build(deps): bump the python group across 1 directory with 8 updates

[dependabot]

Bumps the python group with 8 updates in the / directory:

Package	From	To
idna	3.10	3.11
pyparsing	3.2.4	3.2.5
coverage	7.10.6	7.10.7
pylint	3.3.8	3.3.9
beautifulsoup4	4.13.5	4.14.2
certifi	2025.8.3	2025.10.5
charset-normalizer	3.4.3	3.4.4
markupsafe	3.0.2	3.0.3

Updates idna from 3.10 to 3.11

Changelog

Sourced from idna's changelog.

3.11 (2025-10-12)

• Update to Unicode 16.0.0, including significant changes to UTS46 processing. As a result of Unicode ending support for it, transitional processing no longer has an effect and returns the same result.
• Add support for Python 3.14, lowest supported version is Python 3.8.
• Various updates to packaging, including PEP 740 support.

Commits

• ad949ee Release v3.11
• cae4ba7 Second release candidate for 3.11
• 8adb305 Add space in RST link
• 74cb2b6 Release candidate for 3.11
• 05dab09 Format idna-data with ruff
• 90eac78 Apply ruff formatting
• a31ce7e Remove errant test vectors
• 81f0333 Omit vectors known to be broken in test suite
• a0f3257 Merge branch 'master' into unicode-16-uts46-changes
• 38d9886 Remove extra UTS46 test vector
• Additional commits viewable in compare view

Updates pyparsing from 3.2.4 to 3.2.5

Changelog

Sourced from pyparsing's changelog.

Version 3.2.5 - September, 2025

• JINX! Well, 3.2.4 had a bug for Word expressions that include a space character, if that expression was then copied, either directly with .copy() or by adding a results name, or included in another construct (like DelimitedList) that makes a copy internally. Issue #618, reported by mstinberg, among others - thanks, and sorry for the inconvenience.

Version 3.2.5 - September, 2025

• JINX! Well, 3.2.4 had a bug for Word expressions that include a space character, if that expression was then copied, either directly with .copy() or by adding a results name, or including in another construct (like DelimitedList) that makes a copy internally. Issue #618, reported by mstinberg, among others - thanks, and sorry for the inconvenience.

Commits

• dbbd53a More unit tests and some comments for traceability to Issue #618
• f5bdb2d Issue #618 - fix reference to re_match attribute in copy of Word object to fi...
• 8c61893 Prep for 3.2.5 release
• See full diff in compare view

Updates coverage from 7.10.6 to 7.10.7

Changelog

Sourced from coverage's changelog.

Version 7.10.7 — 2025-09-21

• Performance: with branch coverage in large files, generating HTML, JSON, or LCOV reports could take far too long due to some quadratic behavior when creating the function and class index pages. This is now fixed, closing issue 2048_. Thanks to Daniel Diniz for help diagnosing the problem.

• Most warnings and a few errors now have links to a page in the docs explaining the specific message. Closes issue 1921_.

.. _issue 1921: nedbat/coveragepy#1921 .. _issue 2048: nedbat/coveragepy#2048

.. _changes_7-10-6:

Commits

• 92a2af5 docs: sample HTML for 7.10.7
• 952afda docs: prep for 7.10.7
• a301761 build: riscv64 wheels (#2055)
• 5daff8d docs: now source is formatted with ruff
• 04bbc3a docs: discuss cog in the contributing docs
• c181b93 build: use cog --check-fail-msg to instruct devs
• 33c4ba1 chore: make upgrade
• 0744b73 chore: bump the action-dependencies group across 1 directory with 2 updates (...
• 0d5a112 perf: bulk narrowing to avoid N**2. #2048
• a868ed9 docs: mention Python Discord on the index page
• Additional commits viewable in compare view

Updates pylint from 3.3.8 to 3.3.9

Commits

• 4cab7ca Bump pylint to 3.3.9, update changelog
• 81fb483 [Backport maintenance/3.3.x] Extend catching of ValueError to 3.12.5+ (#10611)
• 1ef673b [Backport maintenance/3.3.x] Fix flagging undeprecated importlib.resources fu...
• 194790c Fix invalid refs in 3.3 whatsnew (#10578) (#10579)
• 9823870 fix: handle inconsistent-return-statements false positive with quit()/`ex...
• 16fe127 fix: handle for-loop variable shadowing correctly (#10569) (#10571)
• 6cf727c Add sphinx reference for whatsnew 3.3 (#10564) (#10565)
• 641a316 Use custom backport action (#10536) (#10537)
• 65efb67 [fix] Better approach in 'unnecessary-list-index-lookup' to avoid crashes (#1...
• 78444bb Fix used-before-assignment for PEP 695 type aliases + parameters (#10488) (#1...
• See full diff in compare view

Updates beautifulsoup4 from 4.13.5 to 4.14.2

Updates certifi from 2025.8.3 to 2025.10.5

Commits

• fb14ac4 2025.10.05 (#371)
• 2c7c7ee Add Python 3.14 classifier in setup.py
• 1a5cb7b Bump actions/setup-python from 5.6.0 to 6.0.0 (#367)
• dea5960 Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 (#366)
• 83566b7 Bump actions/checkout from 4.2.2 to 5.0.0
• ca2e121 Bump actions/download-artifact from 4.3.0 to 5.0.0
• See full diff in compare view

Updates charset-normalizer from 3.4.3 to 3.4.4

Release notes

Sourced from charset-normalizer's releases.

Version 3.4.4

3.4.4 (2025-10-13)

Changed

• Bound setuptools to a specific constraint setuptools>=68,<=81.
• Raised upper bound of mypyc for the optional pre-built extension to v1.18.2

Removed

• setuptools-scm as a build dependency.

Misc

• Enforced hashes in dev-requirements.txt and created ci-requirements.txt for security purposes.
• Additional pre-built wheels for riscv64, s390x, and armv7l architectures.
• Restore multiple.intoto.jsonl in GitHub releases in addition to individual attestation file per wheel.

Changelog

Sourced from charset-normalizer's changelog.

3.4.4 (2025-10-13)

Changed

• Bound setuptools to a specific constraint setuptools>=68,<=81.
• Raised upper bound of mypyc for the optional pre-built extension to v1.18.2

Removed

• setuptools-scm as a build dependency.

Misc

• Enforced hashes in dev-requirements.txt and created ci-requirements.txt for security purposes.
• Additional pre-built wheels for riscv64, s390x, and armv7l architectures.
• Restore multiple.intoto.jsonl in GitHub releases in addition to individual attestation file per wheel.

Commits

• b30ffdc 🔧 fix checksum step in cd.yml
• d3fbfcf 🔧 fix cd.yml
• dafbb95 Release 3.4.4 (#658)
• 1f18ffa ⬆️ raise mypy upper bound to 1.18.2
• ef4ac69 Merge branch 'release-3.4.4' of github.com:jawah/charset_normalizer into rele...
• 4b35dda 📝 write changelog for 3.4.4
• 0ec6452 🔧 update cd.yml workflow (add riscv64, s390x and armv7l)
• f341ede ⬆️ upgrade dependencies (dev, ci)
• a308841 📝 write changelog for 3.4.4
• 9c906da 🔧 update cd.yml workflow (add riscv64, s390x and armv7l)
• Additional commits viewable in compare view

Updates markupsafe from 3.0.2 to 3.0.3

Release notes

Sourced from markupsafe's releases.

3.0.3

This is the MarkupSafe 3.0.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/MarkupSafe/3.0.3/ Changes: https://markupsafe.palletsprojects.com/page/changes/#version-3-0-3 Milestone: https://github.com/pallets/markupsafe/milestone/15?closed=1

• __version__ raises DeprecationWarning instead of UserWarning. #487
• Adopt multi-phase initialization PEP 489 for the C extension. #494
• Build Windows ARM64 wheels. #485
• Build Python 3.14 wheels. #503
• Build riscv64 wheels. #505

Changelog

Sourced from markupsafe's changelog.

Version 3.0.3

Released 2025-09-27

• __version__ raises DeprecationWarning instead of UserWarning. :issue:487
• Adopt multi-phase initialisation (:pep:489) for the C extension. :issue:494
• Build Windows ARM64 wheels. :issue:485
• Build Python 3.14 wheels. :issue:503
• Build riscv64 wheels. :issue:505

Commits

• 297fc8e release version 3.0.3
• 7e4e6ce Free-threading: run with pytest-run-paralell (#507)
• 6100b9c enable riscv64 wheels (#506)
• c9d5ecf enable riscv64 wheels
• 2f9b337 tox for 3.14
• 78d951a update dev dependencies
• bb6744e add entry
• 65c4134 upgrade cibuildwheel, add cp314 wheels and test on CPython 3.14 (#504)
• 3a9bd88 add cp314 wheels
• aafe44d remove slsa provenance (#501)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 76.92%. Comparing base (469b70e) to head (df44e1b).

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #1343   +/-   ##
=======================================
  Coverage   76.92%   76.92%           
=======================================
  Files          20       20           
  Lines        1309     1309           
=======================================
  Hits         1007     1007           
  Misses        302      302           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.