Skip to content

Managing Package Upgrades and related Dependencies#989

Merged
pragya811 merged 9 commits into
mainfrom
pkg_upgrades
Apr 20, 2026
Merged

Managing Package Upgrades and related Dependencies#989
pragya811 merged 9 commits into
mainfrom
pkg_upgrades

Conversation

@pragya811

@pragya811 pragya811 commented Apr 20, 2026

Copy link
Copy Markdown
Member

Type of change

Note: Fill x in []

  • bug
  • enhancement
  • documentation
  • dependencies

Description

Here's a summary of all changes made across this conversation:

Vulnerability Fixes (Quay scan)

urllib3: 1.26.19 → 2.6.3
aiohttp: 3.10.11 → 3.13.3
protobuf: added at 5.29.6
Cascading Dependency Upgrades (required for compatibility)

boto3/botocore: 1.33.1/1.33.8 → 1.42.89 (urllib3 2.x support)
google-cloud-bigquery: 3.5.0 → 3.41.0 (protobuf 5.x support)
google-cloud-billing: 1.5.1 → 1.19.0 (protobuf 5.x support)
elasticsearch: 7.13.4 → 7.17.13
requests: 2.32.2 → 2.33.1
ibm-cloud-sdk-core: 3.18.0 → 3.24.4
ibm-cos-sdk: 2.13.6 → 2.16.1
ibm-platform-services: 0.27.0 → 0.75.0
ibm-vpc: 0.21.0 → 0.33.0
Python Version Changes

Deprecated Python 3.9 support
Added Python 3.14 support
Updated python_requires from >=3.9 to >=3.10 in setup.py
Updated classifiers in setup.py
Dockerfile

Base image: python:3.13-slim → python:3.14-slim
Added constraints file to prevent IBM package downgrades during pip install cloud-governance --upgrade
CI/CD Workflows

Build.yml, PR.yml, PR_Approval.yml: Python matrix updated from [3.9–3.13] to [3.10–3.14]
IBM package pins updated in CI install steps
Source Code Fixes

Replaced pkg_resources with pathlib in price.py and instance_types_pricing.py (pkg_resources removed in setuptools 82+)
Test Changes

moto: 4.0.1 → 5.1.22 (compatibility with boto3 1.42.x)
Migrated all 31 test files from @mock_s3, @mock_ec2, etc. to @mock_aws (moto 5.x API)
Fixed with mock_ec2(), mock_iam()... context managers → with mock_aws() in 2 fixture files
Fixed test_unused_nat_gateway: removed duplicate Value/Values param, adjusted metric timestamp for period alignment
Fixed test_upload_s3: S3 client region now matches LocationConstraint
Documentation

CLAUDE.md, CONTRIBUTING.md: Python venv version 3.9 → 3.10
ldap_search.py, setup.py: Comments updated to remove 3.9-specific references

For security reasons, all pull requests need to be approved first before running any automated CI

This PR was created with the assistance of Cursor AI.

@pragya811 pragya811 requested review from ebattat and inntran April 20, 2026 07:29

@ebattat ebattat left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approved

@ebattat ebattat added the documentation Improvements or additions to documentation label Apr 20, 2026
@pragya811 pragya811 merged commit ce4941d into main Apr 20, 2026
18 checks passed
@github-project-automation github-project-automation Bot moved this from In progress to Done in Cloud-Governance project Apr 20, 2026
@pragya811 pragya811 deleted the pkg_upgrades branch April 21, 2026 04:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

documentation Improvements or additions to documentation

Projects

Development

Successfully merging this pull request may close these issues.

2 participants