Bump the pip-dependencies group with 7 updates

[dependabot]

Bumps the pip-dependencies group with 7 updates:

Package	From	To
debugpy	1.8.17	1.8.19
docutils	0.22.3	0.22.4
importlib-metadata	8.7.0	8.7.1
protobuf	6.33.1	6.33.2
pyfakefs	5.10.2	6.0.0
urllib3	2.6.0	2.6.2
coverage	7.12.0	7.13.1

Updates debugpy from 1.8.17 to 1.8.19

Release notes

Sourced from debugpy's releases.

debugpy v1.8.19

More fixes for microsoft/debugpy#1980. Spaces in python files are handled now too.

debugpy v1.8.18

Fixes:

• Spaces in python interpreter cause debug launch failure

Commits

• 698499e Add support for space in the python file (#1982)
• e5017d7 Fix arq quoting to work in runInTerminal (#1981)
• 1e3fd91 fix the link to Python extension in CONTRIBUTING.md (#1934)
• 378339a Update team rotation list in round-robin workflow (#1978)
• 93d93f2 Update CODEOWNERS to remove a reviewer (#1979)
• 8f13145 Add pyrx-admins as code owners (#1976)
• 275caca Add gcc flags (#1947)
• 82e409e include py.typed in the distributed package (#1960)
• See full diff in compare view

Updates docutils from 0.22.3 to 0.22.4

Commits

• See full diff in compare view

Updates importlib-metadata from 8.7.0 to 8.7.1

Changelog

Sourced from importlib-metadata's changelog.

v8.7.1

Bugfixes

• Fixed errors in FastPath under fork-multiprocessing. (#520)
• Removed cruft from Python 3.8. (#524)

Commits

• 84e9028 Finalize
• 36ed6f6 Merge pull request #521 from 2xB/fix520
• f6eee56 Rely on passthrough to designate a wrapper for its side effect.
• 3c9510b Prefer noop for degenerate behavior.
• a36bab9 Avoid if block.
• 8dd2937 Decouple clear_after_fork from lru_cache and then compose.
• 1da3f45 Add news fragment.
• a1c25d8 🧎‍♀️ Genuflect to the types.
• 4e962a8 👹 Feed the hobgoblins (delint).
• 6a30ab9 Allow initial currsize to be greater than one (as happens when running the te...
• Additional commits viewable in compare view

Updates protobuf from 6.33.1 to 6.33.2

Commits

• See full diff in compare view

Updates pyfakefs from 5.10.2 to 6.0.0

Release notes

Sourced from pyfakefs's releases.

pyfakefs release version 6.0.0

• removes some deprecated functionality
• removes support for Python < 3.10
• see the release notes for a list of changes

Changelog

Sourced from pyfakefs's changelog.

Version 6.0.0 (2025-12-21)

Removes some deprecated functionality, removes support for Python < 3.10.

Breaking Changes

• removed support for Python versions < 3.10; patch releases based on pyfakefs 5.10 supporting older versions may be made on demand
• removed support for patching legacy modules scandir and pathlib2
• changed the default for FakeFilesystem.shuffle_listdir_results to True to reflect the real filesystem behavior

Changes

• added some support for Python 3.15a3

Fixes

• fixes a problem with Path type hints using the pipe symbol in wrapped functions inside an fs dependent fixture (see #1242)
• fixes problem with new coverage in Python 3.14 using the fake filesystem (see #1245)

Documentation

• added project information to documentation pages

Infrastructure

• added CI tests for Python 3.15

Commits

• fe83300 Release 6.0.0
• 326eaa3 Pin myst-parser to latest version 4.0.1
• ff7d908 Add project info to documentation
• 42ad731 Adapt to changes in Python 3.15a3
• 7613b9f Add CI tests for Python 3.15
• 4a4dea8 Make old, deprecated "import py" optional (#1257)
• f0794ee Update furo from 2025.7.19 to 2025.12.19
• 09a1283 Update pre-commit from 4.5.0 to 4.5.1
• 57e6dfe [pre-commit.ci] pre-commit autoupdate
• 722ab00 Bump actions/cache from 4 to 5
• Additional commits viewable in compare view

Updates urllib3 from 2.6.0 to 2.6.2

Release notes

Sourced from urllib3's releases.

2.6.2

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

• Fixed HTTPResponse.read_chunked() to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (urllib3/urllib3#3734)

2.6.1

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

• Restore previously removed HTTPResponse.getheaders() and HTTPResponse.getheader() methods. (#3731)

Changelog

Sourced from urllib3's changelog.

2.6.2 (2025-12-11)

• Fixed HTTPResponse.read_chunked() to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. ([#3734](https://github.com/urllib3/urllib3/issues/3734) <https://github.com/urllib3/urllib3/issues/3734>__)

2.6.1 (2025-12-08)

• Restore previously removed HTTPResponse.getheaders() and HTTPResponse.getheader() methods. ([#3731](https://github.com/urllib3/urllib3/issues/3731) <https://github.com/urllib3/urllib3/issues/3731>__)

Commits

• 83f8643 Release 2.6.2
• 571a9b7 Fix HTTPResponse.read_chunked when leftover data is present in decoder's bu...
• bfe8e19 Release 2.6.1
• 3ceeb84 Restore getheaders() and getheader() (#3732)
• See full diff in compare view

Updates coverage from 7.12.0 to 7.13.1

Changelog

Sourced from coverage's changelog.

Version 7.13.1 — 2025-12-28

• Added: the JSON report now includes a "start_line" key for function and class regions, indicating the first line of the region in the source. Closes issue 2110_.

• Added: The debug data command now takes file names as arguments on the command line, so you can inspect specific data files without needing to set the COVERAGE_FILE environment variable.

• Fix: the JSON report used to report module docstrings as executed lines, which no other report did, as described in issue 2105_. This is now fixed, thanks to Jianrong Zhao.

• Fix: coverage.py uses a more disciplined approach to detecting where third-party code is installed, and avoids measuring it. This shouldn't change any behavior. If you find that it does, please get in touch.

• Performance: data files that will be combined now record their hash as part of the file name. This lets us skip duplicate data more quickly, speeding the combining step.

• Docs: added a section explaining more about what is considered a missing branch and how it is reported: :ref:branch_explain, as requested in issue 1597. Thanks to Ayisha Mohammed <pull 2092_>.

• Tests: the test suite misunderstood what core was being tested if COVERAGE_CORE wasn't set on 3.14+. This is now fixed, closing issue 2109_.

.. _issue 1597: coveragepy/coveragepy#1597 .. _pull 2092: coveragepy/coveragepy#2092 .. _issue 2105: coveragepy/coveragepy#2105 .. _issue 2109: coveragepy/coveragepy#2109 .. _issue 2110: coveragepy/coveragepy#2110

.. _changes_7-13-0:

Version 7.13.0 — 2025-12-08

• Feature: coverage.py now supports :file:.coveragerc.toml configuration files. These files use TOML syntax and take priority over :file:pyproject.toml but lower priority than :file:.coveragerc files. Closes issue 1643_ thanks to Olena Yefymenko <pull 1952_>_.

• Fix: we now include a permanent .pth file which is installed with the code, fixing issue 2084_. In 7.12.1b1 this was done incorrectly: it didn't work when using the source wheel (py3-none-any). This is now fixed. Thanks,

... (truncated)

Commits

• a6afdc3 docs: sample HTML for 7.13.1
• a497081 docs: prep for 7.13.1
• e992033 docs: polish up CHANGES
• 18bba6e chore: bump the action-dependencies group with 4 updates (#2111)
• 80fb808 refactor: (?x:...) lets us use re.VERBOSE even when combining later
• cc272bd docs: leave a comment so we'll find this when 3.12 is the minimum
• 70d007d types: be explicit
• a2c1940 types: fully import modules that will be patched
• 57b975d types: explicit Protocol inheritance permits changing parameter names
• 63ec12d types: clarify that morfs arguments can be a single morf
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions