LITE-33140: Tested bump dependencies#250
Draft
pcaro wants to merge 1 commit into
Draft
Conversation
Clean, targeted dependency refresh on top of current master, replacing the stale bot PR #248. Mirrors the sibling bump in cloudblue/connect-python-openapi-client#86. Test toolchain: pytest 7.2.2 -> 8.4.2 pytest-cov 2.12.1 -> 6.3.0 coverage 5.5 -> 7.14.3 responses 0.20.0 -> 0.26.1 pytest 8 changed collection ordering, exposing a latent isolation bug: tests/plugins/play/test_play_commands.py deletes and reimports connect.cli.ccli, so test_ccli.py's module-level 'from ... import main' bound to a stale module object that mocker.patch never touched. Fixed by importing main inside each test. Lint toolchain: flake8 5.0.4 -> 7.3.0 flake8-bugbear 22.12.6 -> 25.11.29 flake8-commas 2.1.0 -> 4.0.0 flake8-isort 5.0.3 -> 6.1.2 flake8-broken-line 0.5.0 -> 1.0.0 Only bugbear codes are enforced (select = "B"); bugbear 25 adds B017, which flagged a broad pytest.raises(Exception) in test_http.py masking the real ValueError; narrowed it. Runtime deps: connect-openapi-client >=29 -> >=35 (34.0 -> 35.0) interrogatio 2.3.1 -> 2.4.0 iso3166 1.0.1 -> 2.1.1 phonenumbers 8.13.55 -> 9.0.33 poetry-core 1.9.1 -> 2.4.1 click 8.3.1 -> 8.4.2 requests 2.32.5 -> 2.34.2 openapi-client 35.0 dropped its importlib-metadata<7 pin (#86), which unblocked interrogatio 2.4 (needs importlib-metadata>=8.5); that also pulls httpx 0.28.1 / pytest-httpx 0.35.0 and drops sniffio. Lint/format stack (black) and runtime majors gated upstream (eaas-core, reports-core, rich via markdown-renderer) are left untouched. Full suite: 715 passed.
ba5f73d to
3047ba2
Compare
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.



Summary
Clean, targeted redo of the dependency bump attempted in #248, on top of current master.
This PR mirrors the targeted bump done in the sibling client repo — see cloudblue/connect-python-openapi-client#86 .
Changes
Test toolchain
pytest 8 changed collection ordering, exposing a latent isolation bug:
tests/plugins/play/test_play_commands.pydoesdel sys.modules['connect.cli.ccli']then reimports it, sotest_ccli.py's module-levelfrom ... import mainbound to a stale module object thatmocker.patchnever touched. Fixed by importingmaininside each test.Lint toolchain
Only bugbear codes are enforced (
select = "B"); bugbear 25 adds B017, which flagged a broadpytest.raises(Exception)intest_http.pymasking the realValueError— narrowed it.Runtime deps
>=29→>=35)connect-openapi-client35.0 dropped itsimportlib-metadata<7pin (via #86), which unblocked interrogatio 2.4 (needsimportlib-metadata>=8.5). That bump also pullshttpx 0.28.1/pytest-httpx 0.35.0and dropssniffio. Otherwise no packages added/removed.Verification
test (3.10)(flake8 + full pytest) ✅, SonarCloud ✅.poetry run pytest);flake8clean repo-wide.⏳ Prepared — waiting on the eaas-core release
typing-inspectcomes in transitively, all 715 tests pass — connect-cli needs zero code changes (it uses no pydantic directly; eaas-core was the only pin atpydantic<2). correct typo #127 already carries the two fixes it needed: it declarestyping-inspect(fastapi-utils 0.8 imports it on its pydantic-2 path) and widensfastapito<0.137.Ready to land the moment eaas-core is released — apply, then
poetry lock:<3.15(keeping<4makes poetry fail to resolve, since eaas-core caps there). Side benefits carried in:pydantic 2, andfastapifree to move off the current 0.115.x cap (up to <0.137).connect-markdown-renderer3.x (rich >=12.4.4,<13); its latest (3.0.0) still caps it. Needs a markdown-renderer release that allows rich 13+. (This cap is markdown-renderer, not eaas-core.)Out of scope
connect-reports-core(26.*, latest 34.0) — deliberate major pin coupled to the report-execution engine (last bumped in LITE-24284 for the async engine). It transitively pins the report/PDF stack (weasyprint<54, plotly<6, kaleido==0.2.1, jsonschema<4, orjson<4); bumping is behavior-affecting and needs separate validation. Used only by thereport/project reportplugins.blackkept at 23.* (mirrors the client repo, avoids repo-wide reformat churn).Recommend closing #248 in favor of this PR.