Commit 8e61912
authored
python: bump pytest and pygments for Dependabot alerts (#5187)
## Changes
- Bump `pytest` in `python/codegen/`: 8.3.3 → 9.0.3
- Bump `pygments` in `python/`: 2.19.1 → 2.20.0
## Why
Dependabot flagged two latent vulnerabilities in dev-only Python
tooling:
- pytest 8.3.x: tmpdir handling (GHSA-pq67-6m6q-mj2v).
- Pygments 2.19.x: ReDoS in the GUID regex.
Neither affects the shipped CLI; both live in the Python codegen /
databricks-bundles dev environments.
## Tests
- `./task pydabs-test pydabs-lint` — 163 passed; lint + pyright + ruff
format clean.
- `cd python/codegen && uv run pytest` — 8 passed.
_PR description drafted with Claude Code._1 parent 1313ab2 commit 8e61912
3 files changed
Lines changed: 27 additions & 17 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
13 | 13 | | |
14 | 14 | | |
15 | 15 | | |
16 | | - | |
| 16 | + | |
17 | 17 | | |
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
0 commit comments