From c3245da85ee90d603ff45c43c396053fc2af9d6a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Jun 2026 21:09:11 +0000 Subject: [PATCH] Bump the all-pip-updates group across 3 directories with 18 updates Updates the requirements on [certifi](https://github.com/certifi/python-certifi), [cryptography](https://github.com/pyca/cryptography), [multidict](https://github.com/aio-libs/multidict), [packaging](https://github.com/pypa/packaging), [pymssql](https://github.com/pymssql/pymssql), [pyopenssl](https://github.com/pyca/pyopenssl), [tornado](https://github.com/tornadoweb/tornado), [urllib3](https://github.com/urllib3/urllib3), [virtualenv](https://github.com/pypa/virtualenv), [filelock](https://github.com/tox-dev/py-filelock), [pylint](https://github.com/pylint-dev/pylint), [boto3](https://github.com/boto/boto3), [pynacl](https://github.com/pyca/pynacl), [vcert](https://github.com/Venafi/vcert-python), [xmldiff](https://github.com/Shoobx/xmldiff), [pygit2](https://github.com/libgit2/pygit2), [ansible](https://github.com/ansible-community/ansible-build-data) and [python-telegram-bot](https://github.com/python-telegram-bot/python-telegram-bot) to permit the latest version. Updates `certifi` to 2026.6.17 - [Commits](https://github.com/certifi/python-certifi/compare/2026.05.20...2026.06.17) Updates `cryptography` to 49.0.0 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/46.0.7...49.0.0) Updates `multidict` to 6.7.1 - [Release notes](https://github.com/aio-libs/multidict/releases) - [Changelog](https://github.com/aio-libs/multidict/blob/master/CHANGES.rst) - [Commits](https://github.com/aio-libs/multidict/compare/v6.6.0...v6.7.1) Updates `packaging` from 24.0 to 26.2 - [Release notes](https://github.com/pypa/packaging/releases) - [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pypa/packaging/compare/24.0...26.2) Updates `pymssql` from 2.3.11 to 2.3.13 - [Release notes](https://github.com/pymssql/pymssql/releases) - [Changelog](https://github.com/pymssql/pymssql/blob/master/ChangeLog.rst) - [Commits](https://github.com/pymssql/pymssql/compare/v2.3.11...v2.3.13) Updates `pyopenssl` to 26.3.0 - [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/pyopenssl/compare/26.0.0...26.3.0) Updates `tornado` to 6.5.7 - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](https://github.com/tornadoweb/tornado/compare/v6.5.5...v6.5.7) Updates `urllib3` to 2.6.3 - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.26.20...2.6.3) Updates `virtualenv` to 21.5.1 - [Release notes](https://github.com/pypa/virtualenv/releases) - [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) - [Commits](https://github.com/pypa/virtualenv/compare/21.4.2...21.5.1) Updates `cryptography` to 49.0.0 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/46.0.7...49.0.0) Updates `virtualenv` to 21.5.1 - [Release notes](https://github.com/pypa/virtualenv/releases) - [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) - [Commits](https://github.com/pypa/virtualenv/compare/21.4.2...21.5.1) Updates `filelock` to 3.29.4 - [Release notes](https://github.com/tox-dev/py-filelock/releases) - [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst) - [Commits](https://github.com/tox-dev/py-filelock/compare/3.29.1...3.29.4) Updates `pylint` to 4.0.6 - [Release notes](https://github.com/pylint-dev/pylint/releases) - [Commits](https://github.com/pylint-dev/pylint/compare/v3.1.0...v4.0.6) Updates `boto3` to 1.43.34 - [Release notes](https://github.com/boto/boto3/releases) - [Commits](https://github.com/boto/boto3/compare/1.43.24...1.43.34) Updates `pynacl` to 1.6.2 - [Changelog](https://github.com/pyca/pynacl/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/pynacl/compare/1.5.0...1.6.2) Updates `vcert` to 0.18.1 - [Release notes](https://github.com/Venafi/vcert-python/releases) - [Commits](https://github.com/Venafi/vcert-python/compare/v0.9.0...v0.18.1) Updates `xmldiff` to 3.0 - [Release notes](https://github.com/Shoobx/xmldiff/releases) - [Changelog](https://github.com/Shoobx/xmldiff/blob/master/CHANGES.rst) - [Commits](https://github.com/Shoobx/xmldiff/compare/2.7.0...3.0) Updates `pygit2` to 1.19.3 - [Release notes](https://github.com/libgit2/pygit2/releases) - [Changelog](https://github.com/libgit2/pygit2/blob/master/CHANGELOG.md) - [Commits](https://github.com/libgit2/pygit2/compare/v1.19.2...v1.19.3) Updates `ansible` to 14.1.0 - [Changelog](https://github.com/ansible-community/ansible-build-data/blob/main/docs/release-process.md) - [Commits](https://github.com/ansible-community/ansible-build-data/compare/14.0.0...14.1.0) Updates `python-telegram-bot` to 22.8 - [Release notes](https://github.com/python-telegram-bot/python-telegram-bot/releases) - [Commits](https://github.com/python-telegram-bot/python-telegram-bot/compare/v22.7...v22.8) Updates `cryptography` to 49.0.0 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/46.0.7...49.0.0) Updates `pyopenssl` to 26.3.0 - [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/pyopenssl/compare/26.0.0...26.3.0) --- updated-dependencies: - dependency-name: certifi dependency-version: 2026.6.17 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: cryptography dependency-version: 49.0.0 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: multidict dependency-version: 6.7.1 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: packaging dependency-version: '26.2' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-pip-updates - dependency-name: pymssql dependency-version: 2.3.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-pip-updates - dependency-name: pyopenssl dependency-version: 26.3.0 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: tornado dependency-version: 6.5.7 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: urllib3 dependency-version: 2.6.3 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: virtualenv dependency-version: 21.5.1 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: cryptography dependency-version: 49.0.0 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: virtualenv dependency-version: 21.5.1 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: filelock dependency-version: 3.29.4 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: pylint dependency-version: 4.0.6 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: boto3 dependency-version: 1.43.34 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: pynacl dependency-version: 1.6.2 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: vcert dependency-version: 0.18.1 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: xmldiff dependency-version: '3.0' dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: pygit2 dependency-version: 1.19.3 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: ansible dependency-version: 14.1.0 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: python-telegram-bot dependency-version: '22.8' dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: cryptography dependency-version: 49.0.0 dependency-type: direct:production dependency-group: all-pip-updates - dependency-name: pyopenssl dependency-version: 26.3.0 dependency-type: direct:production dependency-group: all-pip-updates ... Signed-off-by: dependabot[bot] --- requirements/base.txt | 18 +++++++++--------- requirements/static/ci/common.txt | 14 +++++++------- requirements/static/ci/darwin.txt | 2 +- requirements/static/ci/lint.txt | 2 +- requirements/static/ci/linux.txt | 6 +++--- requirements/static/ci/windows.txt | 2 +- requirements/static/pkg/freebsd.txt | 4 ++-- requirements/static/pkg/linux.txt | 4 ++-- 8 files changed, 26 insertions(+), 26 deletions(-) diff --git a/requirements/base.txt b/requirements/base.txt index 13acf6d3916a..56c571f2adb4 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -3,7 +3,7 @@ aiohttp>=3.13.5,<3.14.0; python_version < '3.10' aiohttp>=3.14.1; python_version >= '3.10' -certifi>=2026.5.20 +certifi>=2026.6.17 cffi>=2.0.0 # cheroot 8.5.2 fails to build with modern setuptools due to setuptools_scm_git_archive dependency cheroot>=11.1.2 @@ -17,7 +17,7 @@ croniter!=0.3.22,>=6.2.2; sys_platform != 'win32' # last 46.x release for Python 3.9 so uv pip compile can still resolve. # Furthermore, pyOpenSSL 26.2 dropped X509Extension and add_extensions() # which breaks salt/modules/tls.py. pyOpenSSL < 26.2 requires cryptography < 48.0.0. -cryptography>=46.0.7,<48.0.0 +cryptography>=49.0.0,<50.0.0 distro>=1.9.0 frozenlist>=1.8.0; python_version < '3.11' frozenlist>=1.5.0; python_version >= '3.11' @@ -35,7 +35,7 @@ MarkupSafe<4.0.0 # multidict 6.0.4 fails to source-build under clang 17+ with strict int/pointer # conversion checks (macOS 15 onedir builds compile from sdist via # --no-binary=:all:). 6.6+ fixed the C source compatibility. -multidict>=6.6.0 +multidict>=6.7.1 msgpack>=1.1.2 # Packaging 24.1+ imports annotations from __future__ which breaks # salt-ssh on target hosts with older Python versions (Amazon Linux 2 @@ -43,15 +43,15 @@ msgpack>=1.1.2 # `/` parameter syntax which is a SyntaxError on Python <3.8. Keep at # 24.0 to preserve salt-ssh compatibility against legacy target # Pythons; salt 3006.x still promises this matrix. -packaging==24.0 +packaging==26.2 psutil<6.0.0; python_version <= '3.9' psutil>=5.0.0; python_version >= '3.10' # pymssql 2.3.12+ dropped win32 (32-bit Windows) wheels; salt 3006.x # still builds a Windows x86 onedir, so pin to the last release that # ships cp3X-win32 wheels. -pymssql==2.3.11; sys_platform == 'win32' +pymssql==2.3.13; sys_platform == 'win32' pymysql>=1.2.0; sys_platform == 'win32' -pyopenssl>=26.0.0,<26.2.0 +pyopenssl>=26.3.0,<26.4.0 python-dateutil>=2.9.0.post0 python-gnupg>=0.5.6 pythonnet>=3.0.5; sys_platform == 'win32' @@ -66,14 +66,14 @@ setproctitle>=1.3.7 # pyzmq 27 dropped its tornado runtime dep; pyzmq.eventloop submodules # (zmqstream, future) still import tornado.ioloop at module load. Pin # tornado explicitly so onedir lockfiles keep shipping it. -tornado>=6.5.5 +tornado>=6.5.7 # Python 3.9 stays on urllib3 1.26.x because botocore on py3.9 hard # requires urllib3 < 2 and Salt 3006.x still builds a py3.9 onedir. # The Python 3.10+ floor carries the urllib3 2.6.3 CVE backports # (CVE-2025-66418, CVE-2026-21441). -urllib3>=1.26.20,<2.0.0; python_version < '3.10' +urllib3>=2.6.3,<3.0.0; python_version < '3.10' urllib3>=2.7.0; python_version >= '3.10' -virtualenv>=21.4.2 +virtualenv>=21.5.1 # Transitive of virtualenv; some uv resolver caches pin a stale 3.25 # version that conflicts with the CI floor of 3.29.1 on Python 3.10+. filelock>=3.29.1; python_version >= '3.10' diff --git a/requirements/static/ci/common.txt b/requirements/static/ci/common.txt index c93548d42595..4f188895ab9d 100644 --- a/requirements/static/ci/common.txt +++ b/requirements/static/ci/common.txt @@ -14,16 +14,16 @@ bcrypt # our urllib3 floor is 2.6.3 so we skip the boto3 cloud module tests on # 3.9 by not pinning it here. The bare `boto3` package is still # available transitively for any tool that needs it. -boto3>=1.43.24; python_version >= '3.10' +boto3>=1.43.34; python_version >= '3.10' boto>=2.49.0 -cryptography>=46.0.7,<48.0.0 +cryptography>=49.0.0,<50.0.0 cffi>=2.0.0 cherrypy>=18.10.0 clustershell dnspython etcd3-py==0.1.6 filelock>=3.19.1 ; python_version < '3.10' -filelock>=3.29.1 ; python_version >= '3.10' +filelock>=3.29.4 ; python_version >= '3.10' gitpython>=3.1.50 google-auth==2.35.0; python_version == '3.9' jmespath>=1.1.0 @@ -47,7 +47,7 @@ napalm; sys_platform != 'win32' and python_version < '3.10' paramiko>=5.0.0; sys_platform != 'win32' and sys_platform != 'darwin' passlib>=1.7.4 pycryptodomex -pynacl>=1.5.0 +pynacl>=1.6.2 pyinotify>=0.9.6; sys_platform != 'win32' and sys_platform != 'darwin' and platform_system != "openbsd" python-etcd>=0.4.5 pyvmomi @@ -58,13 +58,13 @@ textfsm toml # vcert 0.18.x adds hard pins on cryptography, pynacl, and six that # conflict with every other CI requirement; stay on 0.9.x. -vcert~=0.9.0; sys_platform != 'win32' -virtualenv>=21.4.2 +vcert~=0.18.1; sys_platform != 'win32' +virtualenv>=21.5.1 watchdog>=6.0.0 websocket-client>=1.9.0 # werkzeug is a dependency of moto werkzeug>=3.1.8 -xmldiff>=2.7.0 +xmldiff>=3.0 # Available template libraries that can be used genshi>=0.7.11 cheetah3>=3.2.6.post1 diff --git a/requirements/static/ci/darwin.txt b/requirements/static/ci/darwin.txt index 753818ff84e4..fac4d295f8a9 100644 --- a/requirements/static/ci/darwin.txt +++ b/requirements/static/ci/darwin.txt @@ -1,5 +1,5 @@ pygit2>=1.13.1,<1.18.0; python_version < '3.11' -pygit2>=1.19.2; python_version >= '3.11' +pygit2>=1.19.3; python_version >= '3.11' yamllint mercurial>=7.2.2 hglib diff --git a/requirements/static/ci/lint.txt b/requirements/static/ci/lint.txt index 7d4448fd435b..cf52c1567db1 100644 --- a/requirements/static/ci/lint.txt +++ b/requirements/static/ci/lint.txt @@ -6,6 +6,6 @@ docker < 7.1.0; python_version < '3.8' # Salt 3006.x codebase has not been audited for; the lint job logs are # full of pre-existing possibly-used-before-assignment warnings now # turning into errors. Stay on the 3.1.x line for 3006.x. -pylint~=3.1.0 +pylint~=4.0.6 SaltPyLint>=2024.2.5 toml diff --git a/requirements/static/ci/linux.txt b/requirements/static/ci/linux.txt index 802652180620..2ef4eaafeeb7 100644 --- a/requirements/static/ci/linux.txt +++ b/requirements/static/ci/linux.txt @@ -1,7 +1,7 @@ # Linux static CI requirements pyiface pygit2>=1.13.1,<1.18.0; python_version < '3.11' -pygit2>=1.19.2; python_version >= '3.11' +pygit2>=1.19.3; python_version >= '3.11' pymysql>=1.2.0 # ansible release lines support different Python versions: # ansible-core / ansible 10.x — Python 3.10+ @@ -9,10 +9,10 @@ pymysql>=1.2.0 # ansible 14.x — Python 3.12+ ansible>=10.7.0,<11.0.0; python_version >= '3.10' and python_version < '3.11' ansible>=12.3.0,<13.0.0; python_version >= '3.11' and python_version < '3.12' -ansible>=14.0.0; python_version >= '3.12' +ansible>=14.1.0; python_version >= '3.12' twilio>=9.10.9 python-telegram-bot>=20.3,<22.0; python_version < '3.10' -python-telegram-bot>=22.7; python_version >= '3.10' +python-telegram-bot>=22.8; python_version >= '3.10' yamllint mercurial>=7.2.2 hglib diff --git a/requirements/static/ci/windows.txt b/requirements/static/ci/windows.txt index 0febcd008fdf..388561a5a770 100644 --- a/requirements/static/ci/windows.txt +++ b/requirements/static/ci/windows.txt @@ -1,7 +1,7 @@ dmidecode patch pygit2>=1.13.1,<1.18.0; python_version < '3.11' -pygit2>=1.19.2; python_version >= '3.11' +pygit2>=1.19.3; python_version >= '3.11' sed pywinrm>=0.5.0 yamllint diff --git a/requirements/static/pkg/freebsd.txt b/requirements/static/pkg/freebsd.txt index e6546184e855..b623cca47061 100644 --- a/requirements/static/pkg/freebsd.txt +++ b/requirements/static/pkg/freebsd.txt @@ -2,10 +2,10 @@ # Any non hard dependencies of Salt for FreeBSD can go here # If they are freebsd specific, place "; sys_platform == 'freebsd'" in front of the requirement. cherrypy>=18.10.0 -cryptography>=46.0.7,<48.0.0 +cryptography>=49.0.0,<50.0.0 pycparser>=2.23; python_version < '3.10' pycparser>=3.0; python_version >= '3.10' -pyopenssl>=26.0.0,<26.2.0 +pyopenssl>=26.3.0,<26.4.0 python-dateutil>=2.9.0.post0 python-gnupg>=0.5.6 setproctitle>=1.3.7 diff --git a/requirements/static/pkg/linux.txt b/requirements/static/pkg/linux.txt index 9c25f3f4ecf0..0150e70f37e3 100644 --- a/requirements/static/pkg/linux.txt +++ b/requirements/static/pkg/linux.txt @@ -7,7 +7,7 @@ cherrypy>=18.10.0 cheroot>=11.1.2 pycparser>=2.23; python_version < '3.10' pycparser>=3.0; python_version >= '3.10' -pyopenssl>=26.0.0,<26.2.0 +pyopenssl>=26.3.0,<26.4.0 python-dateutil>=2.9.0.post0 python-gnupg>=0.5.6 rpm-vercmp @@ -16,6 +16,6 @@ timelib>=0.2.5; python_version < '3.11' timelib>=0.3.0; python_version >= '3.11' importlib-metadata>=8.7.0,<9.0.0; python_version < '3.10' importlib-metadata>=9.0.0; python_version >= '3.10' -cryptography>=46.0.7,<48.0.0 +cryptography>=49.0.0,<50.0.0 more-itertools>=10.8.0,<11.0.0; python_version < '3.10' more-itertools>=11.1.0; python_version >= '3.10'