chore(deps-dev)(deps-dev): bump the python-dependencies group with 4 updates

[dependabot]

Bumps the python-dependencies group with 4 updates: yfinance, tinycta, cvxsimulator and marimo.

Updates yfinance from 1.2.2 to 1.3.0

Release notes

Sourced from yfinance's releases.

1.3.0

Minor changes

• Add Valuations Measures Table from Statistics Page #2742
• Add ETFQuery #2749

Patches

• Fix type regression in Ticker.dividends

Thanks @​etbala

Changelog

Sourced from yfinance's changelog.

1.3.0

Features:

• Add Valuations Measures Table from Statistics Page #2742
• Add ETFQuery #2749 Fix type regresssion in Ticker.dividends

Commits

• a17e8b1 Version 1.3.0
• d6afeeb Merge pull request #2757 from ranaroussi/dev
• b23433f Fix 'Ticker.dividends' type to be Series - fixes for tests
• 6b01fb4 Merge pull request #2749 from etbala/etfquery
• 20b675c Merge pull request #2756 from ranaroussi/fix/dividends-type
• 2dfd727 Fix 'Ticker.dividends' type to be Series
• fbceea9 Merge pull request #2755 from ranaroussi/main
• 6a1e9d1 Add ETFQuery
• b1899b0 Merge pull request #2742 from etbala/valuation_measures
• eac7f2f Add valuation measures
• See full diff in compare view

Updates tinycta from 0.9.5 to 0.9.7

Release notes

Sourced from tinycta's releases.

v0.9.7

[0.9.7] - 2026-04-18

💼 Other

• Bump version 0.9.6 → 0.9.7

PyPI Package

TinyCTA

v0.9.6

[0.9.6] - 2026-04-18

🐛 Bug Fixes

• Remove duplicate security target from Makefile
• Remove mkdocs-build:: to resolve double/single colon conflict
• Remove HTML div wrapper from README to fix MkDocs rendering
• Correct nav paths from report/ to reports/ in mkdocs.yml

💼 Other

• Bump version 0.9.5 → 0.9.6

📚 Documentation

• Add mkdocs.yml inheriting from docs/mkdocs-base.yml
• Add CI/CD section with Hypothesis to mkdocs nav

⚙️ Miscellaneous Tasks

• Sync rhiza template files
• Update rhiza template to v0.10.0
• Sync rhiza template files to v0.10.0
• Sync rhiza template files
• Remove .rhiza/docs and exclude from template sync
• Sync rhiza template files
• Remove unused rhiza make.d files and exclude from sync
• Sync rhiza template files
• Remove gh-aw and github test files, exclude from sync
• Sync rhiza template files
• Remove docs/adr folder and exclude from sync
• Sync rhiza template files

PyPI Package

TinyCTA

Commits

• 4645967 Chore: bump version 0.9.6 → 0.9.7
• e724dbe Merge pull request #715 from tschm/tschm-patch-1
• 7677462 Remove excluded files from template.yml
• b914735 Rhiza template sync v0.10.1: remove Copilot/gh-pages artifacts, update covera...
• 5a39751 Fix coverage badge link path: tests → reports
• 76562bc Remove gh-pages branch: serve coverage badge from Pages site
• 473c9d0 Remove broken test_mkdocs_extra_packages_used_in_build test
• 155ec14 Simpler sync
• dcdec96 Simpler sync
• b777602 Simpler sync
• Additional commits viewable in compare view

Updates cvxsimulator from 1.4.6 to 1.5.1

Release notes

Sourced from cvxsimulator's releases.

v1.5.1

[1.5.1] - 2026-04-16

💼 Other

• Include local.mk to enable local target and hook overrides
• Bump version 1.5.0 → 1.5.1

v1.5.0

[1.5.0] - 2026-04-16

💼 Other

• Bump version 1.4.6 → 1.5.0

⚙️ Miscellaneous Tasks

• Sync rhiza templates to v0.9.5 (#735)

Commits

• 238111e Chore: bump version 1.5.0 → 1.5.1
• 6008aa0 Fix: include local.mk to enable local target and hook overrides
• 32cdd0b Chore: bump version 1.4.6 → 1.5.0
• b96398f Remove custom ADR target and related configurations
• 5799536 Update mkdocs.yml
• 5fc0ed9 update jquantstats
• 50e7810 chore: sync rhiza templates to v0.9.5 (#735)
• 31e3694 Update template.yml
• 62361ad chore(deps)(deps): bump the python-dependencies group with 4 updates (#734)
• d98a5bc chore(deps)(deps): bump the github-actions group with 2 updates (#733)
• Additional commits viewable in compare view

Updates marimo from 0.23.1 to 0.23.2

Release notes

Sourced from marimo's releases.

0.23.2

What's Changed

🚨 Breaking changes

• Mo.ui.refresh typing and docs (#9229)

✨ Enhancements

• Code-mode .screenshot() api (#9232)
• Visible markers for leading/trailing whitespace in string cells (#9256)
• swap reveal.js instead of swiper for slides (#9166)
• change wasm link to molab link on run page (#9240)
• Bail out of type inference when completion budget expires (#9247)
• Introduce better_inspect module for enhanced dir() and help() functionality for marimo-pair (#9223)
• add molab resource to edit homepage (#9241)
• Add ctx.packages namespace to code mode (#9233)
• Backend-based file and directory duplication (#9142)
• Support columns in marimo-pair (#9212)
• Expand uv_build supported versions in build-system (#9231)
• Visually distinguish null, empty, whitespace, NaN, and Infinity in table cells (#9218)
• Restore Altair SVG output as base64-encoded Data URLs (#9104)
• Auto-save in code-mode and marimo-pair (#9191)
• add molab share action (#9207)
• LSP root and document URI integration from backend (#9143)
• Decouple Matplotlib render resolution (DPI) from display size (#9144)

🐛 Bug fixes

• Hold references to asyncio tasks (#9261)
• Use urlparse instead of regex for proxy determination (#9254)
• Preserve columns in DefaultTableManager exports (#9258)
• Drop dangling @​file URLs from the session cache (#9278)
• Make FieldTypes a Map to preserve column order (#9279)
• Avoid double-mangling names inside walrus comprehension (#9276)
• Static path handling (#9281)
• Restore plain text tracebacks and fix exit codes for code mode (#9224)
• Suppress marimo-ui-value-update echo for user-initiated changes (#9262)
• "Download as .py" in WASM run-mode exports (#9268)
• Tailwind v4 opacity fix, selection toggle, hover colors, and cleanup (#9259)
• Export menu works for plain-Python data without pandas/polars/pyarrow (#9246)
• Drop stale autosaves after newer foreground writes (#9239)
• Preserve column order in DefaultTableManager select/drop (#9235)
• Use the proactor event loop policy on Windows in edit-mode runtimes (#9194)
• Allow for data-uris in mpl-interactive and marimo-panel after a cell has run (#9196)
• Opencode marimo-pair skill discovery (#9225)
• fix variants for toast (#9230)
• Only toast cell logs in app mode (#9190)
• fix label not being passed through for mo.ui.tabs (#9187)
• Support mo.ui.matplotlib selections from code mode (#9195)
• fix cte refs for errored paths, and dml (#9188)
• Add warning log when repr_mimebundle fails (#9199)
• Use shared memory for virtual files when running with app isolation (#9181)

... (truncated)

Commits

• dc23c71 release: 0.23.2 (#9287)
• f6f5753 fix: hold references to asyncio tasks (#9261)
• aba1814 fix: use urlparse instead of regex for proxy determination (#9254)
• ece8660 feat: code-mode .screenshot() api (#9232)
• 0381288 fix(tables): preserve columns in DefaultTableManager exports (#9258)
• bfa4845 feat(table): visible markers for leading/trailing whitespace in string cells ...
• 26052dc fix: warning in test explodes xdist (#9285)
• 970d039 Drop dangling @​file URLs from the session cache (#9278)
• d075706 Make FieldTypes a Map to preserve column order (#9279)
• 0896a33 tests: save and restore main for islands tests (#9284)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions