From 3d11dbf40b69ac71ce6bd93be771292e5dcaaf47 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 11 May 2026 19:22:06 +0000
Subject: [PATCH] build(deps): bump the pip group across 2 directories with 6
 updates

Bumps the pip group with 5 updates in the /.github/workflows directory:

| Package | From | To |
| --- | --- | --- |
| [filelock](https://github.com/tox-dev/py-filelock) | `3.16.1` | `3.20.3` |
| [uv](https://github.com/astral-sh/uv) | `0.9.5` | `0.11.6` |
| [virtualenv](https://github.com/pypa/virtualenv) | `20.34.0` | `20.36.1` |
| [wheel](https://github.com/pypa/wheel) | `0.45.1` | `0.46.2` |
| [pip](https://github.com/pypa/pip) | `25.2` | `26.1` |

Bumps the pip group with 1 update in the /doc/assets/deps directory: [urllib3](https://github.com/urllib3/urllib3).


Updates `filelock` from 3.16.1 to 3.20.3
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/py-filelock/compare/3.16.1...3.20.3)

Updates `uv` from 0.9.5 to 0.11.6
- [Release notes](https://github.com/astral-sh/uv/releases)
- [Changelog](https://github.com/astral-sh/uv/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/uv/compare/0.9.5...0.11.6)

Updates `virtualenv` from 20.34.0 to 20.36.1
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](https://github.com/pypa/virtualenv/compare/20.34.0...20.36.1)

Updates `wheel` from 0.45.1 to 0.46.2
- [Release notes](https://github.com/pypa/wheel/releases)
- [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst)
- [Commits](https://github.com/pypa/wheel/compare/0.45.1...0.46.2)

Updates `pip` from 25.2 to 26.1
- [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/pip/compare/25.2...26.1)

Updates `urllib3` from 2.6.3 to 2.7.0
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/2.6.3...2.7.0)

---
updated-dependencies:
- dependency-name: filelock
  dependency-version: 3.20.3
  dependency-type: direct:development
  dependency-group: pip
- dependency-name: uv
  dependency-version: 0.11.6
  dependency-type: direct:development
  dependency-group: pip
- dependency-name: virtualenv
  dependency-version: 20.36.1
  dependency-type: direct:development
  dependency-group: pip
- dependency-name: wheel
  dependency-version: 0.46.2
  dependency-type: direct:development
  dependency-group: pip
- dependency-name: pip
  dependency-version: '26.1'
  dependency-type: direct:development
  dependency-group: pip
- dependency-name: urllib3
  dependency-version: 2.7.0
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/dev-requirements.txt | 64 +++++++++++++-------------
 doc/assets/deps/requirements.txt       |  4 +-
 2 files changed, 34 insertions(+), 34 deletions(-)

diff --git a/.github/workflows/dev-requirements.txt b/.github/workflows/dev-requirements.txt
index e0722b2..b9a0e40 100644
--- a/.github/workflows/dev-requirements.txt
+++ b/.github/workflows/dev-requirements.txt
@@ -35,9 +35,9 @@ distlib==0.3.9 \
     --hash=sha256:47f8c22fd27c27e25a65601af709b38e4f0a45ea4fc2e710f65755fa8caaaf87 \
     --hash=sha256:a60f20dea646b8a33f3e7772f74dc0b2d0772d2837ee1342a00645c81edf9403
     # via virtualenv
-filelock==3.16.1 \
-    --hash=sha256:2082e5703d51fbf98ea75855d9d5527e33d8ff23099bec374a134febee6946b0 \
-    --hash=sha256:c249fbfcd5db47e5e2d6d62198e565475ee65e4831e2561c8e313fa7eb961435
+filelock==3.20.3 \
+    --hash=sha256:18c57ee915c7ec61cff0ecf7f0f869936c7c30191bb0cf406f1341778d0834e1 \
+    --hash=sha256:4b0dda527ee31078689fc205ec4f1c1bf7d56cf88b6dc9426c4f230e46c2dce1
     # via
     #   tox
     #   virtualenv
@@ -132,42 +132,42 @@ userpath==1.9.2 \
     --hash=sha256:2cbf01a23d655a1ff8fc166dfb78da1b641d1ceabf0fe5f970767d380b14e89d \
     --hash=sha256:6c52288dab069257cc831846d15d48133522455d4677ee69a9781f11dbefd815
     # via pipx
-uv==0.9.5 \
-    --hash=sha256:02db727beb94a2137508cee5a785c3465d150954ca9abdff2d8157c76dea163e \
-    --hash=sha256:0316493044035098666d6e99c14bd61b352555d9717d57269f4ce531855330fa \
-    --hash=sha256:133e2614e1ff3b34c2606595d8ae55710473ebb7516bfa5708afc00315730cd1 \
-    --hash=sha256:21452ece590ddb90e869a478ca4c2ba70be180ec0d6716985ee727b9394c8aa5 \
-    --hash=sha256:3a4ecbfdcbd3dae4190428874762c791e05d2c97ff2872bf6c0a30ed5c4ea9ca \
-    --hash=sha256:3eb31c9896dc2c88f6a9f1d693be2409fe2fc2e3d90827956e4341c2b2171289 \
-    --hash=sha256:48a12390421f91af8a8993cf15c38297c0bb121936046286e287975b2fbf1789 \
-    --hash=sha256:48a3542835d37882ff57d1ff91b757085525d98756712fa61cf9941d3dda8ebf \
-    --hash=sha256:5bb4996329ba47e7e775baba4a47e85092aa491d708a66e63b564e9b306bfb7e \
-    --hash=sha256:6452eb6257e37e1ebd97430b5f5e10419da2c3ca35b4086540ec4163b4b2f25c \
-    --hash=sha256:6507bbbcd788553ec4ad5a96fa19364dc0f58b023e31d79868773559a83ec181 \
-    --hash=sha256:6a046c2e833169bf26f461286aab58a2ba8d48ed2220bfcf119dcfaf87163116 \
-    --hash=sha256:8603bb902e578463c50c3ddd4ee376ba4172ccdf4979787f8948747d1bb0e18b \
-    --hash=sha256:922cd784cce36bbdc7754b590d28c276698c85791c18cd4c6a7e917db4480440 \
-    --hash=sha256:9fc13b4b943d19adac52d7dcd2159e96ab2e837ac49a79e20714ed25f1f1b7f9 \
-    --hash=sha256:c465f2e342cab908849b8ce83e14fd4cf75f5bed55802d0acf1399f9d02f92d9 \
-    --hash=sha256:c966e3a4fe4de3b0a6279d0a835c79f9cddbb3693f52d140910cbbed177c5742 \
-    --hash=sha256:d8835d2c034421ac2235fb658bb4f669a301a0f1eb00a8430148dd8461b65641 \
-    --hash=sha256:f8eb34ebebac4b45334ce7082cca99293b71fb32b164651f1727c8a640e5b387
+uv==0.11.6 \
+    --hash=sha256:0b096311b2743b228df911a19532b3f18fa420bf9530547aecd6a8e04bbfaccd \
+    --hash=sha256:1c9218c8d4ac35ca6e617fb0951cc0ab2d907c91a6aea2617de0a5494cf162c0 \
+    --hash=sha256:4ed8150c26b5e319381d75ae2ce6aba1e9c65888f4850f4e3b3fa839953c90a5 \
+    --hash=sha256:5be013888420f96879c6e0d3081e7bcf51b539b034a01777041934457dfbedf3 \
+    --hash=sha256:6e8344f38fa29f85dcfd3e62dc35a700d2448f8e90381077ef393438dcd5012e \
+    --hash=sha256:7ed9c6f70c25e8dfeedddf4eddaf14d353f5e6b0eb43da9a14d3a1033d51d915 \
+    --hash=sha256:904d537b4a6e798015b4a64ff5622023bd4601b43b6cd1e5f423d63471f5e948 \
+    --hash=sha256:93f736dddca03dae732c6fdea177328d3bc4bf137c75248f3d433c57416a4311 \
+    --hash=sha256:9e211c83cc890c569b86a4183fcf5f8b6f0c7adc33a839b699a98d30f1310d3a \
+    --hash=sha256:9e2fe7ce12161d8016b7deb1eaad7905a76ff7afec13383333ca75e0c4b5425d \
+    --hash=sha256:a28bea69c1186303d1200f155c7a28c449f8a4431e458fcf89360cc7ef546e40 \
+    --hash=sha256:a78f6d64b9950e24061bc7ec7f15ff8089ad7f5a976e7b65fcadce58fe02f613 \
+    --hash=sha256:ada04dcf89ddea5b69d27ac9cdc5ef575a82f90a209a1392e930de504b2321d6 \
+    --hash=sha256:bfb107b4dade1d2c9e572992b06992d51dd5f2136eb8ceee9e62dd124289e825 \
+    --hash=sha256:d2a1d2089afdf117ad19a4c1dd36b8189c00ae1ad4135d3bfbfced82342595cf \
+    --hash=sha256:d68a013e609cebf82077cbeeb0809ed5e205257814273bfd31e02fc0353bbfc2 \
+    --hash=sha256:e3b21b7e80024c95ff339fcd147ac6fc3dd98d3613c9d45d3a1f4fd1057f127b \
+    --hash=sha256:e96a66abe53fced0e3389008b8d2eff8278cfa8bb545d75631ae8ceb9c929aba \
+    --hash=sha256:ffa5dc1cbb52bdce3b8447e83d1601a57ad4da6b523d77d4b47366db8b1ceb18
     # via ozi-build
-virtualenv==20.34.0 \
-    --hash=sha256:341f5afa7eee943e4984a9207c025feedd768baff6753cd660c857ceb3e36026 \
-    --hash=sha256:44815b2c9dee7ed86e387b842a84f20b93f7f417f95886ca1996a72a4138eb1a
+virtualenv==20.36.1 \
+    --hash=sha256:575a8d6b124ef88f6f51d56d656132389f961062a9177016a50e4f507bbcc19f \
+    --hash=sha256:8befb5c81842c641f8ee658481e42641c68b5eab3521d8e092d18320902466ba
     # via tox
-wheel==0.45.1 \
-    --hash=sha256:661e1abd9198507b1409a20c02106d9670b2576e916d58f520316666abca6729 \
-    --hash=sha256:708e7481cc80179af0e556bbf0cc00b8444c7321e2700b8d8580231d13017248
+wheel==0.46.2 \
+    --hash=sha256:33ae60725d69eaa249bc1982e739943c23b34b58d51f1cb6253453773aca6e65 \
+    --hash=sha256:3d79e48fde9847618a5a181f3cc35764c349c752e2fe911e65fa17faab9809b0
     # via
     #   ozi-build
     #   pip-tools
 
 # The following packages are considered to be unsafe in a requirements file:
-pip==25.2 \
-    --hash=sha256:578283f006390f85bb6282dffb876454593d637f5d1be494b5202ce4877e71f2 \
-    --hash=sha256:6d67a2b4e7f14d8b31b8b52648866fa717f45a1eb70e83002f4331d07e953717
+pip==26.1 \
+    --hash=sha256:4e8486d821d814b77319acb7b9e8bf5a4ee7590a643e7cb21029f209be8573c1 \
+    --hash=sha256:81e13ebcca3ffa8cc85e4deff5c27e1ee26dea0aa7fc2f294a073ac208806ff3
     # via pip-tools
 setuptools==78.1.1 \
     --hash=sha256:c3a9c4211ff4c309edb8b8c4f1cbfa7ae324c4ba9f91ff254e3d305b9fd54561 \
diff --git a/doc/assets/deps/requirements.txt b/doc/assets/deps/requirements.txt
index b347f20..8f866f7 100644
--- a/doc/assets/deps/requirements.txt
+++ b/doc/assets/deps/requirements.txt
@@ -137,12 +137,12 @@ sphinxemoji
     # via sphinx
 stevedore==5.7.0
     # via doc8
-urllib3==2.6.3
+urllib3==2.7.0
     # via
     #   requests
     #   types-requests
 wcwidth==0.6.0
     # via prompt-toolkit
-wheel==0.46.3
+wheel==0.47.0
     # via pip-tools
 zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability