[pre-commit.ci] pre-commit autoupdate

.github/workflows/code_checks.yml

@@ -69,3 +69,4 @@ jobs:
           virtual-environment: .venv/
           ignore-vulns: |
             GHSA-4xh5-x5gv-qwph
+            CVE-2026-3219

.pre-commit-config.yaml

@@ -20,12 +20,12 @@ repos:
     - id: check-toml
 
   - repo: https://github.com/astral-sh/uv-pre-commit
-    rev: 0.11.7
+    rev: 0.11.13
     hooks:
       - id: uv-lock
 
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: 'v0.15.11'
+    rev: 'v0.15.12'
     hooks:
     - id: ruff-check
       args: [--fix, --exit-non-zero-on-fix]
@@ -34,7 +34,7 @@ repos:
       types_or: [python, jupyter]
 
   - repo: https://github.com/pre-commit/mirrors-mypy
-    rev: v1.20.1
+    rev: v2.0.0
     hooks:
     - id: mypy
       entry: python3 -m mypy --config-file pyproject.toml

pyproject.toml

@@ -53,7 +53,8 @@ dev = [
     "pyjwt>=2.12.0", # Pinning version to address vulnerability CVE-2026-32597
     "mypy>=1.14.1",
     "nbqa>=1.9.1",
-    "pip>=26.0", # Pinning version to address vulnerability CVE-2026-1703
+    "pip>=26.1", # Pinning version to address vulnerabilities CVE-2026-1703, CVE-2026-6357
+    "urllib3>=2.7.0", # Pinning version to address vulnerabilities CVE-2026-44431, CVE-2026-44432
     "pip-audit>=2.7.3",
     "pre-commit>=4.1.0",
     "pygments>=2.20.0", # Pinning version to address vulnerability CVE-2026-4539
@@ -79,7 +80,7 @@ bookstack-api = [
     "fastapi>=0.115.0",
     "google-cloud-storage>=2.0.0",
     "httptools>=0.6.0",
-    "python-multipart>=0.0.26", # Pinning version to address vulnerability CVE-2026-40347
+    "python-multipart>=0.0.27", # Pinning version to address vulnerabilities CVE-2026-40347, CVE-2026-42561
     "uvicorn[standard]>=0.32.0",
     "uvloop>=0.21.0",
 ]