chore(deps): bump rich from 14.1.0 to 14.3.1

[dependabot]

Bumps rich from 14.1.0 to 14.3.1.

Release notes

Sourced from rich's releases.

The Nerdy Fix release

Fixed issue with characters outside of unicode range reporting 0 cell size

[14.3.1] - 2026-01-24

Fixed

• Fixed characters out of unicode range reporting a cell size if 0 Textualize/rich#3944

The more emojis release

Rich now has support for multi-codepoint emojis. There have also been some Markdown improvements, and a number of fixes. See the release notes below for details.

[14.3.0] - 2026-01-24

Fixed

• IPython now respects when a Console instance is passed to pretty.install Textualize/rich#3915
• Fixed extraneous blank line on non-interactive disabled Progress Textualize/rich#3905
• Fixed extra padding on first cell in columns Textualize/rich#3935
• Fixed trailing whitespace removed when soft_wrap=True Textualize/rich#3937
• Fixed style new-lines when soft_wrap = True and a print style is set Textualize/rich#3938

Added

• Added support for some multi-codepopint glyphs (will fix alignment issues for these characters) Textualize/rich#3930
• Added support for UNICODE_VERSION environment variable Textualize/rich#3930
• Added last_render_height property to LiveRender Textualize/rich#3934
• Expose locals_max_depth and locals_overflow in traceback.install Textualize/rich#3906
• Added Segment.split_lines_terminator Textualize/rich#3938

Changed

• cells.cell_len now has a unicode_version parameter (that you probably should never change) Textualize/rich#3930
• Live will not write a new line if there was nothing rendered Textualize/rich#3934
• Changed style of Markdown headers Textualize/rich#3942
• Changed style of Markdown tables, added markdown.table.header and markdown.table.border styles Textualize/rich#3942
• Changed style of Markdown rules Textualize/rich#3942

The Easy as Pi release

This release bumps Python compatibility to the just-released Python 3.14.

[14.2.0] - 2025-10-09

Changed

• Python3.14 compatibility Textualize/rich#3861

Changelog

Sourced from rich's changelog.

[14.3.1] - 2026-01-24

Fixed

• Fixed characters out of unicode range reporting a cell size if 0 Textualize/rich#3944

[14.3.0] - 2026-01-24

Fixed

• IPython now respects when a Console instance is passed to pretty.install Textualize/rich#3915
• Fixed extraneous blank line on non-interactive disabled Progress Textualize/rich#3905
• Fixed extra padding on first cell in columns Textualize/rich#3935
• Fixed trailing whitespace removed when soft_wrap=True Textualize/rich#3937
• Fixed style new-lines when soft_wrap = True and a print style is set Textualize/rich#3938

Added

• Added support for some multi-codepopint glyphs (will fix alignment issues for these characters) Textualize/rich#3930
• Added support for UNICODE_VERSION environment variable Textualize/rich#3930
• Added last_render_height property to LiveRender Textualize/rich#3934
• Expose locals_max_depth and locals_overflow in traceback.install Textualize/rich#3906
• Added Segment.split_lines_terminator Textualize/rich#3938

Changed

• cells.cell_len now has a unicode_version parameter (that you probably should never change) Textualize/rich#3930
• Live will not write a new line if there was nothing rendered Textualize/rich#3934
• Changed style of Markdown headers Textualize/rich#3942
• Changed style of Markdown tables, added markdown.table.header and markdown.table.border styles Textualize/rich#3942
• Changed style of Markdown rules Textualize/rich#3942

[14.2.0] - 2025-10-09

Changed

• Python3.14 compatibility Textualize/rich#3861

Fixed

• Fixed exception when calling inspect on objects with unusual __qualname__ attribute Textualize/rich#3894

Commits

• f2a1c3b Merge pull request #3944 from Textualize/nerf-fonts
• 2e5a5da changelog
• 73ee823 fix fonts
• 36fe3f7 docstring
• 9a99acc Merge pull request #3828 from RyanSharafuddin/master
• 2f56d4d Merge pull request #3942 from Textualize/markdown-style
• 97b5bea typo
• 9303d77 markdown test
• 900052c bump
• e9b0e19 Update to markdown styles
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 909ecf3.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
pip/rich	14.3.1	🟢 6.2	Details Check Score Reason Maintained 🟢 5 2 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 5 Code-Review ⚠️ 2 Found 5/20 approved changesets -- score normalized to 2 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 6 4 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits
pip/rich	14.3.1	🟢 6.2	Details Check Score Reason Maintained 🟢 5 2 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 5 Code-Review ⚠️ 2 Found 5/20 approved changesets -- score normalized to 2 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 6 4 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits

Scanned Files

• cli_bundle/requirements.txt
• docker/requirements.txt

[chatgpt-codex-connector]

💡 Codex Review

Genesis-Code-Protocol/.github/dependency-review-config.yml

Lines 19 to 23 in 909ecf3

	- GPL-2.0
	- GPL-3.0
	- AGPL-3.0
	- LGPL-2.1
	- LGPL-3.0

Restore copyleft license denial in dependency review

These entries explicitly allow GPL/AGPL/LGPL licenses, and the commit also removed the previous deny list. As a result, a PR that adds a copyleft dependency will now pass the dependency‑review check where it previously failed, which is a license‑compliance regression for a MIT‑licensed project. If the intent was to keep the earlier policy of rejecting copyleft licenses, this change should be reverted or moved back into a deny list.

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[dependabot]

Superseded by #633.