Conversation
DuanKuanJun
requested review from
a team,
guanshengliang and
zitsen
as code owners
There was a problem hiding this comment.
Pull request overview
Updates Python dependency versions to address security/quality concerns, primarily by bumping urllib3 across TDgpt tooling and the test environment.
Changes:
- Bump
urllib3to2.6.3in TDgpt requirements and test project dependencies. - Regenerate/update
test/uv.lock, which also upgrades additional Python packages (e.g.,requests,taos-ws-py,taospy).
Reviewed changes
Copilot reviewed 2 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| tools/tdgpt/requirements.txt | Pins urllib3==2.6.3 for the TDgpt tool environment. |
| test/pyproject.toml | Pins urllib3==2.6.3 for the test Python project dependencies. |
| test/uv.lock | Updates the locked dependency set to match new pins (and includes additional package upgrades). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request updates several Python dependencies, including major version jumps for urllib3 and requests, and updates to taos-ws-py and taospy. Feedback suggests pinning taospy to an exact version in the test environment for consistency and reproducibility. Additionally, since the taospy update removes pytest-cov as a dependency, it should be explicitly added to the project's dependencies if required by the test suite to prevent CI failures.
Description
Issue(s)
Checklist
Please check the items in the checklist if applicable.