Bump the everything-else group across 1 directory with 46 updates

[dependabot]

Bumps the everything-else group with 46 updates in the /python directory:

Package	From	To
build	1.2.2.post1	1.4.0
twine	6.1.0	6.2.0
pylint	3.3.7	4.0.5
tox	4.27.0	4.49.0
tox-gh-actions	3.3.0	3.5.0
astroid	3.3.11	4.1.1
babel	2.17.0	2.18.0
beautifulsoup4	4.13.4	4.14.3
cachetools	6.1.0	7.0.4
certifi	2025.7.14	2026.2.25
cffi	1.17.1	2.0.0
chardet	5.2.0	7.0.1
charset-normalizer	3.4.2	3.4.5
cryptography	45.0.5	46.0.5
dill	0.4.0	0.4.1
distlib	0.3.9	0.4.0
docutils	0.21.2	0.22.4
exceptiongroup	1.3.0	1.3.1
filelock	3.18.0	3.25.0
idna	3.10	3.11
imagesize	1.4.1	2.0.0
importlib-metadata	8.7.0	8.7.1
iniconfig	2.1.0	2.3.0
isort	6.0.1	8.0.1
jaraco-context	6.0.1	6.1.1
jaraco-functools	4.2.1	4.4.0
keyring	25.6.0	25.7.0
markdown-it-py	3.0.0	4.0.0
markupsafe	3.0.2	3.0.3
mdit-py-plugins	0.4.2	0.5.0
more-itertools	10.7.0	10.8.0
nh3	0.2.21	0.3.3
packaging	25.0	26.0
platformdirs	4.3.8	4.9.4
pycparser	2.22	3.0
pyproject-api	1.9.1	1.10.0
pyyaml	6.0.2	6.0.3
requests	2.32.4	2.32.5
rich	14.0.0	14.3.3
secretstorage	3.3.3	3.5.0
soupsieve	2.7	2.8.3
tomli	2.2.1	2.4.0
tomlkit	0.13.3	0.14.0
typing-extensions	4.14.1	4.15.0
urllib3	2.5.0	2.6.3
virtualenv	20.31.2	21.1.0

Updates build from 1.2.2.post1 to 1.4.0

Release notes

Sourced from build's releases.

1.4.0

• Add --quiet flag (PR #947)
• Add option to dump PEP 517 metadata with --metadata (PR #940, PR #943)
• Support UV environment variable (PR #971)
• Remove a workaround for 3.14b1 (PR #960)
• In 3.14 final release, color defaults to True already (PR #962)
• Pass sp-repo-review (PR #942)
• In pytest configuration, log_level is better than log_cli_level (PR #950)
• Split up typing and mypy (PR #944)
• Use types-colorama (PR #945)
• In docs, first argument for _has_dependency is a name (PR #970)
• Fix test failure when flit-core is installed (PR #921)

1.3.0

• Add --config-json (PR #916, fixes issue #900)
• Drop Python 3.8 (PR #891)
• Test on Python 3.14, colorful help on 3.14+ (PR #895)
• Fix ModuleNotFoundError when pip is not installed (PR #898)
• Disable use of pip install --python for debundled pip (PR #861)
• Don't pass no-wheel to virtualenv if it would warn (PR #892)
• Optimize our tests to run faster (PR #871, #872, #738)
• Allow running our tests without virtualenv (PR #911)
• Fix issues in our tests (PR #824, #918, #870, #915, #862, #863, #899, #896, #854)
• Use SPDX identifiers for our license metadata (PR #914)
• Use dependency-groups for our development (PR #880)
• Mention conda and update uv mention in README/docs (PR #842, #816, #917)

Changelog

Sourced from build's changelog.

########### Changelog ###########

---

1.4.0 (2026-01-08)

---

• Add --quiet flag (:pr:947)
• Add option to dump PEP 517 metadata with --metadata (:pr:940, :pr:943)
• Support UV environment variable (:pr:971)
• Remove a workaround for 3.14b1 (:pr:960)
• In 3.14 final release, color defaults to True already (:pr:962)
• Pass sp-repo-review (:pr:942)
• In pytest configuration, log_level is better than log_cli_level (:pr:950)
• Split up typing and mypy (:pr:944)
• Use types-colorama (:pr:945)
• In docs, first argument for _has_dependency is a name (PR :pr:970)
• Fix test failure when flit-core is installed (PR :pr:921)

---

1.3.0 (2025-08-01)

---

• Add --config-json (PR :pr:916, fixes issue :issue:900)
• Drop Python 3.8 (PR :pr:891)
• Test on Python 3.14, colorful help on 3.14+ (PR :pr:895)
• Fix ModuleNotFoundError when pip is not installed (PR :pr:898)
• Disable use of pip install --python for debundled pip (PR :pr:861)
• Don't pass no-wheel to virtualenv if it would warn (PR :pr:892)
• Optimize our tests to run faster (PR :pr:871, :pr:872, :pr:738)
• Allow running our tests without virtualenv (PR :pr:911)
• Fix issues in our tests (PR :pr:824, :pr:918, :pr:870, :pr:915, :pr:862, :pr:863, :pr:899, :pr:896, :pr:854)
• Use SPDX identifiers for our license metadata (PR :pr:914)
• Use dependency-groups for our development (PR :pr:880)
• Mention conda and update uv mention in README/docs (PR :pr:842, :pr:816, :pr:917)

---

1.2.2 (2024-09-06)

---

• Add editable to builder.get_requires_for_build's static types (PR :pr:764, fixes issue :issue:763)
• Include artifact attestations in our release (PR :pr:782)
• Fix typing compatibility with typed pyproject-hooks (PR :pr:788)
• Mark more tests with network (PR :pr:808)
• Add more intersphinx links to docs (PR :pr:804)
• Make uv optional for tests (PR :pr:807 and :pr:813)

---

... (truncated)

Commits

• 54f238d chore: prepare for 1.4.0 (#972)
• f219276 docs: first argument for _has_dependency is a name (#970)
• 7adb29e fix: support UV environment variable (#971)
• a40623b build(deps): bump actions/attest-build-provenance in the actions group (#968)
• c8fae34 pre-commit: bump repositories (#965)
• ed9c379 build(deps): bump actions/download-artifact in the actions group
• 0e44fd2 Add quiet flag (#947)
• 60e15ed chore: color defaults to True in 3.14 (#962)
• 0486d9d pre-commit: bump repositories (#961)
• 393b775 MNT: remove workaround for 3.14b1 (#960)
• Additional commits viewable in compare view

Updates twine from 6.1.0 to 6.2.0

Changelog

Sourced from twine's changelog.

twine 6.2.0 (2025-09-04)

Features ^^^^^^^^

• Automatically refresh short-lived PyPI token in long running Trusted Publishing uploads.

  In the event that a trusted publishing upload job is taking longer than the validity period of a trusted publishing token (15 minutes at the time of this writing), and we are already 10 minutes into that validity period, we will begin to attempt to replace the token on each subsequent request. ([#1246](https://github.com/pypa/twine/issues/1246) <https://github.com/pypa/twine/issues/1246>_)

Bugfixes ^^^^^^^^

• Fix compatibility kludge for invalid License-File metadata entries emitted by build backends to work also with packaging version 24.0. ([#1217](https://github.com/pypa/twine/issues/1217) <https://github.com/pypa/twine/issues/1217>_)
• Fix a couple of incorrectly rendered error messages. ([#1224](https://github.com/pypa/twine/issues/1224) <https://github.com/pypa/twine/issues/1224>_)
• twine now enforces keyring >= 21.2.0, which was previously implicitly required by API usage. ([#1229](https://github.com/pypa/twine/issues/1229) <https://github.com/pypa/twine/issues/1229>_)
• twine now catches configparser.Error to prevent accidental leaks of secret tokens or passwords to the user's console. ([#1240](https://github.com/pypa/twine/issues/1240) <https://github.com/pypa/twine/issues/1240>_)

Deprecations and Removals ^^^^^^^^^^^^^^^^^^^^^^^^^

• Remove hacks that support --skip-existing for indexes other than PyPI and TestPyPI.

  To date, these hacks continue to accrue and there have been numerous issues with them, not the least of which being that every time we update them, the paid index providers change things to break the compatibility we implement for them. Beyond that, these hacks do not work when text is internationalized in the response from the index provider.

  For a sample of past issues, see:

  • pypa/twine#1251

  • pypa/twine#918

  • pypa/twine#856

  • pypa/twine#693

  • pypa/twine#332 ([#1251](https://github.com/pypa/twine/issues/1251) <https://github.com/pypa/twine/issues/1251>_)

... (truncated)

Commits

• 14ceb29 Update changelog for 6.2.0 (#1264)
• 60e377b build(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#1263)
• 88821f2 feat(package): remove MD5 hashing entirely (#1262)
• ce5fe53 build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0
• 6a696ed PEP 639 compliance
• 9175334 rename 1247.misc.rst to changelog/1247.misc.rst
• d94a475 fix(tests): update expected error message
• c1c02d1 Remove --skip-existing support for non-PyPI indices
• a24d308 Set trusted publishing logging to INFO/WARN (#1247)
• becf1a8 Fix py3.9 mypy error in __init__ around PackageMetadata
• Additional commits viewable in compare view

Updates pylint from 3.3.7 to 4.0.5

Commits

• 88e1ab7 Bump pylint to 4.0.5, update changelog (#10860)
• d96d489 [Backport maintenance/4.0.x] Relax isort version constraint to allow isort 8 ...
• 0b08ccb Fix dynamic color mapping for "fail-on" messages when using multiple reporter...
• 154dba4 [Backport maintenance/4.0.x] Fix FP for invalid-name with typing.Final on...
• 7b73bfd Disable unspecified-encoding for py-version above Python 3.15 (#10800)
• 4cc98be [Backport maintenance/4.0.x] Fix setting options for import order checker (#1...
• f0d30a2 Sync astroid version with requirements file again
• 38bdf02 [Backport maintenance/4.0.x] Fix logging-unsupported-format when logging ...
• f08c33a [Backport maintenance/4.0.x] Properly detect self.fail() as a terminating...
• e16f942 Bump pylint to 4.0.4, update changelog
• Additional commits viewable in compare view

Updates tox from 4.27.0 to 4.49.0

Release notes

Sourced from tox's releases.

v4.49.0

What's Changed

• ✨ feat(config): add {factor:label} substitution for TOML by @​gaborbernat in tox-dev/tox#3865
• 🐛 fix(legacy): initialize config_format and output_file for --showconfig by @​rares985 in tox-dev/tox#3867

New Contributors

• @​rares985 made their first contribution in tox-dev/tox#3867

Full Changelog: tox-dev/tox@4.48.1...4.49.0

v4.48.1

What's Changed

• Replace archived 31z4/tox Docker image with build-your-own guide by @​rahuldevikar in tox-dev/tox#3864
• 🐛 fix(toml): extract args from Command in ref replacement by @​gaborbernat in tox-dev/tox#3863

Full Changelog: tox-dev/tox@4.48.0...4.48.1

v4.48.0

What's Changed

• Add fail_fast to config reference docs by @​rahuldevikar in tox-dev/tox#3853
• ✨ feat(config): add --format json/toml and -o to config command by @​gaborbernat in tox-dev/tox#3857

Full Changelog: tox-dev/tox@4.47.3...4.48.0

v4.47.3

What's Changed

• Fix SchemaStore workflow creating empty PRs by @​gaborbernat in tox-dev/tox#3848
• Add .mailmap to consolidate author identities by @​yarikoptic in tox-dev/tox#3849
• 🐛 fix(config): honor ignore_base_python_conflict for factor conflicts by @​gaborbernat in tox-dev/tox#3851

Full Changelog: tox-dev/tox@4.47.2...4.47.3

v4.47.2

What's Changed

• fix: handle OSError in pos_args path existence check by @​yarikoptic in tox-dev/tox#3847

New Contributors

... (truncated)

Changelog

Sourced from tox's changelog.

Features - 4.49.0

• Add {factor:label} substitution for TOML configs -- factor groups in product matrices and env_base factors can now be labeled with single-key dicts (e.g., {ecosystem = ["oci", "python"]}), enabling {factor:ecosystem} in any string value (descriptions, commands, etc.) to resolve to the active factor. Plain lists automatically get positional labels ({factor:0}, {factor:1}, ...) - by :user:gaborbernat. (:issue:3860) (:issue:3860)

Bug fixes - 4.49.0

• Fix --showconfig and --help-ini legacy flags raising AttributeError after config format options were added
  • by :user:rares985 (:issue:3866)

---

v4.48.1 (2026-03-06)

---

Bug fixes - 4.48.1

• Command-type configuration values like list_dependencies_command can now be referenced in TOML using the structured {replace = "ref"} syntax. The reference automatically extracts the command's argument list for compatibility with TOML's list[list[str]] structure - by :user:gaborbernat. (:issue:3830)

Improved documentation - 4.48.1

• Replace archived 31z4/tox Docker image recommendation with instructions for building your own image using the official Python base image and uv - by :user:rahuldevikar. (:issue:3855)

---

v4.48.0 (2026-03-05)

---

Features - 4.48.0

• Add --format flag (ini, json, toml) and -o/--output-file to the config command for machine-readable output with native types. JSON and TOML use the same key structure as tox.toml (env.<name> for environments, tox for core) and get syntax-highlighted on stdout - by :user:gaborbernat. (:issue:3854)

Improved documentation - 4.48.0

• Add fail_fast to the configuration reference documentation - by :user:rahuldevikar. (:issue:578)

---

v4.47.3 (2026-03-04)

---

... (truncated)

Commits

• 6c452bb release 4.49.0
• 1c59d54 🐛 fix(legacy): initialize config_format and output_file for --showconfig (#3867)
• 2382601 ✨ feat(config): add {factor:label} substitution for TOML (#3865)
• ccf173f release 4.48.1
• 113bcf8 🐛 fix(toml): extract args from Command in ref replacement (#3863)
• fc50406 Replace archived 31z4/tox Docker image with build-your-own guide (#3864)
• 51317d3 release 4.48.0
• 4c72887 ✨ feat(config): add --format json/toml and -o to config command (#3857)
• dd190f6 Add fail_fast to config reference docs (#3853)
• 2c8c5b2 release 4.47.3
• Additional commits viewable in compare view

Updates tox-gh-actions from 3.3.0 to 3.5.0

Release notes

Sourced from tox-gh-actions's releases.

v3.5.0

What's Changed

• Add support for free-threading Python builds by @​ymyzk in ymyzk/tox-gh-actions#228
• GitHub Actions: macOS 13 runner image is closing down by @​cclauss in ymyzk/tox-gh-actions#227

Full Changelog: ymyzk/tox-gh-actions@v3.4.0...v3.5.0

v3.4.0

What's Changed

• GitHub Actions: Add Python 3.14 to the testing by @​cclauss in ymyzk/tox-gh-actions#223
• Add PyPy 3.11 to CI by @​ymyzk in ymyzk/tox-gh-actions#203
• README.md: Modernize versions of Python, Django, and GitHub Actions by @​cclauss in ymyzk/tox-gh-actions#225
• Introduce pre-commit by @​ymyzk in ymyzk/tox-gh-actions#202
• Set up Dependabot by @​ymyzk in ymyzk/tox-gh-actions#204
• Update tox-gh-actions 2.x support status by @​ymyzk in ymyzk/tox-gh-actions#205
• Bump codecov/codecov-action from 2 to 5 by @​dependabot[bot] in ymyzk/tox-gh-actions#207
• Clean up unused CodeQL configuration by @​ymyzk in ymyzk/tox-gh-actions#211
• Bump actions/setup-python from 4 to 5 by @​dependabot[bot] in ymyzk/tox-gh-actions#209
• Migrate package metadata into pyproject.toml by @​ymyzk in ymyzk/tox-gh-actions#210
• Bump actions/checkout from 1 to 4 by @​dependabot[bot] in ymyzk/tox-gh-actions#208
• Set permissions explicitly in GitHub Actions by @​ymyzk in ymyzk/tox-gh-actions#212
• Pin third-party GitHub actions using commit hash by @​ymyzk in ymyzk/tox-gh-actions#213
• Bump codecov/codecov-action from 5.3.1 to 5.4.0 by @​dependabot[bot] in ymyzk/tox-gh-actions#214
• Bump actions/download-artifact from 4 to 5 by @​dependabot[bot] in ymyzk/tox-gh-actions#217
• Bump actions/setup-python from 5 to 6 by @​dependabot[bot] in ymyzk/tox-gh-actions#221
• Bump codecov/codecov-action from 5.4.0 to 5.5.1 by @​dependabot[bot] in ymyzk/tox-gh-actions#222
• Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 by @​dependabot[bot] in ymyzk/tox-gh-actions#220
• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in ymyzk/tox-gh-actions#218
• Add PyPI project URL to packaging workflow environment by @​ymyzk in ymyzk/tox-gh-actions#226

New Contributors

• @​dependabot[bot] made their first contribution in ymyzk/tox-gh-actions#207

Full Changelog: ymyzk/tox-gh-actions@v3.3.0...v3.4.0

Commits

• dd8e04b Merge pull request #228 from ymyzk/free-threading
• 3d35511 Add support for free-threading Python builds
• 8deb697 Merge pull request #227 from cclauss/macos-13-intel
• 9251a8c Upgrade from deprecated macos-13 to macos-15-intel in CI
• 4fadf65 Merge pull request #226 from ymyzk/pypi-publish-env-url
• 2afbfde Add PyPI project URL to packaging workflow environment
• c0f8b1d Merge pull request #225 from cclauss/update-README.md
• f71f412 Merge pull request #218 from ymyzk/dependabot/github_actions/actions/checkout-5
• 5d0e50c Bump actions/checkout from 4 to 5
• 6ae0a5f Merge pull request #220 from ymyzk/dependabot/github_actions/pypa/gh-action-p...
• Additional commits viewable in compare view

Updates astroid from 3.3.11 to 4.1.1

Release notes

Sourced from astroid's releases.

v4.1.1

What's New in astroid 4.1.1?

Release date: 2026-02-22

• Let UnboundMethodModel inherit from FunctionModel to improve inference of dunder methods for unbound methods.

  Refs #2741

• Filter Unknown from UnboundMethod and Super special attribute lookup to prevent placeholder nodes from leaking during inference.

  Refs #2741

v4.1.0

What's New in astroid 4.1.0?

Release date: 2026-02-08

• Add support for equality constraints (==, !=) in inference. Closes pylint-dev/pylint#3632 Closes pylint-dev/pylint#3633

• Ensure ast.JoinedStr nodes are Uninferable when the ast.FormattedValue is Uninferable. This prevents unexpected-keyword-arg messages in Pylint where the Uninferable string appeared in function arguments that were constructed dynamically.

  Closes pylint-dev/pylint#10822

• Add support for type constraints (isinstance(x, y)) in inference.

  Closes pylint-dev/pylint#1162 Closes pylint-dev/pylint#4635 Closes pylint-dev/pylint#10469

• Make type.__new__() raise clear errors instead of returning None

• Move object dunder methods from FunctionModel to ObjectModel to make them available on all object types, not just functions.

  Closes #2742 Closes #2741 Closes pylint-dev/pylint#6094

• lineno and end_lineno are now available on Arguments.

• Add helper to iterate over all annotations nodes of function arguments, Arguments.get_annotations().

... (truncated)

Changelog

Sourced from astroid's changelog.

What's New in astroid 4.1.1?

Release date: 2026-02-22

• Let UnboundMethodModel inherit from FunctionModel to improve inference of dunder methods for unbound methods.

  Refs #2741

• Filter Unknown from UnboundMethod and Super special attribute lookup to prevent placeholder nodes from leaking during inference.

  Refs #2741

What's New in astroid 4.1.0?

Release date: 2026-02-08

• Add support for equality constraints (==, !=) in inference. Closes pylint-dev/pylint#3632 Closes pylint-dev/pylint#3633

• Ensure ast.JoinedStr nodes are Uninferable when the ast.FormattedValue is Uninferable. This prevents unexpected-keyword-arg messages in Pylint where the Uninferable string appeared in function arguments that were constructed dynamically.

  Closes pylint-dev/pylint#10822

• Add support for type constraints (isinstance(x, y)) in inference.

  Closes pylint-dev/pylint#1162 Closes pylint-dev/pylint#4635 Closes pylint-dev/pylint#10469

• Make type.__new__() raise clear errors instead of returning None

• Move object dunder methods from FunctionModel to ObjectModel to make them available on all object types, not just functions.

  Closes #2742 Closes #2741 Closes pylint-dev/pylint#6094

• lineno and end_lineno are now available on Arguments.

• Add helper to iterate over all annotations nodes of function arguments, Arguments.get_annotations().

... (truncated)

Commits

• f11d7ae Bump astroid to 4.1.1, update changelog
• 3ea62ba [Backport maintenance/4.1.x] Prevent Unknown from leaking via special attribu...
• e064505 Fix __doc__ on unbound method (#2958)
• a57e817 [Backport maintenance/4.1.x] [pre-commit.ci] pre-commit autoupdate (#2959) (#...
• 5ffc8aa Bump astroid to 4.1.0, update changelog
• 7a8a4c0 Post 4.0.4 (#2955)
• b20dda8 Merge branch 'maintenance/4.0.x' into post-4.0.4
• 019feb6 Bump astroid to 4.0.4, update changelog
• b25ee05 Fix namespace detection crash (#2949)
• 55f76d8 Implement equality constraint (#2927)
• Additional commits viewable in compare view

Updates babel from 2.17.0 to 2.18.0

Release notes

Sourced from babel's releases.

v2.18.0

Happy 2026! Like last year's release (ahem...), this one too is being made from FOSDEM 2026, in Brussels, Belgium. 🇧🇪 We'll aspire for a less glacial release cycle for 2.19. 😁

Please see CHANGELOG.rst for the detailed change log.

Full Changelog: python-babel/babel@v2.17.0...v2.18.0

Changelog

Sourced from babel's changelog.

Version 2.18.0

Happy 2026! This release is, coincidentally, also being made from FOSDEM.

We will aspire for a slightly less glacial release cadence in this year; there are interesting features in the pipeline.

Features

* Core: Add `babel.core.get_cldr_version()` by @akx in :gh:`1242`
* Core: Use CLDR 47 by @tomasr8 in :gh:`1210`
* Core: Use canonical IANA zone names in zone_territories by @akx in :gh:`1220`
* Messages: Improve extract performance via ignoring directories early during os.walk by @akx in :gh:`968`
* Messages: Merge in per-format keywords and auto_comments by @akx in :gh:`1243`
* Messages: Update keywords for extraction of dpgettext and dnpgettext by @mardiros in :gh:`1235`
* Messages: Validate all plurals in Python format checker by @tomasr8 in :gh:`1188`
* Time: Use standard library `timezone` instead of `FixedOffsetTimezone` by @akx in :gh:`1203`
Bugfixes

• Core: Fix formatting for "Empty locale identifier" exception added in #1164 by @​akx in :gh:1184
• Core: Improve handling of no-inheritance-marker in timezone data by @​akx in :gh:1194
• Core: Make the number pattern regular expression more efficient by @​akx in :gh:1213
• Messages: Keep translator comments next to the translation function call by @​akx in :gh:1196
• Numbers: Fix KeyError that occurred when formatting compact currencies of exactly one thousand in several locales by @​bartbroere in :gh:1246

Other improvements

* Core: Avoid unnecessary uses of `map()` by @akx in :gh:`1180`
* Messages: Have init-catalog create directories too by @akx in :gh:`1244`
* Messages: Optimizations for read_po by @akx in :gh:`1200`
* Messages: Use pathlib.Path() in catalog frontend; improve test coverage by @akx in :gh:`1204`
Infrastructure and documentation

• CI: Renovate CI & lint tools by @​akx in :gh:1228
• CI: Tighten up CI with Zizmor by @​akx in :gh:1230
• CI: make job permissions explicit by @​akx in :gh:1227
• Docs: Add SECURITY.md by @​akx in :gh:1229
• Docs: Remove u string prefix from docs by @​verhovsky in :gh:1174
• Docs: Update dates.rst with current unicode.org tr35 link by @​clach04 in :gh:1189
• General: Add some PyPI classifiers by @​tomasr8 in :gh:1186
• General: Apply reformatting by hand and with Ruff by @​akx in :gh:1202
• General: Test on and declare support for Python 3.14 by @​akx in :gh:1233

... (truncated)

Commits

• 56c63ca Prepare for 2.18.0 (#1248)
• 73015a1 Add user-agent to CLDR downloader (#1247)
• 29bd362 Fix formatting compact currencies of exactly one thousand in several locales ...
• 851db43 Reuse InitCatalog's guts in UpdateCatalog (#1244)
• fd00e60 Extract: Merge in per-format keywords and auto_comments (#1243)
• 12a14b6 Add dpgettext and dnpgettext support (#1235)
• 7110e62 Use canonical IANA zone names in zone_territories (#1220)
• e91c346 Improve extract performance via ignoring directories early during os.walk (#968)
• 0c4f378 Convert Unittest testcases with setup/teardown to fixtures (#1240)
• 218c96e Add babel.core.get_cldr_version() (#1242)
• Additional commits viewable in compare view

Updates beautifulsoup4 from 4.13.4 to 4.14.3

Updates cachetools from 6.1.0 to 7.0.4

Changelog

Sourced from cachetools's changelog.

v7.0.4 (2026-03-08)

• Fix and properly document @cachedmethod.cache_key behavior.

• Minor documentation improvements.

v7.0.3 (2026-03-05)

• Fix DeprecationWarning when creating an autospec mock with @cachedmethod decorations.

v7.0.2 (2026-03-02)

• Provide more efficient clear() implementation for all support Cache classes (courtesy Josep Pon Farreny).

v7.0.1 (2026-02-10)

• Various test improvements.

• Update Copilot Instructions.

v7.0.0 (2026-02-01)

• Require Python 3.10 or later (breaking change).

• Drop support for passing info as fourth positional parameter to @cached (breaking change).

• Drop support for cache(self) returning None with @cachedmethod (breaking change).

• Convert the @cachedmethod wrappers to descriptors, deprecating its use with class methods and instances that do not provide a mutable __dict__ attribute (potentially breaking change).

• Convert the previously undocumented @cachedmethod attributes (cache, cache_lock, etc.) to properties for instance methods, providing official support and documentation (potentially breaking change).

... (truncated)

Commits

• 0ca75e6 Relase v7.0.4.
• 5b1fa39 Prepare v7.0.4.
• 18e5930 Fix #218: Fix and properly document @​cachedmethod.cache_key handling.
• 98ec79f Drop "class method" from @​cachedmethod docstring.
• 93822a3 Release v7.0.3.
• 57d2e48 Fix #387: Handle obj=None case for inspection in _DescriptorBase.
• 8011b71 Release v7.0.2.
• 73d1602 Minor cleanups.
• 083ee5f Add clear() tests for TTLCache and TLRUCache.
• 2181fad Add comment explaining clear() optimization.
• Additional commits viewable in compare view

Updates certifi from 2025.7.14 to 2026.2.25

Commits

• 8571a4b 2026.02.25 (#395)
• 6f7de00 Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (#390)
• a1de59b Bump actions/checkout from 6.0.1 to 6.0.2 (#391)
• 7f5ade5 Bump actions/setup-python from 6.1.0 to 6.2.0 (#392)
• c64d9f3 2026.01.04 (#389)
• 4ac232f Bump actions/download-artifact from 6.0.0 to 7.0.0 (#387)
• 95ae4b2 Update CI workflow to use Ubuntu 24.04 and Python 3.14 stable (#386)
• b72a7b1 Bump dessant/lock-threads from 5.0.1 to 6.0.0 (#385)
• ecc2672 Bump actions/upload-artifact from 5.0.0 to 6.0.0 (#384)
• 6a897db Bump peter-evans/create-pull-request from 7.0.11 to 8.0.0 (#383)
• Additional commits viewable in compare view

Updates cffi from 1.17.1 to 2.0.0

Release notes

Sourced from cffi's releases.

v2.0.0

What's Changed

• Add Python 3.14 support.
• Add CPython free-threaded support (3.14t+ only) - huge thanks to the folks at Quansight Labs for all the work to get this one sorted!
• Drop Python <= 3.8 support.
• Fix order dependency affecting nested type size calculation (#148).

Full Changelog: python-cffi/cffi@v1.17.1...v2.0.0

v2.0.0b1

What's Changed

• Add Python 3.14 support.
• Add CPython free-threaded support (3.14t+ only).
• Drop Python <= 3.8 support.
• Fix order dependency affecting nested type size calculation (#148).

Full Changelog: python-cffi/cffi@v1.17.1...v2.0.0b1

Commits

• 6366c01 release 2.0.0 (#196)
• 95c8476 2.0.0 post beta backports (#195)
• 195cbda Release 2.0.0b1 (#183)
• b4bbe79 fix version test to support beta
• 7ed073d Add support for the free-threaded build (#178)
• 67a170d Change the license from MIT to MIT-no-attribution, which is the same without ...
• 92645ec Add Python 3.14 support/testing (#177)
• 2b81170 doc: update test commands in Section Testing/development tips (#158)
• 25172b8 doc: update year (#153)
• b57a92c issue 147: force-compute nested structs before parent structs. Occurs mainly...
• Additional commits viewable in compare view

Updates chardet from 5.2.0 to 7.0.1

Release notes

Sourced from chardet's releases.

7.0.1

Fixes

• Fixed false UTF-7 detection of SHA-1 git hashes (#324, fixing #323) — requirements files with VCS pins (e.g., +4bafdea3...) were misdetected as UTF-7, breaking tools like tox
• Fixed _SINGLE_LANG_MAP missing aliases for single-language encoding lookup (e.g., big5 → big5hkscs)
• Fixed PyPy TypeError in UTF-7 codec handling

Improvements

• Retrained bigram models — 24 previously failing test cases now pass
• Updated language equivalences for mutual intelligibility (Slovak/Czech, East Slavic + Bulgarian, Malay/Indonesian, Scandinavian languages)

New Contributors

• <...

  Description has been truncated