Bump the python-packages group with 2 updates

[dependabot]

Bumps the python-packages group with 2 updates: pandas and requests.

Updates pandas from 3.0.2 to 3.0.3

Release notes

Sourced from pandas's releases.

pandas 3.0.3

We are pleased to announce the release of pandas 3.0.3. This is a patch release in the 3.0.x series and includes some regression fixes and bug fixes. We recommend that all users of the 3.0.x series upgrade to this version.

See the full whatsnew for a list of all the changes.

Pandas 3.0 supports Python 3.11 and higher. The release can be installed from PyPI:

python -m pip install --upgrade pandas==3.0.*

Or from conda-forge

conda install -c conda-forge pandas=3.0

Please report any issues with the release on the pandas issue tracker.

Thanks to all the contributors who made this release possible.

Commits

• 72f2fea RLS: 3.0.3 (#65590)
• 2897590 Backport PR #65436 on branch 3.0.x (Account for privatization of matplotlib `...
• 49894b5 Backport PR #65499 on branch 3.0.x (BUG: fix check if pyarrow is installed in...
• 1c6d1e3 [backport 3.0.x] PERF: remove special casing for zoneinfo in tz_localize_to_u...
• 2a54711 Backport PR #64379 on branch 3.0.x (PERF: improve performance with ZoneInfo t...
• 036bb7c Backport PR #65482 on branch 3.0.x (PERF: don't call unique on dtypes for che...
• bf4c182 Backport PR #65410 on branch 3.0.x (TST: also convert str index to object in ...
• dd02d75 [backport 3.0.x] BUG: keep fsspec OpenFile alive for chained URL reads (#6547...
• aef3d0f [backport 3.0.x] CI: lowercase types-pymysql/types-pyyaml to fix mamba 2.6.0 ...
• bb8e248 Backport PR #65399 on branch 3.0.x (DOC: fix source link for classes in the r...
• Additional commits viewable in compare view

Updates requests from 2.33.1 to 2.34.0

Release notes

Sourced from requests's releases.

v2.34.0

2.34.0 (2026-05-11)

Announcements

• Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

  Special thanks to @​bastimeyer, @​cthoyt, @​edgarrmondragon, and @​srittau for helping review and test the types ahead of the release. (#7272)

Improvements

• Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)
• Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)
• Requests added support for Python 3.14t. (#7419)

Bugfixes

• Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)
• Requests no longer performs greedy matching on no_proxy domains. The proxy_bypass implementation has been updated with CPython's fix from bpo-39057. (#7427)
• Requests no longer incorrectly strips duplicate leading slashes in URI paths. This should address user issues with specific presigned URLs. Note the full fix requires urllib3 2.7.0+. (#7315)

New Contributors

• @​cjriches made their first contribution in psf/requests#7365
• @​dsanader made their first contribution in psf/requests#7376
• @​DimitriPapadopoulos made their first contribution in psf/requests#7393
• @​joshua-51 made their first contribution in psf/requests#7416
• @​eggsort made their first contribution in psf/requests#7421
• @​typhon8 made their first contribution in psf/requests#7315
• @​bastimeyer made their first contribution in psf/requests#7425

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2340-2026-05-11

Changelog

Sourced from requests's changelog.

2.34.0 (2026-05-11)

Announcements

• Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

  Special thanks to @​bastimeyer, @​cthoyt, @​edgarrmondragon, and @​srittau for helping review and test the types ahead of the release. (#7272)

Improvements

• Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)
• Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)
• Requests added support for Python 3.14t. (#7419)

Bugfixes

• Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)
• Requests no longer performs greedy matching on no_proxy domains. The proxy_bypass implementation has been updated with CPython's fix from bpo-39057. (#7427)
• Requests no longer incorrectly strips duplicate leading slashes in URI paths. This should address user issues with specific presigned URLs. Note the full fix requires urllib3 2.7.0+. (#7315)

Commits

• 0b401c7 v2.34.0
• 86b378d Align Session.get parameters with requests.get (#7429)
• a4f9a59 Port bpo-39057 to Requests (#7427)
• 3816cfa Parameterize SupportsItems to handle Mapping key invariance (#7426)
• b684dcb sessions: fix hooks type (#7425)
• dc9dbdf Formalize 3.15 support (#7422)
• 25340eb Clear proxy env vars before every test run (#7423)
• fd62809 Preserve leading slashes in request path_url (#7315)
• e8d2c01 docs: Fix missing hook output in docs example (#7421)
• eb173bc Add 3.14t support to CI (#7419)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

🐍 Python 3.14 Results

Metric	Status	Value
Ruff	✅	0 issue(s)
Unit Tests	✅	success
Code Coverage	📊	100%

Full Workflow Logs

[github-actions]

Python 3.14 Detailed Test Results

1 813 tests  ±0   1 813 ✅ ±0   13s ⏱️ -1s
    1 suites ±0       0 💤 ±0 
    1 files   ±0       0 ❌ ±0 

Results for commit c8cb8d6. ± Comparison against base commit a27b68e.

♻️ This comment has been updated with latest results.

[github-actions]

🐍 Python 3.12 Results

Metric	Status	Value
Ruff	✅	0 issue(s)
Unit Tests	✅	success
Code Coverage	📊	100%

Full Workflow Logs

[github-actions]

Python 3.12 Detailed Test Results

1 813 tests  ±0   1 813 ✅ ±0   19s ⏱️ +7s
    1 suites ±0       0 💤 ±0 
    1 files   ±0       0 ❌ ±0 

Results for commit c8cb8d6. ± Comparison against base commit a27b68e.

♻️ This comment has been updated with latest results.

[github-actions]

🐍 Python 3.13 Results

Metric	Status	Value
Ruff	✅	0 issue(s)
Unit Tests	✅	success
Code Coverage	📊	100%

Full Workflow Logs

[github-actions]

Python 3.13 Detailed Test Results

1 813 tests   1 813 ✅  18s ⏱️
    1 suites      0 💤
    1 files        0 ❌

Results for commit c8cb8d6.

♻️ This comment has been updated with latest results.