Skip to content

chore(deps): update astrapy requirement from <2.0,>=1.5.2 to >=2.2.1,<3.0 in /integrations/astra#3307

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/integrations/astra/astrapy-gte-2.2.1-and-lt-3.0
Closed

chore(deps): update astrapy requirement from <2.0,>=1.5.2 to >=2.2.1,<3.0 in /integrations/astra#3307
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/integrations/astra/astrapy-gte-2.2.1-and-lt-3.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 15, 2026

Updates the requirements on astrapy to permit the latest version.

Release notes

Sourced from astrapy's releases.

Release v2.2.1

What's Changed

Full Changelog: datastax/astrapy@v2.2.0...v2.2.1

Changelog

Sourced from astrapy's changelog.

v 2.2.1

Suppress warning about unexpected 'pcu_types' field in [async_]find_available_regions. Maintenance: - Minor edits to release.yaml workflow (secrets; task names/comments).

v 2.2.0

Supported Python versions are now 3.9 to 3.14: - extend to 3.13 and 3.14 - removal of Python 3.8 [Breaking change w.r.t. 2.1] httpx Client: - it is now per-instance for sync clients (fixes corner cases with certain SSL setups) - defines SSL certificates in a portable, explicit way Astra DB admin classes: - reworked polling logic: optimized and enriched with pollability pre-checks; - improvements in DevOps API response error handling. Introduced astrapy-repl command for a ready-to-use interactive REPL Event Observer API, to listen to events: - this complements the standard logging mechanism; - events are: warnings, payloads/responses, ... - useful for customized logging, observability and instrumentation; - see astrapy.event_observers module and docstring of classes therein for more. SSL bugfix due to older patches of Python 3.12: Introduced a fix to the httpx.ReadError [SSL] passed invalid argument (_ssl.c:2570) observed on Python 3.12.0-3.12.11 Removed the unused 'keyspace' parameter from [async_]fetch_database_info admin utility function Removed the beta marker from find_and_rerank methods Removed the legacy no-indexType fallback for parsing the response of list_indexes Added AGENTS.md (and the .bob per-mode equivalent files) maintenance: bump Data API image to 1.0.39 for HCD testing maintenance: measure test coverage for PRs and merges to main; calculate delta for PRs maintenance: bump urllib3 to >= 2.6.3 to avoid CVE-2026-21441 maintenance: add flag TEST_EXTENDED_VECTORIZE for test runnability in all cases maintenance: introduce LEGACY_INSERTMANY_BEHAVIOUR_PRE2193 flag to control related tests (former ordered-insertion-for-tables behaviour) maintenance: enabled text-index integration tests on Astra maintenance: refactor constants.py for better management; add DatabaseStatus enum maintenance: introduced the publish-and-release workflow machinery maintenance: split development/maintenance from user README maintenance. Improvement in testing machinery: - Simplified keyspace management in testing. - Made keyspace names fully optional in all cases (typically one can forget about them). - Adapted/simplified README about testing. - KMS-vectorize testing is now optional in the Astra base test suite. maintenance: some vuln-related dev-dependency upgrades (requests, virtualenv, werkzeug)

v 2.1.0

... (truncated)

Commits
  • 4f1b534 Suppress pcu_types warning and bump to 2.2.1 (#405)
  • 30d7635 Package version 2.2.0 (#402)
  • dd86461 Add AGENTS.md (#401)
  • 94a28c5 address dependabot vulns except incompatible with supporting py 3.9 (#398)
  • cbfc538 Sl cleanups (beta on FARR + keyspace on fetch_db_info's + legacy fallback in ...
  • 691ed03 DatabaseStatus is a (not-enforced) enum; gained ASSOCIATING; refactoring of c...
  • c0b388f re-enable farr-related int.testing with local HCD (#395)
  • bbd4ee6 adjust to missing 'previous coverage json' case in codecov for CI (#394)
  • 56ceb4f Lift all FARR tests for local data api runs (temporarily) (#393)
  • f3b57a3 temporarily turn off reranker tests for local-data-api
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): update astrapy requirement in /integrations/astra
efa80cf 
Updates the requirements on [astrapy](https://github.com/datastax/astrapy) to permit the latest version.
- [Release notes](https://github.com/datastax/astrapy/releases)
- [Changelog](https://github.com/datastax/astrapy/blob/main/CHANGES)
- [Commits](datastax/astrapy@v1.5.2...v2.2.1)

---
updated-dependencies:
- dependency-name: astrapy
  dependency-version: 2.2.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 15, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 15, 2026 10:55
@dependabot dependabot Bot requested review from bogdankostic and removed request for a team May 15, 2026 10:55
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 15, 2026
@socket-security
Copy link
Copy Markdown

socket-security Bot commented May 15, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedastrapy@​1.5.2 ⏵ 2.2.1100 +1100100100100

View full report

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 15, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/pip/integrations/astra/astrapy-gte-2.2.1-and-lt-3.0 branch May 15, 2026 11:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bogdankostic bogdankostic Awaiting requested review from bogdankostic bogdankostic is a code owner automatically assigned from deepset-ai/open-source-engineering

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file integration:astra python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@julian-risch