build(deps-dev): bump filelock from 3.29.0 to 3.29.1

[dependabot]

Bumps filelock from 3.29.0 to 3.29.1.

Release notes

Sourced from filelock's releases.

3.29.1

What's Changed

• docs: fix API docs of release() by @​MrAnno in tox-dev/filelock#540
• docs: clarify per-thread scope of FileLock configuration by @​Gares95 in tox-dev/filelock#543
• chore: improve filelock maintenance path by @​lphuc2250gma in tox-dev/filelock#542
• chore: improve filelock maintenance path by @​lphuc2250gma in tox-dev/filelock#544
• chore: improve filelock maintenance path by @​lphuc2250gma in tox-dev/filelock#545
• 🐛 fix(soft): refuse to follow symlinks when reading the lock file by @​dxbjavid in tox-dev/filelock#548

New Contributors

• @​MrAnno made their first contribution in tox-dev/filelock#540
• @​Gares95 made their first contribution in tox-dev/filelock#543
• @​lphuc2250gma made their first contribution in tox-dev/filelock#542
• @​dxbjavid made their first contribution in tox-dev/filelock#548

Full Changelog: tox-dev/filelock@3.29.0...3.29.1

Changelog

Sourced from filelock's changelog.

########### Changelog ###########

---

3.29.1 (2026-06-03)

---

• 🐛 fix(soft): refuse to follow symlinks when reading the lock file :pr:548 - by :user:dxbjavid
• [pre-commit.ci] pre-commit autoupdate :pr:547 - by :user:pre-commit-ci[bot]
• [pre-commit.ci] pre-commit autoupdate :pr:546 - by :user:pre-commit-ci[bot]
• chore: improve filelock maintenance path :pr:545 - by :user:lphuc2250gma
• chore: improve filelock maintenance path :pr:544 - by :user:lphuc2250gma
• chore: improve filelock maintenance path :pr:542 - by :user:lphuc2250gma
• docs: clarify per-thread scope of FileLock configuration :pr:543 - by :user:Gares95
• [pre-commit.ci] pre-commit autoupdate :pr:541 - by :user:pre-commit-ci[bot]
• docs: fix API docs of release() :pr:540 - by :user:MrAnno
• [pre-commit.ci] pre-commit autoupdate :pr:539 - by :user:pre-commit-ci[bot]
• [pre-commit.ci] pre-commit autoupdate :pr:538 - by :user:pre-commit-ci[bot]
• [pre-commit.ci] pre-commit autoupdate :pr:537 - by :user:pre-commit-ci[bot]
• build(deps): bump astral-sh/setup-uv from 8.0.0 to 8.1.0 :pr:536 - by :user:dependabot[bot]
• [pre-commit.ci] pre-commit autoupdate :pr:535 - by :user:pre-commit-ci[bot]

---

3.29.0 (2026-04-19)

---

• ✨ feat(soft): enable stale lock detection on Windows :pr:534
• 🐛 fix(async): use single-thread executor for lock consistency :pr:533
• build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 :pr:530 - by :user:dependabot[bot]

---

3.28.0 (2026-04-14)

---

• 🐛 fix(ci): unbreak release workflow, publish to PyPI again :pr:529

---

3.26.1 (2026-04-09)

---

• 🐛 fix(asyncio): add exit to BaseAsyncFileLock and fix del loop handling :pr:518 - by :user:naarob
• build(deps): bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 :pr:525 - by :user:dependabot[bot]

---

3.26.0 (2026-04-06)

---

• ✨ feat(soft): add PID inspection and lock breaking :pr:524
• [pre-commit.ci] pre-commit autoupdate :pr:523 - by :user:pre-commit-ci[bot]

... (truncated)

Commits

• 438b6fe Release 3.29.1
• bfbfa76 🐛 fix(soft): refuse to follow symlinks when reading the lock file (#548)
• c51a72c [pre-commit.ci] pre-commit autoupdate (#547)
• cc05fd7 [pre-commit.ci] pre-commit autoupdate (#546)
• cb947e5 chore: improve filelock maintenance path (#545)
• e087ca9 chore: improve filelock maintenance path (#544)
• f9dd949 chore: improve filelock maintenance path (#542)
• 9200f1f docs: clarify per-thread scope of FileLock configuration (#543)
• 9d8985f [pre-commit.ci] pre-commit autoupdate (#541)
• 7d1f48c docs: fix API docs of release() (#540)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[iterwheel-clearance]

Clearance

🚦 Stage: 2 - Blocked (clearance-2-blocked)
⏳ Review: no current approval
❌ Threads: 1 unresolved
⏳ Approval: waiting
❌ Automation: blocked; thread sync actions: 0; verdicts: RESOLVED: 0, OPEN: 1, NEEDS_HUMAN_JUDGMENT: 0; verdict comments: posted: 0, skipped: 1, failed: 0

Next: resolve the blocking review state, then rerun Clearance.

Details

• Classifier: clearance-v1
• Status: clearance-blocked
• Selected label: clearance-2-blocked
• Current approvals: none
• Stale approvals: none
• Changes requested: none
• Unresolved threads: 1
• Semantic blocking threads: 1
• Visual-unresolved skipped threads: 0
• Automation: blocked; thread sync actions: 0; verdicts: RESOLVED: 0, OPEN: 1, NEEDS_HUMAN_JUDGMENT: 0; verdict comments: posted: 0, skipped: 1, failed: 0; dry-run: false; reason: 1 high-priority thread still OPEN
• Last updated: 2026-06-06T10:20:04Z via check_suite.completed delivery 453ec5d0-6191-11f1-8257-6c5ea11190e7
• Head SHA: c666bef091360c6bb31e94ef874bdb1dd180c938
• Reasons:
• 1 review thread(s) are unresolved.
• No approval on the current PR head.
• Clearance automation engine: 1 high-priority thread still OPEN
• Note: Clearance v1 verifies GitHub review state and review-thread resolution; it does not prove that every requested semantic code change was fixed.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: c666bef091

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Update the canonical uv lockfile too

This bumps only the pip fallback, but the normal CI/developer path still installs with make setup, which runs uv sync --locked --dev when uv is available (Makefile:6-10), so it continues resolving filelock from uv.lock where the package is still pinned to 3.29.0. In uv-enabled environments this Dependabot update is therefore not actually applied, while no-uv fallback environments get 3.29.1; please regenerate and commit uv.lock together with requirements-dev.txt so the locked dependency set stays consistent.

Useful? React with 👍 / 👎.

[iterwheel-clearance]

👀 Clearance: still open

🧭 Check: Clearance deterministic verifier
📍 Location: requirements-dev.txt:203
🔖 Head: c666bef09136
💡 Why: no author response and no code change (SWM-1101 step 5)
⏳ Action: left open

Evidence

• Verdict: OPEN
• Rule: SWM-1101 step 4-5
• Thread state: A
• Clearance thread state 'A'.