Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deps(python): update multiple dependabot commits #5199

Merged
merged 3 commits into from
Aug 4, 2023
Merged

deps(python): update multiple dependabot commits #5199

merged 3 commits into from
Aug 4, 2023

Conversation

LanceEa
Copy link
Contributor

@LanceEa LanceEa commented Aug 3, 2023
edited
Loading

Description

Resolve multiple dependabot updates for python dependencies.

  1. build(deps): bump certifi from 2023.5.7 to 2023.7.22 in /python #5197
  2. build(deps): bump urllib3 from 1.26.13 to 2.0.4 in /python #5185
  3. build(deps): bump click from 8.1.3 to 8.1.6 in /docker/test-shadow #5183
  4. build(deps): bump click from 8.1.3 to 8.1.6 in /docker/test-stats #5182
  5. build(deps): bump zipp from 3.15.0 to 3.16.2 in /docker/test-shadow #5180
  6. build(deps): bump google-auth from 2.16.1 to 2.22.0 in /python #5168
  7. build(deps-dev): bump black from 23.3 to 23.7.0 in /python #5164
  8. build(deps): bump prometheus-client from 0.15.0 to 0.17.1 in /python #5163
  9. build(deps): bump importlib-metadata from 6.7.0 to 6.8.0 in /docker/test-shadow #5160
  10. build(deps): bump websocket-client from 1.4.2 to 1.6.1 in /python #5147
  11. build(deps): bump pyasn1 from 0.4.8 to 0.5.0 in /python #5145
  12. build(deps): bump dpath from 2.1.4 to 2.1.6 in /python #5144
  13. build(deps): bump jsonpointer from 2.3 to 2.4 in /python #5143
  14. build(deps): bump cachetools from 5.3.0 to 5.3.1 in /python #5139
  15. build(deps): bump pyasn1-modules from 0.2.8 to 0.3.0 in /python #5138

Related Issues

General dep update process.

Testing

CI is green, no additional testing added.

Checklist

  • Does my change need to be backported to a previous release?
  • I made sure to update CHANGELOG.md.
  • This is unlikely to impact how Ambassador performs at scale.
  • My change is adequately tested.
  • I updated DEVELOPING.md with any any special dev tricks I had to use to work on this code efficiently.
  • The changes in this PR have been reviewed for security concerns and adherence to security best practices.

Lance Austin added 3 commits August 2, 2023 22:05
deps(python): update multiple dependabot commits
c20b274 
This consolidates multiple python dependency upgrades.

Signed-off-by: Lance Austin <[email protected]>
deps(python): bump urllib3 to 1.26.16
af0723a 
google-auth and requests both require urllib3 1.X so
bumping patch version and intructing dependabot to ignore
v2 upgrades for now.

Signed-off-by: Lance Austin <[email protected]>
dependabot: fix config for urllib3 ignored versions
c7cf3d6 
Signed-off-by: Lance Austin <[email protected]>
@LanceEa LanceEa marked this pull request as ready for review August 3, 2023 03:58
@LanceEa LanceEa merged commit f2b7a68 into master Aug 4, 2023
31 checks passed
@LanceEa LanceEa deleted the laustin/bump-py-deps branch August 4, 2023 17:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tenshinhigashi tenshinhigashi tenshinhigashi approved these changes

@haq204 haq204 haq204 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@LanceEa @haq204 @tenshinhigashi