Bump-up Python-dotenv

[tisnik]

Description

Type of change

• Refactor
• New feature
• Bug fix
• CVE fix
• Optimization
• Documentation Update
• Configuration Update
• Bump-up service version
• Bump-up dependent library
• Bump-up library or tool used for development (does not change the final image)
• CI configuration change
• Konflux configuration change
• Unit tests improvement
• Integration tests improvement
• End to end tests improvement
• Benchmarks improvement

Tools used to create PR

Identify any AI code assistants used in this PR (for transparency and review context)

• Assisted-by: (e.g., Claude, CodeRabbit, Ollama, etc., N/A if not used)
• Generated by: (e.g., tool name and version; N/A if not used)

Related Tickets & Documents

• Related Issue #
• Closes #

Checklist before requesting a review

• I have performed a self-review of my code.
• PR has passed all pre-merge test jobs.
• If it is a core feature, I have added thorough tests.

Testing

• Please provide detailed steps to perform tests related to this code change.
• How were the fix/results from this change verified? Please provide relevant screenshots or results.

Summary by CodeRabbit

• Chores
  • Updated dependency configurations and build pipeline settings to maintain compatibility and optimize build processes.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: f394a919-d541-4ccf-8935-a87e91e07419

📥 Commits

Reviewing files that changed from the base of the PR and between a49c4ee and f38fe6a.

📒 Files selected for processing (6)

• .konflux/requirements.hashes.source.txt
• .konflux/requirements.hashes.wheel.txt
• .tekton/lightspeed-stack-0-6-pull-request.yaml
• .tekton/lightspeed-stack-0-6-push.yaml
• .tekton/lightspeed-stack-pull-request.yaml
• .tekton/lightspeed-stack-push.yaml

💤 Files with no reviewable changes (1)

• .konflux/requirements.hashes.source.txt

📜 Recent review details

⏰ Context from checks skipped due to timeout. (15)

• GitHub Check: Pylinter
• GitHub Check: unit_tests (3.13)
• GitHub Check: unit_tests (3.12)
• GitHub Check: build-pr
• GitHub Check: integration_tests (3.12)
• GitHub Check: integration_tests (3.13)
• GitHub Check: E2E: server mode / ci / group 3
• GitHub Check: E2E: library mode / ci / group 2
• GitHub Check: E2E: library mode / ci / group 1
• GitHub Check: E2E: library mode / ci / group 3
• GitHub Check: E2E: server mode / ci / group 2
• GitHub Check: E2E: server mode / ci / group 1
• GitHub Check: E2E Tests for Lightspeed Evaluation job
• GitHub Check: Konflux kflux-prd-rh02 / lightspeed-stack-on-pull-request
• GitHub Check: Konflux kflux-prd-rh02 / lightspeed-stack-0-6-on-pull-request

🔇 Additional comments (5)

.konflux/requirements.hashes.wheel.txt (1)

157-158: LGTM!

.tekton/lightspeed-stack-0-6-pull-request.yaml (1)

56-56: LGTM!

.tekton/lightspeed-stack-0-6-push.yaml (1)

57-57: LGTM!

.tekton/lightspeed-stack-pull-request.yaml (1)

61-61: LGTM!

.tekton/lightspeed-stack-push.yaml (1)

57-57: LGTM!

---

Walkthrough

Upgrades python-dotenv from 1.0.1 to 1.2.2. The old version's hashes are removed from .konflux/requirements.hashes.source.txt, the new version's hash is added to .konflux/requirements.hashes.wheel.txt, and all four Tekton PipelineRun definitions have their prefetch-input binary package lists updated accordingly.

Changes

python-dotenv bump to 1.2.2

Layer / File(s)	Summary
Dependency hash file updates .konflux/requirements.hashes.source.txt, .konflux/requirements.hashes.wheel.txt	Removes python-dotenv==1.0.1 (and its sha256 hashes) from the source hash file; inserts python-dotenv==1.2.2 with its SHA256 hash into the wheel hash file.
Tekton prefetch-input package list updates .tekton/lightspeed-stack-0-6-pull-request.yaml, .tekton/lightspeed-stack-0-6-push.yaml, .tekton/lightspeed-stack-pull-request.yaml, .tekton/lightspeed-stack-push.yaml	Updates the binary.packages comma-separated list within prefetch-input across all four Tekton PipelineRun definitions (both stack variants, both push and pull-request pipelines).

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• lightspeed-core/lightspeed-stack#1831: Also modifies .konflux/requirements.hashes.source.txt with pinned dependency hash updates, the same file modified in this PR.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Bump-up Python-dotenv' directly relates to the PR's main objective of bumping the Python-dotenv dependency version, though it is somewhat informal with 'bump-up' phrasing.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

✨ Simplify code

• Create PR with simplified code

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}