Bump gunicorn from 24.1.0 to 25.0.2

[dependabot]

Bumps gunicorn from 24.1.0 to 25.0.2.

Release notes

Sourced from gunicorn's releases.

Release 25.0.2

Bug Fixes

• Fix ASGI concurrent request failures through nginx proxy by normalizing sockaddr tuples to handle both 2-tuple (IPv4) and 4-tuple (IPv6) formats ([PR #3485](benoitc/gunicorn#3485))

• Fix graceful disconnect handling for ASGI worker to properly handle client disconnects without raising exceptions ([PR #3485](benoitc/gunicorn#3485))

• Fix lazy import of dirty module for gevent compatibility - prevents import errors when concurrent.futures is imported before gevent monkey-patching ([PR #3483](benoitc/gunicorn#3483))

Changes

• Refactor: Extract _normalize_sockaddr utility function for consistent socket address handling across workers

• Add license headers to all Python source files

• Update copyright year to 2026 in LICENSE and NOTICE files

25.0.1

Bug Fixes

• Fix ASGI streaming responses (SSE) hanging: add chunked transfer encoding for HTTP/1.1 responses without Content-Length header. Without chunked encoding, clients wait for connection close to determine end-of-response.

Changes

• Update celery_alternative example to use FastAPI with native ASGI worker and uvloop for async task execution

Testing

• Add ASGI compliance test suite with Docker-based integration tests covering HTTP, WebSocket, streaming, lifespan, framework integration (Starlette, FastAPI), HTTP/2, and concurrency scenarios

Gunicorn 25.0.0

New Features

• Dirty Arbiters: Separate process pool for executing long-running, blocking operations (AI model loading, heavy computation) without blocking HTTP workers ([PR #3460](benoitc/gunicorn#3460))
  • Inspired by Erlang's dirty schedulers
  • Asyncio-based with Unix socket IPC

... (truncated)

Commits

• 9508df6 test: increase CI timeout for signal tests on PyPy
• 2c0f959 fix: remove trailing blank line in instrument/init.py
• 95b7ffe chore: prepare release 25.0.2
• 026167a refactor: extract _normalize_sockaddr utility function
• e780508 fix: resolve ASGI concurrent request failures through nginx proxy
• 866e88c Merge pull request #3485 from benoitc/fix/asgi-graceful-disconnect
• 3bf718e fix: graceful disconnect handling for ASGI worker
• 15cadf8 Merge pull request #3483 from benoitc/fix/gevent-concurrent-futures-import
• b19c648 fix: lazy import dirty module for gevent compatibility
• 3373e4b docs: add CNAME file for custom domain
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)