chore(deps): bump the jsonschema group with 2 updates

[dependabot]

Updates the requirements on jsonschema and referencing to permit the latest version.
Updates jsonschema to 0.42.0

Release notes

Sourced from jsonschema's releases.

[Python] Release 0.42.0

Fixed

• Panic when validating $ref targets that resolve to boolean schemas.

Performance

• Use FFI PyList_New + PyList_SetItem for array conversion to avoid reallocations.
• Cache ValidationError, ReferencingError, and decimal.Decimal types to avoid repeated module imports.
• Cache formatted schema locations to avoid repeated formatting during evaluate().
• Use as_str instead of to_string for type names in validation errors to avoid allocations.

Changelog

Sourced from jsonschema's changelog.

[0.42.0] - 2026-02-14

Added

• JsonType::as_str method for zero-allocation type name access.
• ValidationErrorKind::keyword is now public.
• tls-ring feature flag to opt into using ring as the TLS crypto provider instead of the default aws-lc-rs. #997
• CLI: Support YAML (.yaml/.yml) instance files in text output mode. #988

Changed

• BREAKING: Default TLS crypto provider switched back to aws-lc-rs. Users who need ring can opt in via the tls-ring feature flag. This resolves potential conflicts with other libraries using aws-lc-rs. #997

Fixed

• Panic when validating $ref targets that resolve to boolean schemas.

Performance

• Cache formatted schema locations with OnceLock to avoid repeated formatting during evaluate().

[0.41.0] - 2026-02-04

Performance

• Replace regex-based uri-template format validation with a hand-rolled RFC 6570 parser.
• Specialize items keyword for simple type schemas ({"type": "string"}, {"type": "number"}, etc.) to eliminate dynamic dispatch overhead.
• Precompute regex matches on known properties.
• Faster unevaluatedProperties validation via O(1) property lookup and short-circuit oneOf evaluation.
• Use HashMap for large set of properties.
• Lower HashMap threshold from 40 to 15 properties for faster property lookups.

[0.40.2] - 2026-01-30

Changed

• Exclude internal tracker field from ValidationError Debug output.
• Switch HTTP client TLS crypto backend from aws-lc-rs to ring to simplify building from source on some Linux distributions. #957

Fixed

• type: integer validation in Draft 4 now correctly accepts large integers outside the i64/u64 range when arbitrary-precision feature is enabled.

[0.40.1] - 2026-01-30

Changed

• ValidationErrorKind::Custom now includes a keyword field containing the custom keyword name.

Performance

... (truncated)

Commits

• fd3fc53 chore(ruby): Release 0.42.0
• 35bc7e5 build(ruby): Fix ruby release
• aed59cd chore(ruby): Rename gem to jsonschema-rs
• bd752e6 chore(ruby): Cleanup default features for jsonschema
• 0e54560 chore(python): Release 0.42.0
• cacce90 chore(ruby): Update to jsonschema 0.42.0
• 6dfcaf3 chore(rust): Release 0.42.0
• 29faf94 chore: Update serde-saphyr to 0.0.18
• 1f7665c test(cli): add more tests for YAML inputs
• d61302b test: normalize test outcomes for stable comparison
• Additional commits viewable in compare view

Updates referencing to 0.42.0

Release notes

Sourced from referencing's releases.

[Python] Release 0.42.0

Fixed

• Panic when validating $ref targets that resolve to boolean schemas.

Performance

• Use FFI PyList_New + PyList_SetItem for array conversion to avoid reallocations.
• Cache ValidationError, ReferencingError, and decimal.Decimal types to avoid repeated module imports.
• Cache formatted schema locations to avoid repeated formatting during evaluate().
• Use as_str instead of to_string for type names in validation errors to avoid allocations.

Changelog

Sourced from referencing's changelog.

[0.42.0] - 2026-02-14

Added

• JsonType::as_str method for zero-allocation type name access.
• ValidationErrorKind::keyword is now public.
• tls-ring feature flag to opt into using ring as the TLS crypto provider instead of the default aws-lc-rs. #997
• CLI: Support YAML (.yaml/.yml) instance files in text output mode. #988

Changed

• BREAKING: Default TLS crypto provider switched back to aws-lc-rs. Users who need ring can opt in via the tls-ring feature flag. This resolves potential conflicts with other libraries using aws-lc-rs. #997

Fixed

• Panic when validating $ref targets that resolve to boolean schemas.

Performance

• Cache formatted schema locations with OnceLock to avoid repeated formatting during evaluate().

[0.41.0] - 2026-02-04

Performance

• Replace regex-based uri-template format validation with a hand-rolled RFC 6570 parser.
• Specialize items keyword for simple type schemas ({"type": "string"}, {"type": "number"}, etc.) to eliminate dynamic dispatch overhead.
• Precompute regex matches on known properties.
• Faster unevaluatedProperties validation via O(1) property lookup and short-circuit oneOf evaluation.
• Use HashMap for large set of properties.
• Lower HashMap threshold from 40 to 15 properties for faster property lookups.

[0.40.2] - 2026-01-30

Changed

• Exclude internal tracker field from ValidationError Debug output.
• Switch HTTP client TLS crypto backend from aws-lc-rs to ring to simplify building from source on some Linux distributions. #957

Fixed

• type: integer validation in Draft 4 now correctly accepts large integers outside the i64/u64 range when arbitrary-precision feature is enabled.

[0.40.1] - 2026-01-30

Changed

• ValidationErrorKind::Custom now includes a keyword field containing the custom keyword name.

Performance

... (truncated)

Commits

• fd3fc53 chore(ruby): Release 0.42.0
• 35bc7e5 build(ruby): Fix ruby release
• aed59cd chore(ruby): Rename gem to jsonschema-rs
• bd752e6 chore(ruby): Cleanup default features for jsonschema
• 0e54560 chore(python): Release 0.42.0
• cacce90 chore(ruby): Update to jsonschema 0.42.0
• 6dfcaf3 chore(rust): Release 0.42.0
• 29faf94 chore: Update serde-saphyr to 0.0.18
• 1f7665c test(cli): add more tests for YAML inputs
• d61302b test: normalize test outcomes for stable comparison
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions