chore(deps): bump the python-dependencies group across 1 directory with 10 updates

[dependabot]

Updates the requirements on litellm, coverage, langchain, langchain-openai, pypdf, tiktoken, fastapi, cryptography, starlette and pydantic-core to permit the latest version.
Updates litellm from 1.86.2 to 1.89.3

Release notes

Sourced from litellm's releases.

v1.89.3

Verify Docker Image Signature

All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.

Verify using the pinned commit hash (recommended):

A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
  ghcr.io/berriai/litellm:v1.89.3

Verify using the release tag (convenience):

Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/v1.89.3/cosign.pub \
  ghcr.io/berriai/litellm:v1.89.3

Expected output:

The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - The signatures were verified against the specified public key

---

What's Changed

• chore(release): backport #30480, #30543, #30542, #30573 to stable/1.89.x and cut 1.89.3 by @​yuneng-berri in BerriAI/litellm#30888

Full Changelog: BerriAI/litellm@v1.89.2...v1.89.3

v1.88.4

Verify Docker Image Signature

All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.

Verify using the pinned commit hash (recommended):

A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:

</tr></table> 

... (truncated)

Commits

• 33df589 Merge pull request #30888 from BerriAI/litellm_backport_1_89_x_0620
• b4bf258 chore: refresh uv.lock for 1.89.3
• d596376 bump: version 1.89.2 → 1.89.3
• ccf892d fix(guardrails): return 400 not 500 when AIM blocks a request (#30573)
• 9683808 fix(guardrails): stop re-initializing DB guardrails on every poll (#30542)
• 3ab500c fix(guardrails): run pre_call hook once for model-level guardrails (#30543)
• 311be7f fix(integrations): cap Anthropic cache_control injection at 4 blocks (#30480)
• 94dae27 Merge pull request #30681 from BerriAI/litellm_backport_1_89_x_0617
• ad758c9 chore: refresh uv.lock for 1.89.2
• 01d3593 bump: version 1.89.1 → 1.89.2
• Additional commits viewable in compare view

Updates coverage to 7.14.3

Changelog

Sourced from coverage's changelog.

Version 7.14.3 — 2026-06-22

• Fix: the default ... exclusion rule now also matches function bodies whose closing return-type bracket is on its own line (for example, after a long -> dict[ ... ] annotation that a formatter has split over multiple lines). Closes issue 2185, thanks Mengjia Shang <pull 2196_>.

• Fix: On 3.13t, we incorrectly issued Couldn't import C tracer errors. We can't import the C tracer because in 7.14.2 we stopped shipping compiled wheels for 3.13t. Thanks, Hugo van Kemenade <pull 2203_>_.

.. _issue 2185: coveragepy/coveragepy#2185 .. _pull 2196: coveragepy/coveragepy#2196 .. _pull 2203: coveragepy/coveragepy#2203

.. _changes_7-14-2:

Version 7.14.2 — 2026-06-20

• Fix: some messages were being written to stdout, making coverage json -o - useless for capturing JSON output. Now messages are written to stderr, fixing issue 2197_.

• Fix: CoverageData kept one SQLite connection per thread that recorded coverage, but never closed them when those threads terminated. On long runs with many short-lived threads this leaked one file descriptor per dead thread, eventually failing with OSError: [Errno 24] Too many open files. Connections belonging to terminated threads are now closed and dropped. Fixes issue 2192. Thanks, Matthew Lloyd <pull 2193_>.

• Fix: when using sys.monitoring, we were assuming we could use the COVERAGE_ID tool id. But other tools might also assume they could use that id. Pre-allocated ids don't really make sense, so now we search for a usable one instead. Fixes issue 2187_.

• Following the advice of cibuildwheel <no-13t_>_, we no longer distribute wheels for Python 3.13 free-threaded.

.. _issue 2187: coveragepy/coveragepy#2187 .. _issue 2192: coveragepy/coveragepy#2192 .. _pull 2193: coveragepy/coveragepy#2193 .. _issue 2197: coveragepy/coveragepy#2197 .. _no-13t: https://py-free-threading.github.io/ci/#building-free-threaded-wheels-with-cibuildwheel

.. _changes_7-14-1:

... (truncated)

Commits

• 22f13ea docs: sample HTML for 7.14.3
• 2ca4e5f docs: prep for 7.14.3
• 01d714e docs: add changelog entry for #2203
• f36248d fix: don't emit 'Couldn't import C tracer' warning for 3.13t (#2203)
• 86d73d1 docs: thanks, Mengjia Shang
• 3d4ae3c docs: add the #2196 pr link to CHANGES
• f4b2b4d fix: exclude ... bodies after multi-line return-type annotations (#2185) (#...
• 1980ed0 chore: bump sigstore/gh-action-sigstore-python (#2201)
• bca3217 build: since we don't ship 3.13t, don't test it
• 77550d8 docs: oops, mismatched pull requests
• Additional commits viewable in compare view

Updates langchain from 1.3.10 to 1.3.11

Release notes

Sourced from langchain's releases.

langchain==1.3.11

Changes since langchain==1.3.10

release(langchain): 1.3.11 (#38377) fix(langchain,openai): only set strict=True on tools for OpenAI-compatible models in ProviderStrategy (#38370) chore: bump pydantic-settings from 2.12.0 to 2.14.2 in /libs/langchain_v1 (#38279) chore: bump vcrpy from 8.1.1 to 8.2.1 in /libs/langchain_v1 (#38280) chore: bump langsmith from 0.8.9 to 0.8.18 in /libs/langchain_v1 (#38281) docs(langchain): document summarization prompt contract (#38256)

Commits

• 83e8249 release(langchain): 1.3.11 (#38377)
• 6dd45c9 hotfix(anthropic): regenerate cassette (#38376)
• 4a83756 release(openai): 1.3.3 (#38375)
• 792c1a7 fix(openai): drop response item ids when store is false (#38372)
• 9f7e46f release(anthropic): 1.4.7 (#38373)
• 9ef324c fix(langchain,openai): only set strict=True on tools for OpenAI-compatible ...
• 05b5af1 chore(infra): update workflow key name (#38367)
• 8e81774 test(groq): xfail flaky tool choice test (#38365)
• 946fbbb fix(groq): replace deprecated Groq llama models (#38363)
• d11b1fc chore(model-profiles): refresh model profile data (#38341)
• Additional commits viewable in compare view

Updates langchain-openai from 1.3.2 to 1.3.3

Release notes

Sourced from langchain-openai's releases.

langchain-openai==1.3.3

Changes since langchain-openai==1.3.2

release(openai): 1.3.3 (#38375) fix(openai): drop response item ids when store is false (#38372) fix(langchain,openai): only set strict=True on tools for OpenAI-compatible models in ProviderStrategy (#38370) test(openai): clarify expected strict schema error (#38338) fix(openai): drop stop from Responses API payload (#38336) chore: bump langsmith from 0.8.5 to 0.8.18 in /libs/partners/openai (#38293) chore: bump vcrpy from 8.1.1 to 8.2.1 in /libs/partners/openai (#38294) chore(model-profiles): refresh model profile data (#38274) test(openai): vcr embedding raw equivalence tests (#38199)

Commits

• 4a83756 release(openai): 1.3.3 (#38375)
• 792c1a7 fix(openai): drop response item ids when store is false (#38372)
• 9f7e46f release(anthropic): 1.4.7 (#38373)
• 9ef324c fix(langchain,openai): only set strict=True on tools for OpenAI-compatible ...
• 05b5af1 chore(infra): update workflow key name (#38367)
• 8e81774 test(groq): xfail flaky tool choice test (#38365)
• 946fbbb fix(groq): replace deprecated Groq llama models (#38363)
• d11b1fc chore(model-profiles): refresh model profile data (#38341)
• 9d14a5e feat(groq): add performance service tier (#38339)
• cc6b125 test(openai): clarify expected strict schema error (#38338)
• Additional commits viewable in compare view

Updates pypdf from 6.14.0 to 6.14.2

Release notes

Sourced from pypdf's releases.

Version 6.14.2, 2026-06-23

What's new

Security (SEC)

• Avoid infinite loops for incomplete ASCII85 and ASCIIHex inline images (#3892) by @​stefan6419846

Full Changelog

Version 6.14.1, 2026-06-23

What's new

Security (SEC)

• Detect end of stream during inline image end marker detection (#3891) by @​stefan6419846

Full Changelog

Changelog

Sourced from pypdf's changelog.

Version 6.14.2, 2026-06-23

Security (SEC)

• Avoid infinite loops for incomplete ASCII85 and ASCIIHex inline images (#3892)

Full Changelog

Version 6.14.1, 2026-06-23

Security (SEC)

• Detect end of stream during inline image end marker detection (#3891)

Full Changelog

Commits

• 2266ee8 REL: 6.14.2
• 5a33a46 SEC: Avoid infinite loops for incomplete ASCII85 and ASCIIHex inline images (...
• 1ee4e58 REL: 6.14.1
• ec3b145 SEC: Detect end of stream during inline image end marker detection (#3891)
• c6cd82e ROB: Tolerate malformed inline image settings in _read_inline_image (#3889)
• 0ae42ba ROB: Tolerate malformed page label entries in get_label_from_nums (#3884)
• 50617b5 ROB: Tolerate malformed Tm operand count in extract_text (#3877)
• 86e5a82 MAINT: Improve readability (#3874)
• See full diff in compare view

Updates tiktoken from 0.12.0 to 0.13.0

Changelog

Sourced from tiktoken's changelog.

[v0.13.0]

• Update fancy-regex for significantly increased performance
• Branch byte pair encoding to fix performance on unusual input
• Fix AttributeError caused by incomplete redaction of experimental code
• Update version of pyo3
• Update version of optional dependency blobfile

Commits

• fa8b65d Partial sync of codebase (#543)
• dcb3928 [codex] Pin GitHub Actions workflow references (#515)
• 6ec8149 Partial sync of codebase (#495)
• 6ad70b2 Upgrade GitHub Actions for Node 24 compatibility (#472)
• See full diff in compare view

Updates fastapi from 0.124.4 to 0.138.0

Release notes

Sourced from fastapi's releases.

0.138.0

Features

• ✨ Add support for app.frontend("/", directory="dist") and router.frontend("/", directory="dist"). PR #15800 by @​tiangolo.
  • Read the docs: Frontend.

Docs

• 📝 Fix typo in release notes. PR #15807 by @​tiangolo.
• 📝 Add app.frontend() instructions to Agent Library Skill. PR #15805 by @​tiangolo.
• 📝 Update release notes link. PR #15802 by @​tiangolo.
• ✏️ Update white space characters in bigger apps. PR #15801 by @​tiangolo.
• ✏️ Fix grammar, typos, and broken links in docs. PR #15694 by @​YuriiMotov.

Translations

• 🌐 Enable Hindi docs translations. PR #15554 by @​YuriiMotov.

Internal

• 🐛 Fix failing test, update format for raised errors. PR #15804 by @​tiangolo.
• 👷 Fix test-alls-green. PR #15803 by @​tiangolo.
• 🔧 Enable checking release-notes.md for typos. PR #15796 by @​YuriiMotov.
• 📝 Tweak wording about deploying to FastAPI Cloud. PR #15793 by @​tiangolo.
• 🔨 Use gpt-5.5 model in translate.py, specify -chat to avoid warnings. PR #15792 by @​YuriiMotov.

0.137.2

Features

• ✨ Add iter_route_contexts() for advanced use cases that used to use router.routes (e.g. Jupyverse). PR #15785 by @​tiangolo.

Translations

• 🌐 Fix broken Markdown in Korean custom response docs. PR #15774 by @​kooqooo.
• 🌐 Update translations for fr (update-outdated). PR #15761 by @​tiangolo.
• 🌐 Update translations for zh-hant (update-outdated). PR #15760 by @​tiangolo.
• 🌐 Update translations for de (update-outdated). PR #15759 by @​tiangolo.
• 🌐 Update translations for ko (update-outdated). PR #15757 by @​tiangolo.
• 🌐 Update translations for uk (update-outdated). PR #15756 by @​tiangolo.
• 🌐 Update translations for zh (update-outdated). PR #15755 by @​tiangolo.
• 🌐 Update translations for tr (update-outdated). PR #15754 by @​tiangolo.
• 🌐 Update translations for pt (update-outdated). PR #15753 by @​tiangolo.
• 🌐 Update translations for es (update-outdated). PR #15752 by @​tiangolo.
• 🌐 Update translations for ja (update-outdated). PR #15751 by @​tiangolo.
• 🌐 Update translations for ru (update-outdated). PR #15758 by @​tiangolo.

Internal

• 🔧 Update sponsors: add BairesDev. PR #15787 by @​tiangolo.
• 🔨 Update sponsors script to simplify previews. PR #15786 by @​tiangolo.

... (truncated)

Commits

• 4b83b0d 🔖 Release version 0.138.0 (#15808)
• 041cb0c 📝 Update release notes
• 1039384 📝 Fix typo in release notes (#15807)
• 0303491 📝 Update release notes
• 190f6e2 📝 Add Frontend instructions to Agent Library Skill (#15805)
• 17945e5 📝 Update release notes
• 2260afa 🐛 Fix failing test, update format for raised errors (#15804)
• 0cd5001 📝 Update release notes
• 7cb1ab6 👷 Fix test-alls-green (#15803)
• 9c7eceb 📝 Update release notes
• Additional commits viewable in compare view

Updates cryptography from 46.0.7 to 49.0.0

Changelog

Sourced from cryptography's changelog.

49.0.0 - 2026-06-12

* **BACKWARDS INCOMPATIBLE:** Support for ``x86_64`` macOS has been removed.
  We now only publish ``arm64`` wheels for macOS.
* **BACKWARDS INCOMPATIBLE:** Support for 32-bit Windows has been removed.
  Users should move to a 64-bit Python installation.
* **BACKWARDS INCOMPATIBLE:** Removed the deprecated
  ``PUBLIC_KEY_TYPES``, ``PRIVATE_KEY_TYPES``,
  ``CERTIFICATE_PRIVATE_KEY_TYPES``, ``CERTIFICATE_ISSUER_PUBLIC_KEY_TYPES``,
  and ``CERTIFICATE_PUBLIC_KEY_TYPES`` type aliases. Use
  ``PublicKeyTypes``, ``PrivateKeyTypes``, ``CertificateIssuerPrivateKeyTypes``,
  ``CertificateIssuerPublicKeyTypes``, and ``CertificatePublicKeyTypes``
  instead. These were deprecated in version 40.0.
* **BACKWARDS INCOMPATIBLE:** :class:`~cryptography.hazmat.primitives.ciphers.algorithms.ChaCha20`
  now treats the first 4 bytes of the ``nonce`` as a 32-bit little-endian block
  counter (as defined in :rfc:`7539`) and tracks the number of bytes processed.
  Attempting to encrypt or decrypt more data than the counter allows before it
  would overflow now raises a :class:`ValueError` rather than silently diverging
  from RFC 7539. Setting the counter portion of the ``nonce`` to zero allows
  encrypting up to 256 GiB with a given nonce.
* **BACKWARDS INCOMPATIBLE:** Loading an X.509 certificate whose ECDSA or DSA
  signature ``AlgorithmIdentifier`` contains encoded NULL parameters now raises
  a :class:`ValueError`. Such certificates are invalid, but older versions of
  Java emitted them; previously they loaded with a deprecation warning.
* Fixed cross-compilation of the CFFI bindings when ``PYO3_CROSS_LIB_DIR``
  is set. The build now derives the Python include directory from
  ``PYO3_CROSS_LIB_DIR`` instead of querying the host interpreter, which
  previously caused the build to fail during cross-compilations for embedded
  systems, on hosts which have same-version Python development headers
  installed as the target Python.
* Added support for signing and verifying X.509 certificates, certificate
  signing requests, and certificate revocation lists with
  :doc:`/hazmat/primitives/asymmetric/mldsa` keys, as well as loading
  certificates that contain ML-DSA public keys.
* Added :meth:`~cryptography.hazmat.primitives.hpke.KEM.enc_length` to
  :class:`~cryptography.hazmat.primitives.hpke.KEM` so callers can split the
  encapsulated key from the ciphertext returned by
  :meth:`~cryptography.hazmat.primitives.hpke.Suite.encrypt`.
* :meth:`~cryptography.x509.verification.ExtensionPolicy.require_present`,
  :meth:`~cryptography.x509.verification.ExtensionPolicy.may_be_present`, and
  :meth:`~cryptography.x509.verification.ExtensionPolicy.require_not_present`
  now accept any extension type. Previously only a fixed set of extension
  types was supported, which made it impossible to account for otherwise
  unrecognized critical extensions during path validation.
* Added support for using :class:`~cryptography.x509.Certificate`,
  :class:`~cryptography.x509.CertificateSigningRequest`, and
  :class:`~cryptography.x509.CertificateRevocationList` as field types in
  :doc:`/hazmat/asn1/index` structures.
* Added :func:`~cryptography.hazmat.asn1.value_set`, a class decorator that
</tr></table> 

... (truncated)

Commits

• e300bbe bump version and changelog for 49.0.0 (#15030)
• fa74cd8 Add external mu (message representative) support for ML-DSA (#14979)
• f594db3 chore(deps): bump openssl from 0.10.80 to 0.10.81 (#15029)
• 608e011 chore(deps): bump openssl-sys from 0.9.116 to 0.9.117 (#15028)
• a322bc4 chore(deps): bump cc from 1.2.63 to 1.2.64 (#15027)
• 33181a7 Reject critical nameConstraints extensions containing directoryName constrain...
• 6080dc7 Bump dependencies that dependabot isn't (#15026)
• 121faa3 chore(deps): bump virtualenv from 21.4.2 to 21.4.3 (#15023)
• 829520b Add more robust processing for DH parameters. (#15016)
• 0f05001 Bump downstream dependencies in CI (#15025)
• Additional commits viewable in compare view

Updates starlette to 1.3.1

Release notes

Sourced from starlette's releases.

Version 1.3.1

What's Changed

• Use StarletteDeprecationWarning instead of DeprecationWarning by @​Kludex in Kludex/starlette#3119
• Enforce max_fields and max_part_size in FormParser by @​Kludex in Kludex/starlette#3329
• Enforce FormParser limits in parser callbacks by @​Kludex in Kludex/starlette#3331

Full Changelog: Kludex/starlette@1.3.0...1.3.1

Changelog

Sourced from starlette's changelog.

1.3.1 (June 12, 2026)

Fixed

• Enforce max_fields and max_part_size in FormParser #3329.
• Enforce FormParser limits in parser callbacks #3331.

1.3.0 (June 11, 2026)

Added

• Add httpx2 to the full extra #3323.
• Annotate the URLPath protocol parameter with Literal #3285.

Fixed

• Build request.url from structured components #3326.
• Clamp oversized suffix ranges in FileResponse #3307.
• Catch OSError alongside MultiPartException when closing temp files #3191.
• Avoid collapsing exception groups raised from user code #2830.
• Use removeprefix to strip the weak ETag indicator in is_not_modified #3193.
• Fix IndexError in URL.replace() on a URL with no authority #3317.
• Adjust testclient typing and warnings #3322.

1.2.1 (May 31, 2026)

Fixed

• Use httpx2 for type checking in the testclient module #3304.
• Add assert error for requires() when the request parameter is not a Request type #3298.

1.2.0 (May 28, 2026)

Added

• Support httpx2 in the test client #3291.

1.1.0 (May 23, 2026)

Added

• Use "application/octet-stream" as the FileResponse media type fallback #3283.

Fixed

• Only dispatch standard HTTP verbs in HTTPEndpoint #3286.
• Reject absolute paths in StaticFiles.lookup_path #3287.

1.0.1 (May 21, 2026)

... (truncated)

Commits

• 8ebffd0 Version 1.3.1 (#3330)
• 25b8e17 Enforce FormParser limits in parser callbacks (#3331)
• dba1c4b Enforce max_fields and max_part_size in FormParser (#3329)
• 45e51dc Use StarletteDeprecationWarning instead of DeprecationWarning (#3119)
• 5f8610c Version 1.3.0 (#3327)
• 167b585 Build request.url from structured components (#3326)
• 3730925 Use removeprefix to strip weak ETag indicator in is_not_modified (#3193)
• e6f7ad1 avoid collapsing exception groups from user code (#2830)
• 115228f Annotate URLPath protocol parameter with Literal (#3285)
• 113f193 docs: replace inline ASGI server list with link to canonical implemen… (#3204)
• Additional commits viewable in compare view

Updates pydantic-core from 2.46.4 to 2.47.0

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions