pip: bump the pip-updates group across 1 directory with 3 updates

[dependabot]

Bumps the pip-updates group with 3 updates in the / directory: cryptography, kopf and multidict.

Updates cryptography from 46.0.3 to 46.0.4

Changelog

Sourced from cryptography's changelog.

46.0.4 - 2026-01-27

* `Dropped support for win_arm64 wheels`_.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.5.
.. _v46-0-3:

Commits

• e6f44fc bump for 46.0.4 and drop win arm64 due to CI issues (#14217)
• See full diff in compare view

Updates kopf from 1.40.1 to 1.41.1

Release notes

Sourced from kopf's releases.

1.41.1

What's Changed

• Fix the types and token retrieval for kubernetes-asyncio by @​nolar in nolar/kopf#1219

Full Changelog: nolar/kopf@1.41.0...1.41.1

1.41.0

What's Changed

• Postpone the initial timer/daemon delay by computable (e.g. random) time by @​nolar in nolar/kopf#1214
• Configure the posting from loggers separately from the explicit routines by @​nolar in nolar/kopf#1215
• Restart the webhook server on renewal of externally provided SSL cert/keys by @​nolar in nolar/kopf#1217
• Support logging in via kubernetes_asyncio by @​asteven in nolar/kopf#1010

Full Changelog: nolar/kopf@1.40.1...1.41.0

Commits

• e0120d6 Merge pull request #1219 from nolar/fix-kubernetes-asyncio-types
• 4a9f482 Fix the types and token retrieval for kubernetes-asyncio
• 74aa481 Install all extras in linting to check for dependency typing
• 4e7418d Merge pull request #1010 from asteven/login_kubernetes_asyncio
• 48b2393 Update the old branch for Python 3.10+ syntax
• 0d7aea3 Merge pull request #1217 from nolar/refresh-cert-files
• a6403c4 Restart the webhook server on renewal of externally provided SSL cert/keys
• e2a00b6 Merge pull request #1215 from nolar/disable-internal-logs
• 956cd65 Configure the posting from loggers separately from the explicit routines
• c5f2eaf Merge pull request #1214 from nolar/random-initial-delays
• Additional commits viewable in compare view

Updates multidict from 6.7.0 to 6.7.1

Release notes

Sourced from multidict's releases.

6.7.1

Bug fixes

• Fixed slow memory leak caused by identity by adding Py_DECREF to identity value before leaving md_pop_one on success -- by :user:Vizonex.

  Related issues and pull requests on GitHub: #1284.

---

Changelog

Sourced from multidict's changelog.

6.7.1

(2026-01-25)

Bug fixes

• Fixed slow memory leak caused by identity by adding Py_DECREF to identity value before leaving md_pop_one on success -- by :user:Vizonex.

  Related issues and pull requests on GitHub: :issue:1284.

---

Commits

• 39d3c32 Release 6.7.1 (#1289)
• 77bb95e Fix memory leak caused by identity when default value is inplace (#1284)
• 87dd4a4 Bump dependabot/fetch-metadata from 2.4.0 to 2.5.0 (#1287)
• 6c76412 Bump actions/cache from 4 to 5 (#1275)
• b91a033 Bump actions/upload-artifact from 4 to 6 (#1277)
• 84bf82c Bump psutil from 7.1.3 to 7.2.1 (#1279)
• 3f7b3ce Bump pypa/cibuildwheel from 3.3.0 to 3.3.1 (#1280)
• bbae902 Bump sigstore/gh-action-sigstore-python from 3.1.0 to 3.2.0 (#1274)
• 000b5b0 Remove follow_untyped_imports for mypy-sphinx (#1286)
• 3d2d630 Bump actions/download-artifact from 6 to 7 (#1276)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.