build(deps): bump the uv group across 1 directory with 3 updates

[dependabot]

Warning

Dependabot will stop supporting python v3.9!

Please upgrade to one of the following versions: v3.9, v3.10, v3.11, v3.12, v3.13, or v3.14.

Bumps the uv group with 3 updates in the /python directory: pdoc, mkdocs-include-markdown-plugin and cryptography.

Updates pdoc from 14.5.0 to 14.5.1

Changelog

Sourced from pdoc's changelog.

2024-06-25: pdoc 14.5.1

• CVE-2024-38526: Documentation generated with math mode (pdoc --math) does not include scripts from polyfill.io anymore. Users who produce documentation with math mode should update immediately. All other users are unaffected. (#703, @​adhintz)

Commits

• 9af8696 bump to 14.5.1
• ae92335 Update CHANGELOG.md
• 726b8f2 remove references to polyfill.io (#703)
• dea7fa0 examples: improve custom.css docstring
• 5631d9d Bump the dependencies group with 10 updates (#699)
• See full diff in compare view

Updates mkdocs-include-markdown-plugin from 7.1.6 to 7.1.8

Release notes

Sourced from mkdocs-include-markdown-plugin's releases.

v7.1.8

Bug fixes

• Escape substitution placeholders to prevent malformed output in edge cases.

v7.1.7

Bug fixes

• Fix passing negative values to heading-offset argument of include-markdown directive.

Commits

• 7466d67 Escape placeholders to avoid input collisions (#277)
• 1ae8fca Cheaper placeholders (#276)
• 39fb303 Fix tests for comments global config and update JSON Schema (#275)
• 6581671 Bump pypa/gh-action-pypi-publish in /.github/workflows (#273)
• cc0f211 Fix negative heading-offsets (#271)
• 577e067 Upgrade pre-commit hooks revisions (#268)
• See full diff in compare view

Updates cryptography from 41.0.7 to 46.0.7

Changelog

Sourced from cryptography's changelog.

46.0.7 - 2026-04-07

* **SECURITY ISSUE**: Fixed an issue where non-contiguous buffers could be
  passed to APIs that accept Python buffers, which could lead to buffer
  overflow. **CVE-2026-39892**
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.6.
.. _v46-0-6:
46.0.6 - 2026-03-25

• SECURITY ISSUE: Fixed a bug where name constraints were not applied to peer names during verification when the leaf certificate contains a wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug, including those used by the Web PKI. Credit to Oleh Konko (1seal) for reporting the issue. CVE-2026-34073

.. _v46-0-5:

46.0.5 - 2026-02-10

* An attacker could create a malicious public key that reveals portions of your
  private key when using certain uncommon elliptic curves (binary curves).
  This version now includes additional security checks to prevent this attack.
  This issue only affects binary elliptic curves, which are rarely used in
  real-world applications. Credit to **XlabAI Team of Tencent Xuanwu Lab and
  Atuin Automated Vulnerability Discovery Engine** for reporting the issue.
  **CVE-2026-26007**
* Support for ``SECT*`` binary elliptic curves is deprecated and will be
  removed in the next release.
.. v46-0-4:
46.0.4 - 2026-01-27

• Dropped support for win_arm64 wheels_.
• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.5.

.. _v46-0-3:

46.0.3 - 2025-10-15

* Fixed compilation when using LibreSSL 4.2.0.
.. _v46-0-2:

</tr></table>

... (truncated)

Commits

• 622d672 46.0.7 release (#14602)
• 91d7288 Cherry-pick #14542 (#14543)
• 06e120e bump version for 46.0.5 release (#14289)
• 0eebb9d EC check key on cofactor > 1 (#14287)
• bedf6e1 fix openssl version on 46 branch (#14220)
• e6f44fc bump for 46.0.4 and drop win arm64 due to CI issues (#14217)
• c0af4dd release 46.0.3 (#13681)
• 99efe5a bump version for 46.0.2 (#13531)
• e735cfc release 46.0.1 (#13450)
• 4e457ff Explicitly specify python in mac uv build invocation (#13447)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[github-actions]

Python docs preview: https://sift-stack.github.io/sift/python/pr-588/

Deployed from 22a4797. The link may take up to a minute to become live as GitHub Pages propagates.