Fixed

• Fix licence filename in metadata (#100) @​hugovk

Release 3.0.0

Added

• Add support for Python 3.14 (#87) @​hugovk

Changed

• Only apply FORCE_COLOR, NO_COLOR and ANSI_COLORS_DISABLED when present and not an empty string (#92) @​hugovk
• Replace deprecated classifier with licence expression (PEP 639) (#95) @​hugovk
• Speedup: move typing imports into type-checking block (#94) @​hugovk
• Lint with faster action-pre-commit-uv: 1m22s -> 48s and 21s -> 15s (#86) @​hugovk

Removed

• Replace literal types with strings (#97) @​hugovk
• Remove deprecated __ALL__, use __all__ instead (#93) @​hugovk

Commits

• 1e0ae11 Test free-threaded Python 3.13t and 3.14t (#111)
• 9e3f5bb Test free-threaded Python 3.13t and 3.14t
• 52bf721 Add mutation testing (#109)
• 968cfa5 Add tests for cprint kwargs
• 6048bd5 Add mutation testing
• fd08149 Test code branches (#108)
• b32a006 Test code branches
• 60815d2 Cache system lookups to save invocation time (#107)
• 7e1e892 Complete coverage via added tests (#106)
• e516dd5 Cache system lookups to save invocation time
• Additional commits viewable in compare view

Updates pydantic from 2.11.5 to 2.11.7

Release notes

Sourced from pydantic's releases.

v2.11.7 2025-06-14

What's Changed

Fixes

• Copy FieldInfo instance if necessary during FieldInfo build by @​Viicos in pydantic/pydantic#11980

Full Changelog: pydantic/pydantic@v2.11.6...v2.11.7

v2.11.6 2025-06-13

v2.11.6 (2025-06-13)

What's Changed

Fixes

• Rebuild dataclass fields before schema generation by @​Viicos in #11949
• Always store the original field assignment on FieldInfo by @​Viicos in #11946

Full Changelog: pydantic/pydantic@v2.11.5...v2.11.6

Changelog

Sourced from pydantic's changelog.

v2.11.7 (2025-06-14)

GitHub release

What's Changed

Fixes

• Copy FieldInfo instance if necessary during FieldInfo build by @​Viicos in #11898

v2.11.6 (2025-06-13)

GitHub release

What's Changed

Fixes

• Rebuild dataclass fields before schema generation by @​Viicos in #11949
• Always store the original field assignment on FieldInfo by @​Viicos in #11946

Commits

• 5f033e4 Prepare release v2.11.7
• c3368b8 Copy FieldInfo instance if necessary during FieldInfo build (#11980)
• 3987b23 Prepare release v2.11.6
• dc7a9d2 Always store the original field assignment on FieldInfo
• c284c27 Rebuild dataclass fields before schema generation
• See full diff in compare view

Updates starlette from 0.45.3 to 0.46.2

Release notes

Sourced from starlette's releases.

Version 0.46.2

What's Changed

• Use correct index on backwards compatible logic in TemplateResponse by @​alex-oleshkevich in encode/starlette#2909
• Prevents reraising of exception from BaseHTTPMiddleware by @​ramannanda9 in encode/starlette#2911

New Contributors

• @​ahryniv made their first contribution in encode/starlette#2913
• @​ramannanda9 made their first contribution in encode/starlette#2911

Full Changelog: Kludex/starlette@0.46.1...0.46.2

Version 0.46.1

Fixed

• Allow relative directory path when follow_symlinks=True #2896.

---

Full Changelog: Kludex/starlette@0.46.0...0.46.1

Version 0.46.0

Added

• GZipMiddleware: Make sure Vary header is always added if a response can be compressed #2865.

Fixed

• Raise exception from background task on BaseHTTPMiddleware #2812.
• GZipMiddleware: Don't compress on server sent events #2871.

Changed

• MultiPartParser: Rename max_file_size to spool_max_size #2780.

Deprecated

• Add deprecated warning to TestClient(timeout=...) #2840.

New Contributors

• @​musicinmybrain made their first contribution in encode/starlette#2855
• @​WilliamDEdwards made their first contribution in encode/starlette#2870
• @​mattmess1221 made their first contribution in encode/starlette#2865

Full Changelog: Kludex/starlette@0.45.3...0.46.0

Changelog

Sourced from starlette's changelog.

0.46.2 (April 13, 2025)

Fixed

• Prevents reraising of exception from BaseHttpMiddleware #2911.
• Use correct index on backwards compatible logic in TemplateResponse #2909.

0.46.1 (March 8, 2025)

Fixed

• Allow relative directory path when follow_symlinks=True #2896.

0.46.0 (February 22, 2025)

Added

• GZipMiddleware: Make sure Vary header is always added if a response can be compressed #2865.

Fixed

• Raise exception from background task on BaseHTTPMiddleware #2812.
• GZipMiddleware: Don't compress on server sent events #2871.

Changed

• MultiPartParser: Rename max_file_size to spool_max_size #2780.

Deprecated

• Add deprecated warning to TestClient(timeout=...) #2840.

Commits

• 4a81176 Version 0.46.2 (#2921)
• 48f7cd7 Prevents reraising of exception from BaseHttpMiddleware (#2911)
• 5d98cd5 Include Python 3.14 to the pipeline (#2919)
• eb6cebb Bump the python-packages group with 6 updates (#2914)
• d278caf Fix link title for contextvars.ContextVar (#2913)
• bcdf0ad fix IndexError in TemplateResponse (#2909)
• c8a4692 Update note about anyio thread pool (#2895)
• aa8f6f0 docs: fix email on sponsorship page
• a8a4437 docs: fix Alex's github handle (#2901)
• df754ca Version 0.46.1 (#2900)
• Additional commits viewable in compare view

Updates together from 1.5.13 to 1.5.15

Release notes

Sourced from together's releases.

v1.5.15

What's Changed

• Fix simpo_gamma default value for CLI by @​timofeev1995 in togethercomputer/together-python#328

Full Changelog: togethercomputer/together-python@v1.5.14...v1.5.15

v1.5.14

What's Changed

• New options for preference tuning: rpo alpha, logprobs normalization, reference-free, simpo gamma by @​timofeev1995 in togethercomputer/together-python#327

Full Changelog: togethercomputer/together-python@v1.5.13...v1.5.14

Commits

• 2d8a0d2 Fix simpo_gamma default value for CLI (#328)
• 5151fd5 New options for preference tuning: rpo alpha, logprobs normalization, referen...
• See full diff in compare view

Updates prometheus-client from 0.21.1 to 0.22.1

Release notes

Sourced from prometheus-client's releases.

v0.22.1

What's Changed

• BugFix: Skip validating and parsing comment lines early (#1108) by @​wissamir in prometheus/client_python#1109
• Use License Expressions in pyproject.toml by @​csmarchbanks in prometheus/client_python#1111

Full Changelog: prometheus/client_python@v0.22.0...v0.22.1

v0.22.0

What's Changed

• Add support for native histograms in OM parser by @​vesari in prometheus/client_python#1040
• Add exemplar support to CounterMetricFamily [Fix #1062] by @​lod in prometheus/client_python#1063
• Fix write_to_textfile leaves back temp files on errors by @​ethanschen in prometheus/client_python#1066
• Support UTF-8 in metric creation, parsing, and exposition by @​ywwg in prometheus/client_python#1070
• Fix incorrect use of reentrant locks by @​suligap in prometheus/client_python#1076
• Remove Python 3.8 support by @​kajinamit in prometheus/client_python#1075
• Check if labelvalues is in _metrics before deletion in MetricWrapperBase.remove() by @​GlorifiedPig in prometheus/client_python#1077
• Add support for Python 3.13 by @​Pliner in prometheus/client_python#1080
• Correct nh sample span structure and parsing by @​vesari in prometheus/client_python#1082
• Migrate from setup.py to pyproject.toml by @​csmarchbanks in prometheus/client_python#1084
• Changed pushgateway.md by @​mallika-mur in prometheus/client_python#1083
• Fix order-dependent flaky tests related to UTF-8 support by @​dg98 in prometheus/client_python#1093
• Update versions for docs Github actions by @​csmarchbanks in prometheus/client_python#1096
• Documentation Updates by @​ethanschen in prometheus/client_python#1097
• Add note on gauge.set_function not working with multiprocessing by @​aapeliv in prometheus/client_python#1098
• Don't send an empty HTTP header for /favicon.ico by @​noselasd in prometheus/client_python#1101

Full Changelog: prometheus/client_python@v0.21.0...v0.22.0

Commits

• d24220a Release 0.22.1
• f294cbb Use License Expressions in pyproject.toml (#1111)
• 938b73e BugFix: Skip validating and parsing comment lines early (#1108) (#1109)
• 8dfa10e Release 0.22.0
• e3902ea Don't send an empty HTTP header. (#1101)
• 23ab826 Add note on gauge.set_function not working with mp, see #504 (#1098)
• c1ff3b2 Update docs (#1097)
• e3bfa1f Update versions for docs Github actions (#1096)
• de8bb4a Fix order-dependent flaky tests related to UTF-8 support (#1093)
• 46eae7b Changed pushgateway.md (#1083)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

MLCommons CLA bot All contributors have signed the MLCommons CLA ✍️ ✅

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.