Skip to content

chore(deps): bump the elt-common-dependencies group across 1 directory with 13 updates#293

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/uv/elt-common/elt-common-dependencies-8d8b59fcfd
Open

chore(deps): bump the elt-common-dependencies group across 1 directory with 13 updates#293
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/uv/elt-common/elt-common-dependencies-8d8b59fcfd

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 28, 2026

Updates the requirements on dlt[parquet,s3], pyiceberg[pyiceberg-core], s3fs, click, sqlalchemy, pydantic-settings, authlib, prek, pytest, pytest-httpx, requests, ruff and setuptools to permit the latest version.
Updates dlt[parquet,s3] to 1.25.0

Release notes

Sourced from dlt[parquet,s3]'s releases.

1.25.0

dlt 1.25.0 Release Notes

Breaking Changes

  1. Multischema datasets (#3770 @​burnash) — Datasets can now hold multiple schemas. The main benefit is to be able to see tables from all source in multi-source pipelines. This is a new default behavior. Users can pass a list of schemas to dataset() method and still go back to single-schema dataset by providing pipeline.default_schema when creating dataset.

Highlights

  • lance destination (#3810 @​jorritsandbrink) — New destination for the Lance table format with optional vector embedding generation via lancedb. Supports local storage and s3/az/gs, uses the Lance Directory Namespace V2 spec, and supports branching. Complements the existing lancedb destination (which targets LanceDB Cloud).
  • Multischema datasets (#3770 @​burnash) — See Breaking Changes above. Enables sidecar schemas (e.g. data-quality quarantine tables) to live alongside the primary schema in a single dataset.
  • Improved progress and load metrics (#3768 @​rudolfix) — Load metrics now persist across restarts, normalizer metrics are updated via update files, and the follow-up job graph is saved into the trace. Closes the long-standing #853.

Core Library

  • lance destination (#3810 @​jorritsandbrink) — See Highlights.
  • Multischema datasets (#3770 @​burnash) — See Highlights.
  • Improved progress and load metrics (#3768 @​rudolfix) — See Highlights.
  • ducklake: metadata_schema ATTACH option (#3763 @​sangwookWoo) — Adds metadata_schema to DuckLakeCredentials so the DuckLake metadata schema can be configured independently from ducklake_name.
  • Fix: preserve credential chain in AWS credentials (#3798 @​rudolfix) — Default credential mixing applied correctly, STS scoped to Databricks only. Closes #3115.
  • Fix: replay state transitions after crash (#3767 @​rudolfix) — Writes a pending state-transition marker right after the DB commit so an interrupted load no longer leaves the load package in an inconsistent state.
  • Fix: create all eligible tables on staging dataset (#3765 @​rudolfix) — Closes #2862.
  • Fix: normalize pool workers skip __main__ in orchestrators (#3784 @​rudolfix) — Closes #3586.
  • Fix(clickhouse): lightweight DELETE for single-table merge (#3783 @​rudolfix) — Removes the _dlt_id requirement when merging arrow tables without nested tables on ClickHouse.
  • Fix(clickhouse): pass aws_session_token to staging s3() table function (#3769 @​anuunchin) — Temporary AWS credentials now work for ClickHouse staging.
  • Fix: avoid leaking PUA markers in nested fields (#3760 @​serl) — Fixes Pydantic nested-model PUA-marker leak. Closes #3755.
  • Fix: deepcopy paginator in child resource (#3779 @​anuunchin) — Prevents paginator state corruption across child-resource invocations. Closes #3772.
  • Fix: honor explicit non-utf8 encoding in filesystem read_csv (#3743 @​biefan) — File is opened with the requested encoding so SFTP/paramiko stacks no longer pre-decode as UTF-8.
  • Fix: don't filter out trace steps with exceptions (#3843 @​anuunchin) — trace.asdict() now retains pipelines that fail in the sync step before extract.
  • Fix: check duckdb version when installing lance extension (#3773 @​zilto) — Handles the lance extension promotion to built-in in duckdb 1.5.
  • Fix: transient Windows file-lock PermissionError in rename_tree (#3853 @​burnash) — Resolves intermittent Windows CI failures during normalize→loaded rename.
  • Fix: deprecation warnings across supported package versions (#3831 @​anuunchin) — Closes #3785, #3807, #3787, #3794.

Docs

  • Cookbook section (#3860 @​zilto) — Tested examples moved to a dedicated top-level tab; dlt tab added for navigation back; UI cleanups.
  • Same-domain docs button (#3859 @​zilto) — Avoids full page reload when navigating.
  • Explore-and-transform page (#3782 @​hibajamal) — New page covering data-exploration and transformations workbench toolkits.
  • Expand handover-to-other-toolkits section (#3737 @​njaltran) — Expands data-exploration toolkit coverage in llm-native-workflow.md.
  • Add EAI instructions (#3803 @​kaliole)
  • Update name to dlt Connector App (#3857 @​kaliole) — Snowflake Native App docs renamed.
  • Update source count to 8,000+ (#3830 @​Pawansingh3889) — Closes #3761.
  • Rename dltHub Basic tier to dltHub Pro (#3795 @​elviskahoro)
  • Fix outdated hf login command (#3781 @​julien-c)

Chores

... (truncated)

Commits

Updates pyiceberg[pyiceberg-core] to 0.11.1

Release notes

Sourced from pyiceberg[pyiceberg-core]'s releases.

pyiceberg-0.11.1

What's Changed

Full Changelog: apache/iceberg-python@pyiceberg-0.11.0...pyiceberg-0.11.1

Commits
  • 8dee48a Fix SSL deactivation using catalog properties (#3012)
  • f718209 fix: Extract ADLS account_name from URI hostname in FsspecFileIO (#3005)
  • 97f2d46 bump to 0.11.1
  • c1ac231 fix: add Field alias for SetPartitionStatisticsUpdate (#3035)
  • 62c909b fix: Accept all valid http method for IRC's ConfigResponse (#3010)
  • See full diff in compare view

Updates s3fs from 2026.2.0 to 2026.3.0

Commits

Updates click from 8.3.1 to 8.3.2

Release notes

Sourced from click's releases.

8.3.2

This is the Click 8.3.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.3.2/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-2 Milestone: https://github.com/pallets/click/milestone/29

  • Fix handling of flag_value when is_flag=False to allow such options to be used without an explicit value. #3084 #3152
  • Hide Sentinel.UNSET values as None when using lookup_default(). #3136 #3199 #3202 #3209 #3212 #3224
  • Prevent _NamedTextIOWrapper from closing streams owned by StreamMixer. #824 #2991 #2993 #3110 #3139 #3140
  • Add comprehensive tests for CliRunner stream lifecycle, covering logging interaction, multi-threaded safety, and sequential invocation isolation. Add high-iteration stress tests behind a stress marker with a dedicated CI job. #3139
  • Fix callable flag_value being instantiated when used as a default via default=True. #3121 #3201 #3213 #3225
Changelog

Sourced from click's changelog.

Version 8.3.2

Released 2026-04-02

  • Fix handling of flag_value when is_flag=False to allow such options to be used without an explicit value. :issue:3084 :pr:3152
  • Hide Sentinel.UNSET values as None when using lookup_default(). :issue:3136 :pr:3199 :pr:3202 :pr:3209 :pr:3212 :pr:3224
  • Prevent _NamedTextIOWrapper from closing streams owned by StreamMixer. :issue:824 :issue:2991 :issue:2993 :issue:3110 :pr:3139 :pr:3140
  • Add comprehensive tests for CliRunner stream lifecycle, covering logging interaction, multi-threaded safety, and sequential invocation isolation. Add high-iteration stress tests behind a stress marker with a dedicated CI job. :pr:3139
  • Fix callable flag_value being instantiated when used as a default via default=True. :issue:3121 :pr:3201 :pr:3213 :pr:3225
Commits

Updates sqlalchemy from 2.0.48 to 2.0.49

Release notes

Sourced from sqlalchemy's releases.

2.0.49

Released: April 3, 2026

orm

  • [orm] [bug] Fixed issue where _orm.Session.get() would bypass the identity map and emit unnecessary SQL when with_for_update=False was passed, rather than treating it equivalently to the default of None. Pull request courtesy of Joshua Swanson.

    References: #13176

  • [orm] [bug] Fixed issue where chained _orm.joinedload() options would not be applied correctly when the final relationship in the chain is declared on a base mapper and accessed through a subclass mapper in a _orm.with_polymorphic() query. The path registry now correctly computes the natural path when a property declared on a base class is accessed through a path containing a subclass mapper, ensuring the loader option can be located during query compilation.

    References: #13193

  • [orm] [bug] [inheritance] Fixed issue where using _orm.Load.options() to apply a chained loader option such as _orm.joinedload() or _orm.selectinload() with _orm.PropComparator.of_type() for a polymorphic relationship would not generate the necessary clauses for the polymorphic subclasses. The polymorphic loading strategy is now correctly propagated when using a call such as joinedload(A.b).options(joinedload(B.c.of_type(poly))) to match the behavior of direct chaining e.g. joinedload(A.b).joinedload(B.c.of_type(poly)).

    References: #13202

  • [orm] [bug] [inheritance] Fixed issue where using chained loader options such as _orm.selectinload() after _orm.joinedload() with _orm.PropComparator.of_type() for a polymorphic relationship would not properly apply the chained loader option. The loader option is now correctly applied when using a call such as joinedload(A.b.of_type(poly)).selectinload(poly.SubClass.c) to eagerly load related objects.

    References: #13209

typing

  • [typing] [bug] Fixed a typing issue where the typed members of :data:.func would return the appropriate class of the same name, however this creates an issue for

... (truncated)

Commits

Updates pydantic-settings from 2.13.1 to 2.14.0

Release notes

Sourced from pydantic-settings's releases.

v2.14.0

What's Changed

New Contributors

Full Changelog: pydantic/pydantic-settings@v2.13.1...v2.14.0

Commits
  • 8916bee Prepare release 2.14.0 (#848)
  • 39e551c Fix CLI descriptions lost under python -OO by falling back to `json_schema_...
  • 9ed7f48 Bump the python-packages group with 4 updates (#847)
  • 617c690 Fix cli_ignore_unknown_args=True not working on subcommands (#844)
  • 577c05f Add note about Mypy plugin for BaseSettings.__init__() (#842)
  • 2355bc5 Fix CliPositionalArg[list[CustomType]] crash for custom types (#839)
  • 16bd6fd Introduce zizmor (#838)
  • df8b239 Bump boto3 from 1.42.82 to 1.42.83 in the python-packages group (#837)
  • c5401a2 Introduce yamlfmt (#836)
  • 953e28e Bump the python-packages group with 3 updates (#833)
  • Additional commits viewable in compare view

Updates authlib from 1.6.9 to 1.7.0

Release notes

Sourced from authlib's releases.

v1.7.0

What's Changed

New Contributors

Full Changelog: authlib/authlib@v1.6.10...v1.7.0

v1.6.11

Full Changelog: authlib/authlib@v1.6.10...v1.6.11

  • Fix CSRF issue with starlette client

v1.6.10

Full Changelog: authlib/authlib@v1.6.9...v1.6.10

  • Fix redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError.
Commits
  • 5d2e603 chore: release 1.7.0
  • 767f08b fix: CSRF issue with starlette client
  • e9aaef3 Merge pull request #877 from authlib/merge/1.6
  • 3c8ec9a Merge branch 'main' into merge/1.6
  • ef09aeb chore: release 1.6.10
  • 3be0846 fix: redirecting to unvalidated redirect_uri on UnsupportedResponseTypeError
  • 4cf6f97 Merge pull request #876 from guillett/patch-1
  • 23f67b4 Update README.md docs.authlib.org/en/latest => docs.authlib.org/en/stable
  • 1040163 chore: prek autoupdate
  • 491209f Merge pull request #875 from azmeuk/doc
  • Additional commits viewable in compare view

Updates prek from 0.3.8 to 0.3.9

Release notes

Sourced from prek's releases.

0.3.9

Release Notes

Released on 2026-04-13.

Highlight

prek auto-update is now stricter about pinned revisions and more useful in CI. It now keeps rev and # frozen: comments in sync, can detect impostor commits when validating pinned SHAs, and lets you use prek auto-update --check to fail on both available updates and frozen-ref mismatches without rewriting the config.

Examples:

$ prek auto-update
# updates revs and repairs stale `# frozen:` comments
$ prek auto-update --freeze
writes frozen SHAs with matching # frozen: <tag> comments
$ prek auto-update --check
exits non-zero when updates are available, a # frozen: comment is stale,
or a pinned SHA does not belong to the fetched upstream refs

Enhancements

  • Check and sync frozen comments during auto-update (#1896)
  • Handle impostor commits in auto-update (#1919)
  • Add experimental language: dotnet support (#1871)
  • Honor repo and worktree core.hooksPath (#1892)
  • Add prek run --no-fail-fast to override config file (#1859)
  • Add forbid-new-submodules as builtin hook (#1853)
  • Clean stale patch files in cache gc (#1877)
  • Display auto-update results by config entry (#1922)
  • Restrict patch directory permissions (#1876)
  • Show tag names in auto-update --freeze output (#1916)
  • Use a bitset for hook stages (#1860)

Bug fixes

  • Canonicalize CWD and GIT_ROOT paths (#1878)
  • Ensure quotes are added for non-string revisions in auto-update (#1936)

Documentation

  • Update docs for case of hooks modifying files with a non-zero exit code (#1879)

... (truncated)

Changelog

Sourced from prek's changelog.

0.3.9

Released on 2026-04-13.

Highlight

prek auto-update is now stricter about pinned revisions and more useful in CI. It now keeps rev and # frozen: comments in sync, can detect impostor commits when validating pinned SHAs, and lets you use prek auto-update --check to fail on both available updates and frozen-ref mismatches without rewriting the config.

Examples:

$ prek auto-update
# updates revs and repairs stale `# frozen:` comments
$ prek auto-update --freeze
writes frozen SHAs with matching # frozen: <tag> comments
$ prek auto-update --check
exits non-zero when updates are available, a # frozen: comment is stale,
or a pinned SHA does not belong to the fetched upstream refs

Enhancements

  • Check and sync frozen comments during auto-update (#1896)
  • Handle impostor commits in auto-update (#1919)
  • Add experimental language: dotnet support (#1871)
  • Honor repo and worktree core.hooksPath (#1892)
  • Add prek run --no-fail-fast to override config file (#1859)
  • Add forbid-new-submodules as builtin hook (#1853)
  • Clean stale patch files in cache gc (#1877)
  • Display auto-update results by config entry (#1922)
  • Restrict patch directory permissions (#1876)
  • Show tag names in auto-update --freeze output (#1916)
  • Use a bitset for hook stages (#1860)

Bug fixes

  • Canonicalize CWD and GIT_ROOT paths (#1878)
  • Ensure quotes are added for non-string revisions in auto-update (#1936)

Documentation

  • Update docs for case of hooks modifying files with a non-zero exit code (#1879)

Contributors

... (truncated)

Commits

Updates pytest from 9.0.2 to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

  • #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

  • #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

    Previously this resulted in an internal assertion failure during plugin loading.

    Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

  • #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

  • #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

  • #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

  • #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
  • #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
  • #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
  • #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

  • #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

    -- by aleguy02

Commits

Updates pytest-httpx from 0.36.0 to 0.36.2

Release notes

Sourced from pytest-httpx's releases.

0.36.2 (2026-04-09)

Fixed

  • Document how to ignore query parameters while matching on URL.
Changelog

Sourced from pytest-httpx's changelog.

[0.36.2] - 2026-04-09

Fixed

  • Document how to ignore query parameters while matching on URL.
Commits

@dependabot
chore(deps): bump the elt-common-dependencies group across 1 director…
ca6a2be 
…y with 13 updates

Updates the requirements on [dlt[parquet,s3]](https://github.com/dlt-hub/dlt), [pyiceberg[pyiceberg-core]](https://github.com/apache/iceberg-python), [s3fs](https://github.com/fsspec/s3fs), [click](https://github.com/pallets/click), [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy), [pydantic-settings](https://github.com/pydantic/pydantic-settings), [authlib](https://github.com/authlib/authlib), [prek](https://github.com/j178/prek), [pytest](https://github.com/pytest-dev/pytest), [pytest-httpx](https://github.com/Colin-b/pytest_httpx), [requests](https://github.com/psf/requests), [ruff](https://github.com/astral-sh/ruff) and [setuptools](https://github.com/pypa/setuptools) to permit the latest version.

Updates `dlt[parquet,s3]` to 1.25.0
- [Release notes](https://github.com/dlt-hub/dlt/releases)
- [Commits](dlt-hub/dlt@1.20.0...1.25.0)

Updates `pyiceberg[pyiceberg-core]` to 0.11.1
- [Release notes](https://github.com/apache/iceberg-python/releases)
- [Commits](apache/iceberg-python@pyiceberg-0.11.0...pyiceberg-0.11.1)

Updates `s3fs` from 2026.2.0 to 2026.3.0
- [Changelog](https://github.com/fsspec/s3fs/blob/main/release-procedure.md)
- [Commits](fsspec/s3fs@2026.2.0...2026.3.0)

Updates `click` from 8.3.1 to 8.3.2
- [Release notes](https://github.com/pallets/click/releases)
- [Changelog](https://github.com/pallets/click/blob/main/CHANGES.rst)
- [Commits](pallets/click@8.3.1...8.3.2)

Updates `sqlalchemy` from 2.0.48 to 2.0.49
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

Updates `pydantic-settings` from 2.13.1 to 2.14.0
- [Release notes](https://github.com/pydantic/pydantic-settings/releases)
- [Commits](pydantic/pydantic-settings@v2.13.1...v2.14.0)

Updates `authlib` from 1.6.9 to 1.7.0
- [Release notes](https://github.com/authlib/authlib/releases)
- [Commits](authlib/authlib@v1.6.9...v1.7.0)

Updates `prek` from 0.3.8 to 0.3.9
- [Release notes](https://github.com/j178/prek/releases)
- [Changelog](https://github.com/j178/prek/blob/master/CHANGELOG.md)
- [Commits](j178/prek@v0.3.8...v0.3.9)

Updates `pytest` from 9.0.2 to 9.0.3
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.0.2...9.0.3)

Updates `pytest-httpx` from 0.36.0 to 0.36.2
- [Release notes](https://github.com/Colin-b/pytest_httpx/releases)
- [Changelog](https://github.com/Colin-b/pytest_httpx/blob/develop/CHANGELOG.md)
- [Commits](Colin-b/pytest_httpx@v0.36.0...0.36.2)

Updates `requests` from 2.33.0 to 2.33.1
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.33.0...v2.33.1)

Updates `ruff` from 0.15.7 to 0.15.11
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.7...0.15.11)

Updates `setuptools` from 80.9.0 to 82.0.1
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](pypa/setuptools@v80.9.0...v82.0.1)

---
updated-dependencies:
- dependency-name: dlt[parquet,s3]
  dependency-version: 1.25.0
  dependency-type: direct:production
  dependency-group: elt-common-dependencies
- dependency-name: pyiceberg[pyiceberg-core]
  dependency-version: 0.11.1
  dependency-type: direct:production
  dependency-group: elt-common-dependencies
- dependency-name: s3fs
  dependency-version: 2026.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: elt-common-dependencies
- dependency-name: click
  dependency-version: 8.3.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: elt-common-dependencies
- dependency-name: sqlalchemy
  dependency-version: 2.0.49
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: elt-common-dependencies
- dependency-name: pydantic-settings
  dependency-version: 2.14.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: elt-common-dependencies
- dependency-name: authlib
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: elt-common-dependencies
- dependency-name: prek
  dependency-version: 0.3.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: elt-common-dependencies
- dependency-name: pytest
  dependency-version: 9.0.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: elt-common-dependencies
- dependency-name: pytest-httpx
  dependency-version: 0.36.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: elt-common-dependencies
- dependency-name: requests
  dependency-version: 2.33.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: elt-common-dependencies
- dependency-name: ruff
  dependency-version: 0.15.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: elt-common-dependencies
- dependency-name: setuptools
  dependency-version: 82.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: elt-common-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Apr 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants