MESH-2092 Bump the dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the dependencies group with 3 updates in the / directory: cryptography, fastapi and gunicorn.

Updates cryptography from 46.0.4 to 46.0.5

Changelog

Sourced from cryptography's changelog.

46.0.5 - 2026-02-10

* An attacker could create a malicious public key that reveals portions of your
  private key when using certain uncommon elliptic curves (binary curves).
  This version now includes additional security checks to prevent this attack.
  This issue only affects binary elliptic curves, which are rarely used in
  real-world applications. Credit to **XlabAI Team of Tencent Xuanwu Lab and
  Atuin Automated Vulnerability Discovery Engine** for reporting the issue.
  **CVE-2026-26007**
* Support for ``SECT*`` binary elliptic curves is deprecated and will be
  removed in the next release.
.. v46-0-4:

Commits

• 06e120e bump version for 46.0.5 release (#14289)
• 0eebb9d EC check key on cofactor > 1 (#14287)
• bedf6e1 fix openssl version on 46 branch (#14220)
• See full diff in compare view

Updates fastapi from 0.128.6 to 0.128.7

Release notes

Sourced from fastapi's releases.

0.128.7

Features

• ✨ Show a clear error on attempt to include router into itself. PR #14258 by @​JavierSanchezCastro.
• ✨ Replace dict by Mapping on HTTPException.headers. PR #12997 by @​rijenkii.

Refactors

• ♻️ Simplify reading files in memory, do it sequentially instead of (fake) parallel. PR #14884 by @​tiangolo.

Docs

• 📝 Use dfn tag for definitions instead of abbr in docs. PR #14744 by @​YuriiMotov.

Internal

• ✅ Tweak comment in test to reference PR. PR #14885 by @​tiangolo.
• 🔧 Update LLM-prompt for abbr and dfn tags. PR #14747 by @​YuriiMotov.
• ✅ Test order for the submitted byte Files. PR #14828 by @​valentinDruzhinin.
• 🔧 Configure test workflow to run tests with inline-snapshot=review. PR #14876 by @​YuriiMotov.

Commits

• 8f82c94 🔖 Release version 0.128.7
• 5bb3423 📝 Update release notes
• 6ce5e3e ✅ Tweak comment in test to reference PR (#14885)
• 65da3dd 📝 Update release notes
• 81f82fd 🔧 Update LLM-prompt for abbr and dfn tags (#14747)
• ff72101 📝 Update release notes
• ca76a4e 📝 Use dfn tag for definitions instead of abbr in docs (#14744)
• 1133a45 📝 Update release notes
• 38f9659 ✅ Test order for the submitted byte Files (#14828)
• 3f1cc8f 📝 Update release notes
• Additional commits viewable in compare view

Updates gunicorn from 25.0.2 to 25.0.3

Release notes

Sourced from gunicorn's releases.

25.0.3

What's Changed

Bug Fixes

• Fix RuntimeError when StopIteration raised in ASGI coroutine (#3484)
• Fix passing maxsplit in re.split() as positional argument (deprecated in Python 3.13)

Documentation

• Updated sponsorship section and homepage

Full Changelog: benoitc/gunicorn@25.0.2...25.0.3

Commits

• fc85068 chore: prepare release 25.0.3
• 787602f docs: shorten README sponsor section
• a52c81f Merge pull request #3492 from benoitc/feature/improve-sponsorship
• 1afb2b7 Merge pull request #3490 from tyrossel/master
• 2ead70d docs: add Sponsor to top-level navigation
• 874e8be docs: shorten sponsor section on homepage
• 7293b21 docs: add prominent sponsorship options
• 70d571b docs: update homepage title and remove version display
• d301d53 fix: resolve RuntimeError when StopIteration raised in ASGI coroutine
• 68abb98 fix: passing maxsplit in re.split() as positional argument is deprecated
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

☂️ Python Coverage

current status: ✅

Overall Coverage

Lines	Covered	Coverage	Threshold	Status
2931	2719	93%	85%	🟢

New Files

No new covered files...

Modified Files

No covered modified files...

updated for commit: 5bbca07 by action🐍

[dependabot]

Looks like these dependencies are no longer updatable, so this is no longer needed.