chore(deps): update dependency geopandas to v1.1.2 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
geopandas	==1.1.1 → ==1.1.2

GitHub Vulnerability Alerts

CVE-2025-69662

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the to_postgis()` function being used to write GeoDataFrames to a PostgreSQL database.

---

Release Notes

geopandas/geopandas (geopandas)

v1.1.2

Compare Source

Bug fixes:

• Fix an issue that caused an error in GeoDataFrame.from_features when there is no properties field (#​3599).
• Fix read_file and to_file errors (#​3682)
• Fix read_parquet with to_pandas_kwargs for complex (list/struct) arrow types (#​3640)
• value_counts on GeoSeries now preserves CRS in index (#​3669)
• Fix f-string placeholders appearing in error messages when pyogrio cannot be imported (#​3682).
• Fix read_parquet with to_pandas_kwargs for complex (list/struct) arrow types (#​3640).
• .to_json now provides a clearer error message when called on a GeoDataFrame without an active geometry
  column (#​3648).
• Calling del gdf["geometry"] now will downcast to a pd.DataFrame if there are no geometry columns left
  in the dataframe (#​3648).
• Fix SQL injection in to_postgis via geometry column name (#​3681).

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.