From 3820c98d86f3ce0bfcb1d38adbb70ae4ceabf0a3 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 2 May 2025 19:05:50 +0000
Subject: [PATCH 1/2] Bump aiodns from 3.2.0 to 3.3.0 (#10821)

Bumps [aiodns](https://github.com/saghul/aiodns) from 3.2.0 to 3.3.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aio-libs/aiodns/commit/dd81a9337d01a789fda478c7031a771d13519ea3"><code>dd81a93</code></a>
Fix release workflow for breaking changes in upload/download artifact
(<a
href="https://redirect.github.com/saghul/aiodns/issues/148">#148</a>)</li>
<li><a
href="https://github.com/aio-libs/aiodns/commit/7feb3d0048a59532cbceaa06dc78cd3b4a20f123"><code>7feb3d0</code></a>
Release 3.3.0 (<a
href="https://redirect.github.com/saghul/aiodns/issues/147">#147</a>)</li>
<li><a
href="https://github.com/aio-libs/aiodns/commit/b6cce69644c3dc70457dc3cc5d248574d43bcb23"><code>b6cce69</code></a>
Use c-ares event thread when available (<a
href="https://redirect.github.com/saghul/aiodns/issues/145">#145</a>)</li>
<li><a
href="https://github.com/aio-libs/aiodns/commit/bca3ae9a63c0a00e8f79beb57e716c7811c108d8"><code>bca3ae9</code></a>
Bump pycares from 4.6.1 to 4.7.0 (<a
href="https://redirect.github.com/saghul/aiodns/issues/146">#146</a>)</li>
<li><a
href="https://github.com/aio-libs/aiodns/commit/ed3c50701a7ee703c6b52c789bdafbcae236b5d0"><code>ed3c507</code></a>
Bump pycares from 4.5.0 to 4.6.1 (<a
href="https://redirect.github.com/saghul/aiodns/issues/143">#143</a>)</li>
<li><a
href="https://github.com/aio-libs/aiodns/commit/a5cc25c96ec325094f87fb67edd44151b1cf5a1c"><code>a5cc25c</code></a>
Bump actions/download-artifact from 4.2.1 to 4.3.0 (<a
href="https://redirect.github.com/saghul/aiodns/issues/144">#144</a>)</li>
<li><a
href="https://github.com/aio-libs/aiodns/commit/7759363145a2de5efddeb30594eea42a41872bb4"><code>7759363</code></a>
Bump pytest-cov from 6.1.0 to 6.1.1 (<a
href="https://redirect.github.com/saghul/aiodns/issues/142">#142</a>)</li>
<li><a
href="https://github.com/aio-libs/aiodns/commit/804a2a419ed0ecc9744d3dd7a2a74c993fde19c2"><code>804a2a4</code></a>
Bump actions/upload-artifact from 2 to 4 (<a
href="https://redirect.github.com/saghul/aiodns/issues/133">#133</a>)</li>
<li><a
href="https://github.com/aio-libs/aiodns/commit/82b066af1a32dcd857fe489f5c76f8b169602f63"><code>82b066a</code></a>
Bump actions/download-artifact from 4.1.7 to 4.2.1 (<a
href="https://redirect.github.com/saghul/aiodns/issues/131">#131</a>)</li>
<li><a
href="https://github.com/aio-libs/aiodns/commit/10207a2763ea5289fce174ac90ba3ae667ae180a"><code>10207a2</code></a>
Fix test coverage (<a
href="https://redirect.github.com/saghul/aiodns/issues/140">#140</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/saghul/aiodns/compare/v3.2.0...v3.3.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiodns&package-manager=pip&previous-version=3.2.0&new-version=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/base.txt         | 2 +-
 requirements/constraints.txt  | 2 +-
 requirements/dev.txt          | 2 +-
 requirements/lint.txt         | 2 +-
 requirements/runtime-deps.txt | 2 +-
 requirements/test.txt         | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/requirements/base.txt b/requirements/base.txt
index 0ef0780fad3..d81b4106930 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -4,7 +4,7 @@
 #
 #    pip-compile --allow-unsafe --output-file=requirements/base.txt --strip-extras requirements/base.in
 #
-aiodns==3.2.0 ; sys_platform == "linux" or sys_platform == "darwin"
+aiodns==3.3.0 ; sys_platform == "linux" or sys_platform == "darwin"
     # via -r requirements/runtime-deps.in
 aiohappyeyeballs==2.6.1
     # via -r requirements/runtime-deps.in
diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index eab34e9938a..9ebfce98cc7 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -4,7 +4,7 @@
 #
 #    pip-compile --allow-unsafe --output-file=requirements/constraints.txt --resolver=backtracking --strip-extras requirements/constraints.in
 #
-aiodns==3.2.0 ; sys_platform == "linux" or sys_platform == "darwin"
+aiodns==3.3.0 ; sys_platform == "linux" or sys_platform == "darwin"
     # via
     #   -r requirements/lint.in
     #   -r requirements/runtime-deps.in
diff --git a/requirements/dev.txt b/requirements/dev.txt
index a5e32e5c37a..dd9956edac2 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -4,7 +4,7 @@
 #
 #    pip-compile --allow-unsafe --output-file=requirements/dev.txt --resolver=backtracking --strip-extras requirements/dev.in
 #
-aiodns==3.2.0 ; sys_platform == "linux" or sys_platform == "darwin"
+aiodns==3.3.0 ; sys_platform == "linux" or sys_platform == "darwin"
     # via
     #   -r requirements/lint.in
     #   -r requirements/runtime-deps.in
diff --git a/requirements/lint.txt b/requirements/lint.txt
index 165f98eb0f0..9fc54767fcd 100644
--- a/requirements/lint.txt
+++ b/requirements/lint.txt
@@ -4,7 +4,7 @@
 #
 #    pip-compile --allow-unsafe --output-file=requirements/lint.txt --strip-extras requirements/lint.in
 #
-aiodns==3.2.0
+aiodns==3.3.0
     # via -r requirements/lint.in
 annotated-types==0.7.0
     # via pydantic
diff --git a/requirements/runtime-deps.txt b/requirements/runtime-deps.txt
index ecbb8e5ecfb..d8e6ef27e9c 100644
--- a/requirements/runtime-deps.txt
+++ b/requirements/runtime-deps.txt
@@ -4,7 +4,7 @@
 #
 #    pip-compile --allow-unsafe --output-file=requirements/runtime-deps.txt --strip-extras requirements/runtime-deps.in
 #
-aiodns==3.2.0 ; sys_platform == "linux" or sys_platform == "darwin"
+aiodns==3.3.0 ; sys_platform == "linux" or sys_platform == "darwin"
     # via -r requirements/runtime-deps.in
 aiohappyeyeballs==2.6.1
     # via -r requirements/runtime-deps.in
diff --git a/requirements/test.txt b/requirements/test.txt
index 777ec621d42..fb1dda3ed54 100644
--- a/requirements/test.txt
+++ b/requirements/test.txt
@@ -4,7 +4,7 @@
 #
 #    pip-compile --allow-unsafe --output-file=requirements/test.txt --resolver=backtracking --strip-extras requirements/test.in
 #
-aiodns==3.2.0 ; sys_platform == "linux" or sys_platform == "darwin"
+aiodns==3.3.0 ; sys_platform == "linux" or sys_platform == "darwin"
     # via -r requirements/runtime-deps.in
 aiohappyeyeballs==2.6.1
     # via -r requirements/runtime-deps.in

From 9dc0a069e15c16cc139619e97396f383c9a7028c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 2 May 2025 19:22:49 +0000
Subject: [PATCH 2/2] Bump pip from 25.1 to 25.1.1 (#10819)

Bumps [pip](https://github.com/pypa/pip) from 25.1 to 25.1.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1.1 (2025-05-02)</h1>
<h2>Bug Fixes</h2>
<ul>
<li>Fix <code>req.source_dir</code> AssertionError when using the legacy
resolver. (<code>[#13353](https://github.com/pypa/pip/issues/13353)
&lt;https://github.com/pypa/pip/issues/13353&gt;</code>_)</li>
<li>Fix crash on Python 3.9.6 and lower when pip failed to compile a
Python module
during installation.
(<code>[#13364](https://github.com/pypa/pip/issues/13364)
&lt;https://github.com/pypa/pip/issues/13364&gt;</code>_)</li>
<li>Names in dependency group includes are now normalized before lookup,
which
fixes incorrect <code>Dependency group '...' not found</code> errors.
(<code>[#13372](https://github.com/pypa/pip/issues/13372)
&lt;https://github.com/pypa/pip/issues/13372&gt;</code>_)</li>
</ul>
<h2>Vendored Libraries</h2>
<ul>
<li>Fix issues with using tomllib from the stdlib if available, rather
than tomli</li>
<li>Upgrade dependency-groups to 1.3.1</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/01857ef79f59a98db592bacb6e7b48f354528c80"><code>01857ef</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/08d8bb91e2c7734f98f828e28215aba15784012a"><code>08d8bb9</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13374">#13374</a> from
pfmoore/fixups</li>
<li><a
href="https://github.com/pypa/pip/commit/2bff84e495a3d31008088c168c5ab9bfa633a172"><code>2bff84e</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13363">#13363</a> from
sbidoul/fix-source_dir-assert</li>
<li><a
href="https://github.com/pypa/pip/commit/644e71d6e339035836dce0adbf59f881b334e186"><code>644e71d</code></a>
News file fixups</li>
<li><a
href="https://github.com/pypa/pip/commit/426856f496a8f84f1e36fded83b3d5e74968a786"><code>426856f</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13364">#13364</a> from
ichard26/bugfix/python39</li>
<li><a
href="https://github.com/pypa/pip/commit/b7e3aead483baf42ca00e29b9758338ad19c130b"><code>b7e3aea</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13356">#13356</a> from
eli-schwartz/tomllib</li>
<li><a
href="https://github.com/pypa/pip/commit/8c678fe85daaf11d8dd6a43b7835088513944655"><code>8c678fe</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13373">#13373</a> from
sirosen/update-vendored-dependency-groups</li>
<li><a
href="https://github.com/pypa/pip/commit/7d006399c0d0d38e55d56a6b0732e959bf75f796"><code>7d00639</code></a>
Update newsfiles for dependency-groups patch</li>
<li><a
href="https://github.com/pypa/pip/commit/6d28bbf065a292f67d3d66d8f47fba15a1a2d512"><code>6d28bbf</code></a>
Update version of <code>dependency-groups</code> to v1.3.1</li>
<li><a
href="https://github.com/pypa/pip/commit/94bd66d615d5f9036c53196f4f2acb7c71d5010c"><code>94bd66d</code></a>
Revert StreamWrapper removal to restore Python 3.9.{0,6} compat</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.1...25.1.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.1&new-version=25.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/constraints.txt | 2 +-
 requirements/dev.txt         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index 9ebfce98cc7..0a6b9beb786 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -294,7 +294,7 @@ zlib-ng==0.5.1
     #   -r requirements/test.in
 
 # The following packages are considered to be unsafe in a requirements file:
-pip==25.1
+pip==25.1.1
     # via pip-tools
 setuptools==80.1.0
     # via
diff --git a/requirements/dev.txt b/requirements/dev.txt
index dd9956edac2..0ef5fa477a7 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -285,7 +285,7 @@ zlib-ng==0.5.1
     #   -r requirements/test.in
 
 # The following packages are considered to be unsafe in a requirements file:
-pip==25.1
+pip==25.1.1
     # via pip-tools
 setuptools==80.1.0
     # via