Bump the python-packages group with 8 updates

[dependabot]

Bumps the python-packages group with 8 updates:

Package	From	To
duckdb	1.4.4	1.5.1
parsl	2026.2.23	2026.3.30
botocore	1.42.59	1.42.70
pytest-cov	7.0.0	7.1.0
pillow	12.1.1	12.2.0
jupyterlab	4.5.5	4.5.6
sphinxcontrib-mermaid	2.0.0	2.0.1
myst-nb	1.3.0	1.4.0

Updates duckdb from 1.4.4 to 1.5.1

Release notes

Sourced from duckdb's releases.

v1.5.1 Bugfix Release

DuckDB core v1.5.1 Changelog: duckdb/duckdb@v1.5.0...v1.5.1

What's Changed

• Re-added basic support for the GEOMETRY type

DuckDB Python 1.5.0 "Variegata"

This is the 1.5.0 release of DuckDB's Python bindings. For a list of changes in DuckDB core, have a look at the DuckDB release notes and the blogpost.

Breaking Changes

• Dropped Python 3.9 support. The minimum supported version is now Python 3.10.
• Removed deprecated duckdb.typing and duckdb.functional modules. These were deprecated in 1.4.0. Use duckdb.sqltypes and duckdb.func instead.
• Renamed column parameter to expression in relational API functions (e.g., min, max, sum, mean, etc.) to better reflect that these accept expressions, not just column names.
• Deprecated fetch_arrow_table() and fetch_record_batch() on connections and relations. Use the new to_arrow_table() and to_arrow_reader() methods instead.

New Features

• Polars LazyFrame projection and filter pushdown. DuckDB can now push down projections and filters when scanning Polars LazyFrames, including support for cast nodes and unstrict casts.
• Polars Int128 / UInt128 support.
• VARIANT type support — Python conversion, NumPy array wrapping, and type stubs.
• TIME_NS type support — nanosecond-precision time values across Python, NumPy, and Spark type systems.
• Profiling API — new get_profiling_info() and get_profiling_json() methods on connections, plus a refactored query_graph module with improved HTML visualization (dark mode, expandable phases, depth).
• to_arrow_table() and to_arrow_reader() — new methods on connections and relations as the preferred Arrow export API.

Performance

• __arrow_c_stream__ on relations — relations now export via the Arrow PyCapsule interface using PhysicalArrowCollector for zero-copy streaming.
• Unified Arrow stream scanning via __arrow_c_stream__, with filter pushdown only when pyarrow is present.
• Arrow schema caching to avoid repeated lookups during scanning.
• Arrow object type caching to avoid repeated detection.
• Empty params treated as None for .sql() — avoids unnecessary parameter binding overhead.
• Simplified GIL management for FetchRow.

Bug Fixes

• Fixed Python object leak in scalar UDFs — PyObject_CallObject return values are now properly stolen to avoid reference count leaks.
• Fixed reference cycle between connections and relations that could prevent garbage collection.
• Relations now hold a reference to their connection, preventing premature connection closure.
• Fixed fsspec race condition in the Python filesystem implementation.
• Fixed numeric conversion logic — improved handling of large integers (fallback to VARCHAR) and UNION types.
• pyarrow.dataset import is now optional — no longer fails if pyarrow is installed without the dataset module.
• Thrown a reasonable error when an Arrow array stream has already been consumed.

Build & Packaging

• jemalloc enabled on Linux x86_64 only (aligned with DuckDB core), removed as a separately bundled extension.
• MSVC runtime linked statically on Windows — eliminates the VS2019 workaround from duckdb/duckdb#17991.

Commits

• b54a492 pin duckdb to 1.5.1
• 8c5da5b Restore basic support for spatial
• 2d909d2 [duckdb-labs bot] Bump DuckDB submodule (#389)
• 195b4eb Bump submodule
• bb47780 [duckdb-labs bot] Bump DuckDB submodule (#384)
• 8d3f345 Bump submodule
• 9bae5ef [duckdb-labs bot] Bump DuckDB submodule (#380)
• c6b4811 Bump submodule
• 7f49c59 Set MAIN_BRANCH_VERSIONING to False (#350)
• 87e7928 pin release
• Additional commits viewable in compare view

Updates parsl from 2026.2.23 to 2026.3.30

Commits

• 64aa5fd Create submit cmd scripts in the Provider's script_dir (#4084)
• See full diff in compare view

Updates botocore from 1.42.59 to 1.42.70

Commits

• bda7d02 Merge branch 'release-1.42.70'
• ac4a660 Bumping version to 1.42.70
• fbbd220 Update to latest models
• dac0d1b Merge branch 'release-1.42.69'
• 3470c1c Merge branch 'release-1.42.69' into develop
• 2194dd4 Bumping version to 1.42.69
• 4297aa3 Update endpoints model
• 0f9a20d Update to latest models
• 7a0027d Merge branch 'release-1.42.68'
• e8346e2 Merge branch 'release-1.42.68' into develop
• Additional commits viewable in compare view

Updates pytest-cov from 7.0.0 to 7.1.0

Changelog

Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)

• Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.

• Improve handling of ResourceWarning from sqlite3.

  The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.

  With this fix one can suppress ResourceWarning from sqlite3 from command line::

  pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

• Various improvements to documentation. Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and "vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>. Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.

• Fixed some assertions in tests. Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.

• Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

Commits

• 66c8a52 Bump version: 7.0.0 → 7.1.0
• f707662 Make the examples use pypy 3.11.
• 6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
• 8ebf20b Update changelog.
• 861d30e Remove the backup context manager - shouldn't be needed since coverage 5.0, ...
• fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
• 78c9c4e Only run the 3.9 on older deps.
• 4849a92 Punctuation.
• 197c35e Update changelog and hopefully I don't forget to publish release again :))
• 14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
• Additional commits viewable in compare view

Updates pillow from 12.1.1 to 12.2.0

Release notes

Sourced from pillow's releases.

12.2.0

https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html

Documentation

• Update 12.2.0 release notes #9522 [@​hugovk]
• Add loader plugins: AMOS abk, Atari Degas, 40+ more obscure formats via Netpbm #9482 [@​bitplane]
• Update Python versions #9515 [@​radarhere]
• Jeffrey A. Clark -> Jeffrey 'Alex' Clark #9513 [@​aclark4life]
• Add release notes for #9394, #9419 and #9456 #9467 [@​radarhere]
• Add Amiga Workbench .info loader to 3rd party plugins list #9459 [@​bitplane]
• Merge PFM documentation into PPM #9434 [@​radarhere]
• Update macOS tested Pillow versions #9431 [@​radarhere]
• Fix CVE number #9430 [@​hugovk]

Dependencies

• Update xz to 5.8.3 #9523 [@​radarhere]
• Update libjpeg-turbo to 3.1.4.1 #9507 [@​radarhere]
• Update libpng to 1.6.56 #9499 [@​radarhere]
• Update freetype to 2.14.3 #9485 [@​radarhere]
• Updated libavif to 1.4.1 #9479 [@​radarhere]
• Updated harfbuzz to 13.2.1 #9461 [@​radarhere]
• Update Ghostscript to 10.7.0 #9469 [@​radarhere]
• Update harfbuzz to 13.0.1 #9453 [@​radarhere]
• Update libavif to 1.4.0 #9460 [@​radarhere]
• Update freetype to 2.14.2 #9449 [@​radarhere]
• Update actions/download-artifact action to v8 #9451 [@renovate[bot]]
• Updated libpng to 1.6.55 #9425 [@​radarhere]

Testing

• Cleanup .spider extension in the same test where it is added #9517 [@​radarhere]
• Run tests in parallel via tox for 3.5x speedup #9516 [@​hugovk]
• Enable colour in CI logs #9486 [@​hugovk]
• Update Ghostscript to 10.7.0 #9469 [@​radarhere]
• Simplify TGA test code #9477 [@​radarhere]
• Update tests to check for ValueError when encoding an empty image #9464 [@​radarhere]
• Upgrade CI from macos-15-intel to macos-26-intel #9454 [@​hugovk]
• Add check-case-conflict hook #9446 [@​radarhere]
• Specify platform when pulling docker image #9440 [@​radarhere]
• GHA: Cache libavif and webp builds for Ubuntu #9437 [@​hugovk]
• Update macOS tested Pillow versions #9431 [@​radarhere]

Other changes

• Check calloc return value #9527 [@​radarhere]
• Check all allocs in the Arrow tree #9488 [@​wiredfool]
• Reject non-numeric elements inside list coords #9526 [@​hugovk]
• Move variable declaration inside define #9525 [@​radarhere]

... (truncated)

Commits

• 3c41c09 12.2.0 version bump
• cdaa29e Check calloc return value (#9527)
• 585b2f5 Check calloc return value
• ecf011e Check all allocs in the Arrow tree (#9488)
• cf6de8c Reject non-numeric elements inside list coords (#9526)
• ffdcede Update 12.2.0 release notes (#9522)
• 7929d77 Added security release notes (#149)
• c4f7aa5 Added security release notes
• 22cdb5f Move variable declaration inside define (#9525)
• fc15b3b Resize tall images vertically first (#9524)
• Additional commits viewable in compare view

Updates jupyterlab from 4.5.5 to 4.5.6

Release notes

Sourced from jupyterlab's releases.

v4.5.6

4.5.6

(Full Changelog)

Bugs fixed

• Replace scrollback implementation with scroll anchoring outside of full windowing mode #18522 (@​krassowski)
• Harmonize translation wrappers in Python files to use gettext methods #18597 (@​tmetzl)
• Remove unimplemented filebrowser:search command #18593 (@​krassowski)
• Fix status bar focus outlines #18585 (@​IsabelParedes)
• Fix filebrowser:create-new-file context menu selector #18588 (@​jtpio)
• Fix single-character code blocks rendering as empty #18572 (@​soniya-malviy)
• Hide code input in CodeConsole when configured #18554 (@​agriyakhetarpal)

Maintenance and upkeep improvements

• Update benchmark snapshots even if base snapshots require changes #18549 (@​krassowski)

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See our definition of contributors.

(GitHub contributors page for this release)

@​agriyakhetarpal (activity) | @​IsabelParedes (activity) | @​jtpio (activity) | @​krassowski (activity) | @​soniya-malviy (activity) | @​tmetzl (activity)

Commits

• e514705 [ci skip] Publish 4.5.6
• a6dda88 Backport PR #18522 on branch 4.5.x (Replace scrollback implementation with sc...
• 4a28719 Backport PR #18597 on branch 4.5.x (Harmonize translation wrappers in Python ...
• 1714c4a Backport PR #18593 on branch 4.5.x (Remove unimplemented filebrowser:search...
• 3624bbe Backport PR #18585 on branch 4.5.x (Fix status bar focus outlines) (#18590)
• bf99d9d Backport PR #18588 on branch 4.5.x (Fix filebrowser:create-new-file context...
• 5b6dee9 Backport PR #18572 on branch 4.5.x (Fix single-character code blocks renderin...
• da80d67 Backport PR #18554 on branch 4.5.x (Hide code input in CodeConsole when c...
• 5267a8c Backport PR #18549 on branch 4.5.x (Update benchmark snapshots even if base s...
• See full diff in compare view

Updates sphinxcontrib-mermaid from 2.0.0 to 2.0.1

Changelog

Sourced from sphinxcontrib-mermaid's changelog.

2.0.1 (March 5, 2026)

• Export runMermaid to window for hot reloading frontend
• Small fixes for docs publishing

Commits

• f9797db Merge pull request #235 from timkpaine/tkp/201
• 1c6d132 Bump to 2.0.1
• acf3c3d Update changelog
• c179510 Merge pull request #234 from gastmaier/global-mermaid-fix
• 8c4e3fe Export runMermaid to window
• e2bc280 Update release version to 2.0.0
• dd06e93 Merge pull request #232 from bkmgit/patch-3
• 4fe38f1 ExtensionError was moved from sphinx.util to sphinx.errors
• e246d62 Merge pull request #226 from cbueth/master
• 7eae2a2 Fix RST title-reference roles .title-ref
• Additional commits viewable in compare view

Updates myst-nb from 1.3.0 to 1.4.0

Release notes

Sourced from myst-nb's releases.

v1.4.0

What's Changed

• MAINT: post JB2 release fix by @​bsipocz in executablebooks/MyST-NB#700
• Fix dead link in error directive message by @​crespum in executablebooks/MyST-NB#703
• Improve theme integration by @​flying-sheep in executablebooks/MyST-NB#693
• Update infrastructure for new pythons and prep for latest sphinx by @​choldgraf in executablebooks/MyST-NB#706
• Remove upper pin for Sphinx (and adding newer sphinx and python version to CI testing) by @​bsipocz in executablebooks/MyST-NB#704
• MAINT: default branch got renamed by @​bsipocz in executablebooks/MyST-NB#711

New Contributors

• @​crespum made their first contribution in executablebooks/MyST-NB#703

Full Changelog: executablebooks/MyST-NB@v1.3.0...v1.4.0

Changelog

Sourced from myst-nb's changelog.

v1.4.0 - 2026-03-02

(full changelog)

What's Changed

• MAINT: post JB2 release fix by @​bsipocz in executablebooks/MyST-NB#700
• Fix dead link in error directive message by @​crespum in executablebooks/MyST-NB#703
• Improve theme integration by @​flying-sheep in executablebooks/MyST-NB#693
• Update infrastructure for new pythons and prep for latest sphinx by @​choldgraf in executablebooks/MyST-NB#706
• Remove upper pin for Sphinx (and adding newer sphinx and python version to CI testing) by @​bsipocz in executablebooks/MyST-NB#704
• MAINT: default branch got renamed by @​bsipocz in executablebooks/MyST-NB#711

New Contributors

• @​crespum made their first contribution in executablebooks/MyST-NB#703

Commits

• 7a32f74 Preparing for release v1.4.0
• 6199097 MAINT: default branch got renamed (#711)
• a0d0275 CI: testing python 3.14 and sphinx9 and docutils 0.22 (#704)
• 68352d6 [pre-commit.ci] pre-commit autoupdate (#710)
• d7012c4 [pre-commit.ci] pre-commit autoupdate (#708)
• 4f4096d Update infrastructure for new pythons and prep for latest sphinx (#706)
• 5e06ea0 [pre-commit.ci] pre-commit autoupdate (#707)
• 49e01eb Improve theme integration (#693)
• 531af65 Fix dead link (#703)
• 8f5a1e7 [pre-commit.ci] pre-commit autoupdate (#702)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions