Bump the production-dependencies group across 1 directory with 6 updates

[dependabot]

Bumps the production-dependencies group with 6 updates in the / directory:

Package	From	To
click	8.2.1	8.3.1
mkdocs-material	9.7.5	9.7.6
pygments	2.19.2	2.20.0
pymdown-extensions	10.21	10.21.2
build	1.4.0	1.4.2
python-discovery	1.1.3	1.2.1

Updates click from 8.2.1 to 8.3.1

Release notes

Sourced from click's releases.

8.3.1

This is the Click 8.3.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.3.1/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-1 Milestone: https://github.com/pallets/click/milestone/28

• Don't discard pager arguments by correctly using subprocess.Popen. #3039 #3055
• Replace Sentinel.UNSET default values by None as they're passed through the Context.invoke() method. #3066 #3065 #3068
• Fix conversion of Sentinel.UNSET happening too early, which caused incorrect behavior for multiple parameters using the same name. #3071 #3079
• Fix rendering when prompt and confirm parameter prompt_suffix is empty. #3019 #3021
• When Sentinel.UNSET is found during parsing, it will skip calls to type_cast_value. #3069 #3090
• Hide Sentinel.UNSET values as None when looking up for other parameters through the context inside parameter callbacks. #3136 #3137

8.3.0

This is the Click 8.3.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.

We encourage everyone to upgrade. You can read more about our Version Support Policy on our website.

PyPI: https://pypi.org/project/click/8.3.0/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-0 Milestone https://github.com/pallets/click/milestone/27

• Improved flag option handling: Reworked the relationship between flag_value and default parameters for better consistency:

  • The default parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)
  • Exception: flag options with default=True maintain backward compatibility by defaulting to their flag_value
  • The default parameter can now be any type (bool, None, etc.)
  • Fixes inconsistencies reported in: #1992 #2514 #2610 #3024 #3030

• Allow default to be set on Argument for nargs = -1. #2164 #3030

• Show correct auto complete value for nargs option in combination with flag option #2813

• Show correct auto complete value for nargs option in combination with flag option #2813

• Fix handling of quoted and escaped parameters in Fish autocompletion. #2995 #3013

• Lazily import shutil. #3023

• Properly forward exception information to resources registered with click.core.Context.with_resource(). #2447 #3058

• Fix regression related to EOF handling in CliRunner. #2939 #2940

8.2.2

This is the Click 8.2.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.2.2/

... (truncated)

Changelog

Sourced from click's changelog.

Version 8.3.1

Released 2025-11-15

• Don't discard pager arguments by correctly using subprocess.Popen. :issue:3039 :pr:3055
• Replace Sentinel.UNSET default values by None as they're passed through the Context.invoke() method. :issue:3066 :issue:3065 :pr:3068
• Fix conversion of Sentinel.UNSET happening too early, which caused incorrect behavior for multiple parameters using the same name. :issue:3071 :pr:3079
• Hide Sentinel.UNSET values as None when looking up for other parameters through the context inside parameter callbacks. :issue:3136 :pr:3137
• Fix rendering when prompt and confirm parameter prompt_suffix is empty. :issue:3019 :pr:3021
• When Sentinel.UNSET is found during parsing, it will skip calls to type_cast_value. :issue:3069 :pr:3090

Version 8.3.0

Released 2025-09-17

• Improved flag option handling: Reworked the relationship between flag_value and default parameters for better consistency:

  • The default parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)
  • Exception: flag options with default=True maintain backward compatibility by defaulting to their flag_value
  • The default parameter can now be any type (bool, None, etc.)
  • Fixes inconsistencies reported in: :issue:1992 :issue:2514 :issue:2610 :issue:3024 :pr:3030

• Allow default to be set on Argument for nargs = -1. :issue:2164 :pr:3030

• Show correct auto complete value for nargs option in combination with flag option :issue:2813

• Fix handling of quoted and escaped parameters in Fish autocompletion. :issue:2995 :pr:3013

• Lazily import shutil. :pr:3023

• Properly forward exception information to resources registered with click.core.Context.with_resource(). :issue:2447 :pr:3058

• Fix regression related to EOF handling in CliRunner. :issue:2939 :pr:2940

Version 8.2.2

Released 2025-07-31

• Fix reconciliation of default, flag_value and type parameters for flag options, as well as parsing and normalization of environment variables.

... (truncated)

Commits

• 1d038f2 release version 8.3.1
• 03f3889 Fix Ruff UP038 warning (#3141)
• 3867781 Fix Ruff UP038 warning
• b91bb95 Provide altered context to callbacks to hide UNSET values as None (#3137)
• 437e1e3 Temporarily provide a fake context to the callback to hide UNSET values as ...
• ea70da4 Don't test using a file in docs/ (#3102)
• e27b307 Make uv run --all-extras pyright --verifytypes click pass (#3072)
• a92c573 Fix test_edit to work with BSD sed (#3129)
• bd131e1 Fix test_edit to work with BSD sed
• 0b5c6b7 Add Best practices section (#3127)
• Additional commits viewable in compare view

Updates mkdocs-material from 9.7.5 to 9.7.6

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.7.6

[!WARNING]

Material for MkDocs is in maintenance mode

Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs until November 2026.

Read the full announcement on our blog

Changes

• Automatically disable MkDocs 2.0 warning for forks of MkDocs

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.7.6 (2026-03-19)

• Automatically disable MkDocs 2.0 warning for forks of MkDocs

mkdocs-material-9.7.5 (2026-03-10)

• Limited version range of mkdocs to <2
• Updated MkDocs 2.0 incompatibility warning (clarify relation with MkDocs)

mkdocs-material-9.7.4 (2026-03-03)

• Hardened social cards plugin by switching to sandboxed environment
• Updated MkDocs 2.0 incompatibility warning

mkdocs-material-9.7.3 (2026-02-24)

• Fixed #8567: Print MkDocs 2.0 incompatibility warning to stderr

mkdocs-material-9.7.2 (2026-02-18)

• Opened up version ranges of optional dependencies for forward-compatibility
• Added warning to 'mkdocs build' about impending MkDocs 2.0 incompatibility

mkdocs-material-9.7.1 (2025-12-18)

• Updated requests to 2.30+ to mitigate CVE in urllib
• Fixed privacy plugin not picking up protocol-relative URLs
• Fixed #8542: false positives and negatives captured in privacy plugin

mkdocs-material-9.7.0 (2025-11-11)

⚠️ Material for MkDocs is now in maintenance mode

This is the last release of Material for MkDocs that will receive new features. Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs for 12 months at least.

Read the full announcement on our blog: https://squidfunk.github.io/mkdocs-material/blog/2025/11/05/zensical/

This release includes all features that were previously exclusive to the Insiders edition. These features are now freely available to everyone.

Note on deprecated plugins: The projects and typeset plugins are included in this release, but must be considered deprecated. Both plugins proved unsustainable to maintain and represent architectural dead ends. They are provided as-is without ongoing support.

Changes:

... (truncated)

Commits

• 6c52ed6 Prepare 9.7.6 release
• 51d9b76 Automatically disable MkDocs 2.0 warning for forks of MkDocs
• 6f9a48b Updated links
• See full diff in compare view

Updates pygments from 2.19.2 to 2.20.0

Release notes

Sourced from pygments's releases.

2.20.0

• New lexers:

  • Rell (#2914)

• Updated lexers:

  • archetype: Fix catastrophic backtracking in GUID and ID patterns (#3064)
  • ASN.1: Recognize minus sign and fix range operator (#3014, #3060)
  • C++: Add C++26 keywords (#2955), add integer literal suffixes (#2966)
  • ComponentPascal: Fix analyse_text (#3028, #3032)
  • Coq renamed to Rocq (#2883, #2908)
  • Cython: Various improvements (#2932, #2933)
  • Debian control: Improve architecture parsing (#3052)
  • Devicetree: Add support for overlay/fragments (#3021), add bytestring support (#3022), fix catastrophic backtracking (#3057)
  • Fennel: Various improvements (#2911)
  • Haskell: Handle escape sequences in character literals (#3069, #1795)
  • Java: Add module keywords (#2955)
  • Lean4: Add operators ]', ]?, ]! (#2946)
  • LESS: Support single-line comments (#3005)
  • LilyPond: Update to 2.25.29 (#2974)
  • LLVM: Support C-style comments (#3023, #2978)
  • Lua(u): Fix catastrophic backtracking (#3047)
  • Macaulay2: Update to 1.25.05 (#2893), 1.25.11 (#2988)
  • Mathematica: Various improvements (#2957)
  • meson: Add additional operators (#2919)
  • MySQL: Update keywords (#2970)
  • org-Mode: Support both schedule and deadline (#2899)
  • PHP: Add __PROPERTY__ magic constant (#2924), add reserved keywords (#3002)
  • PostgreSQL: Add more keywords (#2985)
  • protobuf: Fix namespace tokenization (#2929)
  • Python: Add t-string support (#2973, #3009, #3010)
  • Tablegen: Fix infinite loop (#2972, #2940)
  • Tera Term macro: Add commands introduced in v5.3 through v5.6 (#2951)
  • TOML: Support TOML 1.1.0 (#3026, #3027)
  • Turtle: Allow empty comment lines (#2980)
  • XML: Added .xbrl as file ending (#2890, #2891)

• Drop Python 3.8, and add Python 3.14 as a supported version (#2987, #3012)

• Various improvements to autopygmentize (#2894)

• Update onedark style to support more token types (#2977)

• Update rtt style to support more token types (#2895)

• Cache entry points to improve performance (#2979)

• Fix xterm-256 color table (#3043)

• Fix kwargs dictionary getting mutated on each call (#3044)

Changelog

Sourced from pygments's changelog.

Version 2.20.0

(released March 29th, 2026)

• New lexers:

  • Rell (#2914)

• Updated lexers:

  • archetype: Fix catastrophic backtracking in GUID and ID patterns (#3064)
  • ASN.1: Recognize minus sign and fix range operator (#3014, #3060)
  • C++: Add C++26 keywords (#2955), add integer literal suffixes (#2966)
  • ComponentPascal: Fix analyse_text (#3028, #3032)
  • Coq renamed to Rocq (#2883, #2908)
  • Cython: Various improvements (#2932, #2933)
  • Debian control: Improve architecture parsing (#3052)
  • Devicetree: Add support for overlay/fragments (#3021), add bytestring support (#3022), fix catastrophic backtracking (#3057)
  • Fennel: Various improvements (#2911)
  • Haskell: Handle escape sequences in character literals (#3069, #1795)
  • Java: Add module keywords (#2955)
  • Lean4: Add operators ]', ]?, ]! (#2946)
  • LESS: Support single-line comments (#3005)
  • LilyPond: Update to 2.25.29 (#2974)
  • LLVM: Support C-style comments (#3023, #2978)
  • Lua(u): Fix catastrophic backtracking (#3047)
  • Macaulay2: Update to 1.25.05 (#2893), 1.25.11 (#2988)
  • Mathematica: Various improvements (#2957)
  • meson: Add additional operators (#2919)
  • MySQL: Update keywords (#2970)
  • org-Mode: Support both schedule and deadline (#2899)
  • PHP: Add __PROPERTY__ magic constant (#2924), add reserved keywords (#3002)
  • PostgreSQL: Add more keywords (#2985)
  • protobuf: Fix namespace tokenization (#2929)
  • Python: Add t-string support (#2973, #3009, #3010)
  • Tablegen: Fix infinite loop (#2972, #2940)
  • Tera Term macro: Add commands introduced in v5.3 through v5.6 (#2951)
  • TOML: Support TOML 1.1.0 (#3026, #3027)
  • Turtle: Allow empty comment lines (#2980)
  • XML: Added .xbrl as file ending (#2890, #2891)

• Drop Python 3.8, and add Python 3.14 as a supported version (#2987, #3012)

• Various improvements to autopygmentize (#2894)

• Update onedark style to support more token types (#2977)

• Update rtt style to support more token types (#2895)

• Cache entry points to improve performance (#2979)

• Fix xterm-256 color table (#3043)

• Fix kwargs dictionary getting mutated on each call (#3044)

Commits

• 708197d Fix underline length.
• 1d4538a Prepare 2.20 release.
• 2ceaee4 Update CHANGES.
• e3a3c54 Fix Haskell lexer: handle escape sequences in character literals (#3069)
• d7c3453 Merge pull request #3071 from pygments/harden-html-formatter
• 0f97e7c Harden the HTML formatter against CSS.
• 9f981b2 Update CHANGES.
• 1d88915 Update CHANGES.
• c3d93ad Fix ASN.1 lexer: recognize minus sign and fix range operator (#3060)
• 4f06bcf fix bad behaving backtracking regex in CommonLispLexer
• Additional commits viewable in compare view

Updates pymdown-extensions from 10.21 to 10.21.2

Release notes

Sourced from pymdown-extensions's releases.

10.21. 2

10.21.2

• FIX: Highlight: Latest Pygments versions cannot handle a "filename" for code block titles of None.

10.20.1

• FIX: Quotes: Ensure the first class for callouts (the alert type) is always rendered lowercase.

Commits

• a4fdd73 Skip tag 10.21.1 has we accidentally already used it
• 8afb4cd Docs: Update JS deps
• 7bf5b29 Pygments needs a non-None value for code block title (#2863)
• 20b11eb Fix some spelling and formatting
• c9edba3 Docs: strengthen Snippets warning and add security considerations
• See full diff in compare view

Updates build from 1.4.0 to 1.4.2

Release notes

Sourced from build's releases.

1.4.2

What's Changed

• fix(uv): always pass the python to use by @​henryiii in pypa/build#996
• 🐛 fix(release): detect pre-commit environment inconsistencies by @​gaborbernat in pypa/build#1001
• 🔧 fix(towncrier): match docstrfmt RST formatting expectations by @​gaborbernat in pypa/build#1002
• Fix _has_valid_outer_pip when pip is missing by @​notatallshaw in pypa/build#1003
• fix: release changelog issue by @​henryiii in pypa/build#1006

New Contributors

• @​notatallshaw made their first contribution in pypa/build#1003

Full Changelog: pypa/build@1.4.1...1.4.2

1.4.1

What's Changed

• Fix documentation grammar and typos by @​DimitriPapadopoulos in pypa/build#979
• Allow setting build constraints by @​layday in pypa/build#963
• fix: pip hack workaround by @​henryiii in pypa/build#980
• 📚 docs: reorganize using Diataxis framework by @​gaborbernat in pypa/build#988
• ✨ feat(ci): automate releases and harden workflows by @​gaborbernat in pypa/build#991
• chore: avoid template injection zizmor issue by @​henryiii in pypa/build#994
• chore: fix PR template by @​henryiii in pypa/build#995
• chore: fix fix job by @​henryiii in pypa/build#997
• 🐛 fix(ci): resolve pre-release auth failure and change detection by @​gaborbernat in pypa/build#999
• 🐛 fix(deps): add pre-commit to release dependency group by @​gaborbernat in pypa/build#1000

Full Changelog: pypa/build@1.4.0...1.4.1

Changelog

Sourced from build's changelog.

#################### 1.4.2 (2026-03-25) ####################

---

Bugfixes

---

• Ensure the uv installer uses the current version of Python, avoiding an issue if UV_PYTHON is set, for example. (:issue:977)
• Fix _has_valid_outer_pip returning True when pip is missing, causing build to try using a non-existent pip instead of falling back to virtualenv. (:issue:1003)

#################### 1.4.1 (2026-03-24) ####################

---

Features

---

• Allow setting build constraints - by :user:gaborbernat (:issue:963)
• Automate releases with pre-release workflow and trusted publishing - by :user:gaborbernat (:issue:991)

---

Documentation

---

• Fix documentation grammar and typos (:issue:979)
• Reorganize documentation using Diataxis framework - by :user:gaborbernat (:issue:988)
• Document release process and workflow security practices in contributing guide (:issue:991)

---

Miscellaneous

---

• :issue:991

---

Bugfixes

---

• Fix pip hack workaround - by :user:gaborbernat (:issue:980)

#################### 1.4.0 (2026-01-08) ####################

• Add --quiet flag (:pr:947)
• Add option to dump PEP 517 metadata with --metadata (:pr:940, :pr:943)

... (truncated)

Commits

• 7b7ae07 chore: prepare for 1.4.2
• 17f3b57 fix: release changelog issue (#1006)
• b945752 fix: _has_valid_outer_pip when pip is missing (#1003)
• 74ae997 🔧 fix(towncrier): match docstrfmt RST formatting expectations (#1002)
• 3786929 🐛 fix(release): detect pre-commit environment inconsistencies (#1001)
• 737bdb7 fix(uv): always pass the python to use (#996)
• bd88956 chore: prepare for 1.4.1
• 062e7e2 🐛 fix(deps): add pre-commit to release dependency group (#1000)
• 3d8e260 🐛 fix(ci): resolve pre-release auth failure and change detection (#999)
• f2a2610 chore: fix fix job (#997)
• Additional commits viewable in compare view

Updates python-discovery from 1.1.3 to 1.2.1

Release notes

Sourced from python-discovery's releases.

1.2.1

What's Changed

• 🔒 ci(workflows): add zizmor security auditing by @​gaborbernat in tox-dev/python-discovery#55
• expose KNOWN_ARCHITECTURES as public API by @​rahuldevikar in tox-dev/python-discovery#56

New Contributors

• @​rahuldevikar made their first contribution in tox-dev/python-discovery#56

Full Changelog: tox-dev/python-discovery@1.2.0...1.2.1

1.2.0

What's Changed

• ✨ feat(interpreter): increase query timeout to 15s with override by @​gaborbernat in tox-dev/python-discovery#53

Full Changelog: tox-dev/python-discovery@1.1.3...1.2.0

Commits

• 38eac12 expose KNOWN_ARCHITECTURES as public API (#56)
• eabb812 🔒 ci(workflows): add zizmor security auditing (#55)
• b4cbd35 [pre-commit.ci] pre-commit autoupdate (#54)
• 98b331e ✨ feat(interpreter): increase query timeout to 15s with override (#53)
• 7d30958 [pre-commit.ci] pre-commit autoupdate (#51)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions