deps: bump the stable-dependencies group with 5 updates

[dependabot]

Bumps the stable-dependencies group with 5 updates:

Package	From	To
markupsafe	3.0.2	3.0.3
packaging	24.2	25.0
pytz	2024.2	2025.2
pyyaml	6.0.2	6.0.3
tzdata	2024.2	2025.3

Updates markupsafe from 3.0.2 to 3.0.3

Release notes

Sourced from markupsafe's releases.

3.0.3

This is the MarkupSafe 3.0.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/MarkupSafe/3.0.3/ Changes: https://markupsafe.palletsprojects.com/page/changes/#version-3-0-3 Milestone: https://github.com/pallets/markupsafe/milestone/15?closed=1

• __version__ raises DeprecationWarning instead of UserWarning. #487
• Adopt multi-phase initialization PEP 489 for the C extension. #494
• Build Windows ARM64 wheels. #485
• Build Python 3.14 wheels. #503
• Build riscv64 wheels. #505

Changelog

Sourced from markupsafe's changelog.

Version 3.0.3

Released 2025-09-27

• __version__ raises DeprecationWarning instead of UserWarning. :issue:487
• Adopt multi-phase initialisation (:pep:489) for the C extension. :issue:494
• Build Windows ARM64 wheels. :issue:485
• Build Python 3.14 wheels. :issue:503
• Build riscv64 wheels. :issue:505

Commits

• 297fc8e release version 3.0.3
• 7e4e6ce Free-threading: run with pytest-run-paralell (#507)
• 6100b9c enable riscv64 wheels (#506)
• c9d5ecf enable riscv64 wheels
• 2f9b337 tox for 3.14
• 78d951a update dev dependencies
• bb6744e add entry
• 65c4134 upgrade cibuildwheel, add cp314 wheels and test on CPython 3.14 (#504)
• 3a9bd88 add cp314 wheels
• aafe44d remove slsa provenance (#501)
• Additional commits viewable in compare view

Updates packaging from 24.2 to 25.0

Release notes

Sourced from packaging's releases.

25.0

What's Changed

• Re-add a test for Unicode file name parsing by @​Siddhesh-Agarwal in pypa/packaging#863
• Upgrade to ruff 0.9.1 by @​DimitriPapadopoulos in pypa/packaging#865
• Add support for PEP 738 Android tags by @​mhsmith in pypa/packaging#880
• feat(markers): support 'extras' and 'dependency_groups' markers by @​frostming in pypa/packaging#888

New Contributors

• @​Siddhesh-Agarwal made their first contribution in pypa/packaging#863
• @​mhsmith made their first contribution in pypa/packaging#880
• @​frostming made their first contribution in pypa/packaging#888

Full Changelog: pypa/packaging@24.2...25.0

Changelog

Sourced from packaging's changelog.

25.0 - 2025-04-19

* PEP 751: Add support for ``extras`` and ``dependency_groups`` markers. (:issue:`885`)
* PEP 738: Add support for Android platform tags. (:issue:`880`)

Commits

• f585376 Bump for release
• 600ecea Add changelog entries
• 3910129 support 'extras' and 'dependency_groups' markers (#888)
• 8e49b43 Add support for PEP 738 Android tags (#880)
• e624d8e Bump the github-actions group with 3 updates (#886)
• 71f38d8 Bump the github-actions group with 2 updates (#878)
• 9b4922d Bump the github-actions group with 3 updates (#870)
• 8510bd9 Upgrade to ruff 0.9.1 (#865)
• 9375ec2 Re-add tests for Unicode file name parsing (#863)
• 2256ed4 Bump the github-actions group across 1 directory with 2 updates (#864)
• Additional commits viewable in compare view

Updates pytz from 2024.2 to 2025.2

Commits

• 82e0891 Bump version numbers to 2024.2 (2024b)
• 277b33c IANA 2025b
• 07d8e91 Squashed 'tz/' changes from a8e2fcd87b..a84610f010
• 00ad7f1 Bump version numbers to 2025.1 / 2025a
• 7abdc14 Squashed 'tz/' changes from 6903dde39e..5ad5cfba5b
• f3a8f38 IANA 2025a
• See full diff in compare view

Updates pyyaml from 6.0.2 to 6.0.3

Release notes

Sourced from pyyaml's releases.

6.0.3

What's Changed

• Support for Python 3.14 and free-threading (experimental).

Full Changelog: yaml/pyyaml@6.0.2...6.0.3

Changelog

Sourced from pyyaml's changelog.

6.0.3 (2025-09-25)

• yaml/pyyaml#864 -- Support for Python 3.14 and free-threading (experimental)

Commits

• 49790e7 Release 6.0.3 (#889)
• See full diff in compare view

Updates tzdata from 2024.2 to 2025.3

Release notes

Sourced from tzdata's releases.

2025.3: Release of upstream tzdata 2025c

Version 2025.3

Upstream version 2025c released 2025-12-10T22:42:37+00:00

Briefly:

Several code changes for compatibility with FreeBSD.

Changes to past timestamps

Baja California agreed with California’s DST rules in 1953 and in 1961 through 1975, instead of observing standard time all year. (Thanks to Alois Treindl.)

Changes to commentary

The leapseconds file contains commentary about the IERS and NIST last-modified and expiration timestamps for leap second data. (Thanks to Judah Levine.)

Commentary now also uses characters from the set –‘’“”•≤ as this can be useful and should work with current applications. This also affects data in iso3166.tab and zone1970.tab, which now contain strings like “Côte d’Ivoire” instead of “Côte d'Ivoire”.

2025.2: Release of upstream tzdata 2025b

Version 2025.2

Upstream version 2025b released 2025-03-22T20:40:46+00:00

Briefly:

New zone for Aysén Region in Chile which moves from -04/-03 to -03.

Changes to future timestamps

Chile's Aysén Region moves from -04/-03 to -03 year-round, joining Magallanes Region. The region will not change its clocks on 2025-04-05 at 24:00, diverging from America/Santiago and creating a new zone America/Coyhaique. (Thanks to Yonathan Dossow.) Model this as a change to standard offset effective 2025-03-20.

Changes to past timestamps

Iran switched from +04 to +0330 on 1978-11-10 at 24:00, not at year end. (Thanks to Roozbeh Pournader.)

2025.1: Release of upstream tzdata 2025a

Version 2025.1

Upstream version 2025a released 2025-01-15T18:47:24+00:00

Briefly:

... (truncated)

Changelog

Sourced from tzdata's changelog.

Version 2025.3

Upstream version 2025c released 2025-12-10T22:42:37+00:00

Briefly:

Several code changes for compatibility with FreeBSD.

Changes to past timestamps

Baja California agreed with California’s DST rules in 1953 and in 1961 through 1975, instead of observing standard time all year. (Thanks to Alois Treindl.)

Changes to commentary

The leapseconds file contains commentary about the IERS and NIST last-modified and expiration timestamps for leap second data. (Thanks to Judah Levine.)

Commentary now also uses characters from the set –‘’“”•≤ as this can be useful and should work with current applications. This also affects data in iso3166.tab and zone1970.tab, which now contain strings like “Côte d’Ivoire” instead of “Côte d'Ivoire”.

---

Version 2025.2

Upstream version 2025b released 2025-03-22T20:40:46+00:00

Briefly:

New zone for Aysén Region in Chile which moves from -04/-03 to -03.

Changes to future timestamps

Chile's Aysén Region moves from -04/-03 to -03 year-round, joining Magallanes Region. The region will not change its clocks on 2025-04-05 at 24:00, diverging from America/Santiago and creating a new zone America/Coyhaique. (Thanks to Yonathan Dossow.) Model this as a change to standard offset effective 2025-03-20.

Changes to past timestamps

Iran switched from +04 to +0330 on 1978-11-10 at 24:00, not at year end. (Thanks to Roozbeh Pournader.)

---

Version 2025.1

Upstream version 2025a released 2025-01-15T18:47:24+00:00

Briefly:

... (truncated)

Commits

• d14cebc Update tzdata to version '2025c'
• 4045188 Bump actions/checkout from 5 to 6 in the actions group (#117)
• 9b58dd1 Stop requiring pytest-subtests for python>3.9, it has been incorporated int...
• 7dc1b6c Update pre-commit repos
• a9c68ae Add newlines to update PR description and commit (#106)
• d619f31 Test Python 3.14t
• b5ab93f Verify signatures of tarballs (#108)
• 6f866b8 Use raw strings for regex
• b1b3051 Fix dependabot config
• dddc234 Commit
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

📖 Documentation Preview

The documentation for this PR has been built and is available at:
🔗 View Preview

This preview will be updated automatically when you push new commits to this PR.

---

Preview built from commit: 5bd2a97

[github-actions]

📖 Documentation Preview

The documentation for this PR has been built and is available at:
🔗 View Preview

This preview will be updated automatically when you push new commits to this PR.

---

Preview built from commit: 7d07ee6

[github-actions]

📖 Documentation Preview

The documentation for this PR has been built and is available at:
🔗 View Preview

This preview will be updated automatically when you push new commits to this PR.

---

Preview built from commit: d503820