chore: upgrade pg8000 due to a CVE-2025-61385 (#3225)

kukushking · web-flow · commit f5980f2adbd5 · 2025-10-30T12:55:26.000Z
* chore: upgrade pg8000 due to a CVE

* refresh lock file

* refresh lock file

* refresh lock file

* revert uv-tox change

* update uv.lock

* add type ignore

* force pyarrow 20 for test until we ugrade containers

* use venv lock runner
diff --git a/awswrangler/oracle.py b/awswrangler/oracle.py
@@ -607,7 +607,7 @@ def detect_oracle_decimal_datatype(cursor: Any) -> dict[str, pa.DataType]:
     if isinstance(cursor, oracledb.Cursor):
         # Oracle stores DECIMAL as the NUMBER type
 
-        for name, db_type, display_size, internal_size, precision, scale, null_ok in cursor.description:
+        for name, db_type, display_size, internal_size, precision, scale, null_ok in cursor.description:  # type: ignore
             _logger.debug((name, db_type, display_size, internal_size, precision, scale, null_ok))
 
             if db_type == oracledb.DB_TYPE_NUMBER and scale is not None and scale > 0:
diff --git a/test_infra/pyproject.toml b/test_infra/pyproject.toml
@@ -2,7 +2,7 @@
 name = "awswrangler-test-infrastructure"
 version = "3.13.0"
 description = "CDK test infrastructure for AWS SDK for pandas"
-authors = ["Amazon Web Services"]
+authors = [{ name = "Amazon Web Services" }]
 license = {text = "Apache-2.0"}
 requires-python = ">=3.9, <4.0"
 
diff --git a/tox.ini b/tox.ini
@@ -3,6 +3,7 @@ envlist = py{39,310,311,312,313}
 isolated_build = True
 
 [testenv]
+runner = uv-venv-lock-runner
 passenv =
        AWS_PROFILE
        AWS_DEFAULT_REGION
@@ -15,6 +16,7 @@ allowlist_externals =
        pytest
        uv
 commands_pre =
+       uv pip install pyarrow==20.0.0
        uv sync --frozen --verbose --extra deltalake --extra gremlin --extra mysql --extra opencypher --extra opensearch --extra oracle --extra postgres --extra redshift --extra sparql --extra sqlserver --extra geopandas
 commands =
        uv run pytest -n {posargs} -s -v --timeout=600 --reruns=1 --reruns-delay=30 \
@@ -38,6 +40,7 @@ allowlist_externals =
        pytest
        uv
 commands_pre =
+       uv pip install pyarrow==20.0.0
        uv sync --frozen --verbose --all-extras
 commands =
        uv run pytest -n {posargs} -s -v --timeout=600 --reruns=1 --reruns-delay=30 \
diff --git a/uv.lock b/uv.lock
