Require python 3.12 to build the docs

[bjoernricks]

What

Require python 3.12 and format CI/CD workflows

Why

Current versions of the dependencies including sphinx require Python >= 3.12. Therefore
drop support for lower versions to be able to use the newest dependencies.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ❌ 1 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 8 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 3b8e3b8.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

uv.lock

Package	Version	License	Issue Type
docutils	0.22.4	BSD-2-Clause AND BSD-3-Clause AND CC-PDDC AND GPL-1.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-scancode-other-copyleft AND LicenseRef-scancode-public-domain	Incompatible License
click	8.3.3	Null	Unknown License
idna	3.13	Null	Unknown License
myst-parser	5.0.0	Null	Unknown License
packaging	26.1	Null	Unknown License
sphinx	9.1.0	Null	Unknown License
starlette	1.0.0	Null	Unknown License
uvicorn	0.46.0	Null	Unknown License
certifi	2026.4.22	Null	Unknown License

Allowed Licenses:

0BSD, AGPL-3.0-or-later, Apache-2.0, BlueOak-1.0.0, BSD-2-Clause, BSD-3-Clause-Clear, BSD-3-Clause, BSL-1.0, bzip2-1.0.6, CAL-1.0, CC-BY-3.0, CC-BY-4.0, CC-BY-SA-4.0, CC0-1.0, EPL-2.0, GPL-1.0-or-later, GPL-2.0-only, GPL-2.0-or-later, GPL-2.0, GPL-3.0-only, GPL-3.0-or-later, GPL-3.0, ISC, LGPL-2.0-only, LGPL-2.0-or-later, LGPL-2.1-only, LGPL-2.1-or-later, LGPL-2.1, LGPL-3.0-only, LGPL-3.0, LGPL-3.0-or-later, MIT, MIT-CMU, MPL-1.1, MPL-2.0, OFL-1.1, PSF-2.0, Python-2.0, Python-2.0.1, Unicode-3.0, Unicode-DFS-2016, Unlicense, Zlib, ZPL-2.1

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
pip/alabaster	1.0.0	Unknown	Unknown
pip/anyio	4.13.0	Unknown	Unknown
pip/babel	2.18.0	Unknown	Unknown
pip/beautifulsoup4	4.14.3	Unknown	Unknown
pip/certifi	2026.4.22	🟢 6.6	Details Check Score Reason Maintained 🟢 10 10 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review 🟢 5 Found 1/2 approved changesets -- score normalized to 5 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/charset-normalizer	3.4.7	Unknown	Unknown
pip/click	8.3.3	Unknown	Unknown
pip/docutils	0.22.4	Unknown	Unknown
pip/idna	3.13	Unknown	Unknown
pip/imagesize	2.0.0	🟢 3.8	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Code-Review ⚠️ 0 Found 0/15 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/markdown-it-py	4.0.0	Unknown	Unknown
pip/markupsafe	3.0.3	Unknown	Unknown
pip/mdit-py-plugins	0.5.0	Unknown	Unknown
pip/myst-parser	5.0.0	Unknown	Unknown
pip/packaging	26.1	Unknown	Unknown
pip/pyyaml	6.0.3	Unknown	Unknown
pip/requests	2.33.1	Unknown	Unknown
pip/roman-numerals	4.1.0	Unknown	Unknown
pip/soupsieve	2.8.3	Unknown	Unknown
pip/sphinx	9.1.0	Unknown	Unknown
pip/sphinx-autobuild	2025.8.25	Unknown	Unknown
pip/starlette	1.0.0	Unknown	Unknown
pip/typing-extensions	4.15.0	Unknown	Unknown
pip/uvicorn	0.46.0	Unknown	Unknown
pip/watchfiles	1.1.1	🟢 3.4	Details Check Score Reason Code-Review 🟢 3 Found 8/25 approved changesets -- score normalized to 3 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/websockets	16.0	Unknown	Unknown

Scanned Files

• pyproject.toml
• uv.lock