Bump maxminddb from 3.0.0 to 3.1.1

[dependabot]

Bumps maxminddb from 3.0.0 to 3.1.1.

Release notes

Sourced from maxminddb's releases.

3.1.1

• The vendored libmaxminddb has been updated to 1.13.3. This includes a fix for the validation of empty maps and arrays at the end of the metadata section. Previously, the extension would incorrectly reject databases where a 0-element map or array was the last field in metadata. Reported in vimt/MaxMind-DB-Writer-python#16.

3.1.0

• The vendored libmaxminddb has been updated to 1.13.1. This includes several security hardening improvements when reading corrupt or malicious database files, including fixes for integer overflows, bounds checking, and use-after-free prevention.

Changelog

Sourced from maxminddb's changelog.

3.1.1 (2026-03-05) ++++++++++++++++++

• The vendored libmaxminddb has been updated to 1.13.3. This includes a fix for the validation of empty maps and arrays at the end of the metadata section. Previously, the extension would incorrectly reject databases where a 0-element map or array was the last field in metadata. Reported in vimt/MaxMind-DB-Writer-python#16.

3.1.0 (2026-02-24) ++++++++++++++++++

• The vendored libmaxminddb has been updated to 1.13.1. This includes several security hardening improvements when reading corrupt or malicious database files, including fixes for integer overflows, bounds checking, and use-after-free prevention.

Commits

• 09f4373 Update for v3.1.1
• 99ccfad Use uv managed Python in tox instead of system Python
• 88afa6f Update libmaxminddb to 1.13.3
• 2179ebc Merge pull request #324 from maxmind/dependabot/github_actions/actions/upload...
• ea75e64 Bump actions/upload-artifact from 6.0.0 to 7.0.0
• bae56e2 Merge pull request #323 from maxmind/dependabot/uv/tox-uv-1.33.0
• 23d5c52 Bump tox-uv from 1.32.1 to 1.33.0
• 040cae4 Merge pull request #322 from maxmind/dependabot/github_actions/actions/downlo...
• ae9472b Bump actions/download-artifact from 7.0.0 to 8.0.0
• f9c67fc Merge pull request #321 from maxmind/dependabot/uv/ruff-0.15.2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)