fix(deps): update python: non-major updates

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	OpenSSF
fastapi (changelog)	project.dependencies	minor	==0.121.3 -> ==0.123.4
gliner	project.optional-dependencies	patch	==0.2.22 -> ==0.2.24
pre-commit	dependency-groups	minor	==4.4.0 -> ==4.5.0
ruff (source, changelog)	dependency-groups	patch	==0.14.6 -> ==0.14.7
ty (changelog)	dependency-groups	patch	==0.0.1a27 -> ==0.0.1a29

---

Release Notes

fastapi/fastapi (fastapi)

v0.123.4

Compare Source

Fixes

• 🐛 Fix OpenAPI schema support for computed fields when using separate_input_output_schemas=False. PR #​13207 by @​vgrafe.

Docs

• 📝 Fix docstring of servers parameter. PR #​14405 by @​YuriiMotov.

v0.123.3

Compare Source

Fixes

• 🐛 Fix Query\Header\Cookie parameter model alias. PR #​14360 by @​YuriiMotov.
• 🐛 Fix optional sequence handling in serialize sequence value with Pydantic V2. PR #​14297 by @​YuriiMotov.

v0.123.2

Compare Source

Fixes

• 🐛 Fix unformatted {type_} in FastAPIError. PR #​14416 by @​Just-Helpful.
• 🐛 Fix parsing extra non-body parameter list. PR #​14356 by @​YuriiMotov.
• 🐛 Fix parsing extra Form parameter list. PR #​14303 by @​YuriiMotov.
• 🐛 Fix support for form values with empty strings interpreted as missing (None if that's the default), for compatibility with HTML forms. PR #​13537 by @​MarinPostma.

Docs

• 📝 Add tip on how to install pip in case of No module named pip error in virtual-environments.md. PR #​14211 by @​zadevhub.
• 📝 Update Primary Key notes for the SQL databases tutorial to avoid confusion. PR #​14120 by @​FlaviusRaducu.
• 📝 Clarify estimation note in documentation. PR #​14070 by @​SaisakthiM.

v0.123.1

Compare Source

Fixes

• 🐛 Avoid accessing non-existing "$ref" key for Pydantic v2 compat remapping. PR #​14361 by @​svlandeg.
• 🐛 Fix TypeError when encoding a decimal with a NaN or Infinity value. PR #​12935 by @​kentwelcome.

Internal

• 🐛 Fix Windows UnicodeEncodeError in CLI test. PR #​14295 by @​hemanth-thirthahalli.
• 🔧 Update sponsors: add Greptile. PR #​14429 by @​tiangolo.
• 👥 Update FastAPI GitHub topic repositories. PR #​14426 by @​tiangolo.
• ⬆ Bump markdown-include-variants from 0.0.6 to 0.0.7. PR #​14423 by @​YuriiMotov.
• 👥 Update FastAPI People - Sponsors. PR #​14422 by @​tiangolo.
• 👥 Update FastAPI People - Contributors and Translators. PR #​14420 by @​tiangolo.

v0.123.0

Compare Source

Fixes

• 🐛 Cache dependencies that don't use scopes and don't have sub-dependencies with scopes. PR #​14419 by @​tiangolo.

v0.122.1

Compare Source

Fixes

• 🐛 Fix hierarchical security scope propagation. PR #​5624 by @​kristjanvalur.

Docs

• 💅 Update CSS to explicitly use emoji font. PR #​14415 by @​tiangolo.

Internal

• ⬆ Bump markdown-include-variants from 0.0.5 to 0.0.6. PR #​14418 by @​YuriiMotov.

v0.122.0

Compare Source

Fixes

• 🐛 Use 401 status code in security classes when credentials are missing. PR #​13786 by @​YuriiMotov.
  • If your code depended on these classes raising the old (less correct) 403 status code, check the new docs about how to override the classes, to use the same old behavior: Use Old 403 Authentication Error Status Codes.

Internal

• 🔧 Configure labeler to exclude files that start from underscore for lang-all label. PR #​14213 by @​YuriiMotov.
• 👷 Add pre-commit config with local script for permalinks. PR #​14398 by @​tiangolo.
• 💄 Use font Fira Code to fix display of Rich panels in docs in Windows. PR #​14387 by @​tiangolo.
• 👷 Add custom pre-commit CI. PR #​14397 by @​tiangolo.
• ⬆ Bump actions/checkout from 5 to 6. PR #​14381 by @​dependabot[bot].
• 👷 Upgrade latest-changes GitHub Action and pin actions/checkout@v5. PR #​14403 by @​svlandeg.
• 🛠️ Add add-permalinks and add-permalinks-page to scripts/docs.py. PR #​14033 by @​YuriiMotov.
• 🔧 Upgrade Material for MkDocs and remove insiders. PR #​14375 by @​tiangolo.

urchade/GLiNER (gliner)

v0.2.24

Compare Source

What's Changed

• Fix load by @​urchade in #​309

Full Changelog: urchade/GLiNER@v0.2.23...v0.2.24

v0.2.23

Compare Source

What's Changed

• fix masking interface for proper training span models by @​Ingvarstep in #​296
• Add inference-time sequence packing support by @​vivekkalyanarangan30 in #​292
• resolved packing params not propagating; added support for other backbones by @​vivekkalyanarangan30 in #​301
• Refactoring GLiNER, making it more modular and easier to use by @​Ingvarstep in #​305
• update transformer version by @​urchade in #​306

New Contributors

• @​vivekkalyanarangan30 made their first contribution in #​292

Full Changelog: urchade/GLiNER@v0.2.22...v0.2.23

pre-commit/pre-commit (pre-commit)

v4.5.0

Compare Source

==================

Features

• Add pre-commit hazmat.
  • #​3585 PR by @​asottile.

astral-sh/ruff (ruff)

v0.14.7

Compare Source

Released on 2025-11-28.

Preview features

• [flake8-bandit] Handle string literal bindings in suspicious-url-open-usage (S310) (#​21469)
• [pylint] Fix PLR1708 false positives on nested functions (#​21177)
• [pylint] Fix suppression for empty dict without tuple key annotation (PLE1141) (#​21290)
• [ruff] Add rule RUF066 to detect unnecessary class properties (#​21535)
• [ruff] Catch more dummy variable uses (RUF052) (#​19799)

Bug fixes

• [server] Set severity for non-rule diagnostics (#​21559)
• [flake8-implicit-str-concat] Avoid invalid fix in (ISC003) (#​21517)
• [parser] Fix panic when parsing IPython escape command expressions (#​21480)

CLI

• Show partial fixability indicator in statistics output (#​21513)

Contributors

• @​mikeleppane
• @​senekor
• @​ShaharNaveh
• @​JumboBear
• @​prakhar1144
• @​tsvikas
• @​danparizher
• @​chirizxc
• @​AlexWaygood
• @​MichaReiser

astral-sh/ty (ty)

v0.0.1a29

Compare Source

v0.0.1a28

Compare Source

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) in timezone Europe/Berlin, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}