[Tech] Bump the non-major-dependencies group across 1 directory with 8 updates

[dependabot]

Bumps the non-major-dependencies group with 8 updates in the /datascience directory:

Package	From	To
pandas	2.2.2	2.2.3
black	24.4.2	24.10.0
coverage	7.5.1	7.6.4
simplejson	3.19.2	3.19.3
geoalchemy2	0.14.7	0.16.0
rtree	1.2.0	1.3.0
pytest	8.2.1	8.3.3
css-inline	0.11.2	0.14.3

Updates pandas from 2.2.2 to 2.2.3

Release notes

Sourced from pandas's releases.

Pandas 2.2.3

We are pleased to announce the release of pandas 2.2.3. This release includes some new features, bug fixes, and performance improvements. We recommend that all users upgrade to this version.

See the full whatsnew for a list of all the changes. Pandas 2.2.3 supports Python 3.9 and higher.

The release will be available on the defaults and conda-forge channels:

conda install pandas

Or via PyPI:

python3 -m pip install --upgrade pandas

Please report any issues with the release on the pandas issue tracker.

Thanks to all the contributors who made this release possible.

Commits

• 0691c5c RLS: 2.2.3
• 658dfdd relax cython bound
• 6891e90 Backport PR #59847: BLD: Build wheels for Python 3.13 on aarch64 as well
• f108468 RLS: 2.2.3
• 6958738 Backport PR #59840: BLD: Final release prep for 2.2.3 (#59842)
• 0bd98fe Backport PR #59136 on branch 2.2.x (Upload 3.13 & free-threaded nightly wheel...
• 8d67e77 Backport PR #59836 on branch 2.2.x (BLD: Fix bad Cython annotation) (#59837)
• f7b6378 Assorted backports for 2.2.x (#59785)
• 2127b42 Backport #59144 on 2.2.x / 2.3.x (remove ops div class to solve #2137) (#59535)
• 4a20adb Backport PR #59813 on branch 2.2.x (CI: Debug failing ARM builds) (#59828)
• Additional commits viewable in compare view

Updates black from 24.4.2 to 24.10.0

Release notes

Sourced from black's releases.

24.10.0

Highlights

• Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
• Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
• Black no longer supports running with Python 3.8 (#4452)

Stable style

• Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
• Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

• Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

• Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

• Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
• blackd now requires a newer version of aiohttp. (#4451)

Output

• Added Python target version information on parse error (#4378)
• Add information about Black version to internal error messages (#4457)

24.8.0

Stable style

• Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

• Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

• Fix regression where Black failed to parse a multiline f-string containing another multiline string (#4339)

... (truncated)

Changelog

Sourced from black's changelog.

24.10.0

Highlights

• Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
• Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
• Black no longer supports running with Python 3.8 (#4452)

Stable style

• Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
• Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

• Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

• Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

• Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
• blackd now requires a newer version of aiohttp. (#4451)

Output

• Added Python target version information on parse error (#4378)
• Add information about Black version to internal error messages (#4457)

24.8.0

Stable style

• Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

• Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

• Fix regression where Black failed to parse a multiline f-string containing another

... (truncated)

Commits

• 1b2427a Prepare release 24.10.0 (#4471)
• a22b1eb Add mypyc 3.13 wheel build (#4449)
• b7d0e72 Bump AndreMiras/coveralls-python-action from 65c1672f0b8a201702d86c81b79187df...
• f1a2f92 Include --unstable in cache key (#4466)
• 8d9d18c Fix skipping Jupyter cells with unknown %% magic (#4462)
• bbfdba3 Fix docs CI: use venv for uv to fix 'failed to create directory' (#4460)
• 8fb2add Use builtin generics (#4458)
• 2a45cec Fix crashes with comments in parentheses (#4453)
• b4d6d86 Drop Python 3.8 support (#4452)
• ac018c1 Require newer aiohttp for blackd (#4451)
• Additional commits viewable in compare view

Updates coverage from 7.5.1 to 7.6.4

Changelog

Sourced from coverage's changelog.

Version 7.6.4 — 2024-10-20

• fix: multi-line with statements could cause contained branches to be incorrectly marked as missing (issue 1880_). This is now fixed.

.. _issue 1880: nedbat/coveragepy#1880

.. _changes_7-6-3:

Version 7.6.3 — 2024-10-13

• Fix: nested context managers could incorrectly be analyzed to flag a missing branch on the last context manager, as described in issue 1876_. This is now fixed.

• Fix: the missing branch message about not exiting a module had an extra "didn't," as described in issue 1873_. This is now fixed.

.. _issue 1873: nedbat/coveragepy#1873 .. _issue 1876: nedbat/coveragepy#1876

.. _changes_7-6-2:

Version 7.6.2 — 2024-10-09

• Dropped support for Python 3.8 and PyPy 3.8.

• Fix: a final wildcard match/case clause assigning to a name (case _ as value) was incorrectly marked as a missing branch. This is now fixed, closing issue 1860_.

• Fewer things are considered branches now. Lambdas, comprehensions, and generator expressions are no longer marked as missing branches if they don't complete execution. Closes issue 1852_.

• Fix: the HTML report didn't properly show multi-line f-strings that end with a backslash continuation. This is now fixed, closing issue 1836, thanks to LiuYinCarl and Marco Ricci <pull 1838_>.

• Fix: the LCOV report now has correct line numbers (fixing issue 1846) and better branch descriptions for BRDA records (fixing issue 1850). There are other changes to lcov also, including a new configuration option :ref:line_checksums <config_lcov_line_checksums> to control whether line checksums are included in the lcov report. The default is false. To keep checksums set it to true. All this work is thanks to Zack Weinberg

... (truncated)

Commits

• f24f76b docs: sample HTML for 7.6.4
• 96e10f7 docs: prep for 7.6.4
• b8c236a fix: multi-line with-statements exit correctly. #1880
• 64b7a45 docs: another discord reference
• 68d7427 docs: Python Discord
• 43adcea build: include 3.14 in the usual Pythons
• fb2b49f build: github_releases can update older releases, and pauses to get the sorti...
• ca550ca 3.0b2 wasn't correctly titled
• debcc77 build: bump version
• 342a4cb docs: sample HTML for 7.6.3
• Additional commits viewable in compare view

Updates simplejson from 3.19.2 to 3.19.3

Release notes

Sourced from simplejson's releases.

v3.19.3

Version 3.19.3 released 2024-08-14

• Updated test & build matrix to include Python 3.13. Dropped wheel support for Python 2.7 on macOS. simplejson/simplejson#326

Changelog

Sourced from simplejson's changelog.

Version 3.19.3 released 2024-08-14

• Updated test & build matrix to include Python 3.13. Dropped wheel support for Python 2.7 on macOS. simplejson/simplejson#326

Version 3.19.2 released 2023-10-05

• Updated test & build matrix to include Python 3.12 and use GitHub Actions as a Trusted Publisher (OIDC) simplejson/simplejson#317

Version 3.19.1 released 2023-04-06

• This release contains security hardening measures based on recommendations by a security audit sponsored by OSTIF and conducted by X41 D-Sec GmbH. Several of these measures include changing defaults to be more strict, by default simplejson will now only consume and produce compliant JSON, but the flags still exist for any backwards compatibility needs. No high priority issues were discovered, the reference count leak is thought to be unreachable since the digits of the float are checked before PyOS_string_to_double is called. A link to the public version of this report will be included in a future release of simplejson. The following fixes were implemented in one PR: simplejson/simplejson#313
• Fix invalid handling of unicode escape sequences in the pure Python implementation of the decoder (SJ-PT-23-01)
• Fix missing reference count decrease if PyOS_string_to_double raises an exception in Python 2.x; was probably unreachable (SJ-PT-23-02)
• Backport the integer string length limitation from Python 3.11 to limit quadratic number parsing (SJ-PT-23-03)
• Fix inconsistencies with error messages between the C and Python implementations (SJ-PT-23-100)
• Remove unused unichr import from encoder (SJ-PT-23-101)
• Remove unused namedtuple_as_object and tuple_as_array arguments from simplejson.load (SJ-PT-23-102)
• Remove vestigial _one_shot code from iterencode (SJ-PT-23-103)
• Change default of allow_nan from True to False and add allow_nan to decoder (SJ-PT-23-107)

Version 3.18.4 released 2023-03-14

• Test the sdist to prevent future regressions simplejson/simplejson#311
• Enable ppc64le wheels simplejson/simplejson#312

Version 3.18.3 released 2023-02-05

• Fix regression in sdist archive

... (truncated)

Commits

• 6932004 v3.19.3
• c96227a Merge pull request #326 from edgarrmondragon/cp313
• 6900b4b Build 2.7 wheels only for Linux
• 0e1c842 Updated test & build matrix to include Python 3.13
• 2d759f4 Merge pull request #319 from SmartHypercube-fork/master
• 728c010 Remove the note mentioning YAML
• See full diff in compare view

Updates geoalchemy2 from 0.14.7 to 0.16.0

Release notes

Sourced from geoalchemy2's releases.

0.16.0

What's Changed

• Improve MariaDB support by @​adrien-berchet in geoalchemy/geoalchemy2#524
• Add option to ensure all dialects are properly tested in CI by @​adrien-berchet in geoalchemy/geoalchemy2#526
• Test: Add test in test_functional.py for custom Geometry that uses WKT elements by @​adrien-berchet in geoalchemy/geoalchemy2#525
• Release: 0.16.0 by @​adrien-berchet in geoalchemy/geoalchemy2#527

Full Changelog: geoalchemy/geoalchemy2@0.15.2...0.16.0

0.15.2

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in geoalchemy/geoalchemy2#514
• Fix: Can handle negative coordinates with Spatialite by @​adrien-berchet in geoalchemy/geoalchemy2#517
• Release: 0.15.2 by @​adrien-berchet in geoalchemy/geoalchemy2#518

Full Changelog: geoalchemy/geoalchemy2@0.15.1...0.15.2

0.15.1

What's Changed

• Test: Dispose of the connection pools of the test engines by @​adrien-berchet in geoalchemy/geoalchemy2#511
• Fix: Default SRID is bypassed when using floating point coordinates. by @​aballet in geoalchemy/geoalchemy2#509
• Release: 0.15.1 by @​adrien-berchet in geoalchemy/geoalchemy2#512

New Contributors

• @​aballet made their first contribution in geoalchemy/geoalchemy2#509

Full Changelog: geoalchemy/geoalchemy2@0.15.0...0.15.1

0.15.0

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in geoalchemy/geoalchemy2#503
• Specific process for geometries with Z or M coordinate with SpatiaLite dialect by @​sdp5 in geoalchemy/geoalchemy2#506
• Chore: Fix type hints on stubs by @​adrien-berchet in geoalchemy/geoalchemy2#504
• Release: 0.15.0 by @​adrien-berchet in geoalchemy/geoalchemy2#507

New Contributors

• @​pre-commit-ci made their first contribution in geoalchemy/geoalchemy2#503
• @​sdp5 made their first contribution in geoalchemy/geoalchemy2#506

Full Changelog: geoalchemy/geoalchemy2@0.14.7...0.15.0

Changelog

Sourced from geoalchemy2's changelog.

0.16.0

• Test: Add test in test_functional.py for custom Geometry that uses WKT elements @​adrien-berchet (#525)
• Add option to ensure all dialects are properly tested in CI @​adrien-berchet (#526)
• Improve MariaDB support @​adrien-berchet (#524)

0.15.2

• Fix: Can handle negative coordinates with Spatialite @​adrien-berchet (#517)

0.15.1

• Fix: Default SRID is bypassed when using floating point coordinates @​aballet (#509)
• Test: Dispose of the connection pools of the test engines @​adrien-berchet (#511)

0.15.0

• Specific process for geometries with Z or M coordinate with SpatiaLite dialect @​spd5 (#506)
• Chore: Fix type hints on stubs @​adrien-berchet (#504)

Commits

• b51dc36 Release: 0.16.0 (#527)
• 27712ca Test: Add test in test_functional.py for custom Geometry that uses WKT elemen...
• b319a15 Add option to ensure all dialects are properly tested in CI (#526)
• f93cf5a Improve MariaDB support (#524)
• 4a5887a Release: 0.15.2 (#518)
• f32331b Fix: Can handle negative coordinates with Spatialite (#517)
• 8b7a2b1 [pre-commit.ci] pre-commit autoupdate (#514)
• 653d670 Release: 0.15.1 (#512)
• 344cb24 Fix: Default SRID is bypassed when using floating point coordinates (#509)
• 11dadb4 Test: Dispose of the connection pools of the test engines (#511)
• Additional commits viewable in compare view

Updates rtree from 1.2.0 to 1.3.0

Release notes

Sourced from rtree's releases.

1.3.0

• Upgrade binary wheels with libspatialindex-2.0.0 (#316)
• Fix binary wheels for musllinux (#316)
• Update code style, replace isort and black with ruff, modern numpy rng (#319)
• Remove libsidx version testing (#313)

Changelog

Sourced from rtree's changelog.

1.3.0: 2024-07-10

• Upgrade binary wheels with libspatialindex-2.0.0 (:PR:316)
• Fix binary wheels for musllinux wheels (:PR:316)
• Update code style, replace isort and black with ruff, modern numpy rng (:PR:319)
• Remove libsidx version testing (:PR:313)

Commits

• cffb52e Release 1.3.0 (#320)
• 86d4e28 CI/RLS: upgrade to libspatialindex-2.0.0 (#316)
• bb9925a Update code style, replace isort and black with ruff, modern numpy rng (#319)
• 1b81733 Bump pypa/cibuildwheel from 2.19.1 to 2.19.2 (#318)
• ffd63b5 Merge pull request #317 from Toblerity/dependabot/github_actions/pypa/cibuild...
• c121c66 Bump pypa/cibuildwheel from 2.18.1 to 2.19.1
• 6248b6f Merge pull request #314 from Toblerity/dependabot/github_actions/pypa/cibuild...
• 3f2605b Bump pypa/cibuildwheel from 2.18.0 to 2.18.1
• 9a08ab9 drop version testing. not valuable (#313)
• d91f409 Merge pull request #310 from Toblerity/dependabot/github_actions/pypa/cibuild...
• Additional commits viewable in compare view

Updates pytest from 8.2.1 to 8.3.3

Release notes

Sourced from pytest's releases.

8.3.3

pytest 8.3.3 (2024-09-09)

Bug fixes

• #12446: Avoid calling @property (and other instance descriptors) during fixture discovery -- by asottile{.interpreted-text role="user"}

• #12659: Fixed the issue of not displaying assertion failure differences when using the parameter --import-mode=importlib in pytest>=8.1.

• #12667: Fixed a regression where type change in [ExceptionInfo.errisinstance]{.title-ref} caused [mypy]{.title-ref} to fail.

• #12744: Fixed typing compatibility with Python 3.9 or less -- replaced [typing.Self]{.title-ref} with [typing_extensions.Self]{.title-ref} -- by Avasam{.interpreted-text role="user"}

• #12745: Fixed an issue with backslashes being incorrectly converted in nodeid paths on Windows, ensuring consistent path handling across environments.

• #6682: Fixed bug where the verbosity levels where not being respected when printing the "msg" part of failed assertion (as in assert condition, msg).

• #9422: Fix bug where disabling the terminal plugin via -p no:terminal would cause crashes related to missing the verbose option.

  -- by GTowers1{.interpreted-text role="user"}

Improved documentation

• #12663: Clarify that the [pytest_deselected]{.title-ref} hook should be called from [pytest_collection_modifyitems]{.title-ref} hook implementations when items are deselected.
• #12678: Remove erroneous quotes from [tmp_path_retention_policy]{.title-ref} example in docs.

Miscellaneous internal changes

• #12769: Fix typos discovered by codespell and add codespell to pre-commit hooks.

8.3.2

pytest 8.3.2 (2024-07-24)

Bug fixes

• #12652: Resolve regression [conda]{.title-ref} environments where no longer being automatically detected.

  -- by RonnyPfannschmidt{.interpreted-text role="user"}

8.3.1

pytest 8.3.1 (2024-07-20)

The 8.3.0 release failed to include the change notes and docs for the release. This patch release remedies this. There are no other changes.

... (truncated)

Commits

• d0f136f build(deps): Bump pypa/gh-action-pypi-publish from 1.10.0 to 1.10.1 (#12790)
• 972f307 Prepare release version 8.3.3
• 0dabdcf Include co-authors in release announcement (#12795) (#12797)
• a9910a4 Do not discover properties when iterating fixtures (#12781) (#12788)
• 0f10b6b Fix issue with slashes being turned into backslashes on Windows (#12760) (#12...
• 300d13d Merge pull request #12785 from pytest-dev/patchback/backports/8.3.x/57cccf7f4...
• e5d32c7 Merge pull request #12784 from svenevs/fix/docs-example-parametrize-minor-typo
• bc913d1 Streamline checks for verbose option (#12706) (#12778)
• 01cfcc9 Fix typos and introduce codespell pre-commit hook (#12769) (#12774)
• 4873394 doc: Remove past training (#12772) (#12773)
• Additional commits viewable in compare view

Updates css-inline from 0.11.2 to 0.14.3

Release notes

Sourced from css-inline's releases.

[C] Release 0.14.3

Fixed

• Prioritize !important rules when computing element styles. #398

[JavaScript] Release 0.14.3

Added

• Packages for win32-arm64-msvc. #397

Fixed

• Prioritize !important rules when computing element styles. #398

[Python] Release 0.14.3

Fixed

• Prioritize !important rules when computing element styles. #398

[Ruby] Release 0.14.3

Fixed

• Prioritize !important rules when computing element styles. #398

[Rust] Release 0.14.3

Fixed

• Prioritize !important rules when computing element styles. #398

[C] Release 0.14.2

Changed

• Bump MSRV to 1.70.

Fixed

• Replace double quotes when merging styles. #392

[JavaScript] Release 0.14.2

Changed

• Bump MSRV to 1.70.

Fixed

• Build on linux-arm-gnueabihf
• Replace double quotes when merging styles. #392

[Python] Release 0.14.2

Changed

... (truncated)

Changelog

Sourced from css-inline's changelog.

[0.14.3] - 2024-11-14

Fixed

• Prioritize !important rules when computing element styles. #398

[0.14.2] - 2024-11-11

Changed

• Bump MSRV to 1.70.

Fixed

• Replace double quotes when merging styles. #392

[0.14.1] - 2024-04-27

Fixed

• Precedence of element styles over other styles. #364

[0.14.0] - 2024-04-01

Added

• External stylesheet caching. #314
• Inlining to HTML fragments. #335

Changed

• Update html5ever to 0.27.
• Update rayon to 1.10.

[0.13.0] - 2024-01-19

Added

• A way to customize resolving remote stylesheets.
• Support for the data-css-inline="keep" attribute to enforce keeping the style tag.

Changed

• Replace attohttpc with reqwest to simplify implementing non-blocking stylesheet resolving in the future release.

Fixed

• Lookups for previous / next siblings, affecting selectors like nth-child. #324

Performance

... (truncated)

Commits

• 6c3d25e chore(c): Release 0.14.3
• c8fe0af build(js): Add win32-arm64-msvc package
• 606cc93 fix: prioritize important styles
• 143cd63 chore(javascript): Update bundled WASM module
• e38405b chore(javascript): Release 0.14.2
• 0228eb8 chore(ruby): Release 0.14.2
• 95b45d3 chore(python): Release 0.14.2
• 5b3192d chore(c): Release 0.14.2
• 8410fba build(js): Pin wasm-bindgen
• bbf6b04 fix: double quote when extending inline styles
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud