build(deps): bump the python-requirements group across 1 directory with 10 updates

[dependabot]

Bumps the python-requirements group with 10 updates in the / directory:

Package	From	To
sqlalchemy	2.0.49	2.0.50
geoalchemy2	0.19.0	0.20.0
peewee	4.0.5	4.0.6
azure-storage-blob	12.27.1	12.29.0
tox-uv	1.35.1	1.35.2
moto	5.2.0	5.2.1
mypy	1.20.2	2.1.0
types-peewee	4.0.1.20260503	4.0.5.20260518
types-wtforms	3.2.1.20260408	3.2.1.20260518
types-shapely	2.1.0.20260408	2.1.0.20260518

Updates sqlalchemy from 2.0.49 to 2.0.50

Release notes

Sourced from sqlalchemy's releases.

2.0.50

Released: May 24, 2026

orm

• [orm] [bug] Fixed issue where using _orm.joinedload() with PropComparator.of_type() targeting a joined-table subclass combined with PropComparator.and_() referencing a column on that subclass would generate invalid SQL, where the subclass column was not adapted to the subquery alias. Pull request courtesy Joaquin Hui Gomez.

  References: #13203

• [orm] [bug] Fixed issue where the presence of a SessionEvents.do_orm_execute() event hook would cause internal execution options such as yield_per and loader-specific state from the first orm_pre_session_exec pass to leak into the second pass, leading to errors when using relationship loaders such as selectinload() and immediateload(). The execution options passed to the second compilation pass are now based on the original options plus only the explicit updates made via ORMExecuteState.update_execution_options() within the event hook.

  References: #13301

• [orm] [bug] Fixed issue where using _orm.with_polymorphic() on a leaf class (a subclass with no further descendants) or a non-inherited class would fail with an AttributeError when used in an ORM statement, due to _orm.configure_mappers() not being triggered implicitly. The fix ensures that AliasedInsp participates in the _post_inspect hook, triggering mapper configuration during ORM statement compilation.

  References: #13319

sql

• [sql] [bug] Fixed issue where floor division (//) between a Float or Numeric numerator and an Integer denominator would omit the FLOOR() SQL wrapper on dialects where Dialect.div_is_floordiv is True (the default, including PostgreSQL and SQLite). FLOOR() is now applied if either the denominator or the numerator is a non-integer, so that expressions such as float_col // int_col render as FLOOR(float_col / int_col) instead of the incorrect float_col / int_col. Pull request courtesy r266-tech.

  References: #10528

postgresql

... (truncated)

Commits

• See full diff in compare view

Updates geoalchemy2 from 0.19.0 to 0.20.0

Release notes

Sourced from geoalchemy2's releases.

0.20.0

What's Changed

• Feat: Add MSSQL dialect by @​adrien-berchet in geoalchemy/geoalchemy2#603
• Docs: Update docs by @​adrien-berchet in geoalchemy/geoalchemy2#604
• Test: Rework Docker image with docker-compose by @​adrien-berchet in geoalchemy/geoalchemy2#601
• CI: Use prek and fix yaml files accordingly by @​adrien-berchet in geoalchemy/geoalchemy2#602
• CI: Setup cockroachdb by @​adrien-berchet in geoalchemy/geoalchemy2#569
• Chore: Add script to compare benchmarks from 2 different runs by @​adrien-berchet in geoalchemy/geoalchemy2#607
• Release: 0.20.0 by @​adrien-berchet in geoalchemy/geoalchemy2#608

Full Changelog: geoalchemy/geoalchemy2@0.19.0...0.20.0

Changelog

Sourced from geoalchemy2's changelog.

0.20.0

• Feat: Compatibility for SQLAlchemy >= 2.1 @​adrien-berchet (#606)
• Feat: Add MSSQL dialect @​adrien-berchet (#603)
• Docs: Update docs @​adrien-berchet (#604)
• CI: Setup cockroachdb @​adrien-berchet (#569)
• CI: Replace pre-commit by prek and fix yaml files accordingly @​adrien-berchet (#602)
• Test: Rework Docker image with docker-compose @​adrien-berchet (#601)

Commits

• dea459b Release: 0.20.0 (#608)
• 71a120f Chore: Add script to compare benchmarks from 2 different runs (#607)
• c1a7492 Feat: Compatibility for SQLAlchemy >= 2.1 (#606)
• 8e14557 CI: Setup cockroachdb (#569)
• 0dbf458 Docs: Update docs (#604)
• 379d47d Feat: Add MSSQL dialect (#603)
• 3a6cfe2 CI: Replace pre-commit by prek and fix yaml files accordingly (#602)
• 0e21b2b Test: Rework Docker image with docker-compose (#601)
• See full diff in compare view

Updates peewee from 4.0.5 to 4.0.6

Release notes

Sourced from peewee's releases.

4.0.6

• Add new methods to the postgres BinaryJSONField: helpers for in-place modifications (set, replace, insert, append, update).
• Also add json-path helpers to the postgres BinaryJSONField (path_exists, path_match, path_query, path_query_array, path_query_first).
• Quote path elements in SQLite's JSON field.
• Better and faster parsing of formatted date/times. Use the stdlib fromisoformat as a first attempt since it's faster and more robust.
• Ensure db.connection_context() can be nested cleanly, #3046.
• Fix potential deadlock in pool.close_all and pool.manual_close, #3047.
• Restore whitespace stripping in FixedCharField, #3048.

View commits

Changelog

Sourced from peewee's changelog.

4.0.6

• Add new methods to the postgres BinaryJSONField: helpers for in-place modifications (set, replace, insert, append, update).
• Also add json-path helpers to the postgres BinaryJSONField (path_exists, path_match, path_query, path_query_array, path_query_first).
• Quote path elements in SQLite's JSON field.
• Better and faster parsing of formatted date/times. Use the stdlib fromisoformat as a first attempt since it's faster and more robust.
• Ensure db.connection_context() can be nested cleanly, #3046.
• Fix potential deadlock in pool.close_all and pool.manual_close, #3047.
• Restore whitespace stripping in FixedCharField, #3048.

View commits

Commits

• 5a99f30 4.0.6
• 451f17b Update cl
• 63c4ded Restore whitespace stripping in FixedCharField.
• 2f460ad Fix deadlock in pool manual_close + close_all.
• 504f3c5 Fix pwasyncio failure w/conn context
• ef045af changelog update
• b1bc2cf Make connection_context() nest cleanly.
• be1dd2d Update changelog w/the last couple changes.
• 8a80798 Update docs, add path support to nested lookups as well.
• 98a0dd4 Add some helpers for json mutation + json-path to pg
• Additional commits viewable in compare view

Updates azure-storage-blob from 12.27.1 to 12.29.0

Release notes

Sourced from azure-storage-blob's releases.

azure-storage-blob_12.29.0

12.29.0 (2026-05-14)

Features Added

• Stable release of features from 12.29.0b1

Bugs Fixed

• Fixed an issue where BlobClient's download_blob did not retry upon ServiceReponseError and ServiceResponseTimeoutError exceptions
• Fixed various issues with configuring logging via logging_enable and logging_body keywords on a per-request basis and with retries. Prior to this fix logging may have not behaved as expected, especially on retries.
• Fix a potential memory leak caused by improper exception handling that could occur under rare circumstances.

Commits

• e73548b Release date
• 60f7b16 Changed release date
• 5280297 Modified release date to 5/12/2026
• 15e1ae9 NO_CI [Doc] Update references to wiki pages (#46169)
• 3f5c4d2 cibuildwheel not necessary in build-system metadata for `azure-storage-ex...
• 5b5b757 Modified release date to 2026-05-11
• 8b9a3e5 [Storage][101] Cherry pick recent fixes and release prep (#46659)
• fdae976 Merge branch 'main' into release/storage/stg101
• 1e540de Fix typing contract for max_concurrency in File Share client (#45637)
• fa44dea Fix typing contract for max_concurrency in Datalake client (#45631)
• Additional commits viewable in compare view

Updates tox-uv from 1.35.1 to 1.35.2

Release notes

Sourced from tox-uv's releases.

1.35.2

What's Changed

• Honor constraints opt for all packages by @​stephenfin in tox-dev/tox-uv#332
• 🐛 fix(lock): honor --recreate in uv-venv-lock-runner by @​gaborbernat in tox-dev/tox-uv#338

New Contributors

• @​stephenfin made their first contribution in tox-dev/tox-uv#332

Full Changelog: tox-dev/tox-uv@1.35.1...1.35.2

Commits

• 595721d 🐛 fix(lock): honor --recreate in uv-venv-lock-runner (#338)
• 1026808 [pre-commit.ci] pre-commit autoupdate (#337)
• 3f7ea4d [pre-commit.ci] pre-commit autoupdate (#334)
• f976fc1 build(deps): bump astral-sh/setup-uv from 8.0.0 to 8.1.0 (#333)
• c0fabe3 Honor constraints opt for all packages (#332)
• d4aa96d [pre-commit.ci] pre-commit autoupdate (#331)
• ac78519 build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#329)
• 8bab9b8 [pre-commit.ci] pre-commit autoupdate (#328)
• See full diff in compare view

Updates moto from 5.2.0 to 5.2.1

Changelog

Sourced from moto's changelog.

5.2.1

Docker Digest for 5.2.1: sha256:fe6575dcd878842124f05d20e4ffde2d1126e1e38ad03e196353b9e53649bcdf

Miscellaneous:
    * DynamoDB: batch_write_item() now correctly handles PUT requests with Binary (B) attributes (broken in 5.2.0)
    * S3: Uploading files no longer fails with 'Unsupported protocol' (broken in 5.2.0)
    * S3: create_multipart_upload() is now compatible with Java SDK again (broken in 5.2.0)
    * Route53: update_health_check() now correctly updates falsy values (broken in 5.2.0)

Commits

• 543c687 Pre-Release: Up Version Number
• b653a99 Prep release 5.2.1 (#10020)
• df3dc92 Core: Disable flaky AWS tests (#10019)
• ef42e0e S3: Make CreateMultipartUpload compatible with Java SDK (#10017)
• 50ab624 Core: Make compatible with mypy 2 (#10016)
• 6b3cf8d Route53: update_health_check() should handle falsy values correctly (#10014)
• b4f8b78 Core: short circuit protocol detection for S3 (#10012)
• 665e817 DynamoDB: fix BatchWriteItem handling of binary attributes (#10007)
• e754d88 Admin: Post-release steps
• See full diff in compare view

Updates mypy from 1.20.2 to 2.1.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Mypy 2.1

We’ve just uploaded mypy 2.1.0 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

librt.vecs: Fast Growable Array Type for Mypyc

The new librt.vecs module provides an efficient growable array type vec that is optimized for mypyc use. It provides fast, packed arrays with integer and floating point value types, which can be several times faster than list, and tens of times faster than array.array in code compiled using mypyc. It also supports nested vec objects and non-value-type items, such as vec[vec[str]].

Refer to the documentation for the details.

Contributed by Jukka Lehtosalo.

librt.random: Fast Pseudo-Random Number Generation

The new librt.random module provides fast pseudo-random number generation that is optimized for code compiled using mypyc. It can be 3x to 10x faster than the stdlib random module in compiled code.

Refer to the documentation for the details.

Contributed by Jukka Lehtosalo (PR 21433).

Mypyc Improvements

• Enable incremental self-compilation (Vaggelis Danias, PR 21369)
• Make compilation order with multiple files consistent (Piotr Sawicki, PR 21419)
• Fix crash on accessing StopAsyncIteration (Piotr Sawicki, PR 21406)
• Fix incremental compilation with separate flag (Vaggelis Danias, PR 21299)

Fixes to Crashes

• Fix crash on partial type with --allow-redefinition and global declaration (Jukka Lehtosalo, PR 21428)
• Fix broken awaitable generator patching (Ivan Levkivskyi, PR 21435)

... (truncated)

Commits

• c1c336d Remove +dev from version
• 74df14b Add changelog for mypy 2.1 (#21464)
• 022d9bc Revert "TypeForm: Enable by default (#21262)"
• 8826288 [mypyc] Document librt.random (#21463)
• 3f4067b Bump librt version to 0.11.0 (#21458)
• 2b1eb58 [mypyc] Enable incremental self-compilation (#21369)
• 8152f4a Respect file config comments for stale modules (#21444)
• 116d60b Fix nondeterminism from nonassociativity of overload joins (#21455)
• 6c4af8e Fix function call message change for small number of args (#21432)
• 4b8fdca [mypyc] Add librt.random module (#21433)
• Additional commits viewable in compare view

Updates types-peewee from 4.0.1.20260503 to 4.0.5.20260518

Commits

• See full diff in compare view

Updates types-wtforms from 3.2.1.20260408 to 3.2.1.20260518

Commits

• See full diff in compare view

Updates types-shapely from 2.1.0.20260408 to 2.1.0.20260518

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions