Build(deps): Bump the uv group with 3 updates

[dependabot]

Bumps the uv group with 3 updates: sqlalchemy, bidsschematools and jupytext.

Updates sqlalchemy from 2.0.45 to 2.0.46

Release notes

Sourced from sqlalchemy's releases.

2.0.46

Released: January 21, 2026

typing

• [typing] [bug] Fixed typing issues where ORM mapped classes and aliased entities could not be used as keys in result row mappings or as join targets in select statements. Patterns such as row._mapping[User], row._mapping[aliased(User)], row._mapping[with_polymorphic(...)] (rejected by both mypy and Pylance), and .join(aliased(User)) (rejected by Pylance) are documented and fully supported at runtime but were previously rejected by type checkers. The type definitions for _KeyType and _FromClauseArgument have been updated to accept these ORM entity types.

  References: #13075

postgresql

• [postgresql] [bug] Fixed issue where PostgreSQL JSONB operators _postgresql.JSONB.Comparator.path_match() and _postgresql.JSONB.Comparator.path_exists() were applying incorrect VARCHAR casts to the right-hand side operand when used with newer PostgreSQL drivers such as psycopg. The operators now indicate the right-hand type as JSONPATH, which currently results in no casting taking place, but is also compatible with explicit casts if the implementation were require it at a later point.

  References: #13059

• [postgresql] [bug] Fixed regression in PostgreSQL dialect where JSONB subscription syntax would generate incorrect SQL for cast() expressions returning JSONB, causing syntax errors. The dialect now properly wraps cast expressions in parentheses when using the [] subscription syntax, generating (CAST(...))[index] instead of CAST(...)[index] to comply with PostgreSQL syntax requirements. This extends the fix from #12778 which addressed the same issue for function calls.

  References: #13067

• [postgresql] [bug] Improved the foreign key reflection regular expression pattern used by the PostgreSQL dialect to be more permissive in matching identifier characters, allowing it to correctly handle unicode characters in table and column names. This change improves compatibility with PostgreSQL variants such as CockroachDB that may use different quoting patterns in combination with unicode characters in their identifiers. Pull request courtesy Gord Thompson.

... (truncated)

Commits

• See full diff in compare view

Updates bidsschematools from 1.1.5 to 1.1.6

Commits

• 5695e5c chore: Bump schema package to 1.1.6
• 7bd29bf fix(schema): Check that entities.space is not null
• b1e4d4e [FIX] Check PET series length and per-frame metadata
• 56700b7 chore: Bump schema package to 1.1.6-dev
• See full diff in compare view

Updates jupytext from 1.19.0 to 1.19.1

Release notes

Sourced from jupytext's releases.

Version 1.19.1

Changed

• Jupytext does not change the file icons anymore! Thanks to Michał Krassowski for finally solving this long standing issue! (#398)
• We have bumped lodash from 4.17.21 to 4.17.23 in JupyterLab extension (#1483)
• We require marimo<=0.19.4 in tests following a change in the location of the marimo import (#1485)

Changelog

Sourced from jupytext's changelog.

1.19.1 (2026-01-25)

Changed

• Jupytext does not change the file icons anymore! Thanks to Michał Krassowski for finally solving this long standing issue! (#398)
• We have bumped lodash from 4.17.21 to 4.17.23 in JupyterLab extension (#1483)
• We require marimo<=0.19.4 in tests following a change in the location of the marimo import (#1485)

Commits

• e939bf5 Version 1.19.1 (#1487)
• 4895de7 Add back file icons, denote notebook-only types with orange border (#1482)
• 1eb46dc Use marimo<=0.19.4 in tests (#1485)
• 9f7b587 Version 1.19.1.dev0
• ad72e62 build(deps): bump lodash from 4.17.21 to 4.17.23 in /jupyterlab (#1483)
• 94107d5 Version 1.19.0 (#1480)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions