chore: bump the python group with 3 updates

[dependabot]

Bumps the python group with 3 updates: hypothesis, poethepoet and pre-commit.

Updates hypothesis from 6.151.9 to 6.152.4

Release notes

Sourced from hypothesis's releases.

Hypothesis for Python - version 6.152.4

This patch fixes a rare internal error during "Phase.explain" introduced in version 6.149.0 for certain strategies (issue #4708).

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.152.3

The "hypothesis-urandom" backend now reads from "/dev/urandom" with buffering disabled, which improves the control of those hooking "/dev/urandom" to change or read Hypothesis's random decisions.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.152.2

This release further improves printing of generated values, building on the changes in version 6.151.11.

Principle changes:

• In many cases where we would have printed a complex expression producing a value, we now print the repr (or a pretty-printed version of it).

• Additionally, in some cases where we would print a complex expression that involved a lambda, we are now able to simplify that expression into a more readable one.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.152.1

Improve some internal type hints.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.152.0

Hypothesis generally recommends that the ".hypothesis" directory not be checked into version control. As a result, Hypothesis now automatically creates a ".gitignore" with "*" in the ".hypothesis" directory, which excludes it from being tracked by git.

If you do want to check ".hypothesis" into git, you can remove the ".gitignore" file. Hypothesis will not re-create it unless the entire ".hypothesis" directory is removed.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.151.14

This patch fixes our "from_regex()" type annotations so that "from_regex(..., alphabet=None)" is accepted.

... (truncated)

Commits

• 84f92dc Bump hypothesis-python version to 6.152.4 and update changelog
• c6814df Merge pull request #4717 from HypothesisWorks/DRMacIver/issue4708
• 82e9446 Address PR review feedback
• c77d7e7 Merge pull request #4719 from Liam-DeVoe/fix-mobile-word-wrapping
• 609de04 Bump hypothesis-python version to 6.152.3 and update changelog
• 902f1ba Merge pull request #4720 from Liam-DeVoe/urandom-disable-buffering
• da81118 claude: open /dev/urandom with buffering=0 in URandomProvider
• 4d6a7f0 fix footnote overflow on mobile
• 80fada3 Merge pull request #4714 from HypothesisWorks/DRMacIver/uv
• 4b554b0 Fix AssertionError in Shrinker.explain() for unstable span labels
• Additional commits viewable in compare view

Updates poethepoet from 0.42.1 to 0.45.0

Release notes

Sourced from poethepoet's releases.

0.45.0

Enhancements

• Add support for forwarding free arguments via $POE_EXTRA_ARGS by @​timrid in nat-n/poethepoet#380

Fixes

• Handle cancelled tasks correctly by @​timrid in nat-n/poethepoet#378
• Preserve quotes in :+/:- operator arguments (#333) by @​nat-n in nat-n/poethepoet#377
• Handle ctrl+c attempt on windows if running bat/cmd scripts by @​NSPC911 in nat-n/poethepoet#382

New Contributors

• @​timrid made their first contribution in nat-n/poethepoet#378

Full Changelog: nat-n/poethepoet@v0.44.0...v0.45.0

0.44.0

Enhancements

• Add support for recursive include #317 by @​nat-n in nat-n/poethepoet#372

Breaking changes**

• Transitive includes are now loaded by default. Previously, if an included config file contained its own include entries, those second-order includes were silently ignored. They are now followed recursively using depth-first loading. This may cause previously ignored config files to be loaded, potentially introducing new tasks or environment variables. To preserve the old behavior for a specific include, set recursive = false on that include entry. See the include guide for details.

Full Changelog: nat-n/poethepoet@v0.43.0...v0.44.0

0.43.0

Enhancements

• Add task groups for grouping tasks under a heading in help output by @​brolewis in nat-n/poethepoet#354
• Treat false boolean args as unset env vars and add private vars by @​kzrnm in nat-n/poethepoet#359

Breaking changes

This release includes a refactor of how task variables are managed, improving boolean arg semantics and introducing private variables. These changes may affect a small number of existing configurations:

• Boolean args now produce unset env vars when false. Previously false mapped to the string "False"; now the env var is removed entirely. This gives consistent falsy behavior across shells and parameter expansion operators (:-, :+). Tasks checking for the literal string "False" or using os.environ["flag"] will need updating.

• Private env vars are filtered from subprocesses. Variables starting with _ and containing no uppercase characters (e.g. _secret) are now treated as private — available for config-time interpolation but excluded from the task subprocess environment. This is unlikely to affect existing configurations, but any task that relies on a subprocess reading a _lowercase env var will need to rename it.

• Private arg option names strip leading underscores. An arg named _flag with no explicit options now generates --flag instead of --_flag. A new validation rejects duplicate CLI options across args.

See the migration guide for details and recommended fixes.

New Contributors

• @​brolewis made their first contribution in nat-n/poethepoet#354

Full Changelog: nat-n/poethepoet@v0.42.1...v0.43.0

Commits

• 244cf0b Bump version to 0.45.0
• 3a6c09a feat: support forwarding free arguments via $POE_EXTRA_ARGS (#380)
• a1edcda fix: preserve quotes in :+/:- operator arguments (#333) (#377)
• 3e60a85 fix: handle cancelled asyncio tasks correctly (#378)
• bbdd435 fix: handle ctrl+c attempt on windows if running bat/cmd scripts (#382)
• 67a623d Bump version to 0.44.0
• 472f390 feat!: support recursive includes #317 (#372)
• 3168956 chore: optimize tests to run 17pc faster (#371)
• 6a25fba chore: bump version to 0.43.0
• 83091a5 feat!: treat false boolean args as unset env vars and add private vars (#359)
• Additional commits viewable in compare view

Updates pre-commit from 4.5.1 to 4.6.0

Release notes

Sourced from pre-commit's releases.

pre-commit v4.6.0

Features

• pre-commit hook-impl: allow --hook-dir to be missing to enable easier usage with git 2.54+ git hooks.
  • #3662 PR by @​asottile.

Fixes

• pre-commit hook-impl: --hook-type is required.
  • #3661 PR by @​asottile.

Changelog

Sourced from pre-commit's changelog.

4.6.0 - 2026-04-21

Features

• pre-commit hook-impl: allow --hook-dir to be missing to enable easier usage with git 2.54+ git hooks.
  • #3662 PR by @​asottile.

Fixes

• pre-commit hook-impl: --hook-type is required.
  • #3661 PR by @​asottile.

Commits

• f35134b v4.6.0
• 2a51ffc Merge pull request #3662 from pre-commit/hook-impl-optional-hook-dir
• d7dee32 make --hook-dir optional for hook-impl
• 965aeb1 Merge pull request #3661 from pre-commit/hook-impl-required
• 2eacc06 --hook-type is required for hook-impl
• f5678bf Merge pull request #3657 from pre-commit/pre-commit-ci-update-config
• 054cc5b [pre-commit.ci] pre-commit autoupdate
• 5c0f302 Merge pull request #3652 from pre-commit/pre-commit-ci-update-config
• a5d9114 [pre-commit.ci] pre-commit autoupdate
• 129a1f5 Merge pull request #3641 from pre-commit/mxr-patch-1
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions