Skip to content

fix(deps) Update all non-major dependencies#122

Open
renovate[bot] wants to merge 1 commit into
devfrom
renovate/all-minor-patch
Open

fix(deps) Update all non-major dependencies#122
renovate[bot] wants to merge 1 commit into
devfrom
renovate/all-minor-patch

Conversation

@renovate

@renovate renovate Bot commented Feb 11, 2024

Copy link
Copy Markdown

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence Type Update
@semantic-release/npm 11.0.211.0.3 age confidence devDependencies patch
Flask-SQLAlchemy (changelog) 3.0.53.1.1 age confidence dev-dependencies minor
asottile/pyupgrade v3.15.0v3.21.2 age confidence repository minor
bandit (source, changelog) 1.7.51.9.4 age confidence dev-dependencies minor
boto3 1.33.131.43.38 age confidence dev-dependencies minor
cachelib (changelog) ^0.10.0^0.14.0 age confidence dependencies minor
coverage 7.2.77.14.3 age confidence dev-dependencies minor
elasticsearch 8.12.08.19.3 age confidence dev-dependencies minor
google-cloud-datastore (source) 2.19.02.25.0 age confidence dev-dependencies minor
google-cloud-firestore (source) 2.14.02.28.0 age confidence dev-dependencies minor
isort (changelog) 5.11.55.13.2 age confidence dev-dependencies minor
macisamuele/language-formatters-pre-commit-hooks v2.12.0v2.16.0 age confidence repository minor
myint/autoflake v2.2.1v2.3.3 age confidence repository minor
mypy (changelog) 1.4.11.20.2 age confidence dev-dependencies minor
peewee (changelog) 3.17.03.19.0 age confidence dev-dependencies minor
pre-commit/pre-commit-hooks v4.5.0v4.6.0 age confidence repository minor
pymongo 4.7.34.17.0 age confidence dev-dependencies minor
python 3.103.14 age confidence uses-with minor
redis (changelog) 5.0.15.3.1 age confidence dev-dependencies minor
semantic-release 23.0.023.1.1 age confidence devDependencies minor
supercharge/mongodb-github-action v1.10.01.12.1 age confidence action minor
supercharge/redis-github-action 1.8.01.8.1 age confidence action patch
tox (changelog) 4.8.04.56.1 age confidence dev-dependencies minor

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.


Release Notes

semantic-release/npm (@​semantic-release/npm)

v11.0.3

Compare Source

Bug Fixes

even though our existing range allowed anyone to update as soon as the new npm version was available, this will encourage being on a version that does not report the ip vulnerability a bit more forcefully

asottile/pyupgrade (asottile/pyupgrade)

v3.21.2

Compare Source

v3.21.1

Compare Source

v3.21.0

Compare Source

v3.20.0

Compare Source

v3.19.1

Compare Source

v3.19.0

Compare Source

v3.18.0

Compare Source

v3.17.0

Compare Source

v3.16.0

Compare Source

v3.15.2

Compare Source

v3.15.1

Compare Source

PyCQA/bandit (bandit)

v1.9.4

Compare Source

What's Changed
New Contributors

Full Changelog: PyCQA/bandit@1.9.3...1.9.4

v1.9.3

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.9.2...1.9.3

v1.9.2

Compare Source

What's Changed

Full Changelog: PyCQA/bandit@1.9.1...1.9.2

v1.9.1

Compare Source

What's Changed

Full Changelog: PyCQA/bandit@1.9.0...1.9.1

v1.8.6

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.8.5...1.8.6

v1.8.5

Compare Source

What's Changed

Full Changelog: PyCQA/bandit@1.8.4...1.8.5

v1.8.3

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.8.2...1.8.3

v1.8.2

Compare Source

What's Changed

Full Changelog: PyCQA/bandit@1.8.1...1.8.2

v1.8.1

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.8.0...1.8.1

v1.8.0

Compare Source

What's Changed

Full Changelog: PyCQA/bandit@1.7.10...1.8.0

v1.7.10

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.9...1.7.10

v1.7.9

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.8...1.7.9

v1.7.8

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.7...1.7.8

v1.7.7

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.6...1.7.7

v1.7.6

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.5...1.7.6

boto/boto3 (boto3)

v1.43.38

Compare Source

=======

  • api-change:acm: [botocore] AWS Certificate Manager now supports the Automatic Certificate Management Environment (ACME) protocol to issue public certificates. ACME is an industry-standard protocol for automating certificate lifecycle on customer-managed infrastructure such as on-premises servers and Kubernetes clusters.
  • api-change:autoscaling: [botocore] This release adds support for a new reservations-then-balanced capacity distribution strategy, which first attempts to launch instances into your Capacity Reservations and then balances remaining capacity across healthy Availability Zones.
  • api-change:cleanrooms: [botocore] Adds support for intermediate tables in AWS Clean Rooms collaborations.
  • api-change:clients: [botocore] The following clients have been removed following the deprecation of the services - iotevents, iotevents-data, panorama, simspaceweaver
  • api-change:cloudformation: [botocore] AWS CloudFormation adds a DeploymentConfig parameter to enable Express mode, which completes stack operations as soon as resource configuration is applied. Also adds a DisableValidation parameter to skip pre-deployment validation, which now runs automatically on CreateStack and UpdateStak.
  • api-change:cloudwatch: [botocore] Customers can configure alarms with wall-clock-aligned evaluation windows instead of sliding windows, with optional timezone support for daily or weekly periods
  • api-change:codebuild: [botocore] Adds support for host kernel selection for on-demand builds.
  • api-change:connect: [botocore] Amazon Connect - Added CreateAttachedFile and StartContactConversationalAnalyticsJob APIs to import call recordings and run conversational analytics.
  • api-change:datazone: [botocore] Amazon DataZone now supports SNOWFLAKE as a connection type in the CreateConnection API, enabling metadata and lineage retrieval from Snowflake databases. Specify snowflakeProperties with connection details, a Secrets Manager secret, an Athena spill bucket, and an identity mapping for Snowflake.
  • api-change:ec2: [botocore] Adds ModifyVpcEndpointPayerResponsibility API, which enables VPC endpoint service owners to modify the billing account for VPC endpoint usage charges at the individual endpoint level
  • api-change:ecs: [botocore] Updated threshold configuration documentation.
  • api-change:eks: [botocore] Adds Kubernetes version rollback support, including the CancelUpdate operation to cancel an in-progress VersionRollback update, the RollbackConfig structure with a timeoutMinutes field, and the Cancellation structure surfaced via the new cancellation field on the Update object.
  • api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version
  • api-change:network-firewall: [botocore] AWS Network Firewall now supports container associations for monitoring ECS and EKS workloads. You can create container associations to dynamically track the IP addresses of running containers in your Amazon ECS and Amazon EKS clusters.
  • api-change:observabilityadmin: [botocore] Organization and account level telemetry rule via Observability Admin and CloudWatch pipelines for metrics
  • api-change:partnercentral-selling: [botocore] This release adds AwsMarketplaceSolutions and AwsMarketplaceProducts entity types to the Associate and Disassociate APIs, returns them in GetOpportunity, and adds AwsMarketplaceSolutionArn to ListSolutions ,letting partners link Marketplace listings directly to opportunities.
  • api-change:sso-admin: [botocore] AWS IAM Identity Center now returns PrimaryRegion and Regions in the ListInstances response, providing information about replicated instances.
  • api-change:supportauthz: [botocore] New SDK release for SupportAuthZ.

v1.43.37

Compare Source

=======

  • api-change:appconfig: [botocore] AWS AppConfig introduces Experimentation tools - enhanced capabilities within AWS AppConfig that enable you to run AB tests, multivariate tests, and gradual feature rollouts across your application stack.
  • api-change:cloudwatch: [botocore] This release adds the API (PutLogAlarm) to manage a new CloudWatch resource, Log Based Alarms. Log Based Alarms allows customers to alarm directly on CloudWatch Logs query results.
  • api-change:connectcampaignsv2: [botocore] Adding new attributes to PutProfileOutboundRequest API that will create an outbound request call for the customer's Web Notification outbound campaign.
  • api-change:connecthealth: [botocore] Expand input validation to support Unicode characters and markdown table syntax.
  • api-change:ec2: [botocore] Adds support for the precision time strategy and a parentGroupId parameter on CreatePlacementGroup and DescribePlacementGroups. Precision time placement groups and cluster placement groups with a parent precision time placement group ensure instances launch on precision time capable hardware.
  • api-change:ecs: [botocore] Amazon ECS now supports customizable deployment circuit breaker configurations. Customers can now define the failure threshold or control the failure counting mechanism.
  • api-change:elasticache: [botocore] Updated documentation for the ApplyImmediately parameter in ModifyCacheCluster and ModifyReplicationGroup to clarify modification behavior.
  • api-change:evs: [botocore] Amazon EVS introduces a VMware Cloud Foundation (VCF) self-deployed mode, along with new connectors to VCF components such as the Operations and SDDC managers to monitor coverage and usage.
  • api-change:glue: [botocore] Added the UpdateAsset operation to set the business name and description for an existing AWS Glue Data Catalog asset.
  • api-change:imagebuilder: [botocore] Adds support for AMI watermarks in Image Builder.
  • api-change:lambda: [botocore] Lambda now supports self-managed S3 buckets for Lambda code storage giving you the option for Lambda to reference a copy of your source code from your own S3 buckets. This allows you to maintain a single copy of your source code and manage your own code storage limits.
  • api-change:pcs: [botocore] Add support for in-place Slurm version upgrades on existing clusters by accepting scheduler.version in UpdateCluster.
  • api-change:pinpoint-sms-voice-v2: [botocore] This launch is an expansion of our Q1 RCS for business launch where we will release an API that supports rich media and interactive messaging elements.
  • api-change:rds-data: [botocore] Updated documentation to remove Aurora Serverless V1 references.
  • api-change:resource-explorer-2: [botocore] Added CFN resource type fields for Search and ListSupportedResourceTypes responses. Added SLRec field for ServiceView
  • api-change:sagemaker-featurestore-runtime: [botocore] Add support for ListRecords and BatchWriteRecord APIs to Feature Store.
  • api-change:vpc-lattice: [botocore] Amazon VPC Lattice now supports mutable idle timeout configuration on VPC Lattice Services
  • api-change:wafv2: [botocore] AWS WAF added support for associating AWS WAF web ACLs with Amazon Bedrock AgentCore Gateway resources. You can now use AssociateWebACL, DisassociateWebACL, GetWebACLForResource, and ListResourcesForWebACL to protect your AgentCore Gateways with AWS WAF.
  • enhancement:Identity: [botocore] Add public methods to insert, remove, and retrieve providers in the token provider chain.

v1.43.36

Compare Source

=======

  • api-change:kafka: [botocore] Amazon MSK Replicator now supports mTLS authentication when connecting to external Apache Kafka clusters, enabling customers to replicate

Note

PR body was truncated to here.


Configuration

📅 Schedule: (in timezone America/Chicago)

  • Branch creation
    • "before 10pm on Sunday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate

renovate Bot commented Feb 11, 2024

Copy link
Copy Markdown
Author

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: poetry.lock
Updating dependencies
Resolving dependencies...

Creating virtualenv flask-session2-hlBlwS4--py3.12 in /home/ubuntu/.cache/pypoetry/virtualenvs

The current project's Python requirement (>=3.7.2,<4.0.0) is not compatible with some of the required packages Python requirement:
  - cachelib requires Python >=3.8, so it will not be satisfied for Python >=3.7.2,<3.8

Because no versions of cachelib match >0.13.0,<0.14.0
 and cachelib (0.13.0) requires Python >=3.8, cachelib is forbidden.
So, because flask-session2 depends on cachelib (^0.13.0), version solving failed.

  • Check your dependencies Python requirement: The Python requirement can be specified via the `python` or `markers` properties
    
    For cachelib, a possible solution would be to set the `python` property to ">=3.8,<4.0.0"

    https://python-poetry.org/docs/dependency-specification/#python-restricted-dependencies,
    https://python-poetry.org/docs/dependency-specification/#using-environment-markers

@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 7 times, most recently from f711d1f to 9999140 Compare February 17, 2024 04:19
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 10 times, most recently from 8f12b36 to 6a5e71e Compare February 25, 2024 11:43
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 6 times, most recently from 113102d to 63b8c12 Compare March 1, 2024 21:29
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 4 times, most recently from b35674f to c43db40 Compare March 6, 2024 01:55
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 10 times, most recently from 935cb6b to d9c204f Compare March 22, 2024 17:23
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 11 times, most recently from 9828dc2 to 8c00cb7 Compare March 29, 2024 20:07
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 7 times, most recently from aee391f to 049be56 Compare April 6, 2024 21:43
@renovate

renovate Bot commented May 10, 2024

Copy link
Copy Markdown
Author

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: poetry.lock
Updating dependencies
Resolving dependencies...

Creating virtualenv flask-session2-hlBlwS4--py3.14 in /home/ubuntu/.cache/pypoetry/virtualenvs

The current project's Python requirement (>=3.7.2,<4.0.0) is not compatible with some of the required packages Python requirement:
  - cachelib requires Python >=3.8, so it will not be satisfied for Python >=3.7.2,<3.8

Because no versions of cachelib match >0.14.0,<0.15.0
 and cachelib (0.14.0) requires Python >=3.8, cachelib is forbidden.
So, because flask-session2 depends on cachelib (^0.14.0), version solving failed.

  • Check your dependencies Python requirement: The Python requirement can be specified via the `python` or `markers` properties
    
    For cachelib, a possible solution would be to set the `python` property to ">=3.8,<4.0.0"

    https://python-poetry.org/docs/dependency-specification/#python-restricted-dependencies,
    https://python-poetry.org/docs/dependency-specification/#using-environment-markers

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants