Skip to content

build(deps): bump the production-dependencies group with 5 updates #1310

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
biancadanforth merged 1 commit into from
Jan 6, 2026
Merged

build(deps): bump the production-dependencies group with 5 updates #1310

biancadanforth merged 1 commit into from
Jan 6, 2026

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 1, 2026

Bumps the production-dependencies group with 5 updates:

Package From To
google-cloud-pubsub 2.33.0 2.34.0
google-cloud-storage 3.6.0 3.7.0
pytest 9.0.1 9.0.2
ruff 0.14.7 0.14.10
sentry-sdk 2.46.0 2.48.0

Updates google-cloud-pubsub from 2.33.0 to 2.34.0

Release notes

Sourced from google-cloud-pubsub's releases.

google-cloud-pubsub 2.34.0

2.34.0 (2025-12-16)

Features

Changelog

Sourced from google-cloud-pubsub's changelog.

2.34.0 (2025-12-16)

Features

Commits
  • 171f7d4 chore: librarian release pull request: 20251216T133533Z (#1567)
  • 24761a2 feat(gapic): support mTLS certificates when available (#1566)
  • bea7f78 chore: update container sha for librarian (#1557)
  • 54e4a46 chore(librarian): specify all generated files in remove_regex (#1556)
  • 78418d4 chore(librarian): onboard to librarian, including generate (#1552)
  • e4b86c9 chore(librarian): remove release please configuration files (#1554)
  • ac6cc25 chore: cleanup owlbot and release please files (#1548)
  • See full diff in compare view

Updates google-cloud-storage from 3.6.0 to 3.7.0

Release notes

Sourced from google-cloud-storage's releases.

v3.7.0

3.7.0 (2025-12-09)

Features

  • Auto enable mTLS when supported certificates are detected (#1637) (4e91c54)
  • Send entire object checksum in the final api call of resumable upload (#1654) (ddce7e5)
  • Support urllib3 >= 2.6.0 (#1658) (57405e9)

Bug Fixes

  • bucket: Move blob fails when the new blob name contains characters that need to be url encoded (#1605) (ec470a2)
Changelog

Sourced from google-cloud-storage's changelog.

3.7.0 (2025-12-09)

Features

  • Auto enable mTLS when supported certificates are detected (#1637) (4e91c54)
  • Send entire object checksum in the final api call of resumable upload (#1654) (ddce7e5)
  • Support urllib3 >= 2.6.0 (#1658) (57405e9)

Bug Fixes

  • Fix for move_blob failure when the new blob name contains characters that need to be url encoded (#1605) (ec470a2)
Commits
  • 89a947a chore(main): release 3.7.0 (#1621)
  • 57405e9 feat: Support urllib3 >= 2.6.0 (#1658)
  • ddce7e5 feat: send entire object checksum in the final api call of resumable upload (...
  • 4e91c54 feat: Auto enable mTLS when supported certificates are detected (#1637)
  • 4c6d549 chore: setup system tests for zonal buckets in cloud build (#1639)
  • 6ed12b9 chore: fix failing system test due to version upgrade of urllib3 (#1651)
  • 6ab8d92 chore: Add gRPC packages under extra-dependencies (#1640)
  • a1c2507 chore: fix conformance test failure due to VM's API version mismatch. (#1635)
  • 9e6fefd fix: Add simple flush for optimized writes (#1633)
  • fcda233 chore: Add Sys test for move blob where name needs url encoding (#1624)
  • Additional commits viewable in compare view

Updates pytest from 9.0.1 to 9.0.2

Release notes

Sourced from pytest's releases.

9.0.2

pytest 9.0.2 (2025-12-06)

Bug fixes

  • #13896: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.

    You may enable it again by passing -p terminalprogress. We may enable it by default again once compatibility improves in the future.

    Additionally, when the environment variable TERM is dumb, the escape codes are no longer emitted, even if the plugin is enabled.

  • #13904: Fixed the TOML type of the tmp_path_retention_count settings in the API reference from number to string.

  • #13946: The private config.inicfg attribute was changed in a breaking manner in pytest 9.0.0. Due to its usage in the ecosystem, it is now restored to working order using a compatibility shim. It will be deprecated in pytest 9.1 and removed in pytest 10.

  • #13965: Fixed quadratic-time behavior when handling unittest subtests in Python 3.10.

Improved documentation

  • #4492: The API Reference now contains cross-reference-able documentation of pytest's command-line flags <command-line-flags>.
Commits
  • 3d10b51 Prepare release version 9.0.2
  • 188750b Merge pull request #14030 from pytest-dev/patchback/backports/9.0.x/1e4b01d1f...
  • b7d7bef Merge pull request #14014 from bluetech/compat-note
  • bd08e85 Merge pull request #14013 from pytest-dev/patchback/backports/9.0.x/922b60377...
  • bc78386 Add CLI options reference documentation (#13930)
  • 5a4e398 Fix docs typo (#14005) (#14008)
  • d7ae6df Merge pull request #14006 from pytest-dev/maintenance/update-plugin-list-tmpl...
  • 556f6a2 pre-commit: fix rst-lint after new release (#13999) (#14001)
  • c60fbe6 Fix quadratic-time behavior when handling unittest subtests in Python 3.10 ...
  • 73d9b01 Merge pull request #13995 from nicoddemus/patchback/backports/9.0.x/1b5200c0f...
  • Additional commits viewable in compare view

Updates ruff from 0.14.7 to 0.14.10

Release notes

Sourced from ruff's releases.

0.14.10

Release Notes

Released on 2025-12-18.

Preview features

  • [formatter] Fluent formatting of method chains (#21369)
  • [formatter] Keep lambda parameters on one line and parenthesize the body if it expands (#21385)
  • [flake8-implicit-str-concat] New rule to prevent implicit string concatenation in collections (ISC004) (#21972)
  • [flake8-use-pathlib] Make fixes unsafe when types change in compound statements (PTH104, PTH105, PTH109, PTH115) (#22009)
  • [refurb] Extend support for Path.open (FURB101, FURB103) (#21080)

Bug fixes

  • [pyupgrade] Fix parsing named Unicode escape sequences (UP032) (#21901)

Rule changes

  • [eradicate] Ignore ruff:disable and ruff:enable comments in ERA001 (#22038)
  • [flake8-pytest-style] Allow match and check keyword arguments without an expected exception type (PT010) (#21964)
  • [syntax-errors] Annotated name cannot be global (#20868)

Documentation

  • Add uv and ty to the Ruff README (#21996)
  • Document known lambda formatting deviations from Black (#21954)
  • Update setup.md (#22024)
  • [flake8-bandit] Fix broken link (S704) (#22039)

Other changes

  • Fix playground Share button showing "Copied!" before clipboard copy completes (#21942)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.14.10

Released on 2025-12-18.

Preview features

  • [formatter] Fluent formatting of method chains (#21369)
  • [formatter] Keep lambda parameters on one line and parenthesize the body if it expands (#21385)
  • [flake8-implicit-str-concat] New rule to prevent implicit string concatenation in collections (ISC004) (#21972)
  • [flake8-use-pathlib] Make fixes unsafe when types change in compound statements (PTH104, PTH105, PTH109, PTH115) (#22009)
  • [refurb] Extend support for Path.open (FURB101, FURB103) (#21080)

Bug fixes

  • [pyupgrade] Fix parsing named Unicode escape sequences (UP032) (#21901)

Rule changes

  • [eradicate] Ignore ruff:disable and ruff:enable comments in ERA001 (#22038)
  • [flake8-pytest-style] Allow match and check keyword arguments without an expected exception type (PT010) (#21964)
  • [syntax-errors] Annotated name cannot be global (#20868)

Documentation

  • Add uv and ty to the Ruff README (#21996)
  • Document known lambda formatting deviations from Black (#21954)
  • Update setup.md (#22024)
  • [flake8-bandit] Fix broken link (S704) (#22039)

Other changes

  • Fix playground Share button showing "Copied!" before clipboard copy completes (#21942)

Contributors

0.14.9

... (truncated)

Commits
  • 45bbb4c Bump 0.14.10 (#22058)
  • 42b9727 [ty] Use datatest instead of dirtest (#21937)
  • f7ec178 [ty] Gracefully handle client requests that can't be deserialized (#22051)
  • c315164 [ty] Don't suggest keyword statements when only expressions are valid
  • bb1955e [ty] Use cursor context in a few more places...
  • 070e08a [ty] Move completion function to the top
  • bab3924 [ty] Refactor completion generation
  • 10748b2 [flake8-pytest-style] Allow match and check keyword arguments without a...
  • 56539db [ty] Fix some configuration panics in the LSP (#22040)
  • 8d32ad1 [ty] Add support for attribute docstrings (#22036)
  • Additional commits viewable in compare view

Updates sentry-sdk from 2.46.0 to 2.48.0

Release notes

Sourced from sentry-sdk's releases.

2.48.0

Middleware spans are now disabled by default in Django, Starlette and FastAPI integrations. Set the middleware_spans integration-level option to capture individual spans per middleware layer. To record Django middleware spans, for example, configure as follows

  import sentry_sdk
  from sentry_sdk.integrations.django import DjangoIntegration
sentry_sdk.init(
dsn="<your-dsn>",
integrations=[
DjangoIntegration(middleware_spans=True),
],
)

New Features ✨

Langgraph

OTLP

Bug Fixes 🐛

Integrations

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

2.48.0

Middleware spans are now disabled by default in Django, Starlette and FastAPI integrations. Set the middleware_spans integration-level option to capture individual spans per middleware layer. To record Django middleware spans, for example, configure as follows

  import sentry_sdk
  from sentry_sdk.integrations.django import DjangoIntegration
sentry_sdk.init(
dsn="<your-dsn>",
integrations=[
DjangoIntegration(middleware_spans=True),
],
)

New Features ✨

Langgraph

OTLP

Bug Fixes 🐛

Integrations

  • fix(django): Set active thread ID when middleware spans are disabled by @​alexander-alderman-webb in #5220

  • fix(integrations): openai-agents fixing the input messages structure which was wrapped too much in some cases by @​constantinius in #5203

  • fix(integrations): openai-agents fix multi-patching of get_model function by @​constantinius in #5195

  • fix(integrations): add values for pydantic-ai and openai-agents to _INTEGRATION_DEACTIVATES to prohibit double span creation by @​constantinius in #5196

  • fix(logs): Set span_id instead of sentry.trace.parent_span_id attribute by @​sentrivana in #5241

  • fix(logs, metrics): Gate metrics, logs user attributes behind send_default_pii by @​sentrivana in #5240

... (truncated)

Commits
  • 32e9cac Phrasing and code formatting in changelog
  • bf30403 Call out new default for middleware spans and fix formatting in changelog
  • 19e0d1f Fix changelog
  • 6516b8b release: 2.48.0
  • e275c9e Convert all remaining type annotations to PEP-526 format (#5239)
  • a29b421 fix(logs): Set span_id instead of sentry.trace.parent_span_id attribute (...
  • a9d89f2 fix(pydantic-ai): Stop capturing internal exceptions (#5237)
  • 5606bb3 fix(logs, metrics): Gate metrics, logs user attributes behind `send_default_p...
  • 6046f2d ci: Unpin Python version for LiteLLM tests (#5238)
  • 42ed87a ci: 🤖 Update test matrix with new releases (12/15) (#5229)
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the production-dependencies group with 5 updates
9572405 
Bumps the production-dependencies group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [google-cloud-pubsub](https://github.com/googleapis/python-pubsub) | `2.33.0` | `2.34.0` |
| [google-cloud-storage](https://github.com/googleapis/python-storage) | `3.6.0` | `3.7.0` |
| [pytest](https://github.com/pytest-dev/pytest) | `9.0.1` | `9.0.2` |
| [ruff](https://github.com/astral-sh/ruff) | `0.14.7` | `0.14.10` |
| [sentry-sdk](https://github.com/getsentry/sentry-python) | `2.46.0` | `2.48.0` |


Updates `google-cloud-pubsub` from 2.33.0 to 2.34.0
- [Release notes](https://github.com/googleapis/python-pubsub/releases)
- [Changelog](https://github.com/googleapis/python-pubsub/blob/main/CHANGELOG.md)
- [Commits](googleapis/python-pubsub@v2.33.0...v2.34.0)

Updates `google-cloud-storage` from 3.6.0 to 3.7.0
- [Release notes](https://github.com/googleapis/python-storage/releases)
- [Changelog](https://github.com/googleapis/python-storage/blob/main/CHANGELOG.md)
- [Commits](googleapis/python-storage@v3.6.0...v3.7.0)

Updates `pytest` from 9.0.1 to 9.0.2
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.0.1...9.0.2)

Updates `ruff` from 0.14.7 to 0.14.10
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.7...0.14.10)

Updates `sentry-sdk` from 2.46.0 to 2.48.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-python@2.46.0...2.48.0)

---
updated-dependencies:
- dependency-name: google-cloud-pubsub
  dependency-version: 2.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: google-cloud-storage
  dependency-version: 3.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: pytest
  dependency-version: 9.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: ruff
  dependency-version: 0.14.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.48.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jan 1, 2026
@dependabot dependabot bot requested a review from a team as a code owner January 1, 2026 13:05
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jan 1, 2026
@biancadanforth biancadanforth added this pull request to the merge queue Jan 6, 2026
Merged via the queue into main with commit be96182 Jan 6, 2026
1 check passed
@biancadanforth biancadanforth deleted the dependabot/pip/production-dependencies-e021e6545b branch January 6, 2026 16:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@biancadanforth biancadanforth biancadanforth approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@biancadanforth