Bump the python-updates group with 3 updates

[dependabot]

Bumps the python-updates group with 3 updates: matplotlib, globus-compute-sdk and rich.

Updates matplotlib from 3.10.6 to 3.10.7

Release notes

Sourced from matplotlib's releases.

REL: v3.10.7

This is the latest bugfix release in the 3.10.x series.

The most important update in this release is that the minimum version of pyparsing has been updated to version 3.0.

Commits

• 4aeb773 REL: v3.10.7
• 080add3 Merge branch 'v3.10.6-doc' into v3.10.x
• a604a8b Github Stats v3.10.7
• f550261 Zenodo v3.10.6
• 9a5e3e4 Merge pull request #30628 from meeseeksmachine/auto-backport-of-pr-30626-on-v...
• eb8cb0c Backport PR #30626: MNT: Fix new F401 unused imports warnings
• 8fadc71 Backport PR #29745: Use PEP8 style method and function names from (#30589)
• 098876e Merge pull request #30614 from meeseeksmachine/auto-backport-of-pr-30612-on-v...
• eb42d86 Backport PR #30612: MNT: update black pin
• 4a9c187 Merge pull request #30572 from QuLogic/auto-backport-of-pr-30571-on-v3.10.x
• Additional commits viewable in compare view

Updates globus-compute-sdk from 3.15.0 to 3.16.0

Release notes

Sourced from globus-compute-sdk's releases.

3.16.0

What's Changed

• General precommit update by @​khk-globus in globus/globus-compute#1942
• Reorganize and augment diagnostic output by @​khk-globus in globus/globus-compute#1943
• Add source code registration methods by @​rjmello in globus/globus-compute#1939
• Fix CombinedCode serialization strategy by @​rjmello in globus/globus-compute#1944
• Bump actions/setup-python from 5 to 6 by @​dependabot[bot] in globus/globus-compute#1946
• Add ignore to pip-audit to fix build for now by @​LeiGlobus in globus/globus-compute#1948

Full Changelog: globus/globus-compute@3.15.0...3.16.0

Changelog

Sourced from globus-compute-sdk's changelog.

globus-compute-sdk & globus-compute-endpoint v3.16.0

New Functionality ^^^^^^^^^^^^^^^^^

• Added new Client and Executor methods to enable registering arbitrary Python source code:

  • :meth:Client.register_source_code <globus_compute_sdk.Client.register_source_code>
  • :meth:Executor.register_source_code <globus_compute_sdk.Executor.register_source_code>

  The standard .register_function() methods expect callable function objects, which they then serialize using the specified code serialization strategy. In contrast, the .register_source_code() methods enable the user to directly provide an arbitrary source code string and entrypoint function name, which are then serialized using the :class:globus_compute_sdk.serialize.PureSourceTextInspect strategy:

  .. code-block:: python

  from globus_compute_sdk import Client, Executor

  source = 'def hello(name: str):\n return f"Hello, {name}!"\n' function_name = "hello"

  client = Client(...) func_id = client.register_source_code(source, function_name)

  or

  executor = Executor(...) func_id = executor.register_source_code(source, function_name)

Bug Fixes ^^^^^^^^^

• Fixed deserialization bug in CombinedCode strategy when utilizing pure source code sub-strategies (i.e., :class:~globus_compute_sdk.serialize.PureSourceTextInspect and :class:~globus_compute_sdk.serialize.PureSourceDill).

Changed ^^^^^^^

• :class:~globus_compute_sdk.serialize.PureSourceTextInspect and :class:~globus_compute_sdk.serialize.PureSourceDill strategies now encode function source code text using base64 encoding. Existing registered functions remain fully compatible and will deserialize properly.

... (truncated)

Commits

• e907992 Bump versions for 3.16.0 release
• 305900d Bump versions for alpha release 3.16.0a1
• 7fc8e3c Merge pull request #1948 from globus/ignore-pip-GHSA-4xh5-x5gv-qwph
• d4e77d1 Add ignore to pip-audit to fix build
• 35c2c73 Bump actions/setup-python from 5 to 6
• f0a5590 Fix CombinedCode serialization strategy
• bc12135 Add source code registration methods
• 3906606 Reorganize and augment diagnostic output
• 6316e6b General precommit update
• 34ee18d Merge pull request #1941 from globus/v3.15.0
• See full diff in compare view

Updates rich from 14.1.0 to 14.2.0

Release notes

Sourced from rich's releases.

The Easy as Pi release

This release bumps Python compatibility to the just-released Python 3.14.

[14.2.0] - 2025-10-09

Changed

• Python3.14 compatibility Textualize/rich#3861

Changelog

Sourced from rich's changelog.

[14.2.0] - 2025-10-09

Changed

• Python3.14 compatibility Textualize/rich#3861

Commits

• 494f83c changelog
• d476e85 Merge pull request #3862 from GeroZayas/docs/es-readme-sync-2025-10
• 518daaa docs(es): sync README.es.md (macOS, 16 colors, Python 3.8+)
• cd5074f Merge pull request #3861 from Textualize/python314
• 041406c removed asv
• 655b521 test fixes
• 27c2d2d bump for Python3.14
• ea9d4db Update feature_request.md
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 78.19%. Comparing base (1a68569) to head (d74e5f1).
⚠️ Report is 5 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #1603      +/-   ##
===========================================
+ Coverage    78.16%   78.19%   +0.02%     
===========================================
  Files           76       76              
  Lines         7580     7580              
  Branches      1119     1119              
===========================================
+ Hits          5925     5927       +2     
+ Misses        1453     1452       -1     
+ Partials       202      201       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.