Bump the minor-and-patch group across 1 directory with 4 updates

[dependabot]

Bumps the minor-and-patch group with 4 updates in the / directory: pypdf, babel, ty and git-changelog.

Updates pypdf from 6.6.0 to 6.6.2

Release notes

Sourced from pypdf's releases.

Version 6.6.2, 2026-01-26

What's new

Security (SEC)

• Detect cyclic references when retrieving outlines (#3610) by @​stefan6419846

Full Changelog

Version 6.6.1, 2026-01-25

What's new

Robustness (ROB)

• /AcroForm might be NullObject (#3601) by @​joshkersey
• Handle missing font bounding boxes gracefully (#3600) by @​LudovA

Full Changelog

Changelog

Sourced from pypdf's changelog.

Version 6.6.2, 2026-01-26

Security (SEC)

• Detect cyclic references when retrieving outlines (#3610)

Full Changelog

Version 6.6.1, 2026-01-25

Robustness (ROB)

• /AcroForm might be NullObject (#3601)
• Handle missing font bounding boxes gracefully (#3600)

Full Changelog

Commits

• ad47d50 REL: 6.6.2
• b1282f8 SEC: Detect cyclic references when retrieving outlines (#3610)
• f18e13c REL: 6.6.1
• 1973576 DEV: Bump wheel from 0.44.0 to 0.46.2 (#3608)
• 4740225 ROB: /AcroForm might be NullObject (#3601)
• 26fd638 ROB: Handle missing font bounding boxes gracefully (#3600)
• affe8ed DEV: Bump virtualenv from 20.27.0 to 20.36.1 (#3597)
• df1b91d DEV: Add missing dependency to URL check
• See full diff in compare view

Updates babel from 2.17.0 to 2.18.0

Release notes

Sourced from babel's releases.

v2.18.0

Happy 2026! Like last year's release (ahem...), this one too is being made from FOSDEM 2026, in Brussels, Belgium. 🇧🇪 We'll aspire for a less glacial release cycle for 2.19. 😁

Please see CHANGELOG.rst for the detailed change log.

Full Changelog: python-babel/babel@v2.17.0...v2.18.0

Changelog

Sourced from babel's changelog.

Version 2.18.0

Happy 2026! This release is, coincidentally, also being made from FOSDEM.

We will aspire for a slightly less glacial release cadence in this year; there are interesting features in the pipeline.

Features

* Core: Add `babel.core.get_cldr_version()` by @akx in :gh:`1242`
* Core: Use CLDR 47 by @tomasr8 in :gh:`1210`
* Core: Use canonical IANA zone names in zone_territories by @akx in :gh:`1220`
* Messages: Improve extract performance via ignoring directories early during os.walk by @akx in :gh:`968`
* Messages: Merge in per-format keywords and auto_comments by @akx in :gh:`1243`
* Messages: Update keywords for extraction of dpgettext and dnpgettext by @mardiros in :gh:`1235`
* Messages: Validate all plurals in Python format checker by @tomasr8 in :gh:`1188`
* Time: Use standard library `timezone` instead of `FixedOffsetTimezone` by @akx in :gh:`1203`
Bugfixes

• Core: Fix formatting for "Empty locale identifier" exception added in #1164 by @​akx in :gh:1184
• Core: Improve handling of no-inheritance-marker in timezone data by @​akx in :gh:1194
• Core: Make the number pattern regular expression more efficient by @​akx in :gh:1213
• Messages: Keep translator comments next to the translation function call by @​akx in :gh:1196
• Numbers: Fix KeyError that occurred when formatting compact currencies of exactly one thousand in several locales by @​bartbroere in :gh:1246

Other improvements

* Core: Avoid unnecessary uses of `map()` by @akx in :gh:`1180`
* Messages: Have init-catalog create directories too by @akx in :gh:`1244`
* Messages: Optimizations for read_po by @akx in :gh:`1200`
* Messages: Use pathlib.Path() in catalog frontend; improve test coverage by @akx in :gh:`1204`
Infrastructure and documentation

• CI: Renovate CI & lint tools by @​akx in :gh:1228
• CI: Tighten up CI with Zizmor by @​akx in :gh:1230
• CI: make job permissions explicit by @​akx in :gh:1227
• Docs: Add SECURITY.md by @​akx in :gh:1229
• Docs: Remove u string prefix from docs by @​verhovsky in :gh:1174
• Docs: Update dates.rst with current unicode.org tr35 link by @​clach04 in :gh:1189
• General: Add some PyPI classifiers by @​tomasr8 in :gh:1186
• General: Apply reformatting by hand and with Ruff by @​akx in :gh:1202
• General: Test on and declare support for Python 3.14 by @​akx in :gh:1233

... (truncated)

Commits

• 56c63ca Prepare for 2.18.0 (#1248)
• 73015a1 Add user-agent to CLDR downloader (#1247)
• 29bd362 Fix formatting compact currencies of exactly one thousand in several locales ...
• 851db43 Reuse InitCatalog's guts in UpdateCatalog (#1244)
• fd00e60 Extract: Merge in per-format keywords and auto_comments (#1243)
• 12a14b6 Add dpgettext and dnpgettext support (#1235)
• 7110e62 Use canonical IANA zone names in zone_territories (#1220)
• e91c346 Improve extract performance via ignoring directories early during os.walk (#968)
• 0c4f378 Convert Unittest testcases with setup/teardown to fixtures (#1240)
• 218c96e Add babel.core.get_cldr_version() (#1242)
• Additional commits viewable in compare view

Updates ty from 0.0.12 to 0.0.14

Release notes

Sourced from ty's releases.

0.0.14

Release Notes

Released on 2026-01-26.

Bug fixes

• Consider keyword arguments when unpacking a variadic argument (#22796)
• Fix binary operator false-positive for constrained TypeVars (#22782)
• Fix docstring rendering for literal blocks after doctests (#22676)
• Fix false-positive unsupported-operator for "symmetric" TypeVars (#22756)
• Fix panic when overriding a final method using an assignment (#22831)
• Fix unary operator false-positive for constrained TypeVars (#22783)
• Fix generic functions with a generic (ParamSpec) decorator (#22544)
• Fix memo.changed_at assertion panics (#22498)

LSP server

• Look up attributes on metaclasses for Go to Definition (#22758)
• Suppress type inlay hints for leading-underscore assignments (#22855)

Configuration

• Add allowed-unresolved-imports setting (#22800)

Other changes

• Add assert-type-unspellable-subtype diagnostic, for failed assert_type() where the actual type is a subtype of the named type that can't be spelled in a type expression (#22815)
• Add a new empty-body return code for functions with stub bodies that have non-None return annotations (#22846)
• Add diagnostic disambiguation for different type aliases with the same name (#22852)
• Add support for dict literals and dict() calls as default values for parameters with TypedDict types (#22161)
• Add support for subscripts on intersections (#22654)
• Avoid duplicate syntax errors for await outside functions (#22826)
• Emit an error if the same type parameter appears more than once in a Generic[] subscript (#22738)
• Emit diagnostic for unimplemented abstract method on @​final class (#22753)
• Fix GitLab Code Quality output format for empty diagnostics (#22833)
• Fix assignment in decorated method causing Unknown fallback (#22778)
• Fix false negative when using a non-runtime-checkable protocol in a match class pattern (#22836)
• Improve completion rankings for raise-from/except contexts (#22775)
• Improve invalid assignment diagnostics with type context (#22643)
• Improve support for kwarg splats in dictionary literals (#22781)
• Infer TypedDict types with >=1 required key as being always truthy (#22808)
• Point to an overload with an invalid @final decoator when emitting invalid-overload errors for invalid @final decorators (#22812)
• Require both *args and **kwargs when calling a ParamSpec callable (#22820)
• Stricter validation of TypedDict definitions (#22811)
• Support recursive and stringified annotations in functional typing.NamedTuples (#22718)
• Support solving generics involving PEP 695 type aliases (#22678)
• Use a more lenient fallback type for failed namedtuple() and NamedTuple calls (#22765)
• Use type context from augmented assignment dunder calls (#22540)
• Check that starred arguments in function calls are iterable (#22805)

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.14

Released on 2026-01-26.

Bug fixes

• Consider keyword arguments when unpacking a variadic argument (#22796)
• Fix binary operator false-positive for constrained TypeVars (#22782)
• Fix docstring rendering for literal blocks after doctests (#22676)
• Fix false-positive unsupported-operator for "symmetric" TypeVars (#22756)
• Fix panic when overriding a final method using an assignment (#22831)
• Fix unary operator false-positive for constrained TypeVars (#22783)
• Fix generic functions with a generic (ParamSpec) decorator (#22544)
• Fix memo.changed_at assertion panics (#22498)

LSP server

• Look up attributes on metaclasses for Go to Definition (#22758)
• Suppress type inlay hints for leading-underscore assignments (#22855)

Configuration

• Add allowed-unresolved-imports setting (#22800)

Other changes

• Add assert-type-unspellable-subtype diagnostic, for failed assert_type() where the actual type is a subtype of the named type that can't be spelled in a type expression (#22815)
• Add a new empty-body return code for functions with stub bodies that have non-None return annotations (#22846)
• Add diagnostic disambiguation for different type aliases with the same name (#22852)
• Add support for dict literals and dict() calls as default values for parameters with TypedDict types (#22161)
• Add support for subscripts on intersections (#22654)
• Avoid duplicate syntax errors for await outside functions (#22826)
• Emit an error if the same type parameter appears more than once in a Generic[] subscript (#22738)
• Emit diagnostic for unimplemented abstract method on @​final class (#22753)
• Fix GitLab Code Quality output format for empty diagnostics (#22833)
• Fix assignment in decorated method causing Unknown fallback (#22778)
• Fix false negative when using a non-runtime-checkable protocol in a match class pattern (#22836)
• Improve completion rankings for raise-from/except contexts (#22775)
• Improve invalid assignment diagnostics with type context (#22643)
• Improve support for kwarg splats in dictionary literals (#22781)
• Infer TypedDict types with >=1 required key as being always truthy (#22808)
• Point to an overload with an invalid @final decoator when emitting invalid-overload errors for invalid @final decorators (#22812)
• Require both *args and **kwargs when calling a ParamSpec callable (#22820)
• Stricter validation of TypedDict definitions (#22811)
• Support recursive and stringified annotations in functional typing.NamedTuples (#22718)
• Support solving generics involving PEP 695 type aliases (#22678)
• Use a more lenient fallback type for failed namedtuple() and NamedTuple calls (#22765)
• Use type context from augmented assignment dunder calls (#22540)
• Check that starred arguments in function calls are iterable (#22805)

... (truncated)

Commits

• 16597f5 Bump version to 0.0.14 (#2632)
• 342e6b3 Update actions/checkout action to v6.0.2 (#2624)
• a390952 Update prek dependencies (#2625)
• 1d3d416 Update actions/cache action to v5.0.2 (#2623)
• fc1478b Bump version to 0.0.13 (#2576)
• 608dc50 Drop PPC64 builds (#2571)
• 9ffe443 Update prek dependencies (#2558)
• 9569569 Always target manylinux 2_17 and better pre-upload checks (#2393)
• See full diff in compare view

Updates git-changelog from 2.7.0 to 2.7.1

Release notes

Sourced from git-changelog's releases.

2.7.1

2.7.1 - 2026-01-30

Compare with 2.7.0

Build

• Depend on packaging 26 (8fef14d by Timothée Mazzucotelli).

Bug Fixes

• Don't crash on packaging 26 (97f58fa by Timothée Mazzucotelli).
• Remove duplicate section keys (27f185a by Werner Robitza). PR-111

Code Refactoring

• Stop using deprecated _version attribute on packaging.Version instances (7bfaa86 by Timothée Mazzucotelli).

Changelog

Sourced from git-changelog's changelog.

2.7.1 - 2026-01-30

Compare with 2.7.0

Build

• Depend on packaging 26 (8fef14d by Timothée Mazzucotelli).

Bug Fixes

• Don't crash on packaging 26 (97f58fa by Timothée Mazzucotelli).
• Remove duplicate section keys (27f185a by Werner Robitza). PR-111

Code Refactoring

• Stop using deprecated _version attribute on packaging.Version instances (7bfaa86 by Timothée Mazzucotelli).

Commits

• fa67c25 chore: Prepare release 2.7.1
• e0b9a2a Merge branch 'main' of github.com:pawamoy/git-changelog
• e2b4a48 chore: Prepare release 2.7.1
• 7bfaa86 refactor: Stop using deprecated _version attribute on packaging.Version i...
• 6d46f86 chore: Ignore mypy warning
• 8fef14d build: Depend on packaging 26
• 97f58fa fix: Don't crash on packaging 26
• acfe5c7 chore: Update sponsors section in README
• 27f185a fix: Remove duplicate section keys
• 2495ac1 chore: Update sponsors section in README (#110)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions