Bump filelock from 3.25.2 to 3.28.0 (#12380)

Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.25.2 to
3.28.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tox-dev/py-filelock/releases">filelock's
releases</a>.</em></p>
<blockquote>
<h2>3.28.0</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>🐛 fix(ci): unbreak release workflow, publish to PyPI again by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/tox-dev/filelock/pull/529">tox-dev/filelock#529</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tox-dev/filelock/compare/3.27.0...3.28.0">https://github.com/tox-dev/filelock/compare/3.27.0...3.28.0</a></p>
<h2>3.27.0</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>✨ feat(rw): add SoftReadWriteLock for NFS and HPC clusters by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/tox-dev/filelock/pull/528">tox-dev/filelock#528</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tox-dev/filelock/compare/3.26.1...3.27.0">https://github.com/tox-dev/filelock/compare/3.26.1...3.27.0</a></p>
<h2>3.26.1</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>🐛 fix(asyncio): add <strong>exit</strong> to BaseAsyncFileLock and
fix <strong>del</strong> loop handling by <a
href="https://github.com/naarob"><code>@​naarob</code></a> in <a
href="https://redirect.github.com/tox-dev/filelock/pull/518">tox-dev/filelock#518</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/naarob"><code>@​naarob</code></a> made
their first contribution in <a
href="https://redirect.github.com/tox-dev/filelock/pull/518">tox-dev/filelock#518</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tox-dev/filelock/compare/3.26.0...3.26.1">https://github.com/tox-dev/filelock/compare/3.26.0...3.26.1</a></p>
<h2>3.26.0</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>🔒 ci(workflows): add zizmor security auditing by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/tox-dev/filelock/pull/517">tox-dev/filelock#517</a></li>
<li>🔧 fix(ci): restore git credentials for release job by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/tox-dev/filelock/pull/520">tox-dev/filelock#520</a></li>
<li>✨ feat(soft): add PID inspection and lock breaking by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/tox-dev/filelock/pull/524">tox-dev/filelock#524</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tox-dev/filelock/compare/3.25.2...3.26.0">https://github.com/tox-dev/filelock/compare/3.25.2...3.26.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst">filelock's
changelog</a>.</em></p>
<blockquote>
<p>###########
Changelog
###########</p>
<hr />
<p>3.28.0 (2026-04-14)</p>
<hr />
<ul>
<li>🐛 fix(ci): unbreak release workflow, publish to PyPI again
:pr:<code>529</code></li>
</ul>
<hr />
<p>3.26.1 (2026-04-09)</p>
<hr />
<ul>
<li>🐛 fix(asyncio): add <strong>exit</strong> to BaseAsyncFileLock and
fix <strong>del</strong> loop handling :pr:<code>518</code> - by
:user:<code>naarob</code></li>
<li>build(deps): bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0
:pr:<code>525</code> - by :user:<code>dependabot[bot]</code></li>
</ul>
<hr />
<p>3.26.0 (2026-04-06)</p>
<hr />
<ul>
<li>✨ feat(soft): add PID inspection and lock breaking
:pr:<code>524</code></li>
<li>[pre-commit.ci] pre-commit autoupdate :pr:<code>523</code> - by
:user:<code>pre-commit-ci[bot]</code></li>
<li>build(deps): bump astral-sh/setup-uv from 7.6.0 to 8.0.0
:pr:<code>522</code> - by :user:<code>dependabot[bot]</code></li>
<li>Remove persist-credentials: false from release job
:pr:<code>520</code></li>
<li>[pre-commit.ci] pre-commit autoupdate :pr:<code>519</code> - by
:user:<code>pre-commit-ci[bot]</code></li>
<li>🔒 ci(workflows): add zizmor security auditing
:pr:<code>517</code></li>
<li>[pre-commit.ci] pre-commit autoupdate :pr:<code>516</code> - by
:user:<code>pre-commit-ci[bot]</code></li>
<li>[pre-commit.ci] pre-commit autoupdate :pr:<code>514</code> - by
:user:<code>pre-commit-ci[bot]</code></li>
</ul>
<hr />
<p>3.25.2 (2026-03-11)</p>
<hr />
<ul>
<li>🐛 fix(unix): suppress EIO on close in Docker bind mounts
:pr:<code>513</code></li>
</ul>
<hr />
<p>3.25.1 (2026-03-09)</p>
<hr />
<ul>
<li>[pre-commit.ci] pre-commit autoupdate :pr:<code>510</code> - by
:user:<code>pre-commit-ci[bot]</code></li>
<li>🐛 fix(win): restore best-effort lock file cleanup on release
:pr:<code>511</code></li>
<li>[pre-commit.ci] pre-commit autoupdate :pr:<code>508</code> - by
:user:<code>pre-commit-ci[bot]</code></li>
<li>📝 docs(logo): add branded project logo :pr:<code>507</code></li>
</ul>
<hr />
<p>3.25.0 (2026-03-01)</p>
<hr />
<ul>
<li>✨ feat(async): add AsyncReadWriteLock :pr:<code>506</code></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tox-dev/filelock/commit/55de20c0819652362881906fa289feff5a323c19"><code>55de20c</code></a>
Release 3.28.0</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/476b0e4a92776fe530b5d993247342f039004174"><code>476b0e4</code></a>
🐛 fix(ci): unbreak release workflow, publish to PyPI again (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/529">#529</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/824713edc32b54efd66566907f97c1238502810e"><code>824713e</code></a>
✨ feat(rw): add SoftReadWriteLock for NFS and HPC clusters (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/528">#528</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/9879de9298db93ffba0a9f58d9de75e9e2a00fc1"><code>9879de9</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/527">#527</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/4cfab498b6916f89be46152efa4a72e9731be98f"><code>4cfab49</code></a>
Release 3.26.1</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/734c9f26e8107ad24886129fc68865f0b46cf71f"><code>734c9f2</code></a>
🐛 fix(asyncio): add <strong>exit</strong> to BaseAsyncFileLock and fix
<strong>del</strong> loop handli...</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/c9f9cb4c63b69d1bcfbcf98fe7c8dc439f51d473"><code>c9f9cb4</code></a>
build(deps): bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/525">#525</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/ad728d72a3e492297208c16b7c0787f4bfb6ccd0"><code>ad728d7</code></a>
Release 3.26.0</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/f8a9849d63f256229d7c6481081c5df58f63e2ba"><code>f8a9849</code></a>
✨ feat(soft): add PID inspection and lock breaking (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/524">#524</a>)</li>
<li><a
href="https://github.com/tox-dev/filelock/commit/fc53a83fa16c748b687e598f12540b876c642fce"><code>fc53a83</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/tox-dev/py-filelock/issues/523">#523</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tox-dev/py-filelock/compare/3.25.2...3.28.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=filelock&package-manager=pip&previous-version=3.25.2&new-version=3.28.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

requirements/constraints.txt

@@ -69,7 +69,7 @@ exceptiongroup==1.3.1
     # via pytest
 execnet==2.1.2
     # via pytest-xdist
-filelock==3.25.2
+filelock==3.28.0
     # via
     #   python-discovery
     #   virtualenv

requirements/dev.txt

@@ -67,7 +67,7 @@ exceptiongroup==1.3.1
     # via pytest
 execnet==2.1.2
     # via pytest-xdist
-filelock==3.25.2
+filelock==3.28.0
     # via
     #   python-discovery
     #   virtualenv

requirements/lint.txt

@@ -29,7 +29,7 @@ distlib==0.4.0
     # via virtualenv
 exceptiongroup==1.3.1
     # via pytest
-filelock==3.25.2
+filelock==3.28.0
     # via
     #   python-discovery
     #   virtualenv