Bump the pip-deps group with 5 updates

[dependabot]

Bumps the pip-deps group with 5 updates:

Package	From	To
chardet	5.2.0	6.0.0.post1
isort	7.0.0	8.0.0
botocore	1.42.50	1.42.55
boto3	1.42.50	1.42.55
python-box	7.3.2	7.4.1

Updates chardet from 5.2.0 to 6.0.0.post1

Release notes

Sourced from chardet's releases.

6.0.0.post1

• Fixed version number in chardet/version.py still being set to 6.0.0dev0. Otherwise identical to 6.0.0.

6.0.0

Features

• Unified single-byte charset detection: Instead of only having trained language models for a handful of languages (Bulgarian, Greek, Hebrew, Hungarian, Russian, Thai, Turkish) and relying on special-case Latin1Prober and MacRomanProber heuristics for Western encodings, chardet now treats all single-byte charsets the same way: every encoding gets proper language-specific bigram models trained on CulturaX corpus data. This means chardet can now accurately detect both the encoding and the language for all supported single-byte encodings.
• 38 new languages: Arabic, Belarusian, Breton, Croatian, Czech, Danish, Dutch, English, Esperanto, Estonian, Farsi, Finnish, French, German, Icelandic, Indonesian, Irish, Italian, Kazakh, Latvian, Lithuanian, Macedonian, Malay, Maltese, Norwegian, Polish, Portuguese, Romanian, Scottish Gaelic, Serbian, Slovak, Slovene, Spanish, Swedish, Tajik, Ukrainian, Vietnamese, and Welsh. Existing models for Bulgarian, Greek, Hebrew, Hungarian, Russian, Thai, and Turkish were also retrained with the new pipeline.
• EncodingEra filtering: New encoding_era parameter to detect allows filtering by an EncodingEra flag enum (MODERN_WEB, LEGACY_ISO, LEGACY_MAC, LEGACY_REGIONAL, DOS, MAINFRAME, ALL) allows callers to restrict detection to encodings from a specific era. detect() and detect_all() default to MODERN_WEB. The new MODERN_WEB default should drastically improve accuracy for users who are not working with legacy data. The tiers are:
  • MODERN_WEB: UTF-8/16/32, Windows-125x, CP874, CJK multi-byte (widely used on the web)
  • LEGACY_ISO: ISO-8859-x, KOI8-R/U (legacy but well-known standards)
  • LEGACY_MAC: Mac-specific encodings (MacRoman, MacCyrillic, etc.)
  • LEGACY_REGIONAL: Uncommon regional/national encodings (KOI8-T, KZ1048, CP1006, etc.)
  • DOS: DOS/OEM code pages (CP437, CP850, CP866, etc.)
  • MAINFRAME: EBCDIC variants (CP037, CP500, etc.)
• --encoding-era CLI flag: The chardetect CLI now accepts -e/--encoding-era to control which encoding eras are considered during detection.
• max_bytes and chunk_size parameters: detect(), detect_all(), and UniversalDetector now accept max_bytes (default 200KB) and chunk_size (default 64KB) parameters for controlling how much data is examined. (#314, @​bysiber)
• Encoding era preference tie-breaking: When multiple encodings have very close confidence scores, the detector now prefers more modern/Unicode encodings over legacy ones.
• Charset metadata registry: New chardet.metadata.charsets module provides structured metadata about all supported encodings, including their era classification and language filter.
• should_rename_legacy now defaults intelligently: When set to None (the new default), legacy renaming is automatically enabled when encoding_era is MODERN_WEB.
• Direct GB18030 support: Replaced the redundant GB2312 prober with a proper GB18030 prober.
• EBCDIC detection: Added CP037 and CP500 EBCDIC model registrations for mainframe encoding detection.
• Binary file detection: Added basic binary file detection to abort analysis earlier on non-text files.
• Python 3.12, 3.13, and 3.14 support (#283, @​hugovk; #311)
• GitHub Codespace support (#312, @​oxygen-dioxide)

Fixes

• Fix CP949 state machine: Corrected the state machine for Korean CP949 encoding detection. (#268, @​nenw)
• Fix SJIS distribution analysis: Fixed SJISDistributionAnalysis discarding valid second-byte range >= 0x80. (#315, @​bysiber)
• Fix UTF-16/32 detection for non-ASCII-heavy text: Improved detection of UTF-16/32 encoded CJK and other non-ASCII text by adding a MIN_RATIO threshold alongside the existing EXPECTED_RATIO.
• Fix get_charset crash: Resolved a crash when looking up unknown charset names.
• Fix GB18030 char_len_table: Corrected the character length table for GB18030 multi-byte sequences.
• Fix UTF-8 state machine: Updated to be more spec-compliant.
• Fix detect_all() returning inactive probers: Results from probers that determined "definitely not this encoding" are now excluded.
• Fix early cutoff bug: Resolved an issue where detection could terminate prematurely.
• Default UTF-8 fallback: If UTF-8 has not been ruled out and nothing else is above the minimum threshold, UTF-8 is now returned as the default.

Breaking changes

• Dropped Python 3.7, 3.8, and 3.9 support: Now requires Python 3.10+. (#283, @​hugovk)
• Removed Latin1Prober and MacRomanProber: These special-case probers have been replaced by the unified model-based approach described above. Latin-1, MacRoman, and all other single-byte encodings are now detected by SingleByteCharSetProber with trained language models, giving better accuracy and language identification.
• Removed EUC-TW support: EUC-TW encoding detection has been removed as it is extremely rare in practice.
• LanguageFilter.NONE removed: Use specific language filters or LanguageFilter.ALL instead.
• Enum types changed: InputState, ProbingState, MachineState, SequenceLikelihood, and CharacterCategory are now IntEnum (previously plain classes or Enum). LanguageFilter values changed from hardcoded hex to auto().
• detect() default behavior change: detect() now defaults to encoding_era=EncodingEra.MODERN_WEB and should_rename_legacy=None (auto-enabled for MODERN_WEB), whereas previously it defaulted to considering all encodings with no legacy renaming.

Misc changes

• Switched from Poetry/setuptools to uv + hatchling: Build system modernized with hatch-vcs for version management.

... (truncated)

Commits

• 2fa72d8 Update version to 6.0.0.post1
• 8a4636b docs: modernize usage examples and reorganize table of contents
• 20da71e docs: fix copyright start year and remove first-person reference
• b45ae91 docs: update copyright to 2015-2026 chardet contributors
• 3f9910d Add .readthedocs.yaml to fix RTD builds
• 7ef7cd0 Fix pyright type errors in chardetect.py and test.py
• 4025dfa Update documentation for 6.0.0 release
• 1170829 Add LEGACY_REGIONAL encoding era and reclassify misplaced encodings
• 19379ac Add --encoding-era CLI flag and improve heuristic selection
• 61308e2 Pre-release fixes: bump to 6.0.0, fix get_charset crash, cleanup
• Additional commits viewable in compare view

Updates isort from 7.0.0 to 8.0.0

Release notes

Sourced from isort's releases.

8.0.0

Changes

• Update CHANGELOG for version 8.0.0 (#2460) @​DanielNoord
• Fix edge case of __future__ import. (#2458) @​skv0zsneg
• Fix the Plone profile to be compatible with black (#2457) @​ale-rt
• typo fix (#2450) @​jsta
• Remove the setuptools plugin (#2427) @​DanielNoord
• Turn some warnings into errors in test suite (#2449) @​DanielNoord
• chore: replace black with ruff in clean.sh (#2448) @​joao-faria-dev
• feat!: remove old finders flag and legacy finder logic (#2446) @​joao-faria-dev
• Fix whitespace insensitive check triggering on tabs (#2437) @​robsdedude
• Fix line separator detection not considering form feed as white space (#2436) @​robsdedude
• Fix #1964: lines_before_import sometimes ignored (#1965) @​robsdedude
• Remove reference to 3.9 in README (#2434) @​DanielNoord

🚀 Features

• Ensure multiprocessing.Pool is always closed and joined (#2442) @​DanielNoord

👷 Continuous Integration

• Simplify CI by putting similar steps into a single action file (#2444) @​DanielNoord

📦 Dependencies

• Bump actions/checkout from 5 to 6 in the github-actions group (#2451) @dependabot[bot]
• Bump astral-sh/setup-uv from 6 to 7 in the github-actions group (#2441) @dependabot[bot]

Changelog

Sourced from isort's changelog.

8.0.0 February 19 2026

• Removed --old-finders and --magic-placement flags and old_finders configuration option. The legacy finder logic that relied on environment introspection has been removed (#2445) @​joao-faria-dev
• Update the plone profile to not clash with black (#2456) @​ale-rt

6.1.0 October 1 2025

• Add python 3.14 classifier and badge (#2409) @​staticdev
• Drop use of non-standard pkg_resources API (#2405) @​dvarrazzo

6.0.1 Febuary 26 2025

• Add OSError handling in find_imports_in_file (#2331) @​kobarity

6.0.0 January 27 2025

• Remove support for Python 3.8 (#2327) @​DanielNoord
• Python 3.13 support (#2306) @​mayty
• Speed up exists_case_sensitive calls (#2264) @​correctmost
• Ensure that split_on_trailing_comma works with as imports (#2340) @​DanielNoord
• Black profile: enable magic comma (#2236) @​MrMino
• Update line_length and single_line_exclusions in google profile (#2149) @​jagapiou
• Allow --diff to be used with --jobs (#2302) @​mnakama
• Fix wemake profile to have correct character limit (#2241) @​sobolevn
• Fix sort_reexports code mangling (#2283) @​Helveg
• Fix correct group by package tokenization (#2136) @​glasnt

5.13.2 December 13 2023

• Apply the bracket fix from issue #471 only for use_parentheses=True (#2184) @​bp72
• Confine pre-commit to stages (#2213) @​davidculley
• Fixed colors extras (#2212) @​staticdev

5.13.1 December 11 2023

• Fixed integration tests (#2208) @​bp72
• Fixed normalizing imports from more than one level of parent modules (issue/2152) (#2191) @​bp72
• Remove optional dependencies without extras (#2207) @​staticdev

5.13.0 December 9 2023

• Cleanup deprecated extras (#2089) @​staticdev
• Fixed #1989: settings lookup when working in stream based mode
• Fixed 80 line length for wemake linter (#2183) @​skatromb
• Add support for Python 3.12 (#2175) @​hugovk
• Fixed: add newest version to pre-commit docs (#2190) @​AzulGarza
• Fixed assertions in test_git_hook (#2196) @​mgorny
• Removed check for include_trailing_comma for the Hanging Indent wrap mode (#2192) @​bp72
• Use the standard library tomllib on sufficiently new python (#2202) @​eli-schwartz
• Update pre-commit.md version number (#2197) @​nicobako

... (truncated)

Commits

• 3459bde Merge pull request #2460 from PyCQA/DanielNoord-patch-1
• 6e70bb6 Update CHANGELOG for version 8.0.0
• b0f2dab Merge pull request #2458 from skv0zsneg/issue/1882
• 313797b Fix lint.
• 7d3a6f5 Add ignore for cyclomatic complexity check.
• 6b9f895 Remove debug prints.
• 45f2497 Add tests for edge case future imports handler.
• fe57bfd Add edge case future imports handler.
• e8c127b Merge pull request #2457 from ale-rt/ale/2456/fix-plone-profile
• 293c201 Fix the Plone profile to be compatible with black
• Additional commits viewable in compare view

Updates botocore from 1.42.50 to 1.42.55

Commits

• 59176e1 Merge branch 'release-1.42.55'
• fb27bb3 Bumping version to 1.42.55
• a34dcf7 Update endpoints model
• 6d64538 Update to latest models
• b4cc476 Merge branch 'release-1.42.54'
• 3746c26 Merge branch 'release-1.42.54' into develop
• 92b6452 Bumping version to 1.42.54
• 42e39fd Update endpoints model
• 68d2343 Update to latest models
• de615b8 Merge branch 'release-1.42.53'
• Additional commits viewable in compare view

Updates boto3 from 1.42.50 to 1.42.55

Commits

• 77c52e2 Merge branch 'release-1.42.55'
• 2024b09 Bumping version to 1.42.55
• 3cc8917 Add changelog entries from botocore
• ae39e43 Merge branch 'release-1.42.54'
• 2fd0261 Merge branch 'release-1.42.54' into develop
• f07efd3 Bumping version to 1.42.54
• 36bad54 Add changelog entries from botocore
• ab66554 Merge branch 'release-1.42.53'
• 9699df9 Merge branch 'release-1.42.53' into develop
• dfa0446 Bumping version to 1.42.53
• Additional commits viewable in compare view

Updates python-box from 7.3.2 to 7.4.1

Release notes

Sourced from python-box's releases.

Version 7.4.1

• Fixing #303 Wrong version number (7.3.3) in 7.4.0 release (thanks to Michał Górny)

Changelog

Sourced from python-box's changelog.

Version 7.4.1

• Fixing #303 Wrong version number (7.3.3) in 7.4.0 release (thanks to Michał Górny)

Version 7.4.0

• Adding #297 'box_dots_exclude' parameter to keep certain keys with dots from being broken down (thanks to J vanBemmel)
• Adding #301 support for TOON serialization format (thanks to richieadler)
• Adding support for YAML width
• Adding support for Python 3.14
• Fixing #291 adding frozen boxes (thanks to m-janicki)
• Removing support for Python 3.9 as it is EOL

Version 7.3.3

• Mistakenly released 7.4.0 as 7.3.3 in PyPI, same as above

Commits

• a4c10e9 Version 7.4.1 (#304)
• 580663d Version 7.4.0 (#302)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

⚠️ (this preview might not be accurate if the PR is not rebased on current master branch)

MCK 1.7.1 Release Notes

Other Changes

• Container images: Merged the init-database and init-appdb init container images into a single init-database image. The init-appdb image will no longer be published and does not affect existing deployments.