Skip to content

Bump the python-packages group with 7 updates#563

Merged
neilmb merged 1 commit intomainfrom
dependabot/pip/python-packages-1dd7351d0c
Mar 9, 2026
Merged

Bump the python-packages group with 7 updates#563
neilmb merged 1 commit intomainfrom
dependabot/pip/python-packages-1dd7351d0c

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 9, 2026

Bumps the python-packages group with 7 updates:

Package From To
sqlalchemy 2.0.47 2.0.48
geoalchemy2 0.18.3 0.18.4
botocore 1.42.59 1.42.63
google-auth 2.48.0 2.49.0
google-api-python-client 2.190.0 2.192.0
ruff 0.15.4 0.15.5
black 26.1.0 26.3.0

Updates sqlalchemy from 2.0.47 to 2.0.48

Release notes

Sourced from sqlalchemy's releases.

2.0.48

Released: March 2, 2026

engine

  • [engine] [bug] Fixed a critical issue in Engine where connections created in conjunction with the DialectEvents.do_connect() event listeners would receive shared, mutable collections for the connection arguments, leading to a variety of potential issues including unlimited growth of the argument list as well as elements within the parameter dictionary being shared among concurrent connection calls. In particular this could impact do_connect routines making use of complex mutable authentication structures.

    References: #13144

Commits

Updates geoalchemy2 from 0.18.3 to 0.18.4

Release notes

Sourced from geoalchemy2's releases.

0.18.4

What's Changed

Full Changelog: geoalchemy/geoalchemy2@0.18.3...0.18.4

Changelog

Sourced from geoalchemy2's changelog.

0.18.4

Commits

Updates botocore from 1.42.59 to 1.42.63

Commits
  • 053383c Merge branch 'release-1.42.63'
  • e4c22a1 Bumping version to 1.42.63
  • 5ba4982 Update endpoints model
  • 684f32c Update to latest models
  • 9ae78f1 Merge pull request #3645 from kdaily/lint-connecthealth-removal-handler
  • ee748e4 Fix formatting in handlers.py
  • d66a4ce Merge branch 'release-1.42.62'
  • 19d2473 Merge branch 'release-1.42.62' into develop
  • 1f57f9e Bumping version to 1.42.62
  • fe37883 Update endpoints model
  • Additional commits viewable in compare view

Updates google-auth from 2.48.0 to 2.49.0

Release notes

Sourced from google-auth's releases.

v2.49.0.dev0

2.49.0-dev0 (2026-01-26)

Bug Fixes

Changelog

Sourced from google-auth's changelog.

Changelog

PyPI History

Commits

Updates google-api-python-client from 2.190.0 to 2.192.0

Release notes

Sourced from google-api-python-client's releases.

v2.192.0

2.192.0 (2026-03-03)

Features

Bug Fixes

v2.191.0

2.191.0 (2026-02-24)

Features

... (truncated)

Commits

Updates ruff from 0.15.4 to 0.15.5

Release notes

Sourced from ruff's releases.

0.15.5

Release Notes

Released on 2026-03-05.

Preview features

  • Discover Markdown files by default in preview mode (#23434)
  • [perflint] Extend PERF102 to comprehensions and generators (#23473)
  • [refurb] Fix FURB101 and FURB103 false positives when I/O variable is used later (#23542)
  • [ruff] Add fix for none-not-at-end-of-union (RUF036) (#22829)
  • [ruff] Fix false positive for re.split with empty string pattern (RUF055) (#23634)

Bug fixes

  • [fastapi] Handle callable class dependencies with __call__ method (FAST003) (#23553)
  • [pydocstyle] Fix numpy section ordering (D420) (#23685)
  • [pyflakes] Fix false positive for names shadowing re-exports (F811) (#23356)
  • [pyupgrade] Avoid inserting redundant None elements in UP045 (#23459)

Documentation

  • Document extension mapping for Markdown code formatting (#23574)
  • Update default Python version examples (#23605)

Other changes

  • Publish releases to Astral mirror (#23616)

Contributors

Install ruff 0.15.5

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.15.5/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.5

Released on 2026-03-05.

Preview features

  • Discover Markdown files by default in preview mode (#23434)
  • [perflint] Extend PERF102 to comprehensions and generators (#23473)
  • [refurb] Fix FURB101 and FURB103 false positives when I/O variable is used later (#23542)
  • [ruff] Add fix for none-not-at-end-of-union (RUF036) (#22829)
  • [ruff] Fix false positive for re.split with empty string pattern (RUF055) (#23634)

Bug fixes

  • [fastapi] Handle callable class dependencies with __call__ method (FAST003) (#23553)
  • [pydocstyle] Fix numpy section ordering (D420) (#23685)
  • [pyflakes] Fix false positive for names shadowing re-exports (F811) (#23356)
  • [pyupgrade] Avoid inserting redundant None elements in UP045 (#23459)

Documentation

  • Document extension mapping for Markdown code formatting (#23574)
  • Update default Python version examples (#23605)

Other changes

  • Publish releases to Astral mirror (#23616)

Contributors

Commits
  • 5e4a3d9 Bump 0.15.5 (#23743)
  • 69c23cc [ty] Render all changed diagnostics in conformance.py (#23613)
  • 4926bd5 [ty] Split deferred checks out of types/infer/builder.rs (#23740)
  • 9a70f5e Discover markdown files by default in preview mode (#23434)
  • 3dc78b0 [ty] Use HasOptionalDefinition for except handlers (#23739)
  • a6a5e8d [ty] Fix precedence of all selector in TOML configurations (#23723)
  • 2a5384b [ty] Make all selector case sensitive (#23713)
  • db77d7b [ty] Add a diagnostic if a TypeVar is used to specialize a ParamSpec, or ...
  • db28490 [ty] Override home directory in ty tests (#23724)
  • 5f0fd91 [ty] More type-variable default validation (#23639)
  • Additional commits viewable in compare view

Updates black from 26.1.0 to 26.3.0

Release notes

Sourced from black's releases.

26.3.0

Stable style

  • Don't double-decode input, causing non-UTF-8 files to be corrupted (#4964)
  • Fix crash on standalone comment in lambda default arguments (#4993)
  • Preserve parentheses when # type: ignore comments would be merged with other comments on the same line, preventing AST equivalence failures (#4888)

Preview style

  • Fix bug where if guards in case blocks were incorrectly split when the pattern had a trailing comma (#4884)
  • Fix string_processing crashing on unassigned long string literals with trailing commas (one-item tuples) (#4929)
  • Simplify implementation of the power operator "hugging" logic (#4918)

Packaging

  • Fix shutdown errors in PyInstaller builds on macOS by disabling multiprocessing in frozen environments (#4930)

Performance

  • Introduce winloop for windows as an alternative to uvloop (#4996)
  • Remove deprecated function uvloop.install() in favor of uvloop.new_event_loop() (#4996)
  • Rename maybe_install_uvloop function to maybe_use_uvloop to simplify loop installation and creation of either a uvloop/winloop evenloop or default eventloop (#4996)

Output

  • Emit a clear warning when the target Python version is newer than the running Python version, since AST safety checks cannot parse newer syntax. Also replace the misleading "INTERNAL ERROR" message with an actionable error explaining the version mismatch (#4983)

Blackd

  • Introduce winloop to be used when windows in use which enables blackd to run faster on windows when winloop is installed. (#4996)

Integrations

  • Remove unused gallery script (#5030)
  • Harden parsing of black requirements in the GitHub Action when use_pyproject is enabled so that only version specifiers are accepted and direct references such as black @ https://... are rejected. Users should upgrade to the latest version of the action as soon as possible. This update is received automatically when using psf/black@stable, and is independent of the version of Black installed by the

... (truncated)

Changelog

Sourced from black's changelog.

26.3.0

Stable style

  • Don't double-decode input, causing non-UTF-8 files to be corrupted (#4964)
  • Fix crash on standalone comment in lambda default arguments (#4993)
  • Preserve parentheses when # type: ignore comments would be merged with other comments on the same line, preventing AST equivalence failures (#4888)

Preview style

  • Fix bug where if guards in case blocks were incorrectly split when the pattern had a trailing comma (#4884)
  • Fix string_processing crashing on unassigned long string literals with trailing commas (one-item tuples) (#4929)
  • Simplify implementation of the power operator "hugging" logic (#4918)

Packaging

  • Fix shutdown errors in PyInstaller builds on macOS by disabling multiprocessing in frozen environments (#4930)

Performance

  • Introduce winloop for windows as an alternative to uvloop (#4996)
  • Remove deprecated function uvloop.install() in favor of uvloop.new_event_loop() (#4996)
  • Rename maybe_install_uvloop function to maybe_use_uvloop to simplify loop installation and creation of either a uvloop/winloop evenloop or default eventloop (#4996)

Output

  • Emit a clear warning when the target Python version is newer than the running Python version, since AST safety checks cannot parse newer syntax. Also replace the misleading "INTERNAL ERROR" message with an actionable error explaining the version mismatch (#4983)

Blackd

  • Introduce winloop to be used when windows in use which enables blackd to run faster on windows when winloop is installed. (#4996)

Integrations

  • Remove unused gallery script (#5030)
  • Harden parsing of black requirements in the GitHub Action when use_pyproject is enabled so that only version specifiers are accepted and direct references such as black @ https://... are rejected. Users should upgrade to the latest version of the action as soon as possible. This update is received automatically when using

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the python-packages group with 7 updates
126bb7f 
Bumps the python-packages group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.47` | `2.0.48` |
| [geoalchemy2](https://github.com/geoalchemy/geoalchemy2) | `0.18.3` | `0.18.4` |
| [botocore](https://github.com/boto/botocore) | `1.42.59` | `1.42.63` |
| [google-auth](https://github.com/googleapis/google-auth-library-python) | `2.48.0` | `2.49.0` |
| [google-api-python-client](https://github.com/googleapis/google-api-python-client) | `2.190.0` | `2.192.0` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.4` | `0.15.5` |
| [black](https://github.com/psf/black) | `26.1.0` | `26.3.0` |


Updates `sqlalchemy` from 2.0.47 to 2.0.48
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

Updates `geoalchemy2` from 0.18.3 to 0.18.4
- [Release notes](https://github.com/geoalchemy/geoalchemy2/releases)
- [Changelog](https://github.com/geoalchemy/geoalchemy2/blob/main/CHANGES.txt)
- [Commits](geoalchemy/geoalchemy2@0.18.3...0.18.4)

Updates `botocore` from 1.42.59 to 1.42.63
- [Commits](boto/botocore@1.42.59...1.42.63)

Updates `google-auth` from 2.48.0 to 2.49.0
- [Release notes](https://github.com/googleapis/google-auth-library-python/releases)
- [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/googleapis/google-auth-library-python/commits)

Updates `google-api-python-client` from 2.190.0 to 2.192.0
- [Release notes](https://github.com/googleapis/google-api-python-client/releases)
- [Commits](googleapis/google-api-python-client@v2.190.0...v2.192.0)

Updates `ruff` from 0.15.4 to 0.15.5
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.4...0.15.5)

Updates `black` from 26.1.0 to 26.3.0
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](psf/black@26.1.0...26.3.0)

---
updated-dependencies:
- dependency-name: sqlalchemy
  dependency-version: 2.0.48
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-packages
- dependency-name: geoalchemy2
  dependency-version: 0.18.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-packages
- dependency-name: botocore
  dependency-version: 1.42.63
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-packages
- dependency-name: google-auth
  dependency-version: 2.49.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: google-api-python-client
  dependency-version: 2.192.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: ruff
  dependency-version: 0.15.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-packages
- dependency-name: black
  dependency-version: 26.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-packages
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Mar 9, 2026
neilmb
neilmb approved these changes Mar 9, 2026
View reviewed changes
Copy link
Contributor

@neilmb neilmb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tests pass and reasonable version changes

@neilmb neilmb merged commit 4a0d461 into main Mar 9, 2026
8 of 9 checks passed
@neilmb neilmb deleted the dependabot/pip/python-packages-1dd7351d0c branch March 9, 2026 14:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@neilmb neilmb neilmb approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@neilmb