Fix CI and expand test matrix to Django 5.2 and Python 3.13

[janbrasna]

This adds some ruff exclusions from default lint rules that landed with updates, to unblock CI.

• pytest-fixture-no-parentheses
  • "PT001", https://docs.astral.sh/ruff/rules/pytest-fixture-incorrect-parentheses-style/
  • "PT023", https://docs.astral.sh/ruff/rules/pytest-incorrect-mark-parentheses-style/
• pytest-raises-too-broad
  • "PT011", https://docs.astral.sh/ruff/rules/pytest-raises-too-broad/
• parenthesize-chained-operators
  • "RUF021", https://docs.astral.sh/ruff/rules/parenthesize-chained-operators/

(Marked up FIXME for now, most are uncontroversial to tackle if there's appetite.)

This also updates actions/* versions to avoid any deprecations, warnings or noisy annotations while having a little safer defaults as a byproduct; also adding explicit non-default Python to the envlist job to avoid some runner defaults' woes installing system packages etc. (fixing some yaml whitespace while at it…) and adds wheel caching for pip deps.

Backfills the matrix for compatible combinations to not skip any viable versions.

Updates some metadata, mostly aligning python_requires with claimed support.

Adding current Python and Django to the envlist, removing some EOLed versions.

[leplatrem]

👏

[janbrasna]

Funnily enough, this was happily passing few months ago 😓

I'll keep spelunking why it now fails on main; if that pulls some non-stable versions or something?

[janbrasna]

And of course, pip tox somehow resolves to breaking pre-release versions of httpx it seems 🙈

We can pin ourselves to resolve FastAPI side of things: janbrasna@0152d83 — but the Sanic has to be fixed upstream: https://github.com/search?q=repo:sanic-org/sanic-testing+httpx

[janbrasna]

OK found a sanic-testing version that has an upper constraint for httpx too that won't crash on ValueError — gonna update a couple more things with it, that no longer work on Python 3.8 — and submit another bump, pinning few things and dropping some EOL versions.

[leplatrem]

Thank you Jan

…

On Sat, Nov 1, 2025 at 3:45 PM Jan Brasna ***@***.***> wrote: *janbrasna* left a comment (mozilla-services/python-dockerflow#120) <#120 (comment)> OK found a sanic-testing version that has an upper constraint for httpx too that won't crash on ValueError <https://redirect.github.com/sanic-org/sanic-testing/issues/80> — gonna update a couple more things with it, that no longer work on Python 3.8 — and submit another bump, pinning few things and dropping some EOL versions. — Reply to this email directly, view it on GitHub <#120 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAEFPBEWRC65ZBHD7L25M3L32TBSBAVCNFSM6AAAAAB572N2RSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTINZWGQZTANRQGY> . You are receiving this because you modified the open/close state.Message ID: ***@***.***>

[janbrasna]

Sure thing! How would I look if a CI fix didn't turn green after landing?;D — I'll hunt down the things that shift beyond us over time, like another ruff rule that I might need to ignore to pass again;)

That said, fakeredis doesn't probably correctly specify its lower compatibility so we're getting a version that doesn't work with Python 3.8 ~ I could also try to find a version that broke the compatibility and pin it, but I'm more inclined to just leave EOL Python 3.8 behind, and move up to 3.9 as the lowest supported.

[janbrasna]

Following up in #122 — green for now;)