Bump the production-dependencies group with 6 updates

[dependabot]

Bumps the production-dependencies group with 6 updates:

Package	From	To
cachetools	6.1.0	6.2.1
click	8.2.1	8.3.0
numpy	2.3.2	2.3.4
scipy	1.16.1	1.16.3
shapely	2.1.1	2.1.2
tomli	2.2.1	2.3.0

Updates cachetools from 6.1.0 to 6.2.1

Changelog

Sourced from cachetools's changelog.

v6.2.1 (2025-10-12)

• Add support for Python 3.14.

• Improve documentation.

• Update CI environment.

v6.2.0 (2025-08-25)

• Improve general RRCache performance by storing cache keys in an additional sequence container. Note that this will increase memory consumption.

• Add more unit tests.

Commits

• ca7508f Release v6.2.1.
• f719307 Fix #339: Improve documentation regarding funtion default arguments.
• b32d00b Fix typos.
• a9a7e2c Move extended @​ttl_cache docs to proper place.
• 072b7e1 docs: clarify what units the ttl argument uses (i.e., seconds)
• b620ef9 Add support for Python 3.14.
• 8d7b64f Bump actions/checkout from 4.2.2 to 5.0.0
• feb17ff Bump codecov/codecov-action from 5.4.3 to 5.5.1
• 22c1652 Bump actions/setup-python from 5.6.0 to 6.0.0
• 4a238ad Release v6.2.0.
• Additional commits viewable in compare view

Updates click from 8.2.1 to 8.3.0

Release notes

Sourced from click's releases.

8.3.0

This is the Click 8.3.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.

We encourage everyone to upgrade. You can read more about our Version Support Policy on our website.

PyPI: https://pypi.org/project/click/8.3.0/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-0 Milestone https://github.com/pallets/click/milestone/27

• Improved flag option handling: Reworked the relationship between flag_value and default parameters for better consistency:

  • The default parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)
  • Exception: flag options with default=True maintain backward compatibility by defaulting to their flag_value
  • The default parameter can now be any type (bool, None, etc.)
  • Fixes inconsistencies reported in: #1992 #2514 #2610 #3024 #3030

• Allow default to be set on Argument for nargs = -1. #2164 #3030

• Show correct auto complete value for nargs option in combination with flag option #2813

• Show correct auto complete value for nargs option in combination with flag option #2813

• Fix handling of quoted and escaped parameters in Fish autocompletion. #2995 #3013

• Lazily import shutil. #3023

• Properly forward exception information to resources registered with click.core.Context.with_resource(). #2447 #3058

• Fix regression related to EOF handling in CliRunner. #2939 #2940

8.2.2

This is the Click 8.2.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.2.2/ Changes: https://click.palletsprojects.com/page/changes/#version-8-2-2 Milestone: https://github.com/pallets/click/milestone/25

• Fix reconciliation of default, flag_value and type parameters for flag options, as well as parsing and normalization of environment variables. #2952 #2956
• Fix typing issue in BadParameter and MissingParameter exceptions for the parameter param_hint that did not allow for a sequence of string where the underlying functino _join_param_hints allows for it. #2777 #2990
• Use the value of Enum choices to render their default value in help screen. #2911 #3004
• Fix completion for the Z shell (zsh) for completion items containing colons. #2703 #2846
• Don't include envvar in error hint when not configured. #2971 #2972

... (truncated)

Changelog

Sourced from click's changelog.

Version 8.3.0

Released 2025-09-17

• Improved flag option handling: Reworked the relationship between flag_value and default parameters for better consistency:

  • The default parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)
  • Exception: flag options with default=True maintain backward compatibility by defaulting to their flag_value
  • The default parameter can now be any type (bool, None, etc.)
  • Fixes inconsistencies reported in: :issue:1992 :issue:2514 :issue:2610 :issue:3024 :pr:3030

• Allow default to be set on Argument for nargs = -1. :issue:2164 :pr:3030

• Show correct auto complete value for nargs option in combination with flag option :issue:2813

• Fix handling of quoted and escaped parameters in Fish autocompletion. :issue:2995 :pr:3013

• Lazily import shutil. :pr:3023

• Properly forward exception information to resources registered with click.core.Context.with_resource(). :issue:2447 :pr:3058

• Fix regression related to EOF handling in CliRunner. :issue:2939 :pr:2940

Version 8.2.2

Released 2025-07-31

• Fix reconciliation of default, flag_value and type parameters for flag options, as well as parsing and normalization of environment variables. :issue:2952 :pr:2956
• Fix typing issue in BadParameter and MissingParameter exceptions for the parameter param_hint that did not allow for a sequence of string where the underlying function _join_param_hints allows for it. :issue:2777 :pr:2990
• Use the value of Enum choices to render their default value in help screen. Refs :issue:2911 :pr:3004
• Fix completion for the Z shell (zsh) for completion items containing colons. :issue:2703 :pr:2846
• Don't include envvar in error hint when not configured. :issue:2971 :pr:2972
• Fix a rare race in click.testing.StreamMixer's finalization that manifested as a ValueError on close in a multi-threaded test session. :issue:2993 :pr:2991

Commits

• 00fadb8 Release version 8.3.0
• 2a0e3ba testing/CliRunner: Fix regression related to EOF introduced in 262bdf0 (#2940)
• e11a1ef Merge branch 'main' into fix-cli-runner-prompt-eof-handling
• 36deba8 Forward exception information to resources registered in a context (#3058)
• f2cae7a #2447 Add summary of PR to changelog for 8.3.x
• 7c7ec36 #2447 Split resource exception handling tests in single and nested
• 92129c5 #2447 Added exception forwarding to context tests
• 555fa9b #2447 Forward exception data to exit stack when calling __exit__
• 16fe802 Add more tests on Enum rendering (#3053)
• d36de6f Add more tests on Enum rendering their item's names and not values
• Additional commits viewable in compare view

Updates numpy from 2.3.2 to 2.3.4

Release notes

Sourced from numpy's releases.

v2.3.4 (Oct 15, 2025)

NumPy 2.3.4 Release Notes

The NumPy 2.3.4 release is a patch release split between a number of maintenance updates and bug fixes. This release supports Python versions 3.11-3.14. This release is based on Python 3.14.0 final.

Changes

The npymath and npyrandom libraries now have a .lib rather than a .a file extension on win-arm64, for compatibility for building with MSVC and setuptools. Please note that using these static libraries is discouraged and for existing projects using it, it's best to use it with a matching compiler toolchain, which is clang-cl on Windows on Arm.

(gh-29750)

Contributors

A total of 17 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• !DWesl
• Charles Harris
• Christian Barbia +
• Evgeni Burovski
• Joren Hammudoglu
• Maaz +
• Mateusz Sokół
• Matti Picus
• Nathan Goldbaum
• Ralf Gommers
• Riku Sakamoto +
• Sandeep Gupta +
• Sayed Awad
• Sebastian Berg
• Sergey Fedorov +
• Warren Weckesser
• dependabot[bot]

Pull requests merged

A total of 30 pull requests were merged for this release.

• #29725: MAINT: Prepare 2.3.x for further development
• #29781: MAINT: Pin some upstream dependences
• #29782: BLD: enable x86-simd-sort to build on KNL with -mavx512f
• #29783: BUG: Include python-including headers first (#29281)
• #29784: TYP: fix np.number and np.*integer method declaration
• #29785: TYP: mypy 1.18.1

... (truncated)

Commits

• 1458b9e REL: Prepare for the NumPy 2.3.4 release (#29955)
• 7583bed Merge pull request #29950 from charris/backport-29885
• 3186751 Merge pull request #29949 from charris/backport-29948
• 7fd2ad9 STY: rename @classmethod arg to cls
• fe8447d MAINT: Simplify string arena growth strategy (#29885)
• a90f073 Merge pull request #29940 from charris/backport-29937
• 55d91ab MAINT: Bump pypa/cibuildwheel from 3.1.4 to 3.2.1
• e2f0383 Merge pull request #29926 from charris/backport-29609
• b427e83 BUG: fix negative samples generated by Wald distribution (#29609)
• 36363d6 Merge pull request #29922 from charris/backport-29914
• Additional commits viewable in compare view

Updates scipy from 1.16.1 to 1.16.3

Release notes

Sourced from scipy's releases.

SciPy 1.16.3 Release Notes

SciPy 1.16.3 is a bug-fix release with no new features compared to 1.16.2.

Authors

• Name (commits)
• ChrisAB (1) +
• Lucas Colley (1)
• Ralf Gommers (3)
• Matt Haberland (8)
• Nick ODell (2)
• Ilhan Polat (1)
• Tyler Reddy (28)
• Lucas Roberts (2)

A total of 8 people contributed to this release. People with a "+" by their names contributed a patch for the first time. This list of names is automatically generated, and may not be fully complete.

The full issue and pull request lists, and the release asset hashes are available in the associated README.txt file.

SciPy 1.16.2 Release Notes

SciPy 1.16.2 is a bug-fix release with no new features compared to 1.16.1. This is the first stable release of SciPy to provide Windows on ARM wheels on PyPI.

Authors

• Name (commits)
• Dietrich Brunn (1)
• Ralf Gommers (6)
• Adam Jones (1)
• Gleb Khmyznikov (1) +
• Jost Migenda (1) +
• newyork_loki (1)
• Nick ODell (3)
• Dimitri Papadopoulos Orfanos (1)
• Ilhan Polat (2)
• Tyler Reddy (26)
• Mugunthan Selvanayagam (1) +
• Shuhei Watanabe (1) +

A total of 12 people contributed to this release.

... (truncated)

Commits

• b9105cc REL: 1.16.3 rel commit [wheel build]
• 4b7699c Merge pull request #23805 from tylerjereddy/treddy_backports_1.16.3
• 874b75b MAINT: PR 23805 wheel builds [wheel build]
• de06a58 DOC: PR 23805 revisions
• f642304 TST: linalg.svd: skip on 32-bit due to limited memory
• df47908 CI: PR 23805 revisions
• f584063 TST: stats.boxcox_llf: bump test tolerance for Accelerate (#23864)
• fc60b2f DOC: PR 23805 revisions
• 0dd12ec BLD: stats.multivariate_normal: silence pythran build warning
• d3b1e62 Revert "BLD: stats.multivariate_normal: suppress pythran build warning"
• Additional commits viewable in compare view

Updates shapely from 2.1.1 to 2.1.2

Release notes

Sourced from shapely's releases.

2.1.2

Wheels are available for Python 3.14 (and still include GEOS 3.13.1).

Changelog

Sourced from shapely's changelog.

2.1.2 (2025-09-24)

Wheels are available for Python 3.14 (and still include GEOS 3.13.1).

Commits

• 5fb639d RLS: 2.1.2
• 70509a1 DOC/RLS: indicate Python 3.14 support in pyproject.toml and release notes for...
• 5c572b6 CI: add testing with GEOS 3.14 and Python 3.14 (#2330)
• a909333 Bump pypa/cibuildwheel from 3.1.3 to 3.2.0 (#2328)
• 2086d44 Bump actions/setup-python from 5 to 6 (#2326)
• 50c1cf3 Bump actions/download-artifact from 4 to 5 (#2321)
• 39490ab TST: update test_coverage_union_overlapping_inputs for upstream GEOS change (...
• 5ef437c Bump actions/checkout from 4 to 5 (#2320)
• 7b5ff3d BLD: add Python 3.14 wheels [Bump pypa/cibuildwheel from 3.0.1 to 3.1.3] (#2316)
• 480dbb1 TST: update frechet_distance densify test for latest GEOS main (densify>0.001...
• Additional commits viewable in compare view

Updates tomli from 2.2.1 to 2.3.0

Changelog

Sourced from tomli's changelog.

2.3.0

• Added
  • Binary wheels for Python 3.14 (also free-threaded)
• Performance
  • Reduced import time

Commits

• 3fccd16 Bump version: 2.2.1 → 2.3.0
• 6504016 Add 2.3.0 changelog
• 0bc66fc Remove now off-by-default PyPy from cibuildwheel skip list
• 0aa242f Update license metadata to appease PEP 639
• a18221e Bump GitHub CI actions
• 6fa4d90 [pre-commit.ci] pre-commit autoupdate (#260)
• b974fa1 [pre-commit.ci] pre-commit autoupdate (#248)
• f574f36 Update mypy to 1.15 and use --strict mode (#257)
• 1da01ef Reduce import time by removing typing import (#251)
• 4188188 Reduce import time by removing string and tomli._types imports
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[abey79]

@dependabot rebase

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud