Bump the poetry-dependencies group across 1 directory with 57 updates

[dependabot]

Bumps the poetry-dependencies group with 52 updates in the / directory:

Package	From	To
black	25.12.0	26.1.0
coverage	7.13.1	7.13.4
ruff	0.14.10	0.15.0
pytest	8.4.2	9.0.2
pandas-stubs	2.3.3.251219	2.3.3.260113
orjson	3.11.5	3.11.7
sqlalchemy	2.0.45	2.0.46
rwrapr	0.9.2	0.9.3
dash	3.3.0	3.4.0
babel	2.17.0	2.18.0
cachetools	6.2.4	6.2.6
debugpy	1.8.19	1.8.20
filelock	3.20.2	3.20.3
fsspec	2025.12.0	2026.2.0
google-api-core	2.28.1	2.29.0
google-auth	2.41.1	2.48.0
google-cloud-pubsub	2.34.0	2.35.0
google-cloud-storage-control	1.8.0	1.9.0
greenlet	3.3.0	3.3.1
grpcio	1.76.0	1.78.0
grpcio-status	1.76.0	1.78.0
identify	2.6.15	2.6.16
jupyter-client	8.7.0	8.8.0
librt	0.7.7	0.7.8
multidict	6.7.0	6.7.1
narwhals	2.15.0	2.16.0
packaging	25.0	26.0
parso	0.8.5	0.8.6
pathspec	1.0.1	1.0.4
plotly	6.5.0	6.5.2
polars	1.36.1	1.38.1
proto-plus	1.27.0	1.27.1
protobuf	6.33.2	6.33.5
psutil	7.2.1	7.2.2
pyarrow	22.0.0	23.0.0
pyasn1	0.6.1	0.6.2
pycparser	2.23	3.0
pyjwt	2.10.1	2.11.0
pytokens	0.3.0	0.4.1
rich	14.2.0	14.3.2
setuptools	80.9.0	82.0.0
soupsieve	2.8.1	2.8.3
sqlglot	28.5.0	28.10.1
starlette	0.50.0	0.52.1
tomli	2.3.0	2.4.0
types-deprecated	1.3.1.20251101	1.3.1.20260130
urllib3	2.6.2	2.6.3
virtualenv	20.35.4	20.36.1
wcwidth	0.2.14	0.6.0
websockets	15.0.1	16.0
werkzeug	3.1.4	3.1.5
wrapt	2.0.1	2.1.1

Updates black from 25.12.0 to 26.1.0

Release notes

Sourced from black's releases.

26.1.0

Highlights

Introduces the 2026 stable style (#4892), stabilizing the following changes:

• always_one_newline_after_import: Always force one blank line after import statements, except when the line after the import is a comment or an import statement (#4489)
• fix_fmt_skip_in_one_liners: Fix # fmt: skip behavior on one-liner declarations, such as def foo(): return "mock" # fmt: skip, where previously the declaration would have been incorrectly collapsed (#4800)
• fix_module_docstring_detection: Fix module docstrings being treated as normal strings if preceded by comments (#4764)
• fix_type_expansion_split: Fix type expansions split in generic functions (#4777)
• multiline_string_handling: Make expressions involving multiline strings more compact (#1879)
• normalize_cr_newlines: Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)
• remove_parens_around_except_types: Remove parentheses around multiple exception types in except and except* without as (#4720)
• remove_parens_from_assignment_lhs: Remove unnecessary parentheses from the left-hand side of assignments while preserving magic trailing commas and intentional multiline formatting (#4865)
• standardize_type_comments: Format type comments which have zero or more spaces between # and type: or between type: and value to # type: (value) (#4645)

The following change was not in any previous stable release:

• Regenerated the _width_table.py and added tests for the Khmer language (#4253)

This release alo bumps pathspec to v1 and fixes inconsistencies with Git's .gitignore logic (#4958). Now, files will be ignored if a pattern matches them, even if the parent directory is directly unignored. For example, Black would previously format exclude/not_this/foo.py with this .gitignore:

exclude/
!exclude/not_this/

Now, exclude/not_this/foo.py will remain ignored. To ensure exclude/not_this/ and all of it's children are included in formatting (and in Git), use this .gitignore:

*/exclude/*
!*/exclude/not_this/

This new behavior matches Git. The leading */ are only necessary if you wish to ignore matching subdirectories (like the previous behavior did), and not just matching root

... (truncated)

Changelog

Sourced from black's changelog.

26.1.0

Highlights

Introduces the 2026 stable style (#4892), stabilizing the following changes:

• always_one_newline_after_import: Always force one blank line after import statements, except when the line after the import is a comment or an import statement (#4489)
• fix_fmt_skip_in_one_liners: Fix # fmt: skip behavior on one-liner declarations, such as def foo(): return "mock" # fmt: skip, where previously the declaration would have been incorrectly collapsed (#4800)
• fix_module_docstring_detection: Fix module docstrings being treated as normal strings if preceded by comments (#4764)
• fix_type_expansion_split: Fix type expansions split in generic functions (#4777)
• multiline_string_handling: Make expressions involving multiline strings more compact (#1879)
• normalize_cr_newlines: Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)
• remove_parens_around_except_types: Remove parentheses around multiple exception types in except and except* without as (#4720)
• remove_parens_from_assignment_lhs: Remove unnecessary parentheses from the left-hand side of assignments while preserving magic trailing commas and intentional multiline formatting (#4865)
• standardize_type_comments: Format type comments which have zero or more spaces between # and type: or between type: and value to # type: (value) (#4645)

The following change was not in any previous stable release:

• Regenerated the _width_table.py and added tests for the Khmer language (#4253)

This release alo bumps pathspec to v1 and fixes inconsistencies with Git's .gitignore logic (#4958). Now, files will be ignored if a pattern matches them, even if the parent directory is directly unignored. For example, Black would previously format exclude/not_this/foo.py with this .gitignore:

exclude/
!exclude/not_this/

Now, exclude/not_this/foo.py will remain ignored. To ensure exclude/not_this/ and all of it's children are included in formatting (and in Git), use this .gitignore:

*/exclude/*
!*/exclude/not_this/

This new behavior matches Git. The leading */ are only necessary if you wish to ignore

... (truncated)

Commits

• 6305bf1 Prepare 2026.1.0 release (#4892)
• e71305b Bump pypa/cibuildwheel from 3.3.0 to 3.3.1 (#4961)
• 21a2a8c Fix Shutdown multiprocessing Manager in schedule_formatting (#4952)
• e3146ce Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 (#4919)
• fe1fbc4 Bump actions/upload-artifact from 5.0.0 to 6.0.0 (#4923)
• 2b4b7fc Bump actions/download-artifact from 6.0.0 to 7.0.0 (#4922)
• d745be6 docs: document --force-exclude for pre-commit workflows (#4957)
• b41acd6 Various CI and doc refactors (#4928)
• 6f43612 Handle pathspec v1 changes (#4958)
• 200c550 Bump furo from 2025.9.25 to 2025.12.19 in /docs (#4933)
• Additional commits viewable in compare view

Updates coverage from 7.13.1 to 7.13.4

Changelog

Sourced from coverage's changelog.

Version 7.13.4 — 2026-02-09

• Fix: the third-party code fix in 7.13.3 required examining the parent directories where coverage was run. In the unusual situation that one of the parent directories is unreadable, a PermissionError would occur, as described in issue 2129_. This is now fixed.

• Fix: in test suites that change sys.path, coverage.py could fail with "RuntimeError: Set changed size during iteration" as described and fixed in pull 2130_. Thanks, Noah Fatsi.

• We now publish ppc64le wheels, thanks to Pankhudi Jain <pull 2121_>_.

.. _pull 2121: coveragepy/coveragepy#2121 .. _issue 2129: coveragepy/coveragepy#2129 .. _pull 2130: coveragepy/coveragepy#2130

.. _changes_7-13-3:

Version 7.13.3 — 2026-02-03

• Fix: in some situations, third-party code was measured when it shouldn't have been, slowing down test execution. This happened with layered virtual environments such as uv sometimes makes. The problem is fixed, closing issue 2082_. Now any directory on sys.path that is inside a virtualenv is considered third-party code.

.. _issue 2082: coveragepy/coveragepy#2082

.. _changes_7-13-2:

Version 7.13.2 — 2026-01-25

• Fix: when Python is installed via symlinks, for example with Homebrew, the standard library files could be incorrectly included in coverage reports. This is now fixed, closing issue 2115_.

• Fix: if a data file is created with no read permissions, the combine step would fail completely. Now a warning is issued and the file is skipped. Closes issue 2117_.

.. _issue 2115: coveragepy/coveragepy#2115 .. _issue 2117: coveragepy/coveragepy#2117

... (truncated)

Commits

• 4f78d57 build: no need to publish status.json
• f8616ff docs: sample HTML for 7.13.4
• fcf8c68 docs: prep for 7.13.4
• 189ecfd docs: thanks Pankhudi Jain for ppc64le wheels #2121
• 58aade0 build: add support for ppc64le architecture (#2121)
• 8ea42c8 chore: bump actions/attest-build-provenance (#2131)
• c09595f docs: Janine put a lot of effort into debugging issue #2128
• 8ee1760 docs: Greg wrote a great issue: #2129
• 76ba043 docs: thanks, Noah Fatsi
• 371fcc5 fix: set fixed paths_list in TreeMatcher init (#2130)
• Additional commits viewable in compare view

Updates ruff from 0.14.10 to 0.15.0

Release notes

Sourced from ruff's releases.

0.15.0

Release Notes

Released on 2026-02-03.

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

• Ruff now formats your code according to the 2026 style guide. See the formatter section below or in the blog post for a detailed list of changes.

• The linter now supports block suppression comments. For example, to suppress N803 for all parameters in this function:

  # ruff: disable[N803]
  def foo(
      legacyArg1,
      legacyArg2,
      legacyArg3,
      legacyArg4,
  ): ...
  # ruff: enable[N803]

  See the documentation for more details.

• The ruff:alpine Docker image is now based on Alpine 3.23 (up from 3.21).

• The ruff:debian and ruff:debian-slim Docker images are now based on Debian 13 "Trixie" instead of Debian 12 "Bookworm."

• Binaries for the ppc64 (64-bit big-endian PowerPC) architecture are no longer included in our releases. It should still be possible to build Ruff manually for this platform, if needed.

• Ruff now resolves all extended configuration files before falling back on a default Python version.

Stabilization

The following rules have been stabilized and are no longer in preview:

• blocking-http-call-httpx-in-async-function (ASYNC212)
• blocking-path-method-in-async-function (ASYNC240)
• blocking-input-in-async-function (ASYNC250)
• map-without-explicit-strict (B912)
• if-exp-instead-of-or-operator (FURB110)
• single-item-membership-test (FURB171)
• missing-maxsplit-arg (PLC0207)
• unnecessary-lambda (PLW0108)
• unnecessary-empty-iterable-within-deque-call (RUF037)
• in-empty-collection (RUF060)
• legacy-form-pytest-raises (RUF061)
• non-octal-permissions (RUF064)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.0

Released on 2026-02-03.

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

• Ruff now formats your code according to the 2026 style guide. See the formatter section below or in the blog post for a detailed list of changes.

• The linter now supports block suppression comments. For example, to suppress N803 for all parameters in this function:

  # ruff: disable[N803]
  def foo(
      legacyArg1,
      legacyArg2,
      legacyArg3,
      legacyArg4,
  ): ...
  # ruff: enable[N803]

  See the documentation for more details.

• The ruff:alpine Docker image is now based on Alpine 3.23 (up from 3.21).

• The ruff:debian and ruff:debian-slim Docker images are now based on Debian 13 "Trixie" instead of Debian 12 "Bookworm."

• Binaries for the ppc64 (64-bit big-endian PowerPC) architecture are no longer included in our releases. It should still be possible to build Ruff manually for this platform, if needed.

• Ruff now resolves all extended configuration files before falling back on a default Python version.

Stabilization

The following rules have been stabilized and are no longer in preview:

• blocking-http-call-httpx-in-async-function (ASYNC212)
• blocking-path-method-in-async-function (ASYNC240)
• blocking-input-in-async-function (ASYNC250)
• map-without-explicit-strict (B912)
• if-exp-instead-of-or-operator (FURB110)
• single-item-membership-test (FURB171)

... (truncated)

Commits

• ce5f7b6 Bump 0.15.0 (#23055)
• b4e40f5 [ty] Fix __contains__ to respect descriptors (#23056)
• 848cb72 [ty] Fix narrowing of nonlocal variables with conditional assignments (#22966)
• da7f33a [ty] Add a diagnostic for Final without assignment (#23001)
• e65f9a6 Document markdown formatting feature (#22990)
• c0c1b98 Format markdown code blocks with line-by-line regex parse (#22996)
• 9f8f3e1 Allow positional-only params with defaults in method overrides (#23037)
• ef83810 [ty] ecosystem-analyzer: Support bare git repositories (#23054)
• 54dfee4 Customize where the fix_title sub-diagnostic appears (#23044)
• b534607 2026 Ruff Formatter Style (#22735)
• Additional commits viewable in compare view

Updates pytest from 8.4.2 to 9.0.2

Release notes

Sourced from pytest's releases.

9.0.2

pytest 9.0.2 (2025-12-06)

Bug fixes

• #13896: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.

  You may enable it again by passing -p terminalprogress. We may enable it by default again once compatibility improves in the future.

  Additionally, when the environment variable TERM is dumb, the escape codes are no longer emitted, even if the plugin is enabled.

• #13904: Fixed the TOML type of the tmp_path_retention_count settings in the API reference from number to string.

• #13946: The private config.inicfg attribute was changed in a breaking manner in pytest 9.0.0. Due to its usage in the ecosystem, it is now restored to working order using a compatibility shim. It will be deprecated in pytest 9.1 and removed in pytest 10.

• #13965: Fixed quadratic-time behavior when handling unittest subtests in Python 3.10.

Improved documentation

• #4492: The API Reference now contains cross-reference-able documentation of pytest's command-line flags <command-line-flags>.

9.0.1

pytest 9.0.1 (2025-11-12)

Bug fixes

• #13895: Restore support for skipping tests via raise unittest.SkipTest.
• #13896: The terminal progress plugin added in pytest 9.0 is now automatically disabled when iTerm2 is detected, it generated desktop notifications instead of the desired functionality.
• #13904: Fixed the TOML type of the verbosity settings in the API reference from number to string.
• #13910: Fixed UserWarning: Do not expect file_or_dir on some earlier Python 3.12 and 3.13 point versions.

Packaging updates and notes for downstreams

• #13933: The tox configuration has been adjusted to make sure the desired version string can be passed into its package_env through the SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST environment variable as a part of the release process -- by webknjaz.

Contributor-facing changes

• #13891, #13942: The CI/CD part of the release automation is now capable of creating GitHub Releases without having a Git checkout on disk -- by bluetech and webknjaz.
• #13933: The tox configuration has been adjusted to make sure the desired version string can be passed into its package_env through the SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST environment variable as a part of the release process -- by webknjaz.

... (truncated)

Commits

• 3d10b51 Prepare release version 9.0.2
• 188750b Merge pull request #14030 from pytest-dev/patchback/backports/9.0.x/1e4b01d1f...
• b7d7bef Merge pull request #14014 from bluetech/compat-note
• bd08e85 Merge pull request #14013 from pytest-dev/patchback/backports/9.0.x/922b60377...
• bc78386 Add CLI options reference documentation (#13930)
• 5a4e398 Fix docs typo (#14005) (#14008)
• d7ae6df Merge pull request #14006 from pytest-dev/maintenance/update-plugin-list-tmpl...
• 556f6a2 pre-commit: fix rst-lint after new release (#13999) (#14001)
• c60fbe6 Fix quadratic-time behavior when handling unittest subtests in Python 3.10 ...
• 73d9b01 Merge pull request #13995 from nicoddemus/patchback/backports/9.0.x/1b5200c0f...
• Additional commits viewable in compare view

Updates pandas-stubs from 2.3.3.251219 to 2.3.3.260113

Commits

• 0cb16c4 Version 2.3.3.260113
• bf9a74a TYP: bump ty (#1630)
• db79b54 TST: numeric arrays (#1618)
• a0d8f9c GH1614 Add more agg func methods for pivot_table (#1623)
• 2c83c1f BUG: regression on #1594 for nightly (#1620)
• 78fcc5b TYP: GH1614 Add more agg func methods for pivot_table (#1615)
• cf423fd CLN: move tests for Series.astype (#1611)
• 0954c0d BUG: rename to NoDefaultDoNotUse (#1616)
• b54625a TST: xStringArray and NumpyExtensionArray (#1594)
• df2ebd0 DEPR: ravel in Index and Series pandas-dev/pandas#36900 pandas-dev/pand...
• Additional commits viewable in compare view

Updates orjson from 3.11.5 to 3.11.7

Release notes

Sourced from orjson's releases.

3.11.7

Changed

• Use a faster library to serialize float. Users with byte-exact regression tests should note positive exponents are now written using a +, e.g., 1.2e+30 instead of 1.2e30. Both formats are spec-compliant.
• ABI compatibility with CPython 3.15 alpha 5 free-threading.

3.11.6

Changed

• orjson now includes code licensed under the Mozilla Public License 2.0 (MPL-2.0).
• Drop support for Python 3.9.
• ABI compatibility with CPython 3.15 alpha 5.
• Build now depends on Rust 1.89 or later instead of 1.85.

Fixed

• Fix sporadic crash serializing deeply nested list of dict.

Changelog

Sourced from orjson's changelog.

3.11.7 - 2026-02-02

Changed

• Use a faster library to serialize float. Users with byte-exact regression tests should note positive exponents are now written using a +, e.g., 1.2e+30 instead of 1.2e30. Both formats are spec-compliant.
• ABI compatibility with CPython 3.15 alpha 5 free-threading.

3.11.6 - 2026-01-29

Changed

• orjson now includes code licensed under the Mozilla Public License 2.0 (MPL-2.0).
• Drop support for Python 3.9.
• ABI compatibility with CPython 3.15 alpha 5.
• Build now depends on Rust 1.89 or later instead of 1.85.

Fixed

• Fix sporadic crash serializing deeply nested list of dict.

Commits

• ec2b066 3.11.7
• 1ca01f7 zmij
• 1716a22 cargo update
• ec02024 3.11.6
• d581687 build, clippy misc
• 4105b29 writer::num
• 62bb185 Fix sporadic crash on serializing object close
• d860078 PyRef idiom refactors
• 343ae2f Deserializer, Utf8Buffer
• 7835f58 PyBytesRef and other input refactor
• Additional commits viewable in compare view

Updates sqlalchemy from 2.0.45 to 2.0.46

Release notes

Sourced from sqlalchemy's releases.

2.0.46

Released: January 21, 2026

typing

• [typing] [bug] Fixed typing issues where ORM mapped classes and aliased entities could not be used as keys in result row mappings or as join targets in select statements. Patterns such as row._mapping[User], row._mapping[aliased(User)], row._mapping[with_polymorphic(...)] (rejected by both mypy and Pylance), and .join(aliased(User)) (rejected by Pylance) are documented and fully supported at runtime but were previously rejected by type checkers. The type definitions for _KeyType and _FromClauseArgument have been updated to accept these ORM entity types.

  References: #13075

postgresql

• [postgresql] [bug] Fixed issue where PostgreSQL JSONB operators _postgresql.JSONB.Comparator.path_match() and _postgresql.JSONB.Comparator.path_exists() were applying incorrect VARCHAR casts to the right-hand side operand when used with newer PostgreSQL drivers such as psycopg. The operators now indicate the right-hand type as JSONPATH, which currently results in no casting taking place, but is also compatible with explicit casts if the implementation were require it at a later point.

  References: #13059

• [postgresql] [bug] Fixed regression in PostgreSQL dialect where JSONB subscription syntax would generate incorrect SQL for cast() expressions returning JSONB, causing syntax errors. The dialect now properly wraps cast expressions in parentheses when using the [] subscription syntax, generating (CAST(...))[index] instead of CAST(...)[index] to comply with PostgreSQL syntax requirements. This extends the fix from #12778 which addressed the same issue for function calls.

  References: #13067

• [postgresql] [bug] Improved the foreign key reflection regular expression pattern used by the PostgreSQL dialect to be more permissive in matching identifier characters, allowing it to correctly handle unicode characters in table and column names. This change improves compatibility with PostgreSQL variants such as CockroachDB that may use different quoting patterns in combination with unicode characters in their identifiers. Pull request courtesy Gord Thompson.

... (truncated)

Commits

• See full diff in compare view

Updates rwrapr from 0.9.2 to 0.9.3

Release notes

Sourced from rwrapr's releases.

v0.9.3

Changes

• Improve conversion to and from R of callables/functions (#101) @​Kss2k

📦 Dependencies

• Bump the poetry-dependencies group across 1 directory with 30 updates (#97) @dependabot[bot]
• Bump aiohttp from 3.13.2 to 3.13.3 (#96) @dependabot[bot]
• Bump the github-action-dependencies group with 9 updates (#94) @dependabot[bot]
• Bump the workflows-dependencies group in /.github/workflows with 4 updates (#93) @dependabot[bot]
• Bump filelock from 3.20.0 to 3.20.1 (#92) @dependabot[bot]

Commits

• b71beee Merge pull request #101 from statisticsnorway/improved-callables
• 7aa47b3 Fix mypy errors
• f213ace Delete test_fixriskyintervals.py. epends on Rglpk
• 5b2f3f1 poetry update
• 8c90a67 Bump version
• 9a72d1e Improve conversion to and from R of callables/functions
• 1326107 Merge pull request #97 from statisticsnorway/dependabot/pip/poetry-dependenci...
• 96d8df0 Bump the poetry-dependencies group across 1 directory with 30 updates
• 31facb8 Merge pull request #96 from statisticsnorway/dependabot/pip/aiohttp-3.13.3
• e44755d Merge pull request #94 from statisticsnorway/dependabot/github_actions/github...
• Additional commits viewable in compare view

Updates dash from 3.3.0 to 3.4.0

Release notes

Sourced from dash's releases.

Dash Version 3.4.0

Added

• [#3568]((plotly/dash#3568) Added children and copied_children props to dcc.Clipboard to customize the button contents before and after copying.
• [#3534]((plotly/dash#3534) Adds playsInline prop to html.Video. Based on [#2338]((plotly/dash#2338)
• #3541 Add attributes dictionary to be be formatted on script/link (_js_dist/_css_dist) tags of the index, allows for type="module" or type="importmap". #3538
• #3542 Add hidden=True to dash pages callback.
• #3564 Add new parameter hide_all_callbacks to run(). Closes #3493
• #3563 Add hidden to clientside callbacks as configurable parameter

Fixed

• #3541 Remove last reference of deprecated pkg_resources.
• #3548 Fix devtools overflowing it's container on version update. Fix #3535.
• #3545 Replace deprecated asyncio.iscoroutinefunction() call with inspect.iscoroutinefunction()

Changed

• #3540 Expose more types for better static typing options.
• #3520. Set pointer-events to auto on Tooltip to make it possible to interact with tooltip content when targetable=True

Changelog

Sourced from dash's changelog.

[3.4.0] - 2026-01-19

Added

• [#3568]((plotly/dash#3568) Added children and copied_children props to dcc.Clipboard to customize the button contents before and after copying.
• [#3534]((plotly/dash#3534) Adds playsInline prop to html.Video. Based on [#2338]((plotly/dash#2338)
• #3541 Add attributes dictionary to be be formatted on script/link (_js_dist/_css_dist) tags of the index, allows for type="module" or type="importmap". #3538
• #3542 Add hidden=True to dash pages callback.
• #3564 Add new parameter hide_all_callbacks to run(). Closes #3493
• #3563 Add hidden to clientside callbacks as configurable parameter

Fixed

• #3541 Remove last reference of deprecated pkg_resources.
• #3548 Fix devtools overflowing it's container on version update. Fix #3535.
• #3545 Replace deprecated asyncio.iscoroutinefunction() call with inspect.iscoroutinefunction()

Changed

• #3540 Expose more types for better static typing options.
• #3520. Set pointer-events to auto on Tooltip to make it possible to interact with tooltip content when targetable=True

Commits

• 89715d5 Merge pull request #3577 from plotly/master-3.4.0
• 484039a Version 3.4.0 build artifacts
• c2c0ac4 Merge branch 'dev' into master-3.4.0
• 4189c49 Merge pull request #3576 from plotly/version-3.4.0
• 989cfdc version 3.4.0
• 28b549a Merge pull request #3575 from plotly/update-deps-340
• 365153a update npm dependencies
• 6d857b8 Merge pull request #3548 from plotly/fix/devtool-overflow
• 8f37a27 update changelog
• 9c0c9d7 Merge branch 'dev' into fix/devtool-overflow
• Additional commits viewable in compare view

Updates babel from 2.17.0 to 2.18.0

Release notes

Sourced from babel's releases.

v2.18.0

Happy 2026! Like last year's release (ahem...), this one too is being made from FOSDEM 2026, in Brussels, Belgium. 🇧🇪 We'll aspire for a less glacial release cycle for 2.19. 😁

Please see CHANGELOG.rst for the detailed change log.

Full Changelog: python-babel/babel@v2.17.0...v2.18.0

Changelog

Sourced from babel's changelog.

Version 2.18.0

Happy 2026! This release is, coincidentally, also being made from FOSDEM.

We will aspire for a slightly less glacial release cadence in this year; there are interesting features in the pipeline.

Features

* Core: Add `babel.core.get_cldr_version()` by @akx in :gh:`1242`
* Core: Use CLDR 47 by @tomasr8 in :gh:`1210`
* Core: Use canonical IANA zone names in zone_territories by @akx in :gh:`1220`
* Messages: Improve extract performance via ignoring directories early during os.walk by @akx in :gh:`968`
* Messages: Merge in per-format keywords and auto_comments by @akx in :gh:`1243`
* Messages: Update keywords for extraction of dpgettext and dnpgettext by @mardiros in :gh:`1235`
* Messages: Validate all plurals in Python format checker by @tomasr8 in :gh:`1188`
* Time: Use standard library `timezone` instead of `FixedOffsetTimezone` by @akx in :gh:`1203`
Bugfixes

• Core: Fix formatting for "Empty locale identifier" exception added in #1164 by @​akx in :gh:1184
• Core: Improve handling of no-inheritance-marker in timezone data by @​akx in :gh:1194
• Core: Make the number pattern regular expression more efficient by @​akx in :gh:1213
• Messages: Keep translator comments next to the translation function call by @​akx in :gh:1196
• Numbers: Fix KeyError that occurred when formatting compact currencies of exactly one thousand in several locales by @​bartbroere in :gh:1246

Other improvements

* Core: Avoid unnecessary uses of `map()` by @akx in :gh:`1180`
* Messages: Have init-catalog create directories too by @akx in :gh:`1244`
* Messages: Optimizations for read_po by @akx in :gh:`1200`
* Messages: Use pathlib.Path() in catalog frontend; improve test coverage by @akx in :gh:`1204`
Infrastructure and documentation

• CI: Renovate CI & lint tools by @​akx in :gh:1228
• CI: Tighten up CI with Zizmor by @​akx in :gh:1230
• CI: make job permissions explicit by @​akx in :gh:1227
• Docs: Add SECURITY.md by @​akx in :gh:1229
• Docs: Remove u string prefix from docs by @​verhovsky in :gh:1174
• Docs: Update dates.rst with current unicode.org tr35 link by @​clach04 in :gh:1189
• General: Add some PyPI classifiers by @​tomasr8 in :gh:1186
• General: Apply reformatting by hand and with Ruff by @​akx in :gh:1202
• General: Test on and declare support for Python 3.14 by @​akx in :gh:1233

... (truncated)

Commits

• 56c63ca Prepare for 2.18.0 (#1248)
• 73015a1 Add user-agent to CLDR downloader (#1247)
• 29bd362 Fix formatting compact currencies of exactly one thousand in several locales ...
• 851db43 Reuse InitCatalog's guts in UpdateCatalog (#1244)
• fd00e60 Extract: Merge in per-format keywords and auto_comments (#1243)
• 12a14b6 Add dpgettext and dnpgettext support (#1235)
• 7110e62 Use canonical IANA zone names in zone_territories (#1220)
• e91c346 Improve extract performance via ignoring directories early during os.walk (#968)
• 0c4f378 Convert Unittest testcases with setup/teardown to fixtures (#1240)
• 218c96e Add babel.core.get_cldr_version() (#1242)
• Additional commits viewable in compare view

Updates cachetools from 6.2.4 to 6.2.6

Changelog

Sourced from cachetools's changelog.

v6.2.6 (2026-01-27)

• Improve typedkey performance.

• Minor documentation improvements.

• Minor testing improvements.

• Minor code readability improvements.

v6.2.5 (2026-01-25)

• Improve documentation regarding @cachedmethod with lock parameter.

• Add test cases for cache stampede scenarios.

• Update CI environment.

Commits

• 318ed71 Release v6.2.6.
• 48443ff Fix Cache.popitem test.
• 709819c Fix test method naming.
• 68e4b9c Minor documentation improvements.
• 8ee4015 Minor code readability improvements.
• ea47f99 Improve typedkey performance.
• 7158a30 Release v6.2.5.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud