Bump the prod-deps group with 7 updates

[dependabot]

Bumps the prod-deps group with 7 updates:

Package	From	To
termcolor	2.5.0	3.0.1
types-tqdm	4.67.0.20250319	4.67.0.20250404
pydantic	2.11.1	2.11.2
typing-extensions	4.13.0	4.13.1
tenacity	9.0.0	9.1.2
starlette	0.45.3	0.46.1
together	1.5.4	1.5.5

Updates termcolor from 2.5.0 to 3.0.1

Release notes

Sourced from termcolor's releases.

Release 3.0.1

Fixed

• Fix licence filename in metadata (#100) @​hugovk

Release 3.0.0

Added

• Add support for Python 3.14 (#87) @​hugovk

Changed

• Only apply FORCE_COLOR, NO_COLOR and ANSI_COLORS_DISABLED when present and not an empty string (#92) @​hugovk
• Replace deprecated classifier with licence expression (PEP 639) (#95) @​hugovk
• Speedup: move typing imports into type-checking block (#94) @​hugovk
• Lint with faster action-pre-commit-uv: 1m22s -> 48s and 21s -> 15s (#86) @​hugovk

Removed

• Replace literal types with strings (#97) @​hugovk
• Remove deprecated __ALL__, use __all__ instead (#93) @​hugovk

Commits

• b2c165a Fix licence filename in metadata (#100)
• c56a313 Fix licence filename in metadata
• 0c7c034 Update coverage.py and Renovate config (#98)
• 2d36624 Disable semantic commits for Renovate
• c38902a Disable coverage.py sysmon warning via slug
• 6be5b48 Replace literal types with strings (#97)
• 5761438 Only apply FORCE_COLOR, NO_COLOR and ANSI_COLORS_DISABLED when present ...
• 36bee61 Replace literal types with strings
• 18a80aa Remove deprecated __ALL__, use __all__ instead (#93)
• 88f4b92 Only apply ANSI_COLORS_DISABLED when present and not an empty string
• Additional commits viewable in compare view

Updates types-tqdm from 4.67.0.20250319 to 4.67.0.20250404

Commits

• See full diff in compare view

Updates pydantic from 2.11.1 to 2.11.2

Release notes

Sourced from pydantic's releases.

v2.11.2 2025-04-03

What's Changed

Fixes

• Bump pydantic-core to v2.33.1 by @​Viicos in pydantic/pydantic#11678
• Make sure __pydantic_private__ exists before setting private attributes by @​Viicos in pydantic/pydantic#11666
• Do not override FieldInfo._complete when using field from parent class by @​Viicos in pydantic/pydantic#11668
• Provide the available definitions when applying discriminated unions by @​Viicos in pydantic/pydantic#11670
• Do not expand root type in the mypy plugin for variables by @​Viicos in pydantic/pydantic#11676
• Mention the attribute name in model fields deprecation message by @​Viicos in pydantic/pydantic#11674
• Properly validate parameterized mappings by @​Viicos in pydantic/pydantic#11658
• Prepare release v2.11.2 by @​Viicos in pydantic/pydantic#11684

Full Changelog: pydantic/pydantic@v2.11.1...v2.11.2

Changelog

Sourced from pydantic's changelog.

v2.11.2 (2025-04-03)

GitHub release

What's Changed

Fixes

• Bump pydantic-core to v2.33.1 by @​Viicos in #11678
• Make sure __pydantic_private__ exists before setting private attributes by @​Viicos in #11666
• Do not override FieldInfo._complete when using field from parent class by @​Viicos in #11668
• Provide the available definitions when applying discriminated unions by @​Viicos in #11670
• Do not expand root type in the mypy plugin for variables by @​Viicos in #11676
• Mention the attribute name in model fields deprecation message by @​Viicos in #11674
• Properly validate parameterized mappings by @​Viicos in #11658

Commits

• bd1f8cf Prepare release v2.11.2 (#11684)
• f70f291 Add integration documentation for llms.txt (#11677)
• 34095c7 Properly validate parameterized mappings (#11658)
• dfa6c67 Mention the attribute name in model fields deprecation message (#11674)
• cbf4202 Do not expand root type in the mypy plugin for variables (#11676)
• 8b0825a Provide the available definitions when applying discriminated unions (#11670)
• 86c5703 Do not override FieldInfo._complete when using field from parent class (#11...
• da84149 Make sure __pydantic_private__ exists before setting private attributes (#1...
• 0cfe853 Bump pydantic-core to v2.33.1 (#11678)
• See full diff in compare view

Updates typing-extensions from 4.13.0 to 4.13.1

Release notes

Sourced from typing-extensions's releases.

4.13.1

This is a bugfix release fixing two edge cases that appear on old bugfix releases of CPython.

Bugfixes:

• Fix regression in 4.13.0 on Python 3.10.2 causing a TypeError when using Concatenate. Patch by Daraan.
• Fix TypeError when using evaluate_forward_ref on Python 3.10.1-2 and 3.9.8-10. Patch by Daraan.

Changelog

Sourced from typing-extensions's changelog.

Release 4.13.1 (April 3, 2025)

Bugfixes:

• Fix regression in 4.13.0 on Python 3.10.2 causing a TypeError when using Concatenate. Patch by Daraan.
• Fix TypeError when using evaluate_forward_ref on Python 3.10.1-2 and 3.9.8-10. Patch by Daraan.

Commits

• 45a8847 Prepare release 4.13.1 (#573)
• f264e58 Move CI to "ubuntu-latest" (round 2) (#570)
• 5ce0e69 Fix TypeError with evaluate_forward_ref on some 3.10 and 3.9 versions (#558)
• 304f5cb Add SQLAlchemy to third-party daily tests (#561)
• ebe2b94 Fix duplicated keywords for typing._ConcatenateGenericAlias in 3.10.2 (#557)
• 9f93d6f Add intersphinx links for 3.13 typing features (#550)
• See full diff in compare view

Updates tenacity from 9.0.0 to 9.1.2

Release notes

Sourced from tenacity's releases.

9.1.2

Full Changelog: jd/tenacity@9.1.1...9.1.2

9.1.1

What's Changed

• Test with Python 3.13 by @​edgarrmondragon in jd/tenacity#480
• ci: remove Python 3.8 support by @​jd in jd/tenacity#515
• fix: return "Self" from "BaseRetrying.copy" by @​ThirVondukr in jd/tenacity#518
• ci: upload on PyPI using trusted publishing by @​jd in jd/tenacity#520
• Add re.Pattern to allowed match types by @​robertschweizer in jd/tenacity#497

New Contributors

• @​Young-Lord made their first contribution in jd/tenacity#491
• @​edgarrmondragon made their first contribution in jd/tenacity#480
• @​ThirVondukr made their first contribution in jd/tenacity#518
• @​robertschweizer made their first contribution in jd/tenacity#497

Full Changelog: jd/tenacity@9.0.0...9.1.0

Commits

• 62787c3 ci: fix build
• 2b173a1 ci: fix typo
• a44271f fix: Add re.Pattern to allowed match types (#497)
• b4dfa3f chore(deps): bump actions/setup-python in the github-actions group (#522)
• f9a879c ci: upload on PyPI using trusted publishing (#520)
• bfbf173 fix: return "Self" from "BaseRetrying.copy" (#518)
• 212c47c ci: update ubuntu image (#516)
• 3e2c181 ci: remove Python 3.8 support (#515)
• 3203359 Test with Python 3.13 (#480)
• 72db274 chore(deps): bump actions/setup-python in the github-actions group (#513)
• Additional commits viewable in compare view

Updates starlette from 0.45.3 to 0.46.1

Release notes

Sourced from starlette's releases.

Version 0.46.1

Fixed

• Allow relative directory path when follow_symlinks=True #2896.

---

Full Changelog: Kludex/starlette@0.46.0...0.46.1

Version 0.46.0

Added

• GZipMiddleware: Make sure Vary header is always added if a response can be compressed #2865.

Fixed

• Raise exception from background task on BaseHTTPMiddleware #2812.
• GZipMiddleware: Don't compress on server sent events #2871.

Changed

• MultiPartParser: Rename max_file_size to spool_max_size #2780.

Deprecated

• Add deprecated warning to TestClient(timeout=...) #2840.

New Contributors

• @​musicinmybrain made their first contribution in encode/starlette#2855
• @​WilliamDEdwards made their first contribution in encode/starlette#2870
• @​mattmess1221 made their first contribution in encode/starlette#2865

Full Changelog: Kludex/starlette@0.45.3...0.46.0

Changelog

Sourced from starlette's changelog.

0.46.1 (March 8, 2025)

Fixed

• Allow relative directory path when follow_symlinks=True #2896.

0.46.0 (February 22, 2025)

Added

• GZipMiddleware: Make sure Vary header is always added if a response can be compressed #2865.

Fixed

• Raise exception from background task on BaseHTTPMiddleware #2812.
• GZipMiddleware: Don't compress on server sent events #2871.

Changed

• MultiPartParser: Rename max_file_size to spool_max_size #2780.

Deprecated

• Add deprecated warning to TestClient(timeout=...) #2840.

Commits

• df754ca Version 0.46.1 (#2900)
• 9b704ac Add sponsorship page (#2899)
• bc3b400 Allow relative directory path when follow_symlinks=True (#2896)
• 4915873 Bump the python-packages group with 6 updates (#2894)
• 708930c Document how to configure CORSMiddleware globally (#2885)
• a404872 Version 0.46.0 (#2883)
• 9a8e929 Document how to resize the threadpool (#2881)
• 5cc4ddf Raise exception from background task on BaseHTTPMiddleware (#2812)
• f13d354 fix(gzip): Make sure Vary header is always added if a response can be compres...
• abe3554 Add notes about the GZip middleware (#2880)
• Additional commits viewable in compare view

Updates together from 1.5.4 to 1.5.5

Release notes

Sourced from together's releases.

v1.5.5

What's Changed

• Add more information from response object to APIError during file upload by @​avnermay in togethercomputer/together-python#289
• Fix empty LR scheduler for old jobs, clean up argument validation by @​mryab in togethercomputer/together-python#288
• Make fine-tuning job validation messages more informative by @​connermanuel in togethercomputer/together-python#292

New Contributors

• @​avnermay made their first contribution in togethercomputer/together-python#289

Full Changelog: togethercomputer/together-python@v1.5.4...v1.5.5

Commits

• c3d2a35 Make fine-tuning job validation messages more informative (#292)
• cd154f8 Fix empty LR scheduler for old jobs, clean up argument validation (#288)
• e0de91e Add more information from response object to APIError during file upload (#289)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

MLCommons CLA bot All contributors have signed the MLCommons CLA ✍️ ✅

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.