From 299fc5286f9d5cc6ac0df6b27b05a4ed5658e674 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 28 Apr 2025 11:28:28 +0000
Subject: [PATCH 1/4] Bump pip from 25.0.1 to 25.1 (#10799)

Bumps [pip](https://github.com/pypa/pip) from 25.0.1 to 25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](https://github.com/pypa/pip/issues/12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](https://github.com/pypa/pip/issues/13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](https://github.com/pypa/pip/issues/13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](https://github.com/pypa/pip/issues/13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](https://github.com/pypa/pip/issues/13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](https://github.com/pypa/pip/issues/12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](https://github.com/pypa/pip/issues/12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](https://github.com/pypa/pip/issues/12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](https://github.com/pypa/pip/issues/12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](https://github.com/pypa/pip/issues/12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](https://github.com/pypa/pip/issues/12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](https://github.com/pypa/pip/issues/13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](https://github.com/pypa/pip/issues/13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](https://github.com/pypa/pip/issues/13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](https://github.com/pypa/pip/issues/13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](https://github.com/pypa/pip/issues/13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](https://github.com/pypa/pip/issues/13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](https://github.com/pypa/pip/issues/13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](https://github.com/pypa/pip/issues/13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](https://github.com/pypa/pip/issues/13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](https://github.com/pypa/pip/issues/5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/constraints.txt | 2 +-
 requirements/dev.txt         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index 6561e817cbe..6724787d3f6 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -294,7 +294,7 @@ zlib-ng==0.5.1
     #   -r requirements/test.in
 
 # The following packages are considered to be unsafe in a requirements file:
-pip==25.0.1
+pip==25.1
     # via pip-tools
 setuptools==79.0.0
     # via
diff --git a/requirements/dev.txt b/requirements/dev.txt
index c38430fa80d..b5b8ca3241f 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -285,7 +285,7 @@ zlib-ng==0.5.1
     #   -r requirements/test.in
 
 # The following packages are considered to be unsafe in a requirements file:
-pip==25.0.1
+pip==25.1
     # via pip-tools
 setuptools==79.0.0
     # via

From e7c0c2d62a726575fd4dfc9ba3859a6eda007677 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 28 Apr 2025 11:43:01 +0000
Subject: [PATCH 2/4] Bump certifi from 2025.1.31 to 2025.4.26 (#10801)

Bumps [certifi](https://github.com/certifi/python-certifi) from
2025.1.31 to 2025.4.26.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/certifi/python-certifi/commit/275c9eb55733a464589c15fb4566fddd4598e5b2"><code>275c9eb</code></a>
2025.04.26 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/347">#347</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/37883310b51e56570919cdc2d44becc1c6940559"><code>3788331</code></a>
Bump actions/setup-python from 5.4.0 to 5.5.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/346">#346</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/9d1f1b782000baedf57026de5b79e193bcb7ef7b"><code>9d1f1b7</code></a>
Bump actions/download-artifact from 4.1.9 to 4.2.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/344">#344</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/96b97a5afe26bc1adef98cb0bfe68e34948a73b6"><code>96b97a5</code></a>
Bump actions/upload-artifact from 4.6.1 to 4.6.2 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/343">#343</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/c054ed3ac3d3505efc929b71cfd87a257bbdb6b3"><code>c054ed3</code></a>
Bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/342">#342</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/44547fc77121b12bb276b44b3b2b49cfcbeac06f"><code>44547fc</code></a>
Bump actions/download-artifact from 4.1.8 to 4.1.9 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/341">#341</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/5ea51247afecf1bf4ebfa8f2db3082e89a8bfaed"><code>5ea5124</code></a>
Bump actions/upload-artifact from 4.6.0 to 4.6.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/340">#340</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/2f142b7ae0b2d13fee4ba4b9fbd73a9cd5069060"><code>2f142b7</code></a>
Bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/339">#339</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/80d2ebdc77d2d005f408f789fe2fb1fe5f4e0265"><code>80d2ebd</code></a>
Bump actions/setup-python from 5.3.0 to 5.4.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/337">#337</a>)</li>
<li>See full diff in <a
href="https://github.com/certifi/python-certifi/compare/2025.01.31...2025.04.26">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=certifi&package-manager=pip&previous-version=2025.1.31&new-version=2025.4.26)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/constraints.txt  | 2 +-
 requirements/dev.txt          | 2 +-
 requirements/doc-spelling.txt | 2 +-
 requirements/doc.txt          | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index 6724787d3f6..7a0e89daca0 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -32,7 +32,7 @@ brotli==1.1.0 ; platform_python_implementation == "CPython"
     # via -r requirements/runtime-deps.in
 build==1.2.2.post1
     # via pip-tools
-certifi==2025.1.31
+certifi==2025.4.26
     # via requests
 cffi==1.17.1
     # via
diff --git a/requirements/dev.txt b/requirements/dev.txt
index b5b8ca3241f..e2bd1f98169 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -32,7 +32,7 @@ brotli==1.1.0 ; platform_python_implementation == "CPython"
     # via -r requirements/runtime-deps.in
 build==1.2.2.post1
     # via pip-tools
-certifi==2025.1.31
+certifi==2025.4.26
     # via requests
 cffi==1.17.1
     # via
diff --git a/requirements/doc-spelling.txt b/requirements/doc-spelling.txt
index 041d58dab57..b43b170ff4a 100644
--- a/requirements/doc-spelling.txt
+++ b/requirements/doc-spelling.txt
@@ -10,7 +10,7 @@ alabaster==1.0.0
     # via sphinx
 babel==2.17.0
     # via sphinx
-certifi==2025.1.31
+certifi==2025.4.26
     # via requests
 charset-normalizer==3.4.1
     # via requests
diff --git a/requirements/doc.txt b/requirements/doc.txt
index 0a39991a9f4..bd3dc754429 100644
--- a/requirements/doc.txt
+++ b/requirements/doc.txt
@@ -10,7 +10,7 @@ alabaster==1.0.0
     # via sphinx
 babel==2.17.0
     # via sphinx
-certifi==2025.1.31
+certifi==2025.4.26
     # via requests
 charset-normalizer==3.4.1
     # via requests

From 4d337c8d81abcce3f487169ba9c16b78e7c3790a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 28 Apr 2025 12:01:35 +0000
Subject: [PATCH 3/4] Bump setuptools from 79.0.0 to 80.0.0 (#10800)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [setuptools](https://github.com/pypa/setuptools) from 79.0.0 to
80.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/setuptools/blob/main/NEWS.rst">setuptools's
changelog</a>.</em></p>
<blockquote>
<h1>v80.0.0</h1>
<h2>Bugfixes</h2>
<ul>
<li>Update test to honor new behavior in importlib_metadata 8.7. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4961">#4961</a>)</li>
</ul>
<h2>Deprecations and Removals</h2>
<ul>
<li>Removed support for the easy_install command including the sandbox
module. (<a
href="https://redirect.github.com/pypa/setuptools/issues/2908">#2908</a>)</li>
<li>Develop command no longer uses easy_install, but instead defers
execution to pip (which then will re-invoke Setuptools via PEP 517 to
build the editable wheel). Most of the options to develop are dropped.
This is the final warning before the command is dropped completely in a
few months. Use-cases relying on 'setup.py develop' should pin to older
Setuptools version or migrate to modern build tooling. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4955">#4955</a>)</li>
</ul>
<h1>v79.0.1</h1>
<h2>Bugfixes</h2>
<ul>
<li>Merge with pypa/distutils@24bd3179b including fix for <a
href="https://redirect.github.com/pypa/distutils/issues/355">pypa/distutils#355</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/setuptools/commit/aeea79266d82f99dbe556126b90b64215a663a2c"><code>aeea792</code></a>
Bump version: 79.0.1 → 80.0.0</li>
<li><a
href="https://github.com/pypa/setuptools/commit/2c874e78f4240963f74debcaadcccb97cb302ded"><code>2c874e7</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/4962">#4962</a>
from pypa/bugfix/4961-validated-eps</li>
<li><a
href="https://github.com/pypa/setuptools/commit/82c588aedd8142e7615031358e2d2640213a351d"><code>82c588a</code></a>
Update test to honor new behavior in importlib_metadata 8.7</li>
<li><a
href="https://github.com/pypa/setuptools/commit/ef4cd2960d75f2d49f40f5495347523be62d20e5"><code>ef4cd29</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/2908">#2908</a>
from pypa/debt/remove-easy-install</li>
<li><a
href="https://github.com/pypa/setuptools/commit/85bbad4945d874a2444e4531c74c5074cdeca010"><code>85bbad4</code></a>
Merge branch 'main' into debt/remove-easy-install</li>
<li><a
href="https://github.com/pypa/setuptools/commit/9653305c35a143b8d1bad2c190f918887dd1e6d5"><code>9653305</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/4955">#4955</a>
from pypa/debt/develop-uses-pip</li>
<li><a
href="https://github.com/pypa/setuptools/commit/da119e7e996b00b6e26f79995bec55684a3fabbe"><code>da119e7</code></a>
Set a due date 6 months in advance.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/a7603da5d3c709f6f01c8df8031ba7a7ae7959a0"><code>a7603da</code></a>
Rename news fragment to reference the pull request for better precise
locality.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/018a20cb130e9357f39c176b59c83738a09d7daa"><code>018a20c</code></a>
Restore a few of the options to develop.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/a5f02fe88d46e963bc470a60a9f8613d7f889d49"><code>a5f02fe</code></a>
Remove another test relying on setup.py develop.</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/setuptools/compare/v79.0.0...v80.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=setuptools&package-manager=pip&previous-version=79.0.0&new-version=80.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/constraints.txt  | 2 +-
 requirements/dev.txt          | 2 +-
 requirements/doc-spelling.txt | 2 +-
 requirements/doc.txt          | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index 7a0e89daca0..0007402f5fe 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -296,7 +296,7 @@ zlib-ng==0.5.1
 # The following packages are considered to be unsafe in a requirements file:
 pip==25.1
     # via pip-tools
-setuptools==79.0.0
+setuptools==80.0.0
     # via
     #   incremental
     #   pip-tools
diff --git a/requirements/dev.txt b/requirements/dev.txt
index e2bd1f98169..89e27ef7df9 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -287,7 +287,7 @@ zlib-ng==0.5.1
 # The following packages are considered to be unsafe in a requirements file:
 pip==25.1
     # via pip-tools
-setuptools==79.0.0
+setuptools==80.0.0
     # via
     #   incremental
     #   pip-tools
diff --git a/requirements/doc-spelling.txt b/requirements/doc-spelling.txt
index b43b170ff4a..a69f5b41e7d 100644
--- a/requirements/doc-spelling.txt
+++ b/requirements/doc-spelling.txt
@@ -76,5 +76,5 @@ urllib3==2.4.0
     # via requests
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==79.0.0
+setuptools==80.0.0
     # via incremental
diff --git a/requirements/doc.txt b/requirements/doc.txt
index bd3dc754429..a184042dc9f 100644
--- a/requirements/doc.txt
+++ b/requirements/doc.txt
@@ -69,5 +69,5 @@ urllib3==2.4.0
     # via requests
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==79.0.0
+setuptools==80.0.0
     # via incremental

From 38778aaed0e255ce149976a6b2ebc0561bf35d4d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 28 Apr 2025 12:34:18 +0000
Subject: [PATCH 4/4] Bump pypa/cibuildwheel from 2.23.2 to 2.23.3 (#10805)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [pypa/cibuildwheel](https://github.com/pypa/cibuildwheel) from
2.23.2 to 2.23.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/cibuildwheel/releases">pypa/cibuildwheel's
releases</a>.</em></p>
<blockquote>
<h2>v2.23.3</h2>
<ul>
<li>🛠 Dependency updates, including Python 3.13.3 (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2371">#2371</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/cibuildwheel/blob/main/docs/changelog.md">pypa/cibuildwheel's
changelog</a>.</em></p>
<blockquote>
<h3>v2.23.3</h3>
<p><em>26 April 2025</em></p>
<ul>
<li>🛠 Dependency updates, including Python 3.13.3 (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2371">#2371</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/cibuildwheel/commit/faf86a6ed7efa889faf6996aa23820831055001a"><code>faf86a6</code></a>
Bump version: v2.23.3</li>
<li><a
href="https://github.com/pypa/cibuildwheel/commit/4241f37b2c5be7f7ed96214b83f8cfbe1496cc28"><code>4241f37</code></a>
[2.x] Update dependencies (<a
href="https://redirect.github.com/pypa/cibuildwheel/issues/2371">#2371</a>)</li>
<li>See full diff in <a
href="https://github.com/pypa/cibuildwheel/compare/v2.23.2...v2.23.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pypa/cibuildwheel&package-manager=github_actions&previous-version=2.23.2&new-version=2.23.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/ci-cd.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml
index 276a76cb16f..93371676c74 100644
--- a/.github/workflows/ci-cd.yml
+++ b/.github/workflows/ci-cd.yml
@@ -436,7 +436,7 @@ jobs:
       run: |
         make cythonize
     - name: Build wheels
-      uses: pypa/cibuildwheel@v2.23.2
+      uses: pypa/cibuildwheel@v2.23.3
       env:
         CIBW_SKIP: pp* ${{ matrix.musl == 'musllinux' && '*manylinux*' || '*musllinux*' }}
         CIBW_ARCHS_MACOS: x86_64 arm64 universal2