Bump wheel from 0.45.1 to 0.46.2 (#11979)

Bumps [wheel](https://github.com/pypa/wheel) from 0.45.1 to 0.46.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/wheel/releases">wheel's
releases</a>.</em></p>
<blockquote>
<h2>0.46.2</h2>
<ul>
<li>Restored the <code>bdist_wheel</code> command for compatibility with
<code>setuptools</code> older than v70.1</li>
<li>Importing <code>wheel.bdist_wheel</code> now emits a
<code>FutureWarning</code> instead of a
<code>DeprecationWarning</code></li>
<li>Fixed <code>wheel unpack</code> potentially altering the permissions
of files outside of the destination tree with maliciously crafted wheels
(CVE-2026-24049)</li>
</ul>
<h2>0.46.1</h2>
<ul>
<li>Temporarily restored the <code>wheel.macosx_libfile</code> module
(<a
href="https://redirect.github.com/pypa/wheel/issues/659">#659</a>)</li>
</ul>
<h2>0.46.0</h2>
<ul>
<li>Dropped support for Python 3.8</li>
<li>Removed the <code>bdist_wheel</code> setuptools command
implementation and entry point. The <code>wheel.bdist_wheel</code>
module is now just an alias to
<code>setuptools.command.bdist_wheel</code>, emitting a deprecation
warning on import.</li>
<li>Removed vendored <code>packaging</code> in favor of a run-time
dependency on it</li>
<li>Made the <code>wheel.metadata</code> module private (with a
deprecation warning if it's imported</li>
<li>Made the <code>wheel.cli</code> package private (no deprecation
warning)</li>
<li>Fixed an exception when calling the <code>convert</code> command
with an empty description field</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/wheel/blob/main/docs/news.rst">wheel's
changelog</a>.</em></p>
<blockquote>
<h1>Release Notes</h1>
<p><strong>0.46.2 (2026-01-22)</strong></p>
<ul>
<li>Restored the <code>bdist_wheel</code> command for compatibility with
<code>setuptools</code> older than
v70.1</li>
<li>Importing <code>wheel.bdist_wheel</code> now emits a
<code>FutureWarning</code> instead of a
<code>DeprecationWarning</code></li>
<li>Fixed <code>wheel unpack</code> potentially altering the permissions
of files outside of the
destination tree with maliciously crafted wheels (CVE-2026-24049)</li>
</ul>
<p><strong>0.46.1 (2025-04-08)</strong></p>
<ul>
<li>Temporarily restored the <code>wheel.macosx_libfile</code> module
(<code>[#659](pypa/wheel#659)
&lt;https://github.com/pypa/wheel/issues/659&gt;</code>_)</li>
</ul>
<p><strong>0.46.0 (2025-04-03)</strong></p>
<ul>
<li>Dropped support for Python 3.8</li>
<li>Removed the <code>bdist_wheel</code> setuptools command
implementation and entry point.
The <code>wheel.bdist_wheel</code> module is now just an alias to
<code>setuptools.command.bdist_wheel</code>, emitting a deprecation
warning on import.</li>
<li>Removed vendored <code>packaging</code> in favor of a run-time
dependency on it</li>
<li>Made the <code>wheel.metadata</code> module private (with a
deprecation warning if it's
imported</li>
<li>Made the <code>wheel.cli</code> package private (no deprecation
warning)</li>
<li>Fixed an exception when calling the <code>convert</code> command
with an empty description
field</li>
</ul>
<p><strong>0.45.1 (2024-11-23)</strong></p>
<ul>
<li>Fixed pure Python wheels converted from eggs and wininst files
having the ABI tag in
the file name</li>
</ul>
<p><strong>0.45.0 (2024-11-08)</strong></p>
<ul>
<li>
<p>Refactored the <code>convert</code> command to not need setuptools to
be installed</p>
</li>
<li>
<p>Don't configure setuptools logging unless running
<code>bdist_wheel</code></p>
</li>
<li>
<p>Added a redirection from <code>wheel.bdist_wheel.bdist_wheel</code>
to
<code>setuptools.command.bdist_wheel.bdist_wheel</code> to improve
compatibility with
<code>setuptools</code>' latest fixes.</p>
<p>Projects are still advised to migrate away from the deprecated module
and import
the <code>setuptools</code>' implementation explicitly. (PR by <a
href="https://github.com/abravalheri"><code>@​abravalheri</code></a>)</p>
</li>
</ul>
<p><strong>0.44.0 (2024-08-04)</strong></p>
<ul>
<li>Canonicalized requirements in METADATA file (PR by Wim
Jeantine-Glenn)</li>
<li>Deprecated the <code>bdist_wheel</code> module, as the code was
migrated to <code>setuptools</code></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/wheel/commit/eba4036ccaca4e2d0c5b5bf3e3be59b2b2877d6b"><code>eba4036</code></a>
Updated the version number for v0.46.2</li>
<li><a
href="https://github.com/pypa/wheel/commit/557fb5425036ccca95330b2c8875e54c9f4483cf"><code>557fb54</code></a>
Created a new release</li>
<li><a
href="https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"><code>7a7d2de</code></a>
Fixed security issue around wheel unpack (<a
href="https://redirect.github.com/pypa/wheel/issues/675">#675</a>)</li>
<li><a
href="https://github.com/pypa/wheel/commit/41418fac233d6973ea8798d620df4aa5b3aa1b66"><code>41418fa</code></a>
Fixed test failures due to metadata normalization changes</li>
<li><a
href="https://github.com/pypa/wheel/commit/c1d442bec6c634fcfb89e5d58698dd226685bd14"><code>c1d442b</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/wheel/issues/674">#674</a>)</li>
<li><a
href="https://github.com/pypa/wheel/commit/0bac8820ec90b1aaa0695d79a56563137b48686d"><code>0bac882</code></a>
Update github actions environments (<a
href="https://redirect.github.com/pypa/wheel/issues/673">#673</a>)</li>
<li><a
href="https://github.com/pypa/wheel/commit/be9f45b4ee1210b2a815d2eefea56b71efd99d63"><code>be9f45b</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/wheel/issues/667">#667</a>)</li>
<li><a
href="https://github.com/pypa/wheel/commit/6244f08bb92d7569da6c2fbea23de0846ad34ff3"><code>6244f08</code></a>
Update pre-commit ruff legacy alias (<a
href="https://redirect.github.com/pypa/wheel/issues/668">#668</a>)</li>
<li><a
href="https://github.com/pypa/wheel/commit/15b7577654e8bcd23e009c6bac036b65c11d8d8f"><code>15b7577</code></a>
PEP 639 compliance (<a
href="https://redirect.github.com/pypa/wheel/issues/670">#670</a>)</li>
<li><a
href="https://github.com/pypa/wheel/commit/fc8cb4163e4f48d86092cb2a16076f1b3efcd10f"><code>fc8cb41</code></a>
Revert &quot;Removed redundant Python version from the publish workflow
(<a
href="https://redirect.github.com/pypa/wheel/issues/666">#666</a>)&quot;</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/wheel/compare/0.45.1...0.46.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=wheel&package-manager=pip&previous-version=0.45.1&new-version=0.46.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

requirements/constraints.txt

@@ -131,6 +131,7 @@ packaging==25.0
     #   gunicorn
     #   pytest
     #   sphinx
+    #   wheel
 pathspec==1.0.3
     # via mypy
 pip-tools==7.5.2
@@ -282,7 +283,7 @@ virtualenv==20.36.1
     # via pre-commit
 wait-for-it==2.3.0
     # via -r requirements/test-common.in
-wheel==0.45.1
+wheel==0.46.2
     # via pip-tools
 yarl==1.22.0
     # via -r requirements/runtime-deps.in

requirements/dev.txt

@@ -128,6 +128,7 @@ packaging==25.0
     #   gunicorn
     #   pytest
     #   sphinx
+    #   wheel
 pathspec==1.0.3
     # via mypy
 pip-tools==7.5.2
@@ -272,7 +273,7 @@ virtualenv==20.36.1
     # via pre-commit
 wait-for-it==2.3.0
     # via -r requirements/test-common.in
-wheel==0.45.1
+wheel==0.46.2
     # via pip-tools
 yarl==1.22.0
     # via -r requirements/runtime-deps.in