chore(deps-dev): Bump the development-dependencies group with 3 updates

[dependabot]

Bumps the development-dependencies group with 3 updates: pytest, ty and types-requests.

Updates pytest from 9.0.2 to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

• #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

• #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

  Previously this resulted in an internal assertion failure during plugin loading.

  Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

• #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

• #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

• #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

• #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
• #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
• #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
• #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

• #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

  -- by aleguy02

Commits

• a7d58d7 Prepare release version 9.0.3
• 089d981 Merge pull request #14366 from bluetech/revert-14193-backport
• 8127eaf Revert "Fix: assertrepr_compare respects dict insertion order (#14050) (#14193)"
• 99a7e60 Merge pull request #14363 from pytest-dev/patchback/backports/9.0.x/95d8423bd...
• ddee02a Merge pull request #14343 from bluetech/cve-2025-71176-simple
• 74eac69 doc: Update training info (#14298) (#14301)
• f92dee7 Merge pull request #14267 from pytest-dev/patchback/backports/9.0.x/d6fa26c62...
• 7ee58ac Merge pull request #12378 from Pierre-Sassoulas/fix-implicit-str-concat-and-d...
• 37da870 Merge pull request #14259 from mitre88/patch-4 (#14268)
• c34bfa3 Add explanation for string context diffs (#14257) (#14266)
• Additional commits viewable in compare view

Updates ty from 0.0.27 to 0.0.29

Release notes

Sourced from ty's releases.

0.0.29

Release Notes

Released on 2026-04-05.

Bug fixes

• Avoid special-casing for dataclasses.field if it's not in field_specifiers (#24397)
• Reject unsupported environment.python-version values in configuration files (#24402)
• Respect supported lower bounds from requires-python (#24401)

Core type checking

• Add support for types.new_class (#23144)
• Fix PEP 695 type aliases in with statement (#24395)
• Respect __new__ and metaclass __call__ return types (#24357)
• Treat enum attributes with type annotations as members (#23776)

Contributors

• @​charliermarsh
• @​carljm

Install ty 0.0.29

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ty/releases/download/0.0.29/ty-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ty/releases/download/0.0.29/ty-installer.ps1 | iex"

Download ty 0.0.29

File	Platform	Checksum
ty-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
ty-x86_64-apple-darwin.tar.gz	Intel macOS	checksum
ty-aarch64-pc-windows-msvc.zip	ARM64 Windows	checksum
ty-i686-pc-windows-msvc.zip	x86 Windows	checksum
ty-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
ty-aarch64-unknown-linux-gnu.tar.gz	ARM64 Linux	checksum
ty-i686-unknown-linux-gnu.tar.gz	x86 Linux	checksum
ty-powerpc64-unknown-linux-gnu.tar.gz	PPC64 Linux	checksum
ty-powerpc64le-unknown-linux-gnu.tar.gz	PPC64LE Linux	checksum

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.29

Released on 2026-04-05.

Bug fixes

• Avoid special-casing for dataclasses.field if it's not in field_specifiers (#24397)
• Reject unsupported environment.python-version values in configuration files (#24402)
• Respect supported lower bounds from requires-python (#24401)

Core type checking

• Add support for types.new_class (#23144)
• Fix PEP 695 type aliases in with statement (#24395)
• Respect __new__ and metaclass __call__ return types (#24357)
• Treat enum attributes with type annotations as members (#23776)

Contributors

• @​charliermarsh
• @​carljm

0.0.28

Released on 2026-04-02.

Bug fixes

• Mark loop header assignments as used to avoid false positives in "unused variable" diagnostics (#24336)

LSP server

• Show constructor signature of classes when hovering over them (#24257)

Core type checking

• Avoid emitting cascading diagnostics when parsing invalid type expressions (#24326)
• Handle most "deep" mutual TypeVar constraints (#24079)
• Improve consistency and quality of diagnostics relating to invalid type forms (#24325)
• Improve robustness of various type-qualifier-related checks (#24251)
• Infer the extra_items keyword argument to class-based TypedDicts as an annotation expression (#24362)
• Use bidirectional inference to fix false positives on operations such as x: list[int | None] = [None] * 2 (#24197)
• Sync vendored typeshed stubs (#24340). Typeshed diff
• Tighten up validation of subscripts and attributes in type expressions (#24329)
• Use infer_type_expression for parsing parameter annotations and return-type annotations (#24353)
• Use infer_type_expression for validating PEP-613 type aliases (#24370)
• Validate TypedDict fields when subclassing (#24338)
• Validate type qualifiers in functional TypedDict fields and the extra_items keyword to functional TypedDicts (#24360)
• Improve diagnostics for invalid functional TypedDicts (#24345)

... (truncated)

Commits

• 438a78d Bump version to 0.0.29 (#3218)
• 927aad2 Bump version to 0.0.28 (#3206)
• 29d288e Publish installers to /installers/ty/latest on the mirror (#3202)
• See full diff in compare view

Updates types-requests from 2.33.0.20260327 to 2.33.0.20260408

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions