Deps: Bump the python-packages group with 4 updates

[dependabot]

Bumps the python-packages group with 4 updates: sqlalchemy, autohooks, certifi and ruff.

Updates sqlalchemy from 2.0.46 to 2.0.47

Release notes

Sourced from sqlalchemy's releases.

2.0.47

Released: February 24, 2026

orm

• [orm] [bug] Fixed issue when using ORM mappings with Python 3.14's PEP 649 feature that no longer requires "future annotations", where the ORM's introspection of the __init__ method of mapped classes would fail if non-present identifiers in annotations were present. The vendored getfullargspec() method has been amended to use Format.FORWARDREF under Python 3.14 to prevent resolution of names that aren't present.

  References: #13104

engine

• [engine] [usecase] The connection object returned by _engine.Engine.raw_connection() now supports the context manager protocol, automatically returning the connection to the pool when exiting the context.

  References: #13116

postgresql

• [postgresql] [bug] Fixed an issue in the PostgreSQL dialect where foreign key constraint reflection would incorrectly swap or fail to capture onupdate and ondelete values when these clauses appeared in a different order than expected in the constraint definition. This issue primarily affected PostgreSQL-compatible databases such as CockroachDB, which may return ON DELETE before ON UPDATE in the constraint definition string. The reflection logic now correctly parses both clauses regardless of their ordering.

  References: #13105

• [postgresql] [bug] Fixed issue in the engine_insertmanyvalues feature where using PostgreSQL's ON CONFLICT clause with _dml.Insert.returning.sort_by_parameter_order enabled would generate invalid SQL when the insert used an implicit sentinel (server-side autoincrement primary key). The generated SQL would incorrectly declare a sentinel counter column in the imp_sen table alias without providing corresponding values in the VALUES clause, leading to a ProgrammingError indicating column count mismatch. The fix allows batch execution mode when embed_values_counter is active, as the embedded counter provides the ordering capability needed even with upsert behaviors, rather than unnecessarily downgrading to row-at-a-time execution.

... (truncated)

Commits

• See full diff in compare view

Updates autohooks from 25.11.0 to 26.2.0

Release notes

Sourced from autohooks's releases.

autohooks 26.2.0

26.2.0 - 2026-02-25

Added

• Unit tests for uv mode fe57e13
• Support for uv 329294f

Changed

• Make ruff & black happy 2c1bd9d
• Update documentation 37739c4

Dependencies

• Bump the dependencies group across 1 directory with 4 updates edf8288
• Bump ruff from 0.14.14 to 0.15.0 in the dependencies group ed561e2
• Bump the dependencies group across 1 directory with 7 updates 9ccd4f2
• Bump the dependencies group with 4 updates 83af4d2
• Bump the dependencies group across 1 directory with 4 updates 8c2c3cd
• Bump urllib3 from 2.6.2 to 2.6.3 cc2fac6
• Bump the dependencies group with 2 updates 690bed5
• Bump librt from 0.7.4 to 0.7.5 in the dependencies group b1ad308
• Bump the dependencies group with 6 updates 307e261
• Bump the dependencies group with 2 updates 59f09ca
• Bump actions/checkout from 5 to 6 in the dependencies group 5b0c306
• Bump the dependencies group across 1 directory with 5 updates 1e257b0
• Bump the dependencies group across 1 directory with 4 updates 2b8fbb7

Commits

• 00c9ab4 Automatic release to 26.2.0
• 2c1bd9d Change: Make ruff & black happy
• 37739c4 Change: Update documentation
• fe57e13 Add: Unit tests for uv mode
• 329294f Add: Support for uv
• edf8288 Deps: Bump the dependencies group across 1 directory with 4 updates
• ed561e2 Deps: Bump ruff from 0.14.14 to 0.15.0 in the dependencies group
• 9ccd4f2 Deps: Bump the dependencies group across 1 directory with 7 updates
• 83af4d2 Deps: Bump the dependencies group with 4 updates
• 8c2c3cd Deps: Bump the dependencies group across 1 directory with 4 updates
• Additional commits viewable in compare view

Updates certifi from 2026.1.4 to 2026.2.25

Commits

• 8571a4b 2026.02.25 (#395)
• 6f7de00 Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (#390)
• a1de59b Bump actions/checkout from 6.0.1 to 6.0.2 (#391)
• 7f5ade5 Bump actions/setup-python from 6.1.0 to 6.2.0 (#392)
• See full diff in compare view

Updates ruff from 0.15.2 to 0.15.4

Release notes

Sourced from ruff's releases.

0.15.4

Release Notes

Released on 2026-02-26.

This is a follow-up release to 0.15.3 that resolves a panic when the new rule PLR1712 was enabled with any rule that analyzes definitions, such as many of the ANN or D rules.

Bug fixes

• Fix panic on access to definitions after analyzing definitions (#23588)
• [pyflakes] Suppress false positive in F821 for names used before del in stub files (#23550)

Documentation

• Clarify first-party import detection in Ruff (#23591)
• Fix incorrect import-heading example (#23568)

Contributors

• @​stakeswky
• @​ntBre
• @​thejcannon
• @​GeObts

Install ruff 0.15.4

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.15.4/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/ruff/releases/download/0.15.4/ruff-installer.ps1 | iex"

Download ruff 0.15.4

File	Platform	Checksum
ruff-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
ruff-x86_64-apple-darwin.tar.gz	Intel macOS	checksum
ruff-aarch64-pc-windows-msvc.zip	ARM64 Windows	checksum
ruff-i686-pc-windows-msvc.zip	x86 Windows	checksum
ruff-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
ruff-aarch64-unknown-linux-gnu.tar.gz	ARM64 Linux	checksum
ruff-i686-unknown-linux-gnu.tar.gz	x86 Linux	checksum
ruff-powerpc64-unknown-linux-gnu.tar.gz	PPC64 Linux	checksum

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.4

Released on 2026-02-26.

This is a follow-up release to 0.15.3 that resolves a panic when the new rule PLR1712 was enabled with any rule that analyzes definitions, such as many of the ANN or D rules.

Bug fixes

• Fix panic on access to definitions after analyzing definitions (#23588)
• [pyflakes] Suppress false positive in F821 for names used before del in stub files (#23550)

Documentation

• Clarify first-party import detection in Ruff (#23591)
• Fix incorrect import-heading example (#23568)

Contributors

• @​stakeswky
• @​ntBre
• @​thejcannon
• @​GeObts

0.15.3

Released on 2026-02-26.

Preview features

• Drop explicit support for .qmd file extension (#23572)

  This can now be enabled instead by setting the extension option:

  # ruff.toml
  extension = { qmd = "markdown" }
  pyproject.toml
  [tool.ruff]
  extension = { qmd = "markdown" }

• Include configured extensions in file discovery (#23400)

• [flake8-bandit] Allow suspicious imports in TYPE_CHECKING blocks (S401-S415) (#23441)

• [flake8-bugbear] Allow B901 in pytest hook wrappers (#21931)

• [flake8-import-conventions] Add missing conventions from upstream (ICN001, ICN002) (#21373)

... (truncated)

Commits

• f14edd8 Bump 0.15.4 (#23595)
• fd09d37 Fix panic on access to definitions after analyzing definitions (#23588)
• 81d655f [pyflakes] suppress false positive in F821 for names used before del in...
• 625b4f5 [ruff] docs: Clarify first-party import detection in Ruff (#23591)
• 60facfa one word typo fix in a while_loop.md test case (#23589)
• fbb9fa7 docs: fix incorrect import-heading example (#23568)
• 5bc49a9 Increase the ruleset size to 16 bits (#23586)
• a62ba8c [ty] Fix overloaded callable assignability for unary Callable targets (#23277)
• e5f2f36 Bump 0.15.3 (#23585)
• 0e19fc9 [ty] defer calculating conjunctions in narrowing constraints (#23552)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions