chore(deps): update dependency reuse to v6

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
reuse (source)	>=5.1.1 -> >=6.2.0

---

Release Notes

fsfe/reuse-tool (reuse)

v6.2.0

Compare Source

Added

• Added new file extensions and files:
  • .arcconfig, .arclint, .arcunit (#​1123)
  • .nvmrc (#​1211)
  • .smk, Snakefile, matplotlibrc (#​1206)
  • .yamllint (#​1124)
  • uv.lock (#​1156)
  • dune, dune-project, dune-workspace (#​1208)
• file-magic is now supported as an additional module for detecting the
  encoding of files. (#​1264)
• Support deprecated licences for reuse download. (#​606)
• Markdown files which have frontmatter (i.e. yaml or toml between a --- block
  at the start of the file) now get Python-like comments inside of the
  frontmatter when annotating. (#​1170)

Fixed

• When file-magic is installed simultaneously with python-magic, the tool
  used to misbehave (read: crash), because either one of them could be imported
  on import magic. This misbehaviour no longer happens. (#​1264)
• Invalid SPDX license expressions are no longer recognized as used or missing
  licenses. (#​1254)
• click translations are now correctly loaded. (#​1267)

v6.1.2

Compare Source

Fixed

• Fixed a bug where a newline would sometimes be missing from
  reuse lint --lines. (#​1251)
• The output of reuse lint --lines is now sorted by path name. (#​1251)
• Fixed a performance regression introduced in v6.1.1 that would cause some
  copyright notices to take incredibly long to parse. (#​1252)

v6.1.1

Compare Source

Changed

• In the Docker images, Alpine is bumped to alpine:3.22 and Debian to
  debian:13-slim. (#​1247)

Fixed

• ASCII frames around comments were broken in v6.0.0. They now work again. The
  sole condition is that the 'suffix' of a comment is identical to its 'prefix'.
  For example:

  /*******************************************\
  |*  SPDX-License-Identifier: CC-BY-SA-4.0  *|
  \*******************************************/
  

  (#​1249)

v6.1.0

Compare Source

This release adds a simple feature as a workaround for a bug that will be
resolved in a later version. The bug is described in
#​1244, and can be summarised as: When
charset-normalizer is used to detect the encoding of a file, it will
erroneously detect a UTF-8 file as having no encoding (i.e. a binary file) when
the 2048th byte is a non-final byte of a multi-byte glyph.

You can run reuse as REUSE_ENCODING_MODULE=chardet reuse to circumvent this
bug. If you use pre-commit, you can use this snippet:

repos:
  - repo: https://github.com/fsfe/reuse-tool
    rev: v6.1.0
    hooks:
      - id: reuse
        entry: env REUSE_ENCODING_MODULE=chardet reuse

You will not encounter this bug if your environment has libmagic available.

Added

• You can now specify the module that will be used for detecting the encoding of
  files with the REUSE_ENCODING_MODULE environment variable. (#​1245)
• The Docker images and the pre-commit hooks now come bundled with all encoding
  modules. (#​1245)
• The --debug flag now tells you the detected encoding and detected newlines
  of each file, as well as which encoding module is used. (#​1246)

v6.0.0

Compare Source

This release contains a lot of refactoring regarding the parsing of files. The
most impactful details are that reuse lint now searches every file in its
entirety for REUSE information, tries to detect each file's encoding, and no
longer breaks when invalid SPDX License Expressions are detected.

Because files are now read in their entireties instead of just the first 4 KiB,
you may need to add REUSE-IgnoreStart and REUSE-IgnoreEnd tags to get rid of
false positives that were previously too deep into files for reuse to detect.

For package maintainers: This release removes, adds, and changes
dependencies. It merits running git diff v5.1.1..v6.0.0 pyproject.toml and
reading the 'Changed' section of this change log to see what changed.

Added

• Added new file extensions:
  • py.typed (#​1239)
  • .blade.php (#​573)
• A new criterion 'Invalid SPDX License Expressions' has been added to
  reuse lint. Invalid expressions are SPDX License Expressions which are not
  valid according to the grammar of the SPDX specification. (#​1240)

Changed

• Python 3.9 support dropped. (#​1219)
• The Python requirement for reuse now no longer requires a lower major
  version than 4. The requirement is now >=3.10 instead of >=3.10,<4.
  (#​1219)
• Dependency changes:
  • Removed explicit dependency boolean.boolean. It is now an implicit
    dependency via license-expression. (#​1240)
  • The dependency python-magic has been added, alongside the optional
    dependencies charset-normalizer and chardet. So long as at least one of
    these is installed, the program will work. (#​1235)
  • The dependency binaryornot has been removed. (#​1235)
  • The minimum requirements of several dependencies have been updated. (#​1235,
    #​1241)
• reuse lint now always searches the entire file for REUSE information.
  Previously, it only searched the first 4 KiB under most circumstances. (#​1229)
• The encodings of files are now detected before they are read or altered.
  (#​1235, #​1218)
• The 'Bad licenses' criterion in reuse lint previously searched for bad
  licenses in every single file. Now, only bad licenses in LICENSES/ are
  detected, which is more in line with the documentation. (#​1240)
• The behaviour of the --year option to reuse annotateis now different.
  Previously, you could define --year <year> multiple times. Now you can only
  do so once, but the value may be a string containing multiple years or a range
  of years. (#​1145)
• reuse annotate --merge-copyrights works more efficiently now, capable of
  better heuristics to detect years and year ranges. (#​1145)
• reuse annotate --merge-copyrights no longer adds spacing around the merged
  year ranges. i.e. 2017-2025, not 2017 - 2025. (#​1145)

Fixed

• Unparseable SPDX expressions in a file now no longer cause the collection of
  REUSE information from that file to entirely fail. (#​1240)
• Files with carriage return (\r) line endings are now correctly linted.
  (#​1235, #​1226)
• There used to be a specific scenario where reuse lint would read the
  contents of an entire file into memory. This no longer happens.
  reuse annotate will still read the entire file into memory. (#​1229)
• Fixed formatting in lint subcommand help message. (#​1212, #​1236)
• Fixed a case where, if a recognised file extension (such as .blade.php) has
  two or more components, it would not be correctly recognised. (#​573)
• Fixed a bug where, if REUSE-IgnoreStart is the very first thing that appears
  in a file, the subsequent text is not actually ignored. (#​1229)
• If using reuse annotate to write to a file, the BOM is preserved if the
  encoding is UTF-8, UTF-16, or UTF-32. (#​1235, #​384)
• The summaries of reuse lint are now sorted better. (#​1241)
• Several performance improvements. Local testing on a 12-core laptop suggests
  speedup of up to 50%, but it may depend on your repository. (#​1222, #​1223,
  #​1230, #​1241)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.