chore(deps): bump the dependencies group across 2 directories with 7 updates

[dependabot]

Bumps the dependencies group with 2 updates in the /docs directory: mkdocs-macros-plugin and mkdocs-material.
Bumps the dependencies group with 5 updates in the /src/backend directory:

Package	From	To
dulwich	0.24.8	0.24.10
sentry-sdk	2.43.0	2.44.0
xmlsec	1.3.14	1.3.17
coverage[toml]	7.11.2	7.11.3
pip-tools	7.5.1	7.5.2

Updates mkdocs-macros-plugin from 1.4.1 to 1.5.0

Changelog

Sourced from mkdocs-macros-plugin's changelog.

1.5.0, 2025-11-13

• Added: For each push, testing on github for versions Python 3.8 to 3.12
• Fixed: bug in import of packages when not in source dir (#278)

Commits

• 0536f4d Fix type hint for compatibility
• d9a6bc3 Require mkdocs-test>=0.6.0 (compatibility with Python 3.8 and 3.9)
• bcaa72d Make last minute corrections
• 356fc2a Prepare for release
• aaf16bd Limit testing to 3.10 up (#279)
• ba5356c Use proper exit for pytest if Python < 3.10 (#279)
• 6c79660 Skip test_modules.py if Python version < 3.10 (#279)
• cec7440 Test installation of d2 in a cross-platform way (#279)
• 492759c Update with changes from local repo (#278)
• cc54168 Merge branch 'master' of github.com:fralau/mkdocs_macros_plugin
• Additional commits viewable in compare view

Updates mkdocs-material from 9.6.22 to 9.7.0

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.7.0

[!WARNING]

Material for MkDocs is now in maintenance mode

This is the last release of Material for MkDocs that will receive new features. Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs for 12 months at least.

→ Read the full announcement on our blog

This release includes all features that were previously exclusive to the Insiders edition. These features are now freely available to everyone.

Note on deprecated plugins: The projects and typeset plugins are included in this release, but must be considered deprecated. Both plugins proved unsustainable to maintain and represent architectural dead ends. They are provided as-is without ongoing support.

Changes:

• Added support for projects plugin (for compat, now deprecated)
• Added support for typeset plugin (for compat, now deprecated)
• Added support for pinned blog posts and author profiles
• Added support for customizing pagination for blog index pages
• Added support for customizing blog category sort order
• Added support for staying on page when switching languages
• Added support for disabling tags in table of contents
• Added support for nested tags and shadow tags
• Added support for footnote tooltips
• Added support for instant previews
• Added support for instant prefetching
• Added support for custom social card layouts
• Added support for custom social card background images
• Added support for selectable rangs in code blocks
• Added support for custom selectors for code annotations
• Added support for configurable log level in privacy plugin
• Added support for processing of external links in privacy plugin
• Added support for automatic image optimization via optimize plugin
• Added support for navigation paths (breadcrumbs)
• Fixed #8519: Vector accents do not render when using KaTeX

mkdocs-material-9.6.23

• Updated Burmese translation

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.7.0 (2025-11-11)

⚠️ Material for MkDocs is now in maintenance mode

This is the last release of Material for MkDocs that will receive new features. Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs for 12 months at least.

Read the full announcement on our blog: https://squidfunk.github.io/mkdocs-material/blog/2025/11/05/zensical/

This release includes all features that were previously exclusive to the Insiders edition. These features are now freely available to everyone.

Note on deprecated plugins: The projects and typeset plugins are included in this release, but must be considered deprecated. Both plugins proved unsustainable to maintain and represent architectural dead ends. They are provided as-is without ongoing support.

Changes:

• Added support for pinned blog posts and author profiles
• Added support for customizing pagination for blog index pages
• Added support for customizing blog category sort order
• Added support for staying on page when switching languages
• Added support for disabling tags in table of contents
• Added support for nested tags and shadow tags
• Added support for footnote tooltips
• Added support for instant previews
• Added support for instant prefetching
• Added support for custom social card layouts
• Added support for custom social card background images
• Added support for selectable rangs in code blocks
• Added support for custom selectors for code annotations
• Added support for configurable log level in privacy plugin
• Added support for processing of external links in privacy plugin
• Added support for automatic image optimization via optimize plugin
• Added support for navigation paths (breadcrumbs)
• Fixed #8519: Vector accents do not render when using KaTeX

mkdocs-material-9.6.23 (2025-11-01)

• Updated Burmese translation

mkdocs-material-9.6.22 (2025-10-15)

• Updated Georgian translation

mkdocs-material-9.6.21 (2025-09-30)

... (truncated)

Commits

• 3308731 Updated changelog
• dba54f7 Fixed back-to-top button partial
• 7702610 Updated blog posts
• 3815f60 Documentation
• b583ea7 Prepare 9.7.0 release
• 764178b Merge Insiders features
• 9853cc3 Documentation
• f31cfa5 Removed documentation on sponsoring
• a8b9ace Fixed height of symbols for KaTeX inline rendering
• c0addd8 Updated blog post
• Additional commits viewable in compare view

Updates dulwich from 0.24.8 to 0.24.10

Release notes

Sourced from dulwich's releases.

dulwich-0.24.9

• Fix passing key_filename and ssh_command parameters to SSHGitClient by @​skshetry

• Relax check to support subclasses of Urllib3HttpGitClient. Fixes regression from 0.24.2 where subclasses of Urllib3HttpGitClient would not receive the config object. by @​skshetry

• Fix test_concurrent_ref_operations_compatibility test flakiness by @​jelmer

• Fix warnings in test suite by @​jelmer

Full Changelog: jelmer/dulwich@dulwich-0.24.8...dulwich-0.24.9

Changelog

Sourced from dulwich's changelog.

0.25.0 UNRELEASED

• Drop support for Python 3.9. (Jelmer Vernooij)

• Add support for git rerere (reuse recorded resolution) with CLI subcommands and porcelain functions. Supports rerere.enabled and rerere.autoupdate configuration. (Jelmer Vernooij, #1786)

• Add support for git mailinfo command to extract patch information from email messages. Implements dulwich mailinfo CLI command, porcelain.mailinfo(), and patch.mailinfo() with support for subject munging, -k/-b flags, --scissors, --encoding, and --message-id options. (Jelmer Vernooij, #1839)

• Add support for column formatting. (Jelmer Vernooij, #1837)

• Add dulwich diagnose command to display diagnostic information about the Python environment including Python version, PYTHONPATH, sys.path, Dulwich version, and installed dependencies with their versions. (Jelmer Vernooij, #1835)

024.10 2025-11-10

• Fix compatibility with python 3.9. (Jelmer Vernooij, #1991)

0.24.9 2025-11-10

• Fix passing key_filename and ssh_command parameters to SSHGitClient. (Saugat Pachhai)

• Relax check to support subclasses of Urllib3HttpGitClient. Fixes regression from 0.24.2 where subclasses of Urllib3HttpGitClient would not receive the config object. (Saugat Pachhai)

• Fix test_concurrent_ref_operations_compatibility test flakiness. (Jelmer Vernooij)

• Fix warnings in test suite. (Jelmer Vernooij)

Commits

• b600696 release 0.24.10
• f15b371 Fix typing
• a5845b8 Fix typing
• bfa630a Run tests in 0.24 branch
• 5e4f1d9 release 0.24.9
• ac39cf1 Update NEWS
• 9a1a715 Fix warnings
• fd1c5fa client: relax check to support subclasses of Urllib3HttpGitClient
• 68d8cb4 fix(docs): add missing hyphen in date format in NEWS
• 1824b6d Add tests to verify client args are passed
• Additional commits viewable in compare view

Updates sentry-sdk from 2.43.0 to 2.44.0

Release notes

Sourced from sentry-sdk's releases.

2.44.0

Various fixes & improvements

• fix(openai): Check response text is present to avoid AttributeError (#5081) by @​alexander-alderman-webb
• fix(pydantic-ai): Do not fail on new ToolManager._call_tool() parameters (#5084) by @​alexander-alderman-webb
• tests(huggingface): Avoid None version (#5083) by @​alexander-alderman-webb
• ci: Pin coverage version for 3.14 Django tests (#5088) by @​alexander-alderman-webb
• chore: X handle update (#5078) by @​cleptric
• fix(openai-agents): add input messages to errored spans as well (#5077) by @​shellmayr
• fix: Add hard limit to log batcher (#5069) by @​alexander-alderman-webb
• fix: Add hard limit to metrics batcher (#5068) by @​alexander-alderman-webb
• fix(integrations): properly handle exceptions in tool calls (#5065) by @​constantinius
• feat: non-experimental before_send_metric option (#5064) by @​alexander-alderman-webb
• feat: non-experimental enable_metrics option (#5056) by @​alexander-alderman-webb
• fix(integrations): properly distinguish between network.transport and mcp.transport (#5063) by @​constantinius
• feat(integrations): add ability to auto-deactivate lower-level integrations based on map (#5052) by @​shellmayr
• Fix NOT_GIVEN check in anthropic (#5058) by @​sl0thentr0py
• ci: 🤖 Update test matrix with new releases (11/03) (#5054) by @​github-actions
• Add external_propagation_context support (#5051) by @​sl0thentr0py
• chore: Remove enable_metrics option (#5046) by @​alexander-alderman-webb
• Allow new integration setup on the instance with config options (#5047) by @​sl0thentr0py
• ci: Run integration tests on Python 3.14t (#4995) by @​alexander-alderman-webb
• docs: Elaborate on Strawberry autodetection in changelog (#5039) by @​sentrivana

Changelog

Sourced from sentry-sdk's changelog.

2.44.0

Various fixes & improvements

• fix(openai): Check response text is present to avoid AttributeError (#5081) by @​alexander-alderman-webb
• fix(pydantic-ai): Do not fail on new ToolManager._call_tool() parameters (#5084) by @​alexander-alderman-webb
• tests(huggingface): Avoid None version (#5083) by @​alexander-alderman-webb
• ci: Pin coverage version for 3.14 Django tests (#5088) by @​alexander-alderman-webb
• chore: X handle update (#5078) by @​cleptric
• fix(openai-agents): add input messages to errored spans as well (#5077) by @​shellmayr
• fix: Add hard limit to log batcher (#5069) by @​alexander-alderman-webb
• fix: Add hard limit to metrics batcher (#5068) by @​alexander-alderman-webb
• fix(integrations): properly handle exceptions in tool calls (#5065) by @​constantinius
• feat: non-experimental before_send_metric option (#5064) by @​alexander-alderman-webb
• feat: non-experimental enable_metrics option (#5056) by @​alexander-alderman-webb
• fix(integrations): properly distinguish between network.transport and mcp.transport (#5063) by @​constantinius
• feat(integrations): add ability to auto-deactivate lower-level integrations based on map (#5052) by @​shellmayr
• Fix NOT_GIVEN check in anthropic (#5058) by @​sl0thentr0py
• ci: 🤖 Update test matrix with new releases (11/03) (#5054) by @​github-actions
• Add external_propagation_context support (#5051) by @​sl0thentr0py
• chore: Remove enable_metrics option (#5046) by @​alexander-alderman-webb
• Allow new integration setup on the instance with config options (#5047) by @​sl0thentr0py
• ci: Run integration tests on Python 3.14t (#4995) by @​alexander-alderman-webb
• docs: Elaborate on Strawberry autodetection in changelog (#5039) by @​sentrivana

Commits

• 137c733 release: 2.44.0
• c747043 fix(openai): Check response text is present to avoid AttributeError (#5081)
• 98fa10a fix(pydantic-ai): Do not fail on new ToolManager._call_tool() parameters (#...
• 720440e tests(huggingface): Avoid None version (#5083)
• 43c16c4 ci: Pin coverage version for 3.14 Django tests (#5088)
• 2f966c6 chore: X handle update (#5078)
• 659bd84 fix(openai-agents): add input messages to errored spans as well (#5077)
• 26391d6 fix: Add hard limit to log batcher (#5069)
• faa327c fix: Add hard limit to metrics batcher (#5068)
• e8d5f1b fix(integrations): properly handle exceptions in tool calls (#5065)
• Additional commits viewable in compare view

Updates xmlsec from 1.3.14 to 1.3.17

Release notes

Sourced from xmlsec's releases.

1.3.17

Release Date: 2025-11-11 Version: 1.3.17

---

Compatibility and Wheel Support

This release provides binary wheels that are fully compatible with lxml v6.0.2. The compatibility is ensured by using the same underlying libxml2 version in both python-xmlsec and lxml.

Because of this strict requirement, the wheels cannot be used with versions of lxml lower than 6.0.2. Mixing versions will lead to runtime errors.

Common Error

If you see the following message:

lxml & xmlsec libxml2 library version mismatch

it indicates that the version of libxml2 used to build lxml does not match the version used to build python-xmlsec.

Recommended Solutions

• Upgrade lxml to v6.0.2, or
• Build both lxml and python-xmlsec manually from source using the same libxml2 version

---

Wheel Build Configuration

Linux and macOS Wheels

These wheels are built against the following versions, which match those used in lxml v6.0.2:

• libxml2 v2.14.6
• libxslt v1.1.43
• xmlsec1 v1.3.9
• zlib v1.3.1
• libiconv v1.18
• openssl v3.6.0

Windows Binary Wheels

The Windows binary wheels were compiled using Visual Studio 2022 and include the following libraries:

• iconv v1.18-1
• libxml2 v2.11.9-3
• libxslt v1.1.39
• openssl v3.0.16.pl1

... (truncated)

Commits

• 8d98ff2 [pre-commit.ci] pre-commit autoupdate (#399)
• 47d4201 Bump xmlsec1 library to v1.3.9 (#398)
• 60a0788 [pre-commit.ci] pre-commit autoupdate (#394)
• 1bb2324 Add support for Python 3.14 (#393)
• c42bf92 [pre-commit.ci] pre-commit autoupdate (#391)
• 47f3e00 [pre-commit.ci] pre-commit autoupdate (#389)
• c8b1b6b Refactor packaging build helpers into dedicated modules (#388)
• a241c56 build riscv64 wheel (#387)
• e88d9ce [pre-commit.ci] pre-commit autoupdate (#386)
• 8d51c09 [pre-commit.ci] pre-commit autoupdate (#385)
• Additional commits viewable in compare view

Updates coverage[toml] from 7.11.2 to 7.11.3

Release notes

Sourced from coverage[toml]'s releases.

7.11.3

Version 7.11.3 — 2025-11-09

• Fix: the 7.11.1 changes meant that conflicts between a requested measurement core and other settings would raise an error. This was a breaking change from previous behavior, as reported in issue 2076 and issue 2078.

  The previous behavior has been restored: when the requested core conflicts with other settings, another core is used instead, and a warning is issued.

• For contributors: the repo has moved from Ned’s nedbat GitHub account to the coveragepy GitHub organization. The default branch has changed from master to main.

➡️  PyPI page: coverage 7.11.3. :arrow_right:  To install: python3 -m pip install coverage==7.11.3

Changelog

Sourced from coverage[toml]'s changelog.

Version 7.11.3 — 2025-11-09

• Fix: the 7.11.1 changes meant that conflicts between a requested measurement core and other settings would raise an error. This was a breaking change from previous behavior, as reported in issue 2076_ and issue 2078_.

  The previous behavior has been restored: when the requested core conflicts with other settings, another core is used instead, and a warning is issued.

• For contributors: the repo has moved from Ned's nedbat GitHub account_ to the coveragepy GitHub organization_. The default branch has changed from master to main.

.. _issue 2076: coveragepy/coveragepy#2076 .. _issue 2078: coveragepy/coveragepy#2078 .. _nedbat GitHub account: https://github.com/nedbat .. _coveragepy GitHub organization: https://github.com/coveragepy

.. _changes_7-11-2:

Commits

• 8bb1230 docs: remove duplicate entry in the changelog
• 06c493c docs: sample HTML for 7.11.3
• 0823a70 docs: prep for 7.11.3
• 8434792 fix: sysmon conflicts no longer cause errors
• 1f21184 chore: bump docker/setup-qemu-action in the action-dependencies group (#2080)
• bd61620 docs: django_coverage_plugin moved
• 1bd73f1 build: nedbat/coverage-reports moved to coveragepy/metacov-reports
• b54131f docs: moved to coveragepy, master->main
• f2d740f build: change more github urls to the coveragepy org
• 776f313 docs: issue and pr references moved to coveragepy org
• Additional commits viewable in compare view

Updates pip-tools from 7.5.1 to 7.5.2

Release notes

Sourced from pip-tools's releases.

v7.5.2

2025-11-11

Bug fixes

• Fixed pip-compile to handle relative path includes which are not subpaths of the current working directory -- by @​sirosen.

  PRs and issues: #2231, #2260

• Using --upgrade-package and dynamically building project metadata no longer causes an AttributeError when pip encounters an error during the build -- by @​Epic_Wink and @​tusharsadhwani.

  PRs and issues: #2258

Features

• Test and declare Python 3.13 support -- by @​jayaddison (for OpenCulinary).

  PRs and issues: #2251

• pip-tools is now compatible with pip 25.3 -- by @​shifqu.

  PRs and issues: #2252, #2253

Packaging updates and notes for downstreams

• pip-tools now supports installation from git archives by providing setuptools-scm with .git_archival.txt data.

  PRs and issues: #2225

Contributor-facing changes

• The change log entry bot has been explicitly configured to stop requiring news fragments in pull requests having the bot:chronographer:skip label set -- by @​sirosen and @​webknjaz.

  It was also set up to reference our change log authoring document from the GitHub Checks pages. And the reported check name is now set to Change log entry.

  PRs and issues: #2201

• The CI is now set up to invoke failed tests again with maximum level of detail -- by @​webknjaz.

  The change is aimed at helping troubleshoot failures that might be difficult to reproduce locally.

  PRs and issues: #2254

• The integration with Codecov has been updated to ensure that reports are uploaded to the service even on failures -- by @​webknjaz.

  GitHub Actions is now configured to also send an explicit notification to Codecov about the completion of previously initiated uploads.

... (truncated)

Changelog

Sourced from pip-tools's changelog.

v7.5.2

2025-11-11

Bug fixes

• Fixed pip-compile to handle relative path includes which are not subpaths of the current working directory -- by {user}sirosen.

  PRs and issues: {issue}2231, {issue}2260

• Using --upgrade-package and dynamically building project metadata no longer causes an {exc}AttributeError when pip encounters an error during the build -- by {user}Epic_Wink and {user}tusharsadhwani.

  PRs and issues: {issue}2258

Features

• Test and declare Python 3.13 support -- by {user}jayaddison (for OpenCulinary).

  PRs and issues: {issue}2251

• pip-tools is now compatible with pip 25.3 -- by {user}shifqu.

  PRs and issues: {issue}2252, {issue}2253

Packaging updates and notes for downstreams

• pip-tools now supports installation from git archives by providing setuptools-scm with .git_archival.txt data.

  PRs and issues: {issue}2225

Contributor-facing changes

• The change log entry bot has been explicitly configured to stop requiring news fragments in pull requests having the bot:chronographer:skip label set -- by {user}sirosen and {user}webknjaz.

  It was also set up to reference our change log authoring document from the GitHub Checks pages. And the reported check name is now set to Change log entry.

  PRs and issues: {issue}2201

• The CI is now set up to invoke failed tests again with maximum level of detail -- by {user}webknjaz.

... (truncated)

Commits

• eb9606f Merge pull request #2270 from sirosen/release-7.5.2
• 2cbb933 Update changelog for version 7.5.2
• d33539c Merge pull request #2253 from shifqu/fix/remove-opt-pep517
• 43e1159 Apply suggestions from code review
• b7e8f9b changelog: add news fragment for towncrier
• 88f2761 tests: lower required coverage for py38 to 98%
• 608c47b feat: add deprecation warnings in cli and sync
• 43952fc tests: ensure tox pipsupported uses pip 25.3
• bfa96b5 tests: provide minimal_wheels_path as a fixture
• 10a4b44 fix: remove deprecated options from resolver and install_requirement
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[netlify]

✅ Deploy Preview for inventree-web-pui-preview canceled.

Name	Link
🔨 Latest commit	88cae9b
🔍 Latest deploy log	https://app.netlify.com/projects/inventree-web-pui-preview/deploys/69189b1340aa560008c0fb9c

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 88.02%. Comparing base (aa9958b) to head (88cae9b).
⚠️ Report is 1 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master   #10838   +/-   ##
=======================================
  Coverage   88.02%   88.02%           
=======================================
  Files        1281     1281           
  Lines       57567    57567           
  Branches     1997     1997           
=======================================
  Hits        50674    50674           
  Misses       6396     6396           
  Partials      497      497           

Flag	Coverage Δ
backend	89.64% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
Backend Apps	91.98% <ø> (ø)
Backend General	93.67% <ø> (ø)
Frontend	70.41% <ø> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[matmair]

@dependabot unignore django-dbbackup

[dependabot]

OK, I will stop ignoring the django-dbbackup dependency.

[matmair]

@dependabot unignore django-dbbackup
@dependabot unignore react-window
@dependabot unignore vite
@dependabot unignore react-grid-layout
@dependabot unignore react-router-dom
@dependabot unignore react
@dependabot unignore react-dom
@dependabot unignore vite-plugin-istanbul
@dependabot unignore zustand
@dependabot unignore @types/react
@dependabot unignore @types/react-dom
@dependabot unignore djangorestframework
@dependabot unignore sqren/backport-github-action
@dependabot unignore django-import-export
@dependabot unignore coveralls
@dependabot unignore django
@dependabot unignore pint
@dependabot unignore django-money

[dependabot]

No dependency name (django-dbbackup) or ignore conditions found to unignore.

[matmair]

https://github.com/dependabot unignore react-window

[dependabot]

No dependency name (react-window) or ignore conditions found to unignore.

[matmair]

https://github.com/dependabot unignore vite

[dependabot]

No dependency name (vite) or ignore conditions found to unignore.

[matmair]

https://github.com/dependabot unignore djangorestframework

[dependabot]

No dependency name (djangorestframework) or ignore conditions found to unignore.