build(deps): bump the production-dependencies group across 1 directory with 4 updates

[dependabot]

Bumps the production-dependencies group with 4 updates in the / directory: mkdocs-material, attrs, jinja2 and multidict.

Updates mkdocs-material from 9.6.7 to 9.6.9

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.6.9

• Updated Serbo-Croatian translations
• Fixed #8086: Custom SVG icons containing hashes break rendering
• Fixed #8067: Drawer has gap on right side in Firefox on some OSs

mkdocs-material-9.6.8

• Added Welsh translations
• Fixed #8076: Privacy plugin crashes if HTTP download fails

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.6.9 (2025-03-17)

• Updated Serbo-Croatian translations
• Fixed #8086: Custom SVG icons containing hashes break rendering
• Fixed #8067: Drawer has gap on right side in Firefox on some OSs

mkdocs-material-9.6.8+insiders-4.53.16 (2025-03-13)

• Fixed #8019: Tooltips have precedence over instant previews

mkdocs-material-9.6.8 (2025-03-13)

• Added Welsh translations
• Fixed #8076: Privacy plugin crashes if HTTP download fails

mkdocs-material-9.6.7 (2025-03-03)

• Fixed #8056: Error in backrefs implementation (9.6.6 regression)
• Fixed #8054: Unescaped quotes in ARIA labels of table of contents

mkdocs-material-9.6.6 (2025-03-01)

• Fixed #8040: Privacy plugin not replacing exteral assets (9.6.5 regression)
• Fixed #8031: Replace unmaintained regex package in search plugin

mkdocs-material-9.6.5 (2025-02-20)

• Fixed #8016: Tags listing not showing when when file name has spaces
• Fixed #8012: Privacy plugin crashes if HTTP download fails

mkdocs-material-9.6.4 (2025-02-12)

• Fixed #7985: Blog content sometimes not stretching to full width
• Fixed #7978: Navigation rendering bug in Safari 18.3

mkdocs-material-9.6.3 (2025-02-07)

• Fixed rendering of arrow heads in Mermaid.js class diagrams
• Fixed #7960: Tags plugin crashes on numeric metadata titles

mkdocs-material-9.6.2 (2025-02-03)

• Fixed #7955: Excessively long words don't break on narrow screens
• Fixed #7947: Scope setting interferes with outdated version banner

mkdocs-material-9.6.1 (2025-01-31)

• Fixed #7943: Tags plugin crashing due to merge error

mkdocs-material-9.6.0 (2025-01-31)

... (truncated)

Commits

• 646c7ab Prepare 9.6.9 release
• 27d57ea Updated twemoji cdn for icon search index (#8093)
• 0918657 Fixed build:all output on Windows (#8089)
• 0e75aef Updated Serbo-Croatian translations
• 52b584f Added urlencode to fix # in custom icons (#8087)
• 3296cdf Fixed sidebar on Firefox mobile
• 502ef2f Updated Insiders changelog
• a43d223 Prepare 9.6.8 release
• 76a66b7 Fixed error in translations partial
• 1c5e112 Integrated Welsh translations
• Additional commits viewable in compare view

Updates attrs from 25.1.0 to 25.3.0

Commits

• See full diff in compare view

Updates jinja2 from 3.1.5 to 3.1.6

Release notes

Sourced from jinja2's releases.

3.1.6

This is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.6/ Changes: https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6

• The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. GHSA-cpwx-vrp4-4pq7

Changelog

Sourced from jinja2's changelog.

Version 3.1.6

Released 2025-03-05

• The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. :ghsa:cpwx-vrp4-4pq7

Commits

• 1520688 release version 3.1.6
• 90457bb Merge commit from fork
• 065334d attr filter uses env.getattr
• 033c200 start version 3.1.6
• bc68d4e use global contributing guide (#2070)
• 247de5e use global contributing guide
• ab8218c use project advisory link instead of global
• b4ffc8f release version 3.1.5 (#2066)
• See full diff in compare view

Updates multidict from 6.1.0 to 6.2.0

Release notes

Sourced from multidict's releases.

6.2.0

Bug fixes

• Fixed in checks throwing an exception instead of returning :data:False when testing non-strings.

  Related issues and pull requests on GitHub: #1045.

• Fix a leak when the last accessed module in PyInit__multidict init is not released.

  Related issues and pull requests on GitHub: #1061.

Features

• Implemented support for the free-threaded build of CPython 3.13 -- by :user:lysnikolaou.

  Related issues and pull requests on GitHub: #1015.

Packaging updates and notes for downstreams

• Started publishing wheels made for the free-threaded build of CPython 3.13 -- by :user:lysnikolaou.

  Related issues and pull requests on GitHub: #1015.

Miscellaneous internal changes

• Used stricter typing across the code base, resulting in improved typing accuracy across multidict classes. Funded by an NLnet grant.

  Related issues and pull requests on GitHub: #1046.

---

6.1.0 (2024-09-09)

Bug fixes

... (truncated)

Changelog

Sourced from multidict's changelog.

6.2.0

(2025-03-17)

Bug fixes

• Fixed in checks throwing an exception instead of returning :data:False when testing non-strings.

  Related issues and pull requests on GitHub: :issue:1045.

• Fix a leak when the last accessed module in PyInit__multidict init is not released.

  Related issues and pull requests on GitHub: :issue:1061.

Features

• Implemented support for the free-threaded build of CPython 3.13 -- by :user:lysnikolaou.

  Related issues and pull requests on GitHub: :issue:1015.

Packaging updates and notes for downstreams

• Started publishing wheels made for the free-threaded build of CPython 3.13 -- by :user:lysnikolaou.

  Related issues and pull requests on GitHub: :issue:1015.

Miscellaneous internal changes

• Used stricter typing across the code base, resulting in improved typing accuracy across multidict classes. Funded by an NLnet grant.

  Related issues and pull requests on GitHub: :issue:1046.

---

Commits

• af07d5b Synchronize towncrier settings (#1067)
• 8314bdc Tune CHANGES markup (#1066)
• 09693c1 Fix towncrier markup (#1065)
• 0e8d24a Increase timeout for qemu based builds (#1064)
• a9bb3a0 Release 6.2.0 (#1062)
• f893493 Fix a leak when the last accessed module in multidict init is not released (#...
• 14cf766 Bump pypa/cibuildwheel from 2.22.0 to 2.23.0 (#1059)
• 1256899 Bump pytest from 8.3.4 to 8.3.5 (#1058)
• c79c379 Bump sphinx from 8.2.1 to 8.2.3 (#1057)
• 4cb2f08 Relax test_leak to run reliable against free-threaded python (#1060)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.