Bump the python-packages group across 1 directory with 7 updates

[dependabot]

Updates the requirements on beautifulsoup4, lxml, xmltodict, pyinstaller, pymupdf, markdown and setuptools to permit the latest version.
Updates beautifulsoup4 from 4.7.1 to 4.14.3

Updates lxml from 6.0.0 to 6.0.4

Changelog

Sourced from lxml's changelog.

6.0.4 (2026-04-12)

Bugs fixed

• LP#2148019: Spurious MemoryError during namespace cleanup.

6.0.3 (2026-04-09)

Bugs fixed

• Several out of memory error cases now raise MemoryError that were not handled before.

• Slicing with large step values (outside of +/- sys.maxsize) could trigger undefined C behaviour.

• LP#2125399: Some failing tests were fixed or disabled in PyPy.

• LP#2138421: Memory leak in error cases when setting the public_id or system_url of a document.

• Memory leak in case of a memory allocation failure when copying document subtrees.

• When mapping an XPath result to Python failed, the result memory could leak.

• When preparing an XSLT transform failed, the XSLT parameter memory could leak.

Other changes

• Built using Cython 3.2.4.

• Binary wheels use zlib 1.3.2.

6.0.2 (2025-09-21)

Bugs fixed

• LP#2125278: Compilation with libxml2 2.15.0 failed. Original patch by Xi Ruoyao.

• Setting decompress=True in the parser had no effect in libxml2 2.15.

• Binary wheels on Linux and macOS use the library version libxml2 2.14.6. See https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.14.6

... (truncated)

Commits

• 1fd1d6b Fix release date.
• 5154859 CI: Include all library versions in libs cache key to asssure updated on vers...
• 6a606f3 Add "doesn't crash" tests for LP#2148019.
• f488f16 Prepare release of 6.0.4.
• 1255d98 LP#2148019: Prevent spurious MemoryError during namespace cleanup.
• 03b0c4a Remove dead type check.
• a6f833c Fix release date.
• 973d059 Update changelog.
• 9044a52 Build: Downgrade libiconv to 1.18 since 1.19 does not build reliably.
• a34dfdd Build: Upgrade libiconv to 1.19.
• Additional commits viewable in compare view

Updates xmltodict from 0.11.0 to 1.0.4

Release notes

Sourced from xmltodict's releases.

v1.0.4

1.0.4 (2026-02-22)

Bug Fixes

• unparse: add bytes_errors policy and handle bytes scalars consistently (ed70434)

v1.0.3

1.0.3 (2026-02-15)

Bug Fixes

• unparse: serialize None text/attrs as empty values (fixes #401) (aa16511)

Documentation

• readme: fix Fedora and Arch package links (fd6a73b)

v1.0.2

1.0.2 (2025-09-17)

Bug Fixes

• allow DOCTYPE with disable_entities=True (default) (25b61a4)

v1.0.1

1.0.1 (2025-09-17)

Bug Fixes

• fail closed when entities disabled (c986d2d)
• validate XML comments (3d4d2d3)

Documentation

• add SECURITY.md (6413023)
• clarify behavior for empty lists (2025b5c)
• clarify process_comments docs (6b464fc)
• clarify strip whitespace comment behavior (b3e2203)
• create AGENTS.md for coding agents (0da66ee)
• replace travis with actions badge (2576b94)
• update CONTRIBUTING.md (db39180)

v1.0.0

... (truncated)

Changelog

Sourced from xmltodict's changelog.

1.0.4 (2026-02-22)

Bug Fixes

• unparse: add bytes_errors policy and handle bytes scalars consistently (ed70434)

1.0.3 (2026-02-15)

Bug Fixes

• unparse: serialize None text/attrs as empty values (fixes #401) (aa16511)

Documentation

• readme: fix Fedora and Arch package links (fd6a73b)

1.0.2 (2025-09-17)

Bug Fixes

• allow DOCTYPE with disable_entities=True (default) (25b61a4)

1.0.1 (2025-09-17)

Bug Fixes

• fail closed when entities disabled (c986d2d)
• validate XML comments (3d4d2d3)

Documentation

• add SECURITY.md (6413023)
• clarify behavior for empty lists (2025b5c)
• clarify process_comments docs (6b464fc)
• clarify strip whitespace comment behavior (b3e2203)
• create AGENTS.md for coding agents (0da66ee)
• replace travis with actions badge (2576b94)
• update CONTRIBUTING.md (db39180)

1.0.0 (2025-09-12)

⚠ BREAKING CHANGES

... (truncated)

Commits

• 8d7f1fd chore(master): release 1.0.4
• ed70434 fix(unparse): add bytes_errors policy and handle bytes scalars consistently
• 89c4bf7 chore(master): release 1.0.3
• fd6a73b docs(readme): fix Fedora and Arch package links
• aa16511 fix(unparse): serialize None text/attrs as empty values (fixes #401)
• f7d76c9 style: lines required between function definitions
• 1bfb267 build: remove unnecessary wheel from dependencies
• d9f6d40 build: no need for README.md in MANIFEST.in
• 34378ef build: pep 639 compliance
• d079849 chore(master): release 1.0.2
• Additional commits viewable in compare view

Updates pyinstaller from 6.14.2 to 6.19.0

Release notes

Sourced from pyinstaller's releases.

v6.19.0

Please see the v6.19.0 section of the changelog for a list of the changes since v6.18.0.

v6.18.0

Please see the v6.18.0 section of the changelog for a list of the changes since v6.17.0.

v6.17.0

Please see the v6.17.0 section of the changelog for a list of the changes since v6.16.0.

v6.16.0

Please see the v6.16.0 section of the changelog for a list of the changes since v6.15.0.

v6.15.0

Please see the v6.15.0 section of the changelog for a list of the changes since v6.14.2.

Changelog

Sourced from pyinstaller's changelog.

6.19.0 (2026-02-14)

Bugfix

* (Windows) Fix collection of ``numpy`` DLLs when ``numpy`` PyPI wheel is
  installed using ``uv`` instead of ``pip``. (:issue:`9360`)
* Extend suppression of missing ``api-ms-win-*.dll`` warnings to Windows Server
  (formerly Windows 10 and 11). (:issue:`9355`)
* (Conda) Fix error during initialization of the `conda` hook utility module in
  Anaconda environments where the metadata for packages with no dependencies
  omit their *dependencies* key. (:issue:`9345`)
Hooks

* (Windows) Fix installer check in ``numpy`` hook to enable explicit collection
  of DLLs from ``numpy.libs`` directory when ``numpy`` PyPI wheels are installed
  through an installer other than ``pip`` - for example, ``uv``. (:issue:`9365`)
* (Windows) Update the ``pandas`` hook to explicitly collect the DLLs
  from ``pandas.libs`` directory that has been used in Windows PyPI wheels
  since ``pandas`` 2.1.0. (:issue:`9365`)
6.18.0 (2026-01-13)
Features

</code></pre>

<ul>

<li>Implement support for Tcl/Tk 9 in splash screen. (:issue:<code>9313</code>)</li>

</ul>

<p>Bugfix</p>

<pre><code>

(macOS) Improve the .framework bundle fix-up code to remove file entries

that would be placed under restored symlinked directories. This fixes

file-already-exists errors at build time (onedir) or run-time (onefile)

when user or a hook tries to collect (all) files from a package that

ships a .framework bundle with symlinks mangled into hard-copies

(for example, due to lack of symlink support in PyPI wheels). (:issue:9335)
Have hook for stdlib platform module exclude the _ios_support

module when sys.platform != 'ios'. This prevents unnecessary

collection of ctypes-imported libobjc shared library if the

latter happens to be available on the build system. (:issue:9333)

&lt;/tr&gt;&lt;/table&gt;

</code></pre>

</blockquote>

<p>... (truncated)</p>

</details>

<details>

<summary>Commits</summary>
<ul>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/9ae6e2afa4e55c3a784ec88ac74a71688a2a37c8&quot;&gt;&lt;code&gt;9ae6e2a&lt;/code&gt;&lt;/a> Release v6.19.0. [skip ci]</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/50eebf41d1b9309000b4ca6a74c0cc3c3f9b6a73&quot;&gt;&lt;code&gt;50eebf4&lt;/code&gt;&lt;/a> ci: cygwin: add the work-around for broken setuptools upgrade</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/a09778bb289fc24fb34dc675a9e71d3f09794a0a&quot;&gt;&lt;code&gt;a09778b&lt;/code&gt;&lt;/a> ci: extend the work-around for broken setuptools upgrade</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/a7f87e58c2023ff699610b6af47f4fe4b3a12313&quot;&gt;&lt;code&gt;a7f87e5&lt;/code&gt;&lt;/a> tests: port remaining metadata tests to importlib.metadata</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/2e751ba399ccf10f0aeb843cbb2f183c22509a6b&quot;&gt;&lt;code&gt;2e751ba&lt;/code&gt;&lt;/a> tests: add missing importorskip('pkg_resources') decorators</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/611f658dae8881eab3f2264bb90aac136a2152aa&quot;&gt;&lt;code&gt;611f658&lt;/code&gt;&lt;/a> tests: update setuptools to 82.0.0</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/38ae78854b07bd33359929c6d1a9df52c4544085&quot;&gt;&lt;code&gt;38ae788&lt;/code&gt;&lt;/a> Tests: Requirements: Scheduled weekly dependency update for week 06 (<a href="https://redirect.github.com/pyinstaller/pyinstaller/issues/9369&quot;&gt;#9369&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/e937d76ea5e2177f295488bcaaa6d641adc328cf&quot;&gt;&lt;code&gt;e937d76&lt;/code&gt;&lt;/a> Tests: Requirements: Scheduled weekly dependency update for week 05 (<a href="https://redirect.github.com/pyinstaller/pyinstaller/issues/9366&quot;&gt;#9366&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/ce6d02ce7ac3d19a6b5a4ef57775d589bc125b4d&quot;&gt;&lt;code&gt;ce6d02c&lt;/code&gt;&lt;/a> hooks: pandas: use delvewheel hook utility function to collect DLLs</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/f0ee7305a607969fee6c02b76e387669df0e0ad7&quot;&gt;&lt;code&gt;f0ee730&lt;/code&gt;&lt;/a> hooks: numpy: relax installer-type check for delvewheel codepath</li>

<li>Additional commits viewable in <a href="https://github.com/pyinstaller/pyinstaller/compare/v6.14.2...v6.19.0&quot;&gt;compare view</a></li>

</ul>

</details>
<br />

Updates pymupdf from 1.26.3 to 1.26.5

Release notes
Sourced from pymupdf's releases.

PyMuPDF-1.26.5 released
Wheels for Windows, Linux and MacOS, and the sdist, are available on pypi.org and can be installed in the usual way, for example:
python -m pip install --upgrade pymupdf

[Linux-aarch64 wheels will be built and uploaded later.]
Changes in version 1.26.5


Use MuPDF-1.26.10.


Fixed issues:

Fixed #2883
Fixed #4507
Fixed #4613
Fixed #4700
Fixed #4716



Other:

Supported Python versions are now 3.9-3.14.
We now define all class methods explicitly instead of with dynamic assignment; this improves type hints.
Removed pymupdf.utils.Shape class, was duplicate of pymupdf.Shape.
Allow use of cibuildwheel to build and test on Pyodide.
Fixed various Pyodide bugs.
In documentation, added section about Linux wheels and glibc compatibility.
Improved documentation of pymupdf.open()'s  arg.
Retrospectively mark 4544 <https://github.com/pymupdf/PyMuPDF/issues/4544>_ as fixed in 1.26.4.



PyMuPDF-1.26.4 released
Wheels for Windows, Linux and MacOS, and the sdist, are available on pypi.org and can be installed in the usual way, for example:
python -m pip install --upgrade pymupdf

[Linux-aarch64 wheels will be built and uploaded later.]
Changes in version 1.26.4


Use MuPDF-1.26.7.


Fixed issues:

Fixed #3806
Fixed #4388
Fixed #4457





... (truncated)


Changelog
Sourced from pymupdf's changelog.

Change Log
**Changes in version **


Fixed issues:


Other:

Fixed incorrect generation of lineJoin j in PDF content, introduced in 1.27.2.2.



Changes in version 1.27.2.2 (2026-03-20)


Fixed issues:

Fixed 4902 <https://github.com/pymupdf/PyMuPDF/issues/4902>_: Incorrect linewidth in elements returned by Page.get_texttrace()
Fixed 4932 <https://github.com/pymupdf/PyMuPDF/issues/4932>_: "Page" has no attribute "find_tables" in PyMuPDF 1.27



Other:

Added Annot.__bool__().



Changes in version 1.27.2. (2026-03-10)


Use MuPDF-1.27.2.


Fixed issues:

Fixed 4903 <https://github.com/pymupdf/PyMuPDF/issues/4903>_: Typing broken because of *_forward_decl



Other:


Retrospectively marked #4907 as fixed in pymupdf-1.27.1.


Improved get_textpage_ocr().
For partial OCR, all page areas outside legible text are now OCRed, not
just those within images. This means that OCR will now also be performed
for vector graphics, and for text containing illegible characters.




Changes in version 1.27.1 (2026-02-11)


Use MuPDF-1.27.1.


Fixed issues:

Fixed 4599 <https://github.com/pymupdf/PyMuPDF/issues/4599>_: page.cluster_drawings extract a lot of small clusters once upgraded to 1.26





... (truncated)


Commits

cc13f80 pipcl.py: Added asserts to avoid obscure build/runtime errors.
cd79b59 scripts/test.py: improved cibw command.
97ed979 scripts/test.py: avoid test failures from cibw's recent default to include fr...
a707524 tests/test_release.py: avoid error from os.path.relpath() on windows.
aef5d64 scripts/test.py: fixed bug in manylinux cibuildwheel builds.
c4a83ea tests/: added test_4699() for upstream bug fixed with mupdf master.
090e23e changes.txt: add date of most recent release 1.26.4.
90e86e7 Add 3.14 to list of supported Python versions.
13d89c0 src/init.py: fix call of pdf_is_ocg_hidden() with mupdf master.
d9d4ab8 changes.txt: updated to match all changes since 1.26.4 release.
Additional commits viewable in compare view




Updates markdown from 3.8.2 to 3.9

Release notes
Sourced from markdown's releases.

Release 3.9.0
Changed

Footnotes are now ordered by the occurrence of their references in the
document. A new configuration option for the footnotes extension,
USE_DEFINITION_ORDER, has been added to support restoring the previous
behavior of ordering footnotes by the occurrence of definitions (#1367).

Fixed

Ensure inline processing iterates through elements in document order (#1546).
Fix handling of incomplete HTML tags in code spans in Python 3.14 (#1547).




Changelog
Sourced from markdown's changelog.

title: Changelog
toc_depth: 2
Python-Markdown Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog,
and this project adheres to the
Python Version Specification.
See the Contributing Guide for details.
[3.10.2] - 2026-02-09
Fixed

Fix a regression related to comment handling (#1590).
More reliable fix for </ (#1593).

[3.10.1] - 2026-01-21
Fixed

Ensure nested elements inside inline comments are properly unescaped (#1571).
Make the docs build successfully with mkdocstrings-python 2.0 (#1575).
Fix infinite loop when multiple bogus or unclosed HTML comments appear in input (#1578).
Fix another infinite loop when handling bad comments (#1586).

[3.10.0] - 2025-11-03
Changed

Officially support Python 3.14 and PyPy 3.11 and drop support for Python 3.9
and PyPy 3.9.

Fixed

Fix an HTML comment parsing case in some Python versions that can cause an
infinite loop (#1554).
Revert the default behavior of USE_DEFINITION_ORDER (to True). The new
behavior introduced in 3.9.0 is experimental and results are inconsistent.
It should not have been made the default behavior (#1561).

[3.9.0] - 2025-09-04
Changed

Footnotes are now ordered by the occurrence of their references in the
document. A new configuration option for the footnotes extension,
USE_DEFINITION_ORDER, has been added to support restoring the previous



... (truncated)


Commits

f39cf84 Bump version to 3.9
07bf207 Order footnotes by reference
23c301d Fix failing cases for Python 3.14
4669a09 fix typo
See full diff in compare view




Updates setuptools to 82.0.1

Changelog
Sourced from setuptools's changelog.

v82.0.1
Bugfixes

Fix the loading of launcher manifest.xml file. (#5047)
Replaced deprecated json.__version__ with fixture in tests. (#5186)

Improved Documentation

Add advice about how to improve predictability when installing sdists. (#5168)

Misc

#4941, #5157, #5169, #5175

v82.0.0
Deprecations and Removals

pkg_resources has been removed from Setuptools. Most common uses of pkg_resources have been superseded by the importlib.resources <https://docs.python.org/3/library/importlib.resources.html>_ and importlib.metadata <https://docs.python.org/3/library/importlib.metadata.html>_ projects. Projects and environments relying on pkg_resources for namespace packages or other behavior should depend on older versions of setuptools. (#3085)

v81.0.0
Deprecations and Removals

Removed support for the --dry-run parameter to setup.py. This one feature by its nature threads through lots of core and ancillary functionality, adding complexity and friction. Removal of this parameter will help decouple the compiler functionality from distutils and thus the eventual full integration of distutils. These changes do affect some class and function signatures, so any derivative functionality may require some compatibility shims to support their expected interface. Please report any issues to the Setuptools project for investigation. (#4872)

v80.10.2
Bugfixes

Update vendored dependencies. (#5159)

Misc


... (truncated)


Commits

5a13876 Bump version: 82.0.0 → 82.0.1
51ab8f1 Avoid using (deprecated) 'json.version' in tests (#5194)
f9c37b2 Docs/CI: Fix intersphinx references (#5195)
8173db2 Docs: Fix intersphinx references
09bafbc Fix past tense on newsfragment
461ea56 Add news fragment
c4ffe53 Avoid using (deprecated) 'json.version' in tests
749258b Cleanup pkg_resources dependencies and configuration (#5175)
2019c16 Parse ext-module.define-macros from pyproject.toml as list of tuples (#5169)
b809c86 Sync setuptools schema with validate-pyproject (#5157)
Additional commits viewable in compare view




Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options


You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.