Bump the celery group across 1 directory with 3 updates

[dependabot]

Bumps the celery group with 3 updates in the /requirements directory: billiard, celery and kombu.

Updates billiard from 4.2.3 to 4.2.4

Release notes

Sourced from billiard's releases.

v4.2.4

What's Changed

• Eliminate usage of 'return' in 'finally' blocks by @​torarvid in celery/billiard#438
• Prepare for release: v4.2.4 by @​Nusnus in celery/billiard#439

New Contributors

• @​torarvid made their first contribution in celery/billiard#438

Full Changelog: celery/billiard@v4.2.3...v4.2.4

Changelog

Sourced from billiard's changelog.

4.2.4 - 2025-11-30

• Eliminate usage of 'return' in 'finally' blocks (#438)
• Prepare for release: v4.2.4 (#439)

Commits

• 69c2f29 Prepare for release: v4.2.4 (#439)
• 973c773 Eliminate usage of 'return' in 'finally' blocks (#438)
• 5115394 Bump actions/checkout from 5 to 6 in the github-actions group (#437)
• See full diff in compare view

Updates celery from 5.5.3 to 5.6.1

Release notes

Sourced from celery's releases.

v5.6.1

What's Changed

• Fix Redis Sentinel ACL authentication support by @​anthonykuzmich7 in celery/celery#10013
• Fix: Broker heartbeats not sent during graceful shutdown by @​weetster in celery/celery#9986
• docs #5410 -- Document confirm_publish broker transport option by @​JaeHyuckSa in celery/celery#10016
• close DB pools only in prefork mode by @​petrprikryl in celery/celery#10020
• Fix: Avoid unnecessary Django database connection creation during cleanup by @​snopoke in celery/celery#10015
• reliable prefork detection by @​petrprikryl in celery/celery#10023
• better coverage by @​petrprikryl in celery/celery#10029
• Docs: clarify result_extended vs periodic task metadata and show headers["periodic_task_name"] example by @​SpaceShaman in celery/celery#10030
• Stop importing pytest_subtests by @​cjwatson in celery/celery#10032
• Only use exceptiongroup backport for Python < 3.11 by @​cjwatson in celery/celery#10033
• Prepare for release: v5.6.1 by @​Nusnus in celery/celery#10037

New Contributors

• @​anthonykuzmich7 made their first contribution in celery/celery#10013
• @​weetster made their first contribution in celery/celery#9986
• @​JaeHyuckSa made their first contribution in celery/celery#10016
• @​snopoke made their first contribution in celery/celery#10015
• @​SpaceShaman made their first contribution in celery/celery#10030

Full Changelog: celery/celery@v5.6.0...v5.6.1

v5.6.0

Celery v5.6.0 is now available.

Key Highlights

See What's new in Celery 5.6 for a complete overview or read the main highlights below.

Python 3.9 Minimum Version

Celery 5.6.0 drops support for Python 3.8 (EOL). The minimum required Python version is now 3.9. Users still on Python 3.8 must upgrade their Python version before upgrading to Celery 5.6.0.

Additionally, this release includes initial support for Python 3.14.

SQS: Reverted to pycurl from urllib3

The switch from pycurl to urllib3 for the SQS transport (introduced in Celery 5.5.0 via Kombu) has been reverted due to critical issues affecting SQS users.

Contributed by @​auvipy in celery/celery#9620.

Security Fix: Broker Credential Leak Prevention

Fixed a security issue where broker URLs containing passwords were being logged in plaintext by the delayed delivery mechanism. Broker credentials are now properly sanitized in all log output.

Contributed by @​giancarloromeo in celery/celery#9997.

Memory Leak Fixes

... (truncated)

Changelog

Sourced from celery's changelog.

5.6.1

:release-date: 2025-12-29 :release-by: Tomer Nosrati

What's Changed

- Fix Redis Sentinel ACL authentication support ([#10013](https://github.com/celery/celery/issues/10013))
- Fix: Broker heartbeats not sent during graceful shutdown ([#9986](https://github.com/celery/celery/issues/9986))
- docs [#5410](https://github.com/celery/celery/issues/5410) -- Document confirm_publish broker transport option ([#10016](https://github.com/celery/celery/issues/10016))
- close DB pools only in prefork mode ([#10020](https://github.com/celery/celery/issues/10020))
- Fix: Avoid unnecessary Django database connection creation during cleanup ([#10015](https://github.com/celery/celery/issues/10015))
- reliable prefork detection ([#10023](https://github.com/celery/celery/issues/10023))
- better coverage ([#10029](https://github.com/celery/celery/issues/10029))
- Docs: clarify `result_extended` vs periodic task metadata and show `headers["periodic_task_name"]` example ([#10030](https://github.com/celery/celery/issues/10030))
- Stop importing pytest_subtests ([#10032](https://github.com/celery/celery/issues/10032))
- Only use exceptiongroup backport for Python < 3.11 ([#10033](https://github.com/celery/celery/issues/10033))
- Prepare for release: v5.6.1 ([#10037](https://github.com/celery/celery/issues/10037))
.. _version-5.6.0:
5.6.0
:release-date: 2025-11-30
:release-by: Tomer Nosrati
Celery v5.6.0 is now available.
Key Highlights

See :ref:whatsnew-5.6 for a complete overview or read the main highlights below.

Python 3.9 Minimum Version

Celery 5.6.0 drops support for Python 3.8 (EOL). The minimum required Python version is now 3.9. Users still on Python 3.8 must upgrade their Python version before upgrading to Celery 5.6.0.

Additionally, this release includes initial support for Python 3.14.

SQS: Reverted to pycurl from urllib3

The switch from pycurl to urllib3 for the SQS transport (introduced in Celery 5.5.0 via Kombu) has been reverted due to critical issues affecting SQS

... (truncated)

Commits

• 21dbc73 Prepare for release: v5.6.1 (#10037)
• ba20bed Only use exceptiongroup backport for Python < 3.11 (#10033)
• 2167529 Stop importing pytest_subtests
• 0527296 Bump google-cloud-firestore from 2.21.0 to 2.22.0
• 5f8659b Clarify 'result_extended' setting usage in tasks
• f19db70 Bump mypy from 1.19.0 to 1.19.1 (#10028)
• 6da72bd better coverage (#10029)
• 170fe55 [pre-commit.ci] pre-commit autoupdate (#10027)
• cb08d50 reliable prefork detection (#10023)
• cc3350e Fix: Avoid unnecessary Django database connection creation during cleanup (#1...
• Additional commits viewable in compare view

Updates kombu from 5.6.1 to 5.6.2

Release notes

Sourced from kombu's releases.

v5.6.2

What's Changed

• Simplify requirements given Py3.9+ baseline by @​jayaddison in celery/kombu#2414
• fix: credential_provider compatibility issue with redis < 5.3.0 by @​alaminopu in celery/kombu#2423
• Fix SentinelChannel to pass ACL credentials to master_for() by @​anthonykuzmich7 in celery/kombu#2426
• Improve the error handling in ack deadline extension by @​tungntpham in celery/kombu#2430
• Prepare for release: v5.6.2 by @​Nusnus in celery/kombu#2434

New Contributors

• @​jayaddison made their first contribution in celery/kombu#2414
• @​anthonykuzmich7 made their first contribution in celery/kombu#2426
• @​tungntpham made their first contribution in celery/kombu#2430

Full Changelog: celery/kombu@v5.6.1...v5.6.2

Changelog

Sourced from kombu's changelog.

5.6.2

:release-date: 29 December, 2025 :release-by: Tomer Nosrati

What's Changed

- Improve error handling in GCP Pub/Sub ack deadline extension ([#2430](https://github.com/celery/kombu/issues/2430))
- Fix SentinelChannel to pass ACL credentials to master_for() ([#2426](https://github.com/celery/kombu/issues/2426))
- Fix credential_provider compatibility with redis-py < 5.3.0 ([#2423](https://github.com/celery/kombu/issues/2423))
- Simplify requirements given Py3.9+ baseline ([#2414](https://github.com/celery/kombu/issues/2414))
- Prepare for release: v5.6.2 ([#2434](https://github.com/celery/kombu/issues/2434))
.. _version-5.6.1:

Commits

• 279b81f Prepare for release: v5.6.2 (#2434)
• a12f3a9 Improve the error handling in ack deadline extension (#2430)
• 4055fa7 Bump mypy from 1.19.0 to 1.19.1 (#2432)
• 8756f49 [pre-commit.ci] pre-commit autoupdate (#2429)
• 0a5a0bc Fix SentinelChannel to pass ACL credentials to master_for() (#2426)
• f204769 [pre-commit.ci] pre-commit autoupdate (#2424)
• 9a72859 Bump mypy from 1.18.2 to 1.19.0
• 260d517 fix: credential_provider compatibility issue with redis < 5.3.0 (#2423)
• 161a61b Simplify requirements given Py3.9+ baseline (#2414)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions