From 02bd7deecca101ff077f41bd5d019405f0bcd247 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 24 May 2026 19:53:23 +0000
Subject: [PATCH] chore(deps): bump python-multipart from 0.0.27 to 0.0.29

Bumps [python-multipart](https://github.com/Kludex/python-multipart) from 0.0.27 to 0.0.29.
- [Release notes](https://github.com/Kludex/python-multipart/releases)
- [Changelog](https://github.com/Kludex/python-multipart/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Kludex/python-multipart/compare/0.0.27...0.0.29)

---
updated-dependencies:
- dependency-name: python-multipart
  dependency-version: 0.0.29
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 pyproject.toml   | 2 +-
 requirements.txt | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/pyproject.toml b/pyproject.toml
index aa7573f..65b4df2 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -15,7 +15,7 @@ dependencies = [
     # Security floors — make CVE-driven minimums explicit so future resolves
     # can't silently downgrade. See PR description for advisory IDs.
     "gitpython>=3.1.49",
-    "python-multipart>=0.0.27",
+    "python-multipart>=0.0.29",
     # Upper bound is forced by our transitive ecosystem: both mlflow-skinny 3.11.x
     # AND opentelemetry-api 1.41.x cap importlib-metadata<8.8. Dependabot tried
     # to bump it to 9.0.0 (PR #3) and broke every deploy — explicit ceiling so
diff --git a/requirements.txt b/requirements.txt
index a009bcc..bd2c270 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -149,7 +149,7 @@ python-dotenv==1.2.2
     #   pydantic-settings
 python-engineio==4.13.1
     # via python-socketio
-python-multipart==0.0.27
+python-multipart==0.0.29
     # via
     #   coda (pyproject.toml)
     #   mcp