Deps: Bump the python-packages group across 1 directory with 17 updates

Open dependabot[bot] opened this issue 2 months ago • 2 comments

Bumps the python-packages group with 17 updates in the / directory:

Package	From	To
psutil	`7.0.0`	`7.1.3`
python-gnupg	`0.5.4`	`0.5.5`
tomli	`2.2.1`	`2.3.0`
coverage	`7.10.1`	`7.10.7`
pontos	`25.6.0`	`25.8.1`
anyio	`4.9.0`	`4.11.0`
black	`25.1.0`	`25.9.0`
certifi	`2025.7.14`	`2025.10.5`
colorful	`0.5.7`	`0.5.8`
h2	`4.2.0`	`4.3.0`
idna	`3.10`	`3.11`
isort	`6.0.1`	`6.1.0`
lxml	`6.0.0`	`6.0.2`
platformdirs	`4.3.8`	`4.4.0`
rich	`14.1.0`	`14.2.0`
ruff	`0.12.5`	`0.14.3`
typing-extensions	`4.14.1`	`4.15.0`

Updates psutil from 7.0.0 to 7.1.3

Changelog

Sourced from psutil's changelog.

7.1.3

2025-11-02

Enhancements

2667_: enforce clang-format on all C and header files. It is now the mandatory formatting style for all C sources.

2672_, [macOS], [BSD]: increase the chances to recognize zombie processes and raise the appropriate exception (ZombieProcess_).

2676_, 2678_: replace unsafe sprintf / snprintf / sprintf_s calls with str_format(). Replace strlcat / strlcpy with safe str_copy / str_append. This unifies string handling across platforms and reduces unsafe usage of standard string functions, improving robustness.

Bug fixes

2674_, [Windows]: disk_usage()_ could truncate values on 32-bit platforms, potentially reporting incorrect total/free/used space for drives larger than 4GB.

2675_, [macOS]: Process.status()_ incorrectly returns "running" for 99% of the processes.

2677_, [Windows]: fix MAC address string construction in net_if_addrs()_. Previously, the MAC address buffer was incorrectly updated using a fixed increment and sprintf_s, which could overflow or misformat the string if the MAC length or formatting changed. Also, the final '\n' was inserted unnecessarily.

2679_, [OpenBSD], [NetBSD], [critical]: can't build due to C syntax error.

7.1.2

2025-10-25

Enhancements

2657_: stop publishing prebuilt Linux and Windows wheels for 32-bit Python. 32-bit CPython is still supported, but psutil must now be built from source. 2565_: produce wheels for free-thread cPython 3.13 and 3.14 (patch by Lysandros Nikolaou)

Bug fixes

2650_, [macOS]: Process.cmdline()_ and Process.environ()_ may incorrectly raise NoSuchProcess_ instead of ZombieProcess_.

2658_, [macOS]: double free() in Process.environ()_ when it fails internally. This posed a risk of segfault.

2662_, [macOS]: massive C code cleanup to guard against possible segfaults which were (not so) sporadically spotted on CI.

... (truncated)

Commits

5904ff9 Pre-release
d42db80 Update DEVGUIDE.rst
e4e1003 psutil_kinfo_proc: return in case of badargs; also print to stderr in case of...
bcdede4 Introduce PSUTIL_TESTING mode. Terminate execution if str_* funcs fail
6822ba7 Replace strlcat/strlcpy with safe str_copy/str_append (#2678)
0a7465c Windows: use str_format() in psutil_users().
fd05690 [Windows] fix MAC address string construction in net_if_addrs() (#2677)
7d82135 NetBSD: refact proc cwd()
262977f Replace unsafe sprintf/snprintf/sprintf_s calls with str_format() (#2676)
1ba3cf5 Fix #2675 / macOS: convert process status() to a meaningful value
Additional commits viewable in compare view

Updates python-gnupg from 0.5.4 to 0.5.5

Release notes

Sourced from python-gnupg's releases.

Enhancement and bug-fix release 0.5.5

This is an enhancement and bug-fix release, and all users are encouraged to upgrade.

Brief summary:

Fix #249: Handle fetching GPG version when not the first item in the configuration.

Fix #250: Capture uid info in a uid_map attribute of ScanKeys/ListKeys.

Fix #255: Improve handling of exceptions raised in background threads.

This release has been signed with my code signing key:

Vinay Sajip (CODE SIGNING KEY) <vinay_sajip at yahoo.co.uk> Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86

Commits

5f83627 Changes for 0.5.5.
e42cbbd Add more directories and file patterns to .gitignore.
9818609 Add some directories to .gitignore.
a886e2f Add Python 3.13t to CI.
0ed485f Correct typo in assertion message.
ee5c61e Removed pypy-2.7 from CI.
a83fb34 Change assertion.
b9f7723 Improve assertion message.
19c3a3b Catch IOError (broken pipe) exception in one more place.
1b086ac Catch IOError (broken pipe) exception.
Additional commits viewable in compare view

Updates tomli from 2.2.1 to 2.3.0

Changelog

Sourced from tomli's changelog.

2.3.0

Added

Binary wheels for Python 3.14 (also free-threaded)

Performance

Reduced import time

Commits

3fccd16 Bump version: 2.2.1 → 2.3.0
6504016 Add 2.3.0 changelog
0bc66fc Remove now off-by-default PyPy from cibuildwheel skip list
0aa242f Update license metadata to appease PEP 639
a18221e Bump GitHub CI actions
6fa4d90 [pre-commit.ci] pre-commit autoupdate (#260)
b974fa1 [pre-commit.ci] pre-commit autoupdate (#248)
f574f36 Update mypy to 1.15 and use --strict mode (#257)
1da01ef Reduce import time by removing typing import (#251)
4188188 Reduce import time by removing string and tomli._types imports
Additional commits viewable in compare view

Updates coverage from 7.10.1 to 7.10.7

Changelog

Sourced from coverage's changelog.

Version 7.10.7 — 2025-09-21

Performance: with branch coverage in large files, generating HTML, JSON, or LCOV reports could take far too long due to some quadratic behavior when creating the function and class index pages. This is now fixed, closing issue 2048_. Thanks to Daniel Diniz for help diagnosing the problem.

Most warnings and a few errors now have links to a page in the docs explaining the specific message. Closes issue 1921_.

.. _issue 1921: nedbat/coveragepy#1921 .. _issue 2048: nedbat/coveragepy#2048

.. _changes_7-10-6:

Version 7.10.6 — 2025-08-29

Fix: source directories were not properly communicated to subprocesses that ran in different directories, as reported in issue 1499_. This is now fixed.

Performance: Alex Gaynor continues fine-tuning <pull 2038_>_ the speed of combination, especially with many contexts.

.. _issue 1499: nedbat/coveragepy#1499 .. _pull 2038: nedbat/coveragepy#2038

.. _changes_7-10-5:

Version 7.10.5 — 2025-08-23

Big speed improvements for coverage combine: it's now about twice as fast! Huge thanks to Alex Gaynor for pull requests 2032 <pull 2032_>, 2033 <pull 2033_>, and 2034 <pull 2034_>_.

.. _pull 2032: nedbat/coveragepy#2032 .. _pull 2033: nedbat/coveragepy#2033 .. _pull 2034: nedbat/coveragepy#2034

.. _changes_7-10-4:

Version 7.10.4 — 2025-08-16

... (truncated)

Commits

92a2af5 docs: sample HTML for 7.10.7
952afda docs: prep for 7.10.7
a301761 build: riscv64 wheels (#2055)
5daff8d docs: now source is formatted with ruff
04bbc3a docs: discuss cog in the contributing docs
c181b93 build: use cog --check-fail-msg to instruct devs
33c4ba1 chore: make upgrade
0744b73 chore: bump the action-dependencies group across 1 directory with 2 updates (...
0d5a112 perf: bulk narrowing to avoid N**2. #2048
a868ed9 docs: mention Python Discord on the index page
Additional commits viewable in compare view

Updates pontos from 25.6.0 to 25.8.1

Release notes

Sourced from pontos's releases.

pontos 25.8.1

25.8.1 - 2025-08-20

Changed

Rust support for workspace.package.version 83e17f1a

Dependencies

Bump actions/checkout from 4.2.2 to 4.3.0 in the actions group c2656f8e

Bump coverage from 7.10.3 to 7.10.4 in the python-packages group 18e2dee7

pontos 25.8.0

25.8.0 - 2025-08-12

Changed

Make it possible to read [workspace.project] in cargo.toml 57ca3c2c

Bug Fixes

Use 'Array' in cargo tests instead of 'Table' cabc6ea7

Dependencies

Bump the python-packages group with 3 updates a5e524c5

Bump the python-packages group with 3 updates 0be16215

pontos 25.7.2

25.7.2 - 2025-07-30

Bug Fixes

Invalid CVE configurations data for node schema a6287f1e

pontos 25.7.1

25.7.1 - 2025-07-29

Dependencies

Bump the python-packages group across 1 directory with 4 updates 175a6401

Bump starlette from 0.47.1 to 0.47.2 073c944b

pontos 25.7.0

[25.7.0] - 2025-07-28

Bug Fixes

format_date timespec and fallback timezone 12da523c

... (truncated)

Commits

7189a16 Automatic release to 25.8.1
83e17f1 Change: Rust support for workspace.package.version
c2656f8 Deps: Bump actions/checkout from 4.2.2 to 4.3.0 in the actions group
18e2dee Deps: Bump coverage from 7.10.3 to 7.10.4 in the python-packages group
69db3f9 Automatic adjustments after release [skip ci]
f004abb Automatic release to 25.8.0
cabc6ea Fix: Use 'Array' in cargo tests instead of 'Table'
57ca3c2 change: Make it possible to read [workspace.project] in cargo.toml
a5e524c Deps: Bump the python-packages group with 3 updates
0be1621 Deps: Bump the python-packages group with 3 updates
Additional commits viewable in compare view

Updates anyio from 4.9.0 to 4.11.0

Release notes

Sourced from anyio's releases.

4.11.0

Added support for cancellation reasons (the reason parameter to CancelScope.cancel()) (#975)

Bumped the minimum version of Trio to v0.31.0

Added the ability to enter the event loop from foreign (non-worker) threads by passing the return value of anyio.lowlevel.current_token() to anyio.from_thread.run() and anyio.from_thread.run_sync() as the token keyword argument (#256)

Added pytest option (anyio_mode = "auto") to make the pytest plugin automatically handle all async tests (#971)

Added the anyio.Condition.wait_for() method for feature parity with asyncio (#974)

Changed the default type argument of anyio.abc.TaskStatus from Any to None (#964)

Fixed TCP listener behavior to guarantee the same ephemeral port is used for all socket listeners when local_port=0 (#857; PR by @11kkw and @agronholm)

Fixed inconsistency between Trio and asyncio where a TCP stream that previously raised a BrokenResourceError on send() would still raise BrokenResourceError after the stream was closed on asyncio, but ClosedResourceError on Trio. They now both raise a ClosedResourceError in this scenario. (#671)

4.10.0

Added the feed_data() method to the BufferedByteReceiveStream class, allowing users to inject data directly into the buffer

Added various class methods to wrap existing sockets as listeners or socket streams:

SocketListener.from_socket()

SocketStream.from_socket()

UNIXSocketStream.from_socket()

UDPSocket.from_socket()

ConnectedUDPSocket.from_socket()

UNIXDatagramSocket.from_socket()

ConnectedUNIXDatagramSocket.from_socket()

Added a hierarchy of connectable stream classes for transparently connecting to various remote or local endpoints for exchanging bytes or objects

Added context manager mix-in classes (anyio.ContextManagerMixin and anyio.AsyncContextManagerMixin) to help write classes that embed other context managers, particularly cancel scopes or task groups (#905; PR by @agronholm and @tapetersen)

Added the ability to specify the thread name in start_blocking_portal() (#818; PR by @davidbrochart)

Added anyio.notify_closing to allow waking anyio.wait_readable and anyio.wait_writable before closing a socket. Among other things, this prevents an OSError on the ProactorEventLoop. (#896; PR by @graingert)

Incorporated several documentation improvements from the EuroPython 2025 sprint (special thanks to the sprinters: Emmanuel Okedele, Jan Murre, Euxenia Miruna Goia and Christoffer Fjord)

Added a documentation page explaining why one might want to use AnyIO's APIs instead of asyncio's

Updated the to_interpreters module to use the public concurrent.interpreters API on Python 3.14 or later

Fixed anyio.Path.copy() and anyio.Path.copy_into() failing on Python 3.14.0a7

Fixed return annotation of __aexit__ on async context managers. CMs which can suppress exceptions should return bool, or None otherwise. (#913; PR by @Enegg)

Fixed rollover boundary check in SpooledTemporaryFile so that rollover only occurs when the buffer size exceeds max_size (#915; PR by @11kkw)

Migrated testing and documentation dependencies from extras to dependency groups

Fixed compatibility of anyio.to_interpreter with Python 3.14.0b2 (#926; PR by @hroncok)

Fixed SyntaxWarning on Python 3.14 about return in finally (#816)

Fixed RunVar name conflicts. RunVar instances with the same name should not share storage (#880; PR by @vimfu)

Renamed the BrokenWorkerIntepreter exception to BrokenWorkerInterpreter. The old name is available as a deprecated alias. (#938; PR by @ayussh-verma)

Fixed an edge case in CapacityLimiter on asyncio where a task, waiting to acquire a limiter gets cancelled and is subsequently granted a token from the limiter, but before the cancellation is delivered, and then fails to notify the next waiting task (#947)

Changelog

Sourced from anyio's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

UNRELEASED

Added an asynchronous implementation of the functools module ([#1001](https://github.com/agronholm/anyio/issues/1001) <https://github.com/agronholm/anyio/pull/1001>_)

Added support for uvloop=True on Windows via the winloop_ implementation ([#960](https://github.com/agronholm/anyio/issues/960) <https://github.com/agronholm/anyio/pull/960>_; PR by @Vizonex)

Added support for use as a context manager to anyio.lowlevel.RunVar

Added __all__ declarations to public submodules (anyio.lowlevel etc.) ([#1009](https://github.com/agronholm/anyio/issues/1009) <https://github.com/agronholm/anyio/pull/1009>_)

Fixed Process.stdin.send() not raising ClosedResourceError and BrokenResourceError on asyncio. Previously, a non-AnyIO exception was raised in such cases ([#671](https://github.com/agronholm/anyio/issues/671) <https://github.com/agronholm/anyio/issues/671>_; PR by @gschaffner)

Fixed Process.stdin.send() not checkpointing before writing data on asyncio ([#1002](https://github.com/agronholm/anyio/issues/1002) <https://github.com/agronholm/anyio/issues/1002>_; PR by @gschaffner)

Fixed a race condition where cancelling a Future from BlockingPortal.start_task_soon() would sometimes not cancel the async function ([#1011](https://github.com/agronholm/anyio/issues/1011) <https://github.com/agronholm/anyio/issues/1011>_; PR by @gschaffner)

.. _winloop: https://github.com/Vizonex/Winloop

4.11.0

Added support for cancellation reasons (the reason parameter to CancelScope.cancel()) ([#975](https://github.com/agronholm/anyio/issues/975) <https://github.com/agronholm/anyio/pull/975>_)

Bumped the minimum version of Trio to v0.31.0

Added the ability to enter the event loop from foreign (non-worker) threads by passing the return value of anyio.lowlevel.current_token() to anyio.from_thread.run() and anyio.from_thread.run_sync() as the token keyword argument ([#256](https://github.com/agronholm/anyio/issues/256) <https://github.com/agronholm/anyio/issues/256>_)

Added pytest option (anyio_mode = "auto") to make the pytest plugin automatically handle all async tests ([#971](https://github.com/agronholm/anyio/issues/971) <https://github.com/agronholm/anyio/pull/971>_)

Added the anyio.Condition.wait_for() method for feature parity with asyncio ([#974](https://github.com/agronholm/anyio/issues/974) <https://github.com/agronholm/anyio/pull/974>_)

Changed the default type argument of anyio.abc.TaskStatus from Any to None ([#964](https://github.com/agronholm/anyio/issues/964) <https://github.com/agronholm/anyio/pull/964>_)

Fixed TCP listener behavior to guarantee the same ephemeral port is used for all socket listeners when local_port=0 ([#857](https://github.com/agronholm/anyio/issues/857) <https://github.com/agronholm/anyio/issues/857>_; PR by @11kkw and @agronholm)

Fixed inconsistency between Trio and asyncio where a TCP stream that previously raised a BrokenResourceError on send() would still raise BrokenResourceError after the stream was closed on asyncio, but ClosedResourceError on Trio. They now both raise a ClosedResourceError in this

... (truncated)

Commits

08737af Bumped up the version
8bb9fe0 Fixed the inconsistent exception on sending to a closed TCP stream (#980)
9637093 [pre-commit.ci] pre-commit autoupdate (#981)
f1bc6ee Fixed changelog entry formatting
0b58964 Mentioned the sub-interpreter support in the README
1ed112c Ensure same port is used for IPv4/IPv6 when creating TCP listener with local_...
aceeee0 Re-enabled coverage reporting on macOS
6b890dc Reworded a changelog entry and added PR links to others
944257d Updated pre-commit modules
087975f Fixed a documentation style (#976)
Additional commits viewable in compare view

Updates black from 25.1.0 to 25.9.0

Release notes

Sourced from black's releases.

25.9.0

Highlights

Remove support for pre-python 3.7 await/async as soft keywords/variable names (#4676)

Stable style

Fix crash while formatting a long del statement containing tuples (#4628)

Fix crash while formatting expressions using the walrus operator in complex with statements (#4630)

Handle # fmt: skip followed by a comment at the end of file (#4635)

Fix crash when a tuple appears in the as clause of a with statement (#4634)

Fix crash when tuple is used as a context manager inside a with statement (#4646)

Fix crash when formatting a \ followed by a \r followed by a comment (#4663)

Fix crash on a \\r\n (#4673)

Fix crash on await ... (where ... is a literal Ellipsis) (#4676)

Fix crash on parenthesized expression inside a type parameter bound (#4684)

Fix crash when using line ranges excluding indented single line decorated items (#4670)

Preview style

Fix a bug where one-liner functions/conditionals marked with # fmt: skip would still be formatted (#4552)

Improve multiline_string_handling with ternaries and dictionaries (#4657)

Fix a bug where string_processing would not split f-strings directly after expressions (#4680)

Wrap the in clause of comprehensions across lines if necessary (#4699)

Remove parentheses around multiple exception types in except and except* without as. (#4720)

Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)

Parser

Rewrite tokenizer to improve performance and compliance (#4536)

Fix bug where certain unusual expressions (e.g., lambdas) were not accepted in type parameter bounds and defaults. (#4602)

Performance

Avoid using an extra process when running with only one worker (#4734)

Integrations

Fix the version check in the vim file to reject Python 3.8 (#4567)

Enhance GitHub Action psf/black to read Black version from an additional section in pyproject.toml: [project.dependency-groups] (#4606)

Build gallery docker image with python3-slim and reduce image size (#4686)

... (truncated)

Changelog

Sourced from black's changelog.

25.9.0

Highlights

Remove support for pre-python 3.7 await/async as soft keywords/variable names (#4676)

Stable style

Fix crash while formatting a long del statement containing tuples (#4628)

Fix crash while formatting expressions using the walrus operator in complex with statements (#4630)

Handle # fmt: skip followed by a comment at the end of file (#4635)

Fix crash when a tuple appears in the as clause of a with statement (#4634)

Fix crash when tuple is used as a context manager inside a with statement (#4646)

Fix crash when formatting a \ followed by a \r followed by a comment (#4663)

Fix crash on a \\r\n (#4673)

Fix crash on await ... (where ... is a literal Ellipsis) (#4676)

Fix crash on parenthesized expression inside a type parameter bound (#4684)

Fix crash when using line ranges excluding indented single line decorated items (#4670)

Preview style

Fix a bug where one-liner functions/conditionals marked with # fmt: skip would still be formatted (#4552)

Improve multiline_string_handling with ternaries and dictionaries (#4657)

Fix a bug where string_processing would not split f-strings directly after expressions (#4680)

Wrap the in clause of comprehensions across lines if necessary (#4699)

Remove parentheses around multiple exception types in except and except* without as. (#4720)

Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)

Parser

Rewrite tokenizer to improve performance and compliance (#4536)

Fix bug where certain unusual expressions (e.g., lambdas) were not accepted in type parameter bounds and defaults. (#4602)

Performance

Avoid using an extra process when running with only one worker (#4734)

Integrations

Fix the version check in the vim file to reject Python 3.8 (#4567)

Enhance GitHub Action psf/black to read Black version from an additional section in pyproject.toml: [project.dependency-groups] (#4606)

... (truncated)

Commits

af0ba72 Prepare docs for release 25.9.0 (#4751)
ffc01a0 Fix schema generation error caused by new click version (#4750)
626b32f Add normalizing for \r style newlines (#4710)
57a4612 Fix mypy type issue (#4745)
4f6ad7c Wrap the in clause of comprehensions across lines if necessary (#4699)
24f5169 ci: Run diff-shades on unstable instead of preview (#4741)
4d55e60 Bump actions/setup-python from 5 to 6 (#4744)
0cf39ef Improve the performance of get_string_prefix (#4742)
1f779de Fix line ranges decorator edge case (#4670)
203fd6b Optimize Line string method (#4739)
Additional commits viewable in compare view

Updates certifi from 2025.7.14 to 2025.10.5

Commits

fb14ac4 2025.10.05 (#371)
2c7c7ee Add Python 3.14 classifier in setup.py
1a5cb7b Bump actions/setup-python from 5.6.0 to 6.0.0 (#367)
dea5960 Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 (#366)
83566b7 Bump actions/checkout from 4.2.2 to 5.0.0
ca2e121 Bump actions/download-artifact from 4.3.0 to 5.0.0
a97d9ad 2025.08.03 (#362)
See full diff in compare view

Updates colorful from 0.5.7 to 0.5.8

Release notes

Sourced from colorful's releases.

v0.5.8

What's Changed

Mini cleanup by @fliiiix in timofurrer/colorful#59

Full Changelog: https://github.com/timofurrer/colorful/compare/v0.5.7...v0.5.8

Changelog

Sourced from colorful's changelog.

[v0.5.8]

Fixed

Test Python 3.14 support

Drop Python 2 support

Commits

3d5cbc6 release: v0.5.8
48890f8 Merge pull request #59 from timofurrer/chore/cleanup
4d72903 Add Python 3.14 support
89ee187 Update Github Actions
cd5e0ac Run pyupgrade to migrate away from Python 2 code
64655aa Inherit from class is a Python 2 thing
47ee2f6 Drop encoding hint
842803e Cleanup comments
See full diff in compare view

Updates h2 from 4.2.0 to 4.3.0

Changelog

Sourced from h2's changelog.

4.3.0 (2025-08-23)

API Changes (Backward Incompatible)

Reject header names and values containing illegal characters, based on RFC 9113, section 8.2.1. The main Python API is compatible, but some previously valid requests/response headers might now be blocked. Use the validate_inbound_headers config option if needed. Thanks to Sebastiano Sartor (sebsrt) for the report.

Convert emitted events into Python dataclass, which introduces new constructors with required arguments. Instantiating these events without arguments, as previously commonly used API pattern, will no longer work.

API Changes (Backward Compatible)

h2 events now have tighter type bounds, e.g. stream_id is guaranteed to not be None for most events now. This simplifies downstream type checking.

Various typing-related improvements.

Bugfixes

Fix error value when opening a new stream on too many open streams.

Commits

1aae569 v4.3.0
9e4bbed merge surrounding whitespace and uppercase validators into illegal character ...
035e989 be stricter about which characters to accept for headers
883ed37 reject header names and values containing unpermitted characters \r, \n, ...
0583911 lint: fix TC006
bbd3d90 fix(packaging): bump twine to pass meta check wildcard bugs
ea3140f cleanup
9ce83ff exclude RDT from sdist
492d3db Update .readthedocs.yaml
243461d Create RTD config
Additional commits viewable in compare view

Updates idna from 3.10 to 3.11

Changelog

Sourced from idna's changelog.

3.11 (2025-10-12)

Update to Unicode 16.0.0, including significant changes to UTS46 processing. As a result of Unicode ending support for it, transitional processing no longer has an effect and returns the same result.

Add support for Python 3.14, lowest supported version is Python 3.8.

Various updates to packaging, including PEP 740 support.

Commits

ad949ee Release v3.11
cae4ba7 Second release candidate for 3.11
8adb305 Add space in RST link
74cb2b6 Release candidate for 3.11
05dab09 Format idna-data with ruff
90eac78 Apply ruff formatting
a31ce7e Remove errant test vectors
81f0333 Omit vectors known to be broken in test suite
a0f3257 Merge branch 'master' into unicode-16-uts46-changes
38d9886 Remove extra UTS46 test vector
Additional commits viewable in compare view

Updates isort from 6.0.1 to 6.1.0

Release notes

Sourced from isort's releases.

6.1.0

Changes

Update docs discussions channel (#2410) @staticdev

Add python 3.14 classifier and badge (#2409) @staticdev

Drop use of non-standard pkg_resources API (#2405) @dvarrazzo

Use working isort version in pre-commit example (#2402) @iainelder

fix typo in _get_files_from_dir_cached test (#2392) @tiltingpenguin

Resolve bandit warnings (#2379) @kurtmckee

Add tox for cross-platform, parallel test suite execution (#2378) @kurtmckee

Add Project URLs to PyPI Side Panel (#2387) @guillermodotn

Fix typos (#2376) @co63oc

:construction_worker: Continuous Integration

Add make bash scripts portable (#2377) @staticdev

:package: Dependencies

Bump actions/checkout from 4 to 5 in the github-actions group (#2406) @dependabot[bot]

Bump astral-sh/setup-uv from 5 to 6 in the github-actions group (#2395) @dependabot[bot]

Changelog

Sourced from isort's changelog.

6.1.0 October 1 2025

Add python 3.14 classifier and badge (#2409) @staticdev

Drop use of non-standard pkg_resources API (#2405) @dvarrazzo

Commits

ec0efae Merge pull request #2410 from PyCQA/docs/discussion
8af675f Update docs discussions channel
a03dae8 Merge pull request #2409 from PyCQA/build/py314-classifier
2232a26 Add python 3.14 classifier and badge
ec48dd7 Merge pull request #2405 from dvarrazzo/fix/drop-pkg-resources
be46cd4 refactor: make importlib metadata package import lazy
18ecd0c chore: drop branch guarding unsupported Python versions
1d42e56 fix: drop use of non-standard pkg_resources API
0c8fc82 Merge pull request #2406 from PyCQA/dependabot/github_actions/github-actions-...
3478763 Bump actions/checkout from 4 to 5 in the github-actions group
Additional commits viewable in compare view

Updates lxml from 6.0.0 to 6.0.2

Changelog

Sourced from lxml's changelog.

6.0.2 (2025-09-21)

Bugs fixed

LP#2125278: Compilation with libxml2 2.15.0 failed. Original patch by Xi Ruoyao.

Setting decompress=True in the parser had no effect in libxml2 2.15.

Binary wheels on Linux and macOS use the library version libxml2 2.14.6. See https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.14.6

Test failures in libxml2 2.15.0 were fixed.

Other changes

Binary wheels for Py3.9-3.11 on the riscv64 architecture were added.

Error constants were updated to match libxml2 2.15.0.

Built using Cython 3.1.4.

6.0.1 (2025-08-22)

Bugs fixed

LP#2116333: lxml.sax._getNsTag() could fail with an exception on malformed input.

GH#467: Some test adaptations were made for libxml2 2.15. Patch by Nick Wellnhofer.

LP2119510, GH#473: A Python compatibility test was fixed for Python 3.14+. Patch by Lumír Balhar.

GH#471: Wheels for "riscv64" on recent Python versions were added. Patch by ffgan.

GH#469: The wheel build no longer requires the wheel package unconditionally. Patch by Miro Hrončok.

Binary wheels use the library version libxml2 2.14.5. See https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.14.5

Windows binary wheels continue to use a security patched library version libxml2 2.11.9.

Commits

283d02e Build: Minor readability cleanup.
52cf97c Revert "Build: Avoid redundant manylinux2014 builds across newer jobs."
a21e474 Build: Avoid redundant manylinux2014 builds across newer jobs.
58d4d2b Build: Upgrade libxml2 to 2.14.6.
e5d80da Build: Clean up and simplify target selection and environment setup in pyproj...
e913380 Build: Limit optimised wheel builds to AMD64 and Arm64 to save time and resou...
d22f6a1 Build: bump actions/setup-python in the github-actions group (GH-479)
f8fa76d Build: Prevent redundant branch wheel builds for pull requests.
b3e9372 Build: bump pypa/cibuildwheel in the github-actions group (GH-478)
a7ec229 Prepare release of lxml 6.0.2.
Additional commits viewable in compare view

Updates platformdirs from 4.3.8 to 4.4.0

Release notes

Sourced from platformdirs's releases.

4.4.0

What's Changed

feat: improve homebrew path detection by @daeho-ro in tox-dev/platformdirs#370

New Contributors

@daeho-ro made their first contribution in Description has been truncated

Nov 03 '25 04:11 dependabot[bot]

Scanning the following files:

poetry.lock pyproject.toml

Scan: 'poetry.lock'

Nothing detected in poetry.lock Scan took 0.01 seconds

Scan: 'pyproject.toml'

Nothing detected in pyproject.toml Scan took 0.00 seconds

Nov 03 '25 04:11 greenbonebot

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

Nov 17 '25 04:11 dependabot[bot]