Bump the pip-dependencies group with 2 updates

[dependabot]

Updates the requirements on jupyter-client and altair to permit the latest version.
Updates jupyter-client to 8.9.1

Release notes

Sourced from jupyter-client's releases.

v8.9.1

8.9.1

(Full Changelog)

Bugs fixed

• Fix restart with curve encryption enabled #1124 (@​krassowski, @​Carreau, @​fleming79)

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See our definition of contributors.

(GitHub contributors page for this release)

@​Carreau (activity) | @​fleming79 (activity) | @​krassowski (activity)

Changelog

Sourced from jupyter-client's changelog.

8.9.1

(Full Changelog)

Bugs fixed

• Fix restart with curve encryption enabled #1124 (@​krassowski, @​Carreau, @​fleming79)

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See our definition of contributors.

(GitHub contributors page for this release)

@​Carreau (activity) | @​fleming79 (activity) | @​krassowski (activity)

8.9.0

(Full Changelog)

Enhancements made

• Add ZMQ Curve for transport encryption #1110 (@​krassowski, @​Carreau, @​minrk)

Maintenance and upkeep improvements

• Temporarily pin Python to 3.14 in pre-releases test #1118 (@​krassowski, @​Carreau)
• CI: fix testing of nbconvert #1116 (@​Carreau, @​krassowski)
• Update pre-commit, and fix issues #1115 (@​Carreau, @​krassowski)
• Remove 3.14t testing until msgpack supports it #1113 (@​Carreau, @​krassowski)
• Log environment information for docs build on CI, update comment on workaround #1112 (@​krassowski, @​Carreau)

Documentation improvements

• Update status terminology from 'abort' to 'aborted' #1120 (@​krassowski, @​minrk)
• Added documentation for the handshake pattern #1108 (@​JohanMabille, @​Carreau)

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See our definition of contributors.

(GitHub contributors page for this release)

@​Carreau (activity) | @​JohanMabille (activity) | @​krassowski (activity) | @​minrk (activity)

8.8.0

... (truncated)

Commits

• e1b216e Publish 8.9.1
• b4a6c0a Fix restart with curve encryption enabled (#1124)
• 94d7070 Publish 8.9.0
• d67bf20 Add ZMQ Curve for transport encryption (#1110)
• aee173f Added documentation for the handshake pattern (#1108)
• ef1b4cd Update status terminology from 'abort' to 'aborted' (#1120)
• f02dd2d Temporarily pin Python to 3.14 in pre-releases test (#1118)
• 9f29a94 Update pre-commit, and fix issues (#1115)
• 9fd6286 CI: fix testing of nbconvert (#1116)
• eb482d8 Remove 3.14t testing until msgpack supports it (#1113)
• Additional commits viewable in compare view

Updates altair from 6.1.0 to 6.2.1

Release notes

Sourced from altair's releases.

v6.2.1

What's Changed

Bug Fixes

• fix: Write dataset cache files atomically by @​joelostblom in vega/altair#4034

Maintenance

• ci: Prevent uv from dirtying worktree during publish by @​joelostblom in vega/altair#4045
• ci: Clarify release review instructions by @​joelostblom in vega/altair#4046

Full Changelog: vega/altair@v6.2.0...v6.2.1

v6.2.0

This is the first release in an effort to have smaller, more frequent releases going forward. By making the release process more convenient, we aim to more quickly push out fixes and features that already landed on the main branch to a released version of Altair.

What's Changed

Enhancements

• feat: Add ty type-check support by @​alec-bike in vega/altair#4015
• feat: Update olli integration to v3 by @​jonathanzong in vega/altair#4025

Bug Fixes

• fix: Propagate params to outer level after add_params in concat charts by @​jtilly in vega/altair#4019

Maintenance

• chore: 🔧 Bump versions for release by @​joelostblom in vega/altair#4009
• chore: update pandas-stubs pin for where typing fix by @​axelray-dev in vega/altair#4027
• ci: Label PRs based on semantic title prefix by @​joelostblom in vega/altair#4031
• ci: Label perf PRs as enhancements by @​joelostblom in vega/altair#4032
• build: Derive version from VCS via versioningit by @​joelostblom in vega/altair#4030
• chore: Mark v6.1.0 tag as reachable by @​joelostblom in vega/altair#4040
• ci: Semi-automate releases by @​joelostblom in vega/altair#4036
• ci: Speed up and harden release draft workflow by @​joelostblom in vega/altair#4041
• ci: Use Cocogitto action v4.2 install-only mode by @​joelostblom in vega/altair#4042
• ci: Use only tag, not commit, for releases by @​joelostblom in vega/altair#4043
• chore: Fix git push command for tagging release by @​joelostblom in vega/altair#4011
• chore: Bump version to 6.2.0dev by @​joelostblom in vega/altair#4012
• chore: Update mypy and ruff type/lint checkers by @​alec-bike in vega/altair#4022
• ci: Fix label typo by @​joelostblom in vega/altair#4033

New Contributors

• @​jonathanzong made their first contribution in vega/altair#4025
• @​axelray-dev made their first contribution in vega/altair#4027

Full Changelog: vega/altair@v6.1.0...v6.2.0

Weekly Build 6.2.0.dev20260601

Weekly Pre-Release Build of Altair

This is a pre-release version for testing purposes.

... (truncated)

Commits

• 5fc9d9e ci: Clarify release review instructions (#4046)
• e4984b0 ci: Prevent uv from dirtying worktree during publish (#4045)
• 6e69224 fix: Write dataset cache files atomically (#4034)
• 64cbdde ci: Use only tag, not commit, for releases (#4043)
• bd2095b ci: use Cocogitto action v4.2 install-only mode (#4042)
• 3aa443a ci: Speed up and harden release draft workflow (#4041)
• 983bc27 ci: Semi-automate releases (#4036)
• d992e2e Merge pull request #4040 from vega/chore/make-610-tag-reachable
• aff173d chore: Mark v6.1.0 release tag reachable
• 548eadb build: Derive version from VCS via versioningit (#4030)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.