Build(deps): bump pyo3 from 0.28.2 to 0.28.3

[dependabot]

Bumps pyo3 from 0.28.2 to 0.28.3.

Release notes

Sourced from pyo3's releases.

PyO3 0.28.3

This patch contains several fixes for stability of the PyO3 0.28.x series:

• Python::attach and Python::try_attach will no longer return before the thread initializing the interpreter has finished runnning site.py when using the auto-initialize feature.
• Fix unsoundness in PyBytesWriter::write_vectored when targeting the Python 3.15 prerelease interpreter.
• Fix possible deadlock in .into_pyobject() implementation for C-like #[pyclass] enums.

A couple of edge cases causing compile failures were also fixed.

Thank you to the following contributors for the improvements:

@​alex @​bschoenmaeckers @​chirizxc @​davidhewitt @​Embers-of-the-Fire @​Icxolu @​maurosilber @​ngoldbaum

Changelog

Sourced from pyo3's changelog.

[0.28.3] - 2026-04-02

Fixed

• Fix compile error with #[pyclass(get_all)] on a type named Probe. #5837
• Fix compile error in debug builds related to _Py_NegativeRefcount with Python < 3.12. #5847
• Fix a race condition where Python::attach or try_attach could return before site.py had finished running. #5903
• Fix unsoundness in PyBytesWriter::write_vectored with Python 3.15 prerelease versions. #5907
• Fix deadlock in .into_pyobject() implementation for C-like #[pyclass] enums. #5928

Commits

• 743af64 release: 0.28.3
• 2042b4c fix deadlock when initializing enum via into_pyobject() (#5928)
• 0157247 ci: update UI tests for Rust 1.94 (#5859)
• e234f8a Update getting-started.md (#5899)
• c06848d fix ffi-check in 3.15.0a7 (#5873)
• 83f4283 remove unused try_trait_v2 feature when enabling the nightly feature (#5868)
• 0de57ed Fix unsoundness in PyBytesWriter::write_vectored (#5907)
• 49cd13f fixes #5900 -- address race condition with initialization and site.py loading...
• c90d163 [fix] Fix std::ffi import for _Py_NegativeRefcount (#5847)
• b79d725 fix(pyo3-macros): allow pyclass named Probe (#5837)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

I'm approving this pull request because it includes a patch or minor update