Python Dependency Updates for BLFS 12.4 - certifi-2025.8.3 charset-normalizer-3.4.3 msgpack-1.1.1 pytz-2025.2 snowballstemmer-3.0.1 urllib3-2.5.0

[Douglas R. Reno]

After the pre-release manual dependency check, there are new versions of the following packages:

• certifi (2025.1.31 -> 2025.8.3)

• charset-normalizer (3.4.1 -> 3.4.3)

• msgpack (1.1.0 -> 1.1.1)

• pytz (2025.1 -> 2025.2)

• snowballstemmer (2.2.0 -> 3.0.1)

• urllib3 (2.3.0 -> 2.5.0)

[Douglas R. Reno]

Certifi is just root certificate updates.

[Douglas R. Reno]

charset-normalizer

3.4.3 (2025-08-09)
Changed

    mypy(c) is no longer a required dependency at build time if 
CHARSET_NORMALIZER_USE_MYPYC isn't set to 1. (#595) (#583)
    automatically lower confidence on small bytes samples that are not Unicode in detect 
output legacy function. (#391)

Added

    Custom build backend to overcome inability to mark mypy as an optional dependency in 
the build phase.
    Support for Python 3.14

Fixed

    sdist archive contained useless directories.
    automatically fallback on valid UTF-16 or UTF-32 even if the md says it's noisy. (#633)

Misc

    SBOM are automatically published to the relevant GitHub release to comply with 
regulatory changes. Each published wheel comes with its SBOM. We choose CycloneDX as the 
format.
    Prebuilt optimized wheel are no longer distributed by default for CPython 3.7 due to 
a change in cibuildwheel.

3.4.2 (2025-05-02)
Fixed

    Addressed the DeprecationWarning in our CLI regarding argparse.FileType by 
backporting the target class into the package. (#591)
    Improved the overall reliability of the detector with CJK Ideographs. (#605) (#587)

Changed

    Optional mypyc compilation upgraded to version 1.15 for Python >= 3.8

[Douglas R. Reno]

msgpack

What's Changed

    Add Python 3.13 trove classifier by @edgarrmondragon in #626
    update Cython to 3.1.1 by @methane in #637
    update cibuildwheel to v2.23.3 by @methane in #638
    upload to PyPI on create a release by @methane in #639

[Douglas R. Reno]

pytz just updates the time zone database to tzdata2025b

[Douglas R. Reno]

snowballstemmer

Snowball 3.0.1 (2025-05-09)
===========================

Python
------

* The __init__.py in 3.0.0 was incorrectly generated due to a missing
  build dependency and the list of algorithms was empty.  First reported by
  laymonage.  Thanks to Dmitry Shachnev, Henry Schreiner and Adam Turner for
  diagnosing and fixing.  (#229, #230, #231)

* Add trove classifiers for Armenian and Yiddish which have now been registered
  with PyPI.  Thanks to Henry Schreiner and Dmitry Shachnev.  (#228)

* Update documented details of Python 2 support in old versions.

Snowball 3.0.0 (2025-05-08)
===========================

Python
------

* Optimisations:

  + Use Python set for grouping checks.  This speeds up running the Python
    testsuite by about 4%.

  + Routines used in `among` are now referenced by name directly in the
    generated code, rather than using a string containing the name.  This
    avoids a `getattr()` call each time an among wants to call a routine.  This
    doesn't seem to make a measurable speed difference, but it's cleaner and
    avoids problems with name mangling.  Suggested by David Corbett in #217.

  + Simplify code generated for `loop`.  If the iteration count is constant and
    at most 4 then iterate over a tuple which microbenchmarking shows is
    faster.  The only current uses of loop in the shipped stemmers are `loop 2`
    so benefit from this.  Otherwise we now use `range(AE)` instead of
    `range (AE, 0, -1)` (the actual value of the loop variable is never
    used so only the number of iterations matter).

* Bug fixes:

  + Correctly handle stemmer names with an underscore.

* Code quality:

  + Generate Python with UTF-8 source encoding.  This makes the generated code
    easier to follow, which helps during development.  It's also a bit smaller.
    For now codepoints U+0590 and above are still emitted as escape sequences
    to avoid confusing source code rendering when LTR scripts are involved.

* Other changes:

  + Set python_requires to indicate to install tools that the generated code
    won't work with Python 3.0.x, 3.1.x and 3.2.x (due to use of `u"foo"`
    string literals).  Closes #192 and #191, opened by Andreas Maier.

  + Add classifiers to indicate support for Python 3.3 and for 3.8 to 3.13.
    Fixes #158, reported by Dmitry Shachnev.

  + Stop marking the wheel as universal, which had started to give a warning
    message.  Patch from Dmitry Shachnev (#210).

  + Stop calling `setup.py` directly which is deprecated and now produces a
    warning - use the `build` module instead.  Patch from Dmitry Shachnev
    (#210).

[Douglas R. Reno]

urllib3

2.5.0 (2025-06-18)
Features

    Added support for the compression.zstd module that is new in Python 3.14. See PEP 
784 for more information. (#3610)
    Added support for version 0.5 of hatch-vcs (#3612)

Bugfixes

    Fixed a security issue where restricting the maximum number of followed redirects at 
the urllib3.PoolManager level via the retries parameter did not work.
    Made the Node.js runtime respect redirect parameters such as retries and redirects.
    Raised exception for HTTPResponse.shutdown on a connection already released to the 
pool. (#3581)
    Fixed incorrect CONNECT statement when using an IPv6 proxy with 
connection_from_host. Previously would not be wrapped in []. (#3615)

2.4.0 (2025-04-10)
Features

    Applied PEP 639 by specifying the license fields in pyproject.toml. (#3522)
    Updated exceptions to save and restore more properties during the pickle/
serialization process. (#3567)
    Added verify_flags option to create_urllib3_context with a default of 
VERIFY_X509_PARTIAL_CHAIN and VERIFY_X509_STRICT for Python 3.13+. (#3571)

Bugfixes

    Fixed a bug with partial reads of streaming data in Emscripten. (#3555)

Misc

    Switched to uv for installing development dependecies. (#3550)
    Removed the multiple.intoto.jsonl asset from GitHub releases. Attestation of release 
files since v2.3.0 can be found on PyPI. (#3566)

[Douglas R. Reno]

Fixed at f7174cab00a56dfcdef2ac551da75e5659234a81