python-deps(deps): bump the python-dependencies group with 5 updates

[dependabot]

Bumps the python-dependencies group with 5 updates:

Package	From	To
chardet	5.2.0	7.4.0.post2
charset-normalizer	3.4.6	3.4.7
click	8.3.1	8.3.2
more-itertools	10.8.0	11.0.1
pydantic-core	2.41.5	2.45.0

Updates chardet from 5.2.0 to 7.4.0.post2

Release notes

Sourced from chardet's releases.

chardet 7.4.0 brings accuracy up to 99.3% (from 98.6% in 7.3.0) and significantly faster cold start thanks to a new dense model format.

What's New

Performance:

• New dense zlib-compressed model format (v2) drops cold start (import + first detect) from ~75ms to ~13ms with mypyc

Accuracy (98.6% → 99.3%):

• Eliminated train/test data overlap via content fingerprinting
• Added MADLAD-400 and Wikipedia as supplemental training sources
• Improved non-ASCII bigram scoring: high-byte bigrams are now preserved during training and weighted by per-bigram IDF
• Encoding-aware substitution filtering (substitutions only apply for characters the target encoding can't represent)
• Increased training samples from 15K to 25K per language/encoding pair

Bug fixes:

• Added dedicated structural analyzers for CP932, CP949, and Big5-HKSCS (these were previously sharing their base encoding's byte-range analyzer, missing extended ranges)

Metrics

	chardet 7.4.0 (mypyc)	chardet 6.0.0	charset-normalizer 3.4.6
Accuracy (2,517 files)	99.3%	88.2%	85.4%
Speed	551 files/s	12 files/s	376 files/s
Language detection	95.7%	40.0%	59.2%

Full changelog: https://chardet.readthedocs.io/en/latest/changelog.html

7.3.0

License

• 0BSD license — the project license has been changed from MIT to 0BSD, a maximally permissive license with no attribution requirement. All prior 7.x releases should also be considered 0BSD licensed as of this release.

Features

• Added mime_type field to detection results — identifies file types for both binary (via magic number matching) and text content. Returned in all detect(), detect_all(), and UniversalDetector results. (#350)
• New pipeline/magic.py module detects 40+ binary file formats including images, audio/video, archives, documents, executables, and fonts. ZIP-based formats (XLSX, DOCX, JAR, APK, EPUB, wheel, OpenDocument) are distinguished by entry filenames. (#350)

Bug Fixes

• Fixed incorrect equivalence between UTF-16-LE and UTF-16-BE in accuracy testing — these are distinct encodings with different byte order, not interchangeable

Performance

• Added 4 new modules to mypyc compilation (orchestrator, confusion, magic, ascii), bringing the total to 11 compiled modules
• Capped statistical scoring at 16 KB — bigram models converge quickly, so large files no longer score the full 200 KB. Worst-case detection time dropped from 62ms to 26ms with no accuracy loss.
• Replaced dataclasses.replace() with direct DetectionResult construction on hot paths, eliminating ~354k function calls per full test suite run

Build

... (truncated)

Changelog

Sourced from chardet's changelog.

Changelog

.. note::

Entries marked "via Claude" were developed with Claude Code <https://claude.ai/code>_. Dan directed the design, reviewed all output, and takes responsibility for the result. Unmarked entries by Dan were written without AI assistance.

7.4.0 (2026-03-26)

Performance:

• Switched to dense zlib-compressed model format (v2): models are now stored as contiguous memoryview slices of a single decompressed blob, eliminating per-model struct.unpack overhead. Cold start (import + first detect) dropped from ~75ms to ~13ms with mypyc. (Dan Blanchard <https://github.com/dan-blanchard>_ via Claude, [#354](https://github.com/chardet/chardet/issues/354) <https://github.com/chardet/chardet/pull/354>_)

Accuracy:

• Accuracy improved from 98.6% to 99.3% (2499/2517 files) through a combination of training and scoring improvements:

  • Eliminated train/test data overlap by content-fingerprinting test suite articles and excluding them from training data ([#351](https://github.com/chardet/chardet/issues/351) <https://github.com/chardet/chardet/pull/351>_)
  • Added MADLAD-400 and Wikipedia as supplemental training sources to fill gaps left by exclusion filtering ([#351](https://github.com/chardet/chardet/issues/351) <https://github.com/chardet/chardet/pull/351>_)
  • Improved non-ASCII bigram scoring: high-byte bigrams are now preserved during training (instead of being crushed by global normalization), and weighted by per-bigram IDF so encoding-specific byte patterns contribute proportionally to how discriminative they are ([#352](https://github.com/chardet/chardet/issues/352) <https://github.com/chardet/chardet/pull/352>_)
  • Added encoding-aware substitution filtering: character substitutions during training now only apply for characters the target encoding cannot represent
  • Increased training samples from 15K to 25K per language/encoding pair (Dan Blanchard <https://github.com/dan-blanchard>_ via Claude)

Bug Fixes:

• Added dedicated structural analyzers for CP932, CP949, and Big5-HKSCS: these superset encodings previously shared their base encoding's byte-range analyzer, missing extended ranges unique to each superset

... (truncated)

Commits

• e37cf3c fix: prevent dirty-tree version in Windows mypyc wheel builds
• f9f5af2 Fix a couple errors in the changelog
• 53755de chore: add .superpowers/ to .gitignore
• 3a20df6 docs: update README examples with correct outputs
• 17ec933 docs: note train/test separation in performance.rst
• 7296d93 docs: add footnote explaining 0 B import memory (lazy loading)
• 4221536 docs: add chardet 7.0.1-7.3.0 to historical performance table
• 9dfb65b docs: remove historical performance table spec/plan (preserved in git history)
• 72413b8 docs: add historical performance table to performance.rst
• cbcb80d fix: handle None detect() results and missing venvs in benchmarks
• Additional commits viewable in compare view

Updates charset-normalizer from 3.4.6 to 3.4.7

Release notes

Sourced from charset-normalizer's releases.

Version 3.4.7

3.4.7 (2026-04-02)

Changed

• Pre-built optimized version using mypy[c] v1.20.
• Relax setuptools constraint to setuptools>=68,<82.1.

Fixed

• Correctly remove SIG remnant in utf-7 decoded string. (#718) (#716)

Changelog

Sourced from charset-normalizer's changelog.

3.4.7 (2026-04-02)

Changed

• Pre-built optimized version using mypy[c] v1.20.
• Relax setuptools constraint to setuptools>=68,<82.1.

Fixed

• Correctly remove SIG remnant in utf-7 decoded string. (#718) (#716)

Commits

• 0f07891 Merge pull request #729 from jawah/release-3.4.7
• fdbeb29 chore: update dev, and ci requirements
• b66f922 chore: add ft classifier
• f94249d chore: add test cases for utf_7 recent fix
• 95c866f chore: bump version to 3.4.7
• 4f429bb chore: bump mypy pre-commit to v1.20
• b579cd6 fix: correctly remove SIG remnant in utf-7 decoded string
• 58bf944 ⬆️ Bump github/codeql-action from 4.32.4 to 4.35.1 (#728)
• 44cf8a1 ⬆️ Bump actions/download-artifact from 8.0.0 to 8.0.1 (#726)
• 362bc20 ⬆️ Bump docker/setup-qemu-action from 3.7.0 to 4.0.0 (#725)
• Additional commits viewable in compare view

Updates click from 8.3.1 to 8.3.2

Release notes

Sourced from click's releases.

8.3.2

This is the Click 8.3.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.3.2/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-2 Milestone: https://github.com/pallets/click/milestone/29

• Fix handling of flag_value when is_flag=False to allow such options to be used without an explicit value. #3084 #3152
• Hide Sentinel.UNSET values as None when using lookup_default(). #3136 #3199 #3202 #3209 #3212 #3224
• Prevent _NamedTextIOWrapper from closing streams owned by StreamMixer. #824 #2991 #2993 #3110 #3139 #3140
• Add comprehensive tests for CliRunner stream lifecycle, covering logging interaction, multi-threaded safety, and sequential invocation isolation. Add high-iteration stress tests behind a stress marker with a dedicated CI job. #3139
• Fix callable flag_value being instantiated when used as a default via default=True. #3121 #3201 #3213 #3225

Changelog

Sourced from click's changelog.

Version 8.3.2

Released 2026-04-02

• Fix handling of flag_value when is_flag=False to allow such options to be used without an explicit value. :issue:3084 :pr:3152
• Hide Sentinel.UNSET values as None when using lookup_default(). :issue:3136 :pr:3199 :pr:3202 :pr:3209 :pr:3212 :pr:3224
• Prevent _NamedTextIOWrapper from closing streams owned by StreamMixer. :issue:824 :issue:2991 :issue:2993 :issue:3110 :pr:3139 :pr:3140
• Add comprehensive tests for CliRunner stream lifecycle, covering logging interaction, multi-threaded safety, and sequential invocation isolation. Add high-iteration stress tests behind a stress marker with a dedicated CI job. :pr:3139
• Fix callable flag_value being instantiated when used as a default via default=True. :issue:3121 :pr:3201 :pr:3213 :pr:3225

Commits

• 052c006 Change update release date.
• 502b7ce Merge branch 'stable' of https://github.com/pallets/click into release-8.3.2
• a0a37e4 Change publish to werkzeug latest. (#3301)
• 57be6fc Change publish to werkzeug latest.
• 781d6a8 Update publish workflows (#3266)
• ff795b6 Update precommit pins with tox
• dd87ef4 Update github action pins with tox
• 93d3f9d Release version 8.3.2
• 3299ba1 Add missing PR to changelog. (#3264)
• b7f62c4 Add missing PR to changelog.
• Additional commits viewable in compare view

Updates more-itertools from 10.8.0 to 11.0.1

Release notes

Sourced from more-itertools's releases.

Version 11.0.1

This release restores pairwise, which was mistakenly removed in 11.0.0 instead of being deprecated. It is now marked as deprecated and will be removed in a future major release. Use itertools.pairwise as a replacement.

Version 11.0.0

Potentially breaking changes

• Python 3.9 support was dropped, since it went EOL on 2025-10-31
• callback_iter is deprecated. It will be removed in a future major release.
• iequals no longer returns True when called with ([], [ANY]) (thanks to rhettinger and pochmann3)
• The pred argument for locate and replace must now be able to handle a variable number of arguments. See their docstrings for details. (thanks to veeceey, james-wasson, and pochmann3)
• unique_everseen now raises TypeError when input elements are not hashable. The silent fallback mechanism for unhashable inputs has been removed. (thanks to rhettinger and karlicoss)
• windowed now raises ValueError when given a window size of 0 (thanks to rhettinger and brevzin)
• Parameter names for flatten, iter_except, repeatfunc, prepend, transpose, and sum_of_squares have been changed. Code that uses these functions will need to be updated if it uses keywords for positional arguments. (thanks to rhettinger)

New functions

• concurrent_tee: similar to tee, but with guaranteed threading semantics (thanks to rhettinger)
• random_derangement: returns a random derangement of elements from an iterable (thanks to rhettinger)
• running_mean: yields the mean of values in an iterable, or in a sliding window (thanks to rhettinger)
• running_statistics: provides statistics for the values in an iterable, or in a sliding window (thanks to rhettinger)
• serialize: wraps a non-concurrent iterator with a lock to enforce sequential access (thanks to rhettinger)
• synchronized: wraps an iterator-returning callable to make its iterators thread-safe (thanks to rhettinger)
• sized_iterator: wraps an iterable with a known length and implements __len__ (thanks to assaf127)

Changes to existing functions

• The type hints for always_iterable were improved (thanks to rhettinger and maltevesper)
• A potential bug in callback_iter was fixed
• A bug in exactly_n's handling of negative arguments was fixed (thanks to rhettinger)
• extract`` now accepts a monotonic` argument for improved performance (thanks to rhettinger)
• A bug in numeric_range's handling of negative steps was fixed (thanks to bysiber)
• grouper implementation was updated to match the itertools docs (thanks to rhettinger)
• nth_product, product_index, gray_product, partial_product, nth_product, product_index, and random_product now accept a repeat keyword argument (thanks to rhettinger)
• powerset_of_sets can now construct frozenset instances (thanks to rhettinger)
• The type hints for stagger were improved (thanks to nathanjmcdougall)
• Memory efficiency was improved for partition was improved (thanks to rhettinger and yueyinqiu)
• Performance for the functions count_cycle, difference, random_product, was improved nth_combination, nth_combination_with_replacement,

... (truncated)

Commits

• 5ea81c4 Merge pull request #1142 from more-itertools/version-11.0.1
• 2fcf9ef Changes for version 11.0.1
• 52cfcfe Revert "Remove pairwise()"
• 5b43c0d Merge pull request #1136 from more-itertools/version-11.0.0
• 499213b Merge pull request #1140 from rhettinger/nits
• 8fb18b9 Nit: Add --upgrade to the pip installs
• afe23fc Nit: Remove outdated fabfile.py from the manifest
• 4930555 Nit: move reshape() and transpose() to the math section
• 06626d5 callback_iter is deprecated
• c91ba4e Fix formatting in unique_everseen
• Additional commits viewable in compare view

Updates pydantic-core from 2.41.5 to 2.45.0

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 87.66%. Comparing base (c5c6005) to head (eb9e287).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #167   +/-   ##
=======================================
  Coverage   87.66%   87.66%           
=======================================
  Files          28       28           
  Lines        1897     1897           
  Branches      198      198           
=======================================
  Hits         1663     1663           
  Misses        158      158           
  Partials       76       76           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

Test Results (windows)

path	passed	skipped	subtotal
tests\test_tm_data_types.py	20	1	21
TOTAL	20	1	21

tests\test_tm_data_types.py

('D:\\a\\tm_data_types\\tm_data_types\\tests\\test_tm_data_types.py', 549, 'Skipped: Skipping 1G test in GitHub Actions environment')

Link to workflow run

[github-actions]

Test Results (macos)

path	passed	skipped	subtotal
tests/test_tm_data_types.py	20	1	21
TOTAL	20	1	21

tests/test_tm_data_types.py

('/Users/runner/work/tm_data_types/tm_data_types/tests/test_tm_data_types.py', 549, 'Skipped: Skipping 1G test in GitHub Actions environment')

Link to workflow run

[github-actions]

Test Results (ubuntu)

path	passed	skipped	subtotal
tests/test_tm_data_types.py	20	1	21
TOTAL	20	1	21

tests/test_tm_data_types.py

('/home/runner/work/tm_data_types/tm_data_types/tests/test_tm_data_types.py', 549, 'Skipped: Skipping 1G test in GitHub Actions environment')

Link to workflow run

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.