From 6e79a301f5b4132b0b40ff9d2f80ec3e174c64c4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 11 Apr 2025 00:04:42 +0000
Subject: [PATCH 1/3] Bump typing-extensions from 4.13.1 to 4.13.2 (#10719)

Bumps [typing-extensions](https://github.com/python/typing_extensions)
from 4.13.1 to 4.13.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/python/typing_extensions/releases">typing-extensions's
releases</a>.</em></p>
<blockquote>
<h2>4.13.2</h2>
<ul>
<li>Fix <code>TypeError</code> when taking the union of
<code>typing_extensions.TypeAliasType</code> and a
<code>typing.TypeAliasType</code> on Python 3.12 and 3.13.
Patch by <a href="https://github.com/jorenham">Joren
Hammudoglu</a>.</li>
<li>Backport from CPython PR <a
href="https://redirect.github.com/python/cpython/pull/132160">#132160</a>
to avoid having user arguments shadowed in generated
<code>__new__</code> by
<code>@typing_extensions.deprecated</code>.
Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python/typing_extensions/blob/main/CHANGELOG.md">typing-extensions's
changelog</a>.</em></p>
<blockquote>
<h1>Release 4.13.2 (April 10, 2025)</h1>
<ul>
<li>Fix <code>TypeError</code> when taking the union of
<code>typing_extensions.TypeAliasType</code> and a
<code>typing.TypeAliasType</code> on Python 3.12 and 3.13.
Patch by <a href="https://github.com/jorenham">Joren
Hammudoglu</a>.</li>
<li>Backport from CPython PR <a
href="https://redirect.github.com/python/cpython/pull/132160">#132160</a>
to avoid having user arguments shadowed in generated
<code>__new__</code> by
<code>@typing_extensions.deprecated</code>.
Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/python/typing_extensions/commit/4525e9dbbd177b4ef8a84f55ff5fe127582a071d"><code>4525e9d</code></a>
Prepare release 4.13.2 (<a
href="https://redirect.github.com/python/typing_extensions/issues/583">#583</a>)</li>
<li><a
href="https://github.com/python/typing_extensions/commit/88a0c200ceb0ccfe4329d3db8a1a863a2381e44c"><code>88a0c20</code></a>
Do not shadow user arguments in generated <code>__new__</code> by
<code>@deprecated</code> (<a
href="https://redirect.github.com/python/typing_extensions/issues/581">#581</a>)</li>
<li><a
href="https://github.com/python/typing_extensions/commit/281d7b0ca6edad384e641d1066b759c280602919"><code>281d7b0</code></a>
Add 3rd party tests for litestar (<a
href="https://redirect.github.com/python/typing_extensions/issues/578">#578</a>)</li>
<li><a
href="https://github.com/python/typing_extensions/commit/8092c3996f4902ad9c74ac2d1d8dd19371ecbaa3"><code>8092c39</code></a>
fix <code>TypeAliasType</code> union with
<code>typing.TypeAliasType</code> (<a
href="https://redirect.github.com/python/typing_extensions/issues/575">#575</a>)</li>
<li>See full diff in <a
href="https://github.com/python/typing_extensions/compare/4.13.1...4.13.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typing-extensions&package-manager=pip&previous-version=4.13.1&new-version=4.13.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/base.txt         | 2 +-
 requirements/constraints.txt  | 2 +-
 requirements/cython.txt       | 2 +-
 requirements/dev.txt          | 2 +-
 requirements/lint.txt         | 2 +-
 requirements/multidict.txt    | 2 +-
 requirements/runtime-deps.txt | 2 +-
 requirements/test.txt         | 2 +-
 8 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/requirements/base.txt b/requirements/base.txt
index 339e35ad3d5..d19f929a06c 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -38,7 +38,7 @@ pycares==4.6.0
     # via aiodns
 pycparser==2.22
     # via cffi
-typing-extensions==4.13.1
+typing-extensions==4.13.2
     # via multidict
 uvloop==0.21.0 ; platform_system != "Windows" and implementation_name == "cpython"
     # via -r requirements/base.in
diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index dfbb2524e24..ffd9ec46e8b 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -255,7 +255,7 @@ trustme==1.2.1 ; platform_machine != "i686"
     # via
     #   -r requirements/lint.in
     #   -r requirements/test.in
-typing-extensions==4.13.1
+typing-extensions==4.13.2
     # via
     #   multidict
     #   mypy
diff --git a/requirements/cython.txt b/requirements/cython.txt
index e472d1de6dc..6ff3be614f7 100644
--- a/requirements/cython.txt
+++ b/requirements/cython.txt
@@ -8,5 +8,5 @@ cython==3.0.12
     # via -r requirements/cython.in
 multidict==6.4.2
     # via -r requirements/multidict.in
-typing-extensions==4.13.1
+typing-extensions==4.13.2
     # via multidict
diff --git a/requirements/dev.txt b/requirements/dev.txt
index fdb2448cfa0..d039657145f 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -246,7 +246,7 @@ trustme==1.2.1 ; platform_machine != "i686"
     # via
     #   -r requirements/lint.in
     #   -r requirements/test.in
-typing-extensions==4.13.1
+typing-extensions==4.13.2
     # via
     #   multidict
     #   mypy
diff --git a/requirements/lint.txt b/requirements/lint.txt
index 8fc7cb27307..3a68f752556 100644
--- a/requirements/lint.txt
+++ b/requirements/lint.txt
@@ -97,7 +97,7 @@ tomli==2.2.1
     #   slotscheck
 trustme==1.2.1
     # via -r requirements/lint.in
-typing-extensions==4.13.1
+typing-extensions==4.13.2
     # via
     #   mypy
     #   pydantic
diff --git a/requirements/multidict.txt b/requirements/multidict.txt
index 70a4468156f..0188685e37b 100644
--- a/requirements/multidict.txt
+++ b/requirements/multidict.txt
@@ -6,5 +6,5 @@
 #
 multidict==6.4.2
     # via -r requirements/multidict.in
-typing-extensions==4.13.1
+typing-extensions==4.13.2
     # via multidict
diff --git a/requirements/runtime-deps.txt b/requirements/runtime-deps.txt
index 54ed4f30f5e..21f925e0a88 100644
--- a/requirements/runtime-deps.txt
+++ b/requirements/runtime-deps.txt
@@ -34,7 +34,7 @@ pycares==4.6.0
     # via aiodns
 pycparser==2.22
     # via cffi
-typing-extensions==4.13.1
+typing-extensions==4.13.2
     # via multidict
 yarl==1.19.0
     # via -r requirements/runtime-deps.in
diff --git a/requirements/test.txt b/requirements/test.txt
index 2087a3e7569..e6a33ff2059 100644
--- a/requirements/test.txt
+++ b/requirements/test.txt
@@ -117,7 +117,7 @@ tomli==2.2.1
     #   pytest
 trustme==1.2.1 ; platform_machine != "i686"
     # via -r requirements/test.in
-typing-extensions==4.13.1
+typing-extensions==4.13.2
     # via
     #   multidict
     #   mypy

From 400215adeb6ee968f336d738557d3f2e06920dd5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 11 Apr 2025 00:05:00 +0000
Subject: [PATCH 2/3] Bump multidict from 6.4.2 to 6.4.3 (#10720)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [multidict](https://github.com/aio-libs/multidict) from 6.4.2 to
6.4.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/multidict/releases">multidict's
releases</a>.</em></p>
<blockquote>
<h2>6.4.3</h2>
<h2>Bug fixes</h2>
<ul>
<li>
<p>Fixed building the library in debug mode.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/multidict/issues/1144">#1144</a>.</p>
</li>
<li>
<p>Fixed custom <code>PyType_GetModuleByDef()</code> when non-heap type
object was passed.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/multidict/issues/1147">#1147</a>.</p>
</li>
</ul>
<h2>Packaging updates and notes for downstreams</h2>
<ul>
<li>
<p>Added the ability to build in debug mode by setting
:envvar:<code>MULTIDICT_DEBUG_BUILD</code> in the environment -- by
:user:<code>bdraco</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/multidict/issues/1145">#1145</a>.</p>
</li>
</ul>
<hr />
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/multidict/blob/master/CHANGES.rst">multidict's
changelog</a>.</em></p>
<blockquote>
<h1>6.4.3</h1>
<p><em>(2025-04-10)</em></p>
<h2>Bug fixes</h2>
<ul>
<li>
<p>Fixed building the library in debug mode.</p>
<p><em>Related issues and pull requests on GitHub:</em>
:issue:<code>1144</code>.</p>
</li>
<li>
<p>Fixed custom <code>PyType_GetModuleByDef()</code> when non-heap type
object was passed.</p>
<p><em>Related issues and pull requests on GitHub:</em>
:issue:<code>1147</code>.</p>
</li>
</ul>
<h2>Packaging updates and notes for downstreams</h2>
<ul>
<li>
<p>Added the ability to build in debug mode by setting
:envvar:<code>MULTIDICT_DEBUG_BUILD</code> in the environment -- by
:user:<code>bdraco</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
:issue:<code>1145</code>.</p>
</li>
</ul>
<hr />
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aio-libs/multidict/commit/5f64e68142df6b4b3075b9df6d7b80b50e4a26eb"><code>5f64e68</code></a>
Release 6.4.3 (<a
href="https://redirect.github.com/aio-libs/multidict/issues/1148">#1148</a>)</li>
<li><a
href="https://github.com/aio-libs/multidict/commit/28b7b4b3361b828ada967a5c045abb289c62ee1a"><code>28b7b4b</code></a>
Run tests in debug mode as well (<a
href="https://redirect.github.com/aio-libs/multidict/issues/1146">#1146</a>)</li>
<li><a
href="https://github.com/aio-libs/multidict/commit/cf690d5e377b16eef63ec96f81a1b536152928d3"><code>cf690d5</code></a>
Fix custom PyType_GetModuleByDef when non-heap type object was passed
(<a
href="https://redirect.github.com/aio-libs/multidict/issues/1147">#1147</a>)</li>
<li><a
href="https://github.com/aio-libs/multidict/commit/57c09c058b04558620a864d78ded2a591cafc66e"><code>57c09c0</code></a>
Fix the library building in debug mode (<a
href="https://redirect.github.com/aio-libs/multidict/issues/1144">#1144</a>)</li>
<li>See full diff in <a
href="https://github.com/aio-libs/multidict/compare/v6.4.2...v6.4.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=multidict&package-manager=pip&previous-version=6.4.2&new-version=6.4.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/base.txt         | 2 +-
 requirements/constraints.txt  | 2 +-
 requirements/cython.txt       | 2 +-
 requirements/dev.txt          | 2 +-
 requirements/multidict.txt    | 2 +-
 requirements/runtime-deps.txt | 2 +-
 requirements/test.txt         | 2 +-
 7 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/requirements/base.txt b/requirements/base.txt
index d19f929a06c..dd371fddf59 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -24,7 +24,7 @@ gunicorn==23.0.0
     # via -r requirements/base.in
 idna==3.6
     # via yarl
-multidict==6.4.2
+multidict==6.4.3
     # via
     #   -r requirements/runtime-deps.in
     #   yarl
diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index ffd9ec46e8b..a6552725c23 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -109,7 +109,7 @@ markupsafe==3.0.2
     # via jinja2
 mdurl==0.1.2
     # via markdown-it-py
-multidict==6.4.2
+multidict==6.4.3
     # via
     #   -r requirements/multidict.in
     #   -r requirements/runtime-deps.in
diff --git a/requirements/cython.txt b/requirements/cython.txt
index 6ff3be614f7..8686651881b 100644
--- a/requirements/cython.txt
+++ b/requirements/cython.txt
@@ -6,7 +6,7 @@
 #
 cython==3.0.12
     # via -r requirements/cython.in
-multidict==6.4.2
+multidict==6.4.3
     # via -r requirements/multidict.in
 typing-extensions==4.13.2
     # via multidict
diff --git a/requirements/dev.txt b/requirements/dev.txt
index d039657145f..dc15b6ce632 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -107,7 +107,7 @@ markupsafe==3.0.2
     # via jinja2
 mdurl==0.1.2
     # via markdown-it-py
-multidict==6.4.2
+multidict==6.4.3
     # via
     #   -r requirements/runtime-deps.in
     #   yarl
diff --git a/requirements/multidict.txt b/requirements/multidict.txt
index 0188685e37b..41435a67142 100644
--- a/requirements/multidict.txt
+++ b/requirements/multidict.txt
@@ -4,7 +4,7 @@
 #
 #    pip-compile --allow-unsafe --output-file=requirements/multidict.txt --resolver=backtracking --strip-extras requirements/multidict.in
 #
-multidict==6.4.2
+multidict==6.4.3
     # via -r requirements/multidict.in
 typing-extensions==4.13.2
     # via multidict
diff --git a/requirements/runtime-deps.txt b/requirements/runtime-deps.txt
index 21f925e0a88..79eb9a4a7ca 100644
--- a/requirements/runtime-deps.txt
+++ b/requirements/runtime-deps.txt
@@ -22,7 +22,7 @@ frozenlist==1.5.0
     #   aiosignal
 idna==3.6
     # via yarl
-multidict==6.4.2
+multidict==6.4.3
     # via
     #   -r requirements/runtime-deps.in
     #   yarl
diff --git a/requirements/test.txt b/requirements/test.txt
index e6a33ff2059..b708feb7f59 100644
--- a/requirements/test.txt
+++ b/requirements/test.txt
@@ -55,7 +55,7 @@ markdown-it-py==3.0.0
     # via rich
 mdurl==0.1.2
     # via markdown-it-py
-multidict==6.4.2
+multidict==6.4.3
     # via
     #   -r requirements/runtime-deps.in
     #   yarl

From 6db713e1188502ee008717c403ee4caef9851bee Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 11 Apr 2025 00:05:11 +0000
Subject: [PATCH 3/3] Bump urllib3 from 2.3.0 to 2.4.0 (#10717)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.3.0 to 2.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.4.0</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support. If your company or organization uses Python and
would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and
thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h1>Features</h1>
<ul>
<li>Applied PEP 639 by specifying the license fields in pyproject.toml.
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/3522">#3522</a>)</li>
<li>Updated exceptions to save and restore more properties during the
pickle/serialization process. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3567">#3567</a>)</li>
<li>Added <code>verify_flags</code> option to
<code>create_urllib3_context</code> with a default of
<code>VERIFY_X509_PARTIAL_CHAIN</code> and
<code>VERIFY_X509_STRICT</code> for Python 3.13+. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3571">#3571</a>)</li>
</ul>
<h1>Bugfixes</h1>
<ul>
<li>Fixed a bug with partial reads of streaming data in Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3555">#3555</a>)</li>
</ul>
<h1>Misc</h1>
<ul>
<li>Switched to uv for installing development dependecies. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3550">#3550</a>)</li>
<li>Removed the <code>multiple.intoto.jsonl</code> asset from GitHub
releases. Attestation of release files since v2.3.0 can be found on
PyPI. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3566">#3566</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.4.0 (2025-04-10)</h1>
<h2>Features</h2>
<ul>
<li>Applied PEP 639 by specifying the license fields in pyproject.toml.
(<code>[#3522](https://github.com/urllib3/urllib3/issues/3522)
&lt;https://github.com/urllib3/urllib3/issues/3522&gt;</code>__)</li>
<li>Updated exceptions to save and restore more properties during the
pickle/serialization process.
(<code>[#3567](https://github.com/urllib3/urllib3/issues/3567)
&lt;https://github.com/urllib3/urllib3/issues/3567&gt;</code>__)</li>
<li>Added <code>verify_flags</code> option to
<code>create_urllib3_context</code> with a default of
<code>VERIFY_X509_PARTIAL_CHAIN</code> and
<code>VERIFY_X509_STRICT</code> for Python 3.13+.
(<code>[#3571](https://github.com/urllib3/urllib3/issues/3571)
&lt;https://github.com/urllib3/urllib3/issues/3571&gt;</code>__)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>Fixed a bug with partial reads of streaming data in Emscripten.
(<code>[#3555](https://github.com/urllib3/urllib3/issues/3555)
&lt;https://github.com/urllib3/urllib3/issues/3555&gt;</code>__)</li>
</ul>
<h2>Misc</h2>
<ul>
<li>Switched to uv for installing development dependecies.
(<code>[#3550](https://github.com/urllib3/urllib3/issues/3550)
&lt;https://github.com/urllib3/urllib3/issues/3550&gt;</code>__)</li>
<li>Removed the <code>multiple.intoto.jsonl</code> asset from GitHub
releases. Attestation of release files since v2.3.0 can be found on
PyPI. (<code>[#3566](https://github.com/urllib3/urllib3/issues/3566)
&lt;https://github.com/urllib3/urllib3/issues/3566&gt;</code>__)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/a5ff7ac3bbb8659e2ec3ed41dd43889f06a7d7bc"><code>a5ff7ac</code></a>
Release 2.4.0</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/a135db29f72f828b0ef7314b856d19696a6f48ba"><code>a135db2</code></a>
Upgrade memray and coverage to fix macOS tests (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3589">#3589</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/8f40e71612505a9985b0a58ad793cd84ec97614a"><code>8f40e71</code></a>
Upgrade the publishing action to get correct licensing info on PyPI (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3585">#3585</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/3ff4e49ddf889554cf295b4a2e1189d066b60c71"><code>3ff4e49</code></a>
Add a link to the 2024 annual report (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3586">#3586</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/75709c1dbd6770618f061fd0b8a6950c7741f17b"><code>75709c1</code></a>
Set verify flags in <code>create_urllib3_context</code> (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3577">#3577</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/5c8f82a2f1c1b7a8360f0c84b5a88f25df070811"><code>5c8f82a</code></a>
Bump astral-sh/setup-uv from 5.3.0 to 5.4.1 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3580">#3580</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/42e90d894b30ef8b897708eb1cdfa24e83cf5067"><code>42e90d8</code></a>
Bump actions/setup-python from 5.4.0 to 5.5.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3579">#3579</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/3e8f2db735dcaced6a3b777aa1966f40c018af7c"><code>3e8f2db</code></a>
Stop using Ubuntu 20.04 and 22.04 in CI (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3570">#3570</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/e29db82a6df5f9a9acbb6997899f93bda79bb61e"><code>e29db82</code></a>
Update exceptions to have more of their attributes pickled (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3572">#3572</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/f8a0c4360ad67aefd79317279ee90c72d5d18697"><code>f8a0c43</code></a>
Add PyPy 3.11 to CI</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/2.3.0...2.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.3.0&new-version=2.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/constraints.txt  | 2 +-
 requirements/dev.txt          | 2 +-
 requirements/doc-spelling.txt | 2 +-
 requirements/doc.txt          | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index a6552725c23..269c2bfa513 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -268,7 +268,7 @@ typing-inspection==0.4.0
     # via pydantic
 uritemplate==4.1.1
     # via gidgethub
-urllib3==2.3.0
+urllib3==2.4.0
     # via requests
 uvloop==0.21.0 ; platform_system != "Windows"
     # via
diff --git a/requirements/dev.txt b/requirements/dev.txt
index dc15b6ce632..31a410990ea 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -259,7 +259,7 @@ typing-inspection==0.4.0
     # via pydantic
 uritemplate==4.1.1
     # via gidgethub
-urllib3==2.3.0
+urllib3==2.4.0
     # via requests
 uvloop==0.21.0 ; platform_system != "Windows" and implementation_name == "cpython"
     # via
diff --git a/requirements/doc-spelling.txt b/requirements/doc-spelling.txt
index a3419c0ecf8..f8e609e1b0c 100644
--- a/requirements/doc-spelling.txt
+++ b/requirements/doc-spelling.txt
@@ -72,7 +72,7 @@ towncrier==23.11.0
     # via
     #   -r requirements/doc.in
     #   sphinxcontrib-towncrier
-urllib3==2.3.0
+urllib3==2.4.0
     # via requests
 
 # The following packages are considered to be unsafe in a requirements file:
diff --git a/requirements/doc.txt b/requirements/doc.txt
index 8cc27705e4d..d25cb572551 100644
--- a/requirements/doc.txt
+++ b/requirements/doc.txt
@@ -65,7 +65,7 @@ towncrier==23.11.0
     # via
     #   -r requirements/doc.in
     #   sphinxcontrib-towncrier
-urllib3==2.3.0
+urllib3==2.4.0
     # via requests
 
 # The following packages are considered to be unsafe in a requirements file: