build(deps): bump the uv group across 1 directory with 3 updates

[dependabot]

Bumps the uv group with 3 updates in the / directory: h11, msgpack and virtualenv.

Updates h11 from 0.14.0 to 0.16.0

Commits

• 1c5b075 this time for surer
• d9c3699 this time for sure...
• d91b9dd blacken
• 5a4683c Soothe mypy
• 9c9567f Bump version to 0.16.0
• 114803a Merge commit from fork
• 9462006 Bump version to 0.15.0
• 70a96be Merge pull request #181 from Julien00859/Julien00859/get_int_max_str_digits
• 60782ad Reject Content-Length longer 1 billion TB
• dff7cc3 Validate Chunked-Encoding chunk footer
• Additional commits viewable in compare view

Updates msgpack from 1.1.2 to 1.2.1

Release notes

Sourced from msgpack's releases.

v1.2.1

What's Changed

• Bump pypa/cibuildwheel from 4.0.0 to 4.1.0 in the all-dependencies group by @​dependabot[bot] in msgpack/msgpack-python#694
• release v1.2.1 by @​methane in msgpack/msgpack-python#698

Full Changelog: msgpack/msgpack-python@v1.2.0...v1.2.1

v1.2.0

What's Changed

• relax setuptools version by @​methane in msgpack/msgpack-python#652
• update setuptools requirements to >=78.1.1 by @​methane in msgpack/msgpack-python#653
• cython: freethreading_compatible by @​methane in msgpack/msgpack-python#654
• drop Python 3.9 by @​methane in msgpack/msgpack-python#656
• update cython and cibuildwheel by @​methane in msgpack/msgpack-python#658
• ci: add riscv64 manylinux/musllinux wheels by @​justeph in msgpack/msgpack-python#664
• fix: check unpack_callback_uint32 result by @​KowalskiThomas in msgpack/msgpack-python#666
• fix: re-raise existing exception when available by @​KowalskiThomas in msgpack/msgpack-python#667
• fix: check return code in unpack_callback_int64 by @​KowalskiThomas in msgpack/msgpack-python#665
• Fixed README example by @​vallsv in msgpack/msgpack-python#668
• Bump the all-dependencies group with 6 updates by @​dependabot[bot] in msgpack/msgpack-python#669
• ci: use ubuntu-slim for lint by @​methane in msgpack/msgpack-python#670
• fix: enforce strict_map_key with object_pairs_hook by @​KowalskiThomas in msgpack/msgpack-python#673
• Raise DEFAULT_RECURSE_LIMIT from 511 to 1024 by @​Copilot in msgpack/msgpack-python#676
• fix: properly handle return codes in pack_timestamp by @​KowalskiThomas in msgpack/msgpack-python#672
• fix: avoid memory leak when decoding invalid nested arrays by @​KowalskiThomas in msgpack/msgpack-python#671
• Add missing autoreset in Packer.pack_ext_type by @​bysiber in msgpack/msgpack-python#663
• Add no-GIL interpreter support by @​clin1234 in msgpack/msgpack-python#641
• skip recursion limit test on free-threaded CPython builds by @​methane in msgpack/msgpack-python#679
• Fix Timestamp.from_datetime returning wrong value for pre-epoch datetimes by @​bysiber in msgpack/msgpack-python#662
• Add 3.15 to CI by @​clin1234 in msgpack/msgpack-python#678
• fix: use-after-free in get_data_from_buffer by @​KowalskiThomas in msgpack/msgpack-python#677
• change changelog format to markdown by @​methane in msgpack/msgpack-python#680
• Bump the all-dependencies group with 2 updates by @​dependabot[bot] in msgpack/msgpack-python#684
• Bump sys.setrecursionlimit within test_nest_limit_1024 by @​clin1234 in msgpack/msgpack-python#682
• Guard Packer buffer protocol hooks with Cython critical sections by @​Copilot in msgpack/msgpack-python#686
• Harden Unpacker.__init__ re-entry cleanup to prevent buffer/context leaks by @​Copilot in msgpack/msgpack-python#687
• release v1.2.0rc1 by @​methane in msgpack/msgpack-python#681
• Wheels CI hangs for MacOS Intel by @​crusaderky in msgpack/msgpack-python#689
• Bump pypa/cibuildwheel from 3.4.1 to 4.0.0 in the all-dependencies group by @​dependabot[bot] in msgpack/msgpack-python#691
• release v1.2.0 by @​methane in msgpack/msgpack-python#692

New Contributors

• @​justeph made their first contribution in msgpack/msgpack-python#664
• @​KowalskiThomas made their first contribution in msgpack/msgpack-python#666
• @​vallsv made their first contribution in msgpack/msgpack-python#668
• @​dependabot[bot] made their first contribution in msgpack/msgpack-python#669
• @​Copilot made their first contribution in msgpack/msgpack-python#676
• @​bysiber made their first contribution in msgpack/msgpack-python#663
• @​clin1234 made their first contribution in msgpack/msgpack-python#641

... (truncated)

Changelog

Sourced from msgpack's changelog.

1.2.1

Release Date: 2026-06-19

Fix a segfault when calling Unpacker.unpack() or Unpacker.skip() after an unpacking failure. But note that reusing the same Unpacker instance after an unpacking failure is not supported. Please create a new Unpacker instance instead. GHSA-6v7p-g79w-8964

1.2.0

Release Date: 2026-06-11

• Support free threaded Python. #654, #686
• Dropped support for Python 3.9. #656
• Fix missing error checks in C code. #665, #666, #667, #672
• Fix strict_map_key option didn't work for object_pairs_hook. #673
• Increase DEFAULT_RECURSE_LIMIT of Unpacker to 1024. #676
• Fix memory leak when Unpacker returns error for invalid input. #671
• Fix Packer.pack_ext_type() ignored autoreset option. #663
• Fix Timestamp.from_datetime() returning wrong value for pre-epoch datetimes. #662
• Fix use-after-free in unpackb() and Unpacker.unpack() for non-contiguous input. #677
• Fix possible memory leak when calling Unpacker.__init__() several times. #687

Commits

• 448d43f release v1.2.1 (#698)
• 2c56ddb Merge commit from fork
• 0f4f350 Bump pypa/cibuildwheel from 4.0.0 to 4.1.0 in the all-dependencies group (#694)
• 11ed0a5 release v1.2.0 (#692)
• c410a38 Bump pypa/cibuildwheel from 3.4.1 to 4.0.0 (#691)
• 97ba6ca skip ci: remove unneeded CIBW_SKIP option
• cdde1b0 Wheels CI hangs for MacOS Intel (#689)
• 5eb57e1 release v1.2.0rc1 (#681)
• 77395c1 Harden Unpacker.__init__ re-entry cleanup to prevent buffer/context leaks (...
• 7df7136 Guard Packer buffer protocol hooks with Cython critical sections (#686)
• Additional commits viewable in compare view

Updates virtualenv from 20.29.2 to 20.36.1

Release notes

Sourced from virtualenv's releases.

20.36.0

What's Changed

• release 20.35.3 by @​gaborbernat in pypa/virtualenv#2981
• fix: Prevent NameError when accessing _DISTUTILS_PATCH during file ov… by @​gracetyy in pypa/virtualenv#2982
• Upgrade pip and fix 3.15 picking old wheel by @​gaborbernat in pypa/virtualenv#2989
• release 20.35.4 by @​gaborbernat in pypa/virtualenv#2990
• fix: wrong path on migrated venv by @​sk1234567891 in pypa/virtualenv#2996
• test_too_many_open_files: assert on errno.EMFILE instead of strerror by @​pltrz in pypa/virtualenv#3001
• fix: update filelock dependency version to 3.20.1 to fix CVE CVE-2025-68146 by @​pythonhubdev in pypa/virtualenv#3002
• fix: resolve EncodingWarning in tox upgrade environment by @​gaborbernat in pypa/virtualenv#3007
• Fix Interpreter discovery bug wrt. Microsoft Store shortcut using Latin-1 by @​rahuldevikar in pypa/virtualenv#3006
• Add support for PEP 440 version specifiers in the --python flag. by @​rahuldevikar in pypa/virtualenv#3008

New Contributors

• @​gracetyy made their first contribution in pypa/virtualenv#2982
• @​sk1234567891 made their first contribution in pypa/virtualenv#2996
• @​pltrz made their first contribution in pypa/virtualenv#3001
• @​pythonhubdev made their first contribution in pypa/virtualenv#3002
• @​rahuldevikar made their first contribution in pypa/virtualenv#3006

Full Changelog: pypa/virtualenv@20.35.3...20.36.0

20.35.4

What's Changed

• release 20.35.3 by @​gaborbernat in pypa/virtualenv#2981
• fix: Prevent NameError when accessing _DISTUTILS_PATCH during file ov… by @​gracetyy in pypa/virtualenv#2982
• Upgrade pip and fix 3.15 picking old wheel by @​gaborbernat in pypa/virtualenv#2989

New Contributors

• @​gracetyy made their first contribution in pypa/virtualenv#2982

Full Changelog: pypa/virtualenv@20.35.3...20.35.4

20.35.3

What's Changed

• release 20.35.1 by @​gaborbernat in pypa/virtualenv#2976
• Revert out effort to extract discovery by @​gaborbernat in pypa/virtualenv#2978
• release 20.35.2 by @​gaborbernat in pypa/virtualenv#2980
• test_too_many_open_files fails by @​gaborbernat in pypa/virtualenv#2979

Full Changelog: pypa/virtualenv@20.35.1...20.35.3

20.35.2

... (truncated)

Changelog

Sourced from virtualenv's changelog.

Bugfixes - 20.36.1

• Fix TOCTOU vulnerabilities in app_data and lock directory creation that could be exploited via symlink attacks - reported by :user:tsigouris007, fixed by :user:gaborbernat. (:issue:3013)

---

v20.36.0 (2026-01-07)

---

Features - 20.36.0

• Add support for PEP 440 version specifiers in the --python flag. Users can now specify Python versions using operators like >=, <=, ~=, etc. For example: virtualenv --python=">=3.12" myenv . (:issue:2994`)

---

v20.35.4 (2025-10-28)

---

Bugfixes - 20.35.4

• Fix race condition in _virtualenv.py when file is overwritten during import, preventing NameError when _DISTUTILS_PATCH is accessed - by :user:gracetyy. (:issue:2969)

• Upgrade embedded wheels:

  • pip to 25.3 from 25.2 (:issue:2989)

---

v20.35.3 (2025-10-10)

---

Bugfixes - 20.35.3

• Accept RuntimeError in test_too_many_open_files, by :user:esafak (:issue:2935)

---

v20.35.2 (2025-10-10)

---

Bugfixes - 20.35.2

• Revert out changes related to the extraction of the discovery module - by :user:gaborbernat. (:issue:2978)

---

v20.35.1 (2025-10-09)

---

... (truncated)

Commits

• d0ad11d release 20.36.1
• dec4cec Merge pull request #3013 from gaborbernat/fix-sec
• 5fe5d38 release 20.36.0 (#3011)
• 9719376 release 20.36.0
• 0276db6 Add support for PEP 440 version specifiers in the --python flag. (#3008)
• 4f900c2 Fix Interpreter discovery bug wrt. Microsoft Store shortcut using Latin-1 (#3...
• 13afcc6 fix: resolve EncodingWarning in tox upgrade environment (#3007)
• 31b5d31 [pre-commit.ci] pre-commit autoupdate (#2997)
• 7c28422 fix: update filelock dependency version to 3.20.1 to fix CVE CVE-2025-68146 (...
• 365628c test_too_many_open_files: assert on errno.EMFILE instead of strerror (#3001)
• Additional commits viewable in compare view

[Martin005]

@dependabot rebase