build(deps): bump the minor-updates group across 1 directory with 24 updates

[dependabot]

Bumps the minor-updates group with 24 updates in the / directory:

Package	From	To
boto3	1.42.85	1.43.2
strands-agents	1.35.0	1.38.0
compliance-trestle	4.0.1	4.0.2
botocore	1.42.85	1.43.2
certifi	2026.2.25	2026.4.22
click	8.3.2	8.3.3
cryptography	46.0.5	46.0.7
docstring-parser	0.17.0	0.18.0
idna	3.11	3.13
importlib-metadata	8.7.1	8.9.0
opentelemetry-api	1.40.0	1.41.1
opentelemetry-instrumentation	0.61b0	0.62b1
opentelemetry-instrumentation-threading	0.61b0	0.62b1
opentelemetry-sdk	1.40.0	1.41.1
opentelemetry-semantic-conventions	0.61b0	0.62b1
packaging	26.0	26.2
pydantic	2.12.5	2.13.3
pydantic-core	2.41.5	2.46.3
pydantic-settings	2.13.1	2.14.0
python-multipart	0.0.24	0.0.27
s3transfer	0.16.0	0.17.0
sse-starlette	3.3.4	3.4.1
uvicorn	0.44.0	0.46.0
zipp	3.23.0	3.23.1

Updates boto3 from 1.42.85 to 1.43.2

Commits

• 7dc336e Merge branch 'release-1.43.2'
• 99fd421 Bumping version to 1.43.2
• 80f4db8 Add changelog entries from botocore
• be6bdf3 Bump pytest from 8.1.1 to 9.0.3 (#4782)
• 753bcab Merge branch 'release-1.43.1'
• 09f56f4 Merge branch 'release-1.43.1' into develop
• dd5b3a6 Bumping version to 1.43.1
• 014f4ad Add changelog entries from botocore
• 32edf1c Bump requests from 2.32.4 to 2.33.1 (#4781)
• 959ae84 Merge branch 'release-1.43.0'
• Additional commits viewable in compare view

Updates strands-agents from 1.35.0 to 1.38.0

Release notes

Sourced from strands-agents's releases.

v1.38.0

What's Changed

• feat(mcp): preserve CallToolResult.isError flag in MCPToolResult by @​Zelys-DFKH in strands-agents/sdk-python#2118
• feat: add count_token method to model with naive estimation using tiktoken by @​lizradway in strands-agents/sdk-python#2031
• chore(log): added warning for default model awareness and is subject to change by @​poshinchen in strands-agents/sdk-python#2164
• fix(litellm): forward ttl field from CachePoint in _format_system_messages by @​ElliottJW in strands-agents/sdk-python#2153
• fix(skills): preserve cache points in system prompt during skills inj… by @​mattdai01 in strands-agents/sdk-python#2134
• fix(ollama): generate unique toolUseId instead of reusing tool name by @​Ratansairohith in strands-agents/sdk-python#2053
• feat(cache): add TTL support to CachePoint for prompt caching by @​kpx-dev in strands-agents/sdk-python#1660
• fix: use non-interactive flag for Nova Sonic history and system promp… by @​prettyprettyprettygood in strands-agents/sdk-python#2188
• ci: update litellm requirement from <=1.82.6,>=1.75.9 to >=1.75.9,<=1.83.13 by @​dependabot[bot] in strands-agents/sdk-python#2197
• ci: update pre-commit requirement from <4.6.0,>=3.2.0 to >=3.2.0,<4.7.0 by @​dependabot[bot] in strands-agents/sdk-python#2185
• feat: large tool result offload by @​lizradway in strands-agents/sdk-python#2162
• feat: override count_tokens with native token counting for supported providers by @​opieter-aws in strands-agents/sdk-python#2189
• fix(bedrock): upgrade default model to Claude Sonnet 4.5 by @​afarntrog in strands-agents/sdk-python#2193
• chore: update style guide for tool spec navigation by @​lizradway in strands-agents/sdk-python#2203
• feat: add ProviderTokenCountError for native token counting failures by @​opieter-aws in strands-agents/sdk-python#2211
• fix(conversation-manager): handle window_size=0 and reject negative values by @​SuperMarioYL in strands-agents/sdk-python#2208
• fix: change token counting fallback log from warning to debug by @​opieter-aws in strands-agents/sdk-python#2220
• fix: do not synthesize exception for cancelled tools by @​Gastly in strands-agents/sdk-python#2106
• feat: estimate input tokens before model calls by @​opieter-aws in strands-agents/sdk-python#2221
• feat(offloader): return explicit paths in preview and auto-enable retrieval by @​lizradway in strands-agents/sdk-python#2222
• fix: update tests to use non-EOL'd model by @​zastrowm in strands-agents/sdk-python#2226
• feat(bedrock): add strict_tools config with auto-inject of additional… by @​kaghatim in strands-agents/sdk-python#2213

New Contributors

• @​Zelys-DFKH made their first contribution in strands-agents/sdk-python#2118
• @​ElliottJW made their first contribution in strands-agents/sdk-python#2153
• @​Ratansairohith made their first contribution in strands-agents/sdk-python#2053
• @​kpx-dev made their first contribution in strands-agents/sdk-python#1660
• @​prettyprettyprettygood made their first contribution in strands-agents/sdk-python#2188
• @​SuperMarioYL made their first contribution in strands-agents/sdk-python#2208
• @​Gastly made their first contribution in strands-agents/sdk-python#2106
• @​kaghatim made their first contribution in strands-agents/sdk-python#2213

Full Changelog: strands-agents/sdk-python@v1.37.0...v1.38.0

v1.37.0

What's Changed

• fix: add fallback trim point for tool-heavy conversations in SlidingWindowConversationManager by @​lufecadu in strands-agents/sdk-python#2174
• feat: introduce checkpoint in experimental by @​JackYPCOnline in strands-agents/sdk-python#2181
• feat: add context_window_limit to model configs by @​opieter-aws in strands-agents/sdk-python#2176
• fix(mcp): skip MCPClient cleanup during interpreter finalization by @​minorun365 in strands-agents/sdk-python#2144
• fix(tests): update retired claude-3-haiku model in integration tests by @​afarntrog in strands-agents/sdk-python#2186

New Contributors

• @​lufecadu made their first contribution in strands-agents/sdk-python#2174

Full Changelog: strands-agents/sdk-python@v1.36.0...v1.37.0

... (truncated)

Commits

• 6e208a8 feat(bedrock): add strict_tools config with auto-inject of additional… (#2213)
• 771a86a fix: update tests to use non-EOL'd model (#2226)
• e88b276 feat(offloader): return explicit paths in preview and auto-enable retrieval (...
• 888c98c feat: estimate input tokens before model calls (#2221)
• e12ac9d fix: do not synthesize exception for cancelled tools (#2106)
• 52cdb9d fix: change token counting fallback log from warning to debug (#2220)
• bab08db fix(conversation-manager): handle window_size=0 and reject negative values (#...
• 009374f feat: add ProviderTokenCountError for native token counting failures (#2211)
• b340dc4 chore: update style guide for tool spec navigation (#2203)
• ce64c3a fix(bedrock): upgrade default model to Claude Sonnet 4.5 (#2193)
• Additional commits viewable in compare view

Updates compliance-trestle from 4.0.1 to 4.0.2

Release notes

Sourced from compliance-trestle's releases.

v4.0.2 (2026-04-17)

This release is published under the Apache-2.0 License.

Bug Fixes

• Align OSCAL version references and fix CONTRIBUTING.md typos (#2141, 7b614c6)

• Allow empty parameter labels in OSCAL imports (#2177, 0e354a5)

• Correct additional CONTRIBUTING.md typos (#2141, 7b614c6)

• Cryptography (#2199, cb54edf)

• Datetime.datetime.utcnow() is deprecated (#2173, 87fe40b)

• Invalid escape sequence warning while runnign tests (#2172, 0848cb4)

• Invalid escape sequence warning while running tests (#2172, 0848cb4)

• Switch from rev4 to rev5 in test files (#2116, 64639b0)

• Update to sonarqube replacement action (90e731a)

• Use timezone-aware datetimes in cache _time_since_modification (#2130, 16cde53)

• cache: Avoid duplicate file read in get_raw (#2166, 921145b)

• deps: Bump actions/cache from 5.0.3 to 5.0.4 (#2176, a9bb479)

• deps: Bump actions/create-github-app-token from 2.2.1 to 3.0.0 (#2157, 42557af)

• deps: Bump actions/create-github-app-token from 3.0.0 to 3.1.1 (#2196, f2abb5c)

• deps: Bump actions/upload-artifact from 7.0.0 to 7.0.1 (#2198, bccc714)

• deps: Bump cryptography from 46.0.5 to 46.0.6 (#2180, 4bf82c0)

• deps: Bump cryptography from 46.0.6 to 46.0.7 (#2194, 11bacba)

• deps: Bump github/codeql-action from 4.32.6 to 4.34.1 (#2175, 72b0e2d)

• deps: Bump github/codeql-action from 4.34.1 to 4.35.1 (#2183, 8c5784e)

• deps: Bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 (#2197, 66627af)

• deps: Bump sigstore/gh-action-sigstore-python from 3.2.0 to 3.3.0 (#2182, 582171f)

• deps: Bump SonarSource/sonarqube-scan-action from 7.0.0 to 7.1.0 (#2192, 49c5ef0)

... (truncated)

Changelog

Sourced from compliance-trestle's changelog.

v4.0.2 (2026-04-17)

Bug Fixes

• Align OSCAL version references and fix CONTRIBUTING.md typos (#2141, 7b614c6)

• Allow empty parameter labels in OSCAL imports (#2177, 0e354a5)

• Correct additional CONTRIBUTING.md typos (#2141, 7b614c6)

• Cryptography (#2199, cb54edf)

• Datetime.datetime.utcnow() is deprecated (#2173, 87fe40b)

• Invalid escape sequence warning while runnign tests (#2172, 0848cb4)

• Invalid escape sequence warning while running tests (#2172, 0848cb4)

• Switch from rev4 to rev5 in test files (#2116, 64639b0)

• Update to sonarqube replacement action (90e731a)

• Use timezone-aware datetimes in cache _time_since_modification (#2130, 16cde53)

• cache: Avoid duplicate file read in get_raw (#2166, 921145b)

• deps: Bump actions/cache from 5.0.3 to 5.0.4 (#2176, a9bb479)

... (truncated)

Commits

• ae54daa 4.0.2
• 7ac610f Merge pull request #2203 from oscal-compass/develop
• 64639b0 fix: switch from rev4 to rev5 in test files (#2116)
• cb54edf fix: cryptography (#2199)
• 49c5ef0 fix(deps): bump SonarSource/sonarqube-scan-action from 7.0.0 to 7.1.0 (#2192)
• f2abb5c fix(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 (#2196)
• 66627af fix(deps): bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 (#2197)
• 11bacba fix(deps): bump cryptography from 46.0.6 to 46.0.7 (#2194)
• bccc714 fix(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#2198)
• 0e354a5 fix: allow empty parameter labels in OSCAL imports (#2177)
• Additional commits viewable in compare view

Updates botocore from 1.42.85 to 1.43.2

Commits

• 6338dda Merge branch 'release-1.43.2'
• 6a8a47b Bumping version to 1.43.2
• 0f4537b Update endpoints model
• e018979 Update to latest models
• 48efef7 Bump pytest from 8.1.1 to 9.0.3 (#3696)
• 7084f04 Merge branch 'release-1.43.1'
• 1f46551 Merge branch 'release-1.43.1' into develop
• 1dd07e0 Bumping version to 1.43.1
• eebf815 Update endpoints model
• 98952d2 Update to latest models
• Additional commits viewable in compare view

Updates certifi from 2026.2.25 to 2026.4.22

Commits

• 5dddfb0 2026.04.22 (#410)
• f99eccd Bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 (#404)
• 918bed0 Bump actions/upload-artifact from 7.0.0 to 7.0.1 (#405)
• 0a49067 Bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 (#403)
• acf6ce8 Bump actions/download-artifact from 8.0.0 to 8.0.1 (#398)
• feb0ed2 Bump actions/download-artifact from 7.0.0 to 8.0.0 (#397)
• d9c11a5 Bump actions/upload-artifact from 6.0.0 to 7.0.0 (#396)
• See full diff in compare view

Updates click from 8.3.2 to 8.3.3

Release notes

Sourced from click's releases.

8.3.3

This is the Click 8.3.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.3.3/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-3 Milestone: https://github.com/pallets/click/milestone/30

• Use :func:shlex.split to split pager and editor commands into argv lists for :class:subprocess.Popen, removing shell=True. #1026 #1477 #2775
• Fix TypeError when rendering help for an option whose default value is an object that doesn't support equality comparison with strings, such as semver.Version. #3298 #3299
• Fix pager test pollution under parallel execution by using pytest's tmp_path fixture instead of a shared temporary file path. #3238
• Treat Sentinel.UNSET values in a default_map as absent, so they fall through to the next default source instead of being used as the value. #3224 #3240
• Patch pdb.Pdb in CliRunner isolation so pdb.set_trace(), breakpoint(), and debuggers subclassing pdb.Pdb (ipdb, pdbpp) can interact with the real terminal instead of the captured I/O streams. #654 #824 #843 #951 #3235
• Add optional randomized parallel test execution using pytest-randomly and pytest-xdist to detect test pollution and race conditions. #3151
• Add contributor documentation for running stress tests, randomized parallel tests, and Flask smoke tests. #3151 #3177
• Show custom show_default string in prompts, matching the existing help text behavior. #2836 #2837 #3165 #3262 #3280 #3328
• Fix default=True with boolean flag_value always returning the flag_value instead of True. The default=True to flag_value substitution now only applies to non-boolean flags, where True acts as a sentinel meaning "activate this flag by default". For boolean flags, default=True is returned as a literal value. #3111 #3239
• Mark make_default_short_help as private API. #3189 #3250
• CliRunner's redirected streams now expose the original file descriptor via fileno(), so that faulthandler, subprocess, and other C-level consumers no longer crash with io.UnsupportedOperation. #2865
• Change :class:ParameterSource to an :class:~enum.IntEnum and reorder its members from most to least explicit, so values can be compared to check whether a parameter was explicitly provided. #2879 #3248

Changelog

Sourced from click's changelog.

Version 8.3.3

Released 2026-04-20

• Use :func:shlex.split to split pager and editor commands into argv lists for :class:subprocess.Popen, removing shell=True. :issue:1026 :pr:1477 :pr:2775
• Fix TypeError when rendering help for an option whose default value is an object that doesn't support equality comparison with strings, such as semver.Version. :issue:3298 :pr:3299
• Fix pager test pollution under parallel execution by using pytest's tmp_path fixture instead of a shared temporary file path. :pr:3238
• Treat Sentinel.UNSET values in a default_map as absent, so they fall through to the next default source instead of being used as the value. :issue:3224 :pr:3240
• Patch pdb.Pdb in CliRunner isolation so pdb.set_trace(), breakpoint(), and debuggers subclassing pdb.Pdb (ipdb, pdbpp) can interact with the real terminal instead of the captured I/O streams. :issue:654 :issue:824 :issue:843 :pr:951 :pr:3235
• Add optional randomized parallel test execution using pytest-randomly and pytest-xdist to detect test pollution and race conditions. :pr:3151
• Add contributor documentation for running stress tests, randomized parallel tests, and Flask smoke tests. :pr:3151 :pr:3177
• Show custom show_default string in prompts, matching the existing help text behavior. :issue:2836 :pr:2837 :pr:3165 :pr:3262 :pr:3280 :pr:3328
• Fix default=True with boolean flag_value always returning the flag_value instead of True. The default=True to flag_value substitution now only applies to non-boolean flags, where True acts as a sentinel meaning "activate this flag by default". For boolean flags, default=True is returned as a literal value. :issue:3111 :pr:3239
• Mark make_default_short_help as private API. :issue:3189 :pr:3250
• CliRunner's redirected streams now expose the original file descriptor via fileno(), so that faulthandler, subprocess, and other C-level consumers no longer crash with io.UnsupportedOperation. :issue:2865
• Change :class:ParameterSource to an :class:~enum.IntEnum and reorder its members from most to least explicit, so values can be compared to check whether a parameter was explicitly provided. :issue:2879 :pr:3248

Commits

• c06d2d0 Release 8.3.3
• f1f191e Apply format guidelines to commits since latest 8.3.2 release (#3343)
• bb59ba0 Apply format guidelines to commits since latest 8.3.2 release
• 4a35225 Reduce blast-radius of UNSET in default_map (#3240)
• c07bb93 Merge branch 'stable' into unset-in-default-map
• c7e1ba8 Reorder ParameterSource (#3248)
• 76552ff Show default string in prompt (#3328)
• ac5cec5 Reorder ParameterSource from most to least explicit
• 8c452e0 Merge branch 'stable' into show-default-string-in-prompt
• 8c95c73 Reconcile default value passing and default activation (#3239)
• Additional commits viewable in compare view

Updates cryptography from 46.0.5 to 46.0.7

Changelog

Sourced from cryptography's changelog.

46.0.7 - 2026-04-07

* **SECURITY ISSUE**: Fixed an issue where non-contiguous buffers could be
  passed to APIs that accept Python buffers, which could lead to buffer
  overflow. **CVE-2026-39892**
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.6.
.. _v46-0-6:
46.0.6 - 2026-03-25

• SECURITY ISSUE: Fixed a bug where name constraints were not applied to peer names during verification when the leaf certificate contains a wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug, including those used by the Web PKI. Credit to Oleh Konko (1seal) for reporting the issue. CVE-2026-34073

.. _v46-0-5:

Commits

• 622d672 46.0.7 release (#14602)
• 91d7288 Cherry-pick #14542 (#14543)
• See full diff in compare view

Updates docstring-parser from 0.17.0 to 0.18.0

Changelog

Sourced from docstring-parser's changelog.

0.18 (2026-04-14)

• General: Allow parse() to work with missing __doc__ (thanks to @​jamesbraza)
• General: Officially support Python 3.14 (thanks to @​mauvilsa)
• General: Exclude docstring_parser.tests from built wheels (thanks to @​gvalkov)
• Epydoc: Add missing attribute parsing, which includes the "@​ivar", "@​cvar" and "@​var" syntax (thanks to @​Masara)
• Numpydoc: Add support for defaults in type declarations and improve compose behavior (thanks to @​jwlodek)

0.17 (2025-07-21)

• General: Replace poetry with hatchling (thanks to @​LecrisUT)
• General: Drop support for Python 3.6 and 3.7 (thanks to @​LecrisUT)
• General: Officially support Python 3.13 (thanks to @​mauvilsa)
• General: Publish packages to PyPI with digital attestations (thanks to @​mauvilsa)
• Google: Fix multi-line parameter definitions (thanks to @​coolbeevip)
• Attrdoc: Remove use of deprecated ast classes (thanks to @​fedepell)

0.16 (2024-03-15)

• Parser: add a new property, description, that combines short and long descriptions into a single string (thanks to @​pR0Ps)
• General: support Python 3.12 (thanks to @​mauvilsa)

0.15 (2022-09-05)

• Parser: add a new function, parse_from_object, that supports scattered docstrings (thanks to @​mauvilsa)

0.14.1 (2022-04-27)

• Parser: fix autodetection (regression from 0.14)

0.14 (2022-04-25)

• Numpydoc: Improved support for Example / Examples section

0.13 (2021-11-17)

• Google: Added support for Example / Examples section

0.12 (2021-10-15)

• General: Added support for lone :rtype: meta information (thanks to @​abergou)

0.11 (2021-09-30)

• General: Started tracking changes
• General: Added ability to combine function docstrings (thanks to @​abergou)
• ReST: Added support for :type: and :rtype: (thanks to @​abergou)

Commits

• 87dca55 Bump version: 0.17.0 → 0.18.0
• 059d189 Support Python 3.14 (#111)
• 9f8501f Remove docstring_parser.tests from bdist (#107)
• 352ac5a Add support for setting default value in type declaration for numpydoc, vario...
• 434078c build: fix builds
• fd6fe7b epydoc: add missing attribute parsing
• 37fac3d docs: fix missing changelog
• b4a3c48 Allowing parse to work with missing __doc__ (#103)
• See full diff in compare view

Updates idna from 3.11 to 3.13

Changelog

Sourced from idna's changelog.

3.13 (2026-04-22) +++++++++++++++++

• Correct classification error for codepoint U+A7F1

3.12 (2026-04-21) +++++++++++++++++

• Update to Unicode 17.0.0.
• Issue a deprecation warning for the transitional argument.
• Added lazy-loading to provide some performance improvements.
• Removed vestiges of code related to Python 2 support, including segmentation of data structures specific to Jython.

Thanks to Rodrigo Nogueira for contributions to this release.

Commits

• 89cdfd2 Release v3.13
• 1eb0686 Pre-release 3.13
• 5f20d1e Merge pull request #220 from kjd/unicode-next
• 4ea8425 Regenerate idnadata.py with correct NFKC_CF data
• fd47341 Use NFKC_CF from Unicode data files instead of Python's unicodedata module
• a5304a4 Merge pull request #219 from kjd/release-3.12
• d80d6f9 Release v3.12
• 1bb44dd Merge pull request #218 from kjd/release-candidate-3.12rc0
• 909c49d Release candidate for 3.12
• c5459a1 Merge pull request #217 from kjd/housekeeping-2
• Additional commits viewable in compare view

Updates importlib-metadata from 8.7.1 to 8.9.0

Changelog

Sourced from importlib-metadata's changelog.

v8.9.0

Features

• python/cpython#110937python/cpython#140141, python/cpython#143658)

v8.8.0

Features

• Removed Python 3.9 compatibility.

Commits

• 76f03df 🚡 Toil the docs.
• 613e980 Finalize
• 349957e Add news fragment.
• 8c5d91b Improve performance of name normalization (#533)
• 27169dc Move behavior description into the docstring. Remove references to intermedia...
• cbadafc Repeat the operation to get performance visibility.
• a77d0d1 Add performance test for Prepared.normalize.
• 1b0be12 Use parameterize fixture for parameterized tests.
• 1738b20 Merge branch 'backport-cpython-140141' into maint/8.x
• 164e666 Merge branch 'backport-cpython-110937' into maint/8.x
• Additional commits viewable in compare view

Updates opentelemetry-api from 1.40.0 to 1.41.1

Changelog

Sourced from opentelemetry-api's changelog.

Version 1.41.1/0.62b1 (2026-04-24)

Version 1.41.0/0.62b0 (2026-04-09)

• opentelemetry-sdk: Add host resource detector support to declarative file configuration via detection_development.detectors[].host (#5002)
• opentelemetry-sdk: Add container resource detector support to declarative file configuration via detection_development.detectors[].container, using entry point loading of the opentelemetry-resource-detector-containerid contrib package (#5004)
• opentelemetry-sdk: Add create_tracer_provider/configure_tracer_provider to declarative file configuration, enabling TracerProvider instantiation from config files without reading env vars (#4985)
• Enabled the flake8-tidy-import plugins rules for the ruff linter. These rules throw warnings for relative imports in the modules. (#5019)
• opentelemetry-sdk: Fix AttributeError in ExplicitBucketHistogramAggregation when applied to non-Histogram instruments without explicit boundaries (#5034)
• Fix BatchLogRecordProcessor default schedule_delay_millis from 5000ms to 1000ms to comply with the OTel specification. Note: logs may be exported 5x more frequently by default (e.g. for users who don't explicitly set the OTEL_BLRP_SCHEDULE_DELAY env var). (#4998)
• opentelemetry-sdk: Add process resource detector support to declarative file configuration via detection_development.detectors[].process (#5001)
• opentelemetry-sdk: Add shared _parse_headers helper for declarative config OTLP exporters (#5021)
• opentelemetry-api: Replace a broad exception in attribute cleaning tests to satisfy pylint in the lint-opentelemetry-api CI job
• opentelemetry-sdk: Add create_meter_provider/configure_meter_provider to declarative file configuration, enabling MeterProvider instantiation from config files without reading env vars (#4987)
• opentelemetry-sdk: Add create_resource and create_propagator/configure_propagator to declarative file configuration, enabling Resource and propagator instantiation from config files without reading env vars (#4979)
• opentelemetry-sdk: Map Python CRITICAL log level to OTel FATAL severity text per the specification (#4984)
• opentelemetry-sdk: Add file configuration support with YAML/JSON loading, environment variable substitution, and schema validation against the vendored OTel config JSON schema (#4898)
• Fix intermittent CI failures in getting-started and tracecontext jobs caused by GitHub git CDN SHA propagation lag by installing contrib packages from the already-checked-out local copy instead of a second git clone (#4958)
• opentelemetry-sdk: fix type annotations on MetricReader and related types (#4938)
• opentelemetry-sdk: implement log creation metric (#4935)
• opentelemetry-sdk: implement metric reader metrics (#4970)
• opentelemetry-sdk: implement processor metrics (#5012)
• opentelemetry-sdk: upgrade vendored OTel configuration schema from v1.0.0-rc.3 to v1.0.0 (#4965)
• improve check-links ci job (#4978)
• Resolve some Pyright type errors in Span/ReadableSpan and utility stubs (#4973)
• opentelemetry-exporter-prometheus: Fix metric name prefix (#4895)
• opentelemetry-api, opentelemetry-sdk: Add deepcopy support for BoundedAttributes and BoundedList (#4934)
• opentelemetry-proto-json, opentelemetry-codegen-json: Implement custom protoc plugin to generate OTLP JSON class definitions

... (truncated)

Commits

• 760e024 Prepare release 1.41.1/0.62b1 (#5138)
• 90e06bc Unreleased changelog for 1.41.1 (#5137)
• 1a178fc [release/v1.41.x-0.62bx] Prepare release 1.41.0/0.62b0 (#5064)

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.