Build(deps): Bump the pip-dependencies group across 1 directory with 28 updates

[dependabot]

Bumps the pip-dependencies group with 28 updates in the / directory:

Package	From	To
alembic	1.16.5	1.18.1
beautifulsoup4	4.13.5	4.14.3
certifi	2025.10.5	2026.1.4
charset-normalizer	3.4.3	3.4.4
click	8.1.8	8.3.1
google-auth	2.40.3	2.47.0
google-auth-oauthlib	1.2.2	1.2.4
greenlet	3.2.4	3.3.0
idna	3.10	3.11
importlib-metadata	8.7.0	8.7.1
kombu	5.5.4	5.6.2
markupsafe	3.0.2	3.0.3
pillow	11.3.0	12.1.0
pyasn1	0.6.1	0.6.2
pytest	8.4.2	9.0.2
python-dotenv	1.1.1	1.2.1
soupsieve	2.8	2.8.2
sqlalchemy	2.0.43	2.0.45
urllib3	2.5.0	2.6.3
wcwidth	0.2.13	0.2.14
websocket-client	1.8.0	1.9.0
wsproto	1.2.0	1.3.2
werkzeug	3.1.3	3.1.5
celery	5.5.3	5.6.2
jsonschema	4.25.1	4.26.0
flask-admin	2.0.1	2.0.2
psycopg2-binary	2.9.10	2.9.11
psutil	7.0.0	7.2.1

Updates alembic from 1.16.5 to 1.18.1

Release notes

Sourced from alembic's releases.

1.18.1

Released: January 14, 2026

bug

• [bug] [autogenerate] Fixed issue in new plugin system where the configured logger was not correctly using the __name__ token to identify the logger.

  References: #1779

• [bug] [operations] Revised the change regarding SQLAlchemy 2.1 and deprecation warnings related to isolate_from_table=True. Further developments in release 2.1 have revised how this parameter will be modified.

1.18.0

Released: January 9, 2026

feature

• [feature] [operations] When alembic is run in "verbose" mode, alembic now logs a message to indicate from which file is used to load the configuration.

  References: #1737

• [feature] [autogenerate] Autogenerate reflection sweeps now use the "bulk" inspector methods introduced in SQLAlchemy 2.0, which for selected dialects including PostgreSQL and Oracle use batched queries to reflect whole collections of tables using O(1) queries rather than O(N).

  References: #1771

• [feature] [autogenerate] Release 1.18.0 introduces a plugin system that allows for automatic loading of third-party extensions as well as configurable autogenerate compare functionality on a per-environment basis.

  The Plugin class provides a common interface for extensions that register handlers among Alembic's existing extension points such as Operations.register_operation() and Operations.implementation_for(). A new interface for registering autogenerate comparison handlers, Plugin.add_autogenerate_comparator(), provides for autogenerate compare functionality that may be custom-configured on a per-environment basis using the new EnvironmentContext.configure.autogenerate_plugins parameter.

  The change does not impact well known Alembic add-ons such as

... (truncated)

Commits

• See full diff in compare view

Updates beautifulsoup4 from 4.13.5 to 4.14.3

Updates certifi from 2025.10.5 to 2026.1.4

Commits

• c64d9f3 2026.01.04 (#389)
• 4ac232f Bump actions/download-artifact from 6.0.0 to 7.0.0 (#387)
• 95ae4b2 Update CI workflow to use Ubuntu 24.04 and Python 3.14 stable (#386)
• b72a7b1 Bump dessant/lock-threads from 5.0.1 to 6.0.0 (#385)
• ecc2672 Bump actions/upload-artifact from 5.0.0 to 6.0.0 (#384)
• 6a897db Bump peter-evans/create-pull-request from 7.0.11 to 8.0.0 (#383)
• 27ca98a Bump peter-evans/create-pull-request from 7.0.9 to 7.0.11 (#381)
• 56c59a6 Bump actions/checkout from 6.0.0 to 6.0.1 (#382)
• ae0021c Bump actions/setup-python from 6.0.0 to 6.1.0 (#380)
• ddf5d0b Bump actions/checkout from 5.0.1 to 6.0.0 (#378)
• Additional commits viewable in compare view

Updates charset-normalizer from 3.4.3 to 3.4.4

Release notes

Sourced from charset-normalizer's releases.

Version 3.4.4

3.4.4 (2025-10-13)

Changed

• Bound setuptools to a specific constraint setuptools>=68,<=81.
• Raised upper bound of mypyc for the optional pre-built extension to v1.18.2

Removed

• setuptools-scm as a build dependency.

Misc

• Enforced hashes in dev-requirements.txt and created ci-requirements.txt for security purposes.
• Additional pre-built wheels for riscv64, s390x, and armv7l architectures.
• Restore multiple.intoto.jsonl in GitHub releases in addition to individual attestation file per wheel.

Changelog

Sourced from charset-normalizer's changelog.

3.4.4 (2025-10-13)

Changed

• Bound setuptools to a specific constraint setuptools>=68,<=81.
• Raised upper bound of mypyc for the optional pre-built extension to v1.18.2

Removed

• setuptools-scm as a build dependency.

Misc

• Enforced hashes in dev-requirements.txt and created ci-requirements.txt for security purposes.
• Additional pre-built wheels for riscv64, s390x, and armv7l architectures.
• Restore multiple.intoto.jsonl in GitHub releases in addition to individual attestation file per wheel.

Commits

• b30ffdc 🔧 fix checksum step in cd.yml
• d3fbfcf 🔧 fix cd.yml
• dafbb95 Release 3.4.4 (#658)
• 1f18ffa ⬆️ raise mypy upper bound to 1.18.2
• ef4ac69 Merge branch 'release-3.4.4' of github.com:jawah/charset_normalizer into rele...
• 4b35dda 📝 write changelog for 3.4.4
• 0ec6452 🔧 update cd.yml workflow (add riscv64, s390x and armv7l)
• f341ede ⬆️ upgrade dependencies (dev, ci)
• a308841 📝 write changelog for 3.4.4
• 9c906da 🔧 update cd.yml workflow (add riscv64, s390x and armv7l)
• Additional commits viewable in compare view

Updates click from 8.1.8 to 8.3.1

Release notes

Sourced from click's releases.

8.3.1

This is the Click 8.3.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.3.1/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-1 Milestone: https://github.com/pallets/click/milestone/28

• Don't discard pager arguments by correctly using subprocess.Popen. #3039 #3055
• Replace Sentinel.UNSET default values by None as they're passed through the Context.invoke() method. #3066 #3065 #3068
• Fix conversion of Sentinel.UNSET happening too early, which caused incorrect behavior for multiple parameters using the same name. #3071 #3079
• Fix rendering when prompt and confirm parameter prompt_suffix is empty. #3019 #3021
• When Sentinel.UNSET is found during parsing, it will skip calls to type_cast_value. #3069 #3090
• Hide Sentinel.UNSET values as None when looking up for other parameters through the context inside parameter callbacks. #3136 #3137

8.3.0

This is the Click 8.3.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.

We encourage everyone to upgrade. You can read more about our Version Support Policy on our website.

PyPI: https://pypi.org/project/click/8.3.0/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-0 Milestone https://github.com/pallets/click/milestone/27

• Improved flag option handling: Reworked the relationship between flag_value and default parameters for better consistency:

  • The default parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)
  • Exception: flag options with default=True maintain backward compatibility by defaulting to their flag_value
  • The default parameter can now be any type (bool, None, etc.)
  • Fixes inconsistencies reported in: #1992 #2514 #2610 #3024 #3030

• Allow default to be set on Argument for nargs = -1. #2164 #3030

• Show correct auto complete value for nargs option in combination with flag option #2813

• Show correct auto complete value for nargs option in combination with flag option #2813

• Fix handling of quoted and escaped parameters in Fish autocompletion. #2995 #3013

• Lazily import shutil. #3023

• Properly forward exception information to resources registered with click.core.Context.with_resource(). #2447 #3058

• Fix regression related to EOF handling in CliRunner. #2939 #2940

8.2.2

This is the Click 8.2.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.2.2/

... (truncated)

Changelog

Sourced from click's changelog.

Version 8.3.1

Released 2025-11-15

• Don't discard pager arguments by correctly using subprocess.Popen. :issue:3039 :pr:3055
• Replace Sentinel.UNSET default values by None as they're passed through the Context.invoke() method. :issue:3066 :issue:3065 :pr:3068
• Fix conversion of Sentinel.UNSET happening too early, which caused incorrect behavior for multiple parameters using the same name. :issue:3071 :pr:3079
• Hide Sentinel.UNSET values as None when looking up for other parameters through the context inside parameter callbacks. :issue:3136 :pr:3137
• Fix rendering when prompt and confirm parameter prompt_suffix is empty. :issue:3019 :pr:3021
• When Sentinel.UNSET is found during parsing, it will skip calls to type_cast_value. :issue:3069 :pr:3090

Version 8.3.0

Released 2025-09-17

• Improved flag option handling: Reworked the relationship between flag_value and default parameters for better consistency:

  • The default parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)
  • Exception: flag options with default=True maintain backward compatibility by defaulting to their flag_value
  • The default parameter can now be any type (bool, None, etc.)
  • Fixes inconsistencies reported in: :issue:1992 :issue:2514 :issue:2610 :issue:3024 :pr:3030

• Allow default to be set on Argument for nargs = -1. :issue:2164 :pr:3030

• Show correct auto complete value for nargs option in combination with flag option :issue:2813

• Fix handling of quoted and escaped parameters in Fish autocompletion. :issue:2995 :pr:3013

• Lazily import shutil. :pr:3023

• Properly forward exception information to resources registered with click.core.Context.with_resource(). :issue:2447 :pr:3058

• Fix regression related to EOF handling in CliRunner. :issue:2939 :pr:2940

Version 8.2.2

Released 2025-07-31

• Fix reconciliation of default, flag_value and type parameters for flag options, as well as parsing and normalization of environment variables.

... (truncated)

Commits

• 1d038f2 release version 8.3.1
• 03f3889 Fix Ruff UP038 warning (#3141)
• 3867781 Fix Ruff UP038 warning
• b91bb95 Provide altered context to callbacks to hide UNSET values as None (#3137)
• 437e1e3 Temporarily provide a fake context to the callback to hide UNSET values as ...
• ea70da4 Don't test using a file in docs/ (#3102)
• e27b307 Make uv run --all-extras pyright --verifytypes click pass (#3072)
• a92c573 Fix test_edit to work with BSD sed (#3129)
• bd131e1 Fix test_edit to work with BSD sed
• 0b5c6b7 Add Best practices section (#3127)
• Additional commits viewable in compare view

Updates google-auth from 2.40.3 to 2.47.0

Release notes

Sourced from google-auth's releases.

google-auth 2.47.0

2.47.0 (2026-01-06)

Features

• drop cachetools dependency in favor of simple local implementation (#1590) (5c07e1c4)

Bug Fixes

• Python 3.8 support (#1918) (60dc2001)

google-auth 2.46.0

2.46.0 (2026-01-05)

Features

• Recognize workload certificate config in has_default_client_cert_source for mTLS for Agentic Identities (#1907) (0b9107d5)

Bug Fixes

• Fix test coverage for mtls_helper (#1886) (02e71631)

• use .read() instead of .content.read() in aiohttp transport (#1899) (12f4470f)

• add types to default and verify_token and Request init based on comments in the source code. (#1588) (59a5f588)

• fix the document of secure_authorized_session (#1536) (5d001470)

• raise RefreshError for missing token in impersonated credentials (#1897) (94d04e09)

• remove setup.cfg configuration for creating universal wheels (#1693) (c767531c)

Documentation

• update urllib3 docstrings for v2 compatibility (#1903) (3f1aeea2)

google-auth 2.45.0

2.45.0 (2025-12-15)

Features

• Adding Agent Identity bound token support and handling certificate mismatches with retries (#1890) (b32c934e)

google-auth 2.44.0

2.44.0 (2025-12-12)

Features

• MDS connections use mTLS (#1856) (0387bb95)

... (truncated)

Changelog

Sourced from google-auth's changelog.

2.47.0 (2026-01-06)

Features

• drop cachetools dependency in favor of simple local implementation (#1590) (5c07e1c4f52bc77a1b16fa3b7b3c5269c242f6f4)

Bug Fixes

• Python 3.8 support (#1918) (60dc20014a35ec4ba71e8065b9a33ecbdbeca97a)

2.46.0 (2026-01-05)

Documentation

• update urllib3 docstrings for v2 compatibility (#1903) (3f1aeea2d1014ea1d244a4c3470e52d74d55404b)

Features

• Recognize workload certificate config in has_default_client_cert_source for mTLS for Agentic Identities (#1907) (0b9107d573123e358c347ffa067637f992af61b4)

Bug Fixes

• add types to default and verify_token and Request init based on comments in the source code. (#1588) (59a5f588f7793b59d923a4185c8c07738da618f7)
• fix the document of secure_authorized_session (#1536) (5d0014707fc359782df5ccfcaa75fd372fe9dce3)
• remove setup.cfg configuration for creating universal wheels (#1693) (c767531ce05a89002d109f595187aff1fcaacfb7)
• use .read() instead of .content.read() in aiohttp transport (#1899) (12f4470f808809e8abf1141f98d88ab720c3899b)
• raise RefreshError for missing token in impersonated credentials (#1897) (94d04e090fdfc61926dd32bc1d65f8820b9cede5)
• Fix test coverage for mtls_helper (#1886) (02e71631fe275d93825c2e957e830773e75133f7)

2.45.0 (2025-12-15)

Features

• Adding Agent Identity bound token support and handling certificate mismatches with retries (#1890) (b32c934e6b0d09b94c467cd432a0a635e8b05f5c)

2.44.0 (2025-12-13)

Features

• support Python 3.14 (#1822) (0f7097e78f247665b6ef0287d482033f7be2ed6d)
• add ecdsa p-384 support (#1872) (39c381a5f6881b590025f36d333d12eff8dc60fc)
• MDS connections use mTLS (#1856) (0387bb95713653d47e846cad3a010eb55ef2db4c)
• Implement token revocation in STS client and add revoke() metho… (#1849) (d5638986ca03ee95bfffa9ad821124ed7e903e63)

... (truncated)

Commits

• f32301a chore: librarian release pull request: 20260106T130342Z (#1922)
• 25f4ca6 chore: remove Python 3.7 support (#1919)
• 60dc200 fix: Python 3.8 support (#1918)
• 5c07e1c feat: drop cachetools dependency in favor of simple local implementation (#...
• 2cbc2a2 chore: librarian release pull request: 20260105T122553Z (#1913)
• 5b7b5d8 chore: librarian update image pull request: 20260105T112538Z (#1912)
• 7dbf05a chore: rename _refresh_token to _perform_refresh_token (#1900)
• 855a45a chore(deps): update all dependencies (#1894)
• 77c8bc4 tests: make the TLS tests skip when pyopenssl isn't available (#1873)
• 0b9107d feat: Recognize workload certificate config in has_default_client_cert_source...
• Additional commits viewable in compare view

Updates google-auth-oauthlib from 1.2.2 to 1.2.4

Release notes

Sourced from google-auth-oauthlib's releases.

google-auth-oauthlib 1.2.4

1.2.4 (2026-01-14)

Bug Fixes

• support google-auth >= 2.46.0 (#433) (088a597c)

v1.2.3

1.2.3 (2025-10-30)

Bug Fixes

• Add upper-bound to google-auth dependency (#423) (d7921f9)
• Drop support for Python 3.6 (4b1a5f3)
• Explicitly declare Python 3.13 support (4b1a5f3)

Changelog

Sourced from google-auth-oauthlib's changelog.

1.2.4 (2026-01-14)

Bug Fixes

• support google-auth >= 2.46.0 (#433) (088a597cfa50c90d11e9a6993f2115a0eded3422)

1.2.3 (2025-10-30)

Bug Fixes

• Add upper-bound to google-auth dependency (#423) (d7921f9)
• Drop support for Python 3.6 (4b1a5f3)
• Explicitly declare Python 3.13 support (4b1a5f3)

Commits

• 63fc8ae chore: librarian release pull request: 20260114T132622Z (#437)
• 088a597 fix: support google-auth >= 2.46.0 (#433)
• 631ac72 chore(tests): use new unittest.mock from the standard library (#351)
• a2a87a2 chore(librarian): clean up owlbot files and pin image sha (#425)
• ccd1ea8 chore(librarian): onboard google-auth-oauthlib to librarian (#417)
• 2765352 chore(main): release 1.2.3 (#409)
• d7921f9 fix: add upper-bound to google-auth dependency (#423)
• 951dd32 chore(python): Add support for Python 3.14 (#415)
• cb74baf tests: update default runtime used for tests (#411)
• 4b1a5f3 fix: explicitly declare Python 3.13 support (#408)
• See full diff in compare view

Updates greenlet from 3.2.4 to 3.3.0

Changelog

Sourced from greenlet's changelog.

3.3.0 (2025-12-04)

• Drop support for Python 3.9.

• Switch to distributing manylinux_2_28 wheels instead of manylinux2014 wheels. Likewise, switch from musllinux_1_1 to 1_2.

• Add initial support for free-threaded builds of CPython 3.14. Due to limitations, we do not distribute binary wheels for free-threaded CPython on Windows. (Free-threaded CPython 3.13 may work, but is untested and unsupported.)

  .. caution::

  Under some rare scenarios with free-threaded 3.14, the interpreter may crash on accessing a variable or attribute or when shutting down. If this happens, try disabling the thread-local bytecode cache. See the greenlet documentation for more details. See PR 472 by T. Wouters <https://github.com/python-greenlet/greenlet/pull/472>_ for the initial free-threaded support and a discussion of the current known issues.

Commits

• 0f90431 Preparing release 3.3.0
• 296058a Tweak changelog. [skip ci]
• d4392ab fixup
• e6fead2 Update docs regarding free-threading.
• d5b1346 3.14: Save/restore PyInterpreterFrame.stackpointer.
• b54c4bd Fix some crashes with CPython assertions enabled, pointing to things we were ...
• 47e9925 Add a test that we're not enabling the GIL.
• 0778d50 Use our Python allocator on free-threaded builds, but do it correctly with Py...
• 5f661f4 Add free-threaded CI builds and manylinux builds; update manylinux away from ...
• 5331b0a Merge pull request #475 from clin1234/capi
• Additional commits viewable in compare view

Updates idna from 3.10 to 3.11

Changelog

Sourced from idna's changelog.

3.11 (2025-10-12)

• Update to Unicode 16.0.0, including significant changes to UTS46 processing. As a result of Unicode ending support for it, transitional processing no longer has an effect and returns the same result.
• Add support for Python 3.14, lowest supported version is Python 3.8.
• Various updates to packaging, including PEP 740 support.

Commits

• ad949ee Release v3.11
• cae4ba7 Second release candidate for 3.11
• 8adb305 Add space in RST link
• 74cb2b6 Release candidate for 3.11
• 05dab09 Format idna-data with ruff
• 90eac78 Apply ruff formatting
• a31ce7e Remove errant test vectors
• 81f0333 Omit vectors known to be broken in test suite
• a0f3257 Merge branch 'master' into unicode-16-uts46-changes
• 38d9886 Remove extra UTS46 test vector
• Additional commits viewable in compare view

Updates importlib-metadata from 8.7.0 to 8.7.1

Changelog

Sourced from importlib-metadata's changelog.

v8.7.1

Bugfixes

• Fixed errors in FastPath under fork-multiprocessing. (#520)
• Removed cruft from Python 3.8. (#524)

Commits

• 84e9028 Finalize
• 36ed6f6 Merge pull request #521 from 2xB/fix520
• f6eee56 Rely on passthrough to designate a wrapper for its side effect.
• 3c9510b Prefer noop for degenerate behavior.
• a36bab9 Avoid if block.
• 8dd2937 Decouple clear_after_fork from lru_cache and then compose.
• 1da3f45 Add news fragment.
• a1c25d8 🧎‍♀️ Genuflect to the types.
• 4e962a8 👹 Feed the hobgoblins (delint).
• 6a30ab9 Allow initial currsize to be greater than one (as happens when running the te...
• Additional commits viewable in compare view

Updates kombu from 5.5.4 to 5.6.2

Release notes

Sourced from kombu's releases.

v5.6.2

What's Changed

• Simplify requirements given Py3.9+ baseline by @​jayaddison in celery/kombu#2414
• fix: credential_provider compatibility issue with redis < 5.3.0 by @​alaminopu in celery/kombu#2423
• Fix SentinelChannel to pass ACL credentials to master_for() by @​anthonykuzmich7 in celery/kombu#2426
• Improve the error handling in ack deadline extension by @​tungntpham in celery/kombu#2430
• Prepare for release: v5.6.2 by @​Nusnus in celery/kombu#2434

New Contributors

• @​jayaddison made their first contribution in celery/kombu#2414
• @​anthonykuzmich7 made their first contribution in celery/kombu#2426
• @​tungntpham made their first contribution in celery/kombu#2430

Full Changelog: celery/kombu@v5.6.1...v5.6.2

v5.6.1

What's Changed

• fix: ensure hub close does also remove global event loop reference by @​oliverhaas in celery/kombu#2404
• fix: default value for SQS's receive message by @​cuducos in celery/kombu#2405
• Feat: add support for credential_provider to redis broker by @​alaminopu in celery/kombu#2408
• Prepare for release: v5.6.1 by @​Nusnus in celery/kombu#2416

New Contributors

• @​oliverhaas made their first contribution in celery/kombu#2404
• @​cuducos made their first contribution in celery/kombu#2405
• @​alaminopu made their first contribution in celery/kombu#2408

Full Changelog: celery/kombu@v5.6.0...v5.6.1

v5.6.0

Key Highlights

QoS Max Prefetch Limit celery/kombu#2348

Prevent Out Of Memory crashes when queues flood with ETA/countdown tasks. The new optional max_prefetch parameter caps how many messages workers hold in memory. Defaults to unlimited (None) to preserve existing behavior.

from kombu.common import QoS
Limit prefetch to maximum 100 messages
qos = QoS(callback=consumer.qos, initial_value=10, max_prefetch=100)

Redis Polling Interval Support celery/kombu#2346

Fix Redis transport to properly propagate polling_interval and brpop_timeout from transport_options to the Channel's _brpop_start timeout.

app.conf.broker_transport_options = {"polling_interval": 10}
</tr></table> 

... (truncated)

Changelog

Sourced from kombu's changelog.

5.6.2

:release-date: 29 December, 2025 :release-by: Tomer Nosrati

What's Changed

- Improve error handling in GCP Pub/Sub ack deadline extension ([#2430](https://github.com/celery/kombu/issues/2430))
- Fix SentinelChannel to pass ACL credentials to master_for() ([#2426](https://github.com/celery/kombu/issues/2426))
- Fix credential_provider compatibility with redis-py < 5.3.0 ([#2423](https://github.com/celery/kombu/issues/2423))
- Simplify requirements given Py3.9+ baseline ([#2414](https://github.com/celery/kombu/issues/2414))
- Prepare for release: v5.6.2 ([#2434](https://github.com/celery/kombu/issues/2434))
.. _version-5.6.1:
5.6.1
:release-date: 25 November, 2025
:release-by: Tomer Nosrati
What's Changed

• fix: ensure hub close does also remove global event loop reference (#2404)
• fix: default value for SQS's receive message (#2405)
• Feat: add support for credential_provider to redis broker (#2408)
• Prepare for release: v5.6.1 (#2416)

.. _version-5.6.0:

5.6.0

:release-date: 1 November, 2025 :release-by: Tomer Nosrati

Key Highlights

QoS Max Prefetch Limit
----------------------
PR [#2348](https://github.com/celery/kombu/issues/2348) <https://github.com/celery/kombu/pull/2348>_
Prevent Out Of Memory crashes when queues flood with ETA/countdown tasks. The new optional max_prefetch parameter caps how many messages workers hold in memory. Defaults to unlimited (None) to preserve existing behavior.
.. code-block:: python
from kombu.common import QoS

</tr></table>

... (truncated)

Commits

• 279b81f Prepare for release: v5.6.2 (#2434)
• a12f3a9 Improve the error handling in ack deadline extension (#2430)
• 4055fa7 Bump mypy from 1.19.0 to 1.19.1 (#2432)
• 8756f49 [pre-commit.ci] pre-commit autoupdate (#2429)
• 0a5a0bc Fix SentinelChannel to pass ACL credentials to master_for() (#2426)
• f204769 [pre-commit.ci] pre-commit autoupdate (#2424)
• 9a72859 Bump mypy from 1.18.2 to 1.19.0
• 260d517 fix: credential_provider compatibility issue with redis < 5.3.0 (#2423)
• 161a61b Simplify requirements given Py3.9+ baseline (#2414)
• 5208431 Prepare for release: v5.6.1 (#2416)
• Additional commits viewable in compare view

Updates markupsafe from 3.0.2 to 3.0.3

Release notes

Sourced from markupsafe's releases.

3.0.3

This is the MarkupSafe 3.0.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/MarkupSafe/3.0.3/ Changes: https://markupsafe.palletsprojects.com/page/changes/#version-3-0-3 Milestone: https://github.com/pallets/markupsafe/milestone/15?closed=1

• __version__ raises DeprecationWarning instead of UserWarning. #487
• Adopt multi-phase initialization PEP 489 for the C extension. #494
• Build Windows ARM64 wheels. #485
• Build Python 3.14 wheels. #503
• Build riscv64 wheels. #505

Changelog

Sourced from markupsafe's changelog.

Version 3.0.3

Released 2025-09-27

• __version__ raises DeprecationWarning instead of UserWarning. :issue:487
• Adopt multi-phase initialisation (:pep:489) for the C extension. :issue:494
• Build Windows ARM64 wheels. :issue:485
• Build Python 3.14 wheels. :issue:503
• Build riscv64 wheels. :issue:505

Commits

• 297fc8e release version 3.0.3
• 7e4e6ce Free-threading: run with pytest-run-paralell (#507)
• 6100b9c enable riscv64 wheels (#506)
• c9d5ecf enable riscv64 wheels
• 2f9b337 tox for 3.14
• 78d951a update dev dependencies
• bb6744e add entry
• 65c4134 upgrade cibuildwheel, add cp314 ...

  Description has been truncated