Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore/Bump deps #32

Closed
wants to merge 4 commits into from
Closed

chore/Bump deps #32

wants to merge 4 commits into from

Conversation

blast-hardcheese
Copy link

Dep deltas:

 name = "attrs"
-version = "23.1.0"
+version = "23.2.0"

 name = "cachecontrol"
-version = "0.12.11"
+version = "0.12.14"

 name = "certifi"
-version = "2023.5.7"
+version = "2023.11.17"

 name = "charset-normalizer"
-version = "3.1.0"
+version = "3.3.2"

 name = "cleo"
-version = "2.0.1"
+version = "2.1.0"

 name = "coverage"
-version = "7.2.5"
+version = "7.2.7"

 name = "cryptography"
-version = "41.0.6"
+version = "41.0.7"

 name = "deepdiff"
-version = "6.3.0"
+version = "6.7.1"

 name = "distlib"
-version = "0.3.6"
+version = "0.3.8"

 name = "dulwich"
-version = "0.21.5"
+version = "0.21.7"

 name = "exceptiongroup"
-version = "1.1.1"
+version = "1.2.0"

 name = "execnet"
-version = "1.9.0"
+version = "2.0.2"

 name = "filelock"
-version = "3.12.0"
+version = "3.12.2"

 name = "idna"
-version = "3.4"
+version = "3.6"

 name = "importlib-metadata"
-version = "6.6.0"
+version = "6.7.0"

 name = "mypy"
-version = "1.3.0"
+version = "1.4.1"

 name = "packaging"
-version = "23.1"
+version = "23.2"

 name = "pexpect"
-version = "4.8.0"
+version = "4.9.0"

 name = "platformdirs"
-version = "3.5.1"
+version = "3.11.0"

 name = "pluggy"
-version = "1.0.0"
+version = "1.2.0"

 name = "psutil"
-version = "5.9.5"
+version = "5.9.7"

 name = "pytest"
-version = "7.3.1"
+version = "7.4.4"

 name = "pytest-cov"
-version = "4.0.0"
+version = "4.1.0"

 name = "pytest-mock"
-version = "3.10.0"
+version = "3.11.1"

 name = "pytest-xdist"
-version = "3.3.0"
+version = "3.5.0"

 name = "pywin32-ctypes"
-version = "0.2.0"
-description = ""

 name = "pyyaml"
-version = "6.0"
+version = "6.0.1"

 name = "rapidfuzz"
-version = "2.15.1"
+version = "3.4.0"

 name = "requests"
-version = "2.30.0"
+version = "2.31.0"

 name = "setuptools"
-version = "67.7.2"
+version = "68.0.0"

 name = "shellingham"
-version = "1.5.0.post1"
+version = "1.5.4"

 name = "tomlkit"
-version = "0.11.8"
+version = "0.12.3"

 name = "trove-classifiers"
-version = "2023.5.2"
+version = "2023.11.29"

 name = "typed-ast"
-version = "1.5.4"
+version = "1.5.5"

 name = "types-html5lib"
-version = "1.1.11.14"
+version = "1.1.11.15"

 name = "types-jsonschema"
-version = "4.17.0.8"
+version = "4.17.0.10"

 name = "types-requests"
-version = "2.30.0.0"
+version = "2.31.0.6"

 name = "types-urllib3"
-version = "1.26.25.13"
+version = "1.26.25.14"

 name = "typing-extensions"
-version = "4.5.0"
+version = "4.7.1"

 name = "urllib3"
-version = "1.26.15"
+version = "1.26.18"

 name = "virtualenv"
-version = "20.23.0"
+version = "20.25.0"

@blast-hardcheese blast-hardcheese requested a review from a team as a code owner January 5, 2024 22:51
@blast-hardcheese blast-hardcheese requested review from ryantm and removed request for a team January 5, 2024 22:51
@airportyh
Copy link
Collaborator

I recommend just tracking the upstream 1.7 branch instead of managing lib versions ourselves. Next step might be to track their 1.7 or 1.8 branch.

@blast-hardcheese
Copy link
Author

@airportyh That being said, it's not safe to just pull the updates from newer branches if they change the version ranges or pinning, right? I presume that the tests passing on this branch are enough to give a fair amount of confidence, and manually reviewing setuptools 68.0.0 suggests that the only stuff being removed has been deprecated for years

I'm inclined to merge this to get the security updates, and just poetry lock to resolve any conflicts as we move upward to newer release branches.

Wdyt?

@blast-hardcheese
Copy link
Author

Closing this out in favor of research to try and reduce the scope of our poetry fork

@blast-hardcheese blast-hardcheese deleted the dstewart/chore/bump-deps branch January 30, 2024 19:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ryantm ryantm ryantm approved these changes

@airportyh airportyh Awaiting requested review from airportyh

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@blast-hardcheese @airportyh @ryantm