chore(uv): update sqlfluff requirement from >=4.0.0 to >=4.1.0

[dependabot]

Updates the requirements on sqlfluff to permit the latest version.

Release notes

Sourced from sqlfluff's releases.

[4.1.0] - 2026-03-26

Highlights

This minor release expands SQLFluff in four meaningful ways: recursion protection, more complete Rust-backed execution, broader dialect support, and better performance on large templated projects.

• Security improvements that protect against resource exhaustion through malicious queries by limiting recursion within the parser. Users can configure the new max_parse_depth config setting to enable deeper parsing in their project if necessary.
• Rust support moves forward again, with Python now able to call Rust apply logic, full lazy evaluation in the Rust parser, and more parallel and streaming work in the lint/fix pipeline.
• Oracle and T-SQL both received major grammar expansions, alongside important new support across ClickHouse, DuckDB, Databricks, Trino, Hive/SparkSQL, BigQuery, Snowflake, PostgreSQL, and others.
• The dbt templater now includes support for the dbt return builtin, improved thread handling from profiles, and fixes for several Jinja edge cases.
• Users also gain more indentation configuration flexibility, plus a wide set of rule and parser correctness fixes. Specifically, the ability to skip enforcement of implicit indents for specific dialect elements.

Also, welcome to the nineteen new contributors! Thanks for your contributions! 🏆

What’s Changed

• Oracle: add missing grant privileges CONNECT/RESOURCE/TRIGGER (#7677) @​saulotoledo
• Add double precision type for T-SQL (#7620) @​grv87
• Fix RF01/RF02 false positives for Redshift UNPIVOT output aliases (#7602) @copilot-swe-agent[bot]
• Fix crash on malformed inline config using = syntax (#7672) @​shi-vy
• Recursion check (#7473) @​alanmcruickshank
• chore(rust): bump cargo deps (#7675) @​keraion
• fix(rust): place remaining vdebug behind verbose-debug feature (#7674) @​keraion
• chore: Update deprecated gitwildmatch to gitignore (#7673) @​keraion
• Oracle: implement CREATE PACKAGE BODY parsing (#7671) @​saulotoledo
• Oracle: recognize pseudo-functions USER/UID/SESSION_USER/ORA_ROWSCN (#7663) @​saulotoledo
• Oracle: support seq.CURRVAL in dotted sequence references (#7665) @​saulotoledo
• dbt templater: respect threads config from profiles.yml (#7669) @​shauneccles
• PR Acceptance guidelines (#7661) @​alanmcruickshank
• Fix for empty iterator bug that can occur from Jinja loops (#7643) @​shi-vy
• Oracle: support trigger predicate chains in IF/ELSIF/CASE (#7660) @​saulotoledo
• ST05: fix dropping expression CTEs from WITH clause (#7536) @copilot-swe-agent[bot]
• Fix placeholder colon param incorrectly prefixed with table alias when followed by :: cast (#7615) @copilot-swe-agent[bot]
• build: remove dangling noqa and update docs (#7658) @​mxr
• Oracle: parse TABLESPACE/STORAGE and other table/index options (#7642) @​saulotoledo
• Add Hive/SparkSQL support for FROM ... INSERT ... multi-insert statements (#7633) @copilot-swe-agent[bot]
• Add ClickHouse support for SELECT * APPLY(...) (#7654) @copilot-swe-agent[bot]
• Handle set expressions in Databricks SQL function RETURN bodies (#7655) @copilot-swe-agent[bot]
• fix: Remove platformdirs version pin, support both < 4.6 and >= 4.6 (#7656) @​gboutry
• fix(bigquery): Parse table types in tvf parameters #7650 (#7652) @​keraion
• Fix RF03 false positive for lambda params in Databricks (#7646) @​shauneccles
• trino: Add OFFSET clause support (#7618) @copilot-swe-agent[bot]
• RF01: ignore Oracle sequence NEXTVAL/CURRVAL pseudocolumn references (#7638) @​ReinerBRO
• Parse bracketed EXCEPT set expressions in Greenplum (#7632) @copilot-swe-agent[bot]
• Fix LT05 duplicating Jinja macro lines when breaking long lines (#7640) @​shauneccles
• Add SQLite RF06 keyword autofix (#7622) @​mxr
• Oracle: added missing ALTER SESSION statement (#7630) @​saulotoledo
• Oracle: accept PROFILE DEFAULT in CREATE USER grammar (#7628) @​saulotoledo
• chore(Rust): update Rust dependencies (#7625) @​keraion
• Fix ignore = templating disabling all lint rules with Python templater (#7617) @copilot-swe-agent[bot]
• feat(rust): Call Rust's apply from Python (#7599) @​keraion

... (truncated)

Changelog

Sourced from sqlfluff's changelog.

[4.1.0] - 2026-03-26

Highlights

This minor release expands SQLFluff in four meaningful ways: recursion protection, more complete Rust-backed execution, broader dialect support, and better performance on large templated projects.

• Security improvements that protect against resource exhaustion through malicious queries by limiting recursion within the parser. Users can configure the new max_parse_depth config setting to enable deeper parsing in their project if necessary.
• Rust support moves forward again, with Python now able to call Rust apply logic, full lazy evaluation in the Rust parser, and more parallel and streaming work in the lint/fix pipeline.
• Oracle and T-SQL both received major grammar expansions, alongside important new support across ClickHouse, DuckDB, Databricks, Trino, Hive/SparkSQL, BigQuery, Snowflake, PostgreSQL, and others.
• The dbt templater now includes support for the dbt return builtin, improved thread handling from profiles, and fixes for several Jinja edge cases.
• Users also gain more indentation configuration flexibility, plus a wide set of rule and parser correctness fixes. Specifically, the ability to skip enforcement of implicit indents for specific dialect elements.

Also, welcome to the nineteen new contributors! Thanks for your contributions! 🏆

What’s Changed

• Oracle: add missing grant privileges CONNECT/RESOURCE/TRIGGER #7677 @​saulotoledo
• Add double precision type for T-SQL #7620 @​grv87
• Fix RF01/RF02 false positives for Redshift UNPIVOT output aliases #7602 [@copilot-swe-agent[bot]](https://github.com/[copilot-swe-agent[bot]](https://github.com/apps/copilot-swe-agent))
• Fix crash on malformed inline config using = syntax #7672 @​shi-vy
• Recursion check #7473 @​alanmcruickshank
• chore(rust): bump cargo deps #7675 @​keraion
• fix(rust): place remaining vdebug behind verbose-debug feature #7674 @​keraion
• chore: Update deprecated gitwildmatch to gitignore #7673 @​keraion
• Oracle: implement CREATE PACKAGE BODY parsing #7671 @​saulotoledo
• Oracle: recognize pseudo-functions USER/UID/SESSION_USER/ORA_ROWSCN #7663 @​saulotoledo
• Oracle: support seq.CURRVAL in dotted sequence references #7665 @​saulotoledo
• dbt templater: respect threads config from profiles.yml #7669 @​shauneccles
• PR Acceptance guidelines #7661 @​alanmcruickshank
• Fix for empty iterator bug that can occur from Jinja loops #7643 @​shi-vy
• Oracle: support trigger predicate chains in IF/ELSIF/CASE #7660 @​saulotoledo
• ST05: fix dropping expression CTEs from WITH clause #7536 [@copilot-swe-agent[bot]](https://github.com/[copilot-swe-agent[bot]](https://github.com/apps/copilot-swe-agent))
• Fix placeholder colon param incorrectly prefixed with table alias when followed by :: cast #7615 [@copilot-swe-agent[bot]](https://github.com/[copilot-swe-agent[bot]](https://github.com/apps/copilot-swe-agent))
• build: remove dangling noqa and update docs #7658 @​mxr
• Oracle: parse TABLESPACE/STORAGE and other table/index options #7642 @​saulotoledo
• Add Hive/SparkSQL support for FROM ... INSERT ... multi-insert statements #7633 [@copilot-swe-agent[bot]](https://github.com/[copilot-swe-agent[bot]](https://github.com/apps/copilot-swe-agent))
• Add ClickHouse support for SELECT * APPLY(...) #7654 [@copilot-swe-agent[bot]](https://github.com/[copilot-swe-agent[bot]](https://github.com/apps/copilot-swe-agent))
• Handle set expressions in Databricks SQL function RETURN bodies #7655 [@copilot-swe-agent[bot]](https://github.com/[copilot-swe-agent[bot]](https://github.com/apps/copilot-swe-agent))
• fix: Remove platformdirs version pin, support both < 4.6 and >= 4.6 #7656 @​gboutry
• fix(bigquery): Parse table types in tvf parameters #7650 #7652 @​keraion
• Fix RF03 false positive for lambda params in Databricks #7646 @​shauneccles

... (truncated)

Commits

• ec5ed61 Prep version 4.1.0 (#7679)
• 15fe8c7 Oracle: add missing grant privileges CONNECT/RESOURCE/TRIGGER (#7677)
• 0209818 Add double precision type for T-SQL (#7620)
• 414bbd2 Fix RF01/RF02 false positives for Redshift UNPIVOT output aliases (#7602)
• 15d1db0 Fix crash on malformed inline config using = syntax (#7672)
• 5292030 Recusion check (#7473)
• 5d8e4e0 chore(rust): bump cargo deps (#7675)
• c346dda fix(rust): place remaining vdebug behind verbose-debug feature (#7674)
• 94fa88c chore: Update deprecated gitwildmatch to gitignore (#7673)
• ccc67b5 Oracle: implement CREATE PACKAGE BODY parsing (#7671)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (c46ba5f) to head (eca75bb).
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff            @@
##           develop      #212   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            9         9           
  Lines          103       103           
  Branches         1         1           
=========================================
  Hits           103       103           

Flag	Coverage Δ
unittests	100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c46ba5f...eca75bb. Read the comment docs.