Managing Package Upgrades and related Dependencies#989
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Type of change
Note: Fill x in []
Description
Here's a summary of all changes made across this conversation:
Vulnerability Fixes (Quay scan)
urllib3: 1.26.19 → 2.6.3
aiohttp: 3.10.11 → 3.13.3
protobuf: added at 5.29.6
Cascading Dependency Upgrades (required for compatibility)
boto3/botocore: 1.33.1/1.33.8 → 1.42.89 (urllib3 2.x support)
google-cloud-bigquery: 3.5.0 → 3.41.0 (protobuf 5.x support)
google-cloud-billing: 1.5.1 → 1.19.0 (protobuf 5.x support)
elasticsearch: 7.13.4 → 7.17.13
requests: 2.32.2 → 2.33.1
ibm-cloud-sdk-core: 3.18.0 → 3.24.4
ibm-cos-sdk: 2.13.6 → 2.16.1
ibm-platform-services: 0.27.0 → 0.75.0
ibm-vpc: 0.21.0 → 0.33.0
Python Version Changes
Deprecated Python 3.9 support
Added Python 3.14 support
Updated python_requires from >=3.9 to >=3.10 in setup.py
Updated classifiers in setup.py
Dockerfile
Base image: python:3.13-slim → python:3.14-slim
Added constraints file to prevent IBM package downgrades during pip install cloud-governance --upgrade
CI/CD Workflows
Build.yml, PR.yml, PR_Approval.yml: Python matrix updated from [3.9–3.13] to [3.10–3.14]
IBM package pins updated in CI install steps
Source Code Fixes
Replaced pkg_resources with pathlib in price.py and instance_types_pricing.py (pkg_resources removed in setuptools 82+)
Test Changes
moto: 4.0.1 → 5.1.22 (compatibility with boto3 1.42.x)
Migrated all 31 test files from @mock_s3, @mock_ec2, etc. to @mock_aws (moto 5.x API)
Fixed with mock_ec2(), mock_iam()... context managers → with mock_aws() in 2 fixture files
Fixed test_unused_nat_gateway: removed duplicate Value/Values param, adjusted metric timestamp for period alignment
Fixed test_upload_s3: S3 client region now matches LocationConstraint
Documentation
CLAUDE.md, CONTRIBUTING.md: Python venv version 3.9 → 3.10
ldap_search.py, setup.py: Comments updated to remove 3.9-specific references
For security reasons, all pull requests need to be approved first before running any automated CI
This PR was created with the assistance of Cursor AI.