Skip to content

Bump the pip-deps group with 8 updates #374

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the pip-deps group with 8 updates #374

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 26, 2025

Bumps the pip-deps group with 8 updates:

Package From To
requests 2.32.4 2.32.5
ruamel-yaml 0.18.14 0.18.15
pymongo 4.14.0 4.14.1
wrapt 1.17.2 1.17.3
botocore 1.40.7 1.40.17
boto3 1.40.7 1.40.17
types-pyyaml 6.0.12.20250809 6.0.12.20250822
types-python-dateutil 2.9.0.20250809 2.9.0.20250822

Updates requests from 2.32.4 to 2.32.5

Release notes

Sourced from requests's releases.

v2.32.5

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.
Changelog

Sourced from requests's changelog.

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.
Commits
  • b25c87d v2.32.5
  • 131e506 Merge pull request #7010 from psf/dependabot/github_actions/actions/checkout-...
  • b336cb2 Bump actions/checkout from 4.2.0 to 5.0.0
  • 46e939b Update publish workflow to use artifact-id instead of name
  • 4b9c546 Merge pull request #6999 from psf/dependabot/github_actions/step-security/har...
  • 7618dbe Bump step-security/harden-runner from 2.12.0 to 2.13.0
  • 2edca11 Add support for Python 3.14 and drop support for Python 3.8 (#6993)
  • fec96cd Update Makefile rules (#6996)
  • d58d8aa docs: clarify timeout parameter uses seconds in Session.request (#6994)
  • 91a3eab Bump github/codeql-action from 3.28.5 to 3.29.0
  • Additional commits viewable in compare view

Updates ruamel-yaml from 0.18.14 to 0.18.15

Updates pymongo from 4.14.0 to 4.14.1

Release notes

Sourced from pymongo's releases.

PyMongo 4.14.1

Community notes: https://www.mongodb.com/community/forums/t/pymongo-4-14-1-released/327511

Changelog

Sourced from pymongo's changelog.

Changes in Version 4.14.1 (2025/08/19)

Version 4.14.1 is a bug fix release.

  • Fixed a bug in MongoClient.append_metadata() and AsyncMongoClient.append_metadata() that allowed duplicate DriverInfo.name to be appended to the metadata.

Issues Resolved ...............

See the PyMongo 4.14.1 release notes in JIRA_ for the list of resolved issues in this release.

.. _PyMongo 4.14.1 release notes in JIRA: https://jira.mongodb.org/secure/ReleaseNote.jspa?projectId=10004&version=45256

Commits
  • 0d2a4b4 Prep for 4.14.1 release (#2495)
  • 550d234 PYTHON-5503 Use uv to install just in GitHub Actions (#2490) [v4.14] (#2493)
  • d98049c PYTHON-5502 [v4.14] Fix handling of c extensions in Azure and GCP VMs (#2487)
  • f66ec0f PYTHON-5492 Fix handling of MaxTimeMS message (#2484) [v4.14] (#2485)
  • 6611bec PYTHON-5493 [v4.14] Add a patch for the log order difference (#2482)
  • 7692bd6 PYTHON-5488 append_metadata should not add duplicates (#2461) [v4.14] (#2483)
  • aa0b920 PYTHON-5492 Fix handling of MaxTimeMSExpired responses (#2477) [v4.14] (#2479)
  • 1c48016 PYTHON-5349 Use drivers-evergreen-tools to start servers in GitHub Actions (#...
  • 7055ad1 PYTHON-5492 Mark test as flaky (#2472) [v4.14] (#2475)
  • e80f4f4 PYTHON-5491 Skip non-idempotent dropIndex tests (#2467) [v4.14] (#2468)
  • Additional commits viewable in compare view

Updates wrapt from 1.17.2 to 1.17.3

Release notes

Sourced from wrapt's releases.

wrapt-1.17.3

See the project page on the Python Package Index at https://pypi.org/project/wrapt/1.17.3/ for more information.

Changelog

Sourced from wrapt's changelog.

Version 1.17.3

Bugs Fixed

  • Reference count was not being incremented on type object for C implementation of the partial callable object proxy when module was initialized. If wrapt was being used in Python sub interpreters which were deleted it could lead to the process crashing.
Commits
  • 99130c0 Build for Windows 11 ARM.
  • 26f5344 Build for Python 3.14.
  • 43dbbe0 Modify artifact upload pattern.
  • e90bd88 Update cibuildwheel version.
  • 58efb76 Update to ubuntu-latest.
  • 800a204 Increment release version.
  • 33b8840 Update obsolete GitHub action.
  • 1c755a1 Rename GitHub workflow file so can build package.
  • ff4981b Fix crash due to lack of reference count.
  • ecbaaa1 Revert "Remove the dependency on pkg_resources and hence setuptools on py...
  • Additional commits viewable in compare view

Updates botocore from 1.40.7 to 1.40.17

Commits
  • b1b06fe Merge branch 'release-1.40.17'
  • d92bc20 Bumping version to 1.40.17
  • 33b8250 Update endpoints model
  • eb74ea4 Update to latest models
  • 1f077e3 Merge pull request #3545 from boto/dependabot/github_actions/codecov/codecov-...
  • edd7ce3 Bump codecov/codecov-action from 5.4.0 to 5.5.0
  • 56a479a Merge branch 'release-1.40.16'
  • 4607044 Merge branch 'release-1.40.16' into develop
  • 7aa26bb Bumping version to 1.40.16
  • cb07fe6 Update to latest models
  • Additional commits viewable in compare view

Updates boto3 from 1.40.7 to 1.40.17

Commits
  • 50b1b67 Merge branch 'release-1.40.17'
  • bf25224 Bumping version to 1.40.17
  • ba4d50a Add changelog entries from botocore
  • fe7457e Merge branch 'release-1.40.16'
  • 2811578 Merge branch 'release-1.40.16' into develop
  • 3930259 Bumping version to 1.40.16
  • 0954e8f Add changelog entries from botocore
  • 8836e33 Merge branch 'release-1.40.15'
  • e1dfc5f Merge branch 'release-1.40.15' into develop
  • 14dbc58 Bumping version to 1.40.15
  • Additional commits viewable in compare view

Updates types-pyyaml from 6.0.12.20250809 to 6.0.12.20250822

Commits

Updates types-python-dateutil from 2.9.0.20250809 to 2.9.0.20250822

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the pip-deps group with 8 updates
e8d9412 
Bumps the pip-deps group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [requests](https://github.com/psf/requests) | `2.32.4` | `2.32.5` |
| ruamel-yaml | `0.18.14` | `0.18.15` |
| [pymongo](https://github.com/mongodb/mongo-python-driver) | `4.14.0` | `4.14.1` |
| [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.2` | `1.17.3` |
| [botocore](https://github.com/boto/botocore) | `1.40.7` | `1.40.17` |
| [boto3](https://github.com/boto/boto3) | `1.40.7` | `1.40.17` |
| [types-pyyaml](https://github.com/typeshed-internal/stub_uploader) | `6.0.12.20250809` | `6.0.12.20250822` |
| [types-python-dateutil](https://github.com/typeshed-internal/stub_uploader) | `2.9.0.20250809` | `2.9.0.20250822` |


Updates `requests` from 2.32.4 to 2.32.5
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.4...v2.32.5)

Updates `ruamel-yaml` from 0.18.14 to 0.18.15

Updates `pymongo` from 4.14.0 to 4.14.1
- [Release notes](https://github.com/mongodb/mongo-python-driver/releases)
- [Changelog](https://github.com/mongodb/mongo-python-driver/blob/master/doc/changelog.rst)
- [Commits](mongodb/mongo-python-driver@4.14.0...4.14.1)

Updates `wrapt` from 1.17.2 to 1.17.3
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases)
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst)
- [Commits](GrahamDumpleton/wrapt@1.17.2...1.17.3)

Updates `botocore` from 1.40.7 to 1.40.17
- [Commits](boto/botocore@1.40.7...1.40.17)

Updates `boto3` from 1.40.7 to 1.40.17
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.40.7...1.40.17)

Updates `types-pyyaml` from 6.0.12.20250809 to 6.0.12.20250822
- [Commits](https://github.com/typeshed-internal/stub_uploader/commits)

Updates `types-python-dateutil` from 2.9.0.20250809 to 2.9.0.20250822
- [Commits](https://github.com/typeshed-internal/stub_uploader/commits)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.32.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: ruamel-yaml
  dependency-version: 0.18.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: pymongo
  dependency-version: 4.14.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: wrapt
  dependency-version: 1.17.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: botocore
  dependency-version: 1.40.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: boto3
  dependency-version: 1.40.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: types-pyyaml
  dependency-version: 6.0.12.20250822
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: types-python-dateutil
  dependency-version: 2.9.0.20250822
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Aug 26, 2025
@dependabot dependabot bot requested a review from a team as a code owner August 26, 2025 18:02
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Aug 26, 2025
@dependabot dependabot bot requested review from fealebenpae and anandsyncs August 26, 2025 18:02
@dependabot dependabot bot added the python Pull requests that update python code label Aug 26, 2025
@github-actions GitHub Actions
Copy link

⚠️ (this preview might not be accurate if the PR is not rebased on current master branch)

MCK 1.3.0 Release Notes

New Features

Multi-Architecture Support

We've added comprehensive multi-architecture support for the kubernetes operator. This enhancement enables deployment on IBM Power (ppc64le) and IBM Z (s390x) architectures alongside
existing x86_64 support. Core images (operator, agent, init containers, database, readiness probe) now support multiple architectures. We do not add support IBM and ARM support for Ops-Manager and the init-ops-manager image.

Bug Fixes

  • This change fixes the current complex and difficult-to-maintain architecture for stateful set containers, which relies on an "agent matrix" to map operator and agent versions which led to a sheer amount of images.
  • We solve this by shifting to a 3-container setup. This new design eliminates the need for the operator-version/agent-version matrix by adding one additional container containing all required binaries. This architecture maps to what we already do with the mongodb-database container.
  • Fixed an issue where the readiness probe reported the node as ready even when its authentication mechanism was not in sync with the other nodes, potentially causing premature restarts.

Other Changes

  • Optional permissions for PersistentVolumeClaim moved to a separate role. When managing the operator with Helm it is possible to disable permissions for PersistentVolumeClaim resources by setting operator.enablePVCResize value to false (true by default). When enabled, previously these permissions were part of the primary operator role. With this change, permissions have a separate role.
  • subresourceEnabled Helm value was removed. This setting used to be true by default and made it possible to exclude subresource permissions from the operator role by specifying false as the value. We are removing this configuration option, making the operator roles always have subresource permissions. This setting was introduced as a temporary solution for this OpenShift issue. The issue has since been resolved and the setting is no longer needed.
  • We have deliberately not published the container images for OpsManager versions 7.0.16, 8.0.8, 8.0.9 and 8.0.10 due to a bug in the OpsManager which prevents MCK customers to upgrade their OpsManager deployments to those versions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fealebenpae fealebenpae Awaiting requested review from fealebenpae fealebenpae is a code owner automatically assigned from mongodb/kubernetes-hosted

@anandsyncs anandsyncs Awaiting requested review from anandsyncs anandsyncs is a code owner automatically assigned from mongodb/kubernetes-hosted

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants