Bump fastapi from 0.104.1 to 0.109.1

[dependabot]

Bumps fastapi from 0.104.1 to 0.109.1.

Release notes

Sourced from fastapi's releases.

0.109.1

Security fixes

• ⬆️ Upgrade minimum version of python-multipart to >=0.0.7 to fix a vulnerability when using form data with a ReDos attack. You can also simply upgrade python-multipart.

Read more in the advisory: Content-Type Header ReDoS.

Features

• ✨ Include HTTP 205 in status codes with no body. PR #10969 by @​tiangolo.

Refactors

• ✅ Refactor tests for duplicate operation ID generation for compatibility with other tools running the FastAPI test suite. PR #10876 by @​emmettbutler.
• ♻️ Simplify string format with f-strings in fastapi/utils.py. PR #10576 by @​eukub.
• 🔧 Fix Ruff configuration unintentionally enabling and re-disabling mccabe complexity check. PR #10893 by @​jiridanek.
• ✅ Re-enable test in tests/test_tutorial/test_header_params/test_tutorial003.py after fix in Starlette. PR #10904 by @​ooknimm.

Docs

• 📝 Tweak wording in help-fastapi.md. PR #11040 by @​tiangolo.
• 📝 Tweak docs for Behind a Proxy. PR #11038 by @​tiangolo.
• 📝 Add External Link: 10 Tips for adding SQLAlchemy to FastAPI. PR #11036 by @​Donnype.
• 📝 Add External Link: Tips on migrating from Flask to FastAPI and vice-versa. PR #11029 by @​jtemporal.
• 📝 Deprecate old tutorials: Peewee, Couchbase, encode/databases. PR #10979 by @​tiangolo.
• ✏️ Fix typo in fastapi/security/oauth2.py. PR #10972 by @​RafalSkolasinski.
• 📝 Update HTTPException details in docs/en/docs/tutorial/handling-errors.md. PR #5418 by @​papb.
• ✏️ A few tweaks in docs/de/docs/tutorial/first-steps.md. PR #10959 by @​nilslindemann.
• ✏️ Fix link in docs/en/docs/advanced/async-tests.md. PR #10960 by @​nilslindemann.
• ✏️ Fix typos for Spanish documentation. PR #10957 by @​jlopezlira.
• 📝 Add warning about lifespan functions and backwards compatibility with events. PR #10734 by @​jacob-indigo.
• ✏️ Fix broken link in docs/tutorial/sql-databases.md in several languages. PR #10716 by @​theoohoho.
• ✏️ Remove broken links from external_links.yml. PR #10943 by @​Torabek.
• 📝 Update template docs with more info about url_for. PR #5937 by @​EzzEddin.
• 📝 Update usage of Token model in security docs. PR #9313 by @​piotrszacilowski.
• ✏️ Update highlighted line in docs/en/docs/tutorial/bigger-applications.md. PR #5490 by @​papb.
• 📝 Add External Link: Explore How to Effectively Use JWT With FastAPI. PR #10212 by @​aanchlia.
• 📝 Add hyperlink to docs/en/docs/tutorial/static-files.md. PR #10243 by @​hungtsetse.
• 📝 Add External Link: Instrument a FastAPI service adding tracing with OpenTelemetry and send/show traces in Grafana Tempo. PR #9440 by @​softwarebloat.
• 📝 Review and rewording of en/docs/contributing.md. PR #10480 by @​nilslindemann.
• 📝 Add External Link: ML serving and monitoring with FastAPI and Evidently. PR #9701 by @​mnrozhkov.
• 📝 Reword in docs, from "have in mind" to "keep in mind". PR #10376 by @​malicious.
• 📝 Add External Link: Talk by Jeny Sadadia. PR #10265 by @​JenySadadia.
• 📝 Add location info to tutorial/bigger-applications.md. PR #10552 by @​nilslindemann.
• ✏️ Fix Pydantic method name in docs/en/docs/advanced/path-operation-advanced-configuration.md. PR #10826 by @​ahmedabdou14.

Translations

• 🌐 Add Spanish translation for docs/es/docs/external-links.md. PR #10933 by @​pablocm83.
• 🌐 Update Korean translation for docs/ko/docs/tutorial/first-steps.md, docs/ko/docs/tutorial/index.md, docs/ko/docs/tutorial/path-params.md, and docs/ko/docs/tutorial/query-params.md. PR #4218 by @​SnowSuno.

... (truncated)

Commits

• 7633d15 🔖 Release version 0.109.1
• a4de147 📝 Update release notes
• 9d34ad0 Merge pull request from GHSA-qf9m-vfgh-m389
• ebf9723 📝 Update release notes
• 8590d0c 👥 Update FastAPI People (#11074)
• 063d7ff 📝 Update release notes
• 3c81e62 🌐 Add Spanish translation for docs/es/docs/external-links.md (#10933)
• 6c4a143 📝 Update release notes
• d254e2f 🌐 Update Korean translation for docs/ko/docs/tutorial/first-steps.md, `docs...
• 6f6e786 📝 Update release notes
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[robot-ci-heartex]

Commit https://github.com/HumanSignal/infra/commit/b8e0abed03167dfb0683d8f7f0b60631c4f7aa8c is created.

[robot-ci-heartex]

Commit https://github.com/HumanSignal/infra/commit/8c8341155c2ddb2d1c4e573c6c4223237fcc6087 is created.