chore(backend/deps-dev): Bump the development-dependencies group across 1 directory with 4 updates

[dependabot]

Bumps the development-dependencies group with 4 updates in the /autogpt_platform/backend directory: faker, pyright, pytest-mock and ruff.

Updates faker from 37.6.0 to 37.8.0

Release notes

Sourced from faker's releases.

Release v37.8.0

See CHANGELOG.md.

Release v37.7.0

See CHANGELOG.md.

Changelog

Sourced from faker's changelog.

v37.8.0 - 2025-09-15

• Add Automotive providers for ja_JP locale. Thanks @​ItoRino424.

v37.7.0 - 2025-09-15

• Add Nigerian name locales (yo_NG, ha_NG, ig_NG, en_NG). Thanks @​ifeoluwaoladeji.

Commits

• 4bde8f5 Bump version: 37.7.0 → 37.8.0
• f542f36 📝 Update CHANGELOG.md
• e28d7cb fix test
• e4305b0 fix padding
• a359441 💄 format code
• 0e3f0bd Add Automotive providers for ja_JP locale (#2251)
• d4fa69d Bump version: 37.6.0 → 37.7.0
• f636f06 📝 Update CHANGELOG.md
• 9a482dd 💄 Format code
• 2493b2d fix: fix minor grammar typo (#2259)
• Additional commits viewable in compare view

Updates pyright from 1.1.404 to 1.1.405

Commits

• e211ec8 Pyright NPM Package update to 1.1.405 (#353)
• See full diff in compare view

Updates pytest-mock from 3.14.1 to 3.15.1

Release notes

Sourced from pytest-mock's releases.

v3.15.1

2025-09-16

• #529: Fixed itertools._tee object has no attribute error -- now duplicate_iterators=True must be passed to mocker.spy to duplicate iterators.

v3.15.0

2025-09-04

• Python 3.8 (EOL) is no longer supported.
• #524: Added spy_return_iter to mocker.spy, which contains a duplicate of the return value of the spied method if it is an Iterator.

Changelog

Sourced from pytest-mock's changelog.

3.15.1

2025-09-16

• [#529](https://github.com/pytest-dev/pytest-mock/issues/529) <https://github.com/pytest-dev/pytest-mock/issues/529>_: Fixed itertools._tee object has no attribute error -- now duplicate_iterators=True must be passed to mocker.spy to duplicate iterators.

3.15.0

2025-09-04

• Python 3.8 (EOL) is no longer supported.
• [#524](https://github.com/pytest-dev/pytest-mock/issues/524) <https://github.com/pytest-dev/pytest-mock/pull/524>_: Added spy_return_iter to mocker.spy, which contains a duplicate of the return value of the spied method if it is an Iterator.

Commits

• e1b5c62 Release 3.15.1
• 184eb19 Set spy_return_iter only when explicitly requested (#537)
• 4fa0088 [pre-commit.ci] pre-commit autoupdate (#536)
• f5aff33 Fix test failure with pytest 8+ and verbose mode (#535)
• adc4187 Bump actions/setup-python from 5 to 6 in the github-actions group (#533)
• 95ad570 [pre-commit.ci] pre-commit autoupdate (#532)
• e696bf0 Fix standalone mock support (#531)
• 5b29b03 Fix gen-release-notes script
• 7d22ef4 Merge pull request #528 from pytest-dev/release-3.15.0
• 90b29f8 Update CHANGELOG for 3.15.0
• Additional commits viewable in compare view

Updates ruff from 0.12.11 to 0.13.0

Release notes

Sourced from ruff's releases.

0.13.0

Release Notes

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

• Several rules can now add from __future__ import annotations automatically

  TC001, TC002, TC003, RUF013, and UP037 now add from __future__ import annotations as part of their fixes when the lint.future-annotations setting is enabled. This allows the rules to move more imports into TYPE_CHECKING blocks (TC001, TC002, and TC003), use PEP 604 union syntax on Python versions before 3.10 (RUF013), and unquote more annotations (UP037).

• Full module paths are now used to verify first-party modules

  Ruff now checks that the full path to a module exists on disk before categorizing it as a first-party import. This change makes first-party import detection more accurate, helping to avoid false positives on local directories with the same name as a third-party dependency, for example. See the FAQ section on import categorization for more details.

• Deprecated rules must now be selected by exact rule code

  Ruff will no longer activate deprecated rules selected by their group name or prefix. As noted below, the two remaining deprecated rules were also removed in this release, so this won't affect any current rules, but it will still affect any deprecations in the future.

• The deprecated macOS configuration directory fallback has been removed

  Ruff will no longer look for a user-level configuration file at ~/Library/Application Support/ruff/ruff.toml on macOS. This feature was deprecated in v0.5 in favor of using the XDG specification (usually resolving to ~/.config/ruff/ruff.toml), like on Linux. The fallback and accompanying deprecation warning have now been removed.

Removed Rules

The following rules have been removed:

• pandas-df-variable-name (PD901)
• non-pep604-isinstance (UP038)

Stabilization

The following rules have been stabilized and are no longer in preview:

• airflow-dag-no-schedule-argument (AIR002)
• airflow3-removal (AIR301)
• airflow3-moved-to-provider (AIR302)
• airflow3-suggested-update (AIR311)
• airflow3-suggested-to-move-to-provider (AIR312)
• long-sleep-not-forever (ASYNC116)
• f-string-number-format (FURB116)
• os-symlink (PTH211)
• generic-not-last-base-class (PYI059)
• redundant-none-literal (PYI061)
• pytest-raises-ambiguous-pattern (RUF043)
• unused-unpacked-variable (RUF059)
• useless-class-metaclass-type (UP050)

The following behaviors have been stabilized:

... (truncated)

Changelog

Sourced from ruff's changelog.

0.13.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

• Several rules can now add from __future__ import annotations automatically

  TC001, TC002, TC003, RUF013, and UP037 now add from __future__ import annotations as part of their fixes when the lint.future-annotations setting is enabled. This allows the rules to move more imports into TYPE_CHECKING blocks (TC001, TC002, and TC003), use PEP 604 union syntax on Python versions before 3.10 (RUF013), and unquote more annotations (UP037).

• Full module paths are now used to verify first-party modules

  Ruff now checks that the full path to a module exists on disk before categorizing it as a first-party import. This change makes first-party import detection more accurate, helping to avoid false positives on local directories with the same name as a third-party dependency, for example. See the FAQ section on import categorization for more details.

• Deprecated rules must now be selected by exact rule code

  Ruff will no longer activate deprecated rules selected by their group name or prefix. As noted below, the two remaining deprecated rules were also removed in this release, so this won't affect any current rules, but it will still affect any deprecations in the future.

• The deprecated macOS configuration directory fallback has been removed

  Ruff will no longer look for a user-level configuration file at ~/Library/Application Support/ruff/ruff.toml on macOS. This feature was deprecated in v0.5 in favor of using the XDG specification (usually resolving to ~/.config/ruff/ruff.toml), like on Linux. The fallback and accompanying deprecation warning have now been removed.

Removed Rules

The following rules have been removed:

• pandas-df-variable-name (PD901)
• non-pep604-isinstance (UP038)

Stabilization

The following rules have been stabilized and are no longer in preview:

... (truncated)

Commits

• a1fdd66 Bump 0.13.0 (#20336)
• 8770b95 [ty] introduce DivergentType (#20312)
• 65982a1 [ty] Use 'unknown' specialization for upper bound on Self (#20325)
• 57d1f71 [ty] Simplify unions of enum literals and subtypes thereof (#20324)
• 7a75702 Ignore deprecated rules unless selected by exact code (#20167)
• 9ca632c Stabilize adding future import via config option (#20277)
• 64fe7d3 [flake8-errmsg] Stabilize extending raw-string-in-exception (EM101) to ...
• beeeb8d Stabilize the remaining Airflow rules (#20250)
• b6fca52 [flake8-bugbear] Stabilize support for non-context-manager calls in `assert...
• ac7f882 [flake8-commas] Stabilize support for trailing comma checks in type paramet...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[netlify]

✅ Deploy Preview for auto-gpt-docs-dev canceled.

Name	Link
🔨 Latest commit	df4667a
🔍 Latest deploy log	https://app.netlify.com/projects/auto-gpt-docs-dev/deploys/68dee51056a73700088c6d02

[netlify]

✅ Deploy Preview for auto-gpt-docs canceled.

Name	Link
🔨 Latest commit	df4667a
🔍 Latest deploy log	https://app.netlify.com/projects/auto-gpt-docs/deploys/68dee510b745500009f8f308

[deepsource-io]

Here's the code health analysis summary for commits f5ee579..df4667a. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Summary	Link
JavaScript	✅ Success		View Check ↗
Python	✅ Success		View Check ↗

---

💡 If you’re a repository administrator, you can configure the quality gates from the settings.

[github-actions]

This pull request has conflicts with the base branch, please resolve those so we can evaluate the pull request.

[AutoGPT-Agent]

Thank you for submitting this dependabot PR to update the development dependencies. While the dependency updates themselves look good, I noticed that this PR contains significant additional changes that aren't mentioned in the title or description:

1. Addition of an entire load-tests directory with multiple JavaScript files for load testing
2. Docker file modifications including adding Node.js installation
3. Backend code changes in db.py (increasing TRANSACTION_TIMEOUT from 15s to 30s)
4. Backend endpoint changes in v1.py (adding user_id parameter to execute_graph_block)

These additional changes should be separated into their own PRs with appropriate titles and descriptions. The current PR title only mentions dependency updates, but the actual changes go well beyond that scope.

I recommend:

1. Creating separate PRs for the load testing infrastructure, Docker modifications, and backend code changes
2. Keeping this PR focused only on the development dependency updates

This will make the review process more focused and ensure each change gets proper review.

[github-actions]

Conflicts have been resolved! 🎉 A maintainer will review the pull request shortly.

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

⛔ Ignored keywords (1)

• chore

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dependabot/pip/autogpt_platform/backend/dev/development-dependencies-d9f3c5276e

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

This pull request has conflicts with the base branch, please resolve those so we can evaluate the pull request.

[github-actions]

Conflicts have been resolved! 🎉 A maintainer will review the pull request shortly.

[github-actions]

This pull request has conflicts with the base branch, please resolve those so we can evaluate the pull request.

[github-actions]

Conflicts have been resolved! 🎉 A maintainer will review the pull request shortly.

[ntindle]

@claude relock this with poetry

[claude]

Claude finished @ntindle's task —— View job

---

✅ Successfully relocked with Poetry

Todo List

• Navigate to backend directory
• Run poetry lock to regenerate the lock file
• Check for changes and commit if needed
• Push changes to the PR branch

The poetry.lock file has been successfully regenerated and pushed to the PR branch. The changes include updates to the Poetry version metadata and some Python version markers adjustments.

--- •