RSPY-630 - Fix/bot dependency updates (#1060)

* build(deps): bump fastapi from 0.115.9 to 0.115.11 in /services/frontend

Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.115.9 to 0.115.11.
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.115.9...0.115.11)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps-dev): bump pytest from 8.3.4 to 8.3.5 in /services/frontend

Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.3.4 to 8.3.5.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.3.4...8.3.5)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps-dev): bump pytest from 8.3.4 to 8.3.5 in /services/cadip

Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.3.4 to 8.3.5.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.3.4...8.3.5)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps-dev): bump pytest from 8.3.4 to 8.3.5 in /services/catalog

Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.3.4 to 8.3.5.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.3.4...8.3.5)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps-dev): bump moto from 5.1.0 to 5.1.1 in /services/catalog

Bumps [moto](https://github.com/getmoto/moto) from 5.1.0 to 5.1.1.
- [Release notes](https://github.com/getmoto/moto/releases)
- [Changelog](https://github.com/getmoto/moto/blob/master/CHANGELOG.md)
- [Commits](getmoto/moto@5.1.0...5.1.1)

---
updated-dependencies:
- dependency-name: moto
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps-dev): bump sphinx from 8.2.1 to 8.2.3

Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 8.2.1 to 8.2.3.
- [Release notes](https://github.com/sphinx-doc/sphinx/releases)
- [Changelog](https://github.com/sphinx-doc/sphinx/blob/master/CHANGES.rst)
- [Commits](sphinx-doc/sphinx@v8.2.1...v8.2.3)

---
updated-dependencies:
- dependency-name: sphinx
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps-dev): bump moto from 5.1.0 to 5.1.1

Bumps [moto](https://github.com/getmoto/moto) from 5.1.0 to 5.1.1.
- [Release notes](https://github.com/getmoto/moto/releases)
- [Changelog](https://github.com/getmoto/moto/blob/master/CHANGELOG.md)
- [Commits](getmoto/moto@5.1.0...5.1.1)

---
updated-dependencies:
- dependency-name: moto
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps-dev): bump pytest from 8.3.4 to 8.3.5

Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.3.4 to 8.3.5.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.3.4...8.3.5)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps-dev): bump pytest from 8.3.4 to 8.3.5 in /services/adgs

Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.3.4 to 8.3.5.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.3.4...8.3.5)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps): bump fastapi from 0.115.9 to 0.115.11 in /services/common

Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.115.9 to 0.115.11.
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.115.9...0.115.11)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps-dev): bump pytest from 8.3.4 to 8.3.5 in /services/common

Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.3.4 to 8.3.5.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.3.4...8.3.5)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps): bump authlib from 1.5.0 to 1.5.1 in /services/common

Bumps [authlib](https://github.com/lepture/authlib) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/lepture/authlib/releases)
- [Changelog](https://github.com/lepture/authlib/blob/main/docs/changelog.rst)
- [Commits](authlib/authlib@v1.5.0...v1.5.1)

---
updated-dependencies:
- dependency-name: authlib
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps): bump fastapi from 0.115.9 to 0.115.11 in /services/staging

Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.115.9 to 0.115.11.
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.115.9...0.115.11)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps): bump authlib from 1.5.0 to 1.5.1 in /services/staging

Bumps [authlib](https://github.com/lepture/authlib) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/lepture/authlib/releases)
- [Changelog](https://github.com/lepture/authlib/blob/main/docs/changelog.rst)
- [Commits](authlib/authlib@v1.5.0...v1.5.1)

---
updated-dependencies:
- dependency-name: authlib
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps-dev): bump pytest from 8.3.4 to 8.3.5 in /services/staging

Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.3.4 to 8.3.5.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.3.4...8.3.5)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* build(deps-dev): bump types-requests

Bumps [types-requests](https://github.com/python/typeshed) from 2.32.0.20241016 to 2.32.0.20250306.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-requests
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump botocore from 1.37.3 to 1.37.9 in /services/common

Bumps [botocore](https://github.com/boto/botocore) from 1.37.3 to 1.37.9.
- [Commits](boto/botocore@1.37.3...1.37.9)

---
updated-dependencies:
- dependency-name: botocore
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump botocore from 1.37.3 to 1.37.9 in /services/staging

Bumps [botocore](https://github.com/boto/botocore) from 1.37.3 to 1.37.9.
- [Commits](boto/botocore@1.37.3...1.37.9)

---
updated-dependencies:
- dependency-name: botocore
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* merge: poetry.lock files from origin/dependabot/pip/moto-5.1.1

* merge: poetry.lock files from origin/dependabot/pip/pytest-8.3.5

* merge: poetry.lock files from origin/dependabot/pip/services/adgs/pytest-8.3.5

* merge: poetry.lock files from origin/dependabot/pip/services/cadip/pytest-8.3.5

* merge: poetry.lock files from origin/dependabot/pip/services/catalog/moto-5.1.1

* merge: poetry.lock files from origin/dependabot/pip/services/catalog/pytest-8.3.5

* merge: poetry.lock files from origin/dependabot/pip/services/common/authlib-1.5.1

* merge: poetry.lock files from origin/dependabot/pip/services/common/botocore-1.37.9

* merge: poetry.lock files from origin/dependabot/pip/services/common/fastapi-0.115.11

* merge: poetry.lock files from origin/dependabot/pip/services/common/pytest-8.3.5

* merge: poetry.lock files from origin/dependabot/pip/services/frontend/fastapi-0.115.11

* merge: poetry.lock files from origin/dependabot/pip/services/frontend/pytest-8.3.5

* merge: poetry.lock files from origin/dependabot/pip/services/staging/authlib-1.5.1

* merge: poetry.lock files from origin/dependabot/pip/services/staging/botocore-1.37.9

* merge: poetry.lock files from origin/dependabot/pip/services/staging/fastapi-0.115.11

* merge: poetry.lock files from origin/dependabot/pip/services/staging/pytest-8.3.5

* merge: poetry.lock files from origin/dependabot/pip/sphinx-8.2.3

* merge: poetry.lock files from origin/dependabot/pip/types-requests-2.32.0.20250306

* merge: rebuild the poetry.lock files

* Manual stac-fastapi updates

* Update pytest against latest stac-fastapi behaviour

* Revert to Starlette 0.45.3 because of encode/starlette#2893

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: vprivat-ads

docs/poetry.lock

@@ -62,7 +62,7 @@ optional = true
 
 # All the dev dependencies are set here so they can be used by the CI.
 [tool.poetry.group.dev.dependencies]
-pytest = "^8.3.3"
+pytest = "^8.3.5"
 pytest-asyncio = "^0.25.3"
 pytest-cov = "^6.0.0"
 pytest-docker = "^3.2.0"
@@ -72,17 +72,17 @@ pytest-mock = "^3.14.0"
 black = "^25.1.0"
 mypy = "^1.15.0"
 pre-commit = "^4.1.0"
-types-requests = "^2.32.0.20241016"
+types-requests = "^2.32.0.20250306"
 flake8 = "^7.1.2"
 bandit = "^1.8.3"
 safety = "^3.3.0"
 pylint = "^3.3.0"
 flake8-pyproject = "^1.2.3"
 httpx = "^0.27.2"
-moto = "^5.1.0"
+moto = "^5.1.1"
 flask = "^3.0.3"
 flask-cors = "^5.0.1"
-sphinx = "^8.2.1"
+sphinx = "^8.2.3"
 sphinx-rtd-theme = "^3.0.1"
 orjson = [ # we need the same markers and versions as in eodag: https://github.com/CS-SI/eodag/blob/develop/setup.cfg
     {version = "<3.10.0", markers = "python_version>='3.12' and platform_system=='Windows'"},

poetry.lock

@@ -187,18 +187,21 @@ async def test_authentication_and_contents(mocker, httpx_mock: HTTPXMock, client
         {
             "rel": "self",
             "type": "application/json",
+            "title": "This document",
             "href": "http://testserver/catalog/",
             **AUTHENT_REF,
         },
         {
             "rel": "root",
             "type": "application/json",
+            "title": "Root",
             "href": "http://testserver/catalog/",
             **AUTHENT_REF,
         },
         {
             "rel": "data",
             "type": "application/json",
+            "title": "Collections available for this Catalog",
             "href": "http://testserver/catalog/collections",
             **AUTHENT_REF,
         },
@@ -212,55 +215,27 @@ async def test_authentication_and_contents(mocker, httpx_mock: HTTPXMock, client
         {
             "rel": "search",
             "type": "application/geo+json",
-            "title": "STAC search",
+            "title": "STAC search [GET]",
             "href": "http://testserver/catalog/search",
             "method": "GET",
             **AUTHENT_REF,
         },
         {
             "rel": "search",
             "type": "application/geo+json",
-            "title": "STAC search",
+            "title": "STAC search [POST]",
             "href": "http://testserver/catalog/search",
             "method": "POST",
             **AUTHENT_REF,
         },
         {
             "rel": "http://www.opengis.net/def/rel/ogc/1.0/queryables",
             "type": "application/schema+json",
-            "title": "Queryables",
+            "title": "Queryables available for this Catalog",
             "href": "http://testserver/catalog/queryables",
             "method": "GET",
             **AUTHENT_REF,
         },
-        {
-            "rel": "child",
-            "type": "application/json",
-            "title": "toto_S1_L1",
-            "href": "http://testserver/catalog/collections/toto:S1_L1",
-            **AUTHENT_REF,
-        },
-        {
-            "rel": "child",
-            "type": "application/json",
-            "title": "toto_S2_L3",
-            "href": "http://testserver/catalog/collections/toto:S2_L3",
-            **AUTHENT_REF,
-        },
-        {
-            "rel": "child",
-            "type": "application/json",
-            "title": "titi_S2_L1",
-            "href": "http://testserver/catalog/collections/titi:S2_L1",
-            **AUTHENT_REF,
-        },
-        {
-            "rel": "child",
-            "type": "application/json",
-            "title": "pyteam_S1_L1",
-            "href": "http://testserver/catalog/collections/pyteam:S1_L1",
-            **AUTHENT_REF,
-        },
         {
             "rel": "service-desc",
             "type": "application/vnd.oai.openapi+json;version=3.0",

pyproject.toml

@@ -37,7 +37,8 @@ include = [
 
 [tool.poetry.dependencies]
 python = "^3.11"
-fastapi = "^0.115.0"
+fastapi = "^0.115.11"
+starlette = ">=0.45.3,<0.46"
 boto3 = ">=1.35.40"
 botocore = ">=1.35.99"
 sqlalchemy = "^2.0.35"
@@ -68,7 +69,7 @@ authlib = "^1.5.0"
 python-keycloak = ">=5.3.1,<6.0"
 itsdangerous = "^2.2.0"
 pyjwt = {extras = ["crypto"], version = "^2.9.0"}
-stac-fastapi-pgstac = "^4.0.1"
+stac-fastapi-pgstac = "^5.0.0"
 
 [tool.poetry.group.dev]
 optional = true

services/adgs/poetry.lock

@@ -38,7 +38,8 @@ include = [
 
 [tool.poetry.dependencies]
 python = "^3.11"
-fastapi = "^0.115.0"
+fastapi = "^0.115.11"
+starlette = ">=0.45.3,<0.46"
 uvicorn = ">=0.31,<0.35"
 requests = "^2.32.3"
 attrs = ">=24.2,<26.0"