chore(deps): bump the python-packages group across 1 directory with 3 updates

[dependabot]

Bumps the python-packages group with 3 updates in the / directory: hypothesis, yamlfix and tox.

Updates hypothesis from 6.137.2 to 6.138.15

Release notes

Sourced from hypothesis's releases.

Hypothesis for Python - version 6.138.15

Refactor some stateful testing internals for easier use by third-party libraries.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.138.14

Patch files written by hypothesis now use a deterministic ordering when multiple "@​example" decorators are present.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.138.13

Fix a typo affecting pretty-printing of lambdas with complex default arguments.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.138.12

Improve automatic detection of the CI profile on various vendor- specific CI systems.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.138.11

This patch updates our vendored list of top-level domains, which is used by the provisional "domains()" strategy.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.138.10

Internal refactor to simplify "SearchStrategy".

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.138.9

This patch further improves stringification of lambdas, by never returning a lambda source unless it is confirmed to compile to the same code object. This stricter check makes it possible to widen the search for a matching source block, so that it can often be found even if the file has been edited.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.138.8

Fixes a race condition under threading when using "deferred()".

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.138.7

... (truncated)

Commits

• db13c04 Bump hypothesis-python version to 6.138.15 and update changelog
• ebcb029 Merge pull request #4535 from Liam-DeVoe/stateful-internals
• c63a254 Merge pull request #4534 from HypothesisWorks/create-pull-request/patch
• 96a30eb less flaky
• e617e45 drop factory param from run_state_machine
• 448fb5d Update pinned dependencies
• 43cbd61 Bump hypothesis-python version to 6.138.14 and update changelog
• 0113a77 Merge pull request #4533 from Liam-DeVoe/next2
• 2eec6ee preserve examples order
• f09c331 Bump hypothesis-python version to 6.138.13 and update changelog
• Additional commits viewable in compare view

Updates yamlfix from 1.17.0 to 1.18.0

Changelog

Sourced from yamlfix's changelog.

1.18.0 (2025-09-05)

Commits

• 8813081 bump: version 1.17.0 → 1.18.0
• 705627e Merge pull request #296 from fferegrino/cache-glob-files
• 12d7822 Increase time
• c23dadc Update test to conform to linter
• 15e88a9 Cache globbed files for speed increase
• d6093d7 Merge pull request #299 from fferegrino/drop-3.8
• 1345c5b Fix incompatibility with mkdocstrings
• d472287 Temporary ignore cryptography issue
• 735de1e Change typing
• 48d0209 Remove 3.12
• Additional commits viewable in compare view

Updates tox from 4.28.4 to 4.30.2

Release notes

Sourced from tox's releases.

4.30.2

What's Changed

• Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 by @​dependabot[bot] in tox-dev/tox#3603
• Ensure automatically provisioned environment is torn down by @​vytas7 in tox-dev/tox#3601
• Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 in /.github/workflows by @​dependabot[bot] in tox-dev/tox#3604

Full Changelog: tox-dev/tox@4.30.1...4.30.2

4.30.1

What's Changed

• Prevent Tox from hanging with --installpkg sdist due to orphaned build backend by @​vytas7 in tox-dev/tox#3530

New Contributors

• @​vytas7 made their first contribution in tox-dev/tox#3530

Full Changelog: tox-dev/tox@4.30.0...4.30.1

4.30.0

What's Changed

• Pass through CI as __TOX_ENVIRONMENT_VARIABLE_ORIGINAL_CI by @​Liam-DeVoe in tox-dev/tox#3592
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in tox-dev/tox#3596
• Fix the built docs HTML path hint in tox.toml by @​webknjaz in tox-dev/tox#3594
• Add a "version added" note for tox_extend_envs by @​webknjaz in tox-dev/tox#3595
• fix: provide clear messaging about config file loading by @​ssbarnea in tox-dev/tox#3578
• Ensure tox_extend_envs list can be read twice by @​webknjaz in tox-dev/tox#3598

New Contributors

• @​Liam-DeVoe made their first contribution in tox-dev/tox#3592

Full Changelog: tox-dev/tox@4.29.0...4.30.0

4.29.0

What's Changed

• Docs: environment variables contain strings by @​hroncok in tox-dev/tox#3575
• 🐍 Fix sys_platform Fixture Leakage breaking the CI by @​gaborbernat in tox-dev/tox#3589
• Expose a new tox_extend_envs hook in plugins API by @​webknjaz in tox-dev/tox#3591

Full Changelog: tox-dev/tox@4.28.4...4.29.0

Changelog

Sourced from tox's changelog.

v4.30.2 (2025-09-04)

Bugfixes - 4.30.2

- Previously, when tox ran in an automatically provisioned environment, it could hang waiting for a PEP 517 build backend
  if used in conjunction with the ``--installpkg`` option. This has been fixed by properly tearing down the automatically
  provisioned environment after the tests.
  - by :user:`vytas7` (:issue:`3600`)
v4.30.1 (2025-09-03)
Bugfixes - 4.30.1

• Prevent tox from hanging upon exit due to orphaned build threads and subprocesses when the --installpkg option is used with sdist.
  • by :user:vytas7 (:issue:3530)

v4.30.0 (2025-09-03)

Features - 4.30.0

- Add ``__TOX_ENVIRONMENT_VARIABLE_ORIGINAL_CI``, which passes through the ``CI`` variable if present. This is intended for use by other libraries to detect if tox is running under CI. (:issue:`3442`)
Bugfixes - 4.30.0

• Makes the error message more clear when pyproject.toml file cannot be loaded or is missing expected keys. (:issue:3578)

• The :func:tox_extend_envs() hook <tox.plugin.spec.tox_extend_envs> recently added in :pull:3591 turned out to not work well with tox run. It was fixed internally, not to exhaust the underlying iterator on the first use.

  -- by :user:webknjaz (:issue:3598)

v4.29.0 (2025-08-29)

Features - 4.29.0

- A new tox life cycle event is now exposed for use via :doc:`Plugins
  API </plugins>` -- by :user:`webknjaz`.
The corresponding hook point is :func:tox_extend_envs &lt;tox.plugin.spec.tox_extend_envs&gt;. It allows plugin authors to
declare ephemeral environments that they can then populate through
the in-memory configuration loader interface.
</tr></table>

... (truncated)

Commits

• 5e0784a release 4.30.2
• 64e8a34 Bump pypa/gh-action-pypi-publish in /.github/workflows (#3604)
• 7230088 Ensure automatically provisioned environment is torn down (#3601)
• 2c31dbc Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 (#3603)
• b33a43c release 4.30.1
• 9ea1c32 Prevent Tox from hanging with --installpkg sdist due to orphaned build back...
• aa90652 release 4.30.0
• 48fecab Ensure tox_extend_envs list can be read twice (#3598)
• 0b8f66f fix: provide clear messaging about config file loading (#3578)
• adf0997 Add a "version added" note for tox_extend_envs (#3595)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions