Bump the patch-update group with 16 updates

[dependabot]

Bumps the patch-update group with 16 updates:

Package	From	To
requests	2.32.3	2.32.5
einops	0.8.0	0.8.1
charset-normalizer	3.4.0	3.4.3
contourpy	1.3.0	1.3.3
evaluate	0.4.3	0.4.5
fastrlock	0.8.2	0.8.3
httpcore	1.0.6	1.0.9
jinja2	3.1.4	3.1.6
kiwisolver	1.4.7	1.4.9
mbstrdecoder	1.1.3	1.1.4
msgpack	1.1.0	1.1.1
pyparsing	3.2.0	3.2.4
pytablewriter	1.2.0	1.2.1
tabledata	1.3.3	1.3.4
tcolorpy	0.1.6	0.1.7
timm	1.0.11	1.0.19

Updates requests from 2.32.3 to 2.32.5

Release notes

Sourced from requests's releases.

v2.32.5

2.32.5 (2025-08-18)

Bugfixes

• The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

• Added support for Python 3.14.
• Dropped support for Python 3.8 following its end of support.

v2.32.4

2.32.4 (2025-06-10)

Security

• CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file. (#6965)

Improvements

• Numerous documentation improvements

Deprecations

• Added support for pypy 3.11 for Linux and macOS. (#6926)
• Dropped support for pypy 3.9 following its end of support. (#6926)

Changelog

Sourced from requests's changelog.

2.32.5 (2025-08-18)

Bugfixes

• The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

• Added support for Python 3.14.
• Dropped support for Python 3.8 following its end of support.

2.32.4 (2025-06-10)

Security

• CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file.

Improvements

• Numerous documentation improvements

Deprecations

• Added support for pypy 3.11 for Linux and macOS.
• Dropped support for pypy 3.9 following its end of support.

Commits

• b25c87d v2.32.5
• 131e506 Merge pull request #7010 from psf/dependabot/github_actions/actions/checkout-...
• b336cb2 Bump actions/checkout from 4.2.0 to 5.0.0
• 46e939b Update publish workflow to use artifact-id instead of name
• 4b9c546 Merge pull request #6999 from psf/dependabot/github_actions/step-security/har...
• 7618dbe Bump step-security/harden-runner from 2.12.0 to 2.13.0
• 2edca11 Add support for Python 3.14 and drop support for Python 3.8 (#6993)
• fec96cd Update Makefile rules (#6996)
• d58d8aa docs: clarify timeout parameter uses seconds in Session.request (#6994)
• 91a3eab Bump github/codeql-action from 3.28.5 to 3.29.0
• Additional commits viewable in compare view

Updates einops from 0.8.0 to 0.8.1

Release notes

Sourced from einops's releases.

v0.8.1 Multiple improvements

What's Changed

TLDR:

• ellipsis is added to EinMix
• tests moved into the package
• devcontainer provided
• added backend for pyTensor
• niceties: citation, docs, fixed broken links
• this did not require any changes in einops, but array API is supported by more libs these days, and einops can operate on them

PRs:

• Update README.md by @​project-delphi in arogozhnikov/einops#316
• change tests for numpy2.0 + fix for numpy regression by @​arogozhnikov in arogozhnikov/einops#325
• PR from @​pzread: fix tinygrad concat + changed formatting to fix CI errors by @​arogozhnikov in arogozhnikov/einops#329
• Add devcontainer and dockerfile by @​arogozhnikov in arogozhnikov/einops#330
• delete experimental/indexing by @​arogozhnikov in arogozhnikov/einops#333
• Use same ruff version in CI and in pre-commit, reformat notebooks by @​arogozhnikov in arogozhnikov/einops#336
• Delete chainer backend by @​arogozhnikov in arogozhnikov/einops#335
• Mention support of cupy, pydata/sparse, ndonnx and others by @​arogozhnikov in arogozhnikov/einops#337
• Moving tests into source tree by @​arogozhnikov in arogozhnikov/einops#338
• Update documentation, mention changes in testing + devcontainers by @​arogozhnikov in arogozhnikov/einops#339
• Auto-deploy mkdocs + update mkdocs requirements by @​arogozhnikov in arogozhnikov/einops#341
• Add dict syntax to the einops layers example by @​eadadi in arogozhnikov/einops#342
• include CITATION.cff for einops by @​luke-carlson in arogozhnikov/einops#345
• mention that cupy and jax now support array api by @​arogozhnikov in arogozhnikov/einops#348
• Fix docs broken links after master -> main migration by @​VladKha in arogozhnikov/einops#349
• [Paddle] Update _backends.py to support pir.Value by @​HydrogenSulfate in arogozhnikov/einops#353
• Update docstring for einops.reduce by @​arogozhnikov in arogozhnikov/einops#358
• add a comment about axes names by @​arogozhnikov in arogozhnikov/einops#359
• Add support of ellipsis to einmix by @​arogozhnikov in arogozhnikov/einops#360
• Add PyTensor backend by @​ricardoV94 in arogozhnikov/einops#362
• rename input_dict, document parameter by @​arogozhnikov in arogozhnikov/einops#363

New Contributors

• @​project-delphi made their first contribution in arogozhnikov/einops#316
• @​eadadi made their first contribution in arogozhnikov/einops#342
• @​luke-carlson made their first contribution in arogozhnikov/einops#345
• @​VladKha made their first contribution in arogozhnikov/einops#349
• @​HydrogenSulfate made their first contribution in arogozhnikov/einops#353
• @​ricardoV94 made their first contribution in arogozhnikov/einops#362

Full Changelog: arogozhnikov/einops@v0.8.0...v0.8.1

Commits

• ad2c8d6 version 0.8.0 -> 0.8.1 (#365)
• 47c742f rename input_dict, document parameter (#363)
• 43c11f8 Add PyTensor backend (#362)
• 253545a Add support of ellipsis to einmix (#360)
• 9ac21cd add a comment about axes names (#359)
• a462d07 Update docstring for einops.reduce (#358)
• 1bee724 [Paddle] Update _backends.py to support pir.Value (#353)
• 5906eb8 Fix doc links after master -> main migration (#349)
• 6328dee mention that cupy and jax now support array api (#348)
• 1d3f9c4 include CITATION.cff for einops (#345)
• Additional commits viewable in compare view

Updates charset-normalizer from 3.4.0 to 3.4.3

Release notes

Sourced from charset-normalizer's releases.

Version 3.4.3

3.4.3 (2025-08-09)

Changed

• mypy(c) is no longer a required dependency at build time if CHARSET_NORMALIZER_USE_MYPYC isn't set to 1. (#595) (#583)
• automatically lower confidence on small bytes samples that are not Unicode in detect output legacy function. (#391)

Added

• Custom build backend to overcome inability to mark mypy as an optional dependency in the build phase.
• Support for Python 3.14

Fixed

• sdist archive contained useless directories.
• automatically fallback on valid UTF-16 or UTF-32 even if the md says it's noisy. (#633)

Misc

• SBOM are automatically published to the relevant GitHub release to comply with regulatory changes. Each published wheel comes with its SBOM. We choose CycloneDX as the format.
• Prebuilt optimized wheel are no longer distributed by default for CPython 3.7 due to a change in cibuildwheel.

Version 3.4.2

3.4.2 (2025-05-02)

Fixed

• Addressed the DeprecationWarning in our CLI regarding argparse.FileType by backporting the target class into the package. (#591)
• Improved the overall reliability of the detector with CJK Ideographs. (#605) (#587)

Changed

• Optional mypyc compilation upgraded to version 1.15 for Python >= 3.9

Version 3.4.1

🚀 We're still raising awareness around HTTP/2, and HTTP/3!

Did you know that Internet Explorer 11 shipped with an optional HTTP/2 support back in 2013? also libcurl did ship it in 2014[...] Using Requests today is the rough equivalent of using EOL Windows 8! We promptly invite Python developers to look at the first drop-in replacement for Requests, namely Niquests. Ship with native WebSocket, SSE, Happy Eyeballs, DNS over HTTPS, and so on[...] All of this while remaining compatible with all Requests prior plug-ins / add-ons.

It leverages charset-normalizer in a better way! Check it out, you will gain up to being 3X faster and get a real/respectable support with it.

3.4.1 (2024-12-24)

Changed

• Project metadata are now stored using pyproject.toml instead of setup.cfg using setuptools as the build backend.
• Enforce annotation delayed loading for a simpler and consistent types in the project.
• Optional mypyc compilation upgraded to version 1.14 for Python >= 3.8

Added

• pre-commit configuration.
• noxfile.

Removed

... (truncated)

Changelog

Sourced from charset-normalizer's changelog.

3.4.3 (2025-08-09)

Changed

• mypy(c) is no longer a required dependency at build time if CHARSET_NORMALIZER_USE_MYPYC isn't set to 1. (#595) (#583)
• automatically lower confidence on small bytes samples that are not Unicode in detect output legacy function. (#391)

Added

• Custom build backend to overcome inability to mark mypy as an optional dependency in the build phase.
• Support for Python 3.14

Fixed

• sdist archive contained useless directories.
• automatically fallback on valid UTF-16 or UTF-32 even if the md says it's noisy. (#633)

Misc

• SBOM are automatically published to the relevant GitHub release to comply with regulatory changes. Each published wheel comes with its SBOM. We choose CycloneDX as the format.
• Prebuilt optimized wheel are no longer distributed by default for CPython 3.7 due to a change in cibuildwheel.

3.4.2 (2025-05-02)

Fixed

• Addressed the DeprecationWarning in our CLI regarding argparse.FileType by backporting the target class into the package. (#591)
• Improved the overall reliability of the detector with CJK Ideographs. (#605) (#587)

Changed

• Optional mypyc compilation upgraded to version 1.15 for Python >= 3.8

3.4.1 (2024-12-24)

Changed

• Project metadata are now stored using pyproject.toml instead of setup.cfg using setuptools as the build backend.
• Enforce annotation delayed loading for a simpler and consistent types in the project.
• Optional mypyc compilation upgraded to version 1.14 for Python >= 3.8

Added

• pre-commit configuration.
• noxfile.

Removed

• build-requirements.txt as per using pyproject.toml native build configuration.
• bin/integration.py and bin/serve.py in favor of downstream integration test (see noxfile).
• setup.cfg in favor of pyproject.toml metadata configuration.
• Unused utils.range_scan function.

Fixed

• Converting content to Unicode bytes may insert utf_8 instead of preferred utf-8. (#572)
• Deprecation warning "'count' is passed as positional argument" when converting to Unicode bytes on Python 3.13+

Commits

• 46f662d Release 3.4.3 (#638)
• 1a059b2 🔧 skip building on freethreaded as we're not confident it is stable
• 2275e3d 📝 final note in CHANGELOG.md
• c96acdf 📝 update release date on CHANGELOG.md
• 43e5460 📝 update README.md
• f277074 🔧 automatically lower confidence on small bytes str on non Unicode res...
• 15ae241 🐛 automatically fallback on valid UTF-16 or UTF-32 even if the md says it...
• 37397c1 🔧 enable 3.14 in nox test_mypyc session
• cb82537 ⏪ revert license due to compat python 3.7 issue setuptools
• 6a2efeb 🎨 fix linter errors
• Additional commits viewable in compare view

Updates contourpy from 1.3.0 to 1.3.3

Release notes

Sourced from contourpy's releases.

Version 1.3.3

ContourPy 1.3.3 is a compatibility release adding support for CPython 3.14 and Windows on ARM.

This release supports CPython 3.11 to 3.14, and PyPy 3.11.

Compatibility:

• Support Windows on ARM (#476, #477, #483)
• Bump minimum supported Python to 3.11 (#478)
• Support Python 3.14 (#479, #485, #490)

Code improvements:

• Update type annotations for bokeh 3.7.3 (#475)
• Support type annotation changes in numpy 2.3.0 (#480)

Build, testing and CI improvements:

• Remove Python 3.13.3 pin (#487)
• CI install numpy 2.3.2 wheels from PyPI for Python 3.14 and Windows ARM (#488)

Version 1.3.2

ContourPy 1.3.2 is a minor release to support changes in type annotations in Bokeh >= 3.7 and add support for PyPy 3.11.

This release supports CPython 3.10 to 3.13, and PyPy 3.10 to 3.11.

Compatibility:

• Fix type annotations for Bokeh >= 3.7 (#471`

Build, testing and CI improvements:

• Test on CPython 3.14 (#470`)
• Test and build wheels for PyPy 3.11 (#464)
• Test PyPy 3.10 on all 3 major OSes (#465)
• Use ubuntu-24.04-arm runners (#459)

Version 1.3.1

ContourPy 1.3.1 is a compatibility release to support changes in bokeh, meson-python and pybind11.

This release supports Python 3.10 to 3.13.

Compatibility:

• Drop support for Python 3.9 (#435)
• Update to bokeh 3.6.0 (#444)
• Update minimum pybind11 to 2.13.2 (#451)
• Read meson-python version in recommended way (#452)

Code improvements:

... (truncated)

Changelog

Sourced from contourpy's changelog.

v1.3.3 (2025-07-26)

ContourPy 1.3.3 is a compatibility release adding support for CPython 3.14 and Windows on ARM.

This release supports CPython 3.11 to 3.14, and PyPy 3.11.

Compatibility:

• Support Windows on ARM (:pr:476, :pr:477, :pr:483)
• Bump minimum supported Python to 3.11 (:pr:[#478](https://github.com/contourpy/contourpy/issues/478))
• Support Python 3.14 (:pr:479, :pr:485, :pr:490)

Code improvements:

• Update type annotations for bokeh 3.7.3 (:pr:475)
• Support type annotation changes in numpy 2.3.0 (:pr:480)

Build, testing and CI improvements:

• Remove Python 3.13.3 pin (:pr:487)
• CI install numpy 2.3.2 wheels from PyPI for Python 3.14 and Windows ARM (:pr:488)

v1.3.2 (2025-04-15)

ContourPy 1.3.2 is a minor release to support changes in type annotations in Bokeh >= 3.7 and add support for PyPy 3.11.

This release supports CPython 3.10 to 3.13, and PyPy 3.10 to 3.11.

Compatibility:

• Fix type annotations for Bokeh >= 3.7 (:pr:471)

Build, testing and CI improvements:

• Test on CPython 3.14 (:pr:470)
• Test and build wheels for PyPy 3.11 (:pr:464)
• Test PyPy 3.10 on all 3 major OSes (:pr:465)
• Use ubuntu-24.04-arm runners (:pr:459)

v1.3.1 (2024-11-12)

ContourPy 1.3.1 is a compatibility release to support changes in bokeh, meson-python and pybind11.

This release supports Python 3.10 to 3.13.

... (truncated)

Commits

• 713550a Prepare for v1.3.3 release (#491)
• 9fa3227 Reinstate image tests for python 3.14 (#490)
• e818810 Bump cibuildwheel to 3.1.1 (#489)
• d800791 CI install numpy 2.3.2 wheels from pypi for python 3.14 and windows arm (#488)
• 881ca7f Remove 3.13.3 pin (#487)
• a58d9d0 Update mypy to 1.17.0 (#486)
• a32405f Use matplotlib images tests for python 3.14 (#485)
• 33d9d9d Bump pypa/cibuildwheel from 3.0.0 to 3.0.1 in the actions group (#484)
• 154fbfd Disable nightly wheels test on Windows on ARM (#483)
• 20936c5 Support python 3.14 (#479)
• Additional commits viewable in compare view

Updates evaluate from 0.4.3 to 0.4.5

Release notes

Sourced from evaluate's releases.

v0.4.5

What's Changed

• Support datasets 4 by @​lhoestq in huggingface/evaluate#689

Full Changelog: huggingface/evaluate@v0.4.4...v0.4.5

v0.4.4

Bug fixes

• support jiwer 4.0 by @​lhoestq in huggingface/evaluate#685
• Fix Perplexity Score For Tokenizers without bos_token_id by @​kylehowells in huggingface/evaluate#682
• Fix size attribute error for precision/recall/f1 by @​Maxwell-Jia in huggingface/evaluate#656

Other changes

• Add required hf_token secret to build main documentation by @​albertvillanova in huggingface/evaluate#635
• Pin numpy<2 as required by tensorflow to fix doc building by @​albertvillanova in huggingface/evaluate#631
• Support nltk>=3.9 to fix vulnerability by @​albertvillanova in huggingface/evaluate#629
• add tip in docs and readme referring to lighteval by @​MoritzLaurer in huggingface/evaluate#618

New Contributors

• @​MoritzLaurer made their first contribution in huggingface/evaluate#618
• @​Maxwell-Jia made their first contribution in huggingface/evaluate#656
• @​kylehowells made their first contribution in huggingface/evaluate#682

Full Changelog: huggingface/evaluate@v0.4.3...v0.4.4

Commits

• 53b3324 release: 0.4.5 (#690)
• 9484626 Support datasets 4 (#689)
• 32546aa dev version (#687)
• fab953d Release 0.4.4 (#686)
• 077df0d again
• 744c24a again
• bf2d482 again
• 768141e fix ci
• f05792f Fix Perplexity Score For Tokenizers without bos_token_id (#682)
• b39b266 support jiwer 4.0 (#685)
• Additional commits viewable in compare view

Updates fastrlock from 0.8.2 to 0.8.3

Changelog

Sourced from fastrlock's changelog.

0.8.3 (2024-12-17)

• Rebuilt with Cython 3.0.11 to add Python 3.13 support.

Commits

• 841e3de Prepare release of 0.8.3.
• f89f0f0 Remove official Py2 support but keep building Linux wheels for it.
• 375d793 Build: Remove Py3.7 which is EOL.
• a799395 Build: Clean up artefact uploading for tool version v4.
• 3f52f73 Build: Clean up artefact uploading. for tool version v4.
• dd29298 Build: Use more recent and hopefully working macOS deployment target version.
• 0043caa Improve function signatures for exception handling in recent Cython versions.
• 5c74fe5 Build: Update targets, tools and dependencies.
• 7a02e09 CI: Avoid duplicate builds.
• 984bc48 CI: Split AArch64 targets to parallelise their build.
• Additional commits viewable in compare view

Updates httpcore from 1.0.6 to 1.0.9

Release notes

Sourced from httpcore's releases.

Version 1.0.9 (April 24th, 2025)

• Resolve GHSA-vqfr-h8mv-ghfj with h11 dependency update. (#1008)

Version 1.0.8 (April 11th, 2025)

• Fix AttributeError when importing on Python 3.14. (#1005)

Version 1.0.7 (November 15th, 2024)

• Support proxy=… configuration on ConnectionPool(). (#974)

Changelog

Sourced from httpcore's changelog.

Version 1.0.9 (April 24th, 2025)

• Resolve GHSA-vqfr-h8mv-ghfj with h11 dependency update. (#1008)

Version 1.0.8 (April 11th, 2025)

• Fix AttributeError when importing on Python 3.14. (#1005)

Version 1.0.7 (November 15th, 2024)

• Support proxy=… configuration on ConnectionPool(). (#974)

Commits

• 9820975 Version 1.0.9 (#1011)
• d1e17c5 Update h11 dependency, resolving security fix. (#1008)
• ae46dfb Version 1.0.8 (#1006)
• b2a796c Fix AttributeError when importing on Python 3.14 (#1005)
• 38f277c Revert "Use AnyIO fast_acquire (#953)" (#1002)
• 973cbdd Use AnyIO fast_acquire (#953)
• 8b8ab18 fix ci (#999)
• a173552 Version 1.0.7 (#977)
• 13e281d Add proxy configuration to ConnectionPool. (#974)
• 0bfcee4 default port for the socks5h scheme (#972)
• Additional commits viewable in compare view

Updates jinja2 from 3.1.4 to 3.1.6

Release notes

Sourced from jinja2's releases.

3.1.6

This is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.6/ Changes: https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6

• The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. GHSA-cpwx-vrp4-4pq7

3.1.5

This is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.5/ Changes: https://jinja.palletsprojects.com/changes/#version-3-1-5 Milestone: https://github.com/pallets/jinja/milestone/16?closed=1

• The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. GHSA-q2x7-8rv6-6q7h
• Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. #1792, GHSA-gmj6-6f8f-6699
• Sandbox does not allow clear and pop on known mutable sequence types. #2032
• Calling sync render for an async template uses asyncio.run. #1952
• Avoid unclosed auto_aiter warnings. #1960
• Return an aclose-able AsyncGenerator from Template.generate_async. #1960
• Avoid leaving root_render_func() unclosed in Template.generate_async. #1960
• Avoid leaving async generators unclosed in blocks, includes and extends. #1960
• The runtime uses the correct concat function for the current environment when calling block references. #1701
• Make |unique async-aware, allowing it to be used after another async-aware filter. #1781
• |int filter handles OverflowError from scientific notation. #1921
• Make compiling deterministic for tuple unpacking in a {% set ... %} call. #2021
• Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. #2025
• Fix copy/pickle support for the internal missing object. #2027
• Environment.overlay(enable_async) is applied correctly. #2061
• The error message from FileSystemLoader includes the paths that were searched. #1661
• PackageLoader shows a clearer error message when the package does not contain the templates directory. #1705
• Improve annotations for methods returning copies. #1880
• urlize does not add mailto: to values like @a@b. #1870
• Tests decorated with @pass_context can be used with the |select filter. #1624
• Using set for multiple assignment (a, b = 1, 2) does not fail when the target is a namespace attribute. #1413
• Using set in all branches of {% if %}{% elif %}{% else %} blocks does not cause the variable to be considered initially undefined. #1253

Changelog

Sourced from jinja2's changelog.

Version 3.1.6

Released 2025-03-05

• The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. :ghsa:cpwx-vrp4-4pq7

Version 3.1.5

Released 2024-12-21

• The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. :ghsa:q2x7-8rv6-6q7h
• Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. :issue:1792, :ghsa:gmj6-6f8f-6699
• Sandbox does not allow clear and pop on known mutable sequence types. :issue:2032
• Calling sync render for an async template uses asyncio.run. :pr:1952
• Avoid unclosed auto_aiter warnings. :pr:1960
• Return an aclose-able AsyncGenerator from Template.generate_async. :pr:1960
• Avoid leaving root_render_func() unclosed in Template.generate_async. :pr:1960
• Avoid leaving async generators unclosed in blocks, includes and extends. :pr:1960
• The runtime uses the correct concat function for the current environment when calling block references. :issue:1701
• Make |unique async-aware, allowing it to be used after another async-aware filter. :issue:1781
• |int filter handles OverflowError from scientific notation. :issue:1921
• Make compiling deterministic for tuple unpacking in a {% set ... %} call. :issue:2021
• Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. :issue:2025
• Fix copy/pickle support for the internal missing object. :issue:2027
• Environment.overlay(enable_async) is applied correctly. :pr:2061
• The error message from FileSystemLoader includes the paths that were searched. :issue:1661
• PackageLoader shows a clearer error message when the package does not contain the templates directory. :issue:1705
• Improve annotations for methods returning copies. :pr:1880
• urlize does not add mailto: to values like @a@b. :pr:1870

... (truncated)

Commits

• 1520688 release version 3.1.6
• 90457bb Merge commit from fork
• 065334d attr filter uses env.getattr
• 033c200 start version 3.1.6
• bc68d4e use global contributing guide (#2070)
• 247de5e use global contributing guide
• ab8218c use project advisory link instead of global
• b4ffc8f release version 3.1.5 (#2066)
• 877f6e5 release version 3.1.5
• 8d58859 remove test pypi
• Additional commits viewable in compare view

Updates kiwisolver from 1.4.7 to 1.4.9

Release notes

Sourced from kiwisolver's releases.

1.4.9

What's Changed

• Include Python.h-including headers first by @​DWesl in nucleic/kiwi#193
• WHL: pin cibuildwheel 3.1.1, enable cp314 wheels by @​neutrinoceros in nucleic/kiwi#196
• ci: update release workflow and test on 3.14 by @​MatthieuDartiailh in nucleic/kiwi#198

New Contributors

• @​DWesl made their first contribution in nucleic/kiwi#193
• @​neutrinoceros made their first contribution in nucleic/kiwi#196

Full Changelog: nucleic/kiwi@1.4.8...1.4.9

1.4.8

What's Changed

• Cppy upgrade to 1.3.0 to fix linking issues on windows by @​MatthieuDartiailh in nucleic/kiwi#189
• Add CI/wheel builder for the free-threaded build by @​lysnikolaou in nucleic/kiwi#190
• Fix CIBW_ENABLE to correctly build free-threaded wheels by @​lysnikolaou in nucleic/kiwi#191

New Contributors

• @​lysnikolaou made their first contribution in nucleic/kiwi#190

Full Changelog: nucleic/kiwi@1.4.7...1.4.8

Changelog

Sourced from kiwisolver's changelog.

Wrappers 1.4.9 | Solver 1.4.2 | 10/08/2025

• add support for Python 3.14 PR #196 #198
• include Python.h, or headers including Python.h, before system headers

Wrappers 1.4.8 | Solver 1.4.2 | 24/12/2024

• drop support for Python 3.8 and 3.9 PR #189
• do not link to MSVCP on Windows and drop windows 32 bits support PR #189
• add support for free-threaded builds on Python 3.13 PR #190 #191

Commits

• 728f566 cut release 1.4.9 and update
• a399bec Merge pull request #198 from nucleic/py314
• b1691dd ci: enable 3.13 free threaded build on ARM windows
• eb54bba ci: update release workflow and test on 3.14
• 4d2c21e Merge pull request #196 from neutrinoceros/whl/pin-cibuildwheel
• 0b7ab52 WHL: pin cibuildwheel 3.1.1, enable cp314 wheels
• 80e76ba Merge pull request #193 from DWesl/patch-1
• cb9ced4 Add a release note
• 0710eff Include python-including headers first
• f4b0ebe Include python-including headers first
• Additional commits viewable in compare view

Updates mbstrdecoder from 1.1.3 to 1.1.4

Release notes

Sourced from mbstrdecoder's releases.

v1.1.4

• Fix UnicodeDecodeError exception sending correctly
• Add GitHub Actions workflow for building, publishing, and signing packages to PyPI
• Remove deprecated tests_require from setup.py
• Modify to use setuptools_scm for package build
• Add support for Python 3.13
• Drop support for Python 3.7/3.8
• Add metadata attributes to the mbstrdecoder module
• Improve type annotations

Full Changelog: thombashi/mbstrdecoder@v1.1.3...v1.1.4

Commits

• 48661b8 Bump version to 1.1.4
• 2424d5f Use Final for constants
• b411aa9 Add GitHub Actions workflow for building, publishing, and signing packages to...
• a0bf607 Rename lint and test workflow to CI
• 060d424 Update lint and test workflow to ignore specific paths for push and pull requ...
• f250349 Add permissions section to lint and test workflow
• ea3c673 Add build package job to CI
• 57bc8f6 Add GitHub Actions workflow for publishing to TestPyPI and signing with Sigstore
• 89961be Refactor GitHub Actions workflow to improve test reporting and coverage uploa...
• aa0629a Refactor the lint job
• Additional commits v...

  Description has been truncated

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.