fix(deps): bump python dependencies update bump

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
cairosvg (source)	>=2.8.2 → >=2.9.0
coverage	>=7.13.4 → >=7.13.5
mkdocs-gen-files (changelog)	>=0.6.0 → >=0.6.1
mkdocs-material (changelog)	>=9.7.5 → >=9.7.6
prek (source, changelog)	>=0.3.5 → >=0.3.6
ruff (source, changelog)	>=0.15.6 → >=0.15.7
tombi	>=0.9.4 → >=0.9.8
tox (changelog)	>=4.49.1 → >=4.50.3

---

Release Notes

coveragepy/coveragepy (coverage)

v7.13.5

Compare Source

• Fix: issue 2138_ describes a memory leak that happened when repeatedly
  using the Coverage API with in-memory data. This is now fixed.

• Fix: the markdown-formatted coverage report didn't fully escape special
  characters in file paths (issue 2141). This would be very unlikely to
  cause a problem, but now it's done properly, thanks to Ellie Ayla <pull 2142_>.

• Fix: the C extension wouldn't build on VS2019, but now it does (issue 2145_).

.. _issue 2138: #​2138
.. _issue 2141: #​2141
.. _pull 2142: #​2142
.. _issue 2145: #​2145

.. _changes_7-13-4:

oprypin/mkdocs-gen-files (mkdocs-gen-files)

v0.6.1

Compare Source

• Warn when this plugin is being used from the mkdocs executable (#​42)

  Apologies for the inconvenience. We are starting a community continuation of MkDocs under a new name ProperDocs, and plugins are our main hope regarding how we can spread the word.
  See https://redirect.github.com/ProperDocs/properdocs/discussions/33

Full Changelog: oprypin/mkdocs-gen-files@v0.6.0...v0.6.1

squidfunk/mkdocs-material (mkdocs-material)

v9.7.6: mkdocs-material-9.7.6

Compare Source

[!WARNING]

Material for MkDocs is in maintenance mode

Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs until November 2026.

Read the full announcement on our blog

Changes

• Automatically disable MkDocs 2.0 warning for forks of MkDocs

j178/prek (prek)

v0.3.6

Compare Source

Released on 2026-03-16.

Enhancements

• Allow selectors for hook ids containing colons (#​1782)
• Rename prek install-hooks to prek prepare-hooks and prek install --install-hooks to prek install --prepare-hooks (#​1766)
• Retry auth-failed repo clones with terminal prompts enabled (#​1761)

Performance

• Optimize detect_private_key by chunked reading and using aho-corasick (#​1791)
• Optimize fix_byte_order_marker by shifting file contents in place (#​1790)

Bug fixes

• Align stage defaulting behavior with pre-commit (#​1788)
• Make sure child output is drained in the PTY subprocess (#​1768)
• fix(golang): use GOTOOLCHAIN=local when probing system go (#​1797)

Documentation

• Disambiguate “hook” terminology by renaming "Git hooks" to "Git shims" (#​1776)
• Document compatibility with pre-commit (#​1767)
• Update configuration.md with TOML 1.1 notes (#​1764)

Other changes

• Sync latest identify tags (#​1798)

Contributors

• @​github-actions
• @​j178
• @​pcastellazzi
• @​deadnews
• @​copilot-swe-agent

astral-sh/ruff (ruff)

v0.15.7

Compare Source

Released on 2026-03-19.

Preview features

• Display output severity in preview (#​23845)
• Don't show noqa hover for non-Python documents (#​24040)

Rule changes

• [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#​24019)

Server

• Don't return code actions for non-Python documents (#​23905)

Documentation

• Add company AI policy to contributing guide (#​24021)
• Document editor features for Markdown code formatting (#​23924)
• [pylint] Improve phrasing (PLC0208) (#​24033)

Other changes

• Use PEP 639 license information (#​19661)

Contributors

• @​tmimmanuel
• @​DimitriPapadopoulos
• @​amyreese
• @​statxc
• @​dylwil3
• @​hunterhogan
• @​renovate

tombi-toml/tombi (tombi)

v0.9.8

Compare Source

What's Changed

🚀 New Features

• feat: support fragment by @​ya7010 in #​1608

🛠️ Other Changes

• fix: update dependencies and enhance completion logic for Cargo.toml by @​ya7010 in #​1604
• fix: update SemVerRequirement to include examples in schema by @​ya7010 in #​1605
• fix: add logging for TOML AST parsing errors by @​ya7010 in #​1606
• Update: schema uri by @​ya7010 in #​1607

Full Changelog: tombi-toml/tombi@v0.9.7...v0.9.8

v0.9.7

Compare Source

What's Changed

🐛 Bug Fixes

• fix: terminal pop-up problem with vscode extension in Windows system by @​luo2430 in #​1600

🛠️ Other Changes

• docs: update installation guide to clarify type definition request behavior in Zed by @​ya7010 in #​1596
• doc: fix and move tombi.toml sample by @​ya7010 in #​1597
• ci: skip irrelevant GitHub Actions runs by @​ya7010 in #​1598
• refactor(vscode): extract node command check by @​ya7010 in #​1601

New Contributors

• @​luo2430 made their first contribution in #​1600

Full Changelog: tombi-toml/tombi@v0.9.6...v0.9.7

tox-dev/tox (tox)

v4.50.3

Compare Source

What's Changed

• 🐛 fix(pkg): distinguish free-threaded Python in wheel build env by @​gaborbernat in #​3891

Full Changelog: tox-dev/tox@4.50.2...4.50.3

v4.50.2

Compare Source

What's Changed

• fix(sdist): include docs/man/tox.1.rst by @​branchv in #​3890

New Contributors

• @​branchv made their first contribution in #​3890

Full Changelog: tox-dev/tox@4.50.1...4.50.2

v4.50.1

Compare Source

What's Changed

• 🐛 fix(env): suggest normalized env name for dotted Python versions by @​gaborbernat in #​3888

Full Changelog: tox-dev/tox@4.50.0...4.50.1

v4.50.0

Compare Source

What's Changed

• document {env:TOX_PACKAGE} for referencing built packages in commands by @​rahuldevikar in #​3873
• 🧪 test(docs): validate doc config examples to prevent regressions by @​gaborbernat in #​3875
• ✨ feat(run): add interrupt_post_commands for cleanup after Ctrl-C by @​gaborbernat in #​3882
• ✨ feat(config): support subscript syntax and env_name in conditionals by @​gaborbernat in #​3884

Full Changelog: tox-dev/tox@4.49.1...4.50.0

---

Configuration

📅 Schedule: Branch creation - "before 4am on monday" in timezone UTC, Automerge - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) in timezone UTC.

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pyproject.toml

Artifact update for tombi resolved to version 0.9.9, which is a pending version that has not yet passed the Minimum Release Age threshold.
Renovate was attempting to update to 0.9.8
This is (likely) not a bug in Renovate, but due to the way your project pins dependencies, _and_ how Renovate calls your package manager to update them.
Until Renovate supports specifying an exact update to your package manager (https://github.com/renovatebot/renovate/issues/41624), it is recommended to directly pin your dependencies (with `rangeStrategy=pin` for apps, or `rangeStrategy=widen` for libraries)
See also: https://docs.renovatebot.com/dependency-pinning/