Bump the minor-or-patch group across 1 directory with 8 updates

[dependabot]

Bumps the minor-or-patch group with 8 updates in the / directory:

Package	From	To
beartype	0.21.0	0.22.4
certifi	2025.8.3	2025.10.5
charset-normalizer	3.4.3	3.4.4
docutils	0.21.2	0.22.2
idna	3.10	3.11
markupsafe	3.0.2	3.0.3
pyyaml	6.0.2	6.0.3
sphinx-substitution-extensions	2025.6.6	2025.10.24

Updates beartype from 0.21.0 to 0.22.4

Release notes

Sourced from beartype's releases.

Beartype 0.22.4: Now Less Hated by Poetry

@​beartype 0.22.4 catastrophically explodes all over your monitor. An oily black residue redolent of snail mucus slides off the screen, dripping with a maddening cadence into the crevices of your trusty mechanical keyboard:

# Via "pip", the once-great venerable master packager now fallen on hard times:
$ pip install --upgrade beartype        # <-- you go, pipe-smoking pip
Via "uv", the plucky upstart spiky-haired kid wielding a sword larger than its body:
$ uv lock --upgrade-package beartype    # <-- you do what you need to do, ultraviolet radiation

@​beartype 0.22.4 never gets tired of bug-eyed dudes punching squinty-eyed dudes. Childhood memories do not fade.

Left: @​beartype 0.22.4. Right: Poetry and pipenv together as one dude.

@​beartype 0.22.4 is helping @​leycec and his beautiful science wife to eat food. Thanks entirely to...

GitHub Sponsors: Befriend the Bear and Get a Bear for Life

This release comes courtesy these proud GitHub Sponsors, without whom everyone in the @​leycec family would currently be eating grasshoppers in the abandoned back lot again:

• @​sesco-llc (SESCO Enterprises), "The Power of Innovation in Trading": this inspires me to get out of the house and do something https://sescollc.com
• @​DylanModesitt (Dylan Modesitt), quantitative strategies energy trading associate: ...wikipedia, don't fail me now! https://dylanmodesitt.com
• [Tidelift][], graciously paying out recurring income to security-sensitive open-source projects like @​beartype: so much hype https://www.sonarsource.com/products/sonarqube/advanced-security

If you represent a security-conscious corporate, government, or non-profit, the best way bar none for you to support @​beartype and secure your own workflow is by subscribing to [Tidelift][] through [SonarQube Advanced Security][]. Security giant [Sonar][] recently acquired [Tidelift][], guaranteeing the economic viability of the Tidelift model for billions of future open-source projects that have yet to be born. Join the jargon-laden conversation and pay someone else to think about unreadable acronyms like SAST, SCA, and SBOM for once.

Thanks so much, masters of fintech and lifted tides.

The Masters of Fintech and Lifted Tides. That's who.

Gods Not Another Patch Release. What's Wrong with You, @​beartype?

@​beartype 0.22.4 is a patch release that guarantees compatibility with both Poetry and pipenv. Previously, @​beartype just assumed that Poetry and pipenv liked @​beartype. What's not to like about @​beartype, guys? Huh!? Apparently...

Everything. @​beartype 0.22.3 broke the assumption that everybody likes @​beartype. Our prior release shipped a pyproject.toml file with a PEP 440-compliant version string:

requires-python = ">=3.10,!=3.14rc1,!=3.14rc2"

That syntax is valid. But Poetry and pipenv didn't care. They do what they want! And they didn't want to have anything to do with @​beartype 0.22.3. We disagree, but that's fair enough. Everyone has bad opinions.

@​beartype 0.22.4 resolves these trivial incompatibilities with popular devtooling. @​beartype 0.22.4 also promises this will never happen again. A new integration test in the @​beartype test suite guarantees Poetry and pipenv compatibility, safeguarding both your QA stack and sanity against midnight regressions at 4:52AM.

... (truncated)

Commits

• d543d7c Beartype 0.22.4: Now Less Hated by Poetry
• b25aa9b Poetry compatibility x 2.
• 65f2d2d Poetry compatibility x 1.
• 67dc586 Beartype 0.22.4 started.
• 97022c9 Beartype 0.22.3: Yo Dawg We Heard You Like Redis
• ed3092b gemini-cli x 3.
• 89a5c54 gemini-cli x 2.
• 991addc Bluesky social links.
• b33685c Bump actions/upload-pages-artifact in the github-actions group (#566)
• d44915b @dataclasses.dataclass + redis.Redis.
• Additional commits viewable in compare view

Updates certifi from 2025.8.3 to 2025.10.5

Commits

• fb14ac4 2025.10.05 (#371)
• 2c7c7ee Add Python 3.14 classifier in setup.py
• 1a5cb7b Bump actions/setup-python from 5.6.0 to 6.0.0 (#367)
• dea5960 Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 (#366)
• 83566b7 Bump actions/checkout from 4.2.2 to 5.0.0
• ca2e121 Bump actions/download-artifact from 4.3.0 to 5.0.0
• See full diff in compare view

Updates charset-normalizer from 3.4.3 to 3.4.4

Release notes

Sourced from charset-normalizer's releases.

Version 3.4.4

3.4.4 (2025-10-13)

Changed

• Bound setuptools to a specific constraint setuptools>=68,<=81.
• Raised upper bound of mypyc for the optional pre-built extension to v1.18.2

Removed

• setuptools-scm as a build dependency.

Misc

• Enforced hashes in dev-requirements.txt and created ci-requirements.txt for security purposes.
• Additional pre-built wheels for riscv64, s390x, and armv7l architectures.
• Restore multiple.intoto.jsonl in GitHub releases in addition to individual attestation file per wheel.

Changelog

Sourced from charset-normalizer's changelog.

3.4.4 (2025-10-13)

Changed

• Bound setuptools to a specific constraint setuptools>=68,<=81.
• Raised upper bound of mypyc for the optional pre-built extension to v1.18.2

Removed

• setuptools-scm as a build dependency.

Misc

• Enforced hashes in dev-requirements.txt and created ci-requirements.txt for security purposes.
• Additional pre-built wheels for riscv64, s390x, and armv7l architectures.
• Restore multiple.intoto.jsonl in GitHub releases in addition to individual attestation file per wheel.

Commits

• b30ffdc 🔧 fix checksum step in cd.yml
• d3fbfcf 🔧 fix cd.yml
• dafbb95 Release 3.4.4 (#658)
• 1f18ffa ⬆️ raise mypy upper bound to 1.18.2
• ef4ac69 Merge branch 'release-3.4.4' of github.com:jawah/charset_normalizer into rele...
• 4b35dda 📝 write changelog for 3.4.4
• 0ec6452 🔧 update cd.yml workflow (add riscv64, s390x and armv7l)
• f341ede ⬆️ upgrade dependencies (dev, ci)
• a308841 📝 write changelog for 3.4.4
• 9c906da 🔧 update cd.yml workflow (add riscv64, s390x and armv7l)
• Additional commits viewable in compare view

Updates docutils from 0.21.2 to 0.22.2

Commits

• See full diff in compare view

Updates idna from 3.10 to 3.11

Changelog

Sourced from idna's changelog.

3.11 (2025-10-12)

• Update to Unicode 16.0.0, including significant changes to UTS46 processing. As a result of Unicode ending support for it, transitional processing no longer has an effect and returns the same result.
• Add support for Python 3.14, lowest supported version is Python 3.8.
• Various updates to packaging, including PEP 740 support.

Commits

• ad949ee Release v3.11
• cae4ba7 Second release candidate for 3.11
• 8adb305 Add space in RST link
• 74cb2b6 Release candidate for 3.11
• 05dab09 Format idna-data with ruff
• 90eac78 Apply ruff formatting
• a31ce7e Remove errant test vectors
• 81f0333 Omit vectors known to be broken in test suite
• a0f3257 Merge branch 'master' into unicode-16-uts46-changes
• 38d9886 Remove extra UTS46 test vector
• Additional commits viewable in compare view

Updates markupsafe from 3.0.2 to 3.0.3

Release notes

Sourced from markupsafe's releases.

3.0.3

This is the MarkupSafe 3.0.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/MarkupSafe/3.0.3/ Changes: https://markupsafe.palletsprojects.com/page/changes/#version-3-0-3 Milestone: https://github.com/pallets/markupsafe/milestone/15?closed=1

• __version__ raises DeprecationWarning instead of UserWarning. #487
• Adopt multi-phase initialization PEP 489 for the C extension. #494
• Build Windows ARM64 wheels. #485
• Build Python 3.14 wheels. #503
• Build riscv64 wheels. #505

Changelog

Sourced from markupsafe's changelog.

Version 3.0.3

Released 2025-09-27

• __version__ raises DeprecationWarning instead of UserWarning. :issue:487
• Adopt multi-phase initialisation (:pep:489) for the C extension. :issue:494
• Build Windows ARM64 wheels. :issue:485
• Build Python 3.14 wheels. :issue:503
• Build riscv64 wheels. :issue:505

Commits

• 297fc8e release version 3.0.3
• 7e4e6ce Free-threading: run with pytest-run-paralell (#507)
• 6100b9c enable riscv64 wheels (#506)
• c9d5ecf enable riscv64 wheels
• 2f9b337 tox for 3.14
• 78d951a update dev dependencies
• bb6744e add entry
• 65c4134 upgrade cibuildwheel, add cp314 wheels and test on CPython 3.14 (#504)
• 3a9bd88 add cp314 wheels
• aafe44d remove slsa provenance (#501)
• Additional commits viewable in compare view

Updates pyyaml from 6.0.2 to 6.0.3

Release notes

Sourced from pyyaml's releases.

6.0.3

What's Changed

• Support for Python 3.14 and free-threading (experimental).

Full Changelog: yaml/pyyaml@6.0.2...6.0.3

Changelog

Sourced from pyyaml's changelog.

6.0.3 (2025-09-25)

• yaml/pyyaml#864 -- Support for Python 3.14 and free-threading (experimental)

Commits

• 49790e7 Release 6.0.3 (#889)
• See full diff in compare view

Updates sphinx-substitution-extensions from 2025.6.6 to 2025.10.24

Release notes

Sourced from sphinx-substitution-extensions's releases.

Release 2025.10.24

2025.10.24 (2025-10-24)

Changelog

Sourced from sphinx-substitution-extensions's changelog.

2025.10.24

2025.06.06

2025.04.03

2025.03.03

• Add support for Python 3.10.

2025.02.19

• Support the substitution-code role in MyST documents.
• Support the substitution-download role in MyST documents.
• Drop support for Python 3.10.

2025.01.02

• Supports situations where there is no source file name available to the extension, such as when using sphinx_toolbox.rest_example.

2024.10.17

• Support Python 3.13.
• In MyST documents, support the myst_sub_delimiters option. This means you can use the {{replace-me}} syntax in MyST documents.

2024.08.06

• Bump the minimum supported version of Sphinx to 7.3.5.
• Remove support for sphinx-prompt. Please create a GitHub issue if you have a use case for this extension which is not covered by the built-in Sphinx functionality.

2024.02.25

• Add substitution-download role.

2024.02.24.1

• Add support for MyST. Thanks to Václav Votípka (@​eNcacz) for the contribution.

... (truncated)

Commits

• 6a008ec Bump CHANGELOG
• 33519a2 Merge pull request #1236 from adamtheturtle/mit-license
• 43792d7 Add MIT License to the project
• 969f21a Merge pull request #1234 from adamtheturtle/dependabot/pip/pylint-spelling--4...
• 4da3c3e Bump pylint[spelling] from 4.0.1 to 4.0.2
• 5f05889 Merge pull request #1233 from adamtheturtle/dependabot/pip/doccmd-2025.10.18
• 5fea1d7 Bump doccmd from 2025.9.19 to 2025.10.18
• daafc45 Merge pull request #1232 from adamtheturtle/dependabot/pip/ruff-0.14.1
• dccc9a6 Bump ruff from 0.14.0 to 0.14.1
• f8b910f Merge pull request #1231 from adamtheturtle/dependabot/pip/check-manifest-0.51
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions