Skip to content

[pull] master from aio-libs:master #379

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pull merged 53 commits into from
Oct 17, 2025
Merged

[pull] master from aio-libs:master #379

pull merged 53 commits into from
Oct 17, 2025

Conversation

@pull
Copy link

@pull pull bot commented Oct 17, 2025
edited
Loading

See Commits and Changes for more details.

Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

Dreamsorcerer and others added 30 commits October 6, 2025 23:20
@Dreamsorcerer
Bump version with .dev0 (#11582)
e562852
@patchback @Dreamsorcerer
[PR #11585/76e54a32 backport][3.14] Move Dependabot to 3.14 (#11586)
19e9b9f 
**This is a backport of PR #11585 as merged into master
(76e54a3).**

Co-authored-by: Sam Bull <git@sambull.org>
@dependabot
Bump multidict from 6.6.4 to 6.7.0 (#11587)
b51696b 
Bumps [multidict](https://github.com/aio-libs/multidict) from 6.6.4 to
6.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/multidict/releases">multidict's
releases</a>.</em></p>
<blockquote>
<h2>6.7.0</h2>
<h2>Contributor-facing changes</h2>
<ul>
<li>
<p>Updated tests and added CI for CPython 3.14 -- by
:user:<code>kumaraditya303</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/multidict/issues/1235">#1235</a>.</p>
</li>
</ul>
<hr />
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/multidict/blob/master/CHANGES.rst">multidict's
changelog</a>.</em></p>
<blockquote>
<h1>6.7.0</h1>
<p><em>(2025-10-05)</em></p>
<h2>Contributor-facing changes</h2>
<ul>
<li>
<p>Updated tests and added CI for CPython 3.14 -- by
:user:<code>kumaraditya303</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
:issue:<code>1235</code>.</p>
</li>
</ul>
<hr />
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aio-libs/multidict/commit/e2a8d083ae1f73c54de70ae5c2a6611455606798"><code>e2a8d08</code></a>
Increase wheel build timeout to 25m (<a
href="https://redirect.github.com/aio-libs/multidict/issues/1252">#1252</a>)</li>
<li><a
href="https://github.com/aio-libs/multidict/commit/2822aaede13b711c4b56d22b5752ac03c185eb24"><code>2822aae</code></a>
Release 6.7.0 (<a
href="https://redirect.github.com/aio-libs/multidict/issues/1251">#1251</a>)</li>
<li><a
href="https://github.com/aio-libs/multidict/commit/d40ee55f73585a3cc650b432a259a15ce62296bb"><code>d40ee55</code></a>
Bump actions/setup-python from 5 to 6 (<a
href="https://redirect.github.com/aio-libs/multidict/issues/1246">#1246</a>)</li>
<li><a
href="https://github.com/aio-libs/multidict/commit/0fd074e33e922947aa35729a086ea1011877d356"><code>0fd074e</code></a>
Bump pytest from 8.4.0 to 8.4.2 (<a
href="https://redirect.github.com/aio-libs/multidict/issues/1241">#1241</a>)</li>
<li><a
href="https://github.com/aio-libs/multidict/commit/d81b8593abdbd0830950651fdb3f06a73b1d1b8a"><code>d81b859</code></a>
Bump actions/download-artifact from 4 to 5 (<a
href="https://redirect.github.com/aio-libs/multidict/issues/1250">#1250</a>)</li>
<li><a
href="https://github.com/aio-libs/multidict/commit/e8ca43e580f93fc34ac99cef2ca062c5a4bbe3f1"><code>e8ca43e</code></a>
Bump CodSpeedHQ/action from 3 to 4 (<a
href="https://redirect.github.com/aio-libs/multidict/issues/1249">#1249</a>)</li>
<li><a
href="https://github.com/aio-libs/multidict/commit/47669a5cfe9baa9ceaa64d51287ab89c56a34b7e"><code>47669a5</code></a>
Bump actions/checkout from 4 to 5 (<a
href="https://redirect.github.com/aio-libs/multidict/issues/1248">#1248</a>)</li>
<li><a
href="https://github.com/aio-libs/multidict/commit/5f9f6f8f165901e5a14b72e813710cab14ba2c42"><code>5f9f6f8</code></a>
Bump pypa/cibuildwheel from 3.1.4 to 3.2.0 (<a
href="https://redirect.github.com/aio-libs/multidict/issues/1247">#1247</a>)</li>
<li><a
href="https://github.com/aio-libs/multidict/commit/254a47cd2b2324dd206c35c732a44d5274a060bc"><code>254a47c</code></a>
Bump pyenchant from 3.2.2 to 3.3.0 (<a
href="https://redirect.github.com/aio-libs/multidict/issues/1245">#1245</a>)</li>
<li><a
href="https://github.com/aio-libs/multidict/commit/fea34afa1e1471c25533f109d1b656f5794f8c90"><code>fea34af</code></a>
Bump pre-commit from 4.2.0 to 4.3.0 (<a
href="https://redirect.github.com/aio-libs/multidict/issues/1243">#1243</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aio-libs/multidict/compare/v6.6.4...v6.7.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=multidict&package-manager=pip&previous-version=6.6.4&new-version=6.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump attrs from 25.3.0 to 25.4.0 (#11598)
ae295b8 
Bumps [attrs](https://github.com/sponsors/hynek) from 25.3.0 to 25.4.0.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/sponsors/hynek/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=attrs&package-manager=pip&previous-version=25.3.0&new-version=25.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump idna from 3.3 to 3.10 (#11591)
482eace 
Bumps [idna](https://github.com/kjd/idna) from 3.3 to 3.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/kjd/idna/releases">idna's
releases</a>.</em></p>
<blockquote>
<h2>v3.10</h2>
<p>No release notes provided.</p>
<h2>v3.9</h2>
<p>No release notes provided.</p>
<h2>v3.8</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix regression where IDNAError exception was not being produced for
certain inputs.</li>
<li>Add support for Python 3.13, drop support for Python 3.5 as it is no
longer testable.</li>
<li>Documentation improvements</li>
<li>Updates to package testing using Github actions</li>
</ul>
<p>Thanks to Hugo van Kemenade for contributions to this release.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/kjd/idna/compare/v3.7...v3.8">https://github.com/kjd/idna/compare/v3.7...v3.8</a></p>
<h2>v3.7</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix issue where specially crafted inputs to encode() could take
exceptionally long amount of time to process. [CVE-2024-3651]</li>
</ul>
<p>Thanks to Guido Vranken for reporting the issue.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's
changelog</a>.</em></p>
<blockquote>
<p>3.10 (2024-09-15)
+++++++++++++++++</p>
<ul>
<li>Reverted to Unicode 15.1.0 data. Unicode 16 has some significant
changes
to UTS46 processing that will require more work to properly
implement.</li>
</ul>
<p>3.9 (2024-09-13)
++++++++++++++++</p>
<ul>
<li>Update to Unicode 16.0.0</li>
<li>Deprecate setup.cfg in favour of pyproject.toml</li>
<li>Use ruff for code formatting</li>
</ul>
<p>Thanks to Waket Zheng for contributions to this release.</p>
<p>3.8 (2024-08-23)
++++++++++++++++</p>
<ul>
<li>Fix regression where IDNAError exception was not being produced for
certain inputs.</li>
<li>Add support for Python 3.13, drop support for Python 3.5 as it is no
longer testable.</li>
<li>Documentation improvements</li>
<li>Updates to package testing using Github actions</li>
</ul>
<p>Thanks to Hugo van Kemenade for contributions to this release.</p>
<p>3.7 (2024-04-11)
++++++++++++++++</p>
<ul>
<li>Fix issue where specially crafted inputs to encode() could
take exceptionally long amount of time to process. [CVE-2024-3651]</li>
</ul>
<p>Thanks to Guido Vranken for reporting the issue.</p>
<p>3.6 (2023-11-25)
++++++++++++++++</p>
<ul>
<li>Fix regression to include tests in source distribution.</li>
</ul>
<p>3.5 (2023-11-24)
++++++++++++++++</p>
<ul>
<li>Update to Unicode 15.1.0</li>
<li>String codec name is now &quot;idna2008&quot; as overriding the
system codec
&quot;idna&quot; was not working.</li>
<li>Fix typing error for codec encoding</li>
<li>&quot;setup.cfg&quot; has been added for this release due to some
downstream
lack of adherence to PEP 517. Should be removed in a future release
so please prepare accordingly.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/kjd/idna/commit/729225d8b0c58bc66bb38d1d0faf281a757ece59"><code>729225d</code></a>
Release v3.10</li>
<li><a
href="https://github.com/kjd/idna/commit/3eef1680132907e90afb0feb29136f6895001f3c"><code>3eef168</code></a>
Merge pull request <a
href="https://redirect.github.com/kjd/idna/issues/194">#194</a> from
kjd/revert-unicode-16</li>
<li><a
href="https://github.com/kjd/idna/commit/ceca619a214c816e04c7c233565280bf3998c938"><code>ceca619</code></a>
Revert Unicode 16.0.0 data updates</li>
<li><a
href="https://github.com/kjd/idna/commit/c43ac75cf649511c3d593164a32a3ff9cd0cdcd1"><code>c43ac75</code></a>
Merge pull request <a
href="https://redirect.github.com/kjd/idna/issues/191">#191</a> from
kjd/release-3.9</li>
<li><a
href="https://github.com/kjd/idna/commit/1b8800a4d0c76126ab2d3e28c7e62f567cbe69f8"><code>1b8800a</code></a>
Release v3.9</li>
<li><a
href="https://github.com/kjd/idna/commit/a1fd16821734235fb6ce4e0283a49a71d61535d2"><code>a1fd168</code></a>
Merge pull request <a
href="https://redirect.github.com/kjd/idna/issues/190">#190</a> from
kjd/unicode-16</li>
<li><a
href="https://github.com/kjd/idna/commit/7732c6153e07946f1bf5cdea96817264d305b7cc"><code>7732c61</code></a>
Merge branch 'master' into unicode-16</li>
<li><a
href="https://github.com/kjd/idna/commit/4ed183d95cf5cdfc98bb867b9e4b33a3fd13ca9b"><code>4ed183d</code></a>
Refactor membership test</li>
<li><a
href="https://github.com/kjd/idna/commit/762216bd7b1d0c45937703ea0c7632360e32c85b"><code>762216b</code></a>
Format with ruff</li>
<li><a
href="https://github.com/kjd/idna/commit/580ece955f7e127094b21b40761be6b70ab62aef"><code>580ece9</code></a>
Implement changes to UTS46 algorithm</li>
<li>Additional commits viewable in <a
href="https://github.com/kjd/idna/compare/v3.3...v3.10">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=3.3&new-version=3.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump yarl from 1.21.0 to 1.22.0 (#11596)
a035451 
Bumps [yarl](https://github.com/aio-libs/yarl) from 1.21.0 to 1.22.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/yarl/releases">yarl's
releases</a>.</em></p>
<blockquote>
<h2>1.22.0</h2>
<h2>Features</h2>
<ul>
<li>
<p>Added arm64 Windows wheel builds
-- by :user:<code>finnagin</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/yarl/issues/1516">#1516</a>.</p>
</li>
</ul>
<hr />
<h2>1.20.1</h2>
<h2>Bug fixes</h2>
<ul>
<li>
<p>Started raising a :exc:<code>ValueError</code> exception raised for
corrupted
IPv6 URL values.</p>
<p>These fixes the issue where exception :exc:<code>IndexError</code>
was
leaking from the internal code because of not being handled and
transformed into a user-facing error. The problem was happening
under the following conditions: empty IPv6 URL, brackets in
reverse order.</p>
<p>-- by :user:<code>MaelPic</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/yarl/issues/1512">#1512</a>.</p>
</li>
</ul>
<h2>Packaging updates and notes for downstreams</h2>
<ul>
<li>
<p>Updated to use Cython 3.1 universally across the build path -- by
:user:<code>lysnikolaou</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/yarl/issues/1514">#1514</a>.</p>
</li>
<li>
<p>Made Cython line tracing opt-in via the
<code>with-cython-tracing</code> build config setting -- by
:user:<code>bdraco</code>.</p>
<p>Previously, line tracing was enabled by default in
:file:<code>pyproject.toml</code>, which caused build issues for some
users and made wheels nearly twice as slow.
Now line tracing is only enabled when explicitly requested via <code>pip
install . --config-setting=with-cython-tracing=true</code> or by setting
the <code>YARL_CYTHON_TRACING</code> environment variable.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/yarl/issues/1521">#1521</a>.</p>
</li>
</ul>
<hr />
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/yarl/blob/master/CHANGES.rst">yarl's
changelog</a>.</em></p>
<blockquote>
<h1>1.22.0</h1>
<p><em>(2025-10-05)</em></p>
<h2>Features</h2>
<ul>
<li>
<p>Added arm64 Windows wheel builds
-- by :user:<code>finnagin</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
:issue:<code>1516</code>.</p>
</li>
</ul>
<hr />
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aio-libs/yarl/commit/ed241dedafda3a75ce17002aac28aa93927cff24"><code>ed241de</code></a>
Release 1.22.0 (<a
href="https://redirect.github.com/aio-libs/yarl/issues/1569">#1569</a>)</li>
<li><a
href="https://github.com/aio-libs/yarl/commit/38588fbed0ecee9110419d9b7492455423c70adb"><code>38588fb</code></a>
Add windows arm64 wheel builds (<a
href="https://redirect.github.com/aio-libs/yarl/issues/1516">#1516</a>)</li>
<li>See full diff in <a
href="https://github.com/aio-libs/yarl/compare/v1.21.0...v1.22.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=yarl&package-manager=pip&previous-version=1.21.0&new-version=1.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@Dreamsorcerer
[3.14] Drop Python 3.9 (#11601)
80eb0aa
@dependabot
Bump click from 8.1.8 to 8.3.0 (#11597)
54df652 
Bumps [click](https://github.com/pallets/click) from 8.1.8 to 8.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/click/releases">click's
releases</a>.</em></p>
<blockquote>
<h2>8.3.0</h2>
<p>This is the Click 8.3.0 feature release. A feature release may
include new features, remove previously deprecated code, add new
deprecation, or introduce potentially breaking changes.</p>
<p>We encourage everyone to upgrade. You can read more about our <a
href="https://palletsprojects.com/versions">Version Support Policy</a>
on our website.</p>
<p>PyPI: <a
href="https://pypi.org/project/click/8.3.0/">https://pypi.org/project/click/8.3.0/</a>
Changes: <a
href="https://click.palletsprojects.com/page/changes/#version-8-3-0">https://click.palletsprojects.com/page/changes/#version-8-3-0</a>
Milestone <a
href="https://github.com/pallets/click/milestone/27">https://github.com/pallets/click/milestone/27</a></p>
<ul>
<li>
<p><strong>Improved flag option handling</strong>: Reworked the
relationship between <code>flag_value</code>
and <code>default</code> parameters for better consistency:</p>
<ul>
<li>The <code>default</code> parameter value is now preserved as-is and
passed directly
to CLI functions (no more unexpected transformations)</li>
<li>Exception: flag options with <code>default=True</code> maintain
backward compatibility
by defaulting to their <code>flag_value</code></li>
<li>The <code>default</code> parameter can now be any type
(<code>bool</code>, <code>None</code>, etc.)</li>
<li>Fixes inconsistencies reported in: <a
href="https://redirect.github.com/pallets/click/issues/1992">#1992</a>
<a
href="https://redirect.github.com/pallets/click/issues/2514">#2514</a>
<a
href="https://redirect.github.com/pallets/click/issues/2610">#2610</a>
<a
href="https://redirect.github.com/pallets/click/issues/3024">#3024</a>
<a
href="https://redirect.github.com/pallets/click/issues/3030">#3030</a></li>
</ul>
</li>
<li>
<p>Allow <code>default</code> to be set on <code>Argument</code> for
<code>nargs = -1</code>. <a
href="https://redirect.github.com/pallets/click/issues/2164">#2164</a>
<a
href="https://redirect.github.com/pallets/click/issues/3030">#3030</a></p>
</li>
<li>
<p>Show correct auto complete value for <code>nargs</code> option in
combination with flag
option <a
href="https://redirect.github.com/pallets/click/issues/2813">#2813</a></p>
</li>
<li>
<p>Show correct auto complete value for nargs option in combination with
flag option <a
href="https://redirect.github.com/pallets/click/issues/2813">#2813</a></p>
</li>
<li>
<p>Fix handling of quoted and escaped parameters in Fish autocompletion.
<a
href="https://redirect.github.com/pallets/click/issues/2995">#2995</a>
<a
href="https://redirect.github.com/pallets/click/issues/3013">#3013</a></p>
</li>
<li>
<p>Lazily import <code>shutil</code>. <a
href="https://redirect.github.com/pallets/click/issues/3023">#3023</a></p>
</li>
<li>
<p>Properly forward exception information to resources registered with
<code>click.core.Context.with_resource()</code>. <a
href="https://redirect.github.com/pallets/click/issues/2447">#2447</a>
<a
href="https://redirect.github.com/pallets/click/issues/3058">#3058</a></p>
</li>
<li>
<p>Fix regression related to EOF handling in CliRunner. <a
href="https://redirect.github.com/pallets/click/issues/2939">#2939</a>
<a
href="https://redirect.github.com/pallets/click/issues/2940">#2940</a></p>
</li>
</ul>
<h2>8.2.2</h2>
<p>This is the Click 8.2.2 fix release, which fixes bugs but does not
otherwise change behavior and should not result in breaking changes
compared to the latest feature release.</p>
<p>PyPI: <a
href="https://pypi.org/project/click/8.2.2/">https://pypi.org/project/click/8.2.2/</a>
Changes: <a
href="https://click.palletsprojects.com/page/changes/#version-8-2-2">https://click.palletsprojects.com/page/changes/#version-8-2-2</a>
Milestone: <a
href="https://github.com/pallets/click/milestone/25">https://github.com/pallets/click/milestone/25</a></p>
<ul>
<li>Fix reconciliation of <code>default</code>, <code>flag_value</code>
and <code>type</code> parameters for
flag options, as well as parsing and normalization of environment
variables.
<a
href="https://redirect.github.com/pallets/click/issues/2952">#2952</a>
<a
href="https://redirect.github.com/pallets/click/issues/2956">#2956</a></li>
<li>Fix typing issue in <code>BadParameter</code> and
<code>MissingParameter</code> exceptions for the
parameter <code>param_hint</code> that did not allow for a sequence of
string where the
underlying functino <code>_join_param_hints</code> allows for it. <a
href="https://redirect.github.com/pallets/click/issues/2777">#2777</a>
<a
href="https://redirect.github.com/pallets/click/issues/2990">#2990</a></li>
<li>Use the value of <code>Enum</code> choices to render their default
value in help
screen. <a
href="https://redirect.github.com/pallets/click/issues/2911">#2911</a>
<a
href="https://redirect.github.com/pallets/click/issues/3004">#3004</a></li>
<li>Fix completion for the Z shell (<code>zsh</code>) for completion
items containing
colons. <a
href="https://redirect.github.com/pallets/click/issues/2703">#2703</a>
<a
href="https://redirect.github.com/pallets/click/issues/2846">#2846</a></li>
<li>Don't include envvar in error hint when not configured. <a
href="https://redirect.github.com/pallets/click/issues/2971">#2971</a>
<a
href="https://redirect.github.com/pallets/click/issues/2972">#2972</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/click/blob/main/CHANGES.rst">click's
changelog</a>.</em></p>
<blockquote>
<h2>Version 8.3.0</h2>
<p>Released 2025-09-17</p>
<ul>
<li>
<p><strong>Improved flag option handling</strong>: Reworked the
relationship between <code>flag_value</code>
and <code>default</code> parameters for better consistency:</p>
<ul>
<li>The <code>default</code> parameter value is now preserved as-is and
passed directly
to CLI functions (no more unexpected transformations)</li>
<li>Exception: flag options with <code>default=True</code> maintain
backward compatibility
by defaulting to their <code>flag_value</code></li>
<li>The <code>default</code> parameter can now be any type
(<code>bool</code>, <code>None</code>, etc.)</li>
<li>Fixes inconsistencies reported in: :issue:<code>1992</code>
:issue:<code>2514</code> :issue:<code>2610</code>
:issue:<code>3024</code> :pr:<code>3030</code></li>
</ul>
</li>
<li>
<p>Allow <code>default</code> to be set on <code>Argument</code> for
<code>nargs = -1</code>. :issue:<code>2164</code>
:pr:<code>3030</code></p>
</li>
<li>
<p>Show correct auto complete value for <code>nargs</code> option in
combination with flag
option :issue:<code>2813</code></p>
</li>
<li>
<p>Fix handling of quoted and escaped parameters in Fish autocompletion.
:issue:<code>2995</code> :pr:<code>3013</code></p>
</li>
<li>
<p>Lazily import <code>shutil</code>. :pr:<code>3023</code></p>
</li>
<li>
<p>Properly forward exception information to resources registered with
<code>click.core.Context.with_resource()</code>.
:issue:<code>2447</code> :pr:<code>3058</code></p>
</li>
<li>
<p>Fix regression related to EOF handling in CliRunner.
:issue:<code>2939</code> :pr:<code>2940</code></p>
</li>
</ul>
<h2>Version 8.2.2</h2>
<p>Released 2025-07-31</p>
<ul>
<li>Fix reconciliation of <code>default</code>, <code>flag_value</code>
and <code>type</code> parameters for
flag options, as well as parsing and normalization of environment
variables.
:issue:<code>2952</code> :pr:<code>2956</code></li>
<li>Fix typing issue in <code>BadParameter</code> and
<code>MissingParameter</code> exceptions for the
parameter <code>param_hint</code> that did not allow for a sequence of
string where the
underlying function <code>_join_param_hints</code> allows for it.
:issue:<code>2777</code> :pr:<code>2990</code></li>
<li>Use the value of <code>Enum</code> choices to render their default
value in help
screen. Refs :issue:<code>2911</code> :pr:<code>3004</code></li>
<li>Fix completion for the Z shell (<code>zsh</code>) for completion
items containing
colons. :issue:<code>2703</code> :pr:<code>2846</code></li>
<li>Don't include envvar in error hint when not configured.
:issue:<code>2971</code> :pr:<code>2972</code></li>
<li>Fix a rare race in <code>click.testing.StreamMixer</code>'s
finalization that manifested
as a <code>ValueError</code> on close in a multi-threaded test session.
:issue:<code>2993</code> :pr:<code>2991</code></li>
</ul>
<h2>Version 8.2.1</h2>
<p>Released 2025-05-20</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/click/commit/00fadb8904387158ce6e9aa1573be770446895c1"><code>00fadb8</code></a>
Release version 8.3.0</li>
<li><a
href="https://github.com/pallets/click/commit/2a0e3ba907927ade6951d5732b775f11b54cb766"><code>2a0e3ba</code></a>
testing/CliRunner: Fix regression related to EOF introduced in 262bdf0
(<a
href="https://redirect.github.com/pallets/click/issues/2940">#2940</a>)</li>
<li><a
href="https://github.com/pallets/click/commit/e11a1efc3395e998a1521a0dc35672a799e78d30"><code>e11a1ef</code></a>
Merge branch 'main' into fix-cli-runner-prompt-eof-handling</li>
<li><a
href="https://github.com/pallets/click/commit/36deba8a95a2585de1a2aa4475b7f054f52830ac"><code>36deba8</code></a>
Forward exception information to resources registered in a context (<a
href="https://redirect.github.com/pallets/click/issues/3058">#3058</a>)</li>
<li><a
href="https://github.com/pallets/click/commit/f2cae7ae997cd32311cab3dede4c2b89fe05e191"><code>f2cae7a</code></a>
<a
href="https://redirect.github.com/pallets/click/issues/2447">#2447</a>
Add summary of PR to changelog for 8.3.x</li>
<li><a
href="https://github.com/pallets/click/commit/7c7ec36354f49d1a092cb077fa4881ea4d70ba01"><code>7c7ec36</code></a>
<a
href="https://redirect.github.com/pallets/click/issues/2447">#2447</a>
Split resource exception handling tests in single and nested</li>
<li><a
href="https://github.com/pallets/click/commit/92129c552da88ac30b578132031efa4b003ecc46"><code>92129c5</code></a>
<a
href="https://redirect.github.com/pallets/click/issues/2447">#2447</a>
Added exception forwarding to context tests</li>
<li><a
href="https://github.com/pallets/click/commit/555fa9bb37770a6845a98be60b0c84876775552e"><code>555fa9b</code></a>
<a
href="https://redirect.github.com/pallets/click/issues/2447">#2447</a>
Forward exception data to exit stack when calling
<code>__exit__</code></li>
<li><a
href="https://github.com/pallets/click/commit/16fe802a3f96c4c8fa3cd382f1a7577fda0c5321"><code>16fe802</code></a>
Add more tests on <code>Enum</code> rendering (<a
href="https://redirect.github.com/pallets/click/issues/3053">#3053</a>)</li>
<li><a
href="https://github.com/pallets/click/commit/d36de6fc67882f23d7a7d61cd4c0e25e0f88b0ac"><code>d36de6f</code></a>
Add more tests on Enum rendering their item's names and not values</li>
<li>Additional commits viewable in <a
href="https://github.com/pallets/click/compare/8.1.8...8.3.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=click&package-manager=pip&previous-version=8.1.8&new-version=8.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump pytest-codspeed from 4.0.0 to 4.1.0 (#11590)
7057f1a 
Bumps [pytest-codspeed](https://github.com/CodSpeedHQ/pytest-codspeed)
from 4.0.0 to 4.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/CodSpeedHQ/pytest-codspeed/releases">pytest-codspeed's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.0</h2>
<h2>What's New?</h2>
<p>🚀 The new version of <a
href="https://github.com/CodSpeedHQ/instrument-hooks">CodSpeedHQ/instrument-hooks</a>
will improve the quality of the walltime profiling!</p>
<h2>Details</h2>
<h3>✨ Features</h3>
<ul>
<li>Bump instrument-hooks (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/87">#87</a>)
by <a
href="https://github.com/not-matthias"><code>@​not-matthias</code></a>
in <a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/87">#87</a></li>
</ul>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Use ParamSpec in instrument definition instead of tuple and dict by
<a href="https://github.com/art049"><code>@​art049</code></a></li>
<li>Use ParamSpec in the plugin call definition by <a
href="https://github.com/flying-sheep"><code>@​flying-sheep</code></a></li>
</ul>
<h3><!-- raw HTML omitted -->📚 Documentation</h3>
<ul>
<li>Add pull_request trigger comment by <a
href="https://github.com/adriencaccia"><code>@​adriencaccia</code></a></li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Internals</h3>
<ul>
<li>Exclude beta tags in changelog by <a
href="https://github.com/art049"><code>@​art049</code></a></li>
<li>Switch to sharded upload (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/75">#75</a>)
by <a href="https://github.com/art049"><code>@​art049</code></a> in <a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/75">#75</a></li>
<li>Fix changelog generation by <a
href="https://github.com/art049"><code>@​art049</code></a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/CodSpeedHQ/pytest-codspeed/compare/v4.0.0...v4.1.0">https://github.com/CodSpeedHQ/pytest-codspeed/compare/v4.0.0...v4.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/CodSpeedHQ/pytest-codspeed/blob/master/CHANGELOG.md">pytest-codspeed's
changelog</a>.</em></p>
<blockquote>
<h2>[4.1.0] - 2025-10-06</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Use ParamSpec in instrument definition instead of tuple and dict by
<a href="https://github.com/art049"><code>@​art049</code></a></li>
<li>Use ParamSpec in the plugin call definition by <a
href="https://github.com/flying-sheep"><code>@​flying-sheep</code></a></li>
</ul>
<h3><!-- raw HTML omitted -->📚 Documentation</h3>
<ul>
<li>Add pull_request trigger comment by <a
href="https://github.com/adriencaccia"><code>@​adriencaccia</code></a></li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Internals</h3>
<ul>
<li>Exclude beta tags in changelog by <a
href="https://github.com/art049"><code>@​art049</code></a></li>
<li>Bump instrument-hooks (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/87">#87</a>)
by <a
href="https://github.com/not-matthias"><code>@​not-matthias</code></a>
in <a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/87">#87</a></li>
<li>Switch to sharded upload (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/75">#75</a>)
by <a href="https://github.com/art049"><code>@​art049</code></a> in <a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/75">#75</a></li>
<li>Fix changelog generation by <a
href="https://github.com/art049"><code>@​art049</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/0a3c31b37e5ccb1c0cffea11f59303da6e13bf7b"><code>0a3c31b</code></a>
Release v4.1.0 🚀</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/6cb7a88ac1fdaa85d202f5c93a9c06427f1bade0"><code>6cb7a88</code></a>
chore: exclude beta tags in changelog</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/63eec3bf9a5f4e96903860d99722fd4a2eb7c9fa"><code>63eec3b</code></a>
chore: bump instrument-hooks (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/87">#87</a>)</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/192d881ab8501d77a470cffbd341fd9b66bcf4b4"><code>192d881</code></a>
ci: switch to sharded upload (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/75">#75</a>)</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/5f6971d8bf19f0e048244568a14b759e76ea9811"><code>5f6971d</code></a>
fix: use ParamSpec in instrument definition instead of tuple and
dict</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/44071fc1668ac2cd489017e3427a8c816a524d04"><code>44071fc</code></a>
fix: use ParamSpec in the plugin call definition</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/475be0c99deee08b0d07a6ee35eb51d0b1157258"><code>475be0c</code></a>
docs: add pull_request trigger comment</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/3e26619fa5d36309c4fa9a6cb9176cadf1381989"><code>3e26619</code></a>
chore: fix changelog generation</li>
<li>See full diff in <a
href="https://github.com/CodSpeedHQ/pytest-codspeed/compare/v4.0.0...v4.1.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pytest-codspeed&package-manager=pip&previous-version=4.0.0&new-version=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump github/codeql-action from 3 to 4 (#11608)
95dde8e 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.30.7</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.7 - 06 Oct 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.7/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.6</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.6 - 02 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.2. <a
href="https://redirect.github.com/github/codeql-action/pull/3168">#3168</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.6/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.5 - 26 Sep 2025</h2>
<ul>
<li>We fixed a bug that was introduced in <code>3.30.4</code> with
<code>upload-sarif</code> which resulted in files without a
<code>.sarif</code> extension not getting uploaded. <a
href="https://redirect.github.com/github/codeql-action/pull/3160">#3160</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.4</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.4 - 25 Sep 2025</h2>
<ul>
<li>We have improved the CodeQL Action's ability to validate that the
workflow it is used in does not use different versions of the CodeQL
Action for different workflow steps. Mixing different versions of the
CodeQL Action in the same workflow is unsupported and can lead to
unpredictable results. A warning will now be emitted from the
<code>codeql-action/init</code> step if different versions of the CodeQL
Action are detected in the workflow file. Additionally, an error will
now be thrown by the other CodeQL Action steps if they load a
configuration file that was generated by a different version of the
<code>codeql-action/init</code> step. <a
href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a>
and <a
href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li>
<li>We added support for reducing the size of dependency caches for Java
analyses, which will reduce cache usage and speed up workflows. This
will be enabled automatically at a later time. <a
href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li>
<li>You can now run the latest CodeQL nightly bundle by passing
<code>tools: nightly</code> to the <code>init</code> action. In general,
the nightly bundle is unstable and we only recommend running it when
directed by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3130">#3130</a></li>
<li>Update default CodeQL bundle version to 2.23.1. <a
href="https://redirect.github.com/github/codeql-action/pull/3118">#3118</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.4/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.3</h2>
<h1>CodeQL Action Changelog</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.2 - 30 Jun 2025</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.21 - 28 July 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.20 - 21 July 2025</h2>
<ul>
<li>Remove support for combining SARIF files from a single upload for
GHES 3.18, see <a
href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/aac66ec793240cfdd3037a81faa5b4d823045bc2"><code>aac66ec</code></a>
Remove <code>update-proxy-release</code> workflow</li>
<li><a
href="https://github.com/github/codeql-action/commit/91a63dc72c2c4c97e141018269495a7b62608d09"><code>91a63dc</code></a>
Remove <code>undefined</code> values from results of
<code>unsafeEntriesInvariant</code></li>
<li><a
href="https://github.com/github/codeql-action/commit/d25fa60a90ddfe309a83dd8606d2f3e0e5de15a7"><code>d25fa60</code></a>
ESLint: Disable <code>no-unused-vars</code> for parameters starting with
<code>_</code></li>
<li><a
href="https://github.com/github/codeql-action/commit/3adb1ff7b88abf82e97c2c42d9ac29a62769ba63"><code>3adb1ff</code></a>
Reorder supported tags in descending order</li>
<li>See full diff in <a
href="https://github.com/github/codeql-action/compare/v3...v4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump pydantic from 2.11.9 to 2.12.0 (#11609)
d0c4d61 
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.11.9 to
2.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/releases">pydantic's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.0 2025-10-07</h2>
<!-- raw HTML omitted -->
<h1>v2.12.0 (2025-10-07)</h1>
<blockquote>
<p>[!NOTE]
Check out the <a
href="https://pydantic.dev/articles/pydantic-v2-12-release">blog
post</a> for release highlights.</p>
</blockquote>
<p>This is the final 2.12 release. It features the work of 20 external
contributors and provides useful new features, along with initial Python
3.14 support. Several minor <a
href="https://pydantic.dev/articles/pydantic-v2-12-release#changes">changes</a>
(considered non-breaking changes according to our <a
href="https://docs.pydantic.dev/2.12/version-policy/#pydantic-v2">versioning
policy</a>) are also included in this release. Make sure to look into
them before upgrading.</p>
<p>Changes (see the <a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.0a1">2.12.0a1</a>
and <a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.0b1">2.12.0b1</a>
releases for additional changes since 2.11):</p>
<h4>Packaging</h4>
<ul>
<li>Update V1 copy to v1.10.24 by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12338">#12338</a></li>
</ul>
<h4>New Features</h4>
<ul>
<li>Add <code>extra</code> parameter to the validate functions by <a
href="https://github.com/anvilpete"><code>@​anvilpete</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12233">#12233</a></li>
<li>Add <code>exclude_computed_fields</code> serialization option by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12334">#12334</a></li>
<li>Add <code>preverse_empty_path</code> URL options by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12336">#12336</a></li>
<li>Add <code>union_format</code> parameter to JSON Schema generation by
<a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12147">#12147</a></li>
<li>Add <code>__qualname__</code> parameter for
<code>create_model</code> by <a
href="https://github.com/Atry"><code>@​Atry</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12001">#12001</a></li>
</ul>
<h4>Fixes</h4>
<ul>
<li>Do not try to infer name from lambda definitions in pipelines API by
<a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12289">#12289</a></li>
<li>Use proper namespace for functions in <code>TypeAdapter</code> by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12324">#12324</a></li>
<li>Use <code>Any</code> for context type annotation in
<code>TypeAdapter</code> by <a
href="https://github.com/inducer"><code>@​inducer</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12279">#12279</a></li>
<li>Expose <code>FieldInfo</code> in
<code>pydantic.fields.__all__</code> by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12339">#12339</a></li>
<li>Respect <code>validation_alias</code> in <code>@validate_call</code>
by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12340">#12340</a></li>
<li>Use <code>Any</code> as context annotation in plugin API by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12341">#12341</a></li>
<li>Use proper <code>stacklevel</code> in warnings when possible by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12342">#12342</a></li>
</ul>
<h3>New Contributors</h3>
<ul>
<li><a href="https://github.com/anvilpete"><code>@​anvilpete</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12233">#12233</a></li>
<li><a
href="https://github.com/JonathanWindell"><code>@​JonathanWindell</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12327">#12327</a></li>
<li><a href="https://github.com/inducer"><code>@​inducer</code></a> made
their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12279">#12279</a></li>
<li><a href="https://github.com/Atry"><code>@​Atry</code></a> made their
first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12001">#12001</a></li>
<li></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic/compare/v2.11.10...v2.12.0">https://github.com/pydantic/pydantic/compare/v2.11.10...v2.12.0</a></p>
<h2>v2.12.0b1 2025-10-03</h2>
<h2>v2.12.0b1 (2025-10-03)</h2>
<p>This is the first beta release of the upcoming 2.12 release.</p>
<h3>What's Changed</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/blob/main/HISTORY.md">pydantic's
changelog</a>.</em></p>
<blockquote>
<h2>v2.12.0 (2025-10-07)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.0">GitHub
release</a></p>
<h3>What's Changed</h3>
<p>This is the final 2.12 release. It features the work of 20 external
contributors and provides useful new features, along with initial Python
3.14 support.
Several minor changes (considered non-breaking changes according to our
<a
href="https://docs.pydantic.dev/2.12/version-policy/#pydantic-v2">versioning
policy</a>)
are also included in this release. Make sure to look into them before
upgrading.</p>
<p>Changes (see the alpha and beta releases for additional changes since
2.11):</p>
<h4>Packaging</h4>
<ul>
<li>Update V1 copy to v1.10.24 by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12338">#12338</a></li>
</ul>
<h4>New Features</h4>
<ul>
<li>Add <code>extra</code> parameter to the validate functions by <a
href="https://github.com/anvilpete"><code>@​anvilpete</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12233">#12233</a></li>
<li>Add <code>exclude_computed_fields</code> serialization option by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12334">#12334</a></li>
<li>Add <code>preverse_empty_path</code> URL options by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12336">#12336</a></li>
<li>Add <code>union_format</code> parameter to JSON Schema generation by
<a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12147">#12147</a></li>
<li>Add <code>__qualname__</code> parameter for
<code>create_model</code> by <a
href="https://github.com/Atry"><code>@​Atry</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12001">#12001</a></li>
</ul>
<h4>Fixes</h4>
<ul>
<li>Do not try to infer name from lambda definitions in pipelines API by
<a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12289">#12289</a></li>
<li>Use proper namespace for functions in <code>TypeAdapter</code> by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12324">#12324</a></li>
<li>Use <code>Any</code> for context type annotation in
<code>TypeAdapter</code> by <a
href="https://github.com/inducer"><code>@​inducer</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12279">#12279</a></li>
<li>Expose <code>FieldInfo</code> in
<code>pydantic.fields.__all__</code> by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12339">#12339</a></li>
<li>Respect <code>validation_alias</code> in <code>@validate_call</code>
by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12340">#12340</a></li>
<li>Use <code>Any</code> as context annotation in plugin API by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12341">#12341</a></li>
<li>Use proper <code>stacklevel</code> in warnings when possible by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12342">#12342</a></li>
</ul>
<h3>New Contributors</h3>
<ul>
<li><a href="https://github.com/anvilpete"><code>@​anvilpete</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12233">#12233</a></li>
<li><a
href="https://github.com/JonathanWindell"><code>@​JonathanWindell</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12327">#12327</a></li>
<li><a href="https://github.com/inducer"><code>@​inducer</code></a> made
their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12279">#12279</a></li>
<li><a href="https://github.com/Atry"><code>@​Atry</code></a> made their
first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12001">#12001</a></li>
</ul>
<h2>v2.12.0b1 (2025-10-03)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.0b1">GitHub
release</a></p>
<p>This is the first beta release of the upcoming 2.12 release.</p>
<h3>What's Changed</h3>
<h4>Packaging</h4>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pydantic/pydantic/commit/a7928e692e5a7841c4379d1af1fd37966941dade"><code>a7928e6</code></a>
Update Python version in documentation publishing CI job (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12344">#12344</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/0e188d02f30ce0a4bfeb6a719ce562084fb5621d"><code>0e188d0</code></a>
Prepare release 2.12.0 (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12343">#12343</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/1231eeea6943baa7d5167f72cb7b6116f4347e26"><code>1231eee</code></a>
Use proper <code>stacklevel</code> in warnings when possible (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12342">#12342</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/94989e0b09b8aeecfe0551c918bdc004ce9c0cf3"><code>94989e0</code></a>
Use <code>Any</code> as context annotation in plugin API (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12341">#12341</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/3f59a03ea3219d9e4efd02a504c59138f273723e"><code>3f59a03</code></a>
Add <code>__qualname__</code> parameter for <code>create_model</code>
(<a
href="https://redirect.github.com/pydantic/pydantic/issues/12001">#12001</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/28c62c33218258fdb0f53f7d26c607b24dd6ed50"><code>28c62c3</code></a>
Rewrite std types, fields and strict mode documentation (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12287">#12287</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/34baf1254115f113c031ffc0d9424bb89616ad49"><code>34baf12</code></a>
Add <code>union_format</code> parameter to JSON Schema generation (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12147">#12147</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/495b03f92dc9aedd18af454b69f2605ac402a580"><code>495b03f</code></a>
Add <code>preverse_empty_path</code> URL options (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12336">#12336</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/82d4254f30895c9a7ae63368a72e2aa4efa675d5"><code>82d4254</code></a>
Respect <code>validation_alias</code> in <code>@validate_call</code> (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12340">#12340</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/4bd84188a7f8a4a856b5e1923b27cbae28ee38b4"><code>4bd8418</code></a>
Expose <code>FieldInfo</code> in <code>pydantic.fields.__all__</code>
(<a
href="https://redirect.github.com/pydantic/pydantic/issues/12339">#12339</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pydantic/pydantic/compare/v2.11.9...v2.12.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pydantic&package-manager=pip&previous-version=2.11.9&new-version=2.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@patchback @JacobHenner
[PR #11611/49290944 backport][3.14] Do not assume Python 3.14 has std…
3cf4eba 
…lib zstd (#11613)

**This is a backport of PR #11611 as merged into master
(4929094).**

Co-authored-by: Jacob Henner <code@ventricle.us>
@patchback @JacobHenner
[PR #11611/49290944 backport][3.13] Do not assume Python 3.14 has std…
1798ef9 
…lib zstd (#11612)

**This is a backport of PR #11611 as merged into master
(4929094).**

---------

Co-authored-by: Jacob Henner <code@ventricle.us>
@dependabot
Bump tomli from 2.2.1 to 2.3.0 (#11619)
6bc08a7 
Bumps [tomli](https://github.com/hukkin/tomli) from 2.2.1 to 2.3.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/hukkin/tomli/blob/master/CHANGELOG.md">tomli's
changelog</a>.</em></p>
<blockquote>
<h2>2.3.0</h2>
<ul>
<li>Added
<ul>
<li>Binary wheels for Python 3.14 (also free-threaded)</li>
</ul>
</li>
<li>Performance
<ul>
<li>Reduced import time</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/hukkin/tomli/commit/3fccd16450d0f1d87c042473d95a07f60955206e"><code>3fccd16</code></a>
Bump version: 2.2.1 → 2.3.0</li>
<li><a
href="https://github.com/hukkin/tomli/commit/65040163ea9b528b2d37a1bb5df886472c310930"><code>6504016</code></a>
Add 2.3.0 changelog</li>
<li><a
href="https://github.com/hukkin/tomli/commit/0bc66fcab1f766fe410ffeebfe9ec1ec646f1681"><code>0bc66fc</code></a>
Remove now off-by-default PyPy from cibuildwheel skip list</li>
<li><a
href="https://github.com/hukkin/tomli/commit/0aa242f3188f4b892e434f1b4d23818fcd978615"><code>0aa242f</code></a>
Update license metadata to appease PEP 639</li>
<li><a
href="https://github.com/hukkin/tomli/commit/a18221eb5c3f4592285f533d48e68432132bc37b"><code>a18221e</code></a>
Bump GitHub CI actions</li>
<li><a
href="https://github.com/hukkin/tomli/commit/6fa4d90aa9bb1693b327c72fd18a6c925d1dd5d7"><code>6fa4d90</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/hukkin/tomli/issues/260">#260</a>)</li>
<li><a
href="https://github.com/hukkin/tomli/commit/b974fa13a96503546e47a895ac123d5c8425bc9a"><code>b974fa1</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/hukkin/tomli/issues/248">#248</a>)</li>
<li><a
href="https://github.com/hukkin/tomli/commit/f574f366d40b2fa0672177f06df4d6dfc4188356"><code>f574f36</code></a>
Update mypy to 1.15 and use <code>--strict</code> mode (<a
href="https://redirect.github.com/hukkin/tomli/issues/257">#257</a>)</li>
<li><a
href="https://github.com/hukkin/tomli/commit/1da01ef78fee9f491f55feb5e2d9fcf24d4977f0"><code>1da01ef</code></a>
Reduce import time by removing <code>typing</code> import (<a
href="https://redirect.github.com/hukkin/tomli/issues/251">#251</a>)</li>
<li><a
href="https://github.com/hukkin/tomli/commit/41881885a360e9f6526badafc1c5b2eec4133393"><code>4188188</code></a>
Reduce import time by removing <code>string</code> and
<code>tomli._types</code> imports</li>
<li>Additional commits viewable in <a
href="https://github.com/hukkin/tomli/compare/2.2.1...2.3.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tomli&package-manager=pip&previous-version=2.2.1&new-version=2.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump propcache from 0.4.0 to 0.4.1 (#11620)
8539183 
Bumps [propcache](https://github.com/aio-libs/propcache) from 0.4.0 to
0.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/propcache/releases">propcache's
releases</a>.</em></p>
<blockquote>
<h2>0.4.1</h2>
<h2>Bug fixes</h2>
<ul>
<li>
<p>Fixed reference leak caused by <code>Py_INCREF</code> because Cython
has its own reference counter systems -- by
:user:<code>Vizonex</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/propcache/issues/162">#162</a>.</p>
</li>
</ul>
<h2>Contributor-facing changes</h2>
<ul>
<li>
<p>Fixes the default value for the <code>os</code>
parameter in <code>reusable-build-wheel.yml</code>
to be <code>ubuntu-latest</code> instead of
<code>ubuntu</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/propcache/issues/155">#155</a>.</p>
</li>
</ul>
<hr />
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/propcache/blob/master/CHANGES.rst">propcache's
changelog</a>.</em></p>
<blockquote>
<h1>0.4.1</h1>
<p><em>(2025-10-08)</em></p>
<h2>Bug fixes</h2>
<ul>
<li>
<p>Fixed reference leak caused by <code>Py_INCREF</code> because Cython
has its own reference counter systems -- by
:user:<code>Vizonex</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
:issue:<code>162</code>.</p>
</li>
</ul>
<h2>Contributor-facing changes</h2>
<ul>
<li>
<p>Fixes the default value for the <code>os</code>
parameter in <code>reusable-build-wheel.yml</code>
to be <code>ubuntu-latest</code> instead of
<code>ubuntu</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
:issue:<code>155</code>.</p>
</li>
</ul>
<hr />
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aio-libs/propcache/commit/410fc9318e12b70c15e21c70ab75256d1c7b3f41"><code>410fc93</code></a>
Release 0.4.1 (<a
href="https://redirect.github.com/aio-libs/propcache/issues/163">#163</a>)</li>
<li><a
href="https://github.com/aio-libs/propcache/commit/fc73c8fce9b1c8797fa9d65ef877a9ac026aa506"><code>fc73c8f</code></a>
Fix Ref Leak (<a
href="https://redirect.github.com/aio-libs/propcache/issues/162">#162</a>)</li>
<li><a
href="https://github.com/aio-libs/propcache/commit/21ef3696b108653eb94a42e1a3875f60f9818b0d"><code>21ef369</code></a>
Bump github/codeql-action from 3 to 4 (<a
href="https://redirect.github.com/aio-libs/propcache/issues/160">#160</a>)</li>
<li><a
href="https://github.com/aio-libs/propcache/commit/beb42ef2d4dfd1f2c6f08eee482d6d966c95ce4e"><code>beb42ef</code></a>
Bump pytest-codspeed from 4.0.0 to 4.1.1 (<a
href="https://redirect.github.com/aio-libs/propcache/issues/161">#161</a>)</li>
<li><a
href="https://github.com/aio-libs/propcache/commit/48b7325733976a456d84ecc65c162529ff18ffe2"><code>48b7325</code></a>
Update default os parameter in reusable-build-wheel.yml to
'ubuntu-latest' (#...</li>
<li><a
href="https://github.com/aio-libs/propcache/commit/488c6477408b14f8a0bc49e93a9097d71a027d25"><code>488c647</code></a>
Bump version to 0.4.1.dev0 (<a
href="https://redirect.github.com/aio-libs/propcache/issues/151">#151</a>)</li>
<li>See full diff in <a
href="https://github.com/aio-libs/propcache/compare/v0.4.0...v0.4.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=propcache&package-manager=pip&previous-version=0.4.0&new-version=0.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump filelock from 3.19.1 to 3.20.0 (#11621)
18f2546 
Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.19.1 to
3.20.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tox-dev/py-filelock/releases">filelock's
releases</a>.</em></p>
<blockquote>
<h2>3.20.0</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>Add tox.toml to sdist by <a
href="https://github.com/mtelka"><code>@​mtelka</code></a> in <a
href="https://redirect.github.com/tox-dev/filelock/pull/436">tox-dev/filelock#436</a></li>
<li>Update docs with example by <a
href="https://github.com/znichollscr"><code>@​znichollscr</code></a> in
<a
href="https://redirect.github.com/tox-dev/filelock/pull/438">tox-dev/filelock#438</a></li>
<li>Add 3.14 support and drop 3.9 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/tox-dev/filelock/pull/448">tox-dev/filelock#448</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/mtelka"><code>@​mtelka</code></a> made
their first contribution in <a
href="https://redirect.github.com/tox-dev/filelock/pull/436">tox-dev/filelock#436</a></li>
<li><a
href="https://github.com/znichollscr"><code>@​znichollscr</code></a>
made their first contribution in <a
href="https://redirect.github.com/tox-dev/filelock/pull/438">tox-dev/filelock#438</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tox-dev/filelock/compare/3.19.1...3.20.0">https://github.com/tox-dev/filelock/compare/3.19.1...3.20.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tox-dev/filelock/commit/f7c3f8ea7defc21b3f0d736bb36711769cce840e"><code>f7c3f8e</code></a>
Add 3.14 support and drop 3.9 (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/448">#448</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/a95eec6245de176cf5aaaa95c187ce688d697277"><code>a95eec6</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/446">#446</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/f3e532fd35dbe480b25362a0e8b8e0aa41040c3f"><code>f3e532f</code></a>
Bump astral-sh/setup-uv from 6 to 7 (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/447">#447</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/1eff49a2aeb69f905a1ab9dc442fab5d7c601a3c"><code>1eff49a</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/445">#445</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/3c9448adeaebc0157cf5745dc5c40167678cf171"><code>3c9448a</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/444">#444</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/09f59904c1cadafaaa5b09b0d7ee8aa3b85c64f5"><code>09f5990</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/443">#443</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/5011a34d2881199529c6f25bd38b26314340bbde"><code>5011a34</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/442">#442</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/32372aa24897128b7c891d1c6b783ad368c7f114"><code>32372aa</code></a>
Bump pypa/gh-action-pypi-publish in /.github/workflows (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/441">#441</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/1af28f256cb6093e354aced4b4de15a483ddb827"><code>1af28f2</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/439">#439</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/66bcdb30cba57b8ee3dfb20b63aada74969afd81"><code>66bcdb3</code></a>
Update docs with example (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/438">#438</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tox-dev/py-filelock/compare/3.19.1...3.20.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=filelock&package-manager=pip&previous-version=3.19.1&new-version=3.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@ZhaoMJ
[PR #11623/df8ad83 backport][3.14] Fix zstd decompression for chunked…
8bc503e 
… zstd response (#11624)
@ZhaoMJ
[PR #11623/df8ad83 backport][3.13] Fix zstd decompression for chunked…
53620e0 
… zstd response (#11625)
@dependabot
Bump backports-zstd from 0.5.0 to 1.0.0 (#11629)
bd9caa4 
Bumps [backports-zstd](https://github.com/rogdham/backports.zstd) from
0.5.0 to 1.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Rogdham/backports.zstd/blob/master/CHANGELOG.md">backports-zstd's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/rogdham/backports.zstd/releases/tag/v1.0.0">1.0.0</a>
- 2025-10-10</h2>
<h3>:rocket: Added</h3>
<ul>
<li>Update code with CPython 3.14.0 version</li>
<li>Update type hints with typeshed <code>aa5202465</code></li>
<li>Update <code>pythoncapi-compat</code> dependency</li>
<li>Allow to use <code>libzstd</code> present on the system with the
<code>--system-zstd</code> build backend
argument</li>
<li>Check the <code>libzstd</code> version during build and at
runtime</li>
</ul>
<h3>:bug: Fixes</h3>
<ul>
<li>Fix import order issue by importing the <code>tarfile</code> and
<code>zipfile</code> modules only when
needed.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Rogdham/backports.zstd/commit/e244330a9933691fa1a228fe299b0fe4ad12e2c9"><code>e244330</code></a>
chore: prepare v1.0.0</li>
<li><a
href="https://github.com/Rogdham/backports.zstd/commit/d94dd5ebb0be6d2f32442b4eaf002f09dbe3a58f"><code>d94dd5e</code></a>
feat: update code from upstream 3.14.0</li>
<li><a
href="https://github.com/Rogdham/backports.zstd/commit/76f250c9195f7f03a5a87251cc31f712266f1ceb"><code>76f250c</code></a>
chore: update pythoncapi-compat</li>
<li><a
href="https://github.com/Rogdham/backports.zstd/commit/0d5560525042973c0c15c9267dcfe5c6192122b6"><code>0d55605</code></a>
chore: update type hints from upstream</li>
<li><a
href="https://github.com/Rogdham/backports.zstd/commit/b7eb0213a3289425466c435f32a10e970e13c619"><code>b7eb021</code></a>
feat: support dynamic linking to libzstd</li>
<li><a
href="https://github.com/Rogdham/backports.zstd/commit/17cc15bfba091e43ad6a77be3253005ff7beac2b"><code>17cc15b</code></a>
chore: fix PyPy build for EOL versions</li>
<li><a
href="https://github.com/Rogdham/backports.zstd/commit/8aad94fa8c46591b673c1f4819022c4775e91e8d"><code>8aad94f</code></a>
feat: update code from upstream 3.14.0rc3</li>
<li><a
href="https://github.com/Rogdham/backports.zstd/commit/07944293d91ff45474434f2b0ab08eab2961c7b1"><code>0794429</code></a>
Import tarfile/zipfile modules only when needed</li>
<li>See full diff in <a
href="https://github.com/rogdham/backports.zstd/compare/v0.5.0...v1.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=backports-zstd&package-manager=pip&previous-version=0.5.0&new-version=1.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump virtualenv from 20.34.0 to 20.35.1 (#11630)
4cc90ee 
Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.34.0 to
20.35.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/virtualenv/releases">virtualenv's
releases</a>.</em></p>
<blockquote>
<h2>20.35.1</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>release 20.34.0 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2954">pypa/virtualenv#2954</a></li>
<li>refactor: Decouple discovery module by <a
href="https://github.com/esafak"><code>@​esafak</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2956">pypa/virtualenv#2956</a></li>
<li>feat: ensure creation of python3.exe and python3 on Windows by <a
href="https://github.com/esafak"><code>@​esafak</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2957">pypa/virtualenv#2957</a></li>
<li>fix: Use getattr for tcl/tk library paths by <a
href="https://github.com/esafak"><code>@​esafak</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2945">pypa/virtualenv#2945</a></li>
<li>fix: Import fs_is_case_sensitive absolutely in py_info.py by <a
href="https://github.com/esafak"><code>@​esafak</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2960">pypa/virtualenv#2960</a></li>
<li>Declare 3.14 support by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2970">pypa/virtualenv#2970</a></li>
<li>release 20.35.0 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2971">pypa/virtualenv#2971</a></li>
<li>fix: Patch get_interpreter to handle missing cache and app_data by
<a href="https://github.com/esafak"><code>@​esafak</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2974">pypa/virtualenv#2974</a></li>
<li>Fix backwards incompatible changes on PythonInfo by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2975">pypa/virtualenv#2975</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/virtualenv/compare/20.34.0...20.35.1">https://github.com/pypa/virtualenv/compare/20.34.0...20.35.1</a></p>
<h2>20.35.0</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>release 20.34.0 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2954">pypa/virtualenv#2954</a></li>
<li>refactor: Decouple discovery module by <a
href="https://github.com/esafak"><code>@​esafak</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2956">pypa/virtualenv#2956</a></li>
<li>feat: ensure creation of python3.exe and python3 on Windows by <a
href="https://github.com/esafak"><code>@​esafak</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2957">pypa/virtualenv#2957</a></li>
<li>fix: Use getattr for tcl/tk library paths by <a
href="https://github.com/esafak"><code>@​esafak</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2945">pypa/virtualenv#2945</a></li>
<li>fix: Import fs_is_case_sensitive absolutely in py_info.py by <a
href="https://github.com/esafak"><code>@​esafak</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2960">pypa/virtualenv#2960</a></li>
<li>chore(deps): bump pypa/gh-action-pypi-publish from 1.12.3 to 1.13.0
in /.github/workflows by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2964">pypa/virtualenv#2964</a></li>
<li>Declare 3.14 support by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2970">pypa/virtualenv#2970</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/virtualenv/compare/20.34.0...20.35.0">https://github.com/pypa/virtualenv/compare/20.34.0...20.35.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's
changelog</a>.</em></p>
<blockquote>
<h2>v20.35.1 (2025-10-09)</h2>
<p>Bugfixes - 20.35.1</p>
<pre><code>- Patch get_interpreter to handle missing cache and app_data
- by :user:`esafak` (:issue:`2972`)
- Fix backwards incompatible changes to ``PythonInfo`` - by
:user:`gaborbernat`. (:issue:`2975`)
<h2>v20.35.0 (2025-10-08)</h2>
<p>Features - 20.35.0
</code></pre></p>
<ul>
<li>Add AppData and Cache protocols to discovery for decoupling - by
:user:<code>esafak</code>. (:issue:<code>2074</code>)</li>
<li>Ensure python3.exe and python3 on Windows for Python 3 - by
:user:<code>esafak</code>. (:issue:<code>2774</code>)</li>
</ul>
<p>Bugfixes - 20.35.0</p>
<pre><code>- Replaced direct references to tcl/tk library paths with
getattr - by :user:`esafak` (:issue:`2944`)
- Restore absolute import of fs_is_case_sensitive - by :user:`esafak`.
(:issue:`2955`)
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/virtualenv/commit/78a8dc2d1262eef0e48da8dc153f492a6e26f198"><code>78a8dc2</code></a>
release 20.35.1</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/2dbf4f2269b87782ddf9a9a0e6ff47096f9f62cc"><code>2dbf4f2</code></a>
Fix backwards incompatible changes on PythonInfo (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2975">#2975</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/de1820dd472786383f0ee393524141880fe4e055"><code>de1820d</code></a>
fix: Patch get_interpreter to handle missing cache and app_data (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2974">#2974</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/8e1ecc705a502705931e7576b8dd72bab90cde91"><code>8e1ecc7</code></a>
release 20.35.0 (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2971">#2971</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/89dc16bfe3a65b32b69bfaa7a882902f7a53c132"><code>89dc16b</code></a>
Declare 3.14 support (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2970">#2970</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/81d5187bc92056d204d297935cfb006a4986dfb0"><code>81d5187</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2965">#2965</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/6e1723a861171d6a4e5c7e45c1fb49abc8aec581"><code>6e1723a</code></a>
chore(deps): bump pypa/gh-action-pypi-publish from 1.12.3 to 1.13.0 in
/.gith...</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/9081de13c3b5cf45a747b0ea1793ba4622c200b5"><code>9081de1</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2962">#2962</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/5c5bf430b3e893c80a1bf22933c2c3a800a1b459"><code>5c5bf43</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2961">#2961</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/66d793edd347bc8792f5fe16f950c77f23f6b60c"><code>66d793e</code></a>
fix: Import fs_is_case_sensitive absolutely in py_info.py (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2960">#2960</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/virtualenv/compare/20.34.0...20.35.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.34.0&new-version=20.35.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump rich from 14.1.0 to 14.2.0 (#11631)
b31c0bc 
Bumps [rich](https://github.com/Textualize/rich) from 14.1.0 to 14.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Textualize/rich/releases">rich's
releases</a>.</em></p>
<blockquote>
<h2>The Easy as Pi release</h2>
<p>This release bumps Python compatibility to the just-released Python
3.14.</p>
<h2>[14.2.0] - 2025-10-09</h2>
<h3>Changed</h3>
<ul>
<li>Python3.14 compatibility <a
href="https://redirect.github.com/Textualize/rich/pull/3861">Textualize/rich#3861</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Textualize/rich/blob/master/CHANGELOG.md">rich's
changelog</a>.</em></p>
<blockquote>
<h2>[14.2.0] - 2025-10-09</h2>
<h3>Changed</h3>
<ul>
<li>Python3.14 compatibility <a
href="https://redirect.github.com/Textualize/rich/pull/3861">Textualize/rich#3861</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Textualize/rich/commit/494f83c923ca54ecc943bf5e60c0004e65fbb54e"><code>494f83c</code></a>
changelog</li>
<li><a
href="https://github.com/Textualize/rich/commit/d476e85a19ea62966a25f6df0e0a287da52ab35f"><code>d476e85</code></a>
Merge pull request <a
href="https://redirect.github.com/Textualize/rich/issues/3862">#3862</a>
from GeroZayas/docs/es-readme-sync-2025-10</li>
<li><a
href="https://github.com/Textualize/rich/commit/518daaa39c17bad485c970bf229424784fbdf044"><code>518daaa</code></a>
docs(es): sync README.es.md (macOS, 16 colors, Python 3.8+)</li>
<li><a
href="https://github.com/Textualize/rich/commit/cd5074f87804aac2f6e5c6143e1cac5e3a0bddc5"><code>cd5074f</code></a>
Merge pull request <a
href="https://redirect.github.com/Textualize/rich/issues/3861">#3861</a>
from Textualize/python314</li>
<li><a
href="https://github.com/Textualize/rich/commit/041406ca9b60af8fcc00cd7fc1b2973ab51eb851"><code>041406c</code></a>
removed asv</li>
<li><a
href="https://github.com/Textualize/rich/commit/655b5210cb1403100a646d167cf027eec760dd9f"><code>655b521</code></a>
test fixes</li>
<li><a
href="https://github.com/Textualize/rich/commit/27c2d2df7523315de4b81577d414db8c1c7312f9"><code>27c2d2d</code></a>
bump for Python3.14</li>
<li><a
href="https://github.com/Textualize/rich/commit/ea9d4db5d84b4e834979304e3053bf757daae322"><code>ea9d4db</code></a>
Update feature_request.md</li>
<li>See full diff in <a
href="https://github.com/Textualize/rich/compare/v14.1.0...v14.2.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rich&package-manager=pip&previous-version=14.1.0&new-version=14.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump pypa/cibuildwheel from 3.2.0 to 3.2.1 (#11639)
0ce6749 
Bumps [pypa/cibuildwheel](https://github.com/pypa/cibuildwheel) from
3.2.0 to 3.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/cibuildwheel/releases">pypa/cibuildwheel's
releases</a>.</em></p>
<blockquote>
<h2>v3.2.1</h2>
<ul>
<li>🛠 Update to CPython 3.14.0 final (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2614">#2614</a>)</li>
<li>🐛 Fix the default MACOSX_DEPLOYMENT_TARGET on Python 3.14 (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2613">#2613</a>)</li>
<li>📚 Docs improvements (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2617">#2617</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/cibuildwheel/blob/main/docs/changelog.md">pypa/cibuildwheel's
changelog</a>.</em></p>
<blockquote>
<h3>v3.2.1</h3>
<p><em>12 October 2025</em></p>
<ul>
<li>🛠 Update to CPython 3.14.0 final (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2614">#2614</a>)</li>
<li>🐛 Fix the default MACOSX_DEPLOYMENT_TARGET on Python 3.14 (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2613">#2613</a>)</li>
<li>📚 Docs improvements (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2617">#2617</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/cibuildwheel/commit/9c00cb4f6b517705a3794b22395aedc36257242c"><code>9c00cb4</code></a>
Bump version: v3.2.1</li>
<li><a
href="https://github.com/pypa/cibuildwheel/commit/ae65c7d85b7fbcc76e0102045329eb89e2d9b147"><code>ae65c7d</code></a>
[Bot] Update dependencies (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2614">#2614</a>)</li>
<li><a
href="https://github.com/pypa/cibuildwheel/commit/86c38579991e3e1d71779fb310d426918aebb7ae"><code>86c3857</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2615">#2615</a>)</li>
<li><a
href="https://github.com/pypa/cibuildwheel/commit/68b1a81bb255cbe2399a55dcd8dc4d116d6910dd"><code>68b1a81</code></a>
docs: include free-threading builds in identifier list (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2617">#2617</a>)</li>
<li><a
href="https://github.com/pypa/cibuildwheel/commit/f131cd793524b204270e93e9f3c95b8871312016"><code>f131cd7</code></a>
fix: Python 3.14 on macOS requires MACOSX_DEPLOYMENT_TARGET set to 10.15
(<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2613">#2613</a>)</li>
<li><a
href="https://github.com/pypa/cibuildwheel/commit/8602e864d4d22919d7d8eefb2346f2f89ea23252"><code>8602e86</code></a>
[Bot] Update dependencies (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2606">#2606</a>)</li>
<li><a
href="https://github.com/pypa/cibuildwheel/commit/8ccc2650de5ddf1ff3009ec585af70ed563a4aed"><code>8ccc265</code></a>
fix: resolve issues with macOS-15 runners (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2607">#2607</a>)</li>
<li><a
href="https://github.com/pypa/cibuildwheel/commit/c0c1dea51fcada641654170c0b8d9079225d7e7f"><code>c0c1dea</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2608">#2608</a>)</li>
<li>See full diff in <a
href="https://github.com/pypa/cibuildwheel/compare/v3.2.0...v3.2.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pypa/cibuildwheel&package-manager=github_actions&previous-version=3.2.0&new-version=3.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump virtualenv from 20.35.1 to 20.35.3 (#11640)
fa11279 
Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.35.1 to
20.35.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/virtualenv/releases">virtualenv's
releases</a>.</em></p>
<blockquote>
<h2>20.35.3</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>release 20.35.1 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2976">pypa/virtualenv#2976</a></li>
<li>Revert out effort to extract discovery by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2978">pypa/virtualenv#2978</a></li>
<li>release 20.35.2 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2980">pypa/virtualenv#2980</a></li>
<li>test_too_many_open_files fails by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2979">pypa/virtualenv#2979</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/virtualenv/compare/20.35.1...20.35.3">https://github.com/pypa/virtualenv/compare/20.35.1...20.35.3</a></p>
<h2>20.35.2</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>release 20.35.1 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2976">pypa/virtualenv#2976</a></li>
<li>Revert out effort to extract discovery by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2978">pypa/virtualenv#2978</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/virtualenv/compare/20.35.1...20.35.2">https://github.com/pypa/virtualenv/compare/20.35.1...20.35.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's
changelog</a>.</em></p>
<blockquote>
<h2>v20.35.3 (2025-10-10)</h2>
<p>Bugfixes - 20.35.3</p>
<pre><code>- Accept RuntimeError in `test_too_many_open_files`, by
:user:`esafak` (:issue:`2935`)
<h2>v20.35.2 (2025-10-10)</h2>
<p>Bugfixes - 20.35.2<br />
</code></pre></p>
<ul>
<li>Revert out changes related to the extraction of the discovery module
- by :user:<code>gaborbernat</code>. (:issue:<code>2978</code>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/virtualenv/commit/8a1160e2bab063f6d6ab6295052cece8dd805cba"><code>8a1160e</code></a>
release 20.35.3</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/a07135f34ad8f30c9921f05dc913ccd83e06679d"><code>a07135f</code></a>
test_too_many_open_files fails (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2979">#2979</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/e265338ec6e4e5437763f4a3ddef9b9f9cbc6a26"><code>e265338</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/virtualenv/issues/2980">#2980</a>
from gaborbernat/release-20.35.2</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/53872861ccf957ef7df2ba2020fba759f7b9c914"><code>5387286</code></a>
release 20.35.2</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/9b47ce9616bbac8379a6cb682b4429be935ed515"><code>9b47ce9</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/virtualenv/issues/2978">#2978</a>
from gaborbernat/2977</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/c5674f250657081691dfacfd84b683ff058d9b5c"><code>c5674f2</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/virtualenv/issues/2976">#2976</a>
from pypa/release-20.35.1</li>
<li>See full diff in <a
href="https://github.com/pypa/virtualenv/compare/20.35.1...20.35.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.35.1&new-version=20.35.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@cdce8p @webknjaz
[PR #9951 backport][3.13] Move metadata to pyproject.toml (#11641)
040dac3 
This is a backport of PR #9951
as merged into master
(6b5d8e7).

The metadata changes:

```diff
 ...
-Maintainer: aiohttp team <team@aiohttp.org>
-Maintainer-email: team@aiohttp.org
+Maintainer-email: aiohttp team <team@aiohttp.org>
 License: Apache-2.0 AND MIT
-Home-page: https://github.com/aio-libs/aiohttp
+Project-URL: Homepage, https://github.com/aio-libs/aiohttp
 ...
```


Modified the backport to include Python `3.9` in the classifier list
again as well as updated `requires-python` to `>= 3.9`.

---------

Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
@cdce8p @webknjaz
[PR #9951 backport][3.14] Move metadata to pyproject.toml (#11642)
dc04bbc 
This is a backport of PR #9951
as merged into master
(6b5d8e7).

The metadata changes:

```diff
 ...
-Maintainer: aiohttp team <team@aiohttp.org>
-Maintainer-email: team@aiohttp.org
+Maintainer-email: aiohttp team <team@aiohttp.org>
 License: Apache-2.0 AND MIT
-Home-page: https://github.com/aio-libs/aiohttp
+Project-URL: Homepage, https://github.com/aio-libs/aiohttp
 ...
```

Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
@dependabot
Bump actions/setup-node from 5 to 6 (#11648)
e6d9373 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 5
to 6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-node/releases">actions/setup-node's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<h2>What's Changed</h2>
<p><strong>Breaking Changes</strong></p>
<ul>
<li>Limit automatic caching to npm, update workflows and documentation
by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1374">actions/setup-node#1374</a></li>
</ul>
<p><strong>Dependency Upgrades</strong></p>
<ul>
<li>Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes
in v5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-node/pull/1336">#1336</a></li>
<li>Upgrade prettier from 2.8.8 to 3.6.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-node/pull/1334">#1334</a></li>
<li>Upgrade actions/publish-action from 0.3.0 to 0.4.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-node/pull/1362">#1362</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-node/compare/v5...v6.0.0">https://github.com/actions/setup-node/compare/v5...v6.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-node/commit/2028fbc5c25fe9cf00d9f06a71cc4710d4507903"><code>2028fbc</code></a>
Limit automatic caching to npm, update workflows and documentation (<a
href="https://redirect.github.com/actions/setup-node/issues/1374">#1374</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/13427813f706a0f6c9b74603b31103c40ab1c35a"><code>1342781</code></a>
Bump actions/publish-action from 0.3.0 to 0.4.0 (<a
href="https://redirect.github.com/actions/setup-node/issues/1362">#1362</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/89d709d423dc495668cd762a18dd4a070611be3f"><code>89d709d</code></a>
Bump prettier from 2.8.8 to 3.6.2 (<a
href="https://redirect.github.com/actions/setup-node/issues/1334">#1334</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/cd2651c46231bc0d6f48d6b34433b845331235fe"><code>cd2651c</code></a>
Bump ts-jest from 29.1.2 to 29.4.1 (<a
href="https://redirect.github.com/actions/setup-node/issues/1336">#1336</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-node/compare/v5...v6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-node&package-manager=github_actions&previous-version=5&new-version=6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump pydantic from 2.12.0 to 2.12.1 (#11649)
751c303 
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.12.0 to
2.12.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/releases">pydantic's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.1 2025-10-13</h2>
<h2>v2.12.1 (2025-10-13)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.1">GitHub
release</a></p>
<h3>What's Changed</h3>
<p>This is the first 2.12 patch release, addressing most (but not all
yet) regressions from the initial 2.12.0 release.</p>
<h4>Fixes</h4>
<ul>
<li>Do not evaluate annotations when inspecting validators and
serializers by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12355">#12355</a></li>
<li>Make sure <code>None</code> is converted as <code>NoneType</code> in
Python 3.14 by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12370">#12370</a></li>
<li>Backport V1 runtime warning when using Python 3.14 by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12367">#12367</a></li>
<li>Fix error message for invalid validator signatures by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12366">#12366</a></li>
<li>Populate field name in <code>ValidationInfo</code> for validation of
default value by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1826">pydantic-core#1826</a></li>
<li>Encode credentials in <code>MultiHostUrl</code> builder by <a
href="https://github.com/willswire"><code>@​willswire</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1829">pydantic-core#1829</a></li>
<li>Respect field serializers when using <code>serialize_as_any</code>
serialization flag by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1829">pydantic-core#1829</a></li>
<li>Fix various <code>RootModel</code> serialization issues by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1836">pydantic-core#1836</a></li>
</ul>
<h3>New Contributors</h3>
<ul>
<li><a href="https://github.com/willswire"><code>@​willswire</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1829">pydantic-core#1829</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic/compare/v2.12.0...v2.12.1">https://github.com/pydantic/pydantic/compare/v2.12.0...v2.12.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/blob/v2.12.1/HISTORY.md">pydantic's
changelog</a>.</em></p>
<blockquote>
<h2>v2.12.1 (2025-10-13)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.1">GitHub
release</a></p>
<h3>What's Changed</h3>
<p>This is the first 2.12 patch release, addressing most (but not all
yet) regressions from the initial 2.12.0 release.</p>
<h4>Fixes</h4>
<ul>
<li>Do not evaluate annotations when inspecting validators and
serializers by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12355">#12355</a></li>
<li>Make sure <code>None</code> is converted as <code>NoneType</code> in
Python 3.14 by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12370">#12370</a></li>
<li>Backport V1 runtime warning when using Python 3.14 by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12367">#12367</a></li>
<li>Fix error message for invalid validator signatures by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12366">#12366</a></li>
<li>Populate field name in <code>ValidationInfo</code> for validation of
default value by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1826">pydantic-core#1826</a></li>
<li>Encode credentials in <code>MultiHostUrl</code> builder by <a
href="https://github.com/willswire"><code>@​willswire</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1829">pydantic-core#1829</a></li>
<li>Respect field serializers when using <code>serialize_as_any</code>
serialization flag by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1829">pydantic-core#1829</a></li>
<li>Fix various <code>RootModel</code> serialization issues by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1836">pydantic-core#1836</a></li>
</ul>
<h3>New Contributors</h3>
<ul>
<li><a href="https://github.com/willswire"><code>@​willswire</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1829">pydantic-core#1829</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pydantic/pydantic/commit/b4076c66773b514d4891f036a4cc562b8ff0ff21"><code>b4076c6</code></a>
Prepare release 2.12.1</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/b67f07291167b4005a6eeee05fcad67b43a53f41"><code>b67f072</code></a>
Bump <code>pydantic-core</code> to v2.41.3</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/529f7ddc4a2eac8eb41b39d8b4d6c07997de46f8"><code>529f7dd</code></a>
Fix error message for invalid validator signatures</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/445fa79f2eda31e2a1922f9736f7613bbd9680b5"><code>445fa79</code></a>
Backport V1 runtime warning</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/b3dba9be0705293019c368d8acc5b8b60dcf5148"><code>b3dba9b</code></a>
Make sure <code>None</code> is converted as <code>NoneType</code> in
Python 3.14</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/1e8c41ee1327c153c713f47feb98a5fa7bb8ce89"><code>1e8c41e</code></a>
Do not evaluate annotations when inspecting validators and
serializers</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/e2a199fe4fc5f8cbc32c93840c9783b332b4f112"><code>e2a199f</code></a>
Upgrade dependencies for 3.14</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/79353e6a6b9fc7a34304d5981b670832044caa99"><code>79353e6</code></a>
Fix spelling in <code>model_dump()</code> docstring</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/aa6b6cd206253c24a46a5fb830e2ff029d21fb95"><code>aa6b6cd</code></a>
Fix typo in experimental.md documentation</li>
<li>See full diff in <a
href="https://github.com/pydantic/pydantic/compare/v2.12.0...v2.12.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pydantic&package-manager=pip&previous-version=2.12.0&new-version=2.12.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump charset-normalizer from 3.4.3 to 3.4.4 (#11650)
2fd4b40 
Bumps [charset-normalizer](https://github.com/jawah/charset_normalizer)
from 3.4.3 to 3.4.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jawah/charset_normalizer/releases">charset-normalizer's
releases</a>.</em></p>
<blockquote>
<h2>Version 3.4.4</h2>
<h2><a
href="https://github.com/Ousret/charset_normalizer/compare/3.4.3...3.4.4">3.4.4</a>
(2025-10-13)</h2>
<h3>Changed</h3>
<ul>
<li>Bound <code>setuptools</code> to a specific constraint
<code>setuptools&gt;=68,&lt;=81</code>.</li>
<li>Raised upper bound of mypyc for the optional pre-built extension to
v1.18.2</li>
</ul>
<h3>Removed</h3>
<ul>
<li><code>setuptools-scm</code> as a build dependency.</li>
</ul>
<h3>Misc</h3>
<ul>
<li>Enforced hashes in <code>dev-requirements.txt</code> and created
<code>ci-requirements.txt</code> for security purposes.</li>
<li>Additional pre-built wheels for riscv64, s390x, and armv7l
architectures.</li>
<li>Restore <code>multiple.intoto.jsonl</code> in GitHub releases in
addition to individual attestation file per wheel.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md">charset-normalizer's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/Ousret/charset_normalizer/compare/3.4.2...3.4.4">3.4.4</a>
(2025-10-13)</h2>
<h3>Changed</h3>
<ul>
<li>Bound <code>setuptools</code> to a specific constraint
<code>setuptools&gt;=68,&lt;=81</code>.</li>
<li>Raised upper bound of mypyc for the optional pre-built extension to
v1.18.2</li>
</ul>
<h3>Removed</h3>
<ul>
<li><code>setuptools-scm</code> as a build dependency.</li>
</ul>
<h3>Misc</h3>
<ul>
<li>Enforced hashes in <code>dev-requirements.txt</code> and created
<code>ci-requirements.txt</code> for security purposes.</li>
<li>Additional pre-built wheels for riscv64, s390x, and armv7l
architectures.</li>
<li>Restore <code> multiple.intoto.jsonl</code> in GitHub releases in
addition to individual attestation file per wheel.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/b30ffdcc2f11043c0d34e60fe66d3815cd49b32b"><code>b30ffdc</code></a>
:wrench: fix checksum step in cd.yml</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/d3fbfcfad7dfe3c640886f1a6a6351da527f6634"><code>d3fbfcf</code></a>
:wrench: fix cd.yml</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/dafbb95f8c00d3cc8b99158caa63006ffab98749"><code>dafbb95</code></a>
Release 3.4.4 (<a
href="https://redirect.github.com/jawah/charset_normalizer/issues/658">#658</a>)</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/1f18ffaa69d2c84fea7abedb8840197ba9c14562"><code>1f18ffa</code></a>
:arrow_up: raise mypy upper bound to 1.18.2</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/ef4ac69ad203891f24e26b2422ab3a08053044fa"><code>ef4ac69</code></a>
Merge branch 'release-3.4.4' of github.com:jawah/charset_normalizer into
rele...</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/4b35dda053db5e2e60a247e80a116e4ef04f439b"><code>4b35dda</code></a>
:pencil: write changelog for 3.4.4</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/0ec6452f1a34cbc77a55b237c4118807b44c2a33"><code>0ec6452</code></a>
:wrench: update cd.yml workflow (add riscv64, s390x and armv7l)</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/f341edec8a828dda394abfa011b1ded8b4b102e2"><code>f341ede</code></a>
:arrow_up: upgrade dependencies (dev, ci)</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/a308841e660a4d61ea6c448e7b8bf97415ecdc4a"><code>a308841</code></a>
:pencil: write changelog for 3.4.4</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/9c906da611d5ca5ef076d6bf7f60e629f661d0b0"><code>9c906da</code></a>
:wrench: update cd.yml workflow (add riscv64, s390x and armv7l)</li>
<li>Additional commits viewable in <a
href="https://github.com/jawah/charset_normalizer/compare/3.4.3...3.4.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=charset-normalizer&package-manager=pip&previous-version=3.4.3&new-version=3.4.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@Cycloctane
[PR #11633/b1bd65d backport][3.14] Make AppRunner's configuration opt…
c7b2015 
…ions available in run_app() (#11653)

(cherry picked from commit b1bd65d)
@Cycloctane
[PR #11633/b1bd65d backport][3.13] Make AppRunner's configuration opt…
b39fd63 
…ions available in run_app() (#11652)

(cherry picked from commit b1bd65d)
dependabot bot and others added 23 commits October 14, 2025 23:55
@dependabot
Bump platformdirs from 4.4.0 to 4.5.0 (#11622)
37da3f5 
Bumps [platformdirs](https://github.com/tox-dev/platformdirs) from 4.4.0
to 4.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tox-dev/platformdirs/releases">platformdirs's
releases</a>.</em></p>
<blockquote>
<h2>4.5.0</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/tox-dev/platformdirs/pull/376">tox-dev/platformdirs#376</a></li>
<li>Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 in the all
group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tox-dev/platformdirs/pull/378">tox-dev/platformdirs#378</a></li>
<li>Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 in
/.github/workflows by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tox-dev/platformdirs/pull/379">tox-dev/platformdirs#379</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/tox-dev/platformdirs/pull/381">tox-dev/platformdirs#381</a></li>
<li>Add support for Python 3.14 by <a
href="https://github.com/hugovk"><code>@​hugovk</code></a> in <a
href="https://redirect.github.com/tox-dev/platformdirs/pull/382">tox-dev/platformdirs#382</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/tox-dev/platformdirs/pull/383">tox-dev/platformdirs#383</a></li>
<li>Update Windows file paths in README by <a
href="https://github.com/ParadaCarleton"><code>@​ParadaCarleton</code></a>
in <a
href="https://redirect.github.com/tox-dev/platformdirs/pull/385">tox-dev/platformdirs#385</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/tox-dev/platformdirs/pull/384">tox-dev/platformdirs#384</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/tox-dev/platformdirs/pull/387">tox-dev/platformdirs#387</a></li>
<li>Bump astral-sh/setup-uv from 6 to 7 in the all group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tox-dev/platformdirs/pull/388">tox-dev/platformdirs#388</a></li>
<li>Drop 3.9 support by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/tox-dev/platformdirs/pull/389">tox-dev/platformdirs#389</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/ParadaCarleton"><code>@​ParadaCarleton</code></a>
made their first contribution in <a
href="https://redirect.github.com/tox-dev/platformdirs/pull/385">tox-dev/platformdirs#385</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tox-dev/platformdirs/compare/4.4.0...4.5.0">https://github.com/tox-dev/platformdirs/compare/4.4.0...4.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tox-dev/platformdirs/commit/3088c98f00f8c96d37eaa711593548c788da8bd5"><code>3088c98</code></a>
Drop 3.9 support (<a
href="https://redirect.github.com/tox-dev/platformdirs/issues/389">#389</a>)</li>
<li><a
href="https://github.com/tox-dev/platformdirs/commit/07bca5b164c0ffab360fe61f9bd12e618dc48380"><code>07bca5b</code></a>
Bump astral-sh/setup-uv from 6 to 7 in the all group (<a
href="https://redirect.github.com/tox-dev/platformdirs/issues/388">#388</a>)</li>
<li><a
href="https://github.com/tox-dev/platformdirs/commit/9d9c912130b066c8a9168007da6ba4e587363f61"><code>9d9c912</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/tox-dev/platformdirs/issues/387">#387</a>)</li>
<li><a
href="https://github.com/tox-dev/platformdirs/commit/dbfa4b6dfff6665f630bd630322edfbb9dce862d"><code>dbfa4b6</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/tox-dev/platformdirs/issues/384">#384</a>)</li>
<li><a
href="https://github.com/tox-dev/platformdirs/commit/f70bdf4f6fe852087c6ec90d11142ca7e47b6d2e"><code>f70bdf4</code></a>
Update Windows file paths in README (<a
href="https://redirect.github.com/tox-dev/platformdirs/issues/385">#385</a>)</li>
<li><a
href="https://github.com/tox-dev/platformdirs/commit/510a4b0acd9e2f472b91e0b85699c606e10a50e4"><code>510a4b0</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/tox-dev/platformdirs/issues/383">#383</a>)</li>
<li><a
href="https://github.com/tox-dev/platformdirs/commit/3f7d77f96a3ae9656ebc930b4ded52ec2fc1108b"><code>3f7d77f</code></a>
Add support for Python 3.14 (<a
href="https://redirect.github.com/tox-dev/platformdirs/issues/382">#382</a>)</li>
<li><a
href="https://github.com/tox-dev/platformdirs/commit/0cff624010beefe0c96d096c924d3d2b68909d06"><code>0cff624</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/tox-dev/platformdirs/issues/381">#381</a>)</li>
<li><a
href="https://github.com/tox-dev/platformdirs/commit/ebbdf85eaad26100ba7bf7379f4caa406bd9ebad"><code>ebbdf85</code></a>
Bump pypa/gh-action-pypi-publish in /.github/workflows (<a
href="https://redirect.github.com/tox-dev/platformdirs/issues/379">#379</a>)</li>
<li><a
href="https://github.com/tox-dev/platformdirs/commit/a64f6bb53f5311897edf7133c9844743775e4223"><code>a64f6bb</code></a>
Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 in the all group
(<a
href="https://redirect.github.com/tox-dev/platformdirs/issues/378">#378</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tox-dev/platformdirs/compare/4.4.0...4.5.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=platformdirs&package-manager=pip&previous-version=4.4.0&new-version=4.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump markdown-it-py from 3.0.0 to 4.0.0 (#11595)
325b680 
Bumps
[markdown-it-py](https://github.com/executablebooks/markdown-it-py) from
3.0.0 to 4.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/executablebooks/markdown-it-py/releases">markdown-it-py's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<h2>What's Changed</h2>
<p>This primarily drops support for Python 3.8 and 3.9, adds support for
Python 3.13,
and updates the parser to comply with Commonmark 0.31.2 and Markdown-It
v14.1.0.</p>
<h3>Upgrades</h3>
<ul>
<li>⬆️ Drop Python 3.8, test 3.13 by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/342">executablebooks/markdown-it-py#342</a></li>
<li>⬆️ Drop support for Python 3.9 by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/360">executablebooks/markdown-it-py#360</a></li>
<li>⬆️ Comply with Commonmark 0.31.2 by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/362">executablebooks/markdown-it-py#362</a></li>
</ul>
<h3>Improvements</h3>
<ul>
<li>👌 Improve performance of &quot;text&quot; inline rule by <a
href="https://github.com/hukkin"><code>@​hukkin</code></a> in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/347">executablebooks/markdown-it-py#347</a></li>
<li>👌 Use <code>str.removesuffix</code> by <a
href="https://github.com/hukkin"><code>@​hukkin</code></a> in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/348">executablebooks/markdown-it-py#348</a></li>
<li>👌 limit the number of autocompleted cells in a table by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/364">executablebooks/markdown-it-py#364</a></li>
<li>👌 fix quadratic complexity in reference parser by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/367">executablebooks/markdown-it-py#367</a></li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>🐛 Fix emphasis inside raw links bugs by <a
href="https://github.com/tsutsu3"><code>@​tsutsu3</code></a> in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/320">executablebooks/markdown-it-py#320</a></li>
</ul>
<h3>Maintenance</h3>
<ul>
<li>🔧 Replace black and isort with ruff formatter by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/313">executablebooks/markdown-it-py#313</a></li>
<li>🔧 Fixed Code Style paragraph still referring to flake8 by <a
href="https://github.com/venthur"><code>@​venthur</code></a> in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/309">executablebooks/markdown-it-py#309</a></li>
<li>🔧 Add &quot;store_labels&quot; to OptionsType by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/343">executablebooks/markdown-it-py#343</a></li>
<li>🔧 Move <code>code_style</code> to dependency group by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/344">executablebooks/markdown-it-py#344</a></li>
<li>🔧 Update codecov action by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/345">executablebooks/markdown-it-py#345</a></li>
<li>🔧 Update pre-commit and upload-artifact by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/359">executablebooks/markdown-it-py#359</a></li>
<li>🔧 Improve spec update script by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/361">executablebooks/markdown-it-py#361</a></li>
<li>🔧 simplify logic in scanDelims by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/365">executablebooks/markdown-it-py#365</a></li>
<li>🧪 Add CI testing for Python 3.12 by <a
href="https://github.com/hugovk"><code>@​hugovk</code></a> in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/303">executablebooks/markdown-it-py#303</a></li>
<li>🧪 Fix codecov by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/332">executablebooks/markdown-it-py#332</a></li>
</ul>
<h3>Documentation</h3>
<ul>
<li>📚 Fix typo by <a
href="https://github.com/bwagner"><code>@​bwagner</code></a> in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/315">executablebooks/markdown-it-py#315</a></li>
<li>📚 Fix RTD build by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/322">executablebooks/markdown-it-py#322</a></li>
<li>📚 DOCS: Fix a few old URLs by <a
href="https://github.com/elijahgreenstein"><code>@​elijahgreenstein</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/358">executablebooks/markdown-it-py#358</a></li>
<li>📚 Improve README by <a
href="https://github.com/mrmurilo75"><code>@​mrmurilo75</code></a> in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/340">executablebooks/markdown-it-py#340</a></li>
<li>📚 Fix CI badge link by <a
href="https://github.com/tsutsu3"><code>@​tsutsu3</code></a> in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/291">executablebooks/markdown-it-py#291</a></li>
<li>📚 Update docs by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/292">executablebooks/markdown-it-py#292</a></li>
<li>📚 Add icon to readme by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/293">executablebooks/markdown-it-py#293</a></li>
<li>📚 Update icon by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/294">executablebooks/markdown-it-py#294</a></li>
<li>📚 DOCS: Clarify docs regarding security configuration by <a
href="https://github.com/djramones"><code>@​djramones</code></a> in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/296">executablebooks/markdown-it-py#296</a></li>
<li>📚 Fix the RTD build by <a
href="https://github.com/chrisjsewell"><code>@​chrisjsewell</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/311">executablebooks/markdown-it-py#311</a></li>
<li>📚 DOCS: Fix typos by <a
href="https://github.com/elijahgreenstein"><code>@​elijahgreenstein</code></a>
in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/366">executablebooks/markdown-it-py#366</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/executablebooks/markdown-it-py/blob/master/CHANGELOG.md">markdown-it-py's
changelog</a>.</em></p>
<blockquote>
<h2>4.0.0 - 2024-08-10</h2>
<p>This primarily drops support for Python 3.9, adds support for Python
3.13,
and updates the parser to comply with Commonmark 0.31.2 and Markdown-It
v14.1.0.</p>
<ul>
<li>⬆️ Drop support for Python 3.9 in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/360">#360</a></li>
<li>⬆️ Comply with Commonmark 0.31.2 in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/362">#362</a></li>
<li>👌 Improve performance of &quot;text&quot; inline rule in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/347">#347</a></li>
<li>👌 Use <code>str.removesuffix</code> in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/348">#348</a></li>
<li>👌 limit the number of autocompleted cells in a table in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/364">#364</a></li>
<li>👌 fix quadratic complexity in reference parser in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/367">#367</a></li>
<li>🐛 Fix emphasis inside raw links bugs in <a
href="https://redirect.github.com/executablebooks/markdown-it-py/pull/320">#320</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/executablebooks/markdown-it-py/compare/v3.0.0...v4.0.0">https://github.com/executablebooks/markdown-it-py/compare/v3.0.0...v4.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/executablebooks/markdown-it-py/commit/c62983f1554124391b47170180e6c62df4d476ca"><code>c62983f</code></a>
🚀 RELEASE v4.0.0 (<a
href="https://redirect.github.com/executablebooks/markdown-it-py/issues/368">#368</a>)</li>
<li><a
href="https://github.com/executablebooks/markdown-it-py/commit/9e93bd554147ffb8582581e14620c7611103d2ff"><code>9e93bd5</code></a>
👌 fix quadratic complexity in reference parser (<a
href="https://redirect.github.com/executablebooks/markdown-it-py/issues/367">#367</a>)</li>
<li><a
href="https://github.com/executablebooks/markdown-it-py/commit/da45c8764b2077425c091fa1811bbb1c5f211bd1"><code>da45c87</code></a>
📚 DOCS: Fix typos (<a
href="https://redirect.github.com/executablebooks/markdown-it-py/issues/366">#366</a>)</li>
<li><a
href="https://github.com/executablebooks/markdown-it-py/commit/87b16e272bf8207182084e07a63253b98fc437d7"><code>87b16e2</code></a>
🔧 simplify logic in scanDelims (<a
href="https://redirect.github.com/executablebooks/markdown-it-py/issues/365">#365</a>)</li>
<li><a
href="https://github.com/executablebooks/markdown-it-py/commit/e4009641db528444b85d384af815e9cad997a016"><code>e400964</code></a>
👌 limit the number of autocompleted cells in a table (<a
href="https://redirect.github.com/executablebooks/markdown-it-py/issues/364">#364</a>)</li>
<li><a
href="https://github.com/executablebooks/markdown-it-py/commit/4535d77edcb5f51450a266135687eeae8bcc5033"><code>4535d77</code></a>
⬆️ Comply with Commonmark 0.31.2 (<a
href="https://redirect.github.com/executablebooks/markdown-it-py/issues/362">#362</a>)</li>
<li><a
href="https://github.com/executablebooks/markdown-it-py/commit/8eb20ac1cb63e09dcd78e84a0c71dab8446bb73c"><code>8eb20ac</code></a>
🔧 Improve spec update script (<a
href="https://redirect.github.com/executablebooks/markdown-it-py/issues/361">#361</a>)</li>
<li><a
href="https://github.com/executablebooks/markdown-it-py/commit/fb9d3ab646e4f752dc8fd52e1dd7613c350ff190"><code>fb9d3ab</code></a>
⬆️ Drop support for Python 3.9 (<a
href="https://redirect.github.com/executablebooks/markdown-it-py/issues/360">#360</a>)</li>
<li><a
href="https://github.com/executablebooks/markdown-it-py/commit/9ffe841832d33264201aaff120349f001a02953a"><code>9ffe841</code></a>
📚 DOCS: Fix a few old URLs (<a
href="https://redirect.github.com/executablebooks/markdown-it-py/issues/358">#358</a>)</li>
<li><a
href="https://github.com/executablebooks/markdown-it-py/commit/154fe43feb17947e2c933d0bb3e26618129909a8"><code>154fe43</code></a>
🔧 Update pre-commit and upload-artifact (<a
href="https://redirect.github.com/executablebooks/markdown-it-py/issues/359">#359</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/executablebooks/markdown-it-py/compare/v3.0.0...v4.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=markdown-it-py&package-manager=pip&previous-version=3.0.0&new-version=4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump pydantic from 2.12.1 to 2.12.2 (#11657)
af1661e 
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.12.1 to
2.12.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/releases">pydantic's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.2 2025-10-14</h2>
<h2>v2.12.2 (2025-10-14)</h2>
<h3>What's Changed</h3>
<h4>Fixes</h4>
<ul>
<li>Release a new <code>pydantic-core</code> version, as a corrupted
CPython 3.10 <code>manylinux2014_aarch64</code> wheel got uploaded (<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1843">pydantic-core#1843</a>).</li>
<li>Fix issue with recursive generic models with a parent model class by
<a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12398">#12398</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic/compare/v2.12.1...v2.12.2">https://github.com/pydantic/pydantic/compare/v2.12.1...v2.12.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/blob/v2.12.2/HISTORY.md">pydantic's
changelog</a>.</em></p>
<blockquote>
<h2>v2.12.2 (2025-10-14)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.2">GitHub
release</a></p>
<h3>What's Changed</h3>
<h4>Fixes</h4>
<ul>
<li>Release a new <code>pydantic-core</code> version, as a corrupted
CPython 3.10 <code>manylinux2014_aarch64</code> wheel got uploaded (<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1843">pydantic-core#1843</a>).</li>
<li>Fix issue with recursive generic models with a parent model class by
<a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12398">#12398</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pydantic/pydantic/commit/1e616a3a6fa0201f840c08143cac883e56a2d9df"><code>1e616a3</code></a>
Prepare release v2.12.2</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/dc302e2d09f0eed14729f69bc61a258f1f35d35c"><code>dc302e2</code></a>
Fix issue with recursive generic models with a parent model class</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/6876485d0cffeb66c915695574344ae4b03645a7"><code>6876485</code></a>
Bump <code>pydantic-core</code> to v2.41.4</li>
<li>See full diff in <a
href="https://github.com/pydantic/pydantic/compare/v2.12.1...v2.12.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pydantic&package-manager=pip&previous-version=2.12.1&new-version=2.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@sgaist
[PR #11580/d261f8a backport][3.14] Ensure that application/octet-stre…
1e24afc 
…am is the default content_type (#11655)

(cherry picked from commit d261f8a)
@patchback @thehesiod
[PR #11651/398329f6 backport][3.14] add xfail test for issue 11632 (#…
3ec6360 
…11659)

**This is a backport of PR #11651 as merged into master
(398329f).**

Co-authored-by: Alexander Mohr <thehesiod@users.noreply.github.com>
@patchback @thehesiod
[PR #11651/398329f6 backport][3.13] add xfail test for issue 11632 (#…
9cb35e2 
…11658)

**This is a backport of PR #11651 as merged into master
(398329f).**

Co-authored-by: Alexander Mohr <thehesiod@users.noreply.github.com>
@patchback @sgaist
[PR #11655/1e24afc9 backport][3.13] [PR #11580/d261f8a backport][3.14…
7e5a2d7 
…] Ensure that application/octet-stream is the default content_type (#11660)

**This is a backport of PR #11655 as merged into 3.14
(1e24afc).**

(cherry picked from commit d261f8a)

Co-authored-by: Samuel Gaist <samuel.gaist@idiap.ch>
@patchback @Dreamsorcerer
[PR #11654/302243e3 backport][3.14] Remove cherry-picker from require…
e162e4b 
…ments (#11662)

**This is a backport of PR #11654 as merged into master
(302243e).**

Co-authored-by: Sam Bull <git@sambull.org>
@patchback @Dreamsorcerer
[PR #11661/149a8105 backport][3.14] Fix type annotation (#11664)
dea08fd 
**This is a backport of PR #11661 as merged into master
(149a810).**

Co-authored-by: Sam Bull <git@sambull.org>
@patchback @Dreamsorcerer
[PR #11661/149a8105 backport][3.13] Fix type annotation (#11663)
7a86158 
**This is a backport of PR #11661 as merged into master
(149a810).**

Co-authored-by: Sam Bull <git@sambull.org>
@dependabot
Bump cryptography from 46.0.2 to 46.0.3 (#11669)
c5885b0 
Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.2
to 46.0.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's
changelog</a>.</em></p>
<blockquote>
<p>46.0.3 - 2025-10-15</p>
<pre><code>
* Fixed compilation when using LibreSSL 4.2.0.
<p>.. _v46-0-2:<br />
</code></pre></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pyca/cryptography/commit/c0af4dd7b75921bbe9f1d41a03dbd4b64a9e3403"><code>c0af4dd</code></a>
release 46.0.3 (<a
href="https://redirect.github.com/pyca/cryptography/issues/13681">#13681</a>)</li>
<li>See full diff in <a
href="https://github.com/pyca/cryptography/compare/46.0.2...46.0.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cryptography&package-manager=pip&previous-version=46.0.2&new-version=46.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump coverage from 7.10.7 to 7.11.0 (#11670)
c7e60c4 
Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.10.7 to
7.11.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst">coverage's
changelog</a>.</em></p>
<blockquote>
<h2>Version 7.11.0 — 2025-10-15</h2>
<ul>
<li>Dropped support for Python 3.9, declared support for Python 3.15
alpha.</li>
</ul>
<p>.. _changes_7-10-7:</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/nedbat/coveragepy/commit/20ef00b4abc33a52ffcb10de4d3144e29dbea6a3"><code>20ef00b</code></a>
docs: sample HTML for 7.11.0</li>
<li><a
href="https://github.com/nedbat/coveragepy/commit/5edf8ebf1f9754b32bad92d4826ed651614d9b94"><code>5edf8eb</code></a>
docs: prep for 7.11.0</li>
<li><a
href="https://github.com/nedbat/coveragepy/commit/2c023ae7a1c50e375d20c31b0b8c693416ba92a5"><code>2c023ae</code></a>
build: 3.15 is supported</li>
<li><a
href="https://github.com/nedbat/coveragepy/commit/2f1b95b0bd913397da3236155ca78e2117731247"><code>2f1b95b</code></a>
refactor: no need for _BaseCoverageException</li>
<li><a
href="https://github.com/nedbat/coveragepy/commit/72b1bcc77e0062eefaf9d1da40c6b8c2ef0ec27e"><code>72b1bcc</code></a>
build: test light-threads on all versions of Python</li>
<li><a
href="https://github.com/nedbat/coveragepy/commit/16e93797527eada3417afc439fc4b28a432d6efc"><code>16e9379</code></a>
refactor: move core tests to their own file</li>
<li><a
href="https://github.com/nedbat/coveragepy/commit/bc8875db8f98439c046f4c141cb7aecdaa8d1f56"><code>bc8875d</code></a>
test: change a test to be in-process so metacov can capture its
work</li>
<li><a
href="https://github.com/nedbat/coveragepy/commit/8e5d5b1bd53147e8618019191a062d2b86747355"><code>8e5d5b1</code></a>
build: tweak some version info</li>
<li><a
href="https://github.com/nedbat/coveragepy/commit/b0236dffef02f1aa219326b96230bdf26b9f5e6c"><code>b0236df</code></a>
test: more tests for core selection, and some refactoring of them</li>
<li><a
href="https://github.com/nedbat/coveragepy/commit/56edde623ae497c3638e608ef6803583c1db8720"><code>56edde6</code></a>
build: next version will be 7.11.0</li>
<li>Additional commits viewable in <a
href="https://github.com/nedbat/coveragepy/compare/7.10.7...7.11.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=coverage&package-manager=pip&previous-version=7.10.7&new-version=7.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@patchback @alastairvox
[PR #11666/1590c860 backport][3.14] add xfail test for #11665 (#11672)
ec0f7aa 
**This is a backport of PR #11666 as merged into master
(1590c86).**

Co-authored-by: Alastair <22815637+alastairvox@users.noreply.github.com>
@patchback @alastairvox
[PR #11666/1590c860 backport][3.13] add xfail test for #11665 (#11671)
6ce4f1d 
**This is a backport of PR #11666 as merged into master
(1590c86).**

Co-authored-by: Alastair <22815637+alastairvox@users.noreply.github.com>
@patchback @enioxt
[PR #11674/c3685dac backport][3.14] docs: clarify that request() midd…
52afe62 
…lewares replace session middlewares (#11678)

**This is a backport of PR #11674 as merged into master
(c3685da).**

Co-authored-by: enioxt <enioxt@gmail.com>
@patchback @enioxt
[PR #11674/c3685dac backport][3.13] docs: clarify that request() midd…
b8eff25 
…lewares replace session middlewares (#11677)

**This is a backport of PR #11674 as merged into master
(c3685da).**

Co-authored-by: enioxt <enioxt@gmail.com>
@patchback @Dreamsorcerer
[PR #11673/e8c5252c backport][3.14] Fix domain matching being lower p…
fb69cf0 
…riority than path matching (#11676)

**This is a backport of PR #11673 as merged into master
(e8c5252).**

Co-authored-by: Sam Bull <git@sambull.org>
@patchback @Dreamsorcerer
[PR #11673/e8c5252c backport][3.13] Fix domain matching being lower p…
e618dcb 
…riority than path matching (#11675)

**This is a backport of PR #11673 as merged into master
(e8c5252).**

Co-authored-by: Sam Bull <git@sambull.org>
@bdraco
[PR #11634/cde03b9 backport][3.13] Fix blocking I/O to load netrc whe…
b2ddca1 
…n creating requests (#11680)
@bdraco
[PR #11634/cde03b9 backport][3.14] Fix blocking I/O to load netrc whe…
46ef156 
…n creating requests (#11679)
@Dreamsorcerer
Release v3.13.1 (#11684)
ff12dad
@Dreamsorcerer
Merge branch '3.13' into 3.14
dbd09e4
@Dreamsorcerer
Merge branch '3.14'
a7c21bb
@pull pull bot locked and limited conversation to collaborators Oct 17, 2025
@pull pull bot added the ⤵️ pull label Oct 17, 2025
@pull pull bot merged commit a7c21bb into tj-python:master Oct 17, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

⤵️ pull

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@Dreamsorcerer @ZhaoMJ @cdce8p @Cycloctane @sgaist @bdraco