chore(deps): bump the python-packages group with 8 updates

[dependabot]

Updates the requirements on irc3, beautifulsoup4, requests, isodate, cryptography, tekore, dateparser and redis to permit the latest version.
Updates irc3 to 1.1.10

Changelog

Sourced from irc3's changelog.

1.1.10 (2023-04-17)

• fix shell_command plugin

1.1.9 (2023-02-27)

• drop support for python 3.5

• python 3.11 compat

1.1.8 (2022-07-17)

• Allow comma-separated chans in server userlist JOIN

• python 3.10 compat

• improve feeds plugin

1.1.7 (2021-02-13)

• Add sqlite storage.

• Escape string that are interpolated into the regular expressions.

1.1.6 (2020-05-13)

• Allow to overrides config values via os.environ.

1.1.5 (2020-01-18)

• Allow to use irc3.rfc.* as iotype='out'

• Use more pop in userlist to avoid bug when a weird event occurs

1.1.4 (2019-11-22)

• Use pop in userlist to avoid bug when a weird event occurs

... (truncated)

Commits

• fb5fc93 Preparing release 1.1.10
• 6698bbb changes
• e8f8e90 do not log output
• b649856 return lines to show command output to user. fix #205
• baf8074 Back to development: 1.1.10
• 21e38bc Preparing release 1.1.9
• 2f523dd always use loop.create_task
• cf08358 use loop.create_future()
• 6f86103 back to venusian release
• 4e5d88c metadata
• Additional commits viewable in compare view

Updates beautifulsoup4 to 4.14.3

Updates requests to 2.33.1

Release notes

Sourced from requests's releases.

v2.33.1

2.33.1 (2026-03-30)

Bugfixes

• Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
• Fixed Content-Type header parsing for malformed values. (#7309)
• Improved error consistency for malformed header values. (#7308)

New Contributors

• @​ferdnyc made their first contribution in psf/requests#7277

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2331-2026-03-30

Changelog

Sourced from requests's changelog.

2.33.1 (2026-03-30)

Bugfixes

• Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
• Fixed Content-Type header parsing for malformed values. (#7309)
• Improved error consistency for malformed header values. (#7308)

2.33.0 (2026-03-25)

Announcements

• 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

• CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

• Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

• Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

• Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

• Various typo fixes and doc improvements.

2.32.5 (2025-08-18)

Bugfixes

• The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

• Added support for Python 3.14.

... (truncated)

Commits

• 111d2b7 v2.33.1
• f0198e6 Fix malformed value parsing for Content-Type (#7309)
• bc7dd0f Fix cosmetic header validity parsing regex (#7308)
• 4443b1a Fix unintended test extra (#7306)
• 389eea5 Cleanup extracted file after extract_zipped_path test (#7305)
• 7407309 Packaging: DRY out extras definition (#7277)
• bc04dfd v2.33.0
• 66d21cb Merge commit from fork
• 8b9bc8f Move badges to top of README (#7293)
• e331a28 Remove unused extraction call (#7292)
• Additional commits viewable in compare view

Updates isodate to 0.7.2

Changelog

Sourced from isodate's changelog.

0.7.2 (2024-10-08)

• drop end of life python versions
• Don't match garbage characters at the end of parsed strings #16 (Gabriel de Perthuis)

Potentially breaking changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Fractional seconds are cut off to microseconds (always round down)
• Allow control over return type of parse_duration #64 (Felix Claessen)
• Python >= 3.7 required

0.6.1 (2021-12-13)

• support python 3.10 (Hugo van Kemenade)
• last version to support py 2.7

0.6.0 (2017-10-13)

• support incomplete month date (Fabien Loffredo)
• rely on duck typing when doing duration maths
• support ':' as separator in fractional time zones (usrenmae)

0.5.4 (2015-08-06)

• Fix parsing of Periods (Fabien Bochu)
• Make Duration objects hashable (Geoffrey Fairchild)
• Add multiplication to duration (Reinoud Elhorst)

0.5.1 (2014-11-07)

• fixed pickling of Duration objects
• raise ISO8601Error when there is no 'T' separator in datetime strings (Adrian Coveney)

0.5.0 (2014-02-23)

• ISO8601Error are subclasses of ValueError now (Michael Hrivnak)
• improve compatibility across various python variants and versions

... (truncated)

Commits

• 4408b60 update changelog, release 0.7.2 (0.7.x so missed python version requirements ...
• 31ff767 restrict to python>=3.7
• See full diff in compare view

Updates cryptography to 47.0.0

Changelog

Sourced from cryptography's changelog.

47.0.0 - 2026-04-24

* Support for Python 3.8 is deprecated and will be removed in the next
  ``cryptography`` release.
* **BACKWARDS INCOMPATIBLE:** Support for binary elliptic curves
  (``SECT*`` classes) has been removed. These curves are rarely used and
  have additional security considerations that make them undesirable.
* **BACKWARDS INCOMPATIBLE:** Support for OpenSSL 1.1.x has been removed.
  OpenSSL 3.0.0 or later is now required. LibreSSL, BoringSSL, and AWS-LC
  continue to be supported.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 4.1.
* **BACKWARDS INCOMPATIBLE:** Loading keys with unsupported algorithms or
  keys with unsupported explicit curve encodings now raises
  :class:`~cryptography.exceptions.UnsupportedAlgorithm` instead of
  ``ValueError``. This change affects
  :func:`~cryptography.hazmat.primitives.serialization.load_pem_private_key`,
  :func:`~cryptography.hazmat.primitives.serialization.load_der_private_key`,
  :func:`~cryptography.hazmat.primitives.serialization.load_pem_public_key`,
  :func:`~cryptography.hazmat.primitives.serialization.load_der_public_key`,
  and :meth:`~cryptography.x509.Certificate.public_key` when called on
  certificates with unsupported public key algorithms.
* **BACKWARDS INCOMPATIBLE:** When parsing elliptic curve private keys, we now
  reject keys that incorrectly encode a private key of the wrong length because
  such keys are impossible to process in a constant-time manner. We do not
  believe keys with this problem are in wide use, however we may revert this
  change based on the feedback we receive.
* Deprecated passing 64-bit (8-byte) and 128-bit (16-byte) keys to
  :class:`~cryptography.hazmat.decrepit.ciphers.algorithms.TripleDES`. In a
  future release, only 192-bit (24-byte) keys will be accepted. Users should
  expand shorter keys themselves (e.g., for single DES: ``key + key + key``,
  for two-key: ``key + key[:8]``).
* Updated the minimum supported Rust version (MSRV) to 1.83.0, from 1.74.0.
* Support for ``x86_64`` macOS (including publishing wheels) is deprecated
  and will be removed in the next release. We will switch to publishing an
  ``arm64`` only wheel for macOS.
* Support for 32-bit Windows (including publishing wheels) is deprecated
  and will be removed in the next release. Users should move to a 64-bit
  Python installation.
* ``public_bytes`` and ``private_bytes`` methods on keys now raise
  ``TypeError`` (instead of ``ValueError``) if an invalid encoding is provided
  for the given ``format``.
* Moved :class:`~cryptography.hazmat.decrepit.ciphers.modes.CFB`,
  :class:`~cryptography.hazmat.decrepit.ciphers.modes.OFB`, and
  :class:`~cryptography.hazmat.decrepit.ciphers.modes.CFB8` into
  :doc:`/hazmat/decrepit/index` and deprecated them in the ``modes`` module.
  They will be removed from the ``modes`` module in 49.0.0.
* Moved :class:`~cryptography.hazmat.primitives.ciphers.algorithms.Camellia`
  into  :doc:`/hazmat/decrepit/index` and deprecated it in the ``cipher`` module.
  It will be removed from the ``cipher`` module in 49.0.0.
</tr></table> 

... (truncated)

Commits

• 59c5f5e bump for 47.0.0 release (#14730)
• 9025578 Add MLKEM1024-P384 hybrid KEM support in HPKE (#14722)
• ef66de4 Recommend Argon2id over PBKDF2HMAC as KDF (#14724)
• d996a37 Add ubuntu-resolute to CI workflow (#14729)
• e86da41 chore(deps): bump libc from 0.2.185 to 0.2.186 (#14725)
• 1c33c9a Bump downstream dependencies in CI (#14728)
• 67fb6be Bump x509-limbo and/or wycheproof in CI (#14727)
• 6cb20b3 Bump BoringSSL, OpenSSL, AWS-LC in CI (#14726)
• d6f372d Update supported OpenSSL versions in installation docs (#14721)
• ebd2619 openssl 3.3 is out of upstream support (#14720)
• Additional commits viewable in compare view

Updates tekore to 6.1.1

Commits

• See full diff in compare view

Updates dateparser to 1.4.0

Release notes

Sourced from dateparser's releases.

1.4.0

Security fixes:

• Remove import-time loading of timezone offset data from pickle to prevent unsafe deserialization from packaged data
• Replace eval() use when parsing no_word_spacing with strict boolean parsing to prevent code execution from locale metadata (#1056)

New features:

• Add support for expressions like "N {interval} from now" in English (#1271)
• Add support for the en-US locale (#1222)

Fixes:

• Honor REQUIRE_PARTS for ambiguous month-number inputs by retrying with a year-biased DATE_ORDER (#1298)
• Fix parsing word-number relative phrases such as "two days later" (#1316)
• Allow md5hash to work in FIPS environments (#1267)

Improvements:

• Add Bosnian Cyrillic (ijekavica) date translations (#1293)
• Add a new browser-based demo to the project documentation (#1306)
• Update installation documentation to replace setup.py install guidance (#1310)
• Add a project security policy (#1318)

Changelog

Sourced from dateparser's changelog.

1.4.0 (2026-03-26)

Security fixes:

• Remove import-time loading of timezone offset data from pickle to prevent unsafe deserialization from packaged data
• Replace eval() use when parsing no_word_spacing with strict boolean parsing to prevent code execution from locale metadata (#1056)

New features:

• Add support for expressions like "N {interval} from now" in English (#1271)
• Add support for the en-US locale (#1222)

Fixes:

• Honor REQUIRE_PARTS for ambiguous month-number inputs by retrying with a year-biased DATE_ORDER (#1298)
• Fix parsing word-number relative phrases such as "two days later" (#1316)
• Allow md5hash to work in FIPS environments (#1267)

Improvements:

• Add Bosnian Cyrillic (ijekavica) date translations (#1293)
• Add a new browser-based demo to the project documentation (#1306)
• Update installation documentation to replace setup.py install guidance (#1310)
• Add a project security policy (#1318)

1.3.0 (2026-02-04)

Dropped Python 3.9 support. (#1296)

New features:

• search_dates() can now detect time spans from expressions like “past month”, “last week”, etc. For details, see the “Time Span Detection” section and the RETURN_TIME_SPAN, DEFAULT_START_OF_WEEK and DEFAULT_DAYS_IN_MONTH settings in the documentation. (#1284)

Fixes:

• Assume the current year if not specified (#1288)
• Support expressions like “yesterday +1h” (#1303)
• English: Support most 2-letter day-of-the-week names (#1214)
• English: Support “in N weeks' time” (#1283)
• Finnish: Support dates with “klo” (#1301)
• Russian: Support compound ordinals (#1280)

... (truncated)

Commits

• 60b8a75 Bump version: 1.3.0 → 1.4.0
• d405657 1.4.0 release notes and fixes (#1319)
• 7a3113e Add the en-US locale (#1222)
• 62710c0 Add a security policy (#1318)
• 341d308 Fix deployment
• 5add61c Use official publish GitHub action in CI (#1309)
• e22e62e Fix word-number phrases parsing (e.g., 'two days later') (#1316)
• 8cdcf80 Make logo more translucent (#1312)
• e0939ec Replace 'setup.py install' (#1310)
• cd5f226 Honor REQUIRE_PARTS for ambiguous month-number inputs by retrying year-bias...
• Additional commits viewable in compare view

Updates redis to 7.4.0

Release notes

Sourced from redis's releases.

7.4.0

Changes

🐛 Bug Fixes

• Fix AttributeError in cluster metrics recording when connection is None or ClusterNode object instance is used to extract the connection info (#3999)
• Fixing security concern in repr methods for ConnectionPools - passwords might leak in plain text logs (#3998)
• Refactored connection count and SCH metric collection (#4001)

🧪 Experimental Features

-Refactored health check logic for MultiDBClient (#3994)

🧰 Maintenance

• Expose basic Otel classes and functions to be importable through redis.observability to match the examples in the readthedocs (#3996)

We'd like to thank all the contributors who worked on this release! @​vladvildanov @​petyaslavova

Commits

• b72f24a Updating lib version to 7.4.0
• 0a4e0af Refactored health check logic for MultiDBClient (#3994)
• 15492c9 Refactored connection count and SCH metric collection (#4001)
• cd964ac Expose basic Otel classes and funtions to be importable through redis.observa...
• 46ab74d Fixing security concern in repr methods for ConnectionPools - passwords m...
• 26482db Fix AttributeError in cluster metrics recording when connection is None or Cl...
• 8ecbc7a Updating lib version to 7.3.0
• 11043df typing: accept single-key input for blpop and brpop (#3990)
• d958125 fix: use KeysT for blpop and brpop keys parameter type annotation (#3987)
• 75bf91b [async] Adding access to cluster client's nodes_manager and set_response_call...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions