pip: bump the pip-updates group across 1 directory with 7 updates

[dependabot]

Updates the requirements on certifi, kopf, multidict, pycparser, yarl, ruff and black to permit the latest version.
Updates certifi from 2026.1.4 to 2026.2.25

Commits

• 8571a4b 2026.02.25 (#395)
• 6f7de00 Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (#390)
• a1de59b Bump actions/checkout from 6.0.1 to 6.0.2 (#391)
• 7f5ade5 Bump actions/setup-python from 6.1.0 to 6.2.0 (#392)
• See full diff in compare view

Updates kopf from 1.40.0 to 1.43.0

Release notes

Sourced from kopf's releases.

1.43.0

What's New

• Package Kopf as a Docker image on GHCR by @​nolar in nolar/kopf#1239, nolar/kopf#1245, nolar/kopf#1246

What's Changed

• Require aiohttp>=3.11.0 for proxy support (released ~Nov'24) by @​nolar in nolar/kopf#1249
• Switch to uv for python/venv management (only in CI) by @​nolar in nolar/kopf#1210

Documentation

• Document installation using uv/uvx by @​nolar in nolar/kopf#1251
• Suggest workarounds for indexing deadlocks & explosions in huge clusters by @​nolar in nolar/kopf#1244
• Update all kopf docs links to https://docs.kopf.dev by @​nolar in nolar/kopf#1247
• Start collecting the usage/reading stats on the docs by @​nolar in nolar/kopf#1248
• Inject canonical rels to docs heads (for google & other search engines) by @​nolar in nolar/kopf#1250

Full Changelog: nolar/kopf@1.42.5...1.43.0

1.42.5

What's Changed

• Select resources to handle via a callable selector by @​nolar in nolar/kopf#1235
• Fix a bug with kubernetes-asyncio<33.3.0 awaiting for non-awaitable headers by @​nolar in nolar/kopf#1240

Full Changelog: nolar/kopf@1.42.4...1.42.5

1.42.4

What's Changed

• Require a minimal version of aiohttp for proper SSL support by @​nolar in nolar/kopf#1233
• Parse proxy-url from kubeconfig or client libraries, pass to the session by @​nolar in nolar/kopf#1234

Full Changelog: nolar/kopf@1.42.3...1.42.4

1.42.3

What's Changed

• Accept custom aiohttp sessions from login handlers by @​nolar in nolar/kopf#1230
• Delete the temporary SSL files as soon as they are consumed by @​nolar in nolar/kopf#1231
• Extend the types accepted for SSL ca/cert/pkey files & data blobs by @​nolar in nolar/kopf#1232

Full Changelog: nolar/kopf@1.42.2...1.42.3

1.42.2

What's Changed

• Retry on "too many requests" for all requests, obey the server's "retry-after" by @​nolar in nolar/kopf#1229
• Improve the readability & debuggability of Kubernetes API errors by @​nolar in nolar/kopf#1228
• Behave safer with misconstructed NamespaceCondition by @​nolar in nolar/kopf#1226

... (truncated)

Commits

• b0ab4e0 Merge pull request #1210 from nolar/uv
• e3b3871 Switch to uv for python/venv management (only in CI)
• 52189e5 Update docker image versions in docs
• baf4148 Merge pull request #1251 from nolar/uv-docs
• f56c5f6 Document installation using uv
• 49019ff Merge pull request #1250 from nolar/canonical-urls
• eaa3dfc Merge pull request #1249 from nolar/aiohttp-min-version
• fe87a5f Add the canonical rels to docs heads (for google & other search engines)
• 4f6dc36 Require aiohttp>=3.11.0 for proxy support (released ~Nov'24)
• 8bd35aa Merge pull request #1248 from nolar/trackable-docs
• Additional commits viewable in compare view

Updates multidict from 6.7.0 to 6.7.1

Release notes

Sourced from multidict's releases.

6.7.1

Bug fixes

• Fixed slow memory leak caused by identity by adding Py_DECREF to identity value before leaving md_pop_one on success -- by :user:Vizonex.

  Related issues and pull requests on GitHub: #1284.

---

Changelog

Sourced from multidict's changelog.

6.7.1

(2026-01-25)

Bug fixes

• Fixed slow memory leak caused by identity by adding Py_DECREF to identity value before leaving md_pop_one on success -- by :user:Vizonex.

  Related issues and pull requests on GitHub: :issue:1284.

---

Commits

• 39d3c32 Release 6.7.1 (#1289)
• 77bb95e Fix memory leak caused by identity when default value is inplace (#1284)
• 87dd4a4 Bump dependabot/fetch-metadata from 2.4.0 to 2.5.0 (#1287)
• 6c76412 Bump actions/cache from 4 to 5 (#1275)
• b91a033 Bump actions/upload-artifact from 4 to 6 (#1277)
• 84bf82c Bump psutil from 7.1.3 to 7.2.1 (#1279)
• 3f7b3ce Bump pypa/cibuildwheel from 3.3.0 to 3.3.1 (#1280)
• bbae902 Bump sigstore/gh-action-sigstore-python from 3.1.0 to 3.2.0 (#1274)
• 000b5b0 Remove follow_untyped_imports for mypy-sphinx (#1286)
• 3d2d630 Bump actions/download-artifact from 6 to 7 (#1276)
• Additional commits viewable in compare view

Updates pycparser from 2.23 to 3.0

Release notes

Sourced from pycparser's releases.

release_v3.00

What's Changed

• Removed dependency on PLY, by rewriting pycparser to use a hand-written lexer and recursive-descent parser for C. No API changes / functionality changes intended - the same AST is produced.
• Add support for Python 3.14 and drop EOL 3.8 by @​hugovk in eliben/pycparser#581
• Update _ast_gen.py to be in sync with c_ast.py by @​simonlindholm in eliben/pycparser#582

Full Changelog: eliben/pycparser@release_v2.23...release_v3.00

Commits

• 77de509 Prepare for release 3.00
• e57ccd1 Update README
• 230e12d disable uv caching in CI
• 9c52f40 Update CI to run make check+test via uvx
• 6b8f064 Use dataclass where applicable; add 'make test' to Makefile
• 25376cb Use f-strings instead of older formatting in other auxiliary files
• 9bd8997 Use f-strings instead of older formatting in core code + tests
• 664eac2 Modernize some code with pattern matching
• 842f064 Add type annotations to more examples
• 076f374 Add types to several exmaples
• Additional commits viewable in compare view

Updates yarl from 1.22.0 to 1.23.0

Release notes

Sourced from yarl's releases.

1.23.0

Features

• Added support for pydantic, the :class:~yarl.URL could be used as a field type in pydantic models seamlessly.

  Related issues and pull requests on GitHub: #1607.

Packaging updates and notes for downstreams

• The CI has been set up to notify Codecov about upload completion -- by :user:webknjaz.

  With this, Codecov no longer needs to guess whether it received all the intended coverage reports or not.

  Related issues and pull requests on GitHub: #1577.

• The in-tree build backend allows the end-users appending CFLAGS and LDFLAGS by setting respective environment variables externally.

  It additionally sets up default compiler flags to perform building with maximum optimization in release mode. This makes the resulting artifacts shipped to PyPI smaller.

  When line tracing is requested, the compiler and linker flags are configured to include as much information as possible for debugging and coverage tracking. The development builds are therefore smaller.

  -- by :user:webknjaz

  Related issues and pull requests on GitHub: #1586.

• The :pep:517 build backend now supports a new config setting for controlling whether to build the project in-tree or in a temporary directory. It only affects wheels and is set up to build in a temporary directory by default. It does not affect editable wheel builds — they will keep being built in-tree regardless.

  -- by :user:webknjaz

... (truncated)

Changelog

Sourced from yarl's changelog.

1.23.0

(2025-12-16)

Features

• Added support for pydantic, the :class:~yarl.URL could be used as a field type in pydantic models seamlessly.

  Related issues and pull requests on GitHub: :issue:1607.

Packaging updates and notes for downstreams

• The CI has been set up to notify Codecov about upload completion -- by :user:webknjaz.

  With this, Codecov no longer needs to guess whether it received all the intended coverage reports or not.

  Related issues and pull requests on GitHub: :issue:1577.

• The in-tree build backend allows the end-users appending CFLAGS and LDFLAGS by setting respective environment variables externally.

  It additionally sets up default compiler flags to perform building with maximum optimization in release mode. This makes the resulting artifacts shipped to PyPI smaller.

  When line tracing is requested, the compiler and linker flags are configured to include as much information as possible for debugging and coverage tracking. The development builds are therefore smaller.

  -- by :user:webknjaz

  Related issues and pull requests on GitHub: :issue:1586.

• The :pep:517 build backend now supports a new config setting for controlling whether to build the project in-tree or in a temporary directory. It only affects wheels and is set up to build in a temporary directory by default. It does

... (truncated)

Commits

• 3d05d4c Fix 1.23.0 release to match CHANGES.rst format (#1636)
• 3f4977a Bump actions/upload-artifact from 6 to 7 (#1634)
• 7829b01 ci: add riscv64 manylinux wheels (#1625)
• e0592a1 Bump pre-commit from 4.5.0 to 4.5.1 (#1618)
• 26ba78c Fix version number (#1616)
• 4811166 Release 1.23.0 (#1615)
• f307123 Add pydantic support (#1607)
• 383b159 Bump actions/upload-artifact from 5 to 6 (#1612)
• 3476600 Bump pytest from 8.4.2 to 9.0.2 (#1606)
• 27cefc5 Bump actions/checkout from 5 to 6 (#1599)
• Additional commits viewable in compare view

Updates ruff to 0.15.4

Release notes

Sourced from ruff's releases.

0.15.4

Release Notes

Released on 2026-02-26.

This is a follow-up release to 0.15.3 that resolves a panic when the new rule PLR1712 was enabled with any rule that analyzes definitions, such as many of the ANN or D rules.

Bug fixes

• Fix panic on access to definitions after analyzing definitions (#23588)
• [pyflakes] Suppress false positive in F821 for names used before del in stub files (#23550)

Documentation

• Clarify first-party import detection in Ruff (#23591)
• Fix incorrect import-heading example (#23568)

Contributors

• @​stakeswky
• @​ntBre
• @​thejcannon
• @​GeObts

Install ruff 0.15.4

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.15.4/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/ruff/releases/download/0.15.4/ruff-installer.ps1 | iex"

Download ruff 0.15.4

File	Platform	Checksum
ruff-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
ruff-x86_64-apple-darwin.tar.gz	Intel macOS	checksum
ruff-aarch64-pc-windows-msvc.zip	ARM64 Windows	checksum
ruff-i686-pc-windows-msvc.zip	x86 Windows	checksum
ruff-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
ruff-aarch64-unknown-linux-gnu.tar.gz	ARM64 Linux	checksum
ruff-i686-unknown-linux-gnu.tar.gz	x86 Linux	checksum
ruff-powerpc64-unknown-linux-gnu.tar.gz	PPC64 Linux	checksum

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.4

Released on 2026-02-26.

This is a follow-up release to 0.15.3 that resolves a panic when the new rule PLR1712 was enabled with any rule that analyzes definitions, such as many of the ANN or D rules.

Bug fixes

• Fix panic on access to definitions after analyzing definitions (#23588)
• [pyflakes] Suppress false positive in F821 for names used before del in stub files (#23550)

Documentation

• Clarify first-party import detection in Ruff (#23591)
• Fix incorrect import-heading example (#23568)

Contributors

• @​stakeswky
• @​ntBre
• @​thejcannon
• @​GeObts

0.15.3

Released on 2026-02-26.

Preview features

• Drop explicit support for .qmd file extension (#23572)

  This can now be enabled instead by setting the extension option:

  # ruff.toml
  extension = { qmd = "markdown" }
  pyproject.toml
  [tool.ruff]
  extension = { qmd = "markdown" }

• Include configured extensions in file discovery (#23400)

• [flake8-bandit] Allow suspicious imports in TYPE_CHECKING blocks (S401-S415) (#23441)

• [flake8-bugbear] Allow B901 in pytest hook wrappers (#21931)

• [flake8-import-conventions] Add missing conventions from upstream (ICN001, ICN002) (#21373)

... (truncated)

Commits

• f14edd8 Bump 0.15.4 (#23595)
• fd09d37 Fix panic on access to definitions after analyzing definitions (#23588)
• 81d655f [pyflakes] suppress false positive in F821 for names used before del in...
• 625b4f5 [ruff] docs: Clarify first-party import detection in Ruff (#23591)
• 60facfa one word typo fix in a while_loop.md test case (#23589)
• fbb9fa7 docs: fix incorrect import-heading example (#23568)
• 5bc49a9 Increase the ruleset size to 16 bits (#23586)
• a62ba8c [ty] Fix overloaded callable assignability for unary Callable targets (#23277)
• e5f2f36 Bump 0.15.3 (#23585)
• 0e19fc9 [ty] defer calculating conjunctions in narrowing constraints (#23552)
• Additional commits viewable in compare view

Updates black to 26.1.0

Release notes

Sourced from black's releases.

26.1.0

Highlights

Introduces the 2026 stable style (#4892), stabilizing the following changes:

• always_one_newline_after_import: Always force one blank line after import statements, except when the line after the import is a comment or an import statement (#4489)
• fix_fmt_skip_in_one_liners: Fix # fmt: skip behavior on one-liner declarations, such as def foo(): return "mock" # fmt: skip, where previously the declaration would have been incorrectly collapsed (#4800)
• fix_module_docstring_detection: Fix module docstrings being treated as normal strings if preceded by comments (#4764)
• fix_type_expansion_split: Fix type expansions split in generic functions (#4777)
• multiline_string_handling: Make expressions involving multiline strings more compact (#1879)
• normalize_cr_newlines: Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)
• remove_parens_around_except_types: Remove parentheses around multiple exception types in except and except* without as (#4720)
• remove_parens_from_assignment_lhs: Remove unnecessary parentheses from the left-hand side of assignments while preserving magic trailing commas and intentional multiline formatting (#4865)
• standardize_type_comments: Format type comments which have zero or more spaces between # and type: or between type: and value to # type: (value) (#4645)

The following change was not in any previous stable release:

• Regenerated the _width_table.py and added tests for the Khmer language (#4253)

This release alo bumps pathspec to v1 and fixes inconsistencies with Git's .gitignore logic (#4958). Now, files will be ignored if a pattern matches them, even if the parent directory is directly unignored. For example, Black would previously format exclude/not_this/foo.py with this .gitignore:

exclude/
!exclude/not_this/

Now, exclude/not_this/foo.py will remain ignored. To ensure exclude/not_this/ and all of it's children are included in formatting (and in Git), use this .gitignore:

*/exclude/*
!*/exclude/not_this/

This new behavior matches Git. The leading */ are only necessary if you wish to ignore matching subdirectories (like the previous behavior did), and not just matching root

... (truncated)

Changelog

Sourced from black's changelog.

26.1.0

Highlights

Introduces the 2026 stable style (#4892), stabilizing the following changes:

• always_one_newline_after_import: Always force one blank line after import statements, except when the line after the import is a comment or an import statement (#4489)
• fix_fmt_skip_in_one_liners: Fix # fmt: skip behavior on one-liner declarations, such as def foo(): return "mock" # fmt: skip, where previously the declaration would have been incorrectly collapsed (#4800)
• fix_module_docstring_detection: Fix module docstrings being treated as normal strings if preceded by comments (#4764)
• fix_type_expansion_split: Fix type expansions split in generic functions (#4777)
• multiline_string_handling: Make expressions involving multiline strings more compact (#1879)
• normalize_cr_newlines: Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)
• remove_parens_around_except_types: Remove parentheses around multiple exception types in except and except* without as (#4720)
• remove_parens_from_assignment_lhs: Remove unnecessary parentheses from the left-hand side of assignments while preserving magic trailing commas and intentional multiline formatting (#4865)
• standardize_type_comments: Format type comments which have zero or more spaces between # and type: or between type: and value to # type: (value) (#4645)

The following change was not in any previous stable release:

• Regenerated the _width_table.py and added tests for the Khmer language (#4253)

This release alo bumps pathspec to v1 and fixes inconsistencies with Git's .gitignore logic (#4958). Now, files will be ignored if a pattern matches them, even if the parent directory is directly unignored. For example, Black would previously format exclude/not_this/foo.py with this .gitignore:

exclude/
!exclude/not_this/

Now, exclude/not_this/foo.py will remain ignored. To ensure exclude/not_this/ and all of it's children are included in formatting (and in Git), use this .gitignore:

*/exclude/*
!*/exclude/not_this/

This new behavior matches Git. The leading */ are only necessary if you wish to ignore

... (truncated)

Commits

• 6305bf1 Prepare 2026.1.0 release (#4892)
• e71305b Bump pypa/cibuildwheel from 3.3.0 to 3.3.1 (#4961)
• 21a2a8c Fix Shutdown multiprocessing Manager in schedule_formatting (#4952)
• e3146ce Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 (#4919)
• fe1fbc4 Bump actions/upload-artifact from 5.0.0 to 6.0.0 (#4923)
• 2b4b7fc Bump actions/download-artifact from 6.0.0 to 7.0.0 (#4922)
• d745be6 docs: document --force-exclude for pre-commit workflows (#4957)
• b41acd6 Various CI and doc refactors (#4928)
• 6f43612 Handle pathspec v1 changes (#4958)
• 200c550 Bump furo from 2025.9.25 to 2025.12.19 in /docs (#4933)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions