From 569ae52ee1e599117a635893e5fff4512ec47682 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 13 Aug 2025 11:07:39 +0000
Subject: [PATCH 1/2] Bump cython from 3.1.2 to 3.1.3 (#11426)

Bumps [cython](https://github.com/cython/cython) from 3.1.2 to 3.1.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/cython/cython/blob/master/CHANGES.rst">cython's
changelog</a>.</em></p>
<blockquote>
<h1>3.1.3 (2025-??-??)</h1>
<h2>Bugs fixed</h2>
<ul>
<li>
<p>Some method calls with 0 or 1 argument failed to use
<code>PyObject_VectorCallMethod()</code>.</p>
</li>
<li>
<p><code>cython.pythread_type_lock</code> (also used as fallback for
<code>cython.pymutex</code>)
could stall on heavily contended locks.
(Github issue :issue:<code>6999</code>)</p>
</li>
<li>
<p>C string arrays (not pointers) always coerced to the Python default
string type,
even on explicit casts to other string types.
(Github issue :issue:<code>7020</code>)</p>
</li>
<li>
<p>An internal C function was not marked as <code>static</code> and
leaked a linker symbol.
(Github issue :issue:<code>6957</code>)</p>
</li>
<li>
<p>Compatibility with PyPy3.8 was lost by accident.</p>
</li>
<li>
<p>The Linux binary wheels of 3.1.2 used SSSE3 CPU instructions which
are not available on some CPUs.
(Github issue :issue:<code>7038</code>)</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cython/cython/commit/8a1b3c10260fa9f9a91475819d737bce59b1a3d0"><code>8a1b3c1</code></a>
Build: Explicitly exclude GraalPython and Freethreaded Python wheels
because ...</li>
<li><a
href="https://github.com/cython/cython/commit/c1a622f927b57eb35284e12319e73df008b855c5"><code>c1a622f</code></a>
Update changelog.</li>
<li><a
href="https://github.com/cython/cython/commit/68ff5dc8c621552b06b5a5a280ad695f72d988c8"><code>68ff5dc</code></a>
Fix code-generation with walrus+literals (<a
href="https://redirect.github.com/cython/cython/issues/6989">GH-6989</a>)</li>
<li><a
href="https://github.com/cython/cython/commit/85aeae1246962e6b13db40a9357804bf9dd81fd8"><code>85aeae1</code></a>
Fix bug with tokenizing apparent named character literals in raw string
(<a
href="https://redirect.github.com/cython/cython/issues/7057">#7057</a>)</li>
<li><a
href="https://github.com/cython/cython/commit/308c3f92a8cdb8fccbbf0df309c7fdf6c3925199"><code>308c3f9</code></a>
Build: Exclude freethreading Python wheels in 3.1.x because we currently
use ...</li>
<li><a
href="https://github.com/cython/cython/commit/0edc6736ce262be242448f86ae27c861a8803e0a"><code>0edc673</code></a>
Build: Fix matrix generation.</li>
<li><a
href="https://github.com/cython/cython/commit/f95a8ba8b863e6745d34ee145b4d40e12103f5fa"><code>f95a8ba</code></a>
Build: Use latest cibuildwheel to include Py3.14.</li>
<li><a
href="https://github.com/cython/cython/commit/968aecf17d8ddf931c5df824427589d92b8122dc"><code>968aecf</code></a>
Prepare release of 3.1.3.</li>
<li><a
href="https://github.com/cython/cython/commit/9cee731d5f341723fa2e43693b35c510c855cbb0"><code>9cee731</code></a>
Update changelog.</li>
<li><a
href="https://github.com/cython/cython/commit/d4cb2fda6ee90d7204cefe83d225771ac11900f7"><code>d4cb2fd</code></a>
Build: Do not require wheel for building (<a
href="https://redirect.github.com/cython/cython/issues/7084">GH-7084</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cython/cython/compare/3.1.2...3.1.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cython&package-manager=pip&previous-version=3.1.2&new-version=3.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/constraints.txt | 2 +-
 requirements/cython.txt      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index a0123ab3b0a..553d4cb9582 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -60,7 +60,7 @@ cryptography==45.0.6
     # via
     #   pyjwt
     #   trustme
-cython==3.1.2
+cython==3.1.3
     # via -r requirements/cython.in
 distlib==0.4.0
     # via virtualenv
diff --git a/requirements/cython.txt b/requirements/cython.txt
index b80de4842de..792988a9814 100644
--- a/requirements/cython.txt
+++ b/requirements/cython.txt
@@ -4,7 +4,7 @@
 #
 #    pip-compile --allow-unsafe --output-file=requirements/cython.txt --resolver=backtracking --strip-extras requirements/cython.in
 #
-cython==3.1.2
+cython==3.1.3
     # via -r requirements/cython.in
 multidict==6.6.4
     # via -r requirements/multidict.in

From 9f9b07cd21b9cccd21d4469d41309b01c544e9a5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 13 Aug 2025 16:13:44 +0000
Subject: [PATCH 2/2] Bump towncrier from 23.11.0 to 24.8.0 (#8888)

Bumps [towncrier](https://github.com/twisted/towncrier) from 23.11.0 to
24.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/twisted/towncrier/releases">towncrier's
releases</a>.</em></p>
<blockquote>
<h2>Towncrier 24.8.0 (2024-08-23)</h2>
<h3>Features</h3>
<ul>
<li>Add <code>.gitkeep</code> as an ignored filename.
(<a
href="https://redirect.github.com/twisted/towncrier/issues/643">#643</a>)</li>
<li>Config <!-- raw HTML omitted -->ignore<!-- raw HTML omitted -->
option now supports
wildcard matching via
<a
href="https://docs.python.org/3/library/fnmatch.html#fnmatch.fnmatch">fnmatch</a>.
(<a
href="https://redirect.github.com/twisted/towncrier/issues/644">#644</a>)</li>
<li>Add a config for enforcing issue names using regex.
(<a
href="https://redirect.github.com/twisted/towncrier/issues/649">#649</a>)</li>
</ul>
<h3>Bugfixes</h3>
<ul>
<li>The template file is now ignored based only on the file name.
(<a
href="https://redirect.github.com/twisted/towncrier/issues/638">#638</a>)</li>
<li>Control of the header formatting is once again completely up to the
user when they are writing markdown files (fixes a regression
introduced in
[#610](<a
href="https://redirect.github.com/twisted/towncrier/pull/610">twisted/towncrier#610</a>)).
(<a
href="https://redirect.github.com/twisted/towncrier/issues/651">#651</a>)</li>
<li>Fixed an issue where <!-- raw HTML omitted -->issue_template<!-- raw
HTML omitted -->
failed recognizing the issue name of files with a non-category
suffix (<!-- raw HTML omitted -->.md<!-- raw HTML omitted -->)
(<a
href="https://redirect.github.com/twisted/towncrier/issues/654">#654</a>)</li>
<li>Fixed a bug where orphan news fragments (e.g. +abc1234.feature)
would fail when an <!-- raw HTML omitted -->issue_pattern<!-- raw HTML
omitted --> is
configured. Orphan news fragments are now excempt from <!-- raw HTML
omitted -->issue_pattern<!-- raw HTML omitted --> checks.
(<a
href="https://redirect.github.com/twisted/towncrier/issues/655">#655</a>)</li>
</ul>
<h3>Deprecations and Removals</h3>
<ul>
<li>
<p>Moved towncrier version definition from src/towncrier/_version.py
to pyproject.toml</p>
<p>towncrier.__version__ was removed, after being deprecated in
23.6.0. (<a
href="https://redirect.github.com/twisted/towncrier/issues/640">#640</a>)</p>
</li>
</ul>
<h3>Misc</h3>
<ul>
<li><a
href="https://redirect.github.com/twisted/towncrier/issues/640">#640</a>,
<a
href="https://redirect.github.com/twisted/towncrier/issues/657">#657</a></li>
</ul>
<h2>Towncrier 24.8.0rc1 (2024-08-19)</h2>
<h3>Features</h3>
<ul>
<li>Add <code>.gitkeep</code> as an ignored filename.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/twisted/towncrier/blob/trunk/NEWS.rst">towncrier's
changelog</a>.</em></p>
<blockquote>
<h1>Towncrier 24.8.0 (2024-08-23)</h1>
<p>No changes since the previous release candidate.</p>
<h2>Features</h2>
<ul>
<li>Add <code>.gitkeep</code> as an ignored filename.
(<code>[#643](https://github.com/twisted/towncrier/issues/643)
&lt;https://github.com/twisted/towncrier/issues/643&gt;</code>_)</li>
<li>Config <code>ignore</code> option now supports wildcard matching via
<code>fnmatch
&lt;https://docs.python.org/3/library/fnmatch.html#fnmatch.fnmatch&gt;</code><em>.
(<code>[#644](https://github.com/twisted/towncrier/issues/644)
&lt;https://github.com/twisted/towncrier/issues/644&gt;</code></em>)</li>
<li>Add a config for enforcing issue names using regex.
(<code>[#649](https://github.com/twisted/towncrier/issues/649)
&lt;https://github.com/twisted/towncrier/issues/649&gt;</code>_)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>The template file is now ignored based only on the file name.
(<code>[#638](https://github.com/twisted/towncrier/issues/638)
&lt;https://github.com/twisted/towncrier/issues/638&gt;</code>_)</li>
<li>Control of the header formatting is once again completely up to the
user when they are writing markdown files (fixes a regression introduced
in <a
href="https://redirect.github.com/twisted/towncrier/pull/610">#610</a>).
(<code>[#651](https://github.com/twisted/towncrier/issues/651)
&lt;https://github.com/twisted/towncrier/issues/651&gt;</code>_)</li>
<li>Fixed an issue where <code>issue_template</code> failed recognizing
the issue name of files with a non-category suffix (<code>.md</code>)
(<code>[#654](https://github.com/twisted/towncrier/issues/654)
&lt;https://github.com/twisted/towncrier/issues/654&gt;</code>_)</li>
<li>Fixed a bug where orphan news fragments (e.g. +abc1234.feature)
would fail when an <code>issue_pattern</code> is configured. Orphan news
fragments are now excempt from <code>issue_pattern</code> checks.
(<code>[#655](https://github.com/twisted/towncrier/issues/655)
&lt;https://github.com/twisted/towncrier/issues/655&gt;</code>_)</li>
</ul>
<h2>Deprecations and Removals</h2>
<ul>
<li>
<p>Moved towncrier version definition from src/towncrier/_version.py to
pyproject.toml</p>
<p>towncrier.<strong>version</strong> was removed, after being
deprecated in 23.6.0.
(<code>[#640](https://github.com/twisted/towncrier/issues/640)
&lt;https://github.com/twisted/towncrier/issues/640&gt;</code>_)</p>
</li>
</ul>
<h2>Misc</h2>
<ul>
<li><code>[#640](https://github.com/twisted/towncrier/issues/640)
&lt;https://github.com/twisted/towncrier/issues/640&gt;</code><em>,
<code>[#657](https://github.com/twisted/towncrier/issues/657)
&lt;https://github.com/twisted/towncrier/issues/657&gt;</code></em></li>
</ul>
<h1>Towncrier 24.7.1 (2024-07-31)</h1>
<p>No significant changes since the previous release candidate.</p>
<h2>Bugfixes</h2>
<ul>
<li>When the template file is stored in the same directory with the news
fragments, it is automatically ignored when checking for valid fragment
file names.
(<code>[#632](https://github.com/twisted/towncrier/issues/632)
&lt;https://github.com/twisted/towncrier/issues/632&gt;</code>_)</li>
</ul>
<p>Misc</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/twisted/towncrier/commit/833647e31cde8fd68f0e53063b10e8f3ae4214c3"><code>833647e</code></a>
Update final release.</li>
<li><a
href="https://github.com/twisted/towncrier/commit/f944515bd9b2c46d2cc2fc75bae35f88e4890e0d"><code>f944515</code></a>
Update release docs.</li>
<li><a
href="https://github.com/twisted/towncrier/commit/261c8a23ec5b6a72f39230baf56698fba57bcbc9"><code>261c8a2</code></a>
venv/bin/towncrier build --yes</li>
<li><a
href="https://github.com/twisted/towncrier/commit/89ff29cd85ed7a01868df46746fcb287d9ba5140"><code>89ff29c</code></a>
Update version.</li>
<li><a
href="https://github.com/twisted/towncrier/commit/cb09ddf049e696c25796f8466081a66933577903"><code>cb09ddf</code></a>
Remove a stray &quot;c&quot; in the docs (<a
href="https://redirect.github.com/twisted/towncrier/issues/657">#657</a>)</li>
<li><a
href="https://github.com/twisted/towncrier/commit/4aa8174dc7e843e7b71fc3092216dc2915065135"><code>4aa8174</code></a>
handle empty issue names (<a
href="https://redirect.github.com/twisted/towncrier/issues/656">#656</a>)</li>
<li><a
href="https://github.com/twisted/towncrier/commit/c24e5a1bdcb7b524181d4a84cfa991b8e498e8e4"><code>c24e5a1</code></a>
Update src/towncrier/test/test_check.py</li>
<li><a
href="https://github.com/twisted/towncrier/commit/4d1cd360bc5bfd6722ee5ef079cfbd7f7aa9e512"><code>4d1cd36</code></a>
Merge branch 'trunk' of <a
href="https://github.com/dorschw/towncrier">https://github.com/dorschw/towncrier</a>
into trunk</li>
<li><a
href="https://github.com/twisted/towncrier/commit/51129c7042f0a7783cf3a6d9630bbde2fd50216c"><code>51129c7</code></a>
fix comment</li>
<li><a
href="https://github.com/twisted/towncrier/commit/4a94d4a99f9560ee02f027f33ec41325b5bd51ab"><code>4a94d4a</code></a>
Use terminology from tutorial</li>
<li>Additional commits viewable in <a
href="https://github.com/twisted/towncrier/compare/23.11.0...24.8.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=towncrier&package-manager=pip&previous-version=23.11.0&new-version=24.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/constraints.txt  | 9 ++-------
 requirements/dev.txt          | 9 ++-------
 requirements/doc-spelling.txt | 9 +--------
 requirements/doc.txt          | 9 +--------
 4 files changed, 6 insertions(+), 30 deletions(-)

diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index 553d4cb9582..14853f123b1 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -95,8 +95,6 @@ idna==3.6
     #   yarl
 imagesize==1.4.1
     # via sphinx
-incremental==24.7.2
-    # via towncrier
 iniconfig==2.1.0
     # via pytest
 isal==1.7.2 ; python_version < "3.14"
@@ -251,14 +249,13 @@ tomli==2.2.1
     #   build
     #   cherry-picker
     #   coverage
-    #   incremental
     #   mypy
     #   pip-tools
     #   pytest
     #   slotscheck
     #   sphinx
     #   towncrier
-towncrier==23.11.0
+towncrier==24.8.0
     # via
     #   -r requirements/doc.in
     #   sphinxcontrib-towncrier
@@ -309,6 +306,4 @@ zstandard==0.23.0 ; implementation_name == "cpython"
 pip==25.2
     # via pip-tools
 setuptools==80.9.0
-    # via
-    #   incremental
-    #   pip-tools
+    # via pip-tools
diff --git a/requirements/dev.txt b/requirements/dev.txt
index 3d9534e3c68..a057ed21f9e 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -93,8 +93,6 @@ idna==3.6
     #   yarl
 imagesize==1.4.1
     # via sphinx
-incremental==24.7.2
-    # via towncrier
 iniconfig==2.1.0
     # via pytest
 isal==1.7.2 ; python_version < "3.14"
@@ -242,14 +240,13 @@ tomli==2.2.1
     #   build
     #   cherry-picker
     #   coverage
-    #   incremental
     #   mypy
     #   pip-tools
     #   pytest
     #   slotscheck
     #   sphinx
     #   towncrier
-towncrier==23.11.0
+towncrier==24.8.0
     # via
     #   -r requirements/doc.in
     #   sphinxcontrib-towncrier
@@ -300,6 +297,4 @@ zstandard==0.23.0 ; platform_python_implementation == "CPython" and python_versi
 pip==25.2
     # via pip-tools
 setuptools==80.9.0
-    # via
-    #   incremental
-    #   pip-tools
+    # via pip-tools
diff --git a/requirements/doc-spelling.txt b/requirements/doc-spelling.txt
index 6fe7bbc9f3d..752f2ff948c 100644
--- a/requirements/doc-spelling.txt
+++ b/requirements/doc-spelling.txt
@@ -22,8 +22,6 @@ idna==3.6
     # via requests
 imagesize==1.4.1
     # via sphinx
-incremental==24.7.2
-    # via towncrier
 jinja2==3.1.6
     # via
     #   sphinx
@@ -65,16 +63,11 @@ sphinxcontrib-towncrier==0.5.0a0
     # via -r requirements/doc.in
 tomli==2.2.1
     # via
-    #   incremental
     #   sphinx
     #   towncrier
-towncrier==23.11.0
+towncrier==24.8.0
     # via
     #   -r requirements/doc.in
     #   sphinxcontrib-towncrier
 urllib3==2.5.0
     # via requests
-
-# The following packages are considered to be unsafe in a requirements file:
-setuptools==80.9.0
-    # via incremental
diff --git a/requirements/doc.txt b/requirements/doc.txt
index 901551e0bf5..0bc71333e66 100644
--- a/requirements/doc.txt
+++ b/requirements/doc.txt
@@ -22,8 +22,6 @@ idna==3.6
     # via requests
 imagesize==1.4.1
     # via sphinx
-incremental==24.7.2
-    # via towncrier
 jinja2==3.1.6
     # via
     #   sphinx
@@ -58,16 +56,11 @@ sphinxcontrib-towncrier==0.5.0a0
     # via -r requirements/doc.in
 tomli==2.2.1
     # via
-    #   incremental
     #   sphinx
     #   towncrier
-towncrier==23.11.0
+towncrier==24.8.0
     # via
     #   -r requirements/doc.in
     #   sphinxcontrib-towncrier
 urllib3==2.5.0
     # via requests
-
-# The following packages are considered to be unsafe in a requirements file:
-setuptools==80.9.0
-    # via incremental