chore(deps): bump rich from 14.1.0 to 14.2.0

[dependabot]

Bumps rich from 14.1.0 to 14.2.0.

Release notes

Sourced from rich's releases.

The Easy as Pi release

This release bumps Python compatibility to the just-released Python 3.14.

[14.2.0] - 2025-10-09

Changed

• Python3.14 compatibility Textualize/rich#3861

Changelog

Sourced from rich's changelog.

[14.2.0] - 2025-10-09

Changed

• Python3.14 compatibility Textualize/rich#3861

Commits

• 494f83c changelog
• d476e85 Merge pull request #3862 from GeroZayas/docs/es-readme-sync-2025-10
• 518daaa docs(es): sync README.es.md (macOS, 16 colors, Python 3.8+)
• cd5074f Merge pull request #3861 from Textualize/python314
• 041406c removed asv
• 655b521 test fixes
• 27c2d2d bump for Python3.14
• ea9d4db Update feature_request.md
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA f3fe612.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
pip/rich	14.2.0	🟢 6.6	Details Check Score Reason Code-Review ⚠️ 2 Found 4/17 approved changesets -- score normalized to 2 Maintained 🟢 5 5 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Vulnerabilities 🟢 9 1 existing vulnerabilities detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits
pip/rich	14.2.0	🟢 6.6	Details Check Score Reason Code-Review ⚠️ 2 Found 4/17 approved changesets -- score normalized to 2 Maintained 🟢 5 5 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Vulnerabilities 🟢 9 1 existing vulnerabilities detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits

Scanned Files

• cli_bundle/requirements.txt
• docker/requirements.txt

[chatgpt-codex-connector]

💡 Codex Review

Genesis-Code-Protocol/.github/workflows/markdownlint.yml

Lines 95 to 104 in f3fe612

	# Commit fixes directly to PR branch if on a PR
	- name: Commit fixes if on PR
	if: github.event_name == 'pull_request'
	run: |
	if git diff --name-only | grep -q '\.md$'; then
	git config --local user.email "github-actions[bot]@users.noreply.github.com"
	git config --local user.name "github-actions[bot]"
	git add -A
	git commit -m "docs: fix markdown linting issues [skip ci]"
	git push origin HEAD:${{ github.head_ref }}

Skip markdownlint auto-push on forked PRs

The new Commit fixes if on PR step unconditionally runs on every pull request and pushes lint fixes back to origin HEAD:${{ github.head_ref }}. For PRs opened from a fork, the workflow token is read‑only and the source branch lives in a different repository, so this push either fails with a permission error or creates a stray branch in the base repo without updating the PR, causing the workflow to fail and leaving the PR unformatted. This step should be gated with !github.event.pull_request.head.repo.fork (or similar) before attempting to push.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.