chore(deps): update dependency schemathesis to v4 - abandoned

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
schemathesis (changelog)	>=3.39.16,<4 -> >=4.0.19,<5

---

Release Notes

schemathesis/schemathesis (schemathesis)

v4.0.19

Compare Source

🐛 Fixed

• AttributeError during response conformance checks if the response schema contains an error in properties definition.

🔧 Changed

• Report schema errors in response definitions.

v4.0.18

Compare Source

🐛 Fixed

• Correctly merge quantifiers into regular expressions with anchors and a single literal.
• Internal error if a parameter schema contains required with a boolean value instead of an array.

🔧 Changed

• Do not show excessive warnings about unsupported regex in CLI during the coverage phase.

v4.0.17

Compare Source

🐛 Fixed

• Generating negative test cases incorrectly marked as invalid if anyOf or oneOf are present. #​2975
• Set correct data generation mode for stateful test cases if after adding stateful data, a negative test case becomes positive. #​2983

v4.0.16

Compare Source

🐛 Fixed

• Internal error if the stateful phase is used with --generation-unique-inputs. #​2977
• Do not show auth headers for cases when the test case was sent specifically without auth.
• Do not show unnecessary auth warning if the only test that happened was for missing auth.

🔧 Changed

• Improve wording for authentication-related warning.

v4.0.15

Compare Source

🐛 Fixed

• Incorrect serialization of parameters with nested structures during the coverage phase. #​2966

🏎️ Performance

• Improve performance for schemas with multipleOf during the coverage phase.

v4.0.14

Compare Source

🐛 Fixed

• Negative test cases with invalid parameters mistakenly becoming positive test cases. #​2900, #​2913
• CLI: Avoid overriding config options with CLI default values. The CLI options have higher precedence only if explicitly specified.
• CLI: Gracefully handle non-existing config file for the --config-file CLI option.

v4.0.13

Compare Source

🐛 Fixed

• Honor filters defined via a config file in pytest integration.

v4.0.12

Compare Source

🔧 Changed

• Display cURL code sample for application-level exceptions when using the ASGI / WSGI integration.

v4.0.11

Compare Source

🐛 Fixed

• Check for wildcard response keys when searching for response definitions. #​2960

v4.0.10

Compare Source

🐛 Fixed

• Negative test cases with invalid query parameters mistakenly becoming positive test cases.
• Support x-examples as a list for Open API 2.0.

🔧 Changed

• Display cURL code samples on more network errors. #​2940

v4.0.9

Compare Source

🐛 Fixed

• Do not generate negative test cases during the coverage phase if the original schema accepts any value.

🔧 Changed

• Do not display API probing result in the test phases summary.
• Do not display API probing errors in CLI output. Treat errors as a missing capability.
• Display cURL code samples on more network errors. #​2940

v4.0.8

Compare Source

🐛 Fixed

• Use utf-8 encoding when generating JUnit reports.
• Properly display Schemathesis version in CLI.
• Test case metadata containing incorrect info about generated components causing false positive failures in negative_data_rejection and positive_data_acceptance checks. #​2900
• Negative test cases with invalid query parameters mistakenly becoming positive test cases.

v4.0.7

Compare Source

🚀 Added

• Support for application/yaml media type.

🔧 Changed

• Validate schema of YAML response.

v4.0.6

Compare Source

🐛 Fixed

• Use utf-8 encoding when generating JUnit reports

🔧 Changed

• Consider connection error as a failed API probe. #​2935

v4.0.5

Compare Source

🔧 Changed

• Improve error messages for negative_data_rejection and positive_data_acceptance checks.

🐛 Fixed

• Ignoring some string formats during positive test case generation in the coverage phase. #​2930

v4.0.4

Compare Source

🔧 Changed

• Show cURL commands on network timeouts.

🐛 Fixed

• Empty path parameter in the negative tests. #​2912
• Generating negative test cases where query parameters do not appear in the resulting URL making them positive. #​2900

v4.0.3

Compare Source

🔧 Changed

• Pytest: Cleaner error reporting for Schema-related errors (like unknown media type).

🐛 Fixed

• Pytest: Issue where enabling or disabling checks via the config file had no effect.
• Pytest: Ignored tls-verify, request-timeout, request-cert, and request-cert-key options supplied via the config file.

v4.0.2

Compare Source

🐛 Fixed

• Don't send explicitly passed headers for the missing_required_header check. #​2898

v4.0.1

Compare Source

🐛 Fixed

• AttributeError during response conformance checks if the response schema contains an error in properties definition.

🔧 Changed

• Report schema errors in response definitions.

v4.0.0

Compare Source

This release only includes documentation & URLs updates.

Check the Migration Guide for key changes.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

---

This change is 

Summary by Bito

This pull request updates the schemathesis dependency from version 3.39.16 to 4.0.19 as part of routine maintenance. This update is expected to enhance the functionality and reliability of the testing framework used in the project.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: uv.lock

Command failed: uv lock --upgrade-package schemathesis
Using CPython 3.12.3 interpreter at: /usr/bin/python3.12
   Updating https://github.com/NextGenContributions/nitpick (develop-ng)
   Updating https://github.com/NextGenContributions/django2pydantic (main)
    Updated https://github.com/NextGenContributions/django2pydantic (7d52aa6e8d21e0a8ec46dac9d2f84c8ea7e1435e)
    Updated https://github.com/NextGenContributions/nitpick (2d20dbad7b8f58800450a17237d1a1dacc112d05)
  × No solution found when resolving dependencies for split
  │ (python_full_version >= '3.13'):
  ╰─▶ Because semgrep>=1.85.0 depends on tomli>=2.0.1,<2.1.dev0 and only the
      following versions of semgrep are available:
          semgrep<=1.85.0
          semgrep==1.86.0
          semgrep==1.87.0
          semgrep==1.88.0
          semgrep==1.89.0
          semgrep==1.90.0
          semgrep==1.91.0
          semgrep==1.92.0
          semgrep==1.93.0
          semgrep==1.94.0
          semgrep==1.95.0
          semgrep==1.96.0
          semgrep==1.97.0
          semgrep==1.99.0
          semgrep==1.100.0
          semgrep==1.101.0
          semgrep==1.102.0
          semgrep==1.103.0
          semgrep==1.104.0
          semgrep==1.106.0
          semgrep==1.107.0
          semgrep==1.108.0
          semgrep==1.109.0
          semgrep==1.110.0
          semgrep==1.111.0
          semgrep==1.112.0
          semgrep==1.113.0
          semgrep==1.114.0
          semgrep==1.116.0
          semgrep==1.117.0
          semgrep==1.118.0
          semgrep==1.119.0
          semgrep==1.120.0
          semgrep==1.120.1
          semgrep==1.121.0
          semgrep==1.122.0
          semgrep==1.123.0
          semgrep==1.124.0
          semgrep==1.124.1
          semgrep==1.125.0
          semgrep==1.126.0
          semgrep==1.127.0
          semgrep==1.127.1
          semgrep==1.128.0
          semgrep==1.128.1
          semgrep==1.130.0
          semgrep==1.131.0
      we can conclude that semgrep>=1.85.0 depends on tomli>=2.0.1,<2.1.dev0.
      And because schemathesis==4.0.19 depends on tomli>=2.2.1, we can
      conclude that schemathesis==4.0.19 and semgrep>=1.85.0 are incompatible.
      And because only schemathesis<=4.0.19 is available and
      django-ninja-crudl:dev depends on schemathesis>=4.0.19, we can conclude
      that django-ninja-crudl:dev and semgrep>=1.85.0 are incompatible.
      And because django-ninja-crudl:dev depends on semgrep>=1.85.0 and your
      project requires django-ninja-crudl:dev, we can conclude that your
      project's requirements are unsatisfiable.

      hint: While the active Python version is 3.12, the resolution failed for
      other Python versions supported by your project. Consider limiting your
      project's supported Python versions using `requires-python`.

[trunk-io]

Merging to main in this repository is managed by Trunk.

• To merge this pull request, check the box to the left or comment /trunk merge below.

[sourcery-ai]

Reviewer's Guide

This PR bumps the schemathesis dependency from v3 to v4 by updating the version constraint in pyproject.toml to require >=4.0.7,<5, ensuring compatibility with the latest release.

File-Level Changes

Change	Details	Files
Upgraded schemathesis dependency to v4	Changed version specifier from ">=3.39.16,<4" to ">=4.0.7,<5"	pyproject.toml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[evolua-app]

Welcome @renovate[bot]! 🎉

Great PR! I've analyzed your code changes for:

• 🔒 Security vulnerabilities
• ✨ Code quality improvements
• 🎯 Best practices alignment

Ready to see the full review?
Head over to https://evolua.io to:

• Create your free account
• Get detailed insights
• Unlock automated PR reviews
• Ensure high-quality code

Let's make your code even better together! 🚀

[korbit-ai]

By default, I don't review pull requests opened by bots. If you would like me to review this pull request anyway, you can request a review via the /korbit-review command in a comment.

[greptile-apps]

Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Note

Free review on us!

CodeRabbit is offering free reviews until Tue Aug 05 2025 to showcase some of the refinements we've made.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[snyk-io]

🎉 Snyk checks have passed. No issues have been found so far.

✅ code/snyk check is complete. No issues have been found. (View Details)

[deepsource-io]

Here's the code health analysis summary for commits 5dc834a..46794a6. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Summary	Link
Python	✅ Success		View Check ↗

---

💡 If you’re a repository administrator, you can configure the quality gates from the settings.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[qodo-code-review]

CI Feedback 🧐

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: trunk-check / trunk-code-quality

Failed stage: Install the project [❌]

Failure summary: The action failed during the UV sync step because of a Python environment compatibility issue. UV attempted to use the project virtual environment directory /opt/hostedtoolcache/Python/3.13.5/x64 but found it was not a compatible environment and could not recreate it since it's not a virtual environment. Additionally, there's a version mismatch - the setup configured Python 3.13.5 but UV is trying to use Python 3.12.3 interpreter.

Relevant error logs: 1: ##[group]Runner Image Provisioner 2: Hosted Compute Agent ... 189: Successfully set up CPython (3.13.5) 190: ##[endgroup] 191: ##[group]Run UV_PROJECT_ENVIRONMENT=$pythonLocation uv sync --all-extras --dev --frozen --no-install-project 192: �[36;1mUV_PROJECT_ENVIRONMENT=$pythonLocation uv sync --all-extras --dev --frozen --no-install-project�[0m 193: shell: /usr/bin/bash -e {0} 194: env: 195: UV_CACHE_DIR: /home/runner/work/_temp/setup-uv-cache 196: pythonLocation: /opt/hostedtoolcache/Python/3.13.5/x64 197: PKG_CONFIG_PATH: /opt/hostedtoolcache/Python/3.13.5/x64/lib/pkgconfig 198: Python_ROOT_DIR: /opt/hostedtoolcache/Python/3.13.5/x64 199: Python2_ROOT_DIR: /opt/hostedtoolcache/Python/3.13.5/x64 200: Python3_ROOT_DIR: /opt/hostedtoolcache/Python/3.13.5/x64 201: LD_LIBRARY_PATH: /opt/hostedtoolcache/Python/3.13.5/x64/lib 202: ##[endgroup] 203: Using CPython 3.12.3 interpreter at: /usr/bin/python3.12 204: error: Project virtual environment directory `/opt/hostedtoolcache/Python/3.13.5/x64` cannot be used because it is not a compatible environment but cannot be recreated because it is not a virtual environment 205: ##[error]Process completed with exit code 2. 206: Post job cleanup.

[bito-code-review]

Bito Review Skipped - No Changes Detected

Bito didn't review this pull request because we did not detect any changes in the pull request to review.

[renovate]

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.