deps: bump the prod-deps group across 1 directory with 8 updates

[dependabot]

Bumps the prod-deps group with 8 updates in the / directory:

Package	From	To
psycopg2-binary	2.9.7	2.9.11
xmlschema	4.1.0	4.2.0
jellyfish	1.2.0	1.2.1
uwsgi	2.0.30	2.0.31
coveralls	4.0.1	4.0.2
coverage	7.10.7	7.11.3
pre-commit	4.3.0	4.4.0
tox	4.30.3	4.32.0

Updates psycopg2-binary from 2.9.7 to 2.9.11

Changelog

Sourced from psycopg2-binary's changelog.

Current release

What's new in psycopg 2.9.11 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Add support for Python 3.14.
• Avoid a segfault passing more arguments than placeholders if Python is built with assertions enabled (:ticket:[#1791](https://github.com/psycopg/psycopg2/issues/1791)).
• Add riscv64 platform binary packages (:ticket:[#1813](https://github.com/psycopg/psycopg2/issues/1813)).
• ~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 18.
• Drop support for Python 3.8.

What's new in psycopg 2.9.10 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Add support for Python 3.13.
• Receive notifications on commit (:ticket:[#1728](https://github.com/psycopg/psycopg2/issues/1728)).
• ~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 17.
• Drop support for Python 3.7.

What's new in psycopg 2.9.9 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Add support for Python 3.12.
• Drop support for Python 3.6.

What's new in psycopg 2.9.8 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Wheel package bundled with PostgreSQL 16 libpq in order to add support for recent features, such as sslcertmode.

What's new in psycopg 2.9.7 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Fix propagation of exceptions raised during module initialization (:ticket:[#1598](https://github.com/psycopg/psycopg2/issues/1598)).
• Fix building when pg_config returns an empty string (:ticket:[#1599](https://github.com/psycopg/psycopg2/issues/1599)).
• Wheel package bundled with OpenSSL 1.1.1v.

What's new in psycopg 2.9.6 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

... (truncated)

Commits

• fd9ae8c chore: bump to version 2.9.11
• d923840 chore: update docs requirements
• d42dc71 Merge branch 'fix-1791'
• 4fde656 fix: avoid failed assert passing more arguments than placeholders
• 8308c19 fix: drop warning about the use of deprecated PyWeakref_GetObject function
• 1a1eabf build(deps): bump actions/github-script from 7 to 8
• 897af8b build(deps): bump peter-evans/repository-dispatch from 3 to 4
• ceefd30 build(deps): bump actions/checkout from 4 to 5
• 4dc5854 build(deps): bump actions/setup-python from 5 to 6
• 1945788 Merge pull request #1802 from edgarrmondragon/cp314-wheels
• Additional commits viewable in compare view

Updates xmlschema from 4.1.0 to 4.2.0

Release notes

Sourced from xmlschema's releases.

v4.2.0 (2025-10-14)

• Add arguments validation for schemas and validation methods (by validation contexts)
• Add SchemaSettings dataclass for storing read-only settings for schema instances and for managing package default settings
• Add block argument to XMLResource class (issue #464)
• Add MAX_SCHEMA_SOURCES package limit (1000, applied to XsdGlobals global maps instances)
• Add MAX_XML_ELEMENTS package limit (1,000,000, applied to non-lazy XMLResource instances)
• Reduce MAX_XML_DEPTH limit to 1000 and apply it to all XMLResource instances
• Fix for substitute match in case of unexpected child (issue #461)

Changelog

Sourced from xmlschema's changelog.

v4.2.0_ (2025-10-14)

• Add arguments validation for schemas and validation methods (by validation contexts)
• Add SchemaSettings dataclass for storing read-only settings for schema instances and for managing package default settings
• Add block argument to XMLResource class (issue #464)
• Add MAX_SCHEMA_SOURCES package limit (1000, applied to XsdGlobals global maps instances)
• Add MAX_XML_ELEMENTS package limit (1,000,000, applied to non-lazy XMLResource instances)
• Reduce MAX_XML_DEPTH limit to 1000 and apply it to all XMLResource instances
• Fix for substitute match in case of unexpected child (issue #461)

Commits

• 2783030 Bump minor release
• 7c77a12 Include publiccode.yml validation workflow for CI and README changes
• 04c19d5 Fix XsdGroup.match_element (issue #461)
• dd4f279 Merge pull request #463 from publiccode-pr-bot/chore/add-publiccode-parser-ac...
• 1bd7aa6 Update GitHub workflow for CI
• 76b0f67 Patch mypy tests with protocols
• 28727bb Update docs and release info
• e4131ea Add from_settings() class method to schemas
• 0aea8de Rewrite validation contexts as normal classes
• d443d7b Full validation of context arguments
• Additional commits viewable in compare view

Updates jellyfish from 1.2.0 to 1.2.1

Updates uwsgi from 2.0.30 to 2.0.31

Updates coveralls from 4.0.1 to 4.0.2

Release notes

Sourced from coveralls's releases.

4.0.2 (2025-11-07)

Internal

• update python support: drop EOL'd versions (3.8, 3.9), begin testing on new versions (3.13, 3.14), and mark explicit future compatibility up to <4.0

Changelog

Sourced from coveralls's changelog.

4.0.2 (2025-11-07)

Internal

• update python support: drop EOL'd versions (3.8, 3.9), begin testing on new versions (3.13, 3.14), and mark explicit future compatibility up to <4.0

Commits

• 113f52f chore(release): bump version
• 120cf1e chore(compat): bump pythons
• a0d0cf6 chore(deps): update dependency docker to v4 (#616)
• fd2302a chore(deps): update pandoc/core docker tag to v3.8.2 (#630)
• 12ad037 chore(deps): lock file maintenance (#629)
• d357cc4 chore(deps): lock file maintenance (#627)
• 8feab27 chore(deps): update actions/dependency-review-action action to v4.8.1 (#624)
• 9bc44a4 chore(deps): lock file maintenance (#622)
• 7ff4351 chore(deps): update actions/dependency-review-action action to v4.8.0 (#620)
• 9ab3038 chore(deps): update actions/dependency-review-action action to v4.7.4 (#619)
• Additional commits viewable in compare view

Updates coverage from 7.10.7 to 7.11.3

Release notes

Sourced from coverage's releases.

7.11.3

Version 7.11.3 — 2025-11-09

• Fix: the 7.11.1 changes meant that conflicts between a requested measurement core and other settings would raise an error. This was a breaking change from previous behavior, as reported in issue 2076 and issue 2078.

  The previous behavior has been restored: when the requested core conflicts with other settings, another core is used instead, and a warning is issued.

• For contributors: the repo has moved from Ned’s nedbat GitHub account to the coveragepy GitHub organization. The default branch has changed from master to main.

➡️  PyPI page: coverage 7.11.3. :arrow_right:  To install: python3 -m pip install coverage==7.11.3

7.11.2

Version 7.11.2 — 2025-11-08

• Fix: using the “sysmon” measurement core in 7.11.1, if Python code was claimed to come from a non-Python file, a NotPython exception could be raised. This could happen for example with Jinja templates compiled to Python, as reported in issue 2077. This is now fixed.
• Doc: corrected the first entry in the 7.11.1 changelog.

➡️  PyPI page: coverage 7.11.2. :arrow_right:  To install: python3 -m pip install coverage==7.11.2

7.11.1

Version 7.11.1 — 2025-11-07

• Fix: some chanages to details of how the measurement core is chosen, and how conflicting settings are handled. The “sysmon” core cannot be used with some conurrency settings, with dynamic context, and in Python 3.12/3.13, with branch measurement.
  • If the core is not specified and defaults to “sysmon” (Python 3.14+), but other settings conflict with sysmon, then the “ctrace” core will be used instead with no warning. For concurrency conflicts, this used to produce an error, as described in issue 2064.
  • If the “sysmon” core is explicitly requested in your configuration, but other settings conflict, an error is now raised. This used to produce a warning.
• Fix: some multi-line case clauses or for loops (and probably other constructs) could cause incorrect claims of missing branches with the sys.monitoring core, as described in issue 2070. This is now fixed.
• Fix: when running in pytest under coverage, a breakpoint() would stop in the wrong frame, one level down from where it should, as described in issue 1420. This was due to a coverage change in v6.4.1 that seemed to give a slight performance improvement, but I couldn’t reproduce the performance gain, so it’s been reverted, fixing the debugger problem.
• A new debug option --debug=core shows which core is in use and why.
• Split sqlite debugging information out of the sys coverage debug and --debug option options since it’s bulky and not very useful.
• Updated the How coverage.py works page to better describe the three different measurement cores.

➡️  PyPI page: coverage 7.11.1. :arrow_right:  To install: python3 -m pip install coverage==7.11.1

7.11.1

Version 7.11.1 — 2025-11-07

• Fix: some chanages to details of how the measurement core is chosen, and how conflicting settings are handled. The “sysmon” core cannot be used with some conurrency settings, with dynamic context, and in Python 3.12/3.13, with branch measurement.
  • If the core is not specified and defaults to “sysmon” (Python 3.14+), but other settings conflict with sysmon, then the “ctrace” core will be used instead with no warning. For concurrency conflicts, this used to produce an error, as described in issue 2064.
  • If the “sysmon” core is explicitly requested in your configuration, but other settings conflict, an error is now raised. This used to produce a warning.
• Fix: some multi-line case clauses or for loops (and probably other constructs) could cause incorrect claims of missing branches with the sys.monitoring core, as described in issue 2070. This is now fixed.
• Fix: when running in pytest under coverage, a breakpoint() would stop in the wrong frame, one level down from where it should, as described in issue 1420. This was due to a coverage change in v6.4.1 that seemed to give a slight performance improvement, but I couldn’t reproduce the performance gain, so it’s been reverted, fixing the debugger problem.
• A new debug option --debug=core shows which core is in use and why.
• Split sqlite debugging information out of the sys coverage debug and --debug option options since it’s bulky and not very useful.
• Updated the How coverage.py works page to better describe the three different measurement cores.

➡️  PyPI page: coverage 7.11.1. :arrow_right:  To install: python3 -m pip install coverage==7.11.1

... (truncated)

Changelog

Sourced from coverage's changelog.

Version 7.11.3 — 2025-11-09

• Fix: the 7.11.1 changes meant that conflicts between a requested measurement core and other settings would raise an error. This was a breaking change from previous behavior, as reported in issue 2076_ and issue 2078_.

  The previous behavior has been restored: when the requested core conflicts with other settings, another core is used instead, and a warning is issued.

• For contributors: the repo has moved from Ned's nedbat GitHub account_ to the coveragepy GitHub organization_. The default branch has changed from master to main.

.. _issue 2076: coveragepy/coveragepy#2076 .. _issue 2078: coveragepy/coveragepy#2078 .. _nedbat GitHub account: https://github.com/nedbat .. _coveragepy GitHub organization: https://github.com/coveragepy

.. _changes_7-11-2:

Version 7.11.2 — 2025-11-08

• Fix: using the "sysmon" measurement core in 7.11.1, if Python code was claimed to come from a non-Python file, a NotPython exception could be raised. This could happen for example with Jinja templates compiled to Python, as reported in issue 2077_. This is now fixed.

• Doc: corrected the first entry in the 7.11.1 changelog.

.. _issue 2077: coveragepy/coveragepy#2077

.. _changes_7-11-1:

Version 7.11.1 — 2025-11-07

• Fix: some chanages to details of how the measurement core is chosen, and how conflicting settings are handled. The "sysmon" core cannot be used with some conurrency settings, with dynamic context, and in Python 3.12/3.13, with branch measurement.

  • If the core is not specified and defaults to "sysmon" (Python 3.14+), but other settings conflict with sysmon, then the "ctrace" core will be used instead with no warning. For concurrency conflicts, this used to produce an error, as described in issue 2064_.

... (truncated)

Commits

• 8bb1230 docs: remove duplicate entry in the changelog
• 06c493c docs: sample HTML for 7.11.3
• 0823a70 docs: prep for 7.11.3
• 8434792 fix: sysmon conflicts no longer cause errors
• 1f21184 chore: bump docker/setup-qemu-action in the action-dependencies group (#2080)
• bd61620 docs: django_coverage_plugin moved
• 1bd73f1 build: nedbat/coverage-reports moved to coveragepy/metacov-reports
• b54131f docs: moved to coveragepy, master->main
• f2d740f build: change more github urls to the coveragepy org
• 776f313 docs: issue and pr references moved to coveragepy org
• Additional commits viewable in compare view

Updates pre-commit from 4.3.0 to 4.4.0

Release notes

Sourced from pre-commit's releases.

pre-commit v4.4.0

Features

• Add --fail-fast option to pre-commit run.
  • #3528 PR by @​JulianMaurin.
• Upgrade ruby-build / rbenv.
  • #3566 PR by @​asottile.
  • #3565 issue by @​MRigal.
• Add language: unsupported / language: unsupported_script as aliases for language: system / language: script (which will eventually be deprecated).
  • #3577 PR by @​asottile.
• Add support docker-in-docker detection for cgroups v2.
  • #3535 PR by @​br-rhrbacek.
  • #3360 issue by @​JasonAlt.

Fixes

• Handle when docker gives SecurityOptions: null.
  • #3537 PR by @​asottile.
  • #3514 issue by @​jenstroeger.
• Fix error context for invalid stages in .pre-commit-config.yaml.
  • #3576 PR by @​asottile.

Changelog

Sourced from pre-commit's changelog.

4.4.0 - 2025-11-08

Features

• Add --fail-fast option to pre-commit run.
  • #3528 PR by @​JulianMaurin.
• Upgrade ruby-build / rbenv.
  • #3566 PR by @​asottile.
  • #3565 issue by @​MRigal.
• Add language: unsupported / language: unsupported_script as aliases for language: system / language: script (which will eventually be deprecated).
  • #3577 PR by @​asottile.
• Add support docker-in-docker detection for cgroups v2.
  • #3535 PR by @​br-rhrbacek.
  • #3360 issue by @​JasonAlt.

Fixes

• Handle when docker gives SecurityOptions: null.
  • #3537 PR by @​asottile.
  • #3514 issue by @​jenstroeger.
• Fix error context for invalid stages in .pre-commit-config.yaml.
  • #3576 PR by @​asottile.

Commits

• 17cf886 v4.4.0
• cb63a5c Merge pull request #3535 from br-rhrbacek/fix-cgroups
• f80801d Fix docker-in-docker detection for cgroups v2
• 9143fc3 Merge pull request #3577 from pre-commit/language-unsupported
• 725acc9 rename system and script languages to unsupported / unsupported_script
• 3815e2e Merge pull request #3576 from pre-commit/fix-stages-config-error
• aa2961c fix missing context in error for stages
• 46297f7 Merge pull request #3575 from pre-commit/rm-python3-hooks-repo
• 95eec75 rm python3_hooks_repo
• 5e4b354 Merge pull request #3574 from pre-commit/rm-hook-with-spaces-test
• Additional commits viewable in compare view

Updates tox from 4.30.3 to 4.32.0

Release notes

Sourced from tox's releases.

4.32.0

What's Changed

• docs: Add Python 3.14 and 3.14t to config examples by @​cclauss in tox-dev/tox#3626
• Fix broken log message (in that branch it did not match the arguments). by @​ionelmc in tox-dev/tox#3634
• Allow braced range syntax in internal sections of tox.ini file by @​marcosboger in tox-dev/tox#3631
• fix: ensure log folder is created before writing the execution logs by @​ssbarnea in tox-dev/tox#3633
• TST: add weekly compatibility checks for CPython 3.15 by @​neutrinoceros in tox-dev/tox#3629

New Contributors

• @​ionelmc made their first contribution in tox-dev/tox#3634
• @​marcosboger made their first contribution in tox-dev/tox#3631
• @​neutrinoceros made their first contribution in tox-dev/tox#3629

Full Changelog: tox-dev/tox@4.31.0...4.32.0

4.31.0

What's Changed

• Address a type-conversion noted during doc builds by @​kurtmckee in tox-dev/tox#3623
• Add 3.14, drop 3.9 and support | union style by @​gaborbernat in tox-dev/tox#3624

Full Changelog: tox-dev/tox@4.30.3...4.31.0

Changelog

Sourced from tox's changelog.

v4.32.0 (2025-10-24)

Bugfixes - 4.32.0

- Expand braced range syntax in all internal sections of ``tox.ini`` (e.g. ``deps``, ``testenv``). Syntax like py3{10-14} can be used in those sections now.
  - by :user:`marcosboger` (:issue:`3571`)
Improved Documentation - 4.32.0

• Add Python 3.14 and 3.14t to config examples
  • by :user:cclauss (:issue:3626)

Misc - 4.32.0

- :issue:`3629`
v4.31.0 (2025-10-09)
No significant changes.

Commits

• 511782e release 4.32.0
• d5035fa TST: add weekly compatibility checks for CPython 3.15 (#3629)
• 5220e07 fix: ensure log folder is created before writing the execution logs (#3633)
• f8a88c1 Allow braced range syntax in internal sections of tox.ini file (#3631)
• 6432872 Fix broken log message (in that branch it did not match the arguments). (#3634)
• b036f7d [pre-commit.ci] pre-commit autoupdate (#3630)
• 5d73948 [pre-commit.ci] pre-commit autoupdate (#3627)
• 95f15ad docs: Add Python 3.14 and 3.14t to config examples (#3626)
• 5b0f7e4 Fix release changelog generation config
• eac78c1 release 4.31.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions