chore(deps): uv: bump the all-python group across 1 directory with 10 updates

[dependabot]

Bumps the all-python group with 10 updates in the /agent directory:

Package	From	To
boto3	1.43.9	1.43.18
bedrock-agentcore	1.9.1	1.12.0
claude-agent-sdk	0.2.82	0.2.87
fastapi	0.136.1	0.136.3
uvicorn	0.47.0	0.48.0
aws-opentelemetry-distro	0.17.0	0.17.1
mcp	1.27.1	1.27.2
cedarpy	4.8.0	4.8.4
ruff	0.15.12	0.15.15
ty	0.0.35	0.0.40

Updates boto3 from 1.43.9 to 1.43.18

Commits

• 1751374 Merge branch 'release-1.43.18'
• 1bcb376 Bumping version to 1.43.18
• 6bb2278 Add changelog entries from botocore
• 1f595ae Add a changelog for retries update (#4791)
• 8083432 Merge branch 'release-1.43.17'
• a6311df Merge branch 'release-1.43.17' into develop
• 22c6474 Bumping version to 1.43.17
• 11f25f2 Add changelog entries from botocore
• 045d573 Update copy test (#4790)
• 6ffdfa1 Merge branch 'release-1.43.16'
• Additional commits viewable in compare view

Updates bedrock-agentcore from 1.9.1 to 1.12.0

Release notes

Sourced from bedrock-agentcore's releases.

Bedrock AgentCore SDK v1.12.0

Installation

pip install bedrock-agentcore==1.12.0

What's Changed

See CHANGELOG.md for details.

What's Changed

• feat: add async support to MemorySessionManager by @​nborges-aws in aws/bedrock-agentcore-sdk-python#478
• add metadata support for LTM by @​nborges-aws in aws/bedrock-agentcore-sdk-python#481
• fix: out-of-scope variable in catch block by @​nborges-aws in aws/bedrock-agentcore-sdk-python#497
• Release v1.12.0 by @​agentcore-devx-automation[bot] in aws/bedrock-agentcore-sdk-python#498

Full Changelog: aws/bedrock-agentcore-sdk-python@v1.11.0...v1.12.0

Bedrock AgentCore SDK v1.11.0

Installation

pip install bedrock-agentcore==1.11.0

What's Changed

See CHANGELOG.md for details.

What's Changed

• test: add OTEL span content leakage integration tests by @​jesseturner21 in aws/bedrock-agentcore-sdk-python#485
• fix: stop retrying after successful payment signing is rejected by merchant by @​rajuans in aws/bedrock-agentcore-sdk-python#492
• feat(evaluation): add DatasetClient and dataset management service provider by @​jariy17 in aws/bedrock-agentcore-sdk-python#491
• fix(payments): drop unsupported paymentConnectorId + add http_request plugin tool + EIP-3009 timing fix by @​aidandaly24 in aws/bedrock-agentcore-sdk-python#493
• Release v1.11.0 by @​agentcore-devx-automation[bot] in aws/bedrock-agentcore-sdk-python#495

New Contributors

• @​rajuans made their first contribution in aws/bedrock-agentcore-sdk-python#492

Full Changelog: aws/bedrock-agentcore-sdk-python@v1.10.0...v1.11.0

Bedrock AgentCore SDK v1.10.0

Installation

pip install bedrock-agentcore==1.10.0

What's Changed

See CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from bedrock-agentcore's changelog.

[1.12.0] - 2026-05-28

Added

• feat: add async support to MemorySessionManager (#478) (76edb16)

Fixed

• fix: out-of-scope variable in catch block (#497) (4054115)

Other Changes

• add metadata support for LTM (#481) (80c4b11)

[1.11.0] - 2026-05-22

Fixed

• fix: stop retrying after successful payment signing is rejected by merchant (#492) (0b2b34f)

Other Changes

• fix(payments): drop unsupported paymentConnectorId + add http_request plugin tool + EIP-3009 timing fix (#493) (d5428b2)
• feat(evaluation): add DatasetClient and dataset management service provider (#491) (29287c2)
• test: add OTEL span content leakage integration tests (#485) (c311682)

[1.10.0] - 2026-05-19

Added

• feat: expandi custom request header forwarding to match runtime allowlist (#483) (5fde434)

Other Changes

• chore: replace all github.token/GITHUB_TOKEN with GitHub App token (#475) (b64a0d9)

Commits

• 7d6d4f4 Release v1.12.0 (#498)
• 4054115 fix: out-of-scope variable in catch block (#497)
• 80c4b11 add metadata support for LTM (#481)
• 76edb16 feat: add async support to MemorySessionManager (#478)
• 1042d58 chore: bump version to 1.11.0 (#495)
• d5428b2 fix(payments): drop unsupported paymentConnectorId + add http_request plugin ...
• 29287c2 feat(evaluation): add DatasetClient and dataset management service provider (...
• 0b2b34f fix: stop retrying after successful payment signing is rejected by merchant (...
• c311682 test: add OTEL span content leakage integration tests (#485)
• 76c8d89 chore: bump version to 1.10.0 (#486)
• Additional commits viewable in compare view

Updates claude-agent-sdk from 0.2.82 to 0.2.87

Release notes

Sourced from claude-agent-sdk's releases.

v0.2.87

Internal/Other Changes

• Updated bundled Claude CLI to version 2.1.150
• Switched CI workflows from static API key to Workload Identity Federation for Claude authentication, using short-lived tokens instead of long-lived secrets (#984)

---

PyPI: https://pypi.org/project/claude-agent-sdk/0.2.87/

pip install claude-agent-sdk==0.2.87

v0.2.86

Internal/Other Changes

• Updated bundled Claude CLI to version 2.1.149

---

PyPI: https://pypi.org/project/claude-agent-sdk/0.2.86/

pip install claude-agent-sdk==0.2.86

v0.2.85

Internal/Other Changes

• Updated bundled Claude CLI to version 2.1.148

---

PyPI: https://pypi.org/project/claude-agent-sdk/0.2.85/

pip install claude-agent-sdk==0.2.85

v0.2.84

Internal/Other Changes

... (truncated)

Changelog

Sourced from claude-agent-sdk's changelog.

0.2.87

Internal/Other Changes

• Updated bundled Claude CLI to version 2.1.150
• Switched CI workflows from static API key to Workload Identity Federation for Claude authentication, using short-lived tokens instead of long-lived secrets (#984)

0.2.86

Internal/Other Changes

• Updated bundled Claude CLI to version 2.1.149

0.2.85

Internal/Other Changes

• Updated bundled Claude CLI to version 2.1.148

0.2.84

Internal/Other Changes

• Updated bundled Claude CLI to version 2.1.147

0.2.83

Internal/Other Changes

• Updated bundled Claude CLI to version 2.1.146

Commits

• 9970096 docs: update changelog for v0.2.87
• 2237c9e chore: release v0.2.87
• a6146c2 chore: bump bundled CLI version to 2.1.150
• 3471a9f Use workload identity federation for Claude auth in CI workflows (#984)
• 095a8b3 docs: update changelog for v0.2.86
• dd06657 chore: release v0.2.86
• 1113acf chore: bump bundled CLI version to 2.1.149
• 2a3720d docs: update changelog for v0.2.85
• eee6bf4 chore: release v0.2.85
• 0bc333f chore: bump bundled CLI version to 2.1.148
• Additional commits viewable in compare view

Updates fastapi from 0.136.1 to 0.136.3

Release notes

Sourced from fastapi's releases.

0.136.3

Refactors

• ♻️ Do not accept underscore headers when using convert_underscores=True (the default). PR #15589 by @​tiangolo.

0.136.2

Refactors

• ♻️ Validate Server Sent Event fields to avoid applications from sending broken data. PR #15588 by @​tiangolo.

Docs

• 📝 Document --entrypoint CLI option. PR #15464 by @​YuriiMotov.
• 📝 Update and simplify docs about help and management. PR #15583 by @​tiangolo.
• 📝 Add docs references to central contributing docs. PR #15580 by @​tiangolo.
• 📝 Update security policy. PR #15577 by @​tiangolo.
• 🍱 Update sponsors: TalorData image. PR #15562 by @​tiangolo.
• 📝 Update docs, simplify usage of admonitions, only default ones. PR #15553 by @​tiangolo.
• 📝 Fix image URLs in index.md. PR #15534 by @​YuriiMotov.
• ✏️ Fix Azkaban spelling typo in virtual-environments.md‎. PR #15463 by @​isaacbernat.
• 💄 Improve layout and styling. PR #15462 by @​alejsdev.
• 💄 Refactor opinions section with interactive tabs and new logos. PR #15458 by @​alejsdev.
• 📝 Add FastAPI Conf '26 announcement to docs. PR #15457 by @​alejsdev.

Translations

• 🌐 Improve translation consistency in ‎docs/pt/docs/advanced/generate-clients.md‎. PR #15456 by @​Will-thom.
• 🌐 Update translations for ja (update-outdated). PR #15530 by @​tiangolo.
• 🌐 Update translations for uk (update-outdated). PR #15529 by @​tiangolo.
• 🌐 Update translations for pt (update-outdated). PR #15528 by @​tiangolo.
• 🌐 Update translations for de (update-outdated). PR #15527 by @​tiangolo.
• 🌐 Update translations for tr (update-outdated). PR #15526 by @​tiangolo.
• 🌐 Update translations for ko (update-outdated). PR #15525 by @​tiangolo.
• 🌐 Update translations for zh-hant (update-outdated). PR #15524 by @​tiangolo.
• 🌐 Update translations for fr (update-outdated). PR #15522 by @​tiangolo.
• 🌐 Update translations for es (update-outdated). PR #15523 by @​tiangolo.
• 🌐 Update translations for zh (update-outdated). PR #15520 by @​tiangolo.
• 🌐 Update translations for ru (update-outdated). PR #15521 by @​tiangolo.
• 🌐 Fix typos in Spanish LLM-prompt. PR #15472 by @​crr004.

Internal

• ✅ Update tests, don't double dispose the engine. PR #15587 by @​tiangolo.
• ⚡️ Speed up test suite via caching and fixture scopes to make it ~24% faster. PR #13583 by @​dikos1337.
• 🔥 Remove config files now in central GitHub repo. PR #15585 by @​tiangolo.
• ⬆ Bump urllib3 from 2.6.3 to 2.7.0. PR #15502 by @​dependabot[bot].
• ⬆ Bump idna from 3.11 to 3.15. PR #15565 by @​dependabot[bot].
• ⬆ Bump cloudflare/wrangler-action from 3.15.0 to 4.0.0. PR #15571 by @​dependabot[bot].
• 🔧 Migrate docs from MkDocs to Zensical. PR #15563 by @​tiangolo.
• 🔒️ Only allow team members to modify dependencies. PR #15548 by @​svlandeg.

... (truncated)

Commits

• 8206485 🔖 Release version 0.136.3
• c910e01 📝 Update release notes
• 063b5bf ♻️ Do not accept underscore headers when using convert_underscores=True (th...
• 22b02e2 🔖 Release version 0.136.2
• 3b252a2 📝 Update release notes
• c7fb785 ♻️ Validate Server Sent Event fields to avoid applications from sending broke...
• cb83b83 📝 Update release notes
• 00f805c ✅ Update tests, don't double dispose the engine (#15587)
• 3675137 📝 Update release notes
• 7b57e42 📝 Document --entrypoint CLI option (#15464)
• Additional commits viewable in compare view

Updates uvicorn from 0.47.0 to 0.48.0

Release notes

Sourced from uvicorn's releases.

Version 0.48.0

What's Changed

• Default ssl_ciphers to None and use OpenSSL defaults by @​Kludex in Kludex/uvicorn#2940
• Ignore duplicate forwarding headers in ProxyHeadersMiddleware by @​Kludex in Kludex/uvicorn#2944

Full Changelog: Kludex/uvicorn@0.47.0...0.48.0

Changelog

Sourced from uvicorn's changelog.

0.48.0 (May 24, 2026)

Changed

• Default ssl_ciphers to None and use OpenSSL defaults (#2940)

Fixed

• Ignore duplicate forwarding headers in ProxyHeadersMiddleware (#2944)

Commits

• 73e84e5 Version 0.48.0 (#2951)
• 45ea116 Ignore duplicate forwarding headers in ProxyHeadersMiddleware (#2944)
• dd4394c chore(deps): bump idna from 3.11 to 3.15 (#2941)
• abe0781 Default ssl_ciphers to None and use OpenSSL defaults (#2940)
• See full diff in compare view

Updates aws-opentelemetry-distro from 0.17.0 to 0.17.1

Release notes

Sourced from aws-opentelemetry-distro's releases.

Release v0.17.1

What's Changed

• feat(agent-observability): add AWS_GENAI_CONTENT_EXTRACTION_OPT_OUT env var to allow disabling LLO content extraction from spans (#741)
• fix(mcp-instrumentation): suppress MCP /ping spans when agent observability is enabled (#748)
• fix: pin urllib3 to 2.7.0 to fix CVE-2026-44431 and CVE-2026-44432 (#753)

Upstream Components

• opentelemetry-api - 1.40.0
• opentelemetry-sdk - 1.40.0
• opentelemetry-exporter-otlp-proto-grpc - 1.40.0
• opentelemetry-exporter-otlp-proto-http - 1.40.0
• opentelemetry-propagator-b3 - 1.40.0
• opentelemetry-propagator-jaeger - 1.40.0
• opentelemetry-exporter-otlp-proto-common - 1.40.0
• opentelemetry-sdk-extension-aws - 2.1.0
• opentelemetry-propagator-aws-xray - 1.0.2
• opentelemetry-distro - 0.61b0
• opentelemetry-processor-baggage - 0.61b0
• opentelemetry-propagator-ot-trace - 0.61b0
• opentelemetry-instrumentation - 0.61b0
• opentelemetry-instrumentation-aws-lambda - 0.61b0
• opentelemetry-instrumentation-aio-pika - 0.61b0
• opentelemetry-instrumentation-aiohttp-client - 0.61b0
• opentelemetry-instrumentation-aiokafka - 0.61b0
• opentelemetry-instrumentation-aiopg - 0.61b0
• opentelemetry-instrumentation-asgi - 0.61b0
• opentelemetry-instrumentation-asyncpg - 0.61b0
• opentelemetry-instrumentation-boto - 0.61b0
• opentelemetry-instrumentation-boto3sqs - 0.61b0
• opentelemetry-instrumentation-botocore - 0.61b0
• opentelemetry-instrumentation-celery - 0.61b0
• opentelemetry-instrumentation-confluent-kafka - 0.61b0
• opentelemetry-instrumentation-dbapi - 0.61b0
• opentelemetry-instrumentation-django - 0.61b0
• opentelemetry-instrumentation-elasticsearch - 0.61b0
• opentelemetry-instrumentation-falcon - 0.61b0
• opentelemetry-instrumentation-fastapi - 0.61b0
• opentelemetry-instrumentation-flask - 0.61b0
• opentelemetry-instrumentation-grpc - 0.61b0
• opentelemetry-instrumentation-httpx - 0.61b0
• opentelemetry-instrumentation-jinja2 - 0.61b0
• opentelemetry-instrumentation-kafka-python - 0.61b0
• opentelemetry-instrumentation-logging - 0.61b0
• opentelemetry-instrumentation-mysql - 0.61b0
• opentelemetry-instrumentation-mysqlclient - 0.61b0
• opentelemetry-instrumentation-pika - 0.61b0
• opentelemetry-instrumentation-psycopg2 - 0.61b0
• opentelemetry-instrumentation-pymemcache - 0.61b0
• opentelemetry-instrumentation-pymongo - 0.61b0

... (truncated)

Changelog

Sourced from aws-opentelemetry-distro's changelog.

v0.17.1 - 2026-05-22

• feat(agent-observability): add AWS_GENAI_CONTENT_EXTRACTION_OPT_OUT env var to allow disabling LLO content extraction from spans (#741)
• fix(mcp-instrumentation): suppress MCP /ping spans when agent observability is enabled (#748)
• fix: pin urllib3 to 2.7.0 to fix CVE-2026-44431 and CVE-2026-44432 (#753)

Commits

• 2b12d7e Reapply "Rerun lambda layer release (#717)" (#737) (#757)
• 7cae68b chore: remove Python 3.9 EKS E2E test (#756)
• 967cc6b Pre-release: Update version to 0.17.1 (#755)
• 4d0faad fix: pin urllib3 to 2.7.0 to fix CVE-2026-44431 and CVE-2026-44432 (#753)
• 7bf2836 feat: agentcore feature patches (#751)
• b8917a4 Revert "Rerun lambda layer release (#717)" (#737)
• See full diff in compare view

Updates mcp from 1.27.1 to 1.27.2

Release notes

Sourced from mcp's releases.

v1.27.2

What's Changed

• [v1.x] ci: deploy docs to py.sdk.modelcontextprotocol.io via Pages artifact by @​maxisbey in modelcontextprotocol/python-sdk#2635
• [v1.x] Add subject and claims to AccessToken by @​maxisbey in modelcontextprotocol/python-sdk#2690
• [v1.x] Bind transport sessions to the authenticated principal by @​maxisbey in modelcontextprotocol/python-sdk#2719
• [v1.x] Scope experimental tasks to the session that created them by @​maxisbey in modelcontextprotocol/python-sdk#2720

Full Changelog: modelcontextprotocol/python-sdk@v1.27.1...v1.27.2

Commits

• 6213787 [v1.x] Scope experimental tasks to the session that created them (#2720)
• ce267b6 [v1.x] Bind transport sessions to the authenticated principal (#2719)
• 1abcca2 [v1.x] Add subject and claims to AccessToken (#2690)
• 9773a3f [v1.x] ci: deploy docs to py.sdk.modelcontextprotocol.io via Pages artifact (...
• See full diff in compare view

Updates cedarpy from 4.8.0 to 4.8.4

Release notes

Sourced from cedarpy's releases.

cedarpy v4.8.4

First release including partial-evaluation support and the median-of-N benchmark gate. Cedar Policy engine version is unchanged (still v4.8.2).

Added

• Adds is_authorized_partial(request, policies, entities, schema=None) for Cedar's partial-evaluation authorizer. Request fields that are None or absent are treated as unknowns. The authorizer returns Decision.Allow or Decision.Deny when the unknowns can't change the outcome, and Decision.NoDecision plus residual policies (as Cedar JSON) otherwise; callers re-evaluate the residuals once the unknowns are bound. PartialAuthzResult uses the same decision / correlation_id / diagnostics / metrics structure as AuthzResult, with may_be_determining, must_be_determining, nontrivial_residuals, and unknown_entities added to diagnostics. Unlike is_authorized, an absent or None context is treated as unknown rather than empty. Pass context={} for an explicitly empty context. Note: A partial-eval result is not a final authorization decision. Re-run is_authorized once unknowns are bound; schema type-checking (including action-typed context shapes) is skipped while fields remain unknown. Enables the partial-eval Cargo feature on cedar-policy (#28) — Thanks @​swenger!

Changed

• make benchmark-compare now runs N=5 release-mode benchmarks at HEAD and gates on median Δ vs tests/benchmark/results/baseline.json, replacing the prior single pytest-benchmark run with --benchmark-compare-fail=median:5%,mean:15%. The mean threshold has been dropped — a single tail outlier could trip a passing run, and the N=5 median is the stable signal. Per-run JSONs land in tests/benchmark/results/current/ (gitignored). Override the run count via BENCHMARK_RUNS=N (#69)

Full Changelog: k9securityio/cedar-py@v4.8.3...v4.8.4

cedarpy v4.8.3

Patch release fixing a behavior regression introduced in 4.8.2. Cedar Policy engine version is unchanged at v4.8.2.

If you upgraded to 4.8.2 and noticed that AuthzResult.diagnostics.reasons started reporting your @id("...") annotation value instead of the parser-generated policyN id — and you depended on the parser id (policyN) for downstream lookups — 4.8.3 restores reasons to the original behavior while keeping the labeling ergonomics in a parallel map.

Changed

• Behavior change (partial revert of 4.8.2). AuthzResult.diagnostics.reasons and ValidationError.policy_id once again surface the parser-generated PolicyId (e.g., policy0), restoring the 4.8.1 contract that was relied on for multi-tenant disambiguation. The @id("...") annotation value is now exposed in a parallel map keyed by the parser id: Diagnostics.id_annotations_by_reason and ValidationResult.id_annotations_by_policy_id. Entries are present whenever the policy declares an @id annotation, with the literal annotation value as the map value. So @id("foo") contributes "foo", and @id("") / bare @id (which the Cedar docs define as equivalent to @id("")) contributes "". Policies with no @id annotation are omitted from the map. This keeps the 4.8.2 ergonomics gain (recover the @id label without rebuilding the policy set) while preventing identity collapse/collision when two policies share the same @id (#77, #78)

Lookup pattern

result = is_authorized(request, policies, entities)
for pid in result.diagnostics.reasons:                       # ["policy0", "policy1", ...]
    label = result.diagnostics.id_annotations_by_reason.get(pid)
    if label:
        print(f"  matched: {pid} ({label})")
    else:
        print(f"  matched: {pid}")

The same pattern applies to ValidationResult.errors[*].policy_id and ValidationResult.id_annotations_by_policy_id.

Thanks

Thanks to @​aashitk for the high-quality bug report in #77, and to @​Iamrodos for joining the design discussion.

---

Full Changelog: k9securityio/cedar-py@v4.8.2...v4.8.3

cedarpy v4.8.2

v4.8.2 ships three improvements:

• Correctness: invalid schemas now surface as Decision.NoDecision (or validation_passed=False) with a diagnostic, instead of being silently discarded while is_authorized returned a real Allow/Deny based on no schema (#65 - thanks @​rupivbluegreen!).
• Ergonomics: @id("...") annotations on a policy now surface as the human-readable id in AuthzResult.diagnostics.reasons and ValidationError.policy_id, making diagnostics easier to read in logs and tooling (#74, #75 - thanks @​rupivbluegreen for the original feature proposal and work in #66 that started us down this path!).
• Release process robustness:

... (truncated)

Changelog

Sourced from cedarpy's changelog.

[4.8.4] - 2026-05-29

Added

• Adds is_authorized_partial(request, policies, entities, schema=None) for Cedar's partial-evaluation authorizer. Request fields that are None or absent are treated as unknowns. The authorizer returns Decision.Allow or Decision.Deny when the unknowns can't change the outcome, and Decision.NoDecision plus residual policies (as Cedar JSON) otherwise; callers re-evaluate the residuals once the unknowns are bound. PartialAuthzResult uses the same decision / correlation_id / diagnostics / metrics structure as AuthzResult, with may_be_determining, must_be_determining, nontrivial_residuals, and unknown_entities added to diagnostics. Unlike is_authorized, an absent or None context is treated as unknown rather than empty. Pass context={} for an explicitly empty context. Note: A partial-eval result is not a final authorization decision. Re-run is_authorized once unknowns are bound; schema type-checking (including action-typed context shapes) is skipped while fields remain unknown. Enables the partial-eval Cargo feature on cedar-policy (#28) — Thanks @​swenger!

Changed

• make benchmark-compare now runs N=5 release-mode benchmarks at HEAD and gates on median Δ vs tests/benchmark/results/baseline.json, replacing the prior single pytest-benchmark run with --benchmark-compare-fail=median:5%,mean:15%. The mean threshold has been dropped — a single tail outlier could trip a passing run, and the N=5 median is the stable signal. Per-run JSONs land in tests/benchmark/results/current/ (gitignored). Override the run count via BENCHMARK_RUNS=N (#69)

[4.8.3] - 2026-05-13

Changed

• Behavior change (partial revert of 4.8.2). AuthzResult.diagnostics.reasons and ValidationError.policy_id once again surface the parser-generated PolicyId (e.g., policy0), restoring the 4.8.1 contract that was relied on for multi-tenant disambiguation. The @id("...") annotation value is now exposed in a parallel map keyed by the parser id: Diagnostics.id_annotations_by_reason and ValidationResult.id_annotations_by_policy_id. Entries are present whenever the policy declares an @id annotation, with the literal annotation value as the map value — so @id("foo") contributes "foo", and @id("") / bare @id (which the Cedar docs define as equivalent to @id("")) contributes "". Policies with no @id annotation are omitted from the map. This keeps the 4.8.2 ergonomics gain (recover the @id label without rebuilding the policy set) while preventing identity collapse when two policies share the same @id (#77)

[4.8.2] - 2026-05-12

Added

• Behavior change. @id("...") annotations on a policy now surface as the human-readable id in AuthzResult.diagnostics.reasons and ValidationError.policy_id, instead of the auto-generated policy0/policy1/... id. Annotations are inert in Cedar evaluation per the Cedar docs; this is a labeling step on the response surface, not a rename of the underlying PolicyId. An @id with an empty value — either @id("") or value-less @id (which per the Cedar docs is equivalent to @id("")) — falls back to the parser-generated id, since an empty display id is unhelpful for logs and lookups (#29, #74, #75)

Changed

• Behavior change. is_authorized / is_authorized_batch now return Decision.NoDecision with a diagnostic when given an invalid schema, instead of silently discarding the schema and returning a real Allow / Deny. The same path applies in validate_policies (#65)

Fixed

• make release now builds and tests a release-mode wheel. The target previously ran maturin build (which defaults to the dev/debug profile) and then ran pytest against whatever cedarpy was currently installed in the venv — neither half tested the wheel that would ship. PyPI artifacts were unaffected (CI already passed --release); this fixes locally-built wheels.

[4.8.1] - 2026-04-22

Dependency update release. No functional or API changes — Cedar Policy engine version is unchanged (still v4.8.2).

Security

• Bump pytest 7.4.0 → 9.0.3 — CVE-2025-71176 (#41)
• Bump wheel 0.40.0 → 0.47.0 — CVE-2026-24049 (#41)
• Bump time 0.3.37 → 0.3.47 — CVE-2026-25727 (#42)
• Bump keccak 0.1.5 → 0.1.6 — GHSA-3288-p39f-rqpv (#42)

Changed

• Removed the stale rustix = "~0.37.25" pin; rustix is now governed by the transitive dep graph (#43)

Build & supply chain

• Switched PyPI publishing from a long-lived API token to PyPI Trusted Publishing (OIDC), with a protected pypi-release deployment environment requiring maintainer approval. All wheels and the sdist for this release ship with SLSA build-provenance attestations (#59)
• Added a Dependabot cooldown policy (7 days for minor/patch bumps, 14 for majors) to reduce exposure to newly-published compromised releases (#44, #45)
• Disabled Dependabot version-update PRs; security-update PRs remain active (#60)

Commits

• 2e26ae2 Merge pull request #88 from k9securityio/release/4.8.4
• 5a60b81 release: bump version to 4.8.4
• ce8582e Merge pull request #86 from k9securityio/docs/partial-eval-readme
• 470e034 docs credit @​swenger in changelog for is_authorized_partial
• 0740ea8 docs(readme): rewrite partial-eval example for copy-pasteability
• ae442c0 docs: adjust partial eval section of README.md
• 943213f docs(claude): capture partial-eval lessons and refresh follow-on work
• b822544 docs(readme): add 'Partially authorizing a request with unknowns' section
• 49beb5e Merge pull request #82 from swenger/swenger-partial
• 6b35733 test: rename schema known-action test to mirror its unknown-action sibling
• Additional commits viewable in compare view

Updates ruff from 0.15.12 to 0.15.15

Release notes

Sourced from ruff's releases.

0.15.15

Release Notes

Released on 2026-05-28.

Preview features

• Fix Markdown closing fence handling (#25310)
• [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

• [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

• Avoid redundant TokenValue drops in the lexer (#25300)
• Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
• Use ThinVec in AST to shrink Stmt (#25361)

Documentation

• Fix line-length example for --config option (#25389)
• [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
• [mccabe] Improve example (C901) (#25287)
• [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
• [refurb] Document FURB192 exception change for empty sequences (#25317)
• [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

• Fix formatting of lambdas nested within f-strings (#25398)

Server

• Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

• Expand semantic syntax errors for invalid walruses (#25415)

Contributors

• @​chirizxc
• @​ntBre
• @​adityasingh2400
• @​charliermarsh
• @​fallintoplace
• @​martin-schlossarek
• @​MichaReiser

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.15

Released on 2026-05-28.

Preview features

• Fix Markdown closing fence handling (#25310)
• [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

• [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

• Avoid redundant TokenValue drops in the lexer (#25300)
• Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
• Use ThinVec in AST to shrink Stmt (#25361)

Documentation

• Fix line-length example for --config option (#25389)
• [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
• [mccabe] Improve example (C901) (#25287)
• [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
• [refurb] Document FURB192 exception change for empty sequences (#25317)
• [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

• Fix formatting of lambdas nested within f-strings (#25398)

Server

• Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

• Expand semantic syntax errors for invalid walruses (#25415)

Contributors

• @​chirizxc
• @​ntBre
• @​adityasingh2400
• @​charliermarsh
• @​fallintoplace
• @​martin-schlossarek
• @​MichaReiser
• @​Ruchir28

... (truncated)

Commits

• db5aa0a Bump 0.15.15 (#25431)
• 366fe21 [ty] Improve diagnostics for syntax errors in forward annotations (#25158)
• e2e1e64 [ty] Remove excess capacity from more Salsa cached collections (#25411)
• 1bd77e1 [ty] Use diagnostic message as tie breaker when sorting (