Bump the dependencies group in /.config with 5 updates

[dependabot[bot]]

Bumps the dependencies group in /.config with 5 updates:

Package	From	To
pipdeptree	2.19.1	2.20.0
griffe	0.44.0	0.45.0
jinja2	3.1.3	3.1.4
mkdocs-material	9.5.21	9.5.22
regex	2024.4.28	2024.5.10

Updates pipdeptree from 2.19.1 to 2.20.0

Release notes

Sourced from pipdeptree's releases.

2.20.0

What's Changed

• Remove publish job from the check workflow by @​kemzeb in tox-dev/pipdeptree#361
• Mimic pip when handling --user-only in a virtual environment by @​kemzeb in tox-dev/pipdeptree#364

Full Changelog: https://github.com/tox-dev/pipdeptree/compare/2.19.1...2.20.0

Commits

• e88356f Mimic pip when handling --user-only in a virtual environment (#364)
• 1476bf7 [pre-commit.ci] pre-commit autoupdate (#363)
• 4c832b5 Remove publish job from the check workflow (#361)
• a1bf845 [pre-commit.ci] pre-commit autoupdate (#360)
• See full diff in compare view

Updates griffe from 0.44.0 to 0.45.0

Release notes

Sourced from griffe's releases.

0.45.0

0.45.0 - 2024-05-12

Compare with 0.44.0

Features

• Implement -x, --force-inspection CLI option (776063d by Timothée Mazzucotelli).
• Implement force_inspection option in the loader API (3266f22 by Timothée Mazzucotelli).
• Support inspecting packages (__init__ modules) (3f74f67 by Timothée Mazzucotelli).
• Add parameters for resolving aliases to load functions (e418dee by Timothée Mazzucotelli).
• Load private sibling modules by default when resolving aliases (4806189 by Timothée Mazzucotelli).

Bug Fixes

• Pass down modules collection when inspecting (bc0f74b by Timothée Mazzucotelli).
• Catch loading errors when loading additional modules during wildcard expansion and alias resolution (964e0d2 by Timothée Mazzucotelli).

Code Refactoring

• Improve stats code and performance (eeb497f by Timothée Mazzucotelli).
• Recurse immediately into non-discoverable submodules (no path on disk) during dynamic analysis (d0b7a1d by Timothée Mazzucotelli).
• Simplify the code that checks if an object should be aliased or not during dynamic analysis (fc794c2 by Timothée Mazzucotelli).
• Avoid side-effect in inspector by checking early if an object is a cached property (a6bfcfd by Timothée Mazzucotelli).

Changelog

Sourced from griffe's changelog.

0.45.0 - 2024-05-12

Compare with 0.44.0

Features

• Implement -x, --force-inspection CLI option (776063d by Timothée Mazzucotelli).
• Implement force_inspection option in the loader API (3266f22 by Timothée Mazzucotelli).
• Support inspecting packages (__init__ modules) (3f74f67 by Timothée Mazzucotelli).
• Add parameters for resolving aliases to load functions (e418dee by Timothée Mazzucotelli).
• Load private sibling modules by default when resolving aliases (4806189 by Timothée Mazzucotelli).

Bug Fixes

• Pass down modules collection when inspecting (bc0f74b by Timothée Mazzucotelli).
• Catch loading errors when loading additional modules during wildcard expansion and alias resolution (964e0d2 by Timothée Mazzucotelli).

Code Refactoring

• Improve stats code and performance (eeb497f by Timothée Mazzucotelli).
• Recurse immediately into non-discoverable submodules (no path on disk) during dynamic analysis (d0b7a1d by Timothée Mazzucotelli).
• Simplify the code that checks if an object should be aliased or not during dynamic analysis (fc794c2 by Timothée Mazzucotelli).
• Avoid side-effect in inspector by checking early if an object is a cached property (a6bfcfd by Timothée Mazzucotelli).

Commits

• 587346e chore: Prepare release 0.45.0
• eeb497f refactor: Improve stats code and performance
• 721ce7d docs: Fix example in SetMembersMixin docstring
• bc0f74b fix: Pass down modules collection when inspecting
• 776063d feat: Implement -x, --force-inspection CLI option
• 3266f22 feat: Implement force_inspection option in the loader API
• 02b2d7c tests: Move clear_sys_modules helper in a helper module
• d0b7a1d refactor: Recurse immediately into non-discoverable submodules (no path on di...
• fc794c2 refactor: Simplify the code that checks if an object should be aliased or not...
• a6bfcfd refactor: Avoid side-effect in inspector by checking early if an object is a ...
• Additional commits viewable in compare view

Updates jinja2 from 3.1.3 to 3.1.4

Release notes

Sourced from jinja2's releases.

3.1.4

This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Jinja2/3.1.4/ Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4

• The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj

Changelog

Sourced from jinja2's changelog.

Version 3.1.4

Released 2024-05-05

• The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. :ghsa:h75v-3vvj-5mfj

Commits

• dd4a8b5 release version 3.1.4
• 0668239 Merge pull request from GHSA-h75v-3vvj-5mfj
• d655030 disallow invalid characters in keys to xmlattr filter
• a7863ba add ghsa links
• b5c98e7 start version 3.1.4
• da3a9f0 update project files (#1968)
• 0ee5eb4 satisfy formatter, linter, and strict mypy
• 20477c6 update project files (#5457)
• e491223 update pyyaml dev dependency
• 36f9885 fix pr link
• Additional commits viewable in compare view

Updates mkdocs-material from 9.5.21 to 9.5.22

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.5.22

• Fixed #7170: Copy button adds empty lines for line spans (9.5.18 regression)
• Fixed #7160: Version switching doesn't stay on page (9.5.5 regression)
• Fixed #5619: Links in Mermaid.js diagrams not discernible

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.5.22 (2024-05-12)

• Fixed #7170: Copy button adds empty lines for line spans (9.5.18 regression)
• Fixed #7160: Version switching doesn't stay on page (9.5.5 regression)
• Fixed #5619: Links in Mermaid.js diagrams not discernible

mkdocs-material-9.5.21 (2024-05-03)

• Fixed #7133: Ensure latest version of Mermaid.js is used
• Fixed #7125: Added warning for dotfiles in info plugin

mkdocs-material-9.5.20 (2024-04-29)

• Fixed deprecation warning in privacy plugin (9.5.19 regression)
• Fixed #7119: Tags plugin emits deprecation warning (9.5.19 regression)
• Fixed #7118: Social plugin crashes if fonts are disabled (9.5.19 regression)
• Fixed #7085: Social plugin crashes on Windows when downloading fonts

mkdocs-material-9.5.19+insiders-4.53.8 (2024-04-26)

• Fixed #7052: Preview extension automatically including all pages
• Fixed #7051: Instant previews mounting on footnote references
• Fixed #5165: Improved tooltips not mounting in sidebar for typeset plugin

mkdocs-material-9.5.19+insiders-4.53.7 (2024-04-25)

• Fixed #7060: Incorrect resolution of translation when using static-i18n

mkdocs-material-9.5.19 (2024-04-25)

• Updated MkDocs to 1.6 and limited version to < 2
• Updated Docker image to latest Alpine Linux
• Removed setup.py, now that GitHub fully understands pyproject.toml
• Improved interop of social plugin with third-party MkDocs themes
• Fixed #7099: Blog reading time not rendered correctly for Japanese
• Fixed #7097: Improved resilience of tags plugin when no tags are given
• Fixed #7090: Active tab indicator in nested content tabs rendering bug

mkdocs-material-9.5.18 (2024-04-16)

• Refactored tooltips implementation to fix positioning issues
• Fixed #7044: Rendering glitch when hovering contributor avatar in Chrome
• Fixed #7043: Highlighted lines in code blocks cutoff on mobile
• Fixed #6910: Incorrect position of tooltip for page status in sidebar
• Fixed #6760: Incorrect position and overly long tooltip in tables
• Fixed #6488: Incorrect position and cutoff tooltip in content tabs

mkdocs-material-9.5.17+insiders-4.53.6 (2024-04-05)

• Ensure working directory is set for projects when using projects plugin

... (truncated)

Commits

• b2b6571 Prepare 9.5.22 release
• 78fd41a Updated dependencies
• ceacfe5 Fixed stay on same page for version selector (9.5.5 regression)
• 937d7cc Fixed empty lines when copying (9.5.18 regression)
• bd708f1 Documentation (#7166)
• c1336ae Added missing validation/links/anchors to validation.json schema (#7158)
• 1c7e954 Updated dependencies
• b1185aa Fixed JSON parse error in schema.json (#7152)
• 0de8be2 Documentation (#6937)
• 05661a1 Added underline to nodes with links in Mermaid diagrams
• See full diff in compare view

Updates regex from 2024.4.28 to 2024.5.10

Commits

• be139ff Updated for Python 3.13.
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.