chore(deps): update python packages

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
bandit (source, changelog)	1.9.3 → 1.9.4
debugpy (source)	1.8.19 → 1.8.20
grpcio	1.76.0 → 1.78.0
ni-python-styleguide	0.4.8 → 0.4.9
nidaqmx	1.4.0 → 1.4.1
numpy (changelog)	2.4.1 → 2.4.3
protobuf	6.33.5 → 6.33.6
pytest-cov (changelog)	7.0.0 → 7.1.0
sphinx-autoapi	3.6.1 → 3.8.0
streamlit-echarts	0.4.0 → 0.6.0
types-protobuf (changelog)	6.32.1.20251210 → 6.32.1.20260221

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

PyCQA/bandit (bandit)

v1.9.4

Compare Source

What's Changed

• chore: fixed some typos in comments by @​jakob1379 in #​1351
• Bump docker/login-action from 3.6.0 to 3.7.0 by @​dependabot[bot] in #​1353
• Bump docker/build-push-action from 6.18.0 to 6.19.2 by @​dependabot[bot] in #​1357
• Fix B613 crash when reading from stdin by @​worksbyfriday in #​1361
• Include filename in nosec 'no failed test' warning by @​worksbyfriday in #​1363
• Fix B615 false positive when revision is set via variable by @​worksbyfriday in #​1358
• Lower version guard in check_ast_node to Python 3.12 by @​rcgray in #​1355
• Fix B106 reporting wrong line number on multiline function calls by @​worksbyfriday in #​1360

New Contributors

• @​jakob1379 made their first contribution in #​1351
• @​worksbyfriday made their first contribution in #​1361
• @​rcgray made their first contribution in #​1355

Full Changelog: PyCQA/bandit@1.9.3...1.9.4

microsoft/debugpy (debugpy)

v1.8.20: debugpy v1.8.20

Compare Source

Fixes for:

• annotate in 3.14 causing exceptions: #​1971

Enhancements:

• Use remote_exec if available: c7e86a1
• Support more architectures: 1bbecdf

Infrastructure work:

• Support devcontainers for development: 7dbc229

Thanks to @​rameshvarun, @​Xeonacid, and @​pdepetro for the commits

grpc/grpc (grpcio)

v1.78.0

Compare Source

This is release 1.78.0 (gutsy) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

C++

• adding address_sorting dep in naming test build. (#​41045)

Objective-C

• [Backport][v1.78.x][Fix][Compiler] Plugins fall back to the edition 2023 for older protobuf. (#​41358)

Python

• [python] aio: fix race condition causing asyncio.run() to hang forever during the shutdown process. (#​40989)
• [Python] Migrate to pyproject.toml build system from setup.py builds. (#​40833)
• [Python] Log error details when ExecuteBatchError occurs (at DEBUG level). (#​40921)
• [Python] Update setuptools min version to 77.0.1 . (#​40931)

Ruby

• [ruby] Fix version comparison for the ruby_abi_version symbol for ruby 4 compatibility. (#​41061)

ni/python-styleguide (ni-python-styleguide)

v0.4.9

Compare Source

Fixed

• Work around "No module named 'pkg_resources'" by pinning setuptools to <82 (#​275)

ni/nidaqmx-python (nidaqmx)

v1.4.1

Compare Source

• Merged Pull Requests

  • Full changelog: 1.4.0...1.4.1

• Resolved Issues

  • ...

• Major Changes

  • Update installer metadata using DAQmx version 26.0.0

• Known Issues

  • ...

numpy/numpy (numpy)

v2.4.3

Compare Source

v2.4.2

Compare Source

pytest-dev/pytest-cov (pytest-cov)

v7.1.0

Compare Source

• Fixed total coverage computation to always be consistent, regardless of reporting settings.
  Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on
  reporting options.
  See #&#8203;641 <https://github.com/pytest-dev/pytest-cov/issues/641>_.

• Improve handling of ResourceWarning from sqlite3.

  The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0).
  It checks if there is already existing plugin for this message by comparing filter regular expression.
  When filter is specified on command line the message is escaped and does not match an expected message.
  A check for an escaped regular expression is added to handle this case.

  With this fix one can suppress ResourceWarning from sqlite3 from command line::

  pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

• Various improvements to documentation.
  Contributed by Art Pelling in #&#8203;718 <https://github.com/pytest-dev/pytest-cov/pull/718>_ and
  "vivodi" in #&#8203;738 <https://github.com/pytest-dev/pytest-cov/pull/738>.
  Also closed #&#8203;736 <https://github.com/pytest-dev/pytest-cov/issues/736>.

• Fixed some assertions in tests.
  Contributed by in Markéta Machová in #&#8203;722 <https://github.com/pytest-dev/pytest-cov/pull/722>_.

• Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

readthedocs/sphinx-autoapi (sphinx-autoapi)

v3.8.0

Compare Source

Features
^^^^^^^^

• Autodoc-style directives can access members excluded by autoapi_options

Misc
^^^^

• #​553

v3.7.0

Compare Source

Features
^^^^^^^^

• Added autoapi.import warning for when AutoAPI directives are given non-existent objects
• Adding autoapi_follow_symlinks, which allows api to traverse into symlinked directories when generating the API documentation.
• Drop support for Python 3.9 and officially support Python 3.14
• Support rendering PEP-695 type parameters

Bugfixes
^^^^^^^^

• Render typing_extensions.TypeAlias like other type aliases (#​520)
• Fix PythonFunction.overloads typing when source code overload(s) do not provide a return type (#​523)

Misc
^^^^

• Fix deprecation warnings raised by astroid and sphinx
• Handling case where match returns None to fix mypy unit test.

andfanilo/streamlit-echarts (streamlit-echarts)

v0.6.0

Compare Source

What's Changed

• Rewrite frontend with native ECharts API, add selection support, Streamlit theme, agent harness through skills/commands->subagents

v0.5.0

Compare Source

Changed

• BREAKING: Migrated to Streamlit Components v2 API
• BREAKING: Removed st_pyecharts wrapper — use json.loads(chart.dump_options()) + st_echarts instead
• Dropped pyecharts and simplejson as package dependencies (user installs them separately)
• Upgraded frontend build toolchain from Create React App to Vite + TypeScript
• Upgraded ECharts from v5 to v6
• Event return values now use result.chart_event on the Python side

---

Configuration

📅 Schedule: Branch creation - Only on Sunday ( * * * * 0 ) in timezone US/Central, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Test Results

0 files   -     8  0 suites   - 8   0s ⏱️ -25s
0 tests  -   256  0 ✅  -   256  0 💤 ±0  0 ❌ ±0 
0 runs   - 2 008  0 ✅  - 2 008  0 💤 ±0  0 ❌ ±0 

Results for commit 80a47a7. ± Comparison against base commit 4e5e622.

♻️ This comment has been updated with latest results.

[renovate]

⚠️ Artifact update problem

Renovate failed to update artifacts related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pyproject.toml

Artifact update for grpcio resolved to version 1.80.0, which is a pending version that has not yet passed the Minimum Release Age threshold.
Renovate was attempting to update to 1.78.0
This is (likely) not a bug in Renovate, but due to the way your project pins dependencies, _and_ how Renovate calls your package manager to update them.
Until Renovate supports specifying an exact update to your package manager (https://github.com/renovatebot/renovate/issues/41624), it is recommended to directly pin your dependencies (with `rangeStrategy=pin` for apps, or `rangeStrategy=widen` for libraries)
See also: https://docs.renovatebot.com/dependency-pinning/

File name: pyproject.toml

Artifact update for numpy resolved to version 2.4.4, which is a pending version that has not yet passed the Minimum Release Age threshold.
Renovate was attempting to update to 2.4.3
This is (likely) not a bug in Renovate, but due to the way your project pins dependencies, _and_ how Renovate calls your package manager to update them.
Until Renovate supports specifying an exact update to your package manager (https://github.com/renovatebot/renovate/issues/41624), it is recommended to directly pin your dependencies (with `rangeStrategy=pin` for apps, or `rangeStrategy=widen` for libraries)
See also: https://docs.renovatebot.com/dependency-pinning/

File name: pyproject.toml

Artifact update for numpy resolved to version 2.4.4, which is a pending version that has not yet passed the Minimum Release Age threshold.
Renovate was attempting to update to 2.4.3
This is (likely) not a bug in Renovate, but due to the way your project pins dependencies, _and_ how Renovate calls your package manager to update them.
Until Renovate supports specifying an exact update to your package manager (https://github.com/renovatebot/renovate/issues/41624), it is recommended to directly pin your dependencies (with `rangeStrategy=pin` for apps, or `rangeStrategy=widen` for libraries)
See also: https://docs.renovatebot.com/dependency-pinning/

[bkeryan]

⚠️ Artifact update problem

Renovate failed to update artifacts related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pyproject.toml

Artifact update for grpcio resolved to version 1.80.0, which is a pending version that has not yet passed the Minimum Release Age threshold.
Renovate was attempting to update to 1.78.0
This is (likely) not a bug in Renovate, but due to the way your project pins dependencies, _and_ how Renovate calls your package manager to update them.
Until Renovate supports specifying an exact update to your package manager (https://github.com/renovatebot/renovate/issues/41624), it is recommended to directly pin your dependencies (with `rangeStrategy=pin` for apps, or `rangeStrategy=widen` for libraries)
See also: https://docs.renovatebot.com/dependency-pinning/

File name: pyproject.toml

Artifact update for numpy resolved to version 2.4.4, which is a pending version that has not yet passed the Minimum Release Age threshold.
Renovate was attempting to update to 2.4.3
This is (likely) not a bug in Renovate, but due to the way your project pins dependencies, _and_ how Renovate calls your package manager to update them.
Until Renovate supports specifying an exact update to your package manager (https://github.com/renovatebot/renovate/issues/41624), it is recommended to directly pin your dependencies (with `rangeStrategy=pin` for apps, or `rangeStrategy=widen` for libraries)
See also: https://docs.renovatebot.com/dependency-pinning/

File name: pyproject.toml

Artifact update for numpy resolved to version 2.4.4, which is a pending version that has not yet passed the Minimum Release Age threshold.
Renovate was attempting to update to 2.4.3
This is (likely) not a bug in Renovate, but due to the way your project pins dependencies, _and_ how Renovate calls your package manager to update them.
Until Renovate supports specifying an exact update to your package manager (https://github.com/renovatebot/renovate/issues/41624), it is recommended to directly pin your dependencies (with `rangeStrategy=pin` for apps, or `rangeStrategy=widen` for libraries)
See also: https://docs.renovatebot.com/dependency-pinning/

Poetry issue about adding this capability: python-poetry/poetry#2758