Skip to content
This repository was archived by the owner on Mar 12, 2026. It is now read-only.

chore(deps): update all dependencies#2006

Closed
renovate[bot] wants to merge 1 commit intomainfrom
renovate/all
Closed

chore(deps): update all dependencies#2006
renovate[bot] wants to merge 1 commit intomainfrom
renovate/all

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Jan 30, 2026
edited
Loading

This PR contains the following updates:

Package Type Update Change Age Confidence
actions/checkout (changelog) action digest 8e8c483de0fac2
actions/upload-artifact action major v6v7 age confidence
alembic (changelog) patch ==1.18.3==1.18.4 age confidence
certifi minor ==2026.1.4==2026.2.25 age confidence
charset-normalizer (changelog) patch ==3.4.4==3.4.5 age confidence
flask (changelog) patch ==3.1.2==3.1.3 age confidence
greenlet (changelog) patch ==3.3.1==3.3.2 age confidence
paas-charm minor ==1.9.2==1.10.0 age confidence
pydantic-core minor ==2.41.5==2.42.0 age confidence
pyjwt minor ==2.10.1==2.11.0 age confidence
sqlalchemy (changelog) patch ==2.0.46==2.0.48 age confidence
werkzeug (changelog) patch ==3.1.5==3.1.6 age confidence
wrapt (changelog) minor ==2.0.1==2.1.2 age confidence

Release Notes

actions/upload-artifact (actions/upload-artifact)

v7

Compare Source

certifi/python-certifi (certifi)

v2026.2.25

Compare Source

jawah/charset_normalizer (charset-normalizer)

v3.4.5

Compare Source

Changed
  • Update setuptools constraint to setuptools>=68,<=82.
  • Raised upper bound of mypyc for the optional pre-built extension to v1.19.1
Fixed
  • Add explicit link to lib math in our optimized build. (#​692)
  • Logger level not restored correctly for empty byte sequences. (#​701)
  • TypeError when passing bytearray to from_bytes. (#​703)
Misc
  • Applied safe micro-optimizations in both our noise detector and language detector.
  • Rewrote the query_yes_no function (inside CLI) to avoid using ambiguous licensed code.
  • Added cd.py submodule into mypyc optional compilation to reduce further the performance impact.
pallets/flask (flask)

v3.1.3

Compare Source

Released 2026-02-18

  • The session is marked as accessed for operations that only access the keys
    but not the values, such as in and len. :ghsa:68rp-wp8r-4726
python-greenlet/greenlet (greenlet)

v3.3.2

Compare Source

==================

  • Fix a crash on Python 3.10 if there are active greenlets during
    interpreter shutdown. See PR 495 <https://github.com/python-greenlet/greenlet/pull/495>_ by Nicolas
    Bouvrette.
jpadilla/pyjwt (pyjwt)

v2.11.0

Compare Source

Fixed


Added
pallets/werkzeug (werkzeug)

v3.1.6

Compare Source

Released 2026-02-19

  • safe_join on Windows does not allow special devices names in
    multi-segment paths. :ghsa:29vq-49wr-vm6x
GrahamDumpleton/wrapt (wrapt)

v2.1.2: wrapt-2.1.2

Compare Source

See the project page on the Python Package Index at https://pypi.org/project/wrapt/2.1.2/ for more information.

v2.1.1: wrapt-2.1.1

Compare Source

See the project page on the Python Package Index at https://pypi.org/project/wrapt/2.1.1/ for more information.

v2.1.0: wrapt-2.1.0

Compare Source

See the project page on the Python Package Index at https://pypi.org/project/wrapt/2.1.0/ for more information.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot enabled auto-merge (squash) January 30, 2026 22:25
@renovate renovate bot requested a review from a team as a code owner January 30, 2026 22:25
@renovate renovate bot requested review from alithethird and cbartz and removed request for a team January 30, 2026 22:25
@github-actions
Copy link
Contributor

github-actions bot commented Jan 30, 2026

Unused entries in .trivyignore

Image: ghcr.io/canonical/repo-policy-compliance:6ddae0e173029ff195f2a1b74a65b4406636be51-_1.11.0_amd64

The following CVEs are in .trivyignore but not ignored by Trivy anymore:

@renovate renovate bot changed the title chore(deps): update dependency pyjwt to v2.11.0 chore(deps): update all dependencies Feb 1, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Feb 1, 2026

Unused entries in .trivyignore

Image: ghcr.io/canonical/repo-policy-compliance:0e397dd0a97d8044939144d82110f980f5dfd03a-_1.11.0_amd64

The following CVEs are in .trivyignore but not ignored by Trivy anymore:

@github-actions
Copy link
Contributor

github-actions bot commented Feb 3, 2026

Unused entries in .trivyignore

Image: ghcr.io/canonical/repo-policy-compliance:c9e22fe01086549f727cb31b79e438810e74c0cb-_1.11.0_amd64

The following CVEs are in .trivyignore but not ignored by Trivy anymore:

@github-actions
Copy link
Contributor

github-actions bot commented Feb 3, 2026

Unused entries in .trivyignore

Image: ghcr.io/canonical/repo-policy-compliance:74215499f3060a89d0a1abd355fbe6d05a2f37b7-_1.11.0_amd64

The following CVEs are in .trivyignore but not ignored by Trivy anymore:

@seb4stien seb4stien closed this Mar 12, 2026
auto-merge was automatically disabled March 12, 2026 17:25

Pull request was closed

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@cbartz cbartz Awaiting requested review from cbartz cbartz is a code owner automatically assigned from canonical/platform-engineering

@alithethird alithethird Awaiting requested review from alithethird alithethird is a code owner automatically assigned from canonical/platform-engineering

1 more reviewer

@github-actions github-actions[bot] github-actions[bot] approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@seb4stien