Bump matplotlib from 3.10.8 to 3.10.9

[dependabot]

Bumps matplotlib from 3.10.8 to 3.10.9.

Release notes

Sourced from matplotlib's releases.

v3.10.9

This is a micro release of the v3.10.x series. Highlights of this release include:

• Various minor bug and doc fixes
• Security hardening validation of cyclers - Removing eval usage
• Security hardening in Latex and PS calls - Removing shell escapes

Commits

• dd8d78b REL: v3.10.9
• 2fb1891 REL: Release prep v3.10.9
• d0e923a Merge branch 'v3.10.8-doc' into v3.10.x
• 1637932 Merge pull request #31558 from meeseeksmachine/auto-backport-of-pr-31556-on-v...
• a83faac Backport PR #31556: FIX: Inverted PyErr_Occurred check in enum type caster (_...
• a4f57ab Merge pull request #31545 from ksunden/backport-of-pr-31282-on-v3.10.x
• 063288d Merge pull request #31544 from ksunden/backport-of-pr-31248-on-v3.10.x
• b2ed196 Backport PR #31248: SEC: Remove eval() from validate_cycler
• acc6024 Merge pull request #31282 from scottshambaugh/tex_no_shell
• e3fb541 Merge pull request #31078 from meeseeksmachine/auto-backport-of-pr-31075-on-v...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Greptile Summary

This PR bumps the pinned matplotlib dependency from 3.10.8 to 3.10.9, a micro release within the same minor version series. The 3.10.9 release includes minor bug/doc fixes and two security hardening changes: removal of eval() from cycler validation and removal of shell escapes from LaTeX/PS calls.

• pyproject.toml: Single version string change (matplotlib==3.10.8 → matplotlib==3.10.9). No other dependencies or configuration are affected.
• The update is backwards-compatible within the 3.10.x series, and the security fixes make it a desirable upgrade over the previous pin.

Confidence Score: 5/5

Safe to merge — this is a single version string update to a patch-level release of matplotlib with no breaking changes expected.

The change is a one-line patch-version pin bump within the same minor series. The 3.10.9 release is a security-hardening micro release with no API changes, making it a straightforward and low-risk update.

No files require special attention.

Important Files Changed

Filename	Overview
pyproject.toml	Bumps the pinned matplotlib dependency from 3.10.8 to 3.10.9 (micro/patch release with bug fixes and security hardening).

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[pyproject.toml] --> B[matplotlib dependency]
    B --> C{Version Pin}
    C --> |Before| D["matplotlib==3.10.8"]
    C --> |After| E["matplotlib==3.10.9"]
    E --> F[Bug fixes]
    E --> G[Security: remove eval from cycler]
    E --> H[Security: remove shell escapes in LaTeX/PS]

Loading

_{Reviews (1): Last reviewed commit: "Bump matplotlib from 3.10.8 to 3.10.9" | Re-trigger Greptile}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 74.82%. Comparing base (4b110af) to head (ace63d0).

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #727   +/-   ##
=======================================
  Coverage   74.82%   74.82%           
=======================================
  Files          56       56           
  Lines        8095     8095           
  Branches     1577     1577           
=======================================
  Hits         6057     6057           
  Misses       1422     1422           
  Partials      616      616           

Flag	Coverage Δ
3.10	74.79% <ø> (ø)
3.11	74.79% <ø> (ø)
3.12	74.79% <ø> (ø)
3.13	74.79% <ø> (ø)
macos-latest	74.74% <ø> (ø)
ubuntu-latest	74.74% <ø> (ø)
windows-latest	74.76% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[waltsims]

LGTM, dependency patch bump with green CI.