From fcc3c19e11df14ad6cf55f803ef7585aa2c25ccc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 8 Dec 2025 16:18:24 +0000 Subject: [PATCH 1/3] chore(deps): update python packages --- poetry.lock | 34 +++++++++++++++++++++++++++++++--- 1 file changed, 31 insertions(+), 3 deletions(-) diff --git a/poetry.lock b/poetry.lock index 9c19f124..403504e9 100644 --- a/poetry.lock +++ b/poetry.lock @@ -48,6 +48,7 @@ description = "Security oriented static analyser for python code." optional = false python-versions = ">=3.9" groups = ["lint"] +markers = "python_version == \"3.9\"" files = [ {file = "bandit-1.8.6-py3-none-any.whl", hash = "sha256:3348e934d736fcdb68b6aa4030487097e23a501adf3e7827b63658df464dddd0"}, {file = "bandit-1.8.6.tar.gz", hash = "sha256:dbfe9c25fc6961c2078593de55fd19f2559f9e45b99f1272341f5b95dea4e56b"}, @@ -67,6 +68,33 @@ test = ["beautifulsoup4 (>=4.8.0)", "coverage (>=4.5.4)", "fixtures (>=3.0.0)", toml = ["tomli (>=1.1.0) ; python_version < \"3.11\""] yaml = ["PyYAML"] +[[package]] +name = "bandit" +version = "1.9.2" +description = "Security oriented static analyser for python code." +optional = false +python-versions = ">=3.10" +groups = ["lint"] +markers = "python_version >= \"3.10\"" +files = [ + {file = "bandit-1.9.2-py3-none-any.whl", hash = "sha256:bda8d68610fc33a6e10b7a8f1d61d92c8f6c004051d5e946406be1fb1b16a868"}, + {file = "bandit-1.9.2.tar.gz", hash = "sha256:32410415cd93bf9c8b91972159d5cf1e7f063a9146d70345641cd3877de348ce"}, +] + +[package.dependencies] +colorama = {version = ">=0.3.9", markers = "platform_system == \"Windows\""} +PyYAML = ">=5.3.1" +rich = "*" +stevedore = ">=1.20.0" +tomli = {version = ">=1.1.0", optional = true, markers = "python_version < \"3.11\" and extra == \"toml\""} + +[package.extras] +baseline = ["GitPython (>=3.1.30)"] +sarif = ["jschema-to-python (>=1.2.3)", "sarif-om (>=1.0.4)"] +test = ["beautifulsoup4 (>=4.8.0)", "coverage (>=4.5.4)", "fixtures (>=3.0.0)", "flake8 (>=4.0.0)", "pylint (==1.9.4)", "stestr (>=2.5.0)", "testscenarios (>=0.5.0)", "testtools (>=2.3.0)"] +toml = ["tomli (>=1.1.0) ; python_version < \"3.11\""] +yaml = ["PyYAML"] + [[package]] name = "black" version = "25.9.0" @@ -2356,14 +2384,14 @@ files = [ [[package]] name = "mypy-protobuf" -version = "3.6.0" +version = "3.7.0" description = "Generate mypy stub files from protobuf specs" optional = false python-versions = ">=3.8" groups = ["codegen"] files = [ - {file = "mypy-protobuf-3.6.0.tar.gz", hash = "sha256:02f242eb3409f66889f2b1a3aa58356ec4d909cdd0f93115622e9e70366eca3c"}, - {file = "mypy_protobuf-3.6.0-py3-none-any.whl", hash = "sha256:56176e4d569070e7350ea620262478b49b7efceba4103d468448f1d21492fd6c"}, + {file = "mypy_protobuf-3.7.0-py3-none-any.whl", hash = "sha256:85256e9d4da935722ce8fbaa8d19397e1a2989aa8075c96577987de9fe7cea4d"}, + {file = "mypy_protobuf-3.7.0.tar.gz", hash = "sha256:912fb281f7c7b3e3a7c9b8695712618a716fddbab70f6ad63eaf68eda80c5efe"}, ] [package.dependencies] From 3ad3d45c56c5b198b732c3fcd3c1894c44c00c2e Mon Sep 17 00:00:00 2001 From: Brad Keryan Date: Mon, 8 Dec 2025 12:36:49 -0600 Subject: [PATCH 2/3] fix: Keep using mypy-protobuf 3.6 until we drop protobuf v4 --- pyproject.toml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 8b1e2190..9dd1782e 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -73,7 +73,8 @@ grpcio-tools = [ { version = "1.67.0", python = ">=3.13,<3.14" }, { version = "1.75.1", python = "^3.14" }, ] -mypy-protobuf = ">=3.4" +# mypy-protobuf 3.6 is the last version that supports protobuf v4. +mypy-protobuf = ">=3.4,<3.7" [tool.poetry.group.docs] optional = true From 4a656bb8ff97275de95a2263fd73c15f4b362f96 Mon Sep 17 00:00:00 2001 From: Brad Keryan Date: Mon, 8 Dec 2025 12:37:47 -0600 Subject: [PATCH 3/3] chore: Update poetry.lock --- poetry.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/poetry.lock b/poetry.lock index 403504e9..dce1a824 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2384,14 +2384,14 @@ files = [ [[package]] name = "mypy-protobuf" -version = "3.7.0" +version = "3.6.0" description = "Generate mypy stub files from protobuf specs" optional = false python-versions = ">=3.8" groups = ["codegen"] files = [ - {file = "mypy_protobuf-3.7.0-py3-none-any.whl", hash = "sha256:85256e9d4da935722ce8fbaa8d19397e1a2989aa8075c96577987de9fe7cea4d"}, - {file = "mypy_protobuf-3.7.0.tar.gz", hash = "sha256:912fb281f7c7b3e3a7c9b8695712618a716fddbab70f6ad63eaf68eda80c5efe"}, + {file = "mypy-protobuf-3.6.0.tar.gz", hash = "sha256:02f242eb3409f66889f2b1a3aa58356ec4d909cdd0f93115622e9e70366eca3c"}, + {file = "mypy_protobuf-3.6.0-py3-none-any.whl", hash = "sha256:56176e4d569070e7350ea620262478b49b7efceba4103d468448f1d21492fd6c"}, ] [package.dependencies] @@ -4121,4 +4121,4 @@ grpc = ["grpcio", "ni-grpcdevice-v1-proto", "ni-protobuf-types", "protobuf"] [metadata] lock-version = "2.1" python-versions = ">=3.9,<4.0" -content-hash = "8a0ef6f263a2c3129e9a514045da9db4a17281da92d9b8ad24e91c9f97f00814" +content-hash = "3597a298003d0ad183a815aabcdea5868848992210fbbf13e80842388ddd7005"