build(deps-dev): bump the dev-dependencies group with 3 updates

[dependabot]

Updates the requirements on black, isort and twine to permit the latest version.
Updates black to 26.5.1

Release notes

Sourced from black's releases.

26.5.1

Stable style

• Fix unstable formatting of annotated assignments whose subscript annotation contains an inline comment (e.g. x: list[ # pyright: ignore[...]) (#5130)
• Preserve inline comments (including # type: ignore) immediately before a # fmt: skip line, avoiding AST equivalence failures (#5139)

Packaging

• Correct the version in the published executables (#5137)

Documentation

• Add Neovim integration guide covering conform.nvim, ALE, and simple command approaches (#5124)

Changelog

Sourced from black's changelog.

Version 26.5.1

Stable style

• Fix unstable formatting of annotated assignments whose subscript annotation contains an inline comment (e.g. x: list[ # pyright: ignore[...]) (#5130)
• Preserve inline comments (including # type: ignore) immediately before a # fmt: skip line, avoiding AST equivalence failures (#5139)

Packaging

• Correct the version in the published executables (#5137)

Documentation

• Add Neovim integration guide covering conform.nvim, ALE, and simple command approaches (#5124)

Version 26.5.0

Highlights

• Add support for unpacking in comprehensions (PEP 798) and for lazy imports (PEP 810), both new syntactic features in Python 3.15 (#5048)
• Python 3.15 is now supported. Compiled wheels are not yet provided for Python 3.15, so performance may be slower than on existing Python versions. Wheels will be provided once Python 3.15 is later in its release cycle. (#5127)

Stable style

• Fix # fmt: skip being ignored in nested if expressions with parenthesized in clauses (#4903)
• Add syntactic support for Python 3.15 (#5048)
• Fix crash when an f-string follows a # fmt: off comment inside brackets (#5097)
• Preserve multiline compound statement headers when # fmt: skip is placed on the colon line (#5117)

Preview style

• Improve heuristics around whether blank lines should appear before, within and after groups of same-name decorated functions (such as @overload groups) in .pyi stub files (#5021)
• Fix blank lines being removed between a function and a decorated class in .pyi stub files (#5092)
• Prevent string merger from creating unsplittable long lines when a pragma comment (e.g. # type: ignore) follows the closing bracket (#5096)

Packaging

• Run CI on 3.15 (#5127)

... (truncated)

Commits

• 87928e6 Prepare release 26.5.1 (#5140)
• c970a49 Preserve comments before fmt: skip lines (#5139)
• 5809338 Preserve inline comments inside annotation subscripts (#5130)
• 61361b7 docs: add Neovim integration guide and fix http link (#5124)
• ebe6018 CI Hotfixes (#5136)
• 9cbd95f Fix publish binaries again on Windows (#5134)
• 3dc8e6c Add new changelog (#5132)
• 6d0fff0 Fix publish binaries workflow (#5133)
• d2490e2 Prepare release 26.5.0 (#5131)
• 2b13ea7 Preserve multiline headers with fmt skip (#5117)
• Additional commits viewable in compare view

Updates isort to 8.0.1

Release notes

Sourced from isort's releases.

8.0.1

Changes

• Fix #2461: Added compression to stdlibs for Python 3.14 in isort/stdlibs/py314.py (#2463) @​FinlayTheBerry
• Fix unindented comments being corrupted in indented blocks (#2459) @​worksbyfriday

Changelog

Sourced from isort's changelog.

Changelog

NOTE: isort follows the semver versioning standard. Find out more about isort's release policy here.

Releases

Unreleased

8.0.0 February 19 2026

• Removed --old-finders and --magic-placement flags and old_finders configuration option. The legacy finder logic that relied on environment introspection has been removed (#2445) @​joao-faria-dev
• Update the plone profile to not clash with black (#2456) @​ale-rt

6.1.0 October 1 2025

• Add python 3.14 classifier and badge (#2409) @​staticdev
• Drop use of non-standard pkg_resources API (#2405) @​dvarrazzo

6.0.1 Febuary 26 2025

• Add OSError handling in find_imports_in_file (#2331) @​kobarity

6.0.0 January 27 2025

• Remove support for Python 3.8 (#2327) @​DanielNoord
• Python 3.13 support (#2306) @​mayty
• Speed up exists_case_sensitive calls (#2264) @​correctmost
• Ensure that split_on_trailing_comma works with as imports (#2340) @​DanielNoord
• Black profile: enable magic comma (#2236) @​MrMino
• Update line_length and single_line_exclusions in google profile (#2149) @​jagapiou
• Allow --diff to be used with --jobs (#2302) @​mnakama
• Fix wemake profile to have correct character limit (#2241) @​sobolevn
• Fix sort_reexports code mangling (#2283) @​Helveg
• Fix correct group by package tokenization (#2136) @​glasnt

5.13.2 December 13 2023

• Apply the bracket fix from issue #471 only for use_parentheses=True (#2184) @​bp72
• Confine pre-commit to stages (#2213) @​davidculley
• Fixed colors extras (#2212) @​staticdev

5.13.1 December 11 2023

• Fixed integration tests (#2208) @​bp72
• Fixed normalizing imports from more than one level of parent modules (issue/2152) (#2191) @​bp72
• Remove optional dependencies without extras (#2207) @​staticdev

5.13.0 December 9 2023

... (truncated)

Commits

• a333737 Merge pull request #2463 from FinlayTheBerry/issue/2461
• 878ba7e Added compression to stdlibs for Python 3.14 in isort/stdlibs/py314.py
• b5f06a7 Merge pull request #2459 from Fridayai700/fix-unindented-comment-corruption
• 3459bde Merge pull request #2460 from PyCQA/DanielNoord-patch-1
• 6e70bb6 Update CHANGELOG for version 8.0.0
• fd2514b Fix unindented comments being corrupted in indented blocks
• b0f2dab Merge pull request #2458 from skv0zsneg/issue/1882
• 313797b Fix lint.
• 7d3a6f5 Add ignore for cyclomatic complexity check.
• 6b9f895 Remove debug prints.
• Additional commits viewable in compare view

Updates twine to 6.2.0

Changelog

Sourced from twine's changelog.

twine 6.2.0 (2025-09-04)

Features ^^^^^^^^

• Automatically refresh short-lived PyPI token in long running Trusted Publishing uploads.

  In the event that a trusted publishing upload job is taking longer than the validity period of a trusted publishing token (15 minutes at the time of this writing), and we are already 10 minutes into that validity period, we will begin to attempt to replace the token on each subsequent request. ([#1246](https://github.com/pypa/twine/issues/1246) <https://github.com/pypa/twine/issues/1246>_)

Bugfixes ^^^^^^^^

• Fix compatibility kludge for invalid License-File metadata entries emitted by build backends to work also with packaging version 24.0. ([#1217](https://github.com/pypa/twine/issues/1217) <https://github.com/pypa/twine/issues/1217>_)
• Fix a couple of incorrectly rendered error messages. ([#1224](https://github.com/pypa/twine/issues/1224) <https://github.com/pypa/twine/issues/1224>_)
• twine now enforces keyring >= 21.2.0, which was previously implicitly required by API usage. ([#1229](https://github.com/pypa/twine/issues/1229) <https://github.com/pypa/twine/issues/1229>_)
• twine now catches configparser.Error to prevent accidental leaks of secret tokens or passwords to the user's console. ([#1240](https://github.com/pypa/twine/issues/1240) <https://github.com/pypa/twine/issues/1240>_)

Deprecations and Removals ^^^^^^^^^^^^^^^^^^^^^^^^^

• Remove hacks that support --skip-existing for indexes other than PyPI and TestPyPI.

  To date, these hacks continue to accrue and there have been numerous issues with them, not the least of which being that every time we update them, the paid index providers change things to break the compatibility we implement for them. Beyond that, these hacks do not work when text is internationalized in the response from the index provider.

  For a sample of past issues, see:

  • pypa/twine#1251

  • pypa/twine#918

  • pypa/twine#856

  • pypa/twine#693

  • pypa/twine#332 ([#1251](https://github.com/pypa/twine/issues/1251) <https://github.com/pypa/twine/issues/1251>_)

... (truncated)

Commits

• 14ceb29 Update changelog for 6.2.0 (#1264)
• 60e377b build(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#1263)
• 88821f2 feat(package): remove MD5 hashing entirely (#1262)
• ce5fe53 build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0
• 6a696ed PEP 639 compliance
• 9175334 rename 1247.misc.rst to changelog/1247.misc.rst
• d94a475 fix(tests): update expected error message
• c1c02d1 Remove --skip-existing support for non-PyPI indices
• a24d308 Set trusted publishing logging to INFO/WARN (#1247)
• becf1a8 Fix py3.9 mypy error in __init__ around PackageMetadata
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions