Bump pytest from 9.0.2 to 9.0.3

[dependabot]

Bumps pytest from 9.0.2 to 9.0.3.

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

• #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

• #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

  Previously this resulted in an internal assertion failure during plugin loading.

  Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

• #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

• #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

• #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

• #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
• #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
• #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
• #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

• #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

  -- by aleguy02

Commits

• a7d58d7 Prepare release version 9.0.3
• 089d981 Merge pull request #14366 from bluetech/revert-14193-backport
• 8127eaf Revert "Fix: assertrepr_compare respects dict insertion order (#14050) (#14193)"
• 99a7e60 Merge pull request #14363 from pytest-dev/patchback/backports/9.0.x/95d8423bd...
• ddee02a Merge pull request #14343 from bluetech/cve-2025-71176-simple
• 74eac69 doc: Update training info (#14298) (#14301)
• f92dee7 Merge pull request #14267 from pytest-dev/patchback/backports/9.0.x/d6fa26c62...
• 7ee58ac Merge pull request #12378 from Pierre-Sassoulas/fix-implicit-str-concat-and-d...
• 37da870 Merge pull request #14259 from mitre88/patch-4 (#14268)
• c34bfa3 Add explanation for string context diffs (#14257) (#14266)
• Additional commits viewable in compare view

[senzingdevops]

Automated: approving this pull request because it includes a patch update

[github-actions]

🤖 Claude Code Review

Code Review

PR Summary: Bumps pytest from 9.0.2 to 9.0.3 for Python > 3.11 in two dependency groups (development and test).

---

Code Quality

• ✅ Style guide: Change is minimal and consistent with existing formatting.
• ✅ No commented-out code
• ✅ Meaningful variable names: N/A
• ✅ DRY principle: Both occurrences of the version pin updated consistently (pyproject.toml:44 and pyproject.toml:85).
• ✅ No defects: Straightforward version bump; no logic errors.
• ✅ CLAUDE.md: No issues with the project configuration.

Testing

• ✅ Unit/integration tests: No new code requiring tests.
• ✅ Coverage: N/A for a dependency bump.

Documentation

• ✅ README: No update needed.
• ✅ API docs: N/A
• ✅ Inline comments: N/A
• ⚠️ CHANGELOG.md: Not updated. Dependency bumps are often excluded from changelogs per project convention, but worth confirming this project's policy.
• ✅ Markdown formatting: N/A

Security

• ✅ No hardcoded credentials
• ✅ No license files (.lic) or AQAAAD-prefixed content
• ✅ No sensitive data
• ✅ pytest 9.0.3 is a patch release — no known security concerns.

---

Overall: Clean, minimal patch bump. The only minor note is the missing CHANGELOG entry — approve if that's intentional for dependency-only PRs.

Automated code review analyzing defects and coding standards

[senzingdevops]

Automated: approving this pull request because it includes a patch update

[github-actions]

🤖 Claude Code Review

Code Review: pytest 9.0.2 → 9.0.3 Bump

Code Quality

• ✅ Style guide: No code style concerns — this is a dependency version bump only.
• ✅ No commented-out code: None present.
• ✅ Meaningful variable names: N/A.
• ✅ DRY principle: The version is updated consistently in both development (line 44) and test (line 85) dependency groups.
• ✅ Defects: No logic errors. The python_version > '3.11' constraint is preserved correctly and mirrors the existing pattern. Both occurrences are updated, so no version mismatch risk.
• ✅ CLAUDE.md: No concerns — the project config file is appropriate for shared dev use.

Testing

• ✅ Tests: No new functions introduced; this is a pure dependency update. Existing test suite validates the bump.
• ✅ Coverage: N/A for this change.

Documentation

• ✅ README/API docs: No updates needed for a patch-level dependency bump.
• ⚠️ CHANGELOG.md: Not updated. Dependency bumps are commonly tracked in changelogs. This is low severity but worth confirming whether the project convention requires it (recent commits suggest Dependabot handles these automatically, so it may be intentional to skip manual changelog entries).

Security

• ✅ No hardcoded credentials: N/A.
• ✅ No license files: None present.
• ✅ No sensitive data: N/A.

---

Summary: This is a clean, minimal patch-version bump. The only minor note is the missing CHANGELOG entry, which may be intentional given the project's Dependabot workflow. No blockers — safe to merge.

Automated code review analyzing defects and coding standards