[pip] (deps): Bump the dev-dependencies group across 1 directory with 12 updates

[dependabot]

Bumps the dev-dependencies group with 12 updates in the / directory:

Package	From	To
python-json-logger	4.0.0	4.1.0
charset-normalizer	3.4.6	3.4.7
pychoir	0.0.29	0.0.30
requests	2.32.5	2.33.1
filelock	3.25.2	3.29.0
identify	2.6.18	2.6.19
packaging	26.0	26.1
platformdirs	4.9.4	4.9.6
pygments	2.19.2	2.20.0
pytest	9.0.2	9.0.3
ruff	0.15.7	0.15.11
virtualenv	21.2.0	21.2.4

Updates python-json-logger from 4.0.0 to 4.1.0

Release notes

Sourced from python-json-logger's releases.

4.1.0

4.1.0 - 2026-03-29

Added

• Add support for Python 3.14, PyPy 3.11

Removed

• Remove support for Python 3.8, 3.9 (includes PyPy versions).

Changelog

Sourced from python-json-logger's changelog.

4.1.0 - 2026-03-29

Added

• Add support for Python 3.14, PyPy 3.11

Removed

• Remove support for Python 3.8, 3.9 (includes PyPy versions).

Commits

• d80c68d Release v4.1.0
• b589b2a [pyproject] Update license table to PEP 639 format
• 2bb784a Update code unlocked by Python 3.10 minimum version
• 79599b5 Drop python 3.8, 3.9 support
• 622650c [docs.contributing] Update unsupported JSON encoders
• 06165bb [tests.test_formatters] Add non-printable bytes to test_common_types_encoded
• 61f88a9 [docs.contributing] Clarify which packages have been considered and rejected
• 0add524 [docs.contributing] Clarify when we will add support for new third-party pack...
• eee9505 [pylint] Remove old command
• 8045926 [mypy] Don't ignore orjson
• Additional commits viewable in compare view

Updates charset-normalizer from 3.4.6 to 3.4.7

Release notes

Sourced from charset-normalizer's releases.

Version 3.4.7

3.4.7 (2026-04-02)

Changed

• Pre-built optimized version using mypy[c] v1.20.
• Relax setuptools constraint to setuptools>=68,<82.1.

Fixed

• Correctly remove SIG remnant in utf-7 decoded string. (#718) (#716)

Changelog

Sourced from charset-normalizer's changelog.

3.4.7 (2026-04-02)

Changed

• Pre-built optimized version using mypy[c] v1.20.
• Relax setuptools constraint to setuptools>=68,<82.1.

Fixed

• Correctly remove SIG remnant in utf-7 decoded string. (#718) (#716)

Commits

• 0f07891 Merge pull request #729 from jawah/release-3.4.7
• fdbeb29 chore: update dev, and ci requirements
• b66f922 chore: add ft classifier
• f94249d chore: add test cases for utf_7 recent fix
• 95c866f chore: bump version to 3.4.7
• 4f429bb chore: bump mypy pre-commit to v1.20
• b579cd6 fix: correctly remove SIG remnant in utf-7 decoded string
• 58bf944 ⬆️ Bump github/codeql-action from 4.32.4 to 4.35.1 (#728)
• 44cf8a1 ⬆️ Bump actions/download-artifact from 8.0.0 to 8.0.1 (#726)
• 362bc20 ⬆️ Bump docker/setup-qemu-action from 3.7.0 to 4.0.0 (#725)
• Additional commits viewable in compare view

Updates pychoir from 0.0.29 to 0.0.30

Release notes

Sourced from pychoir's releases.

Thirtieth release

• Python 3.14
• Dev deps update

Commits

• 99ff3e5 Upgrade dev deps
• 33c9ef8 Python 3.14
• 1089c0a Automatic package versioning from tag
• See full diff in compare view

Updates requests from 2.32.5 to 2.33.1

Release notes

Sourced from requests's releases.

v2.33.1

2.33.1 (2026-03-30)

Bugfixes

• Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
• Fixed Content-Type header parsing for malformed values. (#7309)
• Improved error consistency for malformed header values. (#7308)

New Contributors

• @​ferdnyc made their first contribution in psf/requests#7277

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2331-2026-03-30

v2.33.0

2.33.0 (2026-03-25)

Announcements

• 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

• CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

• Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

• Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

• Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

• Various typo fixes and doc improvements.

New Contributors

• @​M0d3v1 made their first contribution in psf/requests#6865
• @​aminvakil made their first contribution in psf/requests#7220
• @​E8Price made their first contribution in psf/requests#6960
• @​mitre88 made their first contribution in psf/requests#7244
• @​magsen made their first contribution in psf/requests#6553
• @​Rohan5commit made their first contribution in psf/requests#7227

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25

Changelog

Sourced from requests's changelog.

2.33.1 (2026-03-30)

Bugfixes

• Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
• Fixed Content-Type header parsing for malformed values. (#7309)
• Improved error consistency for malformed header values. (#7308)

2.33.0 (2026-03-25)

Announcements

• 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

• CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

• Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

• Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

• Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

• Various typo fixes and doc improvements.

Commits

• 111d2b7 v2.33.1
• f0198e6 Fix malformed value parsing for Content-Type (#7309)
• bc7dd0f Fix cosmetic header validity parsing regex (#7308)
• 4443b1a Fix unintended test extra (#7306)
• 389eea5 Cleanup extracted file after extract_zipped_path test (#7305)
• 7407309 Packaging: DRY out extras definition (#7277)
• bc04dfd v2.33.0
• 66d21cb Merge commit from fork
• 8b9bc8f Move badges to top of README (#7293)
• e331a28 Remove unused extraction call (#7292)
• Additional commits viewable in compare view

Updates filelock from 3.25.2 to 3.29.0

Release notes

Sourced from filelock's releases.

3.29.0

What's Changed

• 🐛 fix(async): use single-thread executor for lock consistency by @​gaborbernat in tox-dev/filelock#533
• ✨ feat(soft): enable stale lock detection on Windows by @​gaborbernat in tox-dev/filelock#534

Full Changelog: tox-dev/filelock@3.28.0...3.29.0

3.28.0

What's Changed

• 🐛 fix(ci): unbreak release workflow, publish to PyPI again by @​gaborbernat in tox-dev/filelock#529

Full Changelog: tox-dev/filelock@3.27.0...3.28.0

3.27.0

What's Changed

• ✨ feat(rw): add SoftReadWriteLock for NFS and HPC clusters by @​gaborbernat in tox-dev/filelock#528

Full Changelog: tox-dev/filelock@3.26.1...3.27.0

3.26.1

What's Changed

• 🐛 fix(asyncio): add exit to BaseAsyncFileLock and fix del loop handling by @​naarob in tox-dev/filelock#518

New Contributors

• @​naarob made their first contribution in tox-dev/filelock#518

Full Changelog: tox-dev/filelock@3.26.0...3.26.1

3.26.0

What's Changed

• 🔒 ci(workflows): add zizmor security auditing by @​gaborbernat in tox-dev/filelock#517
• 🔧 fix(ci): restore git credentials for release job by @​gaborbernat in tox-dev/filelock#520
• ✨ feat(soft): add PID inspection and lock breaking by @​gaborbernat in tox-dev/filelock#524

Full Changelog: tox-dev/filelock@3.25.2...3.26.0

Changelog

Sourced from filelock's changelog.

########### Changelog ###########

---

3.29.0 (2026-04-19)

---

• ✨ feat(soft): enable stale lock detection on Windows :pr:534
• 🐛 fix(async): use single-thread executor for lock consistency :pr:533
• build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 :pr:530 - by :user:dependabot[bot]

---

3.28.0 (2026-04-14)

---

• 🐛 fix(ci): unbreak release workflow, publish to PyPI again :pr:529

---

3.26.1 (2026-04-09)

---

• 🐛 fix(asyncio): add exit to BaseAsyncFileLock and fix del loop handling :pr:518 - by :user:naarob
• build(deps): bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 :pr:525 - by :user:dependabot[bot]

---

3.26.0 (2026-04-06)

---

• ✨ feat(soft): add PID inspection and lock breaking :pr:524
• [pre-commit.ci] pre-commit autoupdate :pr:523 - by :user:pre-commit-ci[bot]
• build(deps): bump astral-sh/setup-uv from 7.6.0 to 8.0.0 :pr:522 - by :user:dependabot[bot]
• Remove persist-credentials: false from release job :pr:520
• [pre-commit.ci] pre-commit autoupdate :pr:519 - by :user:pre-commit-ci[bot]
• 🔒 ci(workflows): add zizmor security auditing :pr:517
• [pre-commit.ci] pre-commit autoupdate :pr:516 - by :user:pre-commit-ci[bot]
• [pre-commit.ci] pre-commit autoupdate :pr:514 - by :user:pre-commit-ci[bot]

---

3.25.2 (2026-03-11)

---

• 🐛 fix(unix): suppress EIO on close in Docker bind mounts :pr:513

---

3.25.1 (2026-03-09)

---

• [pre-commit.ci] pre-commit autoupdate :pr:510 - by :user:pre-commit-ci[bot]
• 🐛 fix(win): restore best-effort lock file cleanup on release :pr:511

... (truncated)

Commits

• 469b47f Release 3.29.0
• e85d072 ✨ feat(soft): enable stale lock detection on Windows (#534)
• f5ee171 🐛 fix(async): use single-thread executor for lock consistency (#533)
• 2a95458 build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#530)
• 55de20c Release 3.28.0
• 476b0e4 🐛 fix(ci): unbreak release workflow, publish to PyPI again (#529)
• 824713e ✨ feat(rw): add SoftReadWriteLock for NFS and HPC clusters (#528)
• 9879de9 [pre-commit.ci] pre-commit autoupdate (#527)
• 4cfab49 Release 3.26.1
• 734c9f2 🐛 fix(asyncio): add exit to BaseAsyncFileLock and fix del loop handli...
• Additional commits viewable in compare view

Updates identify from 2.6.18 to 2.6.19

Commits

• b39f637 v2.6.19
• c976888 Merge pull request #588 from hofbi/patch-1
• 6110d73 Add support for 'tif' file extension
• ccbd337 Merge pull request #587 from pre-commit/pre-commit-ci-update-config
• f5af264 [pre-commit.ci] pre-commit autoupdate
• a0be598 Merge pull request #586 from pre-commit/pre-commit-ci-update-config
• b184043 [pre-commit.ci] pre-commit autoupdate
• See full diff in compare view

Updates packaging from 26.0 to 26.1

Release notes

Sourced from packaging's releases.

26.1

Features:

• PEP 783: add handling for Emscripten wheel tags by @​hoodmane in pypa/packaging#804 (old name used in implementation, will be fixed in next release)
• PEP 803: add handling for the abi3.abi3t free-threading tag by @​ngoldbaum in pypa/packaging#1099
• PEP 723: add packaging.dependency_groups module, based on the dependency-groups package by @​sirosen in pypa/packaging#1065
• Add the packaging.direct_url module by @​sbidoul in pypa/packaging#944
• Add the packaging.errors module by @​henryiii in pypa/packaging#1071
• Add SpecifierSet.is_unsatisfiable using ranges (new internals that will be expanded in future versions) by @​notatallshaw in pypa/packaging#1119
• Add create_compatible_tags_selector to select compatible tags by @​sbidoul in pypa/packaging#1110
• Add a key argument to SpecifierSet.filter() by @​frostming in pypa/packaging#1068
• Support & and | for Marker's by @​henryiii in pypa/packaging#1146
• Normalize Version.__replace__ and add Version.from_parts by @​henryiii in pypa/packaging#1078
• Add an option to validate compressed tag set sort order in parse_wheel_filename by @​r266-tech in pypa/packaging#1150

Behavior adaptations:

• Narrow exclusion of pre-releases for <V.postN to match spec by @​notatallshaw in pypa/packaging#1140
• Narrow exclusion of post-releases for >V to match spec by @​notatallshaw in pypa/packaging#1141
• Rename format_full_version to _format_full_version to make it visibly private by @​r266-tech in pypa/packaging#1125
• Restrict local version to ASCII by @​henryiii in pypa/packaging#1102

Pylock (PEP 751) updates:

• Add pylock select function by @​sbidoul in pypa/packaging#1092
• Document pylock select() method and PylockSelectError by @​r266-tech in pypa/packaging#1153
• Add filename property to PackageSdist and PackageWheel, more validation by @​sbidoul in pypa/packaging#1095
• Give preference to path over url by @​sbidoul in pypa/packaging#1128
• Validate name/version consistency in file names by @​sbidoul in pypa/packaging#1114

Fixes:

• Fix > comparison for versions with dev+local segments by @​veeceey in pypa/packaging#1097
• Fix incorrect self-comparison for InfinityType and NegativeInfinityType by @​bysiber in pypa/packaging#1093
• Canonicalize when deduplicating specifiers in SpecifierSet by @​notatallshaw in pypa/packaging#1109
• Fix charset error message formatting by @​notatallshaw in pypa/packaging#1121
• Handle the key parameter in SpecifierSet.filter when specifiers are empty and prerelease is False by @​notatallshaw in pypa/packaging#1096
• Standardize inner components of repr output by @​henryiii in pypa/packaging#1090
• Specifier's === uses original string, not normalized, when available by @​notatallshaw in pypa/packaging#1124
• Propagate int-max-str-digits ValueError by @​notatallshaw in pypa/packaging#1155

Performance:

• Add fast path for parsing simple versions (digits and dots only) by @​notatallshaw in pypa/packaging#1082
• Add fast path for Version to Version comparison by skipping _key property by @​notatallshaw in pypa/packaging#1083
• Cache Version hash value in dedicated slot by @​notatallshaw in pypa/packaging#1118
• Overhaul _cmpkey to remove use of custom objects by @​notatallshaw in pypa/packaging#1116
• Skip __replace__ in Specifier comparison if not needed by @​notatallshaw in pypa/packaging#1081
• SpecifierSet use tuple instead of frozenset for _specs by @​notatallshaw in pypa/packaging#1108
• Speed up complex SpecifierSet filtering by implementing cost-based ordering by @​notatallshaw in pypa/packaging#1105

... (truncated)

Changelog

Sourced from packaging's changelog.

26.1 - 2026-04-14

Features:

PEP 783: add handling for Emscripten wheel tags in (:pull:804)
PEP 803: add handling for the abi3.abi3t free-threading tag in (:pull:1099)
PEP 723: add packaging.dependency_groups module, based on the dependency-groups package in (:pull:1065)
Add the packaging.direct_url module in (:pull:944)
Add the packaging.errors module in (:pull:1071)
Add SpecifierSet.is_unsatisfiable using ranges (new internals that will be expanded in future versions) in (:pull:1119)
Add create_compatible_tags_selector to select compatible tags in (:pull:1110)
Add a key argument to SpecifierSet.filter() in (:pull:1068)
Support & and | for Marker's in (:pull:1146)
Normalize Version.__replace__ and add Version.from_parts in (:pull:1078)
Add an option to validate compressed tag set sort order in parse_wheel_filename in (:pull:1150)

Behavior adaptations:

Narrow exclusion of pre-releases for <V.postN to match spec in (:pull:1140)
Narrow exclusion of post-releases for >V to match spec in (:pull:1141)
Rename format_full_version to _format_full_version to make it visibly private in (:pull:1125)
Restrict local version to ASCII in (:pull:1102)

Pylock (PEP 751) updates:

Add pylock select function in (:pull:1092)
Document pylock select() method and PylockSelectError in (:pull:1153)
Add filename property to PackageSdist and PackageWheel, more validation in (:pull:1095)
Give preference to path over url in (:pull:1128)
Validate name/version consistency in file names in (:pull:1114)

Fixes:

Fix > comparison for versions with dev+local segments in (:pull:1097)
Fix incorrect self-comparison for InfinityType and NegativeInfinityType in (:pull:1093)
Canonicalize when deduplicating specifiers in SpecifierSet in (:pull:1109)
Fix charset error message formatting in (:pull:1121)
Handle the key parameter in SpecifierSet.filter when specifiers are empty and prerelease is False in (:pull:1096)
Standardize inner components of repr output in (:pull:1090)
Specifier's === uses original string, not normalized, when available in (:pull:1124)
Propagate int-max-str-digits ValueError in (:pull:1155)

Performance:

Add fast path for parsing simple versions (digits and dots only) in (:pull:1082)
Add fast path for Version to Version comparison by skipping _key property in (:pull:1083)
Cache Version hash value in dedicated slot in (:pull:1118)
Overhaul _cmpkey to remove use of custom objects in (:pull:1116)
Skip __replace__ in Specifier comparison if not needed in (:pull:1081)

</tr></table>

... (truncated)

Commits

• c1a88a3 Bump for release
• 702c25e docs: update changelog for 26.1 (#1156)
• 3f4f5d4 Implement is_unsatisfiable on SpecifierSet using ranges (#1119)
• 06c6555 Propagate int-max-str-digits ValueError (#1155)
• 905c90c feat: option to validate compressed tag set sort order in `parse_wheel_filena...
• af0026c docs(pylock): document select() method and PylockSelectError (#1153)
• 668da86 Rename format_full_version to _format_full_version to make it visibly private...
• f294d52 tests: do not reload the tags module (#1152)
• 2c6c7df feat: add handling for Emscripten wheels tags per PEP 783 (#804)
• 6762eea docs(markers): document & and | operators for combining Marker objects (#1151)
• Additional commits viewable in compare view

Updates platformdirs from 4.9.4 to 4.9.6

Release notes

Sourced from platformdirs's releases.

4.9.6

What's Changed

• 🐛 fix(release): use double quotes for tag variable expansion by @​gaborbernat in tox-dev/platformdirs#477

Full Changelog: tox-dev/platformdirs@4.9.5...4.9.6

Changelog

Sourced from platformdirs's changelog.

########### Changelog ###########

---

4.9.6 (2026-04-09)

---

• 🐛 fix(release): use double quotes for tag variable expansion :pr:477

---

4.9.5 (2026-04-06)

---

• 📝 docs(appauthor): clarify None vs False on Windows :pr:476
• Separates implementations of macOS dirs that share a default :pr:473 - by :user:Goddesen
• Remove persist-credentials: false from release job :pr:472
• fix: do not duplicate site dirs in Unix.iter_{config,site}_dirs() when use_site_for_root is active :pr:469 - by :user:viccie30
• 🔧 fix(type): resolve ty 0.0.25 type errors :pr:468
• 🔒 ci(workflows): add zizmor security auditing :pr:467
• 🐛 fix(release): generate docstrfmt-compatible changelog entries :pr:463

---

4.9.4 (2026-03-05)

---

• [pre-commit.ci] pre-commit autoupdate :pr:461 - by :user:pre-commit-ci[bot]
• Update README.md
• 📝 docs: add project logo to documentation :pr:459
• Standardize .github files to .yaml suffix
• build(deps): bump the all group with 2 updates :pr:457 - by :user:dependabot[bot]
• Move SECURITY.md to .github/SECURITY.md
• Add permissions to workflows :pr:455
• Add security policy
• [pre-commit.ci] pre-commit autoupdate :pr:454 - by :user:pre-commit-ci[bot]

---

4.9.2 (2026-02-16)

---

• 📝 docs: restructure following Diataxis framework :pr:448
• 📝 docs(platforms): fix RST formatting and TOC hierarchy :pr:447

---

4.9.1 (2026-02-14)

---

• 📝 docs: enhance README, fix issues, and reorganize platforms.rst :pr:445

... (truncated)

Commits

• 56efd77 Release 4.9.6
• d5d812a 🐛 fix(release): use double quotes for tag variable expansion (#477)
• c2b0cee build(deps): bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 in the al...
• 7688069 Release 4.9.5
• 104d28b 📝 docs(appauthor): clarify None vs False on Windows (#476)
• 0955048 [pre-commit.ci] pre-commit autoupdate (#475)
• bd3c766 build(deps): bump astral-sh/setup-uv from 7.6.0 to 8.0.0 in the all group (#474)
• 749ac3f Separates implementations of macOS dirs that share a default (#473)
• cb88156 Remove persist-credentials: false from release job (#472)
• a501eab [pre-commit.ci] pre-commit autoupdate (#470)
• Additional commits viewable in compare view

Updates pygments from 2.19.2 to 2.20.0

Release notes

Sourced from pygments's releases.

2.20.0

• New lexers:

  • Rell (#2914)

• Updated lexers:

  • archetype: Fix catastrophic backtracking in GUID and ID patterns (#3064)
  • ASN.1: Recognize minus sign and fix range operator (#3014, #3060)
  • C++: Add C++26 keywords (#2955), add integer literal suffixes (#2966)
  • ComponentPascal: Fix analyse_text (#3028, #3032)
  • Coq renamed to Rocq (#2883, #2908)
  • Cython: Various improvements (#2932, #2933)
  • Debian control: Improve architecture parsing (#3052)
  • Devicetree: Add support for overlay/fragments (#3021), add bytestring support (#3022), fix catastrophic backtracking (#3057)
  • Fennel: Various improvements (#2911)
  • Haskell: Handle escape sequences in character literals (#3069, #1795)
  • Java: Add module keywords (#2955)
  • Lean4: Add operators ]', ]?, ]! (#2946)
  • LESS: Support single-line comments (#3005)
  • LilyPond: Update to 2.25.29 (#2974)
  • LLVM: Support C-style comments (#3023, #2978)
  • Lua(u): Fix catastrophic backtracking (#3047)
  • Macaulay2: Update to 1.25.05 (#2893), 1.25.11 (#2988)
  • Mathematica: Various improvements (#2957)
  • meson: Add additional operators (#2919)
  • MySQL: Update keywords (#2970)
  • org-Mode: Support both schedule and deadline (#2899)
  • PHP: Add __PROPERTY__ magic constant (#2924), add reserved keywords (#3002)
  • PostgreSQL: Add more keywords (#2985)
  • protobuf: Fix namespace tokenization (#2929)
  • Python: Add t-string support (#2973, #3009, #3010)
  • Tablegen: Fix infinite loop (#2972, #2940)
  • Tera Term macro: Add commands introduced in v5.3 through v5.6 (#2951)
  • TOML: Support TOML 1.1.0 (#3026, #3027)
  • Turtle: Allow empty comment lines (#2980)
  • XML: Added .xbrl as file ending (#2890, #2891)

• Drop Python 3.8, and add Python 3.14 as a supported version (#2987, #3012)

• Various improvements to autopygmentize (#2894)

• Update onedark style to support more token types (#2977)

• Update rtt style to support more token types (#2895)

• Cache entry points to improve performance (#2979)

• Fix xterm-256 color table (#3043)

• Fix kwargs dictionary getting mutated on each call (#3044)

Changelog

Sourced from pygments's changelog.

Version 2.20.0

(released March 29th, 2026)

• New lexers:

  • Rell (#2914)

• Updated lexers:

  • archetype: Fix catastrophic backtracking in GUID and ID patterns (#3064)
  • ASN.1: Recognize minus sign and fix range operator (#3014, #3060)
  • C++: Add C++26 keywords (#2955), add integer literal suffixes (#2966)
  • ComponentPascal: Fix analyse_text (#3028, #3032)
  • Coq renamed to Rocq (#2883, #2908)
  • Cython: Various improvements (#2932, #2933)
  • Debian control: Improve architecture parsing (#3052)
  • Devicetree: Add support for overlay/fragments (#3021), add bytestring support (#3022), fix catastrophic backtracking (#3057)
  • Fennel: Various improvements (#2911)
  • Haskell: Handle escape sequences in character literals (#3069, #1795)
  • Java: Add module keywords (#2955)
  • Lean4: Add operators ]', ]?, ]! (#2946)
  • LESS: Support single-line comments (#3005)
  • LilyPond: Update to 2.25.29 (#2974)
  • LLVM: Support C-style comments (#3023, #2978)
  • Lua(u): Fix catastrophic backtracking (#3047)
  • Macaulay2: Update to 1.25.05 (#2893), 1.25.11 (#2988)
  • Mathematica: Various improvements (#2957)
  • meson: Add additional operators (#2919)
  • MySQL: Update keywords (#2970)
  • org-Mode: Support both schedule and deadline (#2899)
  • PHP: Add __PROPERTY__ magic constant (#2924), add reserved keywords (#3002)
  • PostgreSQL: Add more keywords (#2985)
  • protobuf: Fix namespace tokenization (#2929)
  • Python: Add t-string support (#2973, #3009, #3010)
  • Tablegen: Fix infinite loop (#2972, #2940)
  • Tera Term macro: Add commands introduced in v5.3 through v5.6 (#2951)
  • TOML: Support TOML 1.1.0 (#3026, #3027)
  • Turtle: Allow empty comment lines (#2980)
  • XML: Added .xbrl as file ending (#2890, #2891)

• Drop Python 3.8, and add Python 3.14 as a supported version (#2987, #3012)

• Various improvements to autopygmentize (#2894)

• Update onedark style to support more token types (#2977)

• Update rtt style to support more token types (#2895)

• Cache entry points to improve performance (#2979)

• Fix xterm-256 color table (#3043)

• Fix kwargs dictionary getting mutated on each call (#3044)

Commits

• 708197d Fix underline length.
• 1d4538a Prepare 2.20 release.
• 2ceaee4 Update CHANGES.
• e3a3c54 Fix Haskell lexer: handle escape sequences in character literals (#3069)
• d7c3453 Merge pull request #3071 from pygments/harden-html-formatter
• 0f97e7c Harden the HTML formatter against CSS.
• 9f981b2 Update CHANGES.
• 1d88915 Update CHANGES.
• c3d93ad Fix ASN.1 lexer: recognize minus sign and fix range operator (#3060)
• 4f06bcf fix bad behaving backtracking regex in CommonLispLexer
• Additional commits viewable in compare view

Updates pytest from 9.0.2 to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

• #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

• #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

  Previously this resulted in an internal assertion failure during plugin loading.

  Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabl...

  Description has been truncated

[github-actions]

Coverage report

This PR does not seem to contain any modification to coverable code.