Bump the mkdocs-core group across 1 directory with 3 updates

[dependabot]

Bumps the mkdocs-core group with 3 updates in the / directory: mkdocs, mkdocs-material and mkdocs-material[imaging].

Updates mkdocs from 1.6.0 to 1.6.1

Release notes

Sourced from mkdocs's releases.

1.6.1

Version 1.6.1 (Friday 30th August, 2024)

Fixed

• Fix build error when environment variable SOURCE_DATE_EPOCH=0 is set. #3795
• Fix build error when mkdocs_theme.yml config is empty. #3700
• Support python -W and PYTHONWARNINGS instead of overriding the configuration. #3809
• Support running with Docker under strict mode, by removing 0.0.0.0 dev server warning. #3784
• Drop unnecessary changefreq from sitemap.xml. #3629
• Fix JavaScript console error when closing menu dropdown. #3774
• Fix JavaScript console error that occur on repeated clicks. #3730
• Fix JavaScript console error that can occur on dropdown selections. #3694

Added

• Added translations for Dutch. #3804
• Added and updated translations for Chinese (Simplified). #3684

Commits

• bb7e8b6 Version 1.6.1. (#3819)
• 0b22a52 Merge pull request #3795 from mkdocs/tomchristie-patch-1
• 695d8ed Merge pull request #3808 from razorblack/master
• 347e79f Merge pull request #3817 from gesslar/patch-1
• 200f6f9 Update configuration.md
• 05a64b4 Use utc timezones consistently
• 9204eb6 Merge pull request #3809 from pawamoy/warnings-control
• a16d60f Merge pull request #3804 from KenSentMe/master
• e72c7d0 Merge pull request #3784 from squidfunk/fix/docker-warning
• d737625 Merge pull request #3774 from squidfunk/fix/dropdown
• Additional commits viewable in compare view

Updates mkdocs-material from 9.5.28 to 9.5.39

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.5.39

• Fixed #7226: not staying on page when using mike's canonical versioning

Thanks go to @​ilyagr for their contributions

mkdocs-material-9.5.38

• Added Albanian translations

Thanks go to @​gerardkraja for their contributions

mkdocs-material-9.5.37

• Added 4th and 5th level ordered list styles
• Fixed #7548: Tags have no spacing in search

mkdocs-material-9.5.36

• Fixed #7544: Social cards incorrectly rendering HTML entities
• Fixed #7542: Improved support for setting custom list styles

mkdocs-material-9.5.35

• Fixed #7498: Search not showing for Vietnamese language

mkdocs-material-9.5.34

• Updated Mermaid.js to version 11 (latest)

Thanks go to @​manselmi for their contributions

mkdocs-material-9.5.33

• Fixed #7453: Incorrect position of tooltip when sorting table

mkdocs-material-9.5.32

• Fixed RXSS vulnerability via deep link in search results
• Added support for fetching latest release from GitLab

Thanks go to @​joaopalmeiro for their contributions

mkdocs-material-9.5.31

• Fixed #7405: DockerHub missing images > 9.5.27 due to change in Alpine/APK

mkdocs-material-9.5.30

• Fixed #7380: Navigation icons disappearing on hover in Safari
• Fixed #7367: Blog readtime computation includes SVG text content

Thanks go to @​sisp for their contributions

mkdocs-material-9.5.29

• Updated Galician translations
• Fixed #7362: Annotations in figure captions rendering incorrectly

Thanks go to @​mmontes11 for their contributions

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.5.39+insiders-4.53.14 (2024-09-29)

• Fixed #7567: Empty headlines when using typeset plugin with anchorlinks

mkdocs-material-9.5.39 (2024-09-29)

• Fixed #7226: not staying on page when using mike's canonical versioning

mkdocs-material-9.5.38 (2024-09-26)

• Added Albanian translations

mkdocs-material-9.5.37 (2024-09-25)

• Added 4th and 5th level ordered list styles
• Fixed #7548: Tags have no spacing in search

mkdocs-material-9.5.36 (2024-09-21)

• Fixed #7544: Social cards incorrectly rendering HTML entities
• Fixed #7542: Improved support for setting custom list styles

mkdocs-material-9.5.35 (2024-09-18)

• Fixed #7498: Search not showing for Vietnamese language

mkdocs-material-9.5.34+insiders-4.53.13 (2024-09-14)

• Fixed #7520: Social plugin errors for generated files (MkDocs 1.6+)

mkdocs-material-9.5.34 (2024-08-31)

• Updated Mermaid.js to version 11 (latest)

mkdocs-material-9.5.33 (2024-08-23)

• Fixed #7453: Incorrect position of tooltip when sorting table

mkdocs-material-9.5.32 (2024-08-19)

• Fixed RXSS vulnerability via deep link in search results
• Added support for fetching latest release from GitLab

mkdocs-material-9.5.31+insiders-4.53.12 (2024-08-02)

• Fixed #7410: Instant previews jump on content tabs with anchor links
• Fixed #7408: Instant previews jump on content tabs

mkdocs-material-9.5.31 (2024-08-02)

... (truncated)

Commits

• 70db88f Prepare 9.5.39 release
• 187705e Updated dependencies
• 56fdb28 Adjusted code copy button documentation
• aeb9492 Fixed stay no page functionality when using mike's canonical versioning (#7559)
• 50a15be Updated link to step-by-step guide on YouTube
• 117250a Prepare 9.5.38 release
• 74ca234 Added Albanian translations
• 84ddbba Prepare 9.5.37 release
• fd98413 Documentation (#7557)
• 573d23d Updated dependencies
• Additional commits viewable in compare view

Updates mkdocs-material[imaging] from 9.5.28 to 9.5.39

Release notes

Sourced from mkdocs-material[imaging]'s releases.

mkdocs-material-9.5.39

• Fixed #7226: not staying on page when using mike's canonical versioning

Thanks go to @​ilyagr for their contributions

mkdocs-material-9.5.38

• Added Albanian translations

Thanks go to @​gerardkraja for their contributions

mkdocs-material-9.5.37

• Added 4th and 5th level ordered list styles
• Fixed #7548: Tags have no spacing in search

mkdocs-material-9.5.36

• Fixed #7544: Social cards incorrectly rendering HTML entities
• Fixed #7542: Improved support for setting custom list styles

mkdocs-material-9.5.35

• Fixed #7498: Search not showing for Vietnamese language

mkdocs-material-9.5.34

• Updated Mermaid.js to version 11 (latest)

Thanks go to @​manselmi for their contributions

mkdocs-material-9.5.33

• Fixed #7453: Incorrect position of tooltip when sorting table

mkdocs-material-9.5.32

• Fixed RXSS vulnerability via deep link in search results
• Added support for fetching latest release from GitLab

Thanks go to @​joaopalmeiro for their contributions

mkdocs-material-9.5.31

• Fixed #7405: DockerHub missing images > 9.5.27 due to change in Alpine/APK

mkdocs-material-9.5.30

• Fixed #7380: Navigation icons disappearing on hover in Safari
• Fixed #7367: Blog readtime computation includes SVG text content

Thanks go to @​sisp for their contributions

mkdocs-material-9.5.29

• Updated Galician translations
• Fixed #7362: Annotations in figure captions rendering incorrectly

Thanks go to @​mmontes11 for their contributions

Changelog

Sourced from mkdocs-material[imaging]'s changelog.

mkdocs-material-9.5.39+insiders-4.53.14 (2024-09-29)

• Fixed #7567: Empty headlines when using typeset plugin with anchorlinks

mkdocs-material-9.5.39 (2024-09-29)

• Fixed #7226: not staying on page when using mike's canonical versioning

mkdocs-material-9.5.38 (2024-09-26)

• Added Albanian translations

mkdocs-material-9.5.37 (2024-09-25)

• Added 4th and 5th level ordered list styles
• Fixed #7548: Tags have no spacing in search

mkdocs-material-9.5.36 (2024-09-21)

• Fixed #7544: Social cards incorrectly rendering HTML entities
• Fixed #7542: Improved support for setting custom list styles

mkdocs-material-9.5.35 (2024-09-18)

• Fixed #7498: Search not showing for Vietnamese language

mkdocs-material-9.5.34+insiders-4.53.13 (2024-09-14)

• Fixed #7520: Social plugin errors for generated files (MkDocs 1.6+)

mkdocs-material-9.5.34 (2024-08-31)

• Updated Mermaid.js to version 11 (latest)

mkdocs-material-9.5.33 (2024-08-23)

• Fixed #7453: Incorrect position of tooltip when sorting table

mkdocs-material-9.5.32 (2024-08-19)

• Fixed RXSS vulnerability via deep link in search results
• Added support for fetching latest release from GitLab

mkdocs-material-9.5.31+insiders-4.53.12 (2024-08-02)

• Fixed #7410: Instant previews jump on content tabs with anchor links
• Fixed #7408: Instant previews jump on content tabs

mkdocs-material-9.5.31 (2024-08-02)

... (truncated)

Commits

• 70db88f Prepare 9.5.39 release
• 187705e Updated dependencies
• 56fdb28 Adjusted code copy button documentation
• aeb9492 Fixed stay no page functionality when using mike's canonical versioning (#7559)
• 50a15be Updated link to step-by-step guide on YouTube
• 117250a Prepare 9.5.38 release
• 74ca234 Added Albanian translations
• 84ddbba Prepare 9.5.37 release
• fd98413 Documentation (#7557)
• 573d23d Updated dependencies
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[cloudflare-workers-and-pages]

Deploying chainfuse-blog with    Cloudflare Pages

Latest commit:	b219cd6
Status:	✅  Deploy successful!
Preview URL:	https://18cc5406.chainfuse-blog.pages.dev
Branch Preview URL:	https://dependabot-pip-mkdocs-core-9-k4w4.chainfuse-blog.pages.dev

View logs

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
pypi/mkdocs-material@9.5.39	environment, eval, filesystem, network	0	13.8 MB	squidfunk
pypi/mkdocs@1.6.1	environment, eval, filesystem, network, shell	0	6.88 MB	d0ugal, mkdocsdeploy, oprypin, ...2 more

🚮 Removed packages: pypi/mkdocs-material@9.5.28, pypi/mkdocs@1.6.0

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Shell access	pypi/mkdocs@1.6.1	Location: Package overview	requirements.txt	🚫
Shell access	pypi/mkdocs@1.6.1	Location: Package overview	requirements.txt	🚫

View full report↗︎

Next steps

What is shell access?

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Packages should avoid accessing the shell which can reduce portability, and make it easier for malicious shell access to be introduced.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore pypi/mkdocs@1.6.1

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
pip/mkdocs	1.6.1	🟢 6	Details Check Score Reason Code-Review 🟢 9 Found 14/15 approved changesets -- score normalized to 9 Maintained 🟢 10 22 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/mkdocs-material	9.5.39	🟢 5.4	Details Check Score Reason Code-Review ⚠️ 2 Found 6/30 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 27 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected
pip/mkdocs	1.6.0	🟢 6	Details Check Score Reason Code-Review 🟢 9 Found 14/15 approved changesets -- score normalized to 9 Maintained 🟢 10 22 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/mkdocs-material	9.5.28	🟢 5.4	Details Check Score Reason Code-Review ⚠️ 2 Found 6/30 approved changesets -- score normalized to 2 Maintained 🟢 10 30 commit(s) and 27 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected

Scanned Manifest Files

requirements.txt

• mkdocs@1.6.1
• mkdocs-material@9.5.39
• mkdocs@1.6.0
• mkdocs-material@9.5.28