chore: Merge branch v0.53 into main

[edgarrmondragon]

Summary by Sourcery

Release version 0.53.7 and propagate the new version across changelog, templates, docs, and tooling configuration.

Bug Fixes:

• Document support for simpleeval 1.0.5+ by subclassing EvalWithCompoundTypes in the 0.53.7 changelog entry.

Build:

• Update cookiecutter tap, target, and mapper templates to depend on singer-sdk 0.53.7.

Documentation:

• Add v0.53.7 entry to the changelog and bump the documented release version.
• Update the bug report template to reference Singer SDK version 0.53.7.

Chores:

• Bump project version metadata to 0.53.7 in pyproject and related configuration.

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Version bump and release alignment for 0.53.7, updating templates, docs, and tooling metadata, plus adding a changelog entry for the simpleeval compatibility fix.

File-Level Changes

Change	Details	Files
Add changelog entry documenting 0.53.7 release and simpleeval compatibility fix.	Introduce new v0.53.7 section in the changelog with date. Document bug fix for supporting simpleeval 1.0.5+ via subclassing EvalWithCompoundTypes.	CHANGELOG.md
Align cookiecutter templates with singer-sdk 0.53.7.	Update mapper template pyproject to depend on singer-sdk 0.53.7 (with and without faker extra). Update tap template pyproject to depend on singer-sdk 0.53.7 for both base and extras variants. Update target template pyproject to depend on singer-sdk 0.53.7 for both base and faker-extra variants.	cookiecutter/mapper-template/{{cookiecutter.mapper_id}}/pyproject.toml cookiecutter/tap-template/{{cookiecutter.tap_id}}/pyproject.toml cookiecutter/target-template/{{cookiecutter.target_id}}/pyproject.toml
Update project and tooling metadata to version 0.53.7.	Bump docs configuration release string to 0.53.7. Update bug issue template default SDK version placeholder to 0.53.7. Bump commitizen tool configuration version to 0.53.7 in pyproject.	docs/conf.py .github/ISSUE_TEMPLATE/bug.yml pyproject.toml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.73%. Comparing base (a1e1839) to head (52f9463).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #3603   +/-   ##
=======================================
  Coverage   93.73%   93.73%           
=======================================
  Files          73       73           
  Lines        5890     5890           
  Branches      723      723           
=======================================
  Hits         5521     5521           
  Misses        274      274           
  Partials       95       95           

Flag	Coverage Δ
core	82.13% <ø> (ø)
end-to-end	75.50% <ø> (ø)
optional-components	42.83% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[codspeed-hq]

Merging this PR will not alter performance

✅ 8 untouched benchmarks

---

_{Comparing from-v0_53 (52f9463) with main (a1e1839)}

[sourcery-ai]

Hey - I've found 1 issue

Prompt for AI Agents

Please address the comments from this code review:

## Individual Comments

### Comment 1
<location path=".github/workflows/dependency-review.yml" line_range="26-27" />
<code_context>
       - uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0
         if: ${{ github.event_name == 'pull_request' }}
         with:
+          allow-ghsas: |
+            GHSA-44vg-5wv2-h2hg
           fail-on-severity: high
</code_context>
<issue_to_address>
**🚨 suggestion (security):** Revisit the allowed GHSAs strategy to limit long-term exposure.

Allowing this GHSA may be necessary short term, but it risks becoming a long‑term blind spot. Please either add a periodic review step, scope the exemption to a specific version range, or document the rationale and removal criteria in the repo so it’s clear when and why this allowance should be revisited or removed.

Suggested implementation:

```
      - uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0
        if: ${{ github.event_name == 'pull_request' }}
        with:
          # Temporary exemption for https://github.com/advisories/GHSA-44vg-5wv2-h2hg
          # Rationale: <INSERT SHORT REASON WHY THIS CANNOT BE FIXED IMMEDIATELY>.
          # Review policy:
          # - Track this exemption in issue #<INSERT_ISSUE_ID>.
          # - Revisit this exemption at least quarterly (or sooner if dependency is updated).
          # - Remove once all affected dependencies are upgraded to a non-vulnerable version
          #   or the advisory is marked as not applicable.
          # If this exemption is still needed after <INSERT_REVIEW_DEADLINE>, update the issue
          # with the justification and a new review date.
          allow-ghsas: |
            GHSA-44vg-5wv2-h2hg
          fail-on-severity: high

```

1. Replace the placeholders `<INSERT SHORT REASON WHY THIS CANNOT BE FIXED IMMEDIATELY>`, `#<INSERT_ISSUE_ID>`, and `<INSERT_REVIEW_DEADLINE>` with concrete values (e.g., specific blocked dependency, GitHub issue number tracking the exemption, and a calendar date for review).
2. Optionally, reference a central document (e.g., `docs/security-exemptions.md` or `SECURITY.md`) in the comments above so that the long-term policy for exemptions is documented and can be reviewed alongside this workflow.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[edgarrmondragon]

@sourcery-ai review

[sourcery-ai]

Hey - I've reviewed your changes and they look great!

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}