deps(ibis): bump the all group across 1 directory with 6 updates

[dependabot]

Bumps the all group with 6 updates in the /ibis-server directory:

Package	From	To
ibis-framework	10.0.0	10.1.0
gql	3.5.0	3.5.1
duckdb	1.1.3	1.2.0
opendal	0.45.15	0.45.16
sqlalchemy	2.0.37	2.0.38
ruff	0.9.4	0.9.7

Updates ibis-framework from 10.0.0 to 10.1.0

Release notes

Sourced from ibis-framework's releases.

10.1.0

10.1.0 (2025-02-22)

Features

• pyspark: add partitionBy argument to create_table (c99cc23), closes #8900
• python: allow python 3.9 installations (#10859) (fbe8c8b)

Bug Fixes

• bigquery: allow sane use of params with raw_sql (#10874) (0a684c3)
• deps: update dependency datafusion to v44 (979cf59)
• deps: update dependency sqlglot to >=23.4,<26.5 (#10807) (f09e8e2)
• deps: update dependency sqlglot to >=23.4,<26.7 (15111f8)
• dev-tools: ensure that bump is minimal so that later release sort properly (#10878) (39729c7)
• duckdb: use the delta extension for reading deltalake data (#10833) (beeaa29), closes #10829
• join: error in more places on colliding column names (#10778) (ec06e1e)
• mssql: ensure that dots in database parameter to list_tables are used as path delineators (#10863) (cdbbcb9)
• mssql: ensure that we only escape passwords if the password is not None (e589344)
• mysql: explicitly handle the zero integer -> timestamp case (f5e8c4f)
• pyspark: avoid potentially different field names produced by SQL by using python-native APIs (#10877) (9538d51)
• snowflake: use get instead of get_path; get_path does not support columns with spaces (#10836) (50c978b), closes #10835
• sqlglot: ensure that sge.Median is only accessed when it exists (dc6b7e0)
• sqlite: avoid generating double-quoted string literals (#10873) (76b0114)

Documentation

• add blogpost for Athena backend (#10796) (f2f09eb)
• add information about reading from cloud buckets (32e82c7)
• add udf rewriting blog post (c6ecf6b)
• blog: add post on SQL understanding and Ibis (#10762) (94425ec)
• blog: convert case to cases in blog posts (#10560) (bbf98de)
• blog: use more reliable URL for geospatial data (72b7673)
• fix reference to incorrect value (1945237)
• move __getitem__ docs so that quarto publishes them (#10870) (269cdfe)
• release-notes: fixup release notes (fb0798e)
• remove incorrect parameters (#10876) (a707778)
• update post date (ea0cc95)

Refactors

• duckdb: remove the pyarrow read_parquet fallback (5fa0103)

Changelog

Sourced from ibis-framework's changelog.

10.1.0 (2025-02-22)

Features

• pyspark: add partitionBy argument to create_table (c99cc23), closes #8900
• python: allow python 3.9 installations (#10859) (fbe8c8b)

Bug Fixes

• bigquery: allow sane use of params with raw_sql (#10874) (0a684c3)
• deps: update dependency datafusion to v44 (979cf59)
• deps: update dependency sqlglot to >=23.4,<26.5 (#10807) (f09e8e2)
• deps: update dependency sqlglot to >=23.4,<26.7 (15111f8)
• dev-tools: ensure that bump is minimal so that later release sort properly (#10878) (39729c7)
• duckdb: use the delta extension for reading deltalake data (#10833) (beeaa29), closes #10829
• join: error in more places on colliding column names (#10778) (ec06e1e)
• mssql: ensure that dots in database parameter to list_tables are used as path delineators (#10863) (cdbbcb9)
• mssql: ensure that we only escape passwords if the password is not None (e589344)
• mysql: explicitly handle the zero integer -> timestamp case (f5e8c4f)
• pyspark: avoid potentially different field names produced by SQL by using python-native APIs (#10877) (9538d51)
• snowflake: use get instead of get_path; get_path does not support columns with spaces (#10836) (50c978b), closes #10835
• sqlglot: ensure that sge.Median is only accessed when it exists (dc6b7e0)
• sqlite: avoid generating double-quoted string literals (#10873) (76b0114)

Documentation

• add blogpost for Athena backend (#10796) (f2f09eb)
• add information about reading from cloud buckets (32e82c7)
• add udf rewriting blog post (c6ecf6b)
• blog: add post on SQL understanding and Ibis (#10762) (94425ec)
• blog: convert case to cases in blog posts (#10560) (bbf98de)
• blog: use more reliable URL for geospatial data (72b7673)
• fix reference to incorrect value (1945237)
• move __getitem__ docs so that quarto publishes them (#10870) (269cdfe)
• release-notes: fixup release notes (fb0798e)
• remove incorrect parameters (#10876) (a707778)
• update post date (ea0cc95)

Refactors

• duckdb: remove the pyarrow read_parquet fallback (5fa0103)

Commits

• 913fa51 chore(release): 10.1.0
• 05438da chore(deps): bump and relock (#10882)
• a8d7a32 chore(deps): update postgres docker tag to v17.4 (#10881)
• 39729c7 fix(dev-tools): ensure that bump is minimal so that later release sort proper...
• a727f20 chore(deps): update astral-sh/setup-uv action to v5.3.0 (#10880)
• 9538d51 fix(pyspark): avoid potentially different field names produced by SQL by usin...
• a707778 docs: remove incorrect parameters (#10876)
• 152ff3b chore(deps): remove upper bounds on rest of deps except for numpy and pandas ...
• ff4dd30 chore(deps): bump and relock
• 1bb9291 chore(deps): update trinodb/trino docker tag to v471
• Additional commits viewable in compare view

Updates gql from 3.5.0 to 3.5.1

Release notes

Sourced from gql's releases.

v3.5.1

3.5.1

Issue #529 reported that by default the AIOHTTPTransport was not validating ssl certificates (a self-certificate was accepted by default).

This version adds a warning to warn users (See PR #533).

As a workaround, using ssl=True in the transport arguments fix the issue.

graphql-core has been restricted to <3.2.4 to fix tests.

A new stable version will be made shortly.

Commits

• 46e188c Bump version number to 3.5.1
• 740e988 Add the warning from PR #530 in the stable branch (#533)
• See full diff in compare view

Updates duckdb from 1.1.3 to 1.2.0

Release notes

Sourced from duckdb's releases.

DuckDB 1.2.0 "Histrionicus"

This release of DuckDB is named "Histrionicus" after the good-looking Harlequin duck (Histrionicus Histrionicus) that inhabits "cold fast moving streams in North America, Greenland, Iceland and eastern Russia".

Please also refer to the announcement blog post: https://duckdb.org/2025/02/05/announcing-duckdb-120

What's Changed

• Optimise division by a constant at runtime for integer division by @​JAicewizard in duckdb/duckdb#10348
• Add cross join to Python Relational and PySpark API by @​khalidmammadov in duckdb/duckdb#13519
• Fix #13805: throw a more descriptive error message when an on-disk file is referenced using a replacement scan for an unsupported file format by @​Mytherin in duckdb/duckdb#13871
• Make sampling accept parameters at the parser/transformer layer by @​Mytherin in duckdb/duckdb#13903
• Fix #13867: use 64-bit random numbers to generate random numbers for random() by @​Mytherin in duckdb/duckdb#13920
• Fix #13769: when binding views, always first search in the schema that the view is defined in by @​Mytherin in duckdb/duckdb#13921
• Rework table bindings to be components (catalog, schema, table) instead of flat strings by @​Mytherin in duckdb/duckdb#14017
• Add auto-loadable extension settings to duckdb_config_count and duckdb_get_config_flag by @​Mytherin in duckdb/duckdb#14021
• Fix #10961 - in the HAVING clause - in case of column name conflicts, bind to aliases instead of to ungrouped columns by @​Mytherin in duckdb/duckdb#14023
• Enable filter pushdown through Logical Unnest by @​Tmonster in duckdb/duckdb#14008
• Allow duplicate table aliases in the table binder by @​Mytherin in duckdb/duckdb#14035
• Unify DESCRIBE [query] and DESCRIBE [table] by @​Mytherin in duckdb/duckdb#14039
• Support qualified identifiers in the EXCLUDE clause by @​Mytherin in duckdb/duckdb#14043
• Add SMALLER_BINARY flag to reduce binary size by @​Mytherin in duckdb/duckdb#14057
• Smaller Binary: remove more templates from arg_min_max by @​Mytherin in duckdb/duckdb#14071
• Unify entropy and mode aggregates - and skip specialized implementations for entropy with smaller binary by @​Mytherin in duckdb/duckdb#14080
• [Python] Add set_default_connection to the duckdb module by @​Tishj in duckdb/duckdb#13442
• Provide workaround for prefetching parquet files with incorrect page offsets by @​samansmink in duckdb/duckdb#13697
• Move core_functions to a separate extension by @​Mytherin in duckdb/duckdb#14149
• PySpark df.drop() to support expressions by @​khalidmammadov in duckdb/duckdb#14059
• add some RealNest benchmarks by @​hmeriann in duckdb/duckdb#13345
• feed table function into multifilereader initialization by @​samansmink in duckdb/duckdb#14112
• [Dev] Fix an issue causing ExecuteTask to do much more work than intended by @​Tishj in duckdb/duckdb#14034
• Overhaul Parquet dictionary handling by @​hannes in duckdb/duckdb#14194
• [Feature] Allow passing the catalog (database name) to appender by @​taniabogatsch in duckdb/duckdb#13692
• Add Taxi Dataset Benchmark by @​pdet in duckdb/duckdb#14197
• Feature #3036: Window Spooling by @​hawkfish in duckdb/duckdb#14181
• Small C Extension API changes by @​samansmink in duckdb/duckdb#13987
• Add HTML and Graphviz support for explain analyze by @​abramk in duckdb/duckdb#13942
• Fix #13064: offer more suggestions with same score by @​Damon07 in duckdb/duckdb#14048
• New Algorithm to find a new line on parallel execution by @​pdet in duckdb/duckdb#14260
• Making client context lock optional for relation binding by @​pdet in duckdb/duckdb#14093
• [Feature] Allow passing the catalog during C API appender creation by @​taniabogatsch in duckdb/duckdb#14256
• Make test random output ordered by @​Damon07 in duckdb/duckdb#14267
• Skip test_window_distinct by @​Mytherin in duckdb/duckdb#14309
• Taxi Benchmark by @​pdet in duckdb/duckdb#14301
• Switch to shared pointer for multfilelists by @​samansmink in duckdb/duckdb#14291
• Push #14298 to feature branch by @​flashmouse in duckdb/duckdb#14311
• Implement PullUp Empty Results optimizer by @​Tmonster in duckdb/duckdb#13524
• [Export/Import] Use the DependencyManager to (stable) sort the entries before export by @​Tishj in duckdb/duckdb#14196
• Partitioning-Aware Aggregation and Partitioning-Aware Infrastructure by @​Mytherin in duckdb/duckdb#14329
• Add df.unionByName to PySpark API by @​khalidmammadov in duckdb/duckdb#14063
• Or filter pushdown into zone maps by @​Tmonster in duckdb/duckdb#14313
• Get the current setting in the database file opener by @​Mytherin in duckdb/duckdb#14361

... (truncated)

Commits

• a9bf7ad [Julia] Fixes a a bug that the database is not properly closed even after clo...
• 0bee8ed Fix spawn process
• 4332964 Check if the file was written
• d5a97a8 Format fix
• ec0906d Adds a fix that a database wasnt closed until GC
• ba1ff79 [chore] Python's SQLLogic: skip 3 more tests
• 2fe0db4 Pyodide: skip spark test
• 9e1f147 [Python][Spark] Fix datetime functions test failures (#15983)
• 0e2e057 there is no difference in the result anymore
• 7c623b5 we shouldnt use timestamp tz here
• Additional commits viewable in compare view

Updates opendal from 0.45.15 to 0.45.16

Commits

• See full diff in compare view

Updates sqlalchemy from 2.0.37 to 2.0.38

Release notes

Sourced from sqlalchemy's releases.

2.0.38

Released: February 6, 2025

engine

• [engine] [bug] Fixed event-related issue where invoking Engine.execution_options() on a Engine multiple times while making use of event-registering parameters such as isolation_level would lead to internal errors involving event registration.

  References: #12289

sql

• [sql] [bug] Reorganized the internals by which the .c collection on a FromClause gets generated so that it is resilient against the collection being accessed in concurrent fashion. An example is creating a Alias or Subquery and accessing it as a module level variable. This impacts the Oracle dialect which uses such module-level global alias objects but is of general use as well.

  References: #12302

• [sql] [bug] Fixed SQL composition bug which impacted caching where using a None value inside of an in_() expression would bypass the usual "expanded bind parameter" logic used by the IN construct, which allows proper caching to take place.

  References: #12314

postgresql

• [postgresql] [usecase] [asyncio] Added an additional asyncio.shield() call within the connection terminate process of the asyncpg driver, to mitigate an issue where terminate would be prevented from completing under the anyio concurrency library.

  References: #12077

• [postgresql] [bug] Adjusted the asyncpg connection wrapper so that the connection.transaction() call sent to asyncpg sends None for isolation_level if not otherwise set in the SQLAlchemy dialect/wrapper, thereby allowing asyncpg to make use of the server level setting for isolation_level in the absense of a client-level setting. Previously, this behavior of asyncpg was blocked by a hardcoded read_committed.

... (truncated)

Commits

• See full diff in compare view

Updates ruff from 0.9.4 to 0.9.7

Release notes

Sourced from ruff's releases.

0.9.7

Release Notes

Preview features

• Consider __new__ methods as special function type for enforcing class method or static method rules (#13305)
• [airflow] Improve the internal logic to differentiate deprecated symbols (AIR303) (#16013)
• [refurb] Manual timezone monkeypatching (FURB162) (#16113)
• [ruff] Implicit class variable in dataclass (RUF045) (#14349)
• [ruff] Skip singleton starred expressions for incorrectly-parenthesized-tuple-in-subscript (RUF031) (#16083)
• [refurb] Check for subclasses includes subscript expressions (FURB189) (#16155)

Rule changes

• [flake8-debugger] Also flag sys.breakpointhook and sys.__breakpointhook__ (T100) (#16191)
• [pycodestyle] Exempt site.addsitedir(...) calls (E402) (#16251)

Formatter

• Fix unstable formatting of trailing end-of-line comments of parenthesized attribute values (#16187)

Server

• Fix handling of requests received after shutdown message (#16262)
• Ignore source.organizeImports.ruff and source.fixAll.ruff code actions for a notebook cell (#16154)
• Include document specific debug info for ruff.printDebugInformation (#16215)
• Update server to return the debug info as string with ruff.printDebugInformation (#16214)

CLI

• Warn on invalid noqa even when there are no diagnostics (#16178)
• Better error messages while loading configuration extends (#15658)

Bug fixes

• [flake8-comprehensions] Handle trailing comma in C403 fix (#16110)
• [flake8-pyi] Avoid flagging custom-typevar-for-self on metaclass methods (PYI019) (#16141)
• [pydocstyle] Handle arguments with the same names as sections (D417) (#16011)
• [pylint] Correct ordering of arguments in fix for if-stmt-min-max (PLR1730) (#16080)
• [pylint] Do not offer fix for raw strings (PLE251) (#16132)
• [pyupgrade] Do not upgrade functional TypedDicts with private field names to the class-based syntax (UP013) (#16219)
• [pyupgrade] Handle micro version numbers correctly (UP036) (#16091)
• [pyupgrade] Unwrap unary expressions correctly (UP018) (#15919)
• [refurb] Correctly handle lengths of literal strings in slice-to-remove-prefix-or-suffix (FURB188) (#16237)
• [ruff] Skip RUF001 diagnostics when visiting string type definitions (#16122)

Documentation

• Add FAQ entry for source.* code actions in Notebook (#16212)
• Add SECURITY.md (#16224)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.9.7

Preview features

• Consider __new__ methods as special function type for enforcing class method or static method rules (#13305)
• [airflow] Improve the internal logic to differentiate deprecated symbols (AIR303) (#16013)
• [refurb] Manual timezone monkeypatching (FURB162) (#16113)
• [ruff] Implicit class variable in dataclass (RUF045) (#14349)
• [ruff] Skip singleton starred expressions for incorrectly-parenthesized-tuple-in-subscript (RUF031) (#16083)
• [refurb] Check for subclasses includes subscript expressions (FURB189) (#16155)

Rule changes

• [flake8-debugger] Also flag sys.breakpointhook and sys.__breakpointhook__ (T100) (#16191)
• [pycodestyle] Exempt site.addsitedir(...) calls (E402) (#16251)

Formatter

• Fix unstable formatting of trailing end-of-line comments of parenthesized attribute values (#16187)

Server

• Fix handling of requests received after shutdown message (#16262)
• Ignore source.organizeImports.ruff and source.fixAll.ruff code actions for a notebook cell (#16154)
• Include document specific debug info for ruff.printDebugInformation (#16215)
• Update server to return the debug info as string with ruff.printDebugInformation (#16214)

CLI

• Warn on invalid noqa even when there are no diagnostics (#16178)
• Better error messages while loading configuration extends (#15658)

Bug fixes

• [flake8-comprehensions] Handle trailing comma in C403 fix (#16110)
• [flake8-pyi] Avoid flagging custom-typevar-for-self on metaclass methods (PYI019) (#16141)
• [pydocstyle] Handle arguments with the same names as sections (D417) (#16011)
• [pylint] Correct ordering of arguments in fix for if-stmt-min-max (PLR1730) (#16080)
• [pylint] Do not offer fix for raw strings (PLE251) (#16132)
• [pyupgrade] Do not upgrade functional TypedDicts with private field names to the class-based syntax (UP013) (#16219)
• [pyupgrade] Handle micro version numbers correctly (UP036) (#16091)
• [pyupgrade] Unwrap unary expressions correctly (UP018) (#15919)
• [refurb] Correctly handle lengths of literal strings in slice-to-remove-prefix-or-suffix (FURB188) (#16237)
• [ruff] Skip RUF001 diagnostics when visiting string type definitions (#16122)

Documentation

• Add FAQ entry for source.* code actions in Notebook (#16212)
• Add SECURITY.md (#16224)

... (truncated)

Commits

• 54fccb3 Bump version to 0.9.7 (#16271)
• 8198668 [red-knot] MDTest: Use custom class names instead of builtins (#16269)
• fc6b03c Handle requests received after shutdown message (#16262)
• fb09d63 [red-knot] Prefix Type::call and dunder_call with try (#16261)
• 16d0625 Improve internal docs for various string-node APIs (#16256)
• 25920fe Rename ExprStringLiteral::as_unconcatenated_string() to `ExprStringLiteral:...
• 97d0659 Pass ParserOptions to the parser (#16220)
• cfc6941 [red-knot] Resolve references in eager nested scopes eagerly (#16079)
• f50849a Add text_len() methods to more *Prefix enums in ruff_python_ast (#16254)
• 55ea094 [red-knot] Allow any Ranged argument for report_lint and `report_diagnost...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.