Bump the all-dependencies group across 1 directory with 6 updates

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps the all-dependencies group with 6 updates in the / directory:

Package	From	To
prophet	1.1.6	1.1.7
grpcio	1.70.0	1.73.0
grpcio-tools	1.70.0	1.73.0
pydantic	2.11.5	2.11.7
prometheus-client	0.22.0	0.22.1
kubernetes	32.0.1	33.1.0

Updates prophet from 1.1.6 to 1.1.7

Release notes

Sourced from prophet's releases.

v1.1.7

What's Changed

• Enable creation of custom performance metrics by @​hub-bla in facebook/prophet#2599
• chore: address pandas futurewarning from "M" being deprecated by @​MarcoGorelli in facebook/prophet#2632
• cleanup() for cross_validate by @​tcuongd in facebook/prophet#2671

New Contributors

• @​hub-bla made their first contribution in facebook/prophet#2599

Full Changelog: facebook/prophet@v1.1.6...v1.1.7

Commits

• a0d1ddf bump
• 8172d9b bugfix
• acd41a3 cleanup() for cross_validate (#2671)
• e9593f2 bugfix: R CI (#2672)
• 7bc6473 Update dyplot.prophet in plot.R (#2665)
• 700a74e Bump nokogiri from 1.16.5 to 1.18.8 in /docs (#2669)
• 23fcef4 Fix bug with yearly.seasonality = 1 (#2641)
• bd73db8 chore: R CI machine 20.04 to 22.04 (#2670)
• 3cbad64 chore: improve and add some missing docstrings (#2663)
• 3b68bd4 fix[docs]: add HTML formatting to table (#2634)
• Additional commits viewable in compare view

Updates grpcio from 1.70.0 to 1.73.0

Release notes

Sourced from grpcio's releases.

Release v1.73.0

This is release 1.73.0 (gradient) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

As of this version, gRPC on MacOS & iOS will utilize Abseil's synchronization features, aligning it with other platforms. Should you encounter any issues due to this update, you can disable it by enabling GPR_DISABLE_ABSEIL_SYNC. If you do this, please report any problems by filing a bug at https://github.com/grpc/grpc.

• [Dep] Update Protobuf to v31.0. (#39392)
• [Core] Added GPR_DISABLE_ABSEIL_SYNC. (#39562)
• [xds_override_host] pass through per-endpoint args when creating subchannels. (#39532)
• Expose GRPC_OPENSSL_CLEANUP_TIMEOUT to control shutdown grace period. (#39297)
• [URI] fix parsing of user_info in proxy settings. (#39004)
• [EventEngine] Fix busy loop in thread pool when shutting down. (#39258)
• [Dep] Added a flag to build with openssl instead of boringssl. (#39188)
• [EventEngine] Cleanup: EventEngine client, listener, and dns experiments are on by default on all platforms. (#39079)

C++

• [OpenCensus] Mark OpenCensus and dependent APIs as deprecated. (#39554)

Python

• [Python] Pin Cython to 3.1.1. (#39609)
• [Python] grpc_tools: make PythonGrpcGenerator handle dot . in proto paths the same way as native Generator/PyiGenerator. (#39586)

Ruby

• [Ruby] add remove_unused_artifacts to opt build. (#39593)

Release v1.73.0-pre2

This is a prerelease of gRPC Core 1.73.0 (gradient).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This prerelease contains refinements, improvements, and bug fixes.

Release v1.73.0-pre1

This is a prerelease of gRPC Core 1.73.0 (gradient).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

... (truncated)

Commits

• 95dd243 [Release] Bump version to 1.73.0 (on v1.73.x branch) (#39787)
• 9f9728c [Release] Bump version to 1.73.0-pre2 (on v1.73.x branch) (#39721)
• 481fcfd [xDS] remove env var guards for gRFCs A81, A82, and A83 (#39711)
• 5d0f2c8 Fix Python linux distribtest for aarch64_alpine target and enable for presubm...
• ce0bd2d [Release] Bump version to 1.73.0-pre1 (on v1.73.x branch) (#39643)
• 233368b [Backport][v1.73.x][Python] Fix Python Linux distribtests copy conflicts (#39...
• f71fac7 [Release] Bump core version to 48.0.0 for upcoming release (#39611)
• c19a471 [Python] Pin Cython to 3.1.1 (#39609)
• c8a7a35 [alpn] Inject ALPN Protocols from channel args (#39541)
• a58a5ff [subchannel] stop passing watcher a ref to itself (#39372)
• Additional commits viewable in compare view

Updates grpcio-tools from 1.70.0 to 1.73.0

Release notes

Sourced from grpcio-tools's releases.

Release v1.73.0

This is release 1.73.0 (gradient) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

As of this version, gRPC on MacOS & iOS will utilize Abseil's synchronization features, aligning it with other platforms. Should you encounter any issues due to this update, you can disable it by enabling GPR_DISABLE_ABSEIL_SYNC. If you do this, please report any problems by filing a bug at https://github.com/grpc/grpc.

• [Dep] Update Protobuf to v31.0. (#39392)
• [Core] Added GPR_DISABLE_ABSEIL_SYNC. (#39562)
• [xds_override_host] pass through per-endpoint args when creating subchannels. (#39532)
• Expose GRPC_OPENSSL_CLEANUP_TIMEOUT to control shutdown grace period. (#39297)
• [URI] fix parsing of user_info in proxy settings. (#39004)
• [EventEngine] Fix busy loop in thread pool when shutting down. (#39258)
• [Dep] Added a flag to build with openssl instead of boringssl. (#39188)
• [EventEngine] Cleanup: EventEngine client, listener, and dns experiments are on by default on all platforms. (#39079)

C++

• [OpenCensus] Mark OpenCensus and dependent APIs as deprecated. (#39554)

Python

• [Python] Pin Cython to 3.1.1. (#39609)
• [Python] grpc_tools: make PythonGrpcGenerator handle dot . in proto paths the same way as native Generator/PyiGenerator. (#39586)

Ruby

• [Ruby] add remove_unused_artifacts to opt build. (#39593)

Release v1.73.0-pre2

This is a prerelease of gRPC Core 1.73.0 (gradient).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This prerelease contains refinements, improvements, and bug fixes.

Release v1.73.0-pre1

This is a prerelease of gRPC Core 1.73.0 (gradient).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

... (truncated)

Commits

• 95dd243 [Release] Bump version to 1.73.0 (on v1.73.x branch) (#39787)
• 9f9728c [Release] Bump version to 1.73.0-pre2 (on v1.73.x branch) (#39721)
• 481fcfd [xDS] remove env var guards for gRFCs A81, A82, and A83 (#39711)
• 5d0f2c8 Fix Python linux distribtest for aarch64_alpine target and enable for presubm...
• ce0bd2d [Release] Bump version to 1.73.0-pre1 (on v1.73.x branch) (#39643)
• 233368b [Backport][v1.73.x][Python] Fix Python Linux distribtests copy conflicts (#39...
• f71fac7 [Release] Bump core version to 48.0.0 for upcoming release (#39611)
• c19a471 [Python] Pin Cython to 3.1.1 (#39609)
• c8a7a35 [alpn] Inject ALPN Protocols from channel args (#39541)
• a58a5ff [subchannel] stop passing watcher a ref to itself (#39372)
• Additional commits viewable in compare view

Updates pydantic from 2.11.5 to 2.11.7

Release notes

Sourced from pydantic's releases.

v2.11.7 2025-06-14

What's Changed

Fixes

• Copy FieldInfo instance if necessary during FieldInfo build by @​Viicos in pydantic/pydantic#11980

Full Changelog: pydantic/pydantic@v2.11.6...v2.11.7

v2.11.6 2025-06-13

v2.11.6 (2025-06-13)

What's Changed

Fixes

• Rebuild dataclass fields before schema generation by @​Viicos in #11949
• Always store the original field assignment on FieldInfo by @​Viicos in #11946

Full Changelog: pydantic/pydantic@v2.11.5...v2.11.6

Changelog

Sourced from pydantic's changelog.

v2.11.7 (2025-06-14)

GitHub release

What's Changed

Fixes

• Copy FieldInfo instance if necessary during FieldInfo build by @​Viicos in #11898

v2.11.6 (2025-06-13)

GitHub release

What's Changed

Fixes

• Rebuild dataclass fields before schema generation by @​Viicos in #11949
• Always store the original field assignment on FieldInfo by @​Viicos in #11946

Commits

• 5f033e4 Prepare release v2.11.7
• c3368b8 Copy FieldInfo instance if necessary during FieldInfo build (#11980)
• 3987b23 Prepare release v2.11.6
• dc7a9d2 Always store the original field assignment on FieldInfo
• c284c27 Rebuild dataclass fields before schema generation
• See full diff in compare view

Updates prometheus-client from 0.22.0 to 0.22.1

Release notes

Sourced from prometheus-client's releases.

v0.22.1

What's Changed

• BugFix: Skip validating and parsing comment lines early (#1108) by @​wissamir in prometheus/client_python#1109
• Use License Expressions in pyproject.toml by @​csmarchbanks in prometheus/client_python#1111

Full Changelog: prometheus/client_python@v0.22.0...v0.22.1

Commits

• d24220a Release 0.22.1
• f294cbb Use License Expressions in pyproject.toml (#1111)
• 938b73e BugFix: Skip validating and parsing comment lines early (#1108) (#1109)
• See full diff in compare view

Updates kubernetes from 32.0.1 to 33.1.0

Release notes

Sourced from kubernetes's releases.

Kubernetes Python Client v33.1.0 Stable Release

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v33.1.0.zip
cd client-python-v33.1.0
python setup.py install

Then follow examples in https://github.com/kubernetes-client/python/tree/release-33.0/examples

Changelog: https://github.com/kubernetes-client/python/blob/release-33.0/CHANGELOG.md

Kubernetes Python Client v33.1.0 Beta 1 Release

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v33.1.0b1.zip
cd client-python-v33.1.0b1
python setup.py install

Then follow examples in https://github.com/kubernetes-client/python/tree/release-33.0/examples

Changelog: https://github.com/kubernetes-client/python/blob/release-33.0/CHANGELOG.md

Kubernetes Python Client v33.1.0 Alpha 1 Release

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v33.1.0a1.zip
cd client-python-v33.1.0a1
</tr></table> 

... (truncated)

Changelog

Sourced from kubernetes's changelog.

v33.1.0

Kubernetes API Version: v1.33.1

v33.1.0b1

Kubernetes API Version: v1.33.1

v33.1.0a1

Kubernetes API Version: v1.33.1

API Change

• A new alpha feature gate, MutableCSINodeAllocatableCount, has been introduced.

  When this feature gate is enabled, the CSINode.Spec.Drivers[*].Allocatable.Count field becomes mutable, and a new field, NodeAllocatableUpdatePeriodSeconds, is available in the CSIDriver object. This allows periodic updates to a node's reported allocatable volume capacity, preventing stateful pods from becoming stuck due to outdated information that kube-scheduler relies on. (kubernetes/kubernetes#130007, @​torredil) [SIG Apps, Node, Scheduling and Storage]

• Added feature gate DRAPartitionableDevices, when enabled, Dynamic Resource Allocation support partitionable devices allocation. (kubernetes/kubernetes#130764, @​cici37) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Network, Node, Scheduling, Storage and Testing]

• Added DRA support for a "one-of" prioritized list of selection criteria to satisfy a device request in a resource claim. (kubernetes/kubernetes#128586, @​mortent) [SIG API Machinery, Apps, Etcd, Node, Scheduling and Testing]

• Added a /flagz endpoint for kubelet endpoint (kubernetes/kubernetes#128857, @​zhifei92) [SIG Architecture, Instrumentation and Node]

• Added a new tolerance field to HorizontalPodAutoscaler, overriding the cluster-wide default. Enabled via the HPAConfigurableTolerance alpha feature gate. (kubernetes/kubernetes#130797, @​jm-franc) [SIG API Machinery, Apps, Autoscaling, Etcd, Node, Scheduling and Testing]

• Added support for configuring custom stop signals with a new StopSignal container lifecycle (kubernetes/kubernetes#130556, @​sreeram-venkitesh) [SIG API Machinery, Apps, Node and Testing]

• Added support for in-place vertical scaling of Pods with sidecars (containers defined within initContainers where the restartPolicy is set to Always). (kubernetes/kubernetes#128367, @​vivzbansal) [SIG API Machinery, Apps, CLI, Node, Scheduling and Testing]

• CPUManager Policy Options support is GA (kubernetes/kubernetes#130535, @​ffromani) [SIG API Machinery, Node and Testing]

• Changed the Pod API to support hugepage resources at spec level for pod-level resources. (kubernetes/kubernetes#130577, @​KevinTMtz) [SIG Apps, CLI, Node, Scheduling, Storage and Testing]

• DRA API: The maximum number of pods that can use the same ResourceClaim is now 256 instead of 32. Downgrading a cluster where this relaxed limit is in use to Kubernetes 1.32.0 is not supported, as version 1.32.0 would refuse to update ResourceClaims with more than 32 entries in the status.reservedFor field. (kubernetes/kubernetes#129543, @​pohly) [SIG API Machinery, Node and Testing]

• DRA: CEL expressions using attribute strings exceeded the cost limit because their cost estimation was incomplete. (kubernetes/kubernetes#129661, @​pohly) [SIG Node]

• DRA: Device taints enable DRA drivers or admins to mark device as unusable, which prevents allocating them. Pods may also get evicted at runtime if a device becomes unusable, depending on the severity of the taint and whether the claim tolerates the taint. (kubernetes/kubernetes#130447, @​pohly) [SIG API Machinery, Apps, Architecture, Auth, Etcd, Instrumentation, Node, Scheduling and Testing]

• DRA: Starting Kubernetes 1.33, only users with access to an admin namespace with the kubernetes.io/dra-admin-access label are authorized to create ResourceClaim or ResourceClaimTemplate objects with the adminAccess field in this admin namespace if they want to and only they can reference these ResourceClaims or ResourceClaimTemplates in their pod or deployment specs. (kubernetes/kubernetes#130225, @​ritazh) [SIG API Machinery, Apps, Auth, Node and Testing]

• DRA: when asking for "All" devices on a node, Kubernetes <= 1.32 proceeded to schedule pods onto nodes with no devices by not allocating any devices for those pods. Kubernetes 1.33 changes that to only picking nodes which have at least one device. Users who want the "proceed with scheduling also without devices" semantic can use the upcoming prioritized list feature with one sub-request for "all" devices and a second alternative with "count: 0". (kubernetes/kubernetes#129560, @​bart0sh) [SIG API Machinery and Node]

• Expanded the on-disk kubelet credential provider configuration to allow an optional tokenAttribute field to be configured. When it is set, the kubelet will provision a token with the given audience bound to the current pod and its service account. This KSA token along with required annotations on the KSA defined in configuration will be sent to the credential provider plugin via its standard input (along with the image information that is already sent today). The KSA annotations to be sent are configurable in the kubelet credential provider configuration. (kubernetes/kubernetes#128372, @​aramase) [SIG API Machinery, Auth, Node and Testing]

• Fixed the example validation rule in godoc:

  When configuring a JWT authenticator:

  If username.expression uses 'claims.email', then 'claims.email_verified' must be used in username.expression or extra[].valueExpression or claimValidationRules[].expression. An example claim validation rule expression that matches the validation automatically applied when username.claim is set to 'email' is 'claims.?email_verified.orValue(true) == true'. By explicitly comparing the value to true, we let type-checking see the result will be a boolean, and to make sure a non-boolean email_verified claim will be caught at runtime. (kubernetes/kubernetes#130875, @​aramase) [SIG Auth and Release]

• For the InPlacePodVerticalScaling feature, the API server will no longer set the resize status to Proposed upon receiving a resize request. (kubernetes/kubernetes#130574, @​natasha41575) [SIG Apps, Node and Testing]

• Graduate the MatchLabelKeys (MismatchLabelKeys) feature in PodAffinity (PodAntiAffinity) to GA (kubernetes/kubernetes#130463, @​sanposhiho) [SIG API Machinery, Apps, Node, Scheduling and Testing]

• Graduated image volume sources to beta:

  • Allowed subPath/subPathExpr for image volumes
  • Added kubelet metrics kubelet_image_volume_requested_total, kubelet_image_volume_mounted_succeed_total and kubelet_image_volume_mounted_errors_total (kubernetes/kubernetes#130135, @​saschagrunert) [SIG API Machinery, Apps, Node and Testing]

• Implemented a new status field, .status.terminatingReplicas, for Deployments and ReplicaSets to track terminating pods. The new field is present when the DeploymentPodReplacementPolicy feature gate is enabled. (kubernetes/kubernetes#128546, @​atiratree) [SIG API Machinery, Apps and Testing]

• Implemented validation for NodeSelectorRequirement values in Kubernetes when creating pods. (kubernetes/kubernetes#128212, @​AxeZhan) [SIG Apps and Scheduling]

• Improved how the API server responds to list requests where the response format negotiates to Protobuf. List responses in Protobuf are marshalled one element at the time, drastically reducing memory needed to serve large collections. Streaming list responses can be disabled via the StreamingCollectionEncodingToProtobuf feature gate. (kubernetes/kubernetes#129407, @​serathius) [SIG API Machinery, Apps, Architecture, Auth, CLI, Cloud Provider, Network, Node, Release, Scheduling, Storage and Testing]

... (truncated)

Commits

• 8f5578e Merge pull request #2412 from yliaog/automated-release-of-33.1.0-upstream-rel...
• 5a367e9 updated compatibility matrix and maintenance status
• f00d2b7 generated client change
• 9d712b4 update changelog
• 45eb341 update version constants for 33.1.0 release
• 58551e4 Merge pull request #2408 from yliaog/automated-release-of-33.1.0b1-upstream-r...
• bd6c752 updated compatibility matrix
• de8ee89 generated client change
• fec5585 update changelog
• 78aee45 update version constants for 33.1.0b1 release
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.