build(deps): bump the simple group across 1 directory with 6 updates

[dependabot]

Bumps the simple group with 6 updates in the /misc/dbt-materialize directory:

Package	From	To
certifi	2026.1.4	2026.2.25
charset-normalizer	3.4.4	3.4.5
dbt-adapters	1.22.6	1.22.8
dbt-common	1.37.2	1.37.3
dbt-core	1.11.6	1.11.7
pydantic-core	2.41.5	2.42.0

Updates certifi from 2026.1.4 to 2026.2.25

Commits

• 8571a4b 2026.02.25 (#395)
• 6f7de00 Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (#390)
• a1de59b Bump actions/checkout from 6.0.1 to 6.0.2 (#391)
• 7f5ade5 Bump actions/setup-python from 6.1.0 to 6.2.0 (#392)
• See full diff in compare view

Updates charset-normalizer from 3.4.4 to 3.4.5

Release notes

Sourced from charset-normalizer's releases.

Version 3.4.5

3.4.5 (2026-03-06)

Changed

• Update setuptools constraint to setuptools>=68,<=82.
• Raised upper bound of mypyc for the optional pre-built extension to v1.19.1

Fixed

• Add explicit link to lib math in our optimized build. (#692)
• Logger level not restored correctly for empty byte sequences. (#701)
• TypeError when passing bytearray to from_bytes. (#703)

Misc

• Applied safe micro-optimizations in both our noise detector and language detector.
• Rewrote the query_yes_no function (inside CLI) to avoid using ambiguous licensed code.
• Added cd.py submodule into mypyc optional compilation to reduce further the performance impact.

[!WARNING]
mypyc changed the usual binary output for the optimized wheel. Beware, especially if using PyInstaller or alike. See jawah/charset_normalizer#714

Changelog

Sourced from charset-normalizer's changelog.

3.4.5 (2026-03-06)

Changed

• Update setuptools constraint to setuptools>=68,<=82.
• Raised upper bound of mypyc for the optional pre-built extension to v1.19.1

Fixed

• Add explicit link to lib math in our optimized build. (#692)
• Logger level not restored correctly for empty byte sequences. (#701)
• TypeError when passing bytearray to from_bytes. (#703)

Misc

• Applied safe micro-optimizations in both our noise detector and language detector.
• Rewrote the query_yes_no function (inside CLI) to avoid using ambiguous licensed code.
• Added cd.py submodule into mypyc optional compilation to reduce further the performance impact.

Commits

• 7411396 📝 update changelog
• 8de6012 Merge pull request #713 from jawah/release-3.4.5
• 39d0fba Merge branch 'master' into release-3.4.5
• f211d4a ⬆️ Bump actions/upload-artifact from 6.0.0 to 7.0.0 (#707)
• 9123864 ⬆️ Bump github/codeql-action from 4.32.0 to 4.32.4 (#710)
• 5cb1f12 ⬆️ Bump actions/download-artifact from 7.0.0 to 8.0.0 (#711)
• 7e68582 ⬆️ Update setuptools requirement from <=81,>=68 to >=68,<=82.0.0 (#712)
• e1e2ccb correct cp_similarity ratio ceiling (#704)
• 209f9ff fix TypeError when passing bytearray to from_bytes (#703)
• 6a8503f Fix logger level not restored correctly for empty byte sequences (#701)
• Additional commits viewable in compare view

Updates dbt-adapters from 1.22.6 to 1.22.8

Commits

• See full diff in compare view

Updates dbt-common from 1.37.2 to 1.37.3

Changelog

Sourced from dbt-common's changelog.

dbt-common 1.37.3 - March 02, 2026

Security

• Replace os.path.commonprefix() with os.path.commonpath() to preventpath traversal via sibling directories with matching prefixes. (#1)

Commits

• See full diff in compare view

Updates dbt-core from 1.11.6 to 1.11.7

Release notes

Sourced from dbt-core's releases.

dbt-core v1.11.7

dbt-core 1.11.7 - March 04, 2026

Fixes

• Fix dbt retry for microbatch models to use the original invocation time instead of the current time when recomputing batches (#11423)

Dependencies

• Bump minimum version of dbt-common to 1.37.3 (#12575)

Contributors

• @​aahel (#11423)
• @​emmyoop (#12575)

Changelog

Sourced from dbt-core's changelog.

dbt-core 1.11.7 - March 04, 2026

Fixes

• Fix dbt retry for microbatch models to use the original invocation time instead of the current time when recomputing batches (#11423)

Dependencies

• Bump minimum version of dbt-common to 1.37.3 (#12575)

Contributors

• @​aahel (#11423)
• @​emmyoop (#12575)

Commits

• 8096da6 Bumping version to 1.11.7 and generate changelog
• b5625ce [backport] switch build to hatch command (#12573) (#12587)
• 45b62a1 Merge pull request #12579 from dbt-labs/backport-1.11.latest-12569
• 017a718 reorder build checks (#12569)
• e8928a0 fix build check (#12519)
• 79d22ff fix pre-commit installs (#12366)
• 9a1bfd2 tweak hatch setup (#12357)
• 84e4026 bump minimum version of dbt-common (#12576) (#12577)
• 1f2dcd7 fix retry task (#12549) (#12570)
• db67344 update artifact schemas (#12551)
• Additional commits viewable in compare view

Updates pydantic-core from 2.41.5 to 2.42.0

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Thanks for opening this PR! Here are a few tips to help make the review process smooth for everyone.

PR title guidelines

• Use imperative mood: "Fix X" not "Fixed X" or "Fixes X"
• Be specific: "Fix panic in catalog sync when controller restarts" not "Fix bug" or "Update catalog code"
• Prefix with area if helpful: compute: , storage: , adapter: , sql:

Pre-merge checklist

• The PR title is descriptive and will make sense in the git log.
• This PR has adequate test coverage / QA involvement has been duly considered. (trigger-ci for additional test/nightly runs)
• If this PR includes major user-facing behavior changes, I have pinged the relevant PM to schedule a changelog post.
• This PR has an associated up-to-date design doc, is a design doc (template), or is sufficiently small to not require a design.
• If this PR evolves an existing $T ⇔ Proto$T mapping (possibly in a backwards-incompatible way), then it is tagged with a T-proto label.
• If this PR will require changes to cloud orchestration or tests, there is a companion cloud PR to account for those changes that is tagged with the release-blocker label (example).

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.