Bump the pip-deps group across 1 directory with 9 updates

[dependabot]

Bumps the pip-deps group with 9 updates in the / directory:

Package	From	To
requests	2.32.4	2.32.5
ruamel-yaml	0.18.14	0.18.15
pymongo	4.14.0	4.14.1
cryptography	45.0.6	45.0.7
wrapt	1.17.2	1.17.3
botocore	1.40.7	1.40.21
boto3	1.40.7	1.40.21
types-pyyaml	6.0.12.20250809	6.0.12.20250822
types-python-dateutil	2.9.0.20250809	2.9.0.20250822

Updates requests from 2.32.4 to 2.32.5

Release notes

Sourced from requests's releases.

v2.32.5

2.32.5 (2025-08-18)

Bugfixes

• The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

• Added support for Python 3.14.
• Dropped support for Python 3.8 following its end of support.

Changelog

Sourced from requests's changelog.

2.32.5 (2025-08-18)

Bugfixes

• The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

• Added support for Python 3.14.
• Dropped support for Python 3.8 following its end of support.

Commits

• b25c87d v2.32.5
• 131e506 Merge pull request #7010 from psf/dependabot/github_actions/actions/checkout-...
• b336cb2 Bump actions/checkout from 4.2.0 to 5.0.0
• 46e939b Update publish workflow to use artifact-id instead of name
• 4b9c546 Merge pull request #6999 from psf/dependabot/github_actions/step-security/har...
• 7618dbe Bump step-security/harden-runner from 2.12.0 to 2.13.0
• 2edca11 Add support for Python 3.14 and drop support for Python 3.8 (#6993)
• fec96cd Update Makefile rules (#6996)
• d58d8aa docs: clarify timeout parameter uses seconds in Session.request (#6994)
• 91a3eab Bump github/codeql-action from 3.28.5 to 3.29.0
• Additional commits viewable in compare view

Updates ruamel-yaml from 0.18.14 to 0.18.15

Updates pymongo from 4.14.0 to 4.14.1

Release notes

Sourced from pymongo's releases.

PyMongo 4.14.1

Community notes: https://www.mongodb.com/community/forums/t/pymongo-4-14-1-released/327511

Changelog

Sourced from pymongo's changelog.

Changes in Version 4.14.1 (2025/08/19)

Version 4.14.1 is a bug fix release.

• Fixed a bug in MongoClient.append_metadata() and AsyncMongoClient.append_metadata() that allowed duplicate DriverInfo.name to be appended to the metadata.

Issues Resolved ...............

See the PyMongo 4.14.1 release notes in JIRA_ for the list of resolved issues in this release.

.. _PyMongo 4.14.1 release notes in JIRA: https://jira.mongodb.org/secure/ReleaseNote.jspa?projectId=10004&version=45256

Commits

• 0d2a4b4 Prep for 4.14.1 release (#2495)
• 550d234 PYTHON-5503 Use uv to install just in GitHub Actions (#2490) [v4.14] (#2493)
• d98049c PYTHON-5502 [v4.14] Fix handling of c extensions in Azure and GCP VMs (#2487)
• f66ec0f PYTHON-5492 Fix handling of MaxTimeMS message (#2484) [v4.14] (#2485)
• 6611bec PYTHON-5493 [v4.14] Add a patch for the log order difference (#2482)
• 7692bd6 PYTHON-5488 append_metadata should not add duplicates (#2461) [v4.14] (#2483)
• aa0b920 PYTHON-5492 Fix handling of MaxTimeMSExpired responses (#2477) [v4.14] (#2479)
• 1c48016 PYTHON-5349 Use drivers-evergreen-tools to start servers in GitHub Actions (#...
• 7055ad1 PYTHON-5492 Mark test as flaky (#2472) [v4.14] (#2475)
• e80f4f4 PYTHON-5491 Skip non-idempotent dropIndex tests (#2467) [v4.14] (#2468)
• Additional commits viewable in compare view

Updates cryptography from 45.0.6 to 45.0.7

Changelog

Sourced from cryptography's changelog.

45.0.7 - 2025-09-01

* Added a function to support an upcoming ``pyOpenSSL`` release.
.. _v45-0-6:

Commits

• f52a3e1 prep for a 45.0.7 release (#13378)
• See full diff in compare view

Updates wrapt from 1.17.2 to 1.17.3

Release notes

Sourced from wrapt's releases.

wrapt-1.17.3

See the project page on the Python Package Index at https://pypi.org/project/wrapt/1.17.3/ for more information.

Changelog

Sourced from wrapt's changelog.

Version 1.17.3

Bugs Fixed

• Reference count was not being incremented on type object for C implementation of the partial callable object proxy when module was initialized. If wrapt was being used in Python sub interpreters which were deleted it could lead to the process crashing.

Commits

• 99130c0 Build for Windows 11 ARM.
• 26f5344 Build for Python 3.14.
• 43dbbe0 Modify artifact upload pattern.
• e90bd88 Update cibuildwheel version.
• 58efb76 Update to ubuntu-latest.
• 800a204 Increment release version.
• 33b8840 Update obsolete GitHub action.
• 1c755a1 Rename GitHub workflow file so can build package.
• ff4981b Fix crash due to lack of reference count.
• ecbaaa1 Revert "Remove the dependency on pkg_resources and hence setuptools on py...
• Additional commits viewable in compare view

Updates botocore from 1.40.7 to 1.40.21

Commits

• 0195f4a Merge branch 'release-1.40.21'
• 8cdce9d Bumping version to 1.40.21
• f425012 Update partitions file
• 19ee31b Update endpoints model
• 195503f Update to latest models
• c870f2c Merge branch 'release-1.40.20'
• 56c7144 Merge branch 'release-1.40.20' into develop
• 8e0061b Bumping version to 1.40.20
• e1cad9d Update partitions file
• c196d5f Update to latest models
• Additional commits viewable in compare view

Updates boto3 from 1.40.7 to 1.40.21

Commits

• 8f8cca7 Merge branch 'release-1.40.21'
• f52857a Bumping version to 1.40.21
• 2929a26 Add changelog entries from botocore
• 3e12c82 Merge branch 'release-1.40.20'
• 95ccc42 Merge branch 'release-1.40.20' into develop
• 8b5d5ce Bumping version to 1.40.20
• 5be943b Add changelog entries from botocore
• 2438288 Merge branch 'release-1.40.19'
• 7630391 Merge branch 'release-1.40.19' into develop
• 29c8360 Bumping version to 1.40.19
• Additional commits viewable in compare view

Updates types-pyyaml from 6.0.12.20250809 to 6.0.12.20250822

Commits

• See full diff in compare view

Updates types-python-dateutil from 2.9.0.20250809 to 2.9.0.20250822

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

⚠️ (this preview might not be accurate if the PR is not rebased on current master branch)

MCK 1.3.0 Release Notes

New Features

Multi-Architecture Support

We've added comprehensive multi-architecture support for the kubernetes operator. This enhancement enables deployment on IBM Power (ppc64le) and IBM Z (s390x) architectures alongside
existing x86_64 support. Core images (operator, agent, init containers, database, readiness probe) now support multiple architectures. We do not add support IBM and ARM support for Ops-Manager and the init-ops-manager image.

• MongoDB Agent images have been migrated to new container repository: quay.io/mongodb/mongodb-agent.
  • the agents in the new repository will support the x86-64, ARM64, s390x, and ppc64le architectures. More can be read in the public docs.
  • operator running >=MCK1.3.0 and static cannot use the agent images from the old container repository quay.io/mongodb/mongodb-agent-ubi.
• quay.io/mongodb/mongodb-agent-ubi should not be used anymore, it's only there for backwards compatibility.

Bug Fixes

• This change fixes the current complex and difficult-to-maintain architecture for stateful set containers, which relies on an "agent matrix" to map operator and agent versions which led to a sheer amount of images.
• We solve this by shifting to a 3-container setup. This new design eliminates the need for the operator-version/agent-version matrix by adding one additional container containing all required binaries. This architecture maps to what we already do with the mongodb-database container.
• Fixed an issue where the readiness probe reported the node as ready even when its authentication mechanism was not in sync with the other nodes, potentially causing premature restarts.
• Fixed an issue where the MongoDB Agents did not adhere to the NO_PROXY environment variable configured on the operator.

Other Changes

• Optional permissions for PersistentVolumeClaim moved to a separate role. When managing the operator with Helm it is possible to disable permissions for PersistentVolumeClaim resources by setting operator.enablePVCResize value to false (true by default). When enabled, previously these permissions were part of the primary operator role. With this change, permissions have a separate role.
• subresourceEnabled Helm value was removed. This setting used to be true by default and made it possible to exclude subresource permissions from the operator role by specifying false as the value. We are removing this configuration option, making the operator roles always have subresource permissions. This setting was introduced as a temporary solution for this OpenShift issue. The issue has since been resolved and the setting is no longer needed.
• We have deliberately not published the container images for OpsManager versions 7.0.16, 8.0.8, 8.0.9 and 8.0.10 due to a bug in the OpsManager which prevents MCK customers to upgrade their OpsManager deployments to those versions.