deps: update httpcore requirement from >=1.0.0 to >=1.0.9 in the python-deps group

[dependabot]

Updates the requirements on httpcore to permit the latest version.
Updates httpcore to 1.0.9

Release notes

Sourced from httpcore's releases.

Version 1.0.9 (April 24th, 2025)

• Resolve GHSA-vqfr-h8mv-ghfj with h11 dependency update. (#1008)

Changelog

Sourced from httpcore's changelog.

Version 1.0.9 (April 24th, 2025)

• Resolve GHSA-vqfr-h8mv-ghfj with h11 dependency update. (#1008)

Version 1.0.8 (April 11th, 2025)

• Fix AttributeError when importing on Python 3.14. (#1005)

Version 1.0.7 (November 15th, 2024)

• Support proxy=… configuration on ConnectionPool(). (#974)

Version 1.0.6 (October 1st, 2024)

• Relax trio dependency pinning. (#956)
• Handle trio raising NotImplementedError on unsupported platforms. (#955)
• Handle mapping ssl.SSLError to httpcore.ConnectError. (#918)

1.0.5 (March 27th, 2024)

• Handle EndOfStream exception for anyio backend. (#899)
• Allow trio 0.25.* series in package dependancies. (#903)

1.0.4 (February 21st, 2024)

• Add target request extension. (#888)
• Fix support for connection Upgrade and CONNECT when some data in the stream has been read. (#882)

1.0.3 (February 13th, 2024)

• Fix support for async cancellations. (#880)
• Fix trace extension when used with socks proxy. (#849)
• Fix SSL context for connections using the "wss" scheme (#869)

1.0.2 (November 10th, 2023)

• Fix float("inf") timeouts in Event.wait function. (#846)

1.0.1 (November 3rd, 2023)

• Fix pool timeout to account for the total time spent retrying. (#823)
• Raise a neater RuntimeError when the correct async deps are not installed. (#826)
• Add support for synchronous TLS-in-TLS streams. (#840)

1.0.0 (October 6th, 2023)

From version 1.0 our async support is now optional, as the package has minimal dependencies by default.

For async support use either pip install 'httpcore[asyncio]' or pip install 'httpcore[trio]'.

... (truncated)

Commits

• 9820975 Version 1.0.9 (#1011)
• d1e17c5 Update h11 dependency, resolving security fix. (#1008)
• ae46dfb Version 1.0.8 (#1006)
• b2a796c Fix AttributeError when importing on Python 3.14 (#1005)
• 38f277c Revert "Use AnyIO fast_acquire (#953)" (#1002)
• 973cbdd Use AnyIO fast_acquire (#953)
• 8b8ab18 fix ci (#999)
• a173552 Version 1.0.7 (#977)
• 13e281d Add proxy configuration to ConnectionPool. (#974)
• 0bfcee4 default port for the socks5h scheme (#972)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions