From 453c26d743532b338282eecb10b5e2636d6fa19d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 9 Jan 2026 10:53:44 +0000
Subject: [PATCH] Bump build from 1.3.0 to 1.4.0 (#11941)

Bumps [build](https://github.com/pypa/build) from 1.3.0 to 1.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/build/releases">build's
releases</a>.</em></p>
<blockquote>
<h2>1.4.0</h2>
<ul>
<li>Add <code>--quiet</code> flag (PR <a
href="https://redirect.github.com/pypa/build/issues/947">#947</a>)</li>
<li>Add option to dump PEP 517 metadata with <code>--metadata</code> (PR
<a href="https://redirect.github.com/pypa/build/issues/940">#940</a>, PR
<a
href="https://redirect.github.com/pypa/build/issues/943">#943</a>)</li>
<li>Support <code>UV</code> environment variable (PR <a
href="https://redirect.github.com/pypa/build/issues/971">#971</a>)</li>
<li>Remove a workaround for 3.14b1 (PR <a
href="https://redirect.github.com/pypa/build/issues/960">#960</a>)</li>
<li>In 3.14 final release, <code>color</code> defaults to
<code>True</code> already (PR <a
href="https://redirect.github.com/pypa/build/issues/962">#962</a>)</li>
<li>Pass sp-repo-review (PR <a
href="https://redirect.github.com/pypa/build/issues/942">#942</a>)</li>
<li>In pytest configuration, <code>log_level</code> is better than
<code>log_cli_level</code> (PR <a
href="https://redirect.github.com/pypa/build/issues/950">#950</a>)</li>
<li>Split up typing and mypy (PR <a
href="https://redirect.github.com/pypa/build/issues/944">#944</a>)</li>
<li>Use <code>types-colorama</code> (PR <a
href="https://redirect.github.com/pypa/build/issues/945">#945</a>)</li>
<li>In docs, first argument for <code>_has_dependency</code> is a name
(PR <a
href="https://redirect.github.com/pypa/build/issues/970">#970</a>)</li>
<li>Fix test failure when <code>flit-core</code> is installed (PR <a
href="https://redirect.github.com/pypa/build/issues/921">#921</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/build/blob/main/CHANGELOG.rst">build's
changelog</a>.</em></p>
<blockquote>
<h1>1.4.0 (2026-01-08)</h1>
<ul>
<li>Add <code>--quiet</code> flag
(:pr:<code>947</code>)</li>
<li>Add option to dump PEP 517 metadata with <code>--metadata</code>
(:pr:<code>940</code>, :pr:<code>943</code>)</li>
<li>Support <code>UV</code> environment variable
(:pr:<code>971</code>)</li>
<li>Remove a workaround for 3.14b1
(:pr:<code>960</code>)</li>
<li>In 3.14 final release, <code>color</code> defaults to
<code>True</code> already
(:pr:<code>962</code>)</li>
<li>Pass sp-repo-review
(:pr:<code>942</code>)</li>
<li>In pytest configuration, <code>log_level</code> is better than
<code>log_cli_level</code>
(:pr:<code>950</code>)</li>
<li>Split up typing and mypy
(:pr:<code>944</code>)</li>
<li>Use <code>types-colorama</code>
(:pr:<code>945</code>)</li>
<li>In docs, first argument for <code>_has_dependency</code> is a name
(PR :pr:<code>970</code>)</li>
<li>Fix test failure when <code>flit-core</code> is installed
(PR :pr:<code>921</code>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/build/commit/54f238d1664124e06a68c6c22fd5b1418fa5feb2"><code>54f238d</code></a>
chore: prepare for 1.4.0 (<a
href="https://redirect.github.com/pypa/build/issues/972">#972</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/f219276a6e2c6c8222780ba518ce52444a91deaa"><code>f219276</code></a>
docs: first argument for _has_dependency is a name (<a
href="https://redirect.github.com/pypa/build/issues/970">#970</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/7adb29e69d2744acc5391d3c58d234388a9ac0ed"><code>7adb29e</code></a>
fix: support UV environment variable (<a
href="https://redirect.github.com/pypa/build/issues/971">#971</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/a40623b20de5d29c80b569283191d65e630f4fc0"><code>a40623b</code></a>
build(deps): bump actions/attest-build-provenance in the actions group
(<a
href="https://redirect.github.com/pypa/build/issues/968">#968</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/c8fae3459dbe4456d82d705c6a3f1869b0b26e5c"><code>c8fae34</code></a>
pre-commit: bump repositories (<a
href="https://redirect.github.com/pypa/build/issues/965">#965</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/ed9c379f51abca7c0c0ae20bee66aa548d597dc3"><code>ed9c379</code></a>
build(deps): bump actions/download-artifact in the actions group</li>
<li><a
href="https://github.com/pypa/build/commit/0e44fd22f35c7b3c14d6410bbd8912dafba0e4a9"><code>0e44fd2</code></a>
Add <code>quiet</code> flag (<a
href="https://redirect.github.com/pypa/build/issues/947">#947</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/60e15ed4cb31209f0e07de750c831cdb3911c62c"><code>60e15ed</code></a>
chore: color defaults to True in 3.14 (<a
href="https://redirect.github.com/pypa/build/issues/962">#962</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/0486d9df2e6caf7c04a3991824093eb6a16e7f29"><code>0486d9d</code></a>
pre-commit: bump repositories (<a
href="https://redirect.github.com/pypa/build/issues/961">#961</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/393b775480523247c1ad07b8da9bb8c23c5cd0fa"><code>393b775</code></a>
MNT: remove workaround for 3.14b1 (<a
href="https://redirect.github.com/pypa/build/issues/960">#960</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/build/compare/1.3.0...1.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=build&package-manager=pip&previous-version=1.3.0&new-version=1.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/constraints.txt | 2 +-
 requirements/dev.txt         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index 0dafffedd7a..a28f82a959e 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -34,7 +34,7 @@ blockbuster==1.5.26
     #   -r requirements/test-common.in
 brotli==1.2.0 ; platform_python_implementation == "CPython"
     # via -r requirements/runtime-deps.in
-build==1.3.0
+build==1.4.0
     # via pip-tools
 certifi==2026.1.4
     # via requests
diff --git a/requirements/dev.txt b/requirements/dev.txt
index 4b99549dc12..bfebee41c38 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -34,7 +34,7 @@ blockbuster==1.5.26
     #   -r requirements/test-common.in
 brotli==1.2.0 ; platform_python_implementation == "CPython"
     # via -r requirements/runtime-deps.in
-build==1.3.0
+build==1.4.0
     # via pip-tools
 certifi==2026.1.4
     # via requests