chore(deps): bump the python-dependencies group with 12 updates

[dependabot]

Bumps the python-dependencies group with 12 updates:

Package	From	To
python-json-logger	4.0.0	4.1.0
mypy	1.19.1	1.20.0
ruff	0.15.4	0.15.9
types-pyyaml	6.0.12.20250915	6.0.12.20260408
pytest	9.0.2	9.0.3
pytest-cov	7.0.0	7.1.0
mkdocs-gen-files	0.6.0	0.6.1
mkdocs-jupyter	0.25.1	0.26.1
mkdocs-literate-nav	0.6.2	0.6.3
mkdocs-material	9.7.4	9.7.6
pymarkdownlnt	0.9.35	0.9.36
pymdown-extensions	10.21	10.21.2

Updates python-json-logger from 4.0.0 to 4.1.0

Release notes

Sourced from python-json-logger's releases.

4.1.0

4.1.0 - 2026-03-29

Added

• Add support for Python 3.14, PyPy 3.11

Removed

• Remove support for Python 3.8, 3.9 (includes PyPy versions).

Changelog

Sourced from python-json-logger's changelog.

4.1.0 - 2026-03-29

Added

• Add support for Python 3.14, PyPy 3.11

Removed

• Remove support for Python 3.8, 3.9 (includes PyPy versions).

Commits

• d80c68d Release v4.1.0
• b589b2a [pyproject] Update license table to PEP 639 format
• 2bb784a Update code unlocked by Python 3.10 minimum version
• 79599b5 Drop python 3.8, 3.9 support
• 622650c [docs.contributing] Update unsupported JSON encoders
• 06165bb [tests.test_formatters] Add non-printable bytes to test_common_types_encoded
• 61f88a9 [docs.contributing] Clarify which packages have been considered and rejected
• 0add524 [docs.contributing] Clarify when we will add support for new third-party pack...
• eee9505 [pylint] Remove old command
• 8045926 [mypy] Don't ignore orjson
• Additional commits viewable in compare view

Updates mypy from 1.19.1 to 1.20.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Mypy 1.20

We’ve just uploaded mypy 1.20.0 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Planned Changes to Defaults and Flags in Mypy 2.0

As a reminder, we are planning to enable --local-partial-types by default in mypy 2.0, which will likely be the next feature release. This will often require at least minor code changes. This option is implicitly enabled by mypy daemon, so this makes the behavior of daemon and non-daemon modes consistent.

Note that this release improves the compatibility of --local-partial-types significantly to make the switch easier (see below for more).

This can also be configured in a mypy configuration file (use False to disable):

local_partial_types = True

For more information, refer to the documentation.

We will also enable --strict-bytes by default in mypy 2.0. This usually requires at most minor code changes to adopt. For more information, refer to the documentation.

Finally, --allow-redefinition-new will be renamed to --allow-redefinition. If you want to continue using the older --allow-redefinition semantics which are less flexible (e.g. limited support for conditional redefinitions), you can switch to --allow-redefinition-old, which is currently supported as an alias to the legacy --allow-redefinition behavior. To use --allow-redefinition in the upcoming mypy 2.0, you can't use --no-local-partial-types. For more information, refer to the documentation.

Better Type Narrowing

Mypy's implementation of narrowing has been substantially reworked. Mypy will now narrow more aggressively, more consistently, and more correctly. In particular, you are likely to notice new narrowing behavior in equality expressions (==), containment expressions (in),

... (truncated)

Commits

• 770d3ca Remove +dev from version
• 4738ffa Changelog updates for 1.20 (#21109)
• b4f07a7 Use 'native-parser' instead of 'native-parse' for optional dependency (#21115)
• 7bec7b7 [mypyc] Document librt and librt.base64 (#21114)
• c482596 --allow-redefinition-new is no longer experimental (#21110)
• c916ca3 sdist: include misc/{diff-cache,apply-cache-diff}.py for `mypy/test/test_di...
• b137e4e [mypyc] Speed up native-to-native imports within the same group (#21101)
• 978b711 [mypyc] Fix range loop variable off-by-one after loop exit (#21098)
• 67ada30 [stubtest] Check runtime availability of private types not marked `@type_chec...
• bdef6ef librt cache tests: build respecting MYPY_TEST_PREFIX (#21097)
• Additional commits viewable in compare view

Updates ruff from 0.15.4 to 0.15.9

Release notes

Sourced from ruff's releases.

0.15.9

Release Notes

Released on 2026-04-02.

Preview features

• [pyflakes] Flag annotated variable redeclarations as F811 in preview mode (#24244)
• [ruff] Allow dunder-named assignments in non-strict mode for RUF067 (#24089)

Bug fixes

• [flake8-errmsg] Avoid shadowing existing msg in fix for EM101 (#24363)
• [flake8-simplify] Ignore pre-initialization references in SIM113 (#24235)
• [pycodestyle] Fix W391 fixes for consecutive empty notebook cells (#24236)
• [pyupgrade] Fix UP008 nested class matching (#24273)
• [pyupgrade] Ignore strings with string-only escapes (UP012) (#16058)
• [ruff] RUF072: skip formfeeds on dedent (#24308)
• [ruff] Avoid re-using symbol in RUF024 fix (#24316)
• [ruff] Parenthesize expression in RUF050 fix (#24234)
• Disallow starred expressions as values of starred expressions (#24280)

Rule changes

• [flake8-simplify] Suppress SIM105 for except* before Python 3.12 (#23869)
• [pyflakes] Extend F507 to flag %-format strings with zero placeholders (#24215)
• [pyupgrade] UP018 should detect more unnecessarily wrapped literals (UP018) (#24093)
• [pyupgrade] Fix UP008 callable scope handling to support lambdas (#24274)
• [ruff] RUF010: Mark fix as unsafe when it deletes a comment (#24270)

Formatter

• Add nested-string-quote-style formatting option (#24312)

Documentation

• [flake8-bugbear] Clarify RUF071 fix safety for non-path string comparisons (#24149)
• [flake8-type-checking] Clarify import cycle wording for TC001/TC002/TC003 (#24322)

Other changes

• Avoid rendering fix lines with trailing whitespace after | (#24343)

Contributors

• @​charliermarsh
• @​MichaReiser
• @​tranhoangtu-it
• @​dylwil3
• @​zsol

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.9

Released on 2026-04-02.

Preview features

• [pyflakes] Flag annotated variable redeclarations as F811 in preview mode (#24244)
• [ruff] Allow dunder-named assignments in non-strict mode for RUF067 (#24089)

Bug fixes

• [flake8-errmsg] Avoid shadowing existing msg in fix for EM101 (#24363)
• [flake8-simplify] Ignore pre-initialization references in SIM113 (#24235)
• [pycodestyle] Fix W391 fixes for consecutive empty notebook cells (#24236)
• [pyupgrade] Fix UP008 nested class matching (#24273)
• [pyupgrade] Ignore strings with string-only escapes (UP012) (#16058)
• [ruff] RUF072: skip formfeeds on dedent (#24308)
• [ruff] Avoid re-using symbol in RUF024 fix (#24316)
• [ruff] Parenthesize expression in RUF050 fix (#24234)
• Disallow starred expressions as values of starred expressions (#24280)

Rule changes

• [flake8-simplify] Suppress SIM105 for except* before Python 3.12 (#23869)
• [pyflakes] Extend F507 to flag %-format strings with zero placeholders (#24215)
• [pyupgrade] UP018 should detect more unnecessarily wrapped literals (UP018) (#24093)
• [pyupgrade] Fix UP008 callable scope handling to support lambdas (#24274)
• [ruff] RUF010: Mark fix as unsafe when it deletes a comment (#24270)

Formatter

• Add nested-string-quote-style formatting option (#24312)

Documentation

• [flake8-bugbear] Clarify RUF071 fix safety for non-path string comparisons (#24149)
• [flake8-type-checking] Clarify import cycle wording for TC001/TC002/TC003 (#24322)

Other changes

• Avoid rendering fix lines with trailing whitespace after | (#24343)

Contributors

• @​charliermarsh
• @​MichaReiser
• @​tranhoangtu-it
• @​dylwil3
• @​zsol
• @​renovate

... (truncated)

Commits

• 724ccc1 Bump 0.15.9 (#24369)
• 96d9e09 [ty] Move the deferred submodule inside infer/builder (#24368)
• 130da28 [ty] Infer the extra_items keyword argument to class-based TypedDicts as an...
• a617c54 [ty] Validate type qualifiers in functional TypedDict fields and the `extra_i...
• d851708 [ty] Improve robustness of various type-qualifier-related checks (#24251)
• aecb587 Only run the release-gate on workflow dispatch (#24366)
• b889571 [ty] Use infer_type_expression for parsing parameter annotations and return...
• 3286a62 Add a "release-gate" step to the release workflow (#24365)
• 5f88756 Disallow starred expressions as values of starred expressions (#24280)
• 5c59f8a [pyupgrade] Ignore strings with string-only escapes (UP012) (#16058)
• Additional commits viewable in compare view

Updates types-pyyaml from 6.0.12.20250915 to 6.0.12.20260408

Commits

• See full diff in compare view

Updates pytest from 9.0.2 to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

• #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

• #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

  Previously this resulted in an internal assertion failure during plugin loading.

  Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

• #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

• #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

• #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

• #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
• #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
• #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
• #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

• #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

  -- by aleguy02

Commits

• a7d58d7 Prepare release version 9.0.3
• 089d981 Merge pull request #14366 from bluetech/revert-14193-backport
• 8127eaf Revert "Fix: assertrepr_compare respects dict insertion order (#14050) (#14193)"
• 99a7e60 Merge pull request #14363 from pytest-dev/patchback/backports/9.0.x/95d8423bd...
• ddee02a Merge pull request #14343 from bluetech/cve-2025-71176-simple
• 74eac69 doc: Update training info (#14298) (#14301)
• f92dee7 Merge pull request #14267 from pytest-dev/patchback/backports/9.0.x/d6fa26c62...
• 7ee58ac Merge pull request #12378 from Pierre-Sassoulas/fix-implicit-str-concat-and-d...
• 37da870 Merge pull request #14259 from mitre88/patch-4 (#14268)
• c34bfa3 Add explanation for string context diffs (#14257) (#14266)
• Additional commits viewable in compare view

Updates pytest-cov from 7.0.0 to 7.1.0

Changelog

Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)

• Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.

• Improve handling of ResourceWarning from sqlite3.

  The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.

  With this fix one can suppress ResourceWarning from sqlite3 from command line::

  pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

• Various improvements to documentation. Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and "vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>. Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.

• Fixed some assertions in tests. Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.

• Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

Commits

• 66c8a52 Bump version: 7.0.0 → 7.1.0
• f707662 Make the examples use pypy 3.11.
• 6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
• 8ebf20b Update changelog.
• 861d30e Remove the backup context manager - shouldn't be needed since coverage 5.0, ...
• fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
• 78c9c4e Only run the 3.9 on older deps.
• 4849a92 Punctuation.
• 197c35e Update changelog and hopefully I don't forget to publish release again :))
• 14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
• Additional commits viewable in compare view

Updates mkdocs-gen-files from 0.6.0 to 0.6.1

Release notes

Sourced from mkdocs-gen-files's releases.

v0.6.1

• Warn when this plugin is being used from the mkdocs executable (oprypin/mkdocs-gen-files#42)

  Apologies for the inconvenience. We are starting a community continuation of MkDocs under a new name ProperDocs, and plugins are our main hope regarding how we can spread the word. See Our continuation of MkDocs and a warning regarding "MkDocs 2.0" ProperDocs/properdocs#33

Full Changelog: oprypin/mkdocs-gen-files@v0.6.0...v0.6.1

Commits

• 05c38bb v0.6.1
• d285080 Warn when this plugin is being used from the mkdocs executable (#42)
• dcc896d Drop testing under Python 3.9 to fix CI
• See full diff in compare view

Updates mkdocs-jupyter from 0.25.1 to 0.26.1

Changelog

Sourced from mkdocs-jupyter's changelog.

mkdocs-jupyter Change Log

Commits

• 8e47143 Release 0.26.1
• 6420d55 Build assets on release CI
• 25a79b5 Release 0.26.0
• 3b145c9 Add release workflow
• 64f17aa Add release workflow
• 136080e fix: backtick-stripping regex in nb2md() (#268)
• 2bac0a2 Cache added to avoid recompiling unchanged notebooks (#267)
• 98f3dbb Allow ipykernel>6,<8 (#253)
• 7236724 html escape source text for clipboard copy (#248)
• 7f977fd Check ignore patterns before reading files (#247)
• Additional commits viewable in compare view

Updates mkdocs-literate-nav from 0.6.2 to 0.6.3

Release notes

Sourced from mkdocs-literate-nav's releases.

v0.6.3

• Warn when this plugin is being used from the mkdocs executable (oprypin/mkdocs-literate-nav#39)

  Apologies for the inconvenience. We are starting a community continuation of MkDocs under a new name ProperDocs, and plugins are our main hope regarding how we can spread the word. See Our continuation of MkDocs and a warning regarding "MkDocs 2.0" ProperDocs/properdocs#33

Full Changelog: oprypin/mkdocs-literate-nav@v0.6.2...v0.6.3

Commits

• b91268c v0.6.3
• cee9ec4 Exclude properdocs when testing minimal dependencies
• ea523f5 Warn when this plugin is being used from the mkdocs executable (#39)
• 258b15a Drop testing under Python 3.9 to fix CI
• See full diff in compare view

Updates mkdocs-material from 9.7.4 to 9.7.6

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.7.6

[!WARNING]

Material for MkDocs is in maintenance mode

Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs until November 2026.

Read the full announcement on our blog

Changes

• Automatically disable MkDocs 2.0 warning for forks of MkDocs

mkdocs-material-9.7.5

[!WARNING]

Material for MkDocs is in maintenance mode

Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs until November 2026.

Read the full announcement on our blog

Changes

• Limited version range of mkdocs to <2
• Updated MkDocs 2.0 incompatibility warning (clarify relation with MkDocs)

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.7.6 (2026-03-19)

• Automatically disable MkDocs 2.0 warning for forks of MkDocs

mkdocs-material-9.7.5 (2026-03-10)

• Limited version range of mkdocs to <2
• Updated MkDocs 2.0 incompatibility warning (clarify relation with MkDocs)

mkdocs-material-9.7.4 (2026-03-03)

• Hardened social cards plugin by switching to sandboxed environment
• Updated MkDocs 2.0 incompatibility warning

mkdocs-material-9.7.3 (2026-02-24)

• Fixed #8567: Print MkDocs 2.0 incompatibility warning to stderr

mkdocs-material-9.7.2 (2026-02-18)

• Opened up version ranges of optional dependencies for forward-compatibility
• Added warning to 'mkdocs build' about impending MkDocs 2.0 incompatibility

mkdocs-material-9.7.1 (2025-12-18)

• Updated requests to 2.30+ to mitigate CVE in urllib
• Fixed privacy plugin not picking up protocol-relative URLs
• Fixed #8542: false positives and negatives captured in privacy plugin

mkdocs-material-9.7.0 (2025-11-11)

⚠️ Material for MkDocs is now in maintenance mode

This is the last release of Material for MkDocs that will receive new features. Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs for 12 months at least.

Read the full announcement on our blog: https://squidfunk.github.io/mkdocs-material/blog/2025/11/05/zensical/

This release includes all features that were previously exclusive to the Insiders edition. These features are now freely available to everyone.

Note on deprecated plugins: The projects and typeset plugins are included in this release, but must be considered deprecated. Both plugins proved unsustainable to maintain and represent architectural dead ends. They are provided as-is without ongoing support.

Changes:

... (truncated)

Commits

• 6c52ed6 Prepare 9.7.6 release
• 51d9b76 Automatically disable MkDocs 2.0 warning for forks of MkDocs
• 6f9a48b Updated links
• 00b9933 Prepare 9.7.5 release
• 37683d1 Updated blog post on MkDocs 2.0
• 199e315 Updated warning message to clarify relation to MkDocs
• 1025833 Limited version range of mkdocs to <2
• 1532f52 Added update log to blog post
• d0c8b28 Updated dependencies to fix vulnerabilities
• 71d4869 Updated blog post on MkDocs 2.0
• Additional commits viewable in compare view

Updates pymarkdownlnt from 0.9.35 to 0.9.36

Release notes

Sourced from pymarkdownlnt's releases.

Version 0.9.36 - 2026-03-15

In this release, we’ve invested heavily in revamping our documentation so that you can get from installation to your first useful scan more quickly. After the last release, a backlog review made it clear that our documentation needed an overhaul, especially for people seeing PyMarkdown for the first time. Over time, we added new sections and details without a full restructuring, which made it harder for new users to see where to start and how everything fits together.

We updated the main documentation and introduced new Quick Start guides for common workflows. We simplified each section and reorganized the content so related topics are grouped together and easier to follow. Each Quick Start guide focuses on a single topic, helping new users get productive with PyMarkdown as quickly as possible. New users can now go from install to scanning a repository in just a few minutes. Existing users should find it easier to jump straight to the commands and options they need.

Going forward, you can expect faster scans, clearer error reporting, and continued improvements to the documentation. To support that, our primary goal is to deliver requested features and respond quickly to reported issues, particularly in the rule set, configuration, and documentation. Behind the scenes, we are reducing skipped tests, working through backlogged issues, and investing in refactoring and performance analysis. This work helps keep PyMarkdown fast and dependable as it grows.

Added

• Issue 1511
  • Added plugins.per-file-ignores.* configuration items to allow for rules to be disabled by matching against a glob-path.
• Issue 1535
  • Added documentation under the extensions section to provide information on the tables extension.

Changed

• Issue 1527
  • Updated documentation to give more examples, including examples of TOML configurations.
• Issue 1539
  • Did full sweep through existing documentation, to clean up.
• Issue 1555
  • Badges were out of sync, needed new mechanism to properly fetch

Commits

• 81f7539 v0.9.36
• 55c0554 v0.9.36
• 7268959 jackdewinter/pymarkdown#1555
• 6428e24 jackdewinter/pymarkdown#1555
• f026b68 jackdewinter/pymarkdown#1539
• f186331 jackdewinter/pymarkdown#1539
• f89bcc6 Issue 1475 (#1550)
• 4994680 updating dependencies and jackdewinter/pymarkdown#1539
• 31f8604 jackdewinter/pymarkdown#1511
• See full diff in compare view

Updates pymdown-extensions from 10.21 to 10.21.2

Release notes

Sourced from pymdown-extensions's releases.

10.21. 2

10.21.2

• FIX: Highlight: Latest Pygments versions cannot handle a "filename" for code block titles of None.

10.20.1

• FIX: Quotes: Ensure the first class for callouts (the alert type) is always rendered lowercase.

Commits

• a4fdd73 Skip tag 10.21.1 has we accidentally already used it
• 8afb4cd Docs: Update JS deps
• 7bf5b29 Pygments needs a non-None value for code block title (#2863)
• 20b11eb Fix some spelling and formatting
• c9edba3 Docs: strengthen Snippets warning and add security considerations
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions