Bump the python-packages group with 2 updates

[dependabot]

Bumps the python-packages group with 2 updates: sqlalchemy and coverage.

Updates sqlalchemy from 2.0.39 to 2.0.40

Release notes

Sourced from sqlalchemy's releases.

2.0.40

Released: March 27, 2025

orm

• [orm] [bug] Fixed regression which occurred as of 2.0.37 where the checked ArgumentError that's raised when an inappropriate type or object is used inside of a Mapped annotation would raise TypeError with "boolean value of this clause is not defined" if the object resolved into a SQL expression in a boolean context, for programs where future annotations mode was not enabled. This case is now handled explicitly and a new error message has also been tailored for this case. In addition, as there are at least half a dozen distinct error scenarios for intepretation of the Mapped construct, these scenarios have all been unified under a new subclass of ArgumentError called MappedAnnotationError, to provide some continuity between these different scenarios, even though specific messaging remains distinct.

  References: #12329

• [orm] [bug] Fixed regression in ORM Annotated Declarative class interpretation caused by typing_extension==4.13.0 that introduced a different implementation for TypeAliasType while SQLAlchemy assumed that it would be equivalent to the typing version, leading to pep-695 type annotations not resolving to SQL types as expected.

  References: #12473

sql

• [sql] [usecase] Implemented support for the GROUPS frame specification in window functions by adding _sql.over.groups option to _sql.over() and FunctionElement.over(). Pull request courtesy Kaan Dikmen.

  References: #12450

• [sql] [bug] Fixed issue in CTE constructs involving multiple DDL _sql.Insert statements with multiple VALUES parameter sets where the bound parameter names generated for these parameter sets would conflict, generating a compile time error.

  References: #12363

• [sql] [bug] Fixed regression caused by #7471 leading to a SQL compilation issue where name disambiguation for two same-named FROM clauses with table aliasing in use at the same time would produce invalid SQL in the FROM clause with two "AS" clauses for the aliased table, due to double aliasing.

... (truncated)

Commits

• See full diff in compare view

Updates coverage from 7.7.1 to 7.8.0

Changelog

Sourced from coverage's changelog.

Version 7.8.0 — 2025-03-30

• Added a new source_dirs setting for symmetry with the existing source_pkgs setting. It's preferable to the existing source setting, because you'll get a clear error when directories don't exist. Fixes issue 1942. Thanks, Jeremy Fleischman <pull 1943_>.

• Fix: the PYTHONSAFEPATH environment variable new in Python 3.11 is properly supported, closing issue 1696. Thanks, Philipp A. <pull 1700_>. This works properly except for a detail when using the coverage command on Windows. There you can use python -m coverage instead if you need exact emulation.

.. _issue 1696: nedbat/coveragepy#1696 .. _pull 1700: nedbat/coveragepy#1700 .. _issue 1942: nedbat/coveragepy#1942 .. _pull 1943: nedbat/coveragepy#1943

.. _changes_7-7-1:

Commits

• 6d5ced9 docs: sample HTML for 7.8.0
• 49c194f docs: prep for 7.8.0
• 38782cb docs: finish up source_dirs. bump to 7.8.0
• 7aea2f3 feat: add new source_dirs option (#1943)
• f464155 test: some simple bytecode tests
• cf1dec0 refactor: these pypy modules are available in all our versions
• a876052 test: a general helper for iterating over our own source files
• 82cff3e perf: sets are better than lists
• a66bd61 refactor: move bytecode code into bytecode.py
• d64ce5f chore: bump the action-dependencies group with 3 updates (#1940)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[d33bs]

@dependabot squash and merge

Merging this in after a small change to pre-commit versions.