Skip to content

chore(deps): batch dependency upgrades#292

Merged
cabljac merged 1 commit into
mainfrom
chore/deps-batch-2026-06
Jun 8, 2026
Merged

chore(deps): batch dependency upgrades#292
cabljac merged 1 commit into
mainfrom
chore/deps-batch-2026-06

Conversation

@cabljac

@cabljac cabljac commented Jun 8, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Combines the open dependabot dependency PRs into one lock update to avoid the rebase cascade of merging seven lock-touching PRs sequentially.

Changes

Package From To Scope
pytest 8.4.1 9.0.3 dev; relaxes <9 -> <10 in pyproject.toml
cryptography 45.0.4 48.0.0 transitive (via pyjwt[crypto])
flask 3.1.1 3.1.3 direct
protobuf 6.31.1 6.33.6 transitive
werkzeug 3.1.3 3.1.8 transitive (via flask)
urllib3 2.5.0 2.7.0 transitive
pyasn1 0.6.1 0.6.3 transitive
cffi 1.17.1 2.0.0 transitive (via cryptography)

Verification

  • uv run pytest -> 103 passed locally on the full set
  • Versions resolved via uv lock --upgrade-package ..., bounded by repo exclude-newer (all >1 week aged)
  • None of the upgraded packages appear on any 2026 supply-chain compromise list

Supersedes #284, #285, #286, #287, #288, #290, #291.

gemini-code-assist[bot]
gemini-code-assist Bot reviewed Jun 8, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the development dependency group in pyproject.toml to support pytest versions up to 10 (previously capped at 9). There are no review comments, and I have no feedback to provide.

@firebase firebase deleted a comment from google-cla Bot Jun 8, 2026
@cabljac cabljac closed this Jun 8, 2026
@cabljac cabljac reopened this Jun 8, 2026
@cabljac
chore(deps): batch dependency upgrades
ca3ae7c 
Combine open dependabot dependency PRs into a single lock update:

- pytest 8.4.1 -> 9.0.3 (dev; relaxes constraint <9 -> <10)
- cryptography 45.0.4 -> 48.0.0
- flask 3.1.1 -> 3.1.3
- protobuf 6.31.1 -> 6.33.6
- werkzeug 3.1.3 -> 3.1.8
- urllib3 2.5.0 -> 2.7.0
- pyasn1 0.6.1 -> 0.6.3
- cffi 1.17.1 -> 2.0.0 (transitive)

Supersedes #284, #285, #286, #287, #288, #290, #291.
@cabljac cabljac force-pushed the chore/deps-batch-2026-06 branch from 6d0338d to ca3ae7c Compare June 8, 2026 08:13
This was referenced Jun 8, 2026
Closed
Closed
Closed
Closed
Closed
Closed
Closed
IzaakGough
IzaakGough approved these changes Jun 8, 2026
View reviewed changes

@IzaakGough IzaakGough left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lgtm

@cabljac cabljac merged commit c86ad57 into main Jun 8, 2026
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@IzaakGough IzaakGough IzaakGough approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cabljac @IzaakGough