chore(deps): update pdfminer-six requirement from >=20221105 to >=20260107

[dependabot]

Updates the requirements on pdfminer-six to permit the latest version.

Release notes

Sourced from pdfminer-six's releases.

20260107

Added

• Support cmap types 6, 10 and 12 (#598)

Fixed

• Encapsulate error when failing to get attribute or data from stream (#1225, #1226)
• Validate maximum size of xref start (#1227)
• Use lazy %-style formatting for logging (#1234)

Removed

• Unused methods close, tell and poll on PSBaseParser (#1230)

Changelog

Sourced from pdfminer-six's changelog.

[20260107]

Added

• Support cmap types 6, 10 and 12 (#598)

Fixed

• Encapsulate error when failing to get attribute or data from stream (#1225, #1226)
• Validate maximum size of xref start (#1227)
• Use lazy %-style formatting for logging (#1234)

Removed

• Unused methods close, tell and poll on PSBaseParser (#1230)

[20251230]

Security

• Eliminated arbitrary code execution vulnerability (CVE-2025-64512) by replacing pickle CMap storage with json - users with custom pickle CMaps can use tools/convert_cmaps_to_json.py to convert to JSON format (#1172))

[20251229]

Added

• Support for colored and uncolored tiling patterns per ISO 32000 (#1171)
• Pre-commit hooks for automated code quality checks (#1215)
• Ruff rules for for modernized Python syntax (#1218)

Changed

• Using makefile instead of nox for local development (#1222)

Fixed

• Fix struct.error when processing PDFs with odd-length font encoding buffers (#1169)
• PSBaseParser combines tokens split across streams (#1158)
• Improve exception handling in PDFDocument with more precise error propagation (#1220)

[20251227]

Added

• Support for Python 3.14 (#1209)

Changed

• Refuse to execute circular references to content streams (including Form XObjects) (#1143)

... (truncated)

Commits

• 9e1243c chore: bump version
• 0d38cef perf: use lazy %-style logging (#1234)
• 3067706 remove: unused methods close, tell and poll on PSBaseParser (#1230)
• c706bdc fix: validate maximum size of xref start (#1227)
• 48f3404 fix: encapsulate error when parsing data from stream (#1226)
• 426116f fix: encapsulate errors when failing to get attribute from stream (#1225)
• a2a353f feat: add support for cmap types 6, 10 and 12 (#1213)
• 7094c9d chore: bump version
• 41a247c Security: Eliminate arbitrary code execution vulnerability (CVE-2025-64512) (...
• bd229e8 chore: bump version
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)