chore(deps-dev): bump the gha group in /packages/opentelemetry-instrumentation-pinecone with 4 updates

[dependabot]

Updates the requirements on pinecone-client, pytest-sugar, openai[datalib] and vcrpy to permit the latest version.
Updates pinecone-client from 5.0.1 to 6.0.0

Release notes

Sourced from pinecone-client's releases.

Release v6.0.0

What's new in this release?

Indexes with Integrated Inference

This release adds a new create_index_for_model method as well as upsert_records, and search methods. Together these methods provide a way for you to easily store your data and let us manage the process of creating embeddings. To learn about available models, see the Model Gallery.

Note: If you were previously using the preview versions of this functionality via the pinecone-plugin-records package, you will need to uninstall that package in order to use the v6 pinecone release.

from pinecone import (
    Pinecone,
    CloudProvider,
    AwsRegion,
    EmbedModel,
)
1. Instantiate the Pinecone client
pc = Pinecone(api_key="<<PINECONE_API_KEY>>")
2. Create an index configured for use with a particular model
index_config = pc.create_index_for_model(
name="my-model-index",
cloud=CloudProvider.AWS,
region=AwsRegion.US_EAST_1,
embed=IndexEmbed(
model=EmbedModel.Multilingual_E5_Large,
field_map={"text": "my_text_field"}
)
)
3. Instantiate an Index client
idx = pc.Index(host=index_config.host)
4. Upsert records
idx.upsert_records(
namespace="my-namespace",
records=[
{
"_id": "test1",
"my_text_field": "Apple is a popular fruit known for its sweetness and crisp texture.",
},
{
"_id": "test2",
"my_text_field": "The tech company Apple is known for its innovative products like the iPhone.",
},
{
"_id": "test3",
"my_text_field": "Many people enjoy eating apples as a healthy snack.",
},
</tr></table>

... (truncated)

Commits

• 8f40d4d [skip ci] Bump version to v6.0.0
• 7d14c23 Adjust tagging
• e6988aa Adjust readme
• 2650576 Add more info to README
• 11c0060 Adjust README
• 867bdb6 Adjust readme
• 2e67c48 Adjust message
• 1981fd8 Raise exception on load
• 9363c14 Update CONTRIBUTING.md with Poetry shell install (#458)
• 3c49f9f [docs] Remove extra async call in PineconeAsyncio example (#459)
• Additional commits viewable in compare view

Updates pytest-sugar from 1.0.0 to 1.1.1

Release notes

Sourced from pytest-sugar's releases.

pytest-sugar 1.1.1

Adjust signature of SugarTerminalReporter to avoid conflicts with other pytest plugins (#297 by @​TolstochenkoDaniil)

pytest-sugar 1.1.0

Add Playwright trace file detection and display support for failed tests (#296 by @​kiebak3r)

This enhancement automatically detects and displays Playwright trace.zip files with viewing commands when tests fail, making debugging easier for Playwright users.

New command-line options:

• --sugar-trace-dir: Configure the directory name for Playwright trace files (default: test-results)
• --sugar-no-trace: Disable Playwright trace file detection and display

Changelog

Sourced from pytest-sugar's changelog.

1.1.1 - 2025-08-23 ^^^^^^^^^^^^^^^^^^

Adjust signature of SugarTerminalReporter to avoid conflicts with other pytest plugins

Contributed by Daniil via [PR #297](Teemu/pytest-sugar#297)

1.1.0 - 2025-08-16 ^^^^^^^^^^^^^^^^^^

Add Playwright trace file detection and display support for failed tests. This enhancement automatically detects and displays Playwright trace.zip files with viewing commands when tests fail, making debugging easier for Playwright users.

New command-line options:

• --sugar-trace-dir: Configure the directory name for Playwright trace files (default: test-results)
• --sugar-no-trace: Disable Playwright trace file detection and display

Contributed by kie via [PR #296](Teemu/pytest-sugar#296)

Commits

• 8133503 Release pytest-sugar 1.1.1
• 6798042 Fix conflict with other Pytest plugins (#297)
• 43bbdd0 Release pytest-sugar 1.1.0
• 855d661 Feature - Playwright Support for Trace Zip Mapping (#296)
• 2a5862a Merge pull request #293 from cgoldberg/add-py313
• ca26d98 Add support for Python 3.13
• 69989eb Clarify license as BSD 3-Clause License
• 3c86a5c Merge pull request #289 from deronnax/remove-packaging-dep
• c123be0 remove 'packaging' package
• efafd9c Merge pull request #282 from penguinpee/main
• Additional commits viewable in compare view

Updates openai[datalib] to 2.15.0

Release notes

Sourced from openai[datalib]'s releases.

v2.15.0

2.15.0 (2026-01-09)

Full Changelog: v2.14.0...v2.15.0

Features

• api: add new Response completed_at prop (f077752)

Chores

• internal: codegen related update (e7daba6)

Changelog

Sourced from openai[datalib]'s changelog.

2.15.0 (2026-01-09)

Full Changelog: v2.14.0...v2.15.0

Features

• api: add new Response completed_at prop (f077752)

Chores

• internal: codegen related update (e7daba6)

2.14.0 (2025-12-19)

Full Changelog: v2.13.0...v2.14.0

Features

• api: slugs for new audio models; make all model params accept strings (e517792)

Bug Fixes

• use async_to_httpx_files in patch method (a6af9ee)

Chores

• internal: add --fix argument to lint script (93107ef)

2.13.0 (2025-12-16)

Full Changelog: v2.12.0...v2.13.0

Features

• api: gpt-image-1.5 (1c88f03)

Chores

• ci: add CI job to detect breaking changes with the Agents SDK (#1436) (237c91e)
• internal: add missing files argument to base client (e6d6fd5)

2.12.0 (2025-12-15)

Full Changelog: v2.11.0...v2.12.0

Features

... (truncated)

Commits

• 722d3ff release: 2.15.0
• 5da8c5f feat(api): add new Response completed_at prop
• 032e6cb chore(internal): codegen related update
• d3e6321 release: 2.14.0
• 4547f1a codegen metadata
• a3c27a2 chore(internal): add --fix argument to lint script
• 51c6885 feat(api): slugs for new audio models; make all model params accept strings
• 62699d9 fix: use async_to_httpx_files in patch method
• 20af6aa codegen metadata
• f94256d release: 2.13.0
• Additional commits viewable in compare view

Updates vcrpy from 6.0.2 to 7.0.0

Release notes

Sourced from vcrpy's releases.

v7.0.0

What's Changed

- Drop support for python 3.8 (major version bump) - thanks @jairhenrique
- Various linting and test fixes - thanks @jairhenrique
- Bugfix for urllib2>=2.3.0 - missing version_string ([#888](https://github.com/kevin1024/vcrpy/issues/888))
- Bugfix for asyncio.run - thanks @alekeik1

New Contributors

• @​exslim made their first contribution in kevin1024/vcrpy#889
• @​alekseik1 made their first contribution in kevin1024/vcrpy#886

Changelog

Sourced from vcrpy's changelog.

Changelog

For a full list of triaged issues, bugs and PRs and what release they are targeted for please see the following link.

ROADMAP MILESTONES <https://github.com/kevin1024/vcrpy/milestones>_

All help in providing PRs to close out bug issues is appreciated. Even if that is providing a repo that fully replicates issues. We have very generous contributors that have added these to bug issues which meant another contributor picked up the bug and closed it out.

• 8.1.1

  • Fix sync requests in async contexts for HTTPX (#965) - thanks @​seowalex
  • CI: bump peter-evans/create-pull-request from 7 to 8 (#969)

• 8.1.0

  • Enable brotli decompression if available (via brotli, brotlipy or brotlicffi) (#620) - thanks @​immerrr
  • Fix aiohttp allowing both data and json arguments when one is None (#624) - thanks @​leorochael
  • Fix usage of io-like interface with VCR.py (#906) - thanks @​tito and @​kevdevg
  • Migrate to declarative Python package config (#767) - thanks @​deronnax
  • Various linting fixes - thanks @​jairhenrique
  • CI: bump actions/checkout from 5 to 6 (#955)

• 8.0.0

  • BREAKING: Drop support for Python 3.9 (major version bump) - thanks @​jairhenrique
  • BREAKING: Drop support for urllib3 < 2 - fixes CVE warnings from urllib3 1.x (#926, #880) - thanks @​jairhenrique
  • New feature: drop_unused_requests option to remove unused interactions from cassettes (#763) - thanks @​danielnsilva
  • Rewrite httpx support to patch httpcore instead of httpx (#943) - thanks @​seowalex
    • Fixes httpx.ResponseNotRead exceptions (#832, #834)
    • Fixes KeyError: 'follow_redirects' (#945)
    • Adds support for custom httpx transports
  • Fix HTTPS proxy handling - proxy address no longer ends up in cassette URIs (#809, #914) - thanks @​alga
  • Fix iscoroutinefunction deprecation warning on Python 3.14 - thanks @​kloczek
  • Only log message if response is appended - thanks @​talfus-laddus
  • Optimize urllib.parse calls - thanks @​Martin-Brunthaler
  • Fix CI for Ubuntu 24.04 - thanks @​hartwork
  • Various CI improvements: migrate to uv, update GitHub Actions - thanks @​jairhenrique
  • Various linting and test improvements - thanks @​jairhenrique and @​hartwork

• 7.0.0

  • Drop support for python 3.8 (major version bump) - thanks @​jairhenrique
  • Various linting and test fixes - thanks @​jairhenrique
  • Bugfix for urllib2>=2.3.0 - missing version_string (#888)
  • Bugfix for asyncio.run - thanks @​alekeik1

• 6.0.2

  • Ensure body is consumed only once (#846) - thanks @​sathieu
  • Permit urllib3 2.x for non-PyPy Python >=3.10
  • Fix typos in test commands - thanks @​chuckwondo
  • Several test and workflow improvements - thanks @​hartwork and @​graingert

• 6.0.1

  • Bugfix with to Tornado cassette generator (thanks @​graingert)

• 6.0.0

... (truncated)

Commits

• 3278619 Release v7.0.0
• 3fb62e0 fix: correctly handle asyncio.run when loop exists
• 8197865 build(deps): update sphinx requirement from <8 to <9
• be651bd pre-commit: Autoupdate
• a6698ed Fix aiohttp tests
• 48d0a2e Fixed missing version_string attribute when used with urllib3>=2.3.0
• 5b858b1 Fix lint
• c8d99a9 Fix ruff configuration
• ce27c63 Merge pull request #736 from kevin1024/drop-python38
• ab8944d Drop python 3.8 support
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

---

Important

Update dependencies in pyproject.toml to allow newer versions of pinecone-client, pytest-sugar, openai[datalib], and vcrpy.

• Dependencies:
  • Update pinecone-client to allow versions up to 6.0.0.
  • Update pytest-sugar to version 1.1.1.
  • Update openai[datalib] to allow versions up to 2.15.0.
  • Update vcrpy to allow versions up to 7.0.0.

^{This description was created by for a54fa77. You can customize this summary. It will automatically update as commits are pushed.}

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to a54fa77 in 1 minute and 4 seconds. Click for details.

• Reviewed 29 lines of code in 1 files
• Skipped 1 files when reviewing.
• Skipped posting 5 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. packages/opentelemetry-instrumentation-pinecone/pyproject.toml:32

• Draft comment:
  Updated pytest-sugar to 1.1.1 in the dev group. Confirm this version is compatible with all plugins.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is asking the PR author to confirm compatibility of a dependency update, which is against the rules. It does not provide a specific suggestion or point out a specific issue with the code.

2. packages/opentelemetry-instrumentation-pinecone/pyproject.toml:37

• Draft comment:
  Bumped openai[datalib] version range from <2 to <3. Verify that the extended range doesn't introduce breaking changes.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is asking the PR author to verify that the extended version range doesn't introduce breaking changes, which falls under the rule of not asking the author to ensure behavior or verify intentions. It doesn't provide a specific suggestion or point out a specific issue with the code.

3. packages/opentelemetry-instrumentation-pinecone/pyproject.toml:39

• Draft comment:
  Extended the allowed pinecone-client version to <7 to support v6. Ensure that any API changes in v6 are properly handled.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is related to a dependency change, specifically the version of the pinecone-client. The comment suggests ensuring that API changes in v6 are handled, which falls under asking the author to ensure behavior is intended or tested. This violates the rules.

4. packages/opentelemetry-instrumentation-pinecone/pyproject.toml:42

• Draft comment:
  Updated pytest-sugar to 1.1.1 in the test group for consistency. Consider deduplication if appropriate.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 40% <= threshold 50% The comment is about a dependency update, which is generally not something we should comment on unless it's about consistency or deduplication, which this comment does mention. However, the suggestion to consider deduplication is not a strong directive and could be seen as purely informative. The comment does not ask for confirmation or testing, so it doesn't violate those rules. Overall, it seems to be a borderline case, but it leans towards being informative rather than directive.

5. packages/opentelemetry-instrumentation-pinecone/pyproject.toml:44

• Draft comment:
  Updated vcrpy dependency range to <8 from <7. Please check that changes in v7 do not break expected functionality.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is asking the PR author to check for potential issues with the dependency update, which violates the rule against asking the author to ensure behavior is intended or to double-check things. It doesn't provide a specific suggestion or point out a specific issue.

Workflow ID: wflow_Fafhnr7nX3r5w0VQ

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.