build(deps): bump tox from 4.46.3 to 4.47.0

[dependabot]

Bumps tox from 4.46.3 to 4.47.0.

Release notes

Sourced from tox's releases.

v4.47.0

What's Changed

• Move SECURITY.md to .github/SECURITY.md by @​gaborbernat in tox-dev/tox#3835
• Standardize .github files to .yaml suffix by @​gaborbernat in tox-dev/tox#3836
• 🐛 fix(ci): resolve ty type-check failures by @​gaborbernat in tox-dev/tox#3837
• ✨ feat(config): show clean errors for type mismatches by @​gaborbernat in tox-dev/tox#3838
• 🧪 test(config): assert full error messages for all config fields by @​gaborbernat in tox-dev/tox#3840
• 🐛 fix(exec): pass stdin through to executed command by @​gaborbernat in tox-dev/tox#3842
• 🐛 fix(config): accept string for base_python in TOML by @​gaborbernat in tox-dev/tox#3843

Full Changelog: tox-dev/tox@4.46.3...4.47.0

Changelog

Sourced from tox's changelog.

Features - 4.47.0

• Show clean error messages instead of stack traces when TOML configuration contains type mismatches (e.g., deps = [1]), wrapping failures in HandledError with environment and key context - by :user:gaborbernat. (:issue:3831)
• Add comprehensive tests asserting full error messages for every configurable field type when TOML config contains type mismatches - by :user:gaborbernat. (:issue:3840)

Bug fixes - 4.47.0

• Fix type errors flagged by ty for virtualenv API changes (system_executable nullability and cached_py_info.PythonInfo removal), and correct the CI workflow matrix exclude for windows-2025 - by :user:gaborbernat. (:issue:3837)
• base_python and default_base_python now accept a string value in TOML configuration (e.g., base_python = "python" is coerced to ["python"]) instead of raising TypeError - by :user:gaborbernat. (:issue:3839)
• Pass stdin through to commands executed via tox exec so that piped input (e.g., echo "foo" | tox exec -- python -c 'import sys; print(sys.stdin.read())') reaches the subprocess instead of being discarded - by :user:gaborbernat. (:issue:3841)

---

v4.46.3 (2026-02-25)

---

Commits

• f3c5283 release 4.47.0
• 4486ac7 🐛 fix(config): accept string for base_python in TOML (#3843)
• 86bba07 🐛 fix(exec): pass stdin through to executed command (#3842)
• f1083c0 🧪 test(config): assert full error messages for all config fields (#3840)
• f7ecc1f ✨ feat(config): show clean errors for type mismatches (#3838)
• ff2af88 build(deps): bump actions/upload-artifact from 6 to 7 (#3834)
• ea82b0f build(deps): bump actions/download-artifact from 7 to 8 (#3833)
• a9533f5 🐛 fix(ci): resolve ty type-check failures (#3837)
• c6d745d Standardize .github files to .yaml suffix
• 68d9a09 Move SECURITY.md to .github/SECURITY.md
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)