[Tech] Bump the version-updates group in /forklift with 3 updates

[dependabot]

Bumps the version-updates group in /forklift with 3 updates: duckdb, coverage and clickhouse-connect.

Updates duckdb from 1.5.0 to 1.5.1

Release notes

Sourced from duckdb's releases.

v1.5.1 Bugfix Release

DuckDB core v1.5.1 Changelog: duckdb/duckdb@v1.5.0...v1.5.1

What's Changed

• Re-added basic support for the GEOMETRY type

Commits

• b54a492 pin duckdb to 1.5.1
• 8c5da5b Restore basic support for spatial
• 2d909d2 [duckdb-labs bot] Bump DuckDB submodule (#389)
• 195b4eb Bump submodule
• bb47780 [duckdb-labs bot] Bump DuckDB submodule (#384)
• 8d3f345 Bump submodule
• 9bae5ef [duckdb-labs bot] Bump DuckDB submodule (#380)
• c6b4811 Bump submodule
• 7f49c59 Set MAIN_BRANCH_VERSIONING to False (#350)
• f7b8cd5 Set MAIN_BRANCH_VERSIONING to False
• See full diff in compare view

Updates coverage from 7.13.4 to 7.13.5

Changelog

Sourced from coverage's changelog.

Version 7.13.5 — 2026-03-17

• Fix: issue 2138_ describes a memory leak that happened when repeatedly using the Coverage API with in-memory data. This is now fixed.

• Fix: the markdown-formatted coverage report didn't fully escape special characters in file paths (issue 2141). This would be very unlikely to cause a problem, but now it's done properly, thanks to Ellie Ayla <pull 2142_>.

• Fix: the C extension wouldn't build on VS2019, but now it does (issue 2145_).

.. _issue 2138: coveragepy/coveragepy#2138 .. _issue 2141: coveragepy/coveragepy#2141 .. _pull 2142: coveragepy/coveragepy#2142 .. _issue 2145: coveragepy/coveragepy#2145

.. _changes_7-13-4:

Commits

• c88da14 docs: sample HTML for 7.13.5
• e2ac3e1 build: sample HTML shouldn't include the status.json file
• 910f8f3 docs: prep for 7.13.5
• 3a4819c style: make workflows more uniform
• 2a53705 chore: bump the action-dependencies group across 1 directory with 4 updates (...
• e7c878d chore: make upgrade
• ab4db40 build: use --generate-hashes when pinning
• a438753 chore: make upgrade
• 7b33457 refactor: some leftover pyupgrade 3.10 bits
• 2ff968d refactor: this type wasn't used anywhere
• Additional commits viewable in compare view

Updates clickhouse-connect from 0.14.1 to 0.15.1

Release notes

Sourced from clickhouse-connect's releases.

v0.15.1

Bug Fixes

• Use timezone from parameter type hint instead of server_tz when formatting tz-aware datetimes in {param:Type} bind expressions. Fixes #697

v0.15.0

Improvements

• Comprehensive ClickHouse JOIN support in SQLAlchemy via ch_join() with all strictness/distribution modifiers and USING syntax (#635, #636)
• Multi-column array_join() for parallel array expansion (#633)
• Add missing Replicated engine variants (ReplicatedReplacingMergeTree, etc.) (#687)
• Lazy imports for numpy, pandas, pyarrow, and polars, ~4x faster bare import time (#589)

Bug Fixes

• Fix .final() and .sample() silently overwriting each other when chained (#658)
• Fix sqlalchemy.values() to emit ClickHouse VALUES table function syntax (#681)
• Fix GraphiteMergeTree to properly quote config_section argument

Other

• Remove py.typed marker that was causing false type errors for mypy/pyright users (#691)

Full Changelog: ClickHouse/clickhouse-connect@v0.14.1...v0.15.0

Changelog

Sourced from clickhouse-connect's changelog.

0.15.1, 2026-03-30

Bug Fixes

• Use timezone from parameter type hint instead of server_tz when formatting tz-aware datetimes in {param:Type} bind expressions. Previously, bind_query always converted datetimes to the server timezone, ignoring explicit timezone declarations in type hints like DateTime64(6, 'UTC'). This caused incorrect query results when server_tz differed from the hint timezone. Handles LowCardinality, Nullable, and container type wrappers. Fixes #697

0.15.0, 2026-03-26

Improvements

• SQLAlchemy: Comprehensive ClickHouse JOIN support via the new ch_join() helper. All strictness modifiers (ALL, ANY, SEMI, ANTI, ASOF), the GLOBAL distribution modifier, and explicit CROSS JOIN are now available. Use with select_from() to generate ClickHouse-specific join syntax like GLOBAL ALL LEFT OUTER JOIN. Closes #635
• SQLAlchemy: array_join() now supports multiple columns for parallel array expansion. Pass a list of columns and a matching list of aliases to generate ARRAY JOIN col1 AS a, col2 AS b, col3 AS c. Single-column usage is unchanged. Closes #633
• SQLAlchemy: ch_join() now supports USING syntax via the new using parameter. Pass a list of column name strings to generate USING (col1, col2) instead of ON. This is important for FULL OUTER JOIN where USING merges the join column correctly while ON produces default values (0, '') for unmatched sides. Closes #636
• SQLAlchemy: Add missing Replicated table engine variants: ReplicatedReplacingMergeTree, ReplicatedCollapsingMergeTree, ReplicatedVersionedCollapsingMergeTree, and ReplicatedGraphiteMergeTree. Closes #687
• Lazy imports for optional dependencies (numpy, pandas, pyarrow, polars). If installed, these heavy libraries are no longer imported at import clickhouse_connect time. They are only imported when features that need them are actually used. The C/Numpy optimization bridge is also deferred. This speeds up bare import time of clickhouse-connect about 4X in environments where all four are installed. Closes #589

Other

• Remove py.typed marker file. The package does not have comprehensive type annotations, so the PEP 561 marker was causing false type errors for mypy/pyright users. Closes #691

Bug Fixes

• SQLAlchemy: Fix .final() and .sample() silently overwriting each other when chained. Both methods now store modifiers as custom attributes on the Select instance and render them during compilation, replacing the previous with_hint() approach that only allowed one hint per table. Chaining in either order (e.g. select(t).final().sample(0.1)) correctly produces FROM t FINAL SAMPLE 0.1. Also fixes rendering for aliased tables (FROM t AS u FINAL) and supports explicit table targeting in joins. Fixes #658
• SQLAlchemy: Fix sqlalchemy.values() to generate ClickHouse's VALUES table function syntax. The compiler now emits VALUES('col1 Type1, col2 Type2', ...) with the column structure as the first argument, instead of the standard SQL form that places column names after the alias. Generic SQLAlchemy types are mapped to ClickHouse equivalents (e.g. Integer to Int32, String to String). Also handles CTE usage by wrapping in SELECT * FROM VALUES(...). Fixes #681
• SQLAlchemy: Fix GraphiteMergeTree and ReplicatedGraphiteMergeTree to properly single-quote the config_section argument as ClickHouse requires.

Commits

• 05ec766 respect bind param tz type hints, bf release 0.15.1 prep
• c4c2a4e 0.15.0 release prep (#694)
• cd8cbf4 Joe/remove pytyped and other small cleanup issues (#693)
• 05859ef implement lazy loading of heavy optional deps (#689)
• 611161f SQLAlchemy core improvements (#688)
• 5fd16eb simple ddl support for a few new engine types (#690)
• a0e621c add Peter for reviews (#682)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions