Bump the pip-dependencies group across 1 directory with 8 updates

[dependabot]

Bumps the pip-dependencies group with 8 updates in the / directory:

Package	From	To
certifi	2025.4.26	2025.6.15
grpcio	1.70.0	1.73.1
grpcio-tools	1.70.0	1.73.1
protobuf	5.29.5	6.31.1
pyfakefs	5.8.0	5.9.1
pygments	2.19.1	2.19.2
zipp	3.22.0	3.23.0
coverage	7.8.2	7.9.1

Updates certifi from 2025.4.26 to 2025.6.15

Commits

• e767d59 2025.06.15 (#357)
• 3e70765 Bump actions/setup-python from 5.5.0 to 5.6.0
• 9afd2ff Bump actions/download-artifact from 4.2.1 to 4.3.0
• d7c816c remove code that's no longer required that 3.7 is our minimum (#351)
• 1899613 Declare setuptools as the build backend in pyproject.toml (#350)
• c874142 update CI for ubuntu 20.04 deprecation (#348)
• See full diff in compare view

Updates grpcio from 1.70.0 to 1.73.1

Release notes

Sourced from grpcio's releases.

Release v1.73.1

This is release 1.73.1 (gradient) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Python

• [Backport of #39894 to v1.73.x] Fix the issue with gRPC Python Client not reconnecting in certain situations: #38290, #39113, #39631 (#39950).

Release v1.73.0

This is release 1.73.0 (gradient) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

As of this version, gRPC on MacOS & iOS will utilize Abseil's synchronization features, aligning it with other platforms. Should you encounter any issues due to this update, you can disable it by enabling GPR_DISABLE_ABSEIL_SYNC. If you do this, please report any problems by filing a bug at https://github.com/grpc/grpc.

• [Dep] Update Protobuf to v31.0. (#39392)
• [Core] Added GPR_DISABLE_ABSEIL_SYNC. (#39562)
• [xds_override_host] pass through per-endpoint args when creating subchannels. (#39532)
• Expose GRPC_OPENSSL_CLEANUP_TIMEOUT to control shutdown grace period. (#39297)
• [URI] fix parsing of user_info in proxy settings. (#39004)
• [EventEngine] Fix busy loop in thread pool when shutting down. (#39258)
• [Dep] Added a flag to build with openssl instead of boringssl. (#39188)
• [EventEngine] Cleanup: EventEngine client, listener, and dns experiments are on by default on all platforms. (#39079)

C++

• [OpenCensus] Mark OpenCensus and dependent APIs as deprecated. (#39554)

Python

• [Python] Pin Cython to 3.1.1. (#39609)
• [Python] grpc_tools: make PythonGrpcGenerator handle dot . in proto paths the same way as native Generator/PyiGenerator. (#39586)

Ruby

• [Ruby] add remove_unused_artifacts to opt build. (#39593)

... (truncated)

Commits

• 6eae42b [Release] Bump version to 1.73.1 (on v1.73.x branch) (#39973)
• e6b3f29 [Backport][v1.73.x][Python Core][EventEngine] Fix Python reconnect issues: us...
• 95dd243 [Release] Bump version to 1.73.0 (on v1.73.x branch) (#39787)
• 9f9728c [Release] Bump version to 1.73.0-pre2 (on v1.73.x branch) (#39721)
• 481fcfd [xDS] remove env var guards for gRFCs A81, A82, and A83 (#39711)
• 5d0f2c8 Fix Python linux distribtest for aarch64_alpine target and enable for presubm...
• ce0bd2d [Release] Bump version to 1.73.0-pre1 (on v1.73.x branch) (#39643)
• 233368b [Backport][v1.73.x][Python] Fix Python Linux distribtests copy conflicts (#39...
• f71fac7 [Release] Bump core version to 48.0.0 for upcoming release (#39611)
• c19a471 [Python] Pin Cython to 3.1.1 (#39609)
• Additional commits viewable in compare view

Updates grpcio-tools from 1.70.0 to 1.73.1

Release notes

Sourced from grpcio-tools's releases.

Release v1.73.1

This is release 1.73.1 (gradient) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Python

• [Backport of #39894 to v1.73.x] Fix the issue with gRPC Python Client not reconnecting in certain situations: #38290, #39113, #39631 (#39950).

Release v1.73.0

This is release 1.73.0 (gradient) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

As of this version, gRPC on MacOS & iOS will utilize Abseil's synchronization features, aligning it with other platforms. Should you encounter any issues due to this update, you can disable it by enabling GPR_DISABLE_ABSEIL_SYNC. If you do this, please report any problems by filing a bug at https://github.com/grpc/grpc.

• [Dep] Update Protobuf to v31.0. (#39392)
• [Core] Added GPR_DISABLE_ABSEIL_SYNC. (#39562)
• [xds_override_host] pass through per-endpoint args when creating subchannels. (#39532)
• Expose GRPC_OPENSSL_CLEANUP_TIMEOUT to control shutdown grace period. (#39297)
• [URI] fix parsing of user_info in proxy settings. (#39004)
• [EventEngine] Fix busy loop in thread pool when shutting down. (#39258)
• [Dep] Added a flag to build with openssl instead of boringssl. (#39188)
• [EventEngine] Cleanup: EventEngine client, listener, and dns experiments are on by default on all platforms. (#39079)

C++

• [OpenCensus] Mark OpenCensus and dependent APIs as deprecated. (#39554)

Python

• [Python] Pin Cython to 3.1.1. (#39609)
• [Python] grpc_tools: make PythonGrpcGenerator handle dot . in proto paths the same way as native Generator/PyiGenerator. (#39586)

Ruby

• [Ruby] add remove_unused_artifacts to opt build. (#39593)

... (truncated)

Commits

• 6eae42b [Release] Bump version to 1.73.1 (on v1.73.x branch) (#39973)
• e6b3f29 [Backport][v1.73.x][Python Core][EventEngine] Fix Python reconnect issues: us...
• 95dd243 [Release] Bump version to 1.73.0 (on v1.73.x branch) (#39787)
• 9f9728c [Release] Bump version to 1.73.0-pre2 (on v1.73.x branch) (#39721)
• 481fcfd [xDS] remove env var guards for gRFCs A81, A82, and A83 (#39711)
• 5d0f2c8 Fix Python linux distribtest for aarch64_alpine target and enable for presubm...
• ce0bd2d [Release] Bump version to 1.73.0-pre1 (on v1.73.x branch) (#39643)
• 233368b [Backport][v1.73.x][Python] Fix Python Linux distribtests copy conflicts (#39...
• f71fac7 [Release] Bump core version to 48.0.0 for upcoming release (#39611)
• c19a471 [Python] Pin Cython to 3.1.1 (#39609)
• Additional commits viewable in compare view

Updates protobuf from 5.29.5 to 6.31.1

Commits

• 74211c0 Updating version.json and repo version numbers to: 31.1
• 63fa9ab Merge pull request #21978 from shaod2/31.1-cp
• bec5b5a Add missing copts attribute (#21982)
• 96a9ef6 Fix cmake staleness test
• 3419598 Support allowing late injection of language feature set defaults from Feature...
• 0fe099a python pyi print "import datetime" for Duration/Timestamp field (#21885)
• f156008 Merge pull request #21861 from shaod2/py-cp-31
• a3921fb Add recursion depth limits to pure python
• ac94456 Merge pull request #21744 from protocolbuffers/31.x-202505141617
• f275995 Updating version.json and repo version numbers to: 31.1-dev
• Additional commits viewable in compare view

Updates pyfakefs from 5.8.0 to 5.9.1

Release notes

Sourced from pyfakefs's releases.

pyfakefs release version 5.9.1

This is a bugfix release:

• fixes a regression in packaging in previous version (missing tests)
• correct incomplete fix in previous version (not working in Python 3.9)

pyfakefs release version 5.9.0

Adds support for an API change in latest Python patch releases. Change the release notes for a list of changes.

Changelog

Sourced from pyfakefs's changelog.

Version 5.9.1 (2025-06-23)

Fixes regression in packaging in version 5.9.0.

Fixes

• fixed handling of added strict argument in Python 3.9.23
• make sure test files are packaged (see #1186)

Version 5.9.0 (2025-06-21)

Adds support for an API change in latest Python patch releases.

Changes

• the message from an OSError raised in the fake filesystem has no longer the postfix "in the fake filesystem" (see #1159)
• changed implementation of FakeShutilModule to prepare it for usage without the patcher (see #1171)

Enhancements

• added convenience function add_package_metadata to add the metadata of a given package to the fake filesystem (see #1155)

Fixes

• fixed handling of dynamic imports from code in the fake filesystem in Python > 3.11 (see #1121)
• fixed workaround for recursion with pytest under Windows to ignore capitalization of pytest executable (see #1096)
• added missing mode property to fake file wrapper (see #1162)
• fixed instantiation of a standalone FakePathlibModule for Python >= 3.11 (see #1169)
• added support for new value "ALLOW_MISSING" of strict argument in os.path.realpath (introduced in latest patch version of Python >= 3.10, see #1180)

Infrastructure

• adapt test for increased default buffer size in Python 3.14a6
• replace session-scoped with module-scoped fixture in test, run pytest over all tests in docker containers (see #1151)
• remove setup.py and setup.cfg in favor of pyproject.toml

Commits

• b6b3967 Release 5.9.1
• 66a26fd Make sure all test files are packaged
• b31b8e0 Fix handling of strict argument in Python 3.9.23
• b722bcc Release 5.9.0
• a80d441 Add thread lock for global patches
• f1c86aa Update xlrd from 2.0.1 to 2.0.2
• bcd91d1 Move shutil patches to fake shutil module
• edd6a6c Add support for new strict value "ALLOW_MISSING" in os.path.realpath
• 7ebfca1 [pre-commit.ci] pre-commit autoupdate
• e3d0008 Pin furo to latest version 2024.8.6
• Additional commits viewable in compare view

Updates pygments from 2.19.1 to 2.19.2

Release notes

Sourced from pygments's releases.

2.19.2

• Lua: Fix regression introduced in 2.19.0 (#2882, #2839)

Changelog

Sourced from pygments's changelog.

Version 2.19.2

(released June 21st, 2025)

• Lua: Fix regression introduced in 2.19.0 (#2882, #2839)

Commits

• cfca62e Prepare v2.19.2 release.
• 6688300 Disable pyodide (currently broken.)
• 66997c3 Update ruff version.
• 94dda77 Update CHANGES.
• 26634c8 Merge pull request #2882 from thavelick/fix_lua_runaway_regex
• b6a51ec fix lua regex causing runaway backtracking.
• edef94d Investigation for #2839.
• fb6a00e Merge pull request #2837 from dlazin/sql-cleanup
• bf7aa23 Clean up sql.py
• See full diff in compare view

Updates zipp from 3.22.0 to 3.23.0

Changelog

Sourced from zipp's changelog.

v3.23.0

Features

• Add a compatibility shim for Python 3.13 and earlier. (#145)

Commits

• ccb4111 Finalize
• 5b5725d Merge pull request #146 from jaraco/debt/backport-gh-133337
• c1dca82 Remove unused dependency.
• 717d770 Add a compatibility shim for Python 3.13 and earlier.
• d860de4 gh-133306: Use \z instead of \Z in regular expressions in the stdlib (GH-133337)
• See full diff in compare view

Updates coverage from 7.8.2 to 7.9.1

Changelog

Sourced from coverage's changelog.

Version 7.9.1 — 2025-06-13

• The "no-ctracer" warning is not issued for Python pre-release versions. Coverage doesn't ship compiled wheels for those versions, so this was far too noisy.

• On Python 3.14+, the "sysmon" core is now the default if it's supported for your configuration. Plugins and dynamic contexts are still not supported with it.

.. _changes_7-9-0:

Version 7.9.0 — 2025-06-11

• Added a [run] core configuration setting to specify the measurement core, which was previously only available through the COVERAGE_CORE environment variable. Finishes issue 1746_.

• Fixed incorrect rendering of f-strings with doubled braces, closing issue 1980_.

• If the C tracer core can't be imported, a warning ("no-ctracer") is issued with the reason.

• The C tracer core extension module now conforms to PEP 489, closing issue 1977. Thanks, Adam Turner <pull 1978_>_.

• Fixed a "ValueError: min() arg is an empty sequence" error caused by strange empty modules, found by oss-fuzz_.

.. _issue 1746: nedbat/coveragepy#1746 .. _issue 1977: nedbat/coveragepy#1977 .. _pull 1978: nedbat/coveragepy#1978 .. _issue 1980: nedbat/coveragepy#1980 .. _PEP 489: https://peps.python.org/pep-0489 .. _oss-fuzz: https://google.github.io/oss-fuzz/

.. _changes_7-8-2:

Commits

• 4fa1b71 docs: sample HTML for 7.9.1
• 5cf757b docs: prep for 7.9.1
• bea6204 fix: better defaulting of core
• 7795441 fix: fewer warnings, default to sys.monitoring on 3.14+
• 18aa074 fix: some custom builds don't have file
• 8c5bf65 chore: make upgrade
• 128c4f4 build: bump version to 7.9.1
• 452d86f docs: sample HTML for 7.9.0
• a670927 docs: prep for 7.9.0
• 3b0cb87 build: windows 3.14 is fixed
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
grpcio	[>= 1.65.1.a, < 1.65.2]
grpcio-tools	[>= 1.65.1.a, < 1.65.2]
grpcio	[>= 1.65.4.a, < 1.65.5]
grpcio-tools	[>= 1.65.4.a, < 1.65.5]
grpcio	[>= 1.65.2.a, < 1.65.3]
grpcio-tools	[>= 1.65.2.a, < 1.65.3]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions