deps: bump the prod-deps group across 1 directory with 34 updates

[dependabot]

Bumps the prod-deps group with 34 updates in the / directory:

Package	From	To
django	4.2.26	6.0
psycopg2-binary	2.9.10	2.9.11
celery	5.5.3	5.6.0
hiredis	3.2.1	3.3.0
brotli	1.1.0	1.2.0
django-compressor	4.5.1	4.6.0
drf-yasg	1.21.10	1.21.11
jellyfish	1.2.0	1.2.1
markdown	3.9	3.10
pyyaml	6.0.2	6.0.3
xlsxwriter	3.2.8	3.2.9
xmlschema	4.1.0	4.2.0
lark	1.2.2	1.3.1
simple-salesforce	1.12.8	1.12.9
shapely	2.0.7	2.1.2
django-treebeard	4.7.1	4.8.0
django-two-factor-auth[phonenumbers]	1.17.0	1.18.1
importlib-metadata	8.7.0	8.7.1
boto3	1.40.30	1.42.14
django-ses	4.4.0	4.5.0
uwsgi	2.0.30	2.0.31
coverage	7.10.6	7.13.0
coveralls	4.0.1	4.0.2
tox	4.30.2	4.32.0
psutil	7.0.0	7.1.3
faker	37.6.0	39.0.0
vcrpy	7.0.0	8.1.0
pytest	8.4.2	9.0.2
pre-commit	4.3.0	4.5.1
sphinx	7.4.7	9.0.4
sphinxcontrib-spelling	8.0.0	8.0.2
docutils	0.21.2	0.22.4
hypothesis	6.138.16	6.148.7
django-debug-toolbar	6.0.0	6.1.0

Updates django from 4.2.26 to 6.0

Commits

• 36b5f39 [6.0.x] Bumped version for 6.0 release.
• 4f46d1f [6.0.x] Updated man page for Django 6.0.
• a9f5ca5 [6.0.x] Refs #35859 -- Clarified Tasks ref and topics docs regarding availabl...
• 45f9e0e [6.0.x] Finalized release notes for Django 6.0.
• ac44a55 [6.0.x] Made cosmetic edits to docs/releases/6.0.txt.
• 00575b7 [6.0.x] Updated translations from Transifex.
• 8414487 [6.0.x] Refs #35444 -- Fixed typo in PostgreSQL StringAgg deprecation warning.
• 1f8f36e [6.0.x] Added CVE-2025-13372 and CVE-2025-64460 to security archive.
• 224fc79 [6.0.x] Added stub release notes for 5.2.10.
• 1dbd07a [6.0.x] Fixed CVE-2025-64460 -- Corrected quadratic inner text accumulation i...
• Additional commits viewable in compare view

Updates psycopg2-binary from 2.9.10 to 2.9.11

Changelog

Sourced from psycopg2-binary's changelog.

Current release

What's new in psycopg 2.9.11 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Add support for Python 3.14.
• Avoid a segfault passing more arguments than placeholders if Python is built with assertions enabled (:ticket:[#1791](https://github.com/psycopg/psycopg2/issues/1791)).
• Add riscv64 platform binary packages (:ticket:[#1813](https://github.com/psycopg/psycopg2/issues/1813)).
• ~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 18.
• Drop support for Python 3.8.

What's new in psycopg 2.9.10 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Add support for Python 3.13.
• Receive notifications on commit (:ticket:[#1728](https://github.com/psycopg/psycopg2/issues/1728)).
• ~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 17.
• Drop support for Python 3.7.

What's new in psycopg 2.9.9 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Add support for Python 3.12.
• Drop support for Python 3.6.

What's new in psycopg 2.9.8 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Wheel package bundled with PostgreSQL 16 libpq in order to add support for recent features, such as sslcertmode.

What's new in psycopg 2.9.7 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Fix propagation of exceptions raised during module initialization (:ticket:[#1598](https://github.com/psycopg/psycopg2/issues/1598)).
• Fix building when pg_config returns an empty string (:ticket:[#1599](https://github.com/psycopg/psycopg2/issues/1599)).
• Wheel package bundled with OpenSSL 1.1.1v.

What's new in psycopg 2.9.6 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

... (truncated)

Commits

• fd9ae8c chore: bump to version 2.9.11
• d923840 chore: update docs requirements
• d42dc71 Merge branch 'fix-1791'
• 4fde656 fix: avoid failed assert passing more arguments than placeholders
• 8308c19 fix: drop warning about the use of deprecated PyWeakref_GetObject function
• 1a1eabf build(deps): bump actions/github-script from 7 to 8
• 897af8b build(deps): bump peter-evans/repository-dispatch from 3 to 4
• ceefd30 build(deps): bump actions/checkout from 4 to 5
• 4dc5854 build(deps): bump actions/setup-python from 5 to 6
• 1945788 Merge pull request #1802 from edgarrmondragon/cp314-wheels
• Additional commits viewable in compare view

Updates celery from 5.5.3 to 5.6.0

Release notes

Sourced from celery's releases.

v5.6.0

Celery v5.6.0 is now available.

Key Highlights

See What's new in Celery 5.6 for a complete overview or read the main highlights below.

Python 3.9 Minimum Version

Celery 5.6.0 drops support for Python 3.8 (EOL). The minimum required Python version is now 3.9. Users still on Python 3.8 must upgrade their Python version before upgrading to Celery 5.6.0.

Additionally, this release includes initial support for Python 3.14.

SQS: Reverted to pycurl from urllib3

The switch from pycurl to urllib3 for the SQS transport (introduced in Celery 5.5.0 via Kombu) has been reverted due to critical issues affecting SQS users.

Contributed by @​auvipy in celery/celery#9620.

Security Fix: Broker Credential Leak Prevention

Fixed a security issue where broker URLs containing passwords were being logged in plaintext by the delayed delivery mechanism. Broker credentials are now properly sanitized in all log output.

Contributed by @​giancarloromeo in celery/celery#9997.

Memory Leak Fixes

Two significant memory leaks have been fixed in this release:

Exception Handling Memory Leak: Fixed a critical memory leak in task exception handling that was particularly severe on Python 3.11+ due to enhanced traceback data. The fix properly breaks reference cycles in tracebacks to allow garbage collection.

Contributed by @​jaiganeshs21 in celery/celery#9799.

Pending Result Memory Leak: Fixed a memory leak where AsyncResult subscriptions were not being cleaned up when results were forgotten.

Contributed by @​tsoos99dev in celery/celery#9806.

ETA Task Memory Limit

New configuration option worker_eta_task_limit to prevent out-of-memory crashes when workers fetch large numbers of ETA or countdown tasks. Previously, workers could exhaust available memory when the broker contained many scheduled tasks.

Example usage:

app.conf.worker_eta_task_limit = 1000

Contributed by @​sashu2310 in celery/celery#9853.

Queue Type Selection for Auto-created Queues

... (truncated)

Changelog

Sourced from celery's changelog.

5.6.0

:release-date: 2025-11-30 :release-by: Tomer Nosrati

Celery v5.6.0 is now available.

Key Highlights

See :ref:`whatsnew-5.6` for a complete overview or read the main highlights below.
Python 3.9 Minimum Version
Celery 5.6.0 drops support for Python 3.8 (EOL). The minimum required Python
version is now 3.9. Users still on Python 3.8 must upgrade their Python version
before upgrading to Celery 5.6.0.
Additionally, this release includes initial support for Python 3.14.
SQS: Reverted to pycurl from urllib3
The switch from pycurl to urllib3 for the SQS transport (introduced in
Celery 5.5.0 via Kombu) has been reverted due to critical issues affecting SQS
users:

Processing throughput dropped from ~100 tasks/sec to ~3/sec in some environments
UnknownOperationException errors causing container crash loops
Silent message processing failures with no error logs

Users of the SQS transport must ensure pycurl is installed. If you removed
pycurl after upgrading to Celery 5.5.0, you will need to reinstall it.
Contributed by @auvipy <https://github.com/auvipy>_ in
[#9620](https://github.com/celery/celery/issues/9620) <https://github.com/celery/celery/pull/9620>_.
Security Fix: Broker Credential Leak Prevention
Fixed a security issue where broker URLs containing passwords were being logged
in plaintext by the delayed delivery mechanism. Broker credentials are now
properly sanitized in all log output.
Contributed by @giancarloromeo <https://github.com/giancarloromeo>_ in
[#9997](https://github.com/celery/celery/issues/9997) <https://github.com/celery/celery/pull/9997>_.
Memory Leak Fixes
</tr></table>

... (truncated)

Commits

• cca1116 Prepare for release: v5.6.0 (#10010)
• 1133f22 Bump mypy from 1.14.1 to 1.19.0 (#10008)
• 0932d2c [pre-commit.ci] pre-commit autoupdate (#10007)
• b446910 Prepare for (pre) release: v5.6.0rc2 (#10005)
• 3f0f0fe asynpool: Don't return from inside a finally block (#10000)
• 95d0552 Bump actions/checkout from 5 to 6 (#10003)
• f32b92f Add Py39-314t to CI (#9999)
• 63c1910 Don't fail task on timeout during cold shutdown (#9678)
• 30649db Fix log leaking broker credentials (#9997)
• 929412e Remove Python 4.0 version condition for pytest dependencies (#9993)
• Additional commits viewable in compare view

Updates hiredis from 3.2.1 to 3.3.0

Release notes

Sourced from hiredis's releases.

3.3.0

Changes

• Add Python 3.14 to CI and wheels (#213 by @​zweizeichen)

Contributors

We'd like to thank all the contributors who worked on this release!

Commits

• 187d0f3 Version 3.3.0
• 3efcf03 Add Python 3.14 to CI and wheels (#213) (#215)
• 966cede Fix assertion in reader.c (#212)
• 78def30 Bump version to 3.3.0-dev
• See full diff in compare view

Updates brotli from 1.1.0 to 1.2.0

Release notes

Sourced from brotli's releases.

v1.2.0

SECURITY

• python: added Decompressor::can_accept_more_data method and optional output_buffer_limit argument Decompressor::process; that allows mitigation of unexpectedly large output; reported by Charles Chan (https://github.com/charleswhchan)

Added

• decoder / encoder: added static initialization to reduce binary size
• python: allow limiting decoder output (see SECURITY section)
• CLI: brcat alias; allow decoding concatenated brotli streams
• kt: pure Kotlin decoder
• cgo: support "raw" dictionaries
• build: Bazel modules

Removed

• java: dropped finalize() for native entities

Fixed

• java: in compress pass correct length to native encoder

Improved

• build: install man pages
• build: updated / fixed / refined Bazel buildfiles
• encoder: faster encoding
• cgo: link via pkg-config
• python: modernize extension / allow multi-phase module initialization

Changed

• decoder / encoder: static tables use "small" model (allows 2GiB+ binaries)

v1.2.0 RC2

What's Changed (compared to RC1)

• pick changes from Debian patch by @​copybara-service[bot] in google/brotli#1349
• pick changes from Alpine patch by @​copybara-service[bot] in google/brotli#1348
• pick VCPKG patches by @​copybara-service[bot] in google/brotli#1350
• fix copy-paste in Java decoder by @​copybara-service[bot] in google/brotli#1357

v1.2.0 RC1

IMPORTANT: though this is a pre-release for v1.2.0, it is expected that some changes will be added before release; most notably concerning build files: patches applied by Alpine, Debian, Conan, VCPKG will be partially/fully integrated.

SECURITY

• python: added Decompressor::can_accept_more_data method and optional output_buffer_limit argument Decompressor::process; that allows mitigation of unexpectedly large output; reported by Charles Chan (https://github.com/charleswhchan)

Added

• decoder / encoder: added static initialization to reduce binary size
• python: allow limiting decoder output (see SECURITY section)

... (truncated)

Changelog

Sourced from brotli's changelog.

[1.2.0] - 2025-10-27

SECURITY

• python: added Decompressor::can_accept_more_data method and optional output_buffer_limit argument Decompressor::process; that allows mitigation of unexpectedly large output; reported by Charles Chan (https://github.com/charleswhchan)

Added

• decoder / encoder: added static initialization to reduce binary size
• python: allow limiting decoder output (see SECURITY section)
• CLI: brcat alias; allow decoding concatenated brotli streams
• kt: pure Kotlin decoder
• cgo: support "raw" dictionaries
• build: Bazel modules

Removed

• java: dropped finalize() for native entities

Fixed

• java: in compress pass correct length to native encoder

Improved

• build: install man pages
• build: updated / fixed / refined Bazel buildfiles
• encoder: faster encoding
• cgo: link via pkg-config
• python: modernize extension / allow multi-phase module initialization

Changed

• decoder / encoder: static tables use "small" model (allows 2GiB+ binaries)

Commits

• 028fb5a release v1.2.0
• 390de5b build and test csharp decoder
• 3499acb regenerate go/kt/js/ts
• 8ca2312 fix release workflow
• ee771da fix copy-paste in Java decoder
• 42aee32 try to fix release workflow
• 392c06b redesign release resource uploading
• 1964cdb ramp up all GH actions plugins
• 61605b1 pick VCPKG patches
• 4b0f27b pick changes from Alpine patch
• Additional commits viewable in compare view

Updates django-compressor from 4.5.1 to 4.6.0

Changelog

Sourced from django-compressor's changelog.

Changelog

v4.6 (2025-11-10)

Full list of changes from v4.5.1 <https://github.com/django-compressor/django-compressor/compare/4.5.1...4.6>_

• Fixed compatibility with latest BS4.
• Removed top pin for rcssmin and rjsmin dependencies.
• Avoid compressing the same node concurrently in offline compression.
• Avoid use of deprecated ast.Constant.s
• Officially support Django 6.0
• Officially support Django 5.2
• Drop support for EOL Django 5.0
• Add support for Python 3.14.
• Add support for Python 3.13.
• Drop support for EOL Python 3.9.
• Drop support for EOL Python 3.8.

Commits

• 3ada994 Prepare 4.6.0.
• 1baa82a Remove CI testing for EOL Django 5.0.
• 8706a52 Add CI testing for Python 3.14 and Django 6.0.
• 7be9ce2 Bump brotli, lxml, and coverage test dependencies.
• d6fd813 Remove test version pinning for rcssmin and rjsmin.
• 2b46e7d Bump actions/setup-python from 5 to 6 (#1307)
• b97bb05 Disable bs4's multi valued attributes (#1296)
• 4e54330 Migrate packaging to pyproject.toml (#1313)
• 872f8d5 Remove version pinning for rcssmin and rjsmin (#1312)
• cc38666 Drop support for Python 3.9 (#1311)
• Additional commits viewable in compare view

Updates drf-yasg from 1.21.10 to 1.21.11

Release notes

Sourced from drf-yasg's releases.

1.21.11

FIXED: Fix list views with parameters in last path segment not named "list" views (#917) ADDED: Allow overriding produces/consumes with @​swagger_auto_schema decorator (#916) FIXED: Fix filter parameters not appearing in swagger with django-filter>=25 (#926) IMPROVED: Update Python, Django, and DRF versions and packaging configuration (#922) IMPROVED: Remove usage of pkg_resources (#928) FIXED: Fix call_view_method warning to include the method name again (#923) ADDED: Add a hide download button option (#848) ADDED: Add ruff linters (#903)

Changelog

Sourced from drf-yasg's changelog.

######### Changelog #########

---

1.21.11

---

FIXED: Fix list views with parameters in last path segment not named "list" views (:pr:917) ADDED: Allow overriding produces/consumes with @​swagger_auto_schema decorator (:pr:916) FIXED: Fix filter parameters not appearing in swagger with django-filter>=25 (:pr:926) IMPROVED: Update Python, Django, and DRF versions and packaging configuration (:pr:922) IMPROVED: Remove usage of pkg_resources (:pr:928) FIXED: Fix call_view_method warning to include the method name again (:pr:923) ADDED: Add a hide download button option (:pr:848) ADDED: Add ruff linters (:pr:903)

---

1.21.10

---

FIXED: Fix type hints when using postponed evaluation of annotations (PEP-563) (:pr:840) IMPROVED: Update JSON & YAML renderers to not use a "." in their format string (:pr:911) FIXED: Fix lint errors when comparing types with == instead of is (:pr:868) IMPROVED: Update swagger-ui-dist to address CVE-2021-46708 (:pr:904)

---

1.21.9

---

ADDED: Added support for zoneinfo object fields (:pr:908)

---

1.21.8

---

ADDED: Python 3.11 and 3.12 support (:pr:891) FIXED: Fix pkg_resources version lookups for Python 3.9+ (:pr:891)

---

1.21.7

---

Release date: Jul 20, 2023

ADDED: Added drf_yasg.inspectors.query.DrfAPICompatInspector (:pr:857) ADDED: Added DrfAPICompatInspector to serve as a replacement CoreAPICompatInspector (:pr:857) ADDED: Allow DEFAULT_SPEC_RENDERERS default renderers to be overriden in the settings (:pr:857) FIXED: Fixed redoc source mapping (:pr:859)

... (truncated)

Commits

• f8cb2db Add version 1.21.11 details to the changelog (#939)
• 0c6d08d Update the ruff lint rules (#920)
• 055a74d Bump actions/setup-python from 5 to 6 in the github-actions group (#937)
• a8813ac Bump actions/checkout from 4 to 5 in the github-actions group (#936)
• 9f4b449 Restore the live demo and replace heroku with apprunner (#935)
• 2983251 fix list views with parameters in last path segment not named "list" views (#...
• a746893 allow overriding produces/consumes with @​swagger_auto_schema decorator (#916)
• e747ad6 Fixes issue with filter parameters not appearing in Swagger after upgrading t...
• ee3c871 update Python, Django, and DRF versions & packaging configuration (#922)
• be6eeed Remove usage of pkg_resources (#928)
• Additional commits viewable in compare view

Updates jellyfish from 1.2.0 to 1.2.1

Updates markdown from 3.9 to 3.10

Release notes

Sourced from markdown's releases.

Release 3.10.0

Changed

• Officially support Python 3.14 and PyPy 3.11 and drop support for Python 3.9 and PyPy 3.9.

Fixed

• Fix an HTML comment parsing case in some Python versions that can cause an infinite loop (#1554).
• Revert the default behavior of USE_DEFINITION_ORDER (to True). The new behavior introduced in 3.9.0 is experimental and results are inconsistent. It should not have been made the default behavior (#1561).

Changelog

Sourced from markdown's changelog.

title: Changelog toc_depth: 2

Python-Markdown Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to the Python Version Specification. See the Contributing Guide for details.

[Unreleased]

Fixed

• Ensure nested elements inside inline comments are properly unescaped (#1571).
• Make the docs build successfully with mkdocstrings-python 2.0 (#1575).

[3.10.0] - 2025-11-03

Changed

• Officially support Python 3.14 and PyPy 3.11 and drop support for Python 3.9 and PyPy 3.9.

Fixed

• Fix an HTML comment parsing case in some Python versions that can cause an infinite loop (#1554).
• Revert the default behavior of USE_DEFINITION_ORDER (to True). The new behavior introduced in 3.9.0 is experimental and results are inconsistent. It should not have been made the default behavior (#1561).

[3.9.0] - 2025-09-04

Changed

• Footnotes are now ordered by the occurrence of their references in the document. A new configuration option for the footnotes extension, USE_DEFINITION_ORDER, has been added to support restoring the previous behavior of ordering footnotes by the occurrence of definitions (#1367).

Fixed

• Ensure inline processing iterates through elements in document order (#1546).
• Fix handling of incomplete HTML tags in code spans in Python 3.14 (#1547).

[3.8.2] - 2025-06-19

... (truncated)

Commits

• 22e89c1 Bump version to 3.10
• c138aea + PY314 - PY39
• 746f7f5 cleanup
• a5ee2b4 Revert the default behavior of USE_DEFINITION_ORDER
• 5354daf Fix an HTML comment parsing case that can cause an infinite loop
• See full diff in compare view

Updates pyyaml from 6.0.2 to 6.0.3

Release notes

Sourced from pyyaml's releases.

6.0.3

What's Changed

• Support for Python 3.14 and free-threading (experimental).

Full Changelog: yaml/pyyaml@6.0.2...6.0.3

Changelog

Sourced from pyyaml's changelog.

6.0.3 (2025-09-25)

• yaml/pyyaml#864 -- Support for Python 3.14 and free-threading (experimental)

Commits

• 49790e7 Release 6.0.3 (#889)
• See full diff in compare view

Updates xlsxwriter from 3.2.8 to 3.2.9

Changelog

Sourced from xlsxwriter's changelog.

Release 3.2.9 - September 16 2025

• Removed the py.typed file since it was causing a lot of downstream CI failures where consumers weren't handling the xlsxwriter types correctly or taking them into account.

  The file will be re-added once the xlsxwriter typing is more comprehensive.

Commits

• e943bee Prep for release 3.2.9
• 392bd9e typing: remove py.typed file
• See full diff in compare view

Updates xmlschema from 4.1.0 to 4.2.0

Release notes

Sourced from xmlschema's releases.

v4.2.0 (2025-10-14)

• Add arguments validation for schemas and validation methods (by validation contexts)
• Add SchemaSettings dataclass for storing read-only settings for schema instances and for managing package default settings
• Add block argument to XMLResource class (issue #464)
• Add MAX_SCHEMA_SOURCES package limit (1000, applied to XsdGlobals global maps instances)
• Add MAX_XML_ELEMENTS package limit (1,000,000, applied to non-lazy XMLResource instances)
• Reduce MAX_XML_DEPTH limit to 1000 and apply it to all XMLResource instances
• Fix for substitute match in case of unexpected child (issue #461)

Changelog

Sourced from xmlschema's changelog.

v4.2.0_ (2025-10-14)

• Add arguments validation for schemas and validation methods (by validation contexts)
• Add SchemaSettings dataclass for storing read-only settings for schema instances and for managing package default settings
• Add block argument to XMLResource class (issue #464)
• Add MAX_SCHEMA_SOURCES package limit (1000, applied to XsdGlobals global maps instances)
• Add MAX_XML_ELEMENTS package limit (1,000,000, applied to non-lazy XMLResource instances)
• Reduce MAX_XML_DEPTH limit to 1000 and apply it to all XMLResource instances
• Fix for substitute match in case of unexpected child (issue #461)

Commits

• 2783030 Bump minor release
• 7c77a12 Include publiccode.yml validation workflow for CI and README changes
• 04c19d5 Fix XsdGroup.match_element (issue #461)
• dd4f279 Merge pull request #463 from publiccode-pr-bot/chore/add-publiccode-parser-ac...
• 1bd7aa6 Update GitHub workflow for CI
• 76b0f67 Patch mypy tests with protocols
• 28727bb Update docs and release info
• e4131ea Add from_settings() class method to schemas
• 0aea8de Rewrite validation contexts as normal classes
• d443d7b Full validation of context arguments
• Additional commits viewable in compare view

Updates lark from 1.2.2 to 1.3.1

Release notes

Sourced from lark's releases.

1.3.1 - Bugfix + source build now contains complete project data

What's Changed

• Bugfix: Restore support for custom input, alongside text and TextSlice by @​erezsh in lark-parser/lark#1562
• Keep sdist in sync with git (include all files in source build, including docs, tests and examples) by @​chanicpanic in lark-parser/lark#1561

Full Changelog: lark-parser/lark@1.3.0...1.3.1

1.3.0 - Introduces text-slices, Earley fix, and various small improvements

New features

• Lark can now parse in sections of strings, using TextSlice, as a faster alternative to creating a "copy-slice" with s[i:j]. Learn more
• Added support to match on Tree instances
• When serializing a Lark instance, added the option to include the grammar object (before compilation).
• Added convenience method Tree.find_token()

Bugfixes

• Bugfix of an edge case in Earley related to representation of ambiguity.
• Bugfixes in the standalone parser related to imports
• Bugfix in indenter - now dedents always contain line information
• Various small bugfixes (see PR list below)

Full list of PRs

• Docs: Rephrase v_args() documentation to underline it only applies to Transformer classes by @​skepppy in lark-parser/lark#1458
• Tiny refactor for PR #1451 by @​erezsh in lark-parser/lark#1459
• Earley: share nodes created by the scanner with the completer by @​chanicpanic in lark-parser/lark#1451
• Better error in Lark.parse when using on_error when parser!=lalr (issue #1311) by @​erezsh in lark-parser/lark#1460
• Fix Symbol.__eq__ to return false when comparing with None by @​weaversam8 in lark-parser/lark#1481
• Mention internal/external transformers in the documentation by @​odanoburu in lark-parser/lark#1486
• Add Tree.find_token() method by @​makukha in lark-parser/lark#1467
• Type Terminal.__init__ by @​Liam-DeVoe in lark-parser/lark#1503
• Add guidance on handling comments in languages with significant indentation by @​nchammas in lark-parser/lark#1502
• [docs] Small fix for PR 1507 by @​erezsh in lark-parser/lark#1508
• Add note on binding power of numeric quantifiers by @​414owen in lark-parser/lark#1507
• Wrap functools.partial in staticmethod() to add compatibility with Python 3.14 by @​hrnciar in lark-parser/lark#1483
• Fix generic type of Transformer_InPlaceRecursive by @​lbhm in lark-parser/lark#1518
• Added TextSlice; Lark can now parse/lex a text-slice by @​erezsh in lark-parser/lark#1452
• Support match on tree by @​colmmurphyxyz in lark-parser/lark#1521
• Docs: Updated link of DSL article to a new version by @​erezsh in lark-parser/lark#1529
• better error messages for shift/reduct conflicts by @​skogsbaer in lark-parser/lark#1531
• Serialize Lark.grammar (fixes issue #1472) by @​NasalDaemon in lark-parser/lark#1506
• Fixes for PR #1506, which adds the option to cache the grammar definition by @​erezsh in lark-parser/lark#1540
• Bugfix in indenter - now always creating dedents with line information by @​erezsh in lark-parser/lark#1547
• Bugfix: issue when unpickling in the standalone parser, due to lingering Token instances by @​erezsh in lark-parser/lark#1553
• Include missing import in standalone parser by @​pdeibert in lark-parser/lark#1541
• Version bump (1.3.0) by @​erezsh in lark-parser/lark#1554

New Contributors

• @​skepppy made their first contribution in lark-parser/lark#1458

... (truncated)

Commits

• f79772c Version bump (1.3.1)
• b64e9f4 Merge pull request #1561 from chanicpanic/sdist-git
• ad0ea5f Update MANIFEST.in
• 1f6f03c Merge pull request #1562 from lark-parser/issue1560
• 7c365de Added custom input test (based on code from examples)
• 19bbbee Bugfix: Restore support for custom input, alongside text and TextSlice (Issue...
• dbcb60e Keep sdist in sync with git
• e332c2d Version bump (1.3.0)
• aa5666c Merge pull request #1541 from pdeibert/master
• 41934d3 Merge pull request #1553 from lark-parser/issue1552
• Additional commits viewable in compare view

Updates simple-salesforce from 1.12.8 to 1.12.9

Release notes

Sourced from simple-salesforce's releases.

v1.12.9

What's Changed

• fix: missing key 'name' in exception message by @​hofrob in simple-salesforce/simple-salesforce#795

New Contributors

• @​hofrob made their first contribution in simple-salesforce/simple-salesforce#795

Full Changelog: simple-salesforce/simple-salesforce@v1.12.8...v1.12.9

Changelog

Sourced from simple-salesforce's changelog.

v1.12.9

Bug fixes

• #795 Fix key 'name' in exception message

Commits

• fc7410a chore: Bump release version (#796)
• e9c2563 fix: missing key 'name' in exception message (#795)
• See full diff in compare view

Updates shapely from 2.0.7 to 2.1.2

Release notes

Sourced from shapely's releases.

2.1.2

Wheels are available for Python 3.14 (and still include GEOS 3.13.1).

2.1.1

Bug fixes:

• Fix performance degradation calling shapely functions (caused by deprecation of certain positional arguments) (#2283).
• Fix crash caused by from_ragged_array() (#2291).
• Fix compilation error building with recent LLVM toolchain (#2293).

For a full changelog , see https://shapely.readthedocs.io/en/latest/release/2.x.html#version-2-1-1

2.1.0

Shapely 2.1.0 is a feature release with various new functions, improvements and bug fixes. Highlights include initial support for geometries with M or ZM values, functionality for coverage validation and simplification, and a set of new top-level functions.

Shapely supports Python >= 3.10, and binary wheels on PyPI include GEOS 3.13.1 and are now also provided for musllinux (Alpine) x86_64 platforms.

For a full changelog, see https://shapely.readthedocs.io/en/latest/release/2.x.html#version-2-1-0

2.1.0rc1

Shapely version 2.1.0 is a major release featuring various new functions, improvements and bug fixes. This is a first release candidate.

For a full changelog, see https://shapely.readthedocs.io/en/latest/release/2.x.html#version-2-1-0-unreleased

Changelog

Sourced from shapely's changelog.

2.1.2 (2025-09-24)

Wheels are available for Python 3.14 (and still include GEOS 3.13.1).

2.1.1 (2025-05-19)

Bug fixes:

• Fix performance degradation calling shapely functions (caused by deprecation of certain positional arguments) (#2283).
• Fix crash caused by from_ragged_array() (#2291).
• Fix compilation error building with recent LLVM toolchain (#2293).

2.1.0 (2025-04-03)

Shapely 2.1.0 is a feature release with various new functions, improvements and bug fixes. Highlights include initial support for geometries with M or ZM values, functionality for coverage validation and simplification, and a set of new top-level functions.

Shapely supports Python >= 3.10, and binary wheels on PyPI include GEOS 3.13.1 and are now also provided for musllinux (Alpine) x86_64 platforms.

For a full changelog, see https://shapely.readthedocs.io/en/latest/release/2.x.html#version-2-1-0

Commits

• 5fb639d RLS: 2.1.2
• 70509a1 DOC/RLS: indicate Python 3.14 support in pyproject.toml and release notes for...
• 5c572b6 CI: add testing with GEOS 3.14 and Python 3.14 (#2330)
• a909333 Bump pypa/cibuildwheel from 3.1.3 to 3.2.0 (#2328)
• 2086d44 Bump actions/setup-python from 5 to 6 (#2326)
• 50c1cf3 Bump actions/download-artifact from 4 to 5 (#2321)
• 39490ab TST: update test_coverage_union_overlapping_inputs for upstream GEOS change (...
• 5ef437c Bump actions/checkout from 4 to 5 (#2320)
• 7b5ff3d BLD: add Python 3.14 wheels [Bump pypa/cibuildwheel from 3.0.1 to 3.1.3] (#2316)
• 480dbb1 TST: update frechet_distance densi...

  Description has been truncated