Bump packaging from 25.0 to 26.0

[dependabot]

Bumps packaging from 25.0 to 26.0.

Release notes

Sourced from packaging's releases.

26.0

Read about the performance improvements here: https://iscinumpy.dev/post/packaging-faster.

What's Changed

Features:

• PEP 751: support pylock by @​sbidoul in pypa/packaging#900
• PEP 794: import name metadata by @​brettcannon in pypa/packaging#948
• Support writing metadata by @​henryiii in pypa/packaging#846
• Support __replace__ for Version by @​henryiii in pypa/packaging#1003
• Support positional pattern matching for Version and Specifier by @​henryiii in pypa/packaging#1004

Behavior adaptations:

• PEP 440 handling of prereleases for Specifier.contains, SpecifierSet.contains, and SpecifierSet.filter by @​notatallshaw in pypa/packaging#897
• Handle PEP 440 edge case in SpecifierSet.filter by @​notatallshaw in pypa/packaging#942
• Adjust arbitrary equality intersection preservation in SpecifierSet by @​notatallshaw in pypa/packaging#951
• Return False instead of raising for .contains with invalid version by @​Liam-DeVoe in pypa/packaging#932
• Support arbitrary equality on arbitrary strings for Specifier and SpecifierSet's filter and contains method. by @​notatallshaw in pypa/packaging#954
• Only try to parse as Version on certain marker keys, return False on unequal ordered comparsions by @​JP-Ellis in pypa/packaging#939

Fixes:

• Update _hash when unpickling Tag() by @​dholth in pypa/packaging#860
• Correct comment and simplify implicit prerelease handling in Specifier.prereleases by @​notatallshaw in pypa/packaging#896
• Use explicit _GLibCVersion NamedTuple in _manylinux by @​cthoyt in pypa/packaging#868
• Detect invalid license expressions containing () by @​bwoodsend in pypa/packaging#879
• Correct regex for metadata 'name' format by @​di in pypa/packaging#925
• Improve the message around expecting a semicolon by @​pradyunsg in pypa/packaging#833
• Support nested parens in license expressions by @​Liam-DeVoe in pypa/packaging#931
• Add space before at symbol in Requirements string by @​henryiii in pypa/packaging#953
• A root logger use found by ruff LOG, use packaging logger instead by @​henryiii in pypa/packaging#965
• Better support for subclassing Marker and Requirement by @​henryiii in pypa/packaging#1022
• Normalize all extras, not just if it comes first by @​henryiii in pypa/packaging#1024
• Don't produce a broken repr if Marker fails to construct by @​henryiii in pypa/packaging#1033

Performance:

• Avoid recompiling regexes in the tokenizer for a 3x speedup by @​hauntsaninja in pypa/packaging#1019
• Improve performance in _manylinux.py by @​cthoyt in pypa/packaging#869
• Minor cleanups to Version by @​bearomorphism in pypa/packaging#913
• Skip redundant creation of Versions in specifier comparison by @​notatallshaw in pypa/packaging#986
• Cache Specifier's Version by @​notatallshaw in pypa/packaging#985
• Make Version a little faster by @​henryiii in pypa/packaging#987
• Minor Version regex cleanup by @​henryiii in pypa/packaging#990
• Faster regex on Python 3.11.5+ by @​henryiii in pypa/packaging#988 and pypa/packaging#1055
• Lazily calculate _key in Version by @​notatallshaw in pypa/packaging#989 and regression for packaging_legacy fixed by @​henryiii in pypa/packaging#1048
• Faster canonicalize_version by @​henryiii in pypa/packaging#993
• Use fullmatch in a couple more places by @​henryiii in pypa/packaging#992

... (truncated)

Changelog

Sourced from packaging's changelog.

26.0 - 2026-01-20

Features:

PEP 751: support pylock (:pull:900)
PEP 794: import name metadata (:pull:948)
Support for writing metadata to a file (:pull:846)
Support __replace__ on Version (:pull:1003)
Support positional pattern matching for Version and SpecifierSet (:pull:1004)

Behavior adaptations:

PEP 440 handling of prereleases for Specifier.contains, SpecifierSet.contains, and SpecifierSet.filter (:pull:897)
Handle PEP 440 edge case in SpecifierSet.filter (:pull:942)
Adjust arbitrary equality intersection preservation in SpecifierSet (:pull:951)
Return False instead of raising for .contains with invalid version (:pull:932)
Support arbitrary equality on arbitrary strings for Specifier and SpecifierSet's filter and contains method. (:pull:954)
Only try to parse as Version on certain marker keys, return False on unequal ordered comparisons (:pull:939)

Fixes:

Update _hash when unpickling Tag() (:pull:860)
Correct comment and simplify implicit prerelease handling in Specifier.prereleases (:pull:896)
Use explicit _GLibCVersion NamedTuple in _manylinux (:pull:868)
Detect invalid license expressions containing () (:pull:879)
Correct regex for metadata 'name' format (:pull:925)
Improve the message around expecting a semicolon (:pull:833)
Support nested parens in license expressions (:pull:931)
Add space before at symbol in Requirements string (:pull:953)
A root logger use found, use a packaging logger instead (:pull:965)
Better support for subclassing Marker and Requirement (:pull:1022)
Normalize all extras, not just if it comes first (:pull:1024)
Don't produce a broken repr if Marker fails to construct (:pull:1033)

Performance:

Avoid recompiling regexes in the tokenizer for a 3x speedup (:pull:1019)
Improve performance in _manylinux.py (:pull:869)
Minor cleanups to Version (:pull:913)
Skip redundant creation of Version's in specifier comparison (:pull:986)
Cache the Specifier's Version (:pull:985)
Make Version a little faster (:pull:987)
Minor Version regex cleanup (:pull:990)
Faster regex on Python 3.11.5+ for Version (:pull:988, :pull:1055)
Lazily calculate _key in Version (:pull:989, :pull:1048)
Faster canonicalize_version (:pull:993)
Use re.fullmatch in a couple more places (:pull:992, :pull:1029)
Use map instead of generator (:pull:996)
Deprecate ._version (_Version, a NamedTuple) (:pull:995, :pull:1062)

</tr></table>

... (truncated)

Commits

• 3b77a26 Bump for release
• 31371cc docs: prepare for 26.0 final (#1063)
• 9627a88 perf: dual replace (#1064)
• d5398b8 fix: restore ._version as a compat shim (#1062)
• 3a7b600 Bump for development
• d4eefdc Bump for release
• 4618912 docs: prepare for 26.0rc3 (#1060)
• 0cf1b41 ci: test on first public release of CPythons (#1056)
• 716beb1 perf: 10% faster stripping zeros (#1058)
• 350a230 fix: support CPython 3.11.0-3.11.4 and older PyPy3.11 (#1055)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Resolves #1063
Resolves #1064
Resolves #1062
Resolves #1060
Resolves #1056
Resolves #1058
Resolves #1055
Resolves pypa/packaging#900
Resolves pypa/packaging#948
Resolves pypa/packaging#846
Resolves pypa/packaging#1003
Resolves pypa/packaging#1004
Resolves pypa/packaging#897
Resolves pypa/packaging#942
Resolves pypa/packaging#951
Resolves pypa/packaging#932
Resolves pypa/packaging#954
Resolves pypa/packaging#939
Resolves pypa/packaging#860
Resolves pypa/packaging#896
Resolves pypa/packaging#868
Resolves pypa/packaging#879
Resolves pypa/packaging#925
Resolves pypa/packaging#833
Resolves pypa/packaging#931
Resolves pypa/packaging#953
Resolves pypa/packaging#965
Resolves pypa/packaging#1022
Resolves pypa/packaging#1024
Resolves pypa/packaging#1033
Resolves pypa/packaging#1019
Resolves pypa/packaging#869
Resolves pypa/packaging#913
Resolves pypa/packaging#986
Resolves pypa/packaging#985
Resolves pypa/packaging#987
Resolves pypa/packaging#990
Resolves pypa/packaging#988
Resolves pypa/packaging#1055
Resolves pypa/packaging#989
Resolves pypa/packaging#1048
Resolves pypa/packaging#993
Resolves pypa/packaging#992

[github-actions]

🤖 Claude Code Review

Code Review Analysis

Code Quality

✅ Code follows style guide

The change is a straightforward dependency version update in requirements.txt. This follows standard Python dependency management practices.

✅ No commented-out code

No commented-out code present in this diff.

✅ Meaningful variable names

Not applicable - this is a dependency version update.

✅ DRY principle followed

Not applicable - this is a dependency version update.

✅ No defects identified

This is a minor version bump of the packaging library from 25.0 to 26.0. The change appears to be a routine dependency update. No bugs, logic errors, or security vulnerabilities introduced by this change.

✅ Project memory configuration

No ./.claude/CLAUDE.md file was found in the repository, so this criterion is not applicable.

Testing

⚠️ Unit tests for new functions

Not applicable - this is a dependency update, not new functionality. However, it would be prudent to verify that existing tests still pass with the updated dependency version.

⚠️ Integration tests for new endpoints

Not applicable - no new endpoints added.

⚠️ Edge cases covered

Not applicable - this is a dependency update. Recommendation: Run existing test suite to ensure compatibility.

⚠️ Test coverage > 80%

Cannot verify from this diff alone. Existing coverage should be maintained after the dependency update.

Documentation

⚠️ Readme updated if needed

The README does not need updating for a patch/minor dependency version bump unless there are breaking changes in the packaging library that affect usage.

✅ API docs updated

Not applicable - no API changes.

✅ Inline comments for complex logic

Not applicable - this is a dependency file.

❌ CHANGELOG.md updated

The CHANGELOG.md should be updated to reflect this dependency update. While this may seem minor, it's good practice to document all dependency changes for traceability.

Recommendation: Add an entry to CHANGELOG.md such as:

### Changed
- Updated packaging from 25.0 to 26.0

✅ Markdown files follow CommonMark

Not applicable - no markdown files modified in this diff.

Security

✅ No hardcoded credentials

No credentials present.

✅ Input validation implemented

Not applicable - this is a dependency update.

✅ Proper error handling

Not applicable - this is a dependency update.

✅ No sensitive data in logs

Not applicable - this is a dependency update.

✅ No license files or AQAAAD strings

No .lic files or AQAAAD strings detected in this change.

---

Summary

This is a clean dependency update with one action item:

1. Update CHANGELOG.md to document the dependency version bump (requirements.txt:2)

Recommendations:

• Ensure all existing tests pass with packaging==26.0
• Verify there are no breaking changes in the packaging 26.0 release notes that could affect this project
• Update CHANGELOG.md to maintain a complete change history

The change itself is low-risk and follows standard dependency management practices.

Automated code review analyzing defects and coding standards