Skip to content

chore(deps): bump the gha group across 1 directory with 8 updates #3191

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

chore(deps): bump the gha group across 1 directory with 8 updates #3191

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 28, 2025
edited
Loading

Bumps the gha group with 8 updates in the /packages/opentelemetry-instrumentation-bedrock directory:

Package From To
opentelemetry-semantic-conventions-ai 0.4.11 0.4.12
anthropic 0.31.2 0.59.0
tokenizers 0.21.0 0.21.2
flake8 7.0.0 7.3.0
boto3 1.34.145 1.39.14
vcrpy 6.0.1 7.0.0
pytest 8.2.2 8.4.1
pytest-recording 0.13.2 0.13.4

Updates opentelemetry-semantic-conventions-ai from 0.4.11 to 0.4.12

Updates anthropic from 0.31.2 to 0.59.0

Release notes

Sourced from anthropic's releases.

v0.59.0

0.59.0 (2025-07-23)

Full Changelog: v0.58.2...v0.59.0

Features

  • api: removed older deprecated models (38998fd)

Bug Fixes

  • parsing: ignore empty metadata (7099f32)
  • parsing: parse extra field types (dbea8a4)

Chores

v0.58.2

0.58.2 (2025-07-18)

Full Changelog: v0.58.1...v0.58.2

Chores

v0.58.1

0.58.1 (2025-07-18)

Full Changelog: v0.58.0...v0.58.1

Chores

v0.58.0

0.58.0 (2025-07-18)

Full Changelog: v0.57.1...v0.58.0

Features

  • clean up environment call outs (4f64e9c)

Bug Fixes

... (truncated)

Changelog

Sourced from anthropic's changelog.

0.59.0 (2025-07-23)

Full Changelog: v0.58.2...v0.59.0

Features

  • api: removed older deprecated models (38998fd)

Bug Fixes

  • parsing: ignore empty metadata (7099f32)
  • parsing: parse extra field types (dbea8a4)

Chores

0.58.2 (2025-07-18)

Full Changelog: v0.58.1...v0.58.2

Chores

0.58.1 (2025-07-18)

Full Changelog: v0.58.0...v0.58.1

Chores

0.58.0 (2025-07-18)

Full Changelog: v0.57.1...v0.58.0

Features

  • clean up environment call outs (4f64e9c)

Bug Fixes

  • client: don't send Content-Type header on GET requests (727268f)
  • parsing: correctly handle nested discriminated unions (44dd47e)

... (truncated)

Commits

Updates tokenizers from 0.21.0 to 0.21.2

Release notes

Sourced from tokenizers's releases.

v0.21.2

What's Changed

This release if focused around some performance optimization, enabling broader python no gil support, and fixing some onig issues!

New Contributors

Full Changelog: huggingface/tokenizers@v0.21.1...v0.21.2rc0

v0.21.1

What's Changed

... (truncated)

Commits

Updates flake8 from 7.0.0 to 7.3.0

Commits

Updates boto3 from 1.34.145 to 1.39.14

Commits
  • 050e275 Merge branch 'release-1.39.14'
  • 959b380 Bumping version to 1.39.14
  • 3b19832 Add changelog entries from botocore
  • 237679b Merge branch 'release-1.39.13'
  • d1ada0e Merge branch 'release-1.39.13' into develop
  • 280ac68 Bumping version to 1.39.13
  • 6cee863 Add changelog entries from botocore
  • bf1d0e7 Merge branch 'release-1.39.12'
  • 67c5498 Merge branch 'release-1.39.12' into develop
  • 7bb02b1 Bumping version to 1.39.12
  • Additional commits viewable in compare view

Updates vcrpy from 6.0.1 to 7.0.0

Release notes

Sourced from vcrpy's releases.

v7.0.0

What's Changed

- Drop support for python 3.8 (major version bump) - thanks @jairhenrique
- Various linting and test fixes - thanks @jairhenrique
- Bugfix for urllib2>=2.3.0 - missing version_string ([#888](https://github.com/kevin1024/vcrpy/issues/888))
- Bugfix for asyncio.run - thanks @alekeik1

New Contributors

v6.0.2

Changelog

Sourced from vcrpy's changelog.

Changelog

For a full list of triaged issues, bugs and PRs and what release they are targeted for please see the following link.

ROADMAP MILESTONES <https://github.com/kevin1024/vcrpy/milestones>_

All help in providing PRs to close out bug issues is appreciated. Even if that is providing a repo that fully replicates issues. We have very generous contributors that have added these to bug issues which meant another contributor picked up the bug and closed it out.

  • 7.0.0

  • 6.0.2

  • 6.0.1

    • Bugfix with to Tornado cassette generator (thanks @​graingert)

  • 6.0.0

    • BREAKING: Fix issue with httpx support (thanks @​parkerhancock) in #784. NOTE: You may have to recreate some of your cassettes produced in previous releases due to the binary format being saved incorrectly in previous releases
    • BREAKING: Drop support for boto (vcrpy still supports boto3, but is dropping the deprecated boto support in this release. (thanks @​jairhenrique)
    • Fix compatibility issue with Python 3.12 (thanks @​hartwork)
    • Drop simplejson (fixes some compatibility issues) (thanks @​jairhenrique)
    • Run CI on Python 3.12 and PyPy 3.9-3.10 (thanks @​mgorny)
    • Various linting and docs improvements (thanks @​jairhenrique)
    • Tornado fixes (thanks @​graingert)

  • 5.1.0

  • 5.0.0

    • BREAKING CHANGE: Drop support for Python 3.7. 3.7 is EOL as of 6/27/23 Thanks @​jairhenrique
    • BREAKING CHANGE: Custom Cassette persisters no longer catch ValueError. If you have implemented a custom persister (has anyone implemented a custom persister? Let us know!) then you will need to throw a CassetteNotFoundError when unable to find a cassette. See #681 for discussion and reason for this change. Thanks @​amosjyng for the PR and the review from @​hartwork

  • 4.4.0

    • HUGE thanks to @​hartwork for all the work done on this release!
    • Bring vcr/unittest in to vcrpy as a full feature of vcr instead of a separate library. Big thanks to @​hartwork for doing this and to @​agriffis for originally creating the library
    • Make decompression robust towards already decompressed input (thanks @​hartwork)

... (truncated)

Commits
  • 3278619 Release v7.0.0
  • 3fb62e0 fix: correctly handle asyncio.run when loop exists
  • 8197865 build(deps): update sphinx requirement from <8 to <9
  • be651bd pre-commit: Autoupdate
  • a6698ed Fix aiohttp tests
  • 48d0a2e Fixed missing version_string attribute when used with urllib3>=2.3.0
  • 5b858b1 Fix lint
  • c8d99a9 Fix ruff configuration
  • ce27c63 Merge pull request #736 from kevin1024/drop-python38
  • ab8944d Drop python 3.8 support
  • Additional commits viewable in compare view

Updates pytest from 8.2.2 to 8.4.1

Release notes

Sourced from pytest's releases.

8.4.1

pytest 8.4.1 (2025-06-17)

Bug fixes

  • #13461: Corrected _pytest.terminal.TerminalReporter.isatty to support being called as a method. Before it was just a boolean which could break correct code when using -o log_cli=true).

  • #13477: Reintroduced pytest.PytestReturnNotNoneWarning{.interpreted-text role="class"} which was removed by accident in pytest [8.4]{.title-ref}.

    This warning is raised when a test functions returns a value other than None, which is often a mistake made by beginners.

    See return-not-none{.interpreted-text role="ref"} for more information.

  • #13497: Fixed compatibility with Twisted 25+.

Improved documentation

  • #13492: Fixed outdated warning about faulthandler not working on Windows.

8.4.0

pytest 8.4.0 (2025-06-02)

Removals and backward incompatible breaking changes

  • #11372: Async tests will now fail, instead of warning+skipping, if you don't have any suitable plugin installed.

  • #12346: Tests will now fail, instead of raising a warning, if they return any value other than None.

  • #12874: We dropped support for Python 3.8 following its end of life (2024-10-07).

  • #12960: Test functions containing a yield now cause an explicit error. They have not been run since pytest 4.0, and were previously marked as an expected failure and deprecation warning.

    See the docs <yield tests deprecated>{.interpreted-text role="ref"} for more information.

Deprecations (removal in next major release)

  • #10839: Requesting an asynchronous fixture without a [pytest_fixture_setup]{.title-ref} hook that resolves it will now give a DeprecationWarning. This most commonly happens if a sync test requests an async fixture. This should have no effect on a majority of users with async tests or fixtures using async pytest plugins, but may affect non-standard hook setups or autouse=True. For guidance on how to work around this warning see sync-test-async-fixture{.interpreted-text role="ref"}.

New features

  • #11538: Added pytest.RaisesGroup{.interpreted-text role="class"} as an equivalent to pytest.raises{.interpreted-text role="func"} for expecting ExceptionGroup{.interpreted-text role="exc"}. Also adds pytest.RaisesExc{.interpreted-text role="class"} which is now the logic behind pytest.raises{.interpreted-text role="func"} and used as parameter to pytest.RaisesGroup{.interpreted-text role="class"}. RaisesGroup includes the ability to specify multiple different expected exceptions, the structure of nested exception groups, and flags for emulating except* <except_star>{.interpreted-text role="ref"}. See assert-matching-exception-groups{.interpreted-text role="ref"} and docstrings for more information.

  • #12081: Added capteesys{.interpreted-text role="fixture"} to capture AND pass output to next handler set by --capture=.

  • #12504: pytest.mark.xfail{.interpreted-text role="func"} now accepts pytest.RaisesGroup{.interpreted-text role="class"} for the raises parameter when you expect an exception group. You can also pass a pytest.RaisesExc{.interpreted-text role="class"} if you e.g. want to make use of the check parameter.

  • #12713: New [--force-short-summary]{.title-ref} option to force condensed summary output regardless of verbosity level.

... (truncated)

Commits

Updates pytest-recording from 0.13.2 to 0.13.4

Release notes

Sourced from pytest-recording's releases.

Release 0.13.4

Fixed

  • AttributeError on Windows. #174

Release 0.13.3

Fixed

  • Limit generated cassette names to prevent OSError. #172
Changelog

Sourced from pytest-recording's changelog.

0.13.4_ - 2025-04-24

  • AttributeError on Windows. [#174](https://github.com/kiwicom/pytest-recording/issues/174)_

0.13.3_ - 2025-04-24

  • Limit generated cassette names to prevent OSError. [#172](https://github.com/kiwicom/pytest-recording/issues/172)_
Commits
  • c2d2db7 chore: Release 0.13.4
  • cf919c9 test: Run tests on Windows
  • b8b45b7 fix: Use fallback for max filename length on Windows
  • 8a7e19f docs: Update README.rst
  • 3ad7910 chore: Release 0.13.3
  • 9a6e12c docs: Add a note for package maintainers
  • a70532b chore: Revert "test: Disable pretty plugin in pytest"
  • 6b84832 chore(deps): update codecov/codecov-action action to v5.4.2
  • 460a7f9 test: Add long_cassette_name test
  • 9822a50 fix: Check default_cassette to prevent it from being too long.
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Important

Update dependencies in pyproject.toml for opentelemetry-instrumentation-bedrock package with minor and patch version bumps.

  • Dependencies Updated:
    • opentelemetry-semantic-conventions-ai from 0.4.11 to 0.4.12.
    • anthropic from 0.31.2 to 0.59.0.
    • tokenizers from 0.21.0 to 0.21.2.
    • flake8 from 7.0.0 to 7.3.0.
    • boto3 from 1.34.145 to 1.39.14.
    • vcrpy from 6.0.1 to 7.0.0.
    • pytest from 8.2.2 to 8.4.1.
    • pytest-recording from 0.13.2 to 0.13.4.

This description was created by Ellipsis for 833e5db. You can customize this summary. It will automatically update as commits are pushed.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jul 28, 2025
@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Jul 28, 2025
edited
Loading

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Join our Discord community for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

  • Visit our Status Page to check the current availability of CodeRabbit.
  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

ellipsis-dev[bot]
ellipsis-dev bot reviewed Jul 28, 2025
View reviewed changes
Copy link
Contributor

@ellipsis-dev ellipsis-dev bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Important

Looks good to me! 👍

Reviewed everything up to 833e5db in 2 minutes and 7 seconds. Click for details.
  • Reviewed 25 lines of code in 1 files
  • Skipped 1 files when reviewing.
  • Skipped posting 3 draft comments. View those below.
  • Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.
1. packages/opentelemetry-instrumentation-bedrock/pyproject.toml:30
  • Draft comment:
    Bump for opentelemetry-semantic-conventions-ai looks correct (0.4.11 → 0.4.12).
  • Reason this comment was not posted:
    Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is purely informative and does not provide any actionable feedback or suggestions. It simply states that a version bump looks correct, which is not useful for the PR author.
2. packages/opentelemetry-instrumentation-bedrock/pyproject.toml:36
  • Draft comment:
    flake8 dependency updated to 7.3.0; please verify no new lint errors arise.
  • Reason this comment was not posted:
    Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is asking the PR author to verify something related to a dependency change, which is against the rules. It doesn't provide a specific suggestion or point out a specific issue.
3. packages/opentelemetry-instrumentation-bedrock/pyproject.toml:40
  • Draft comment:
    vcrpy version spec updated from '^6.0.1' to '>=6.0.1,<8.0.0' to allow v7.x versions; confirm that breaking changes in v7.0.0 are handled.
  • Reason this comment was not posted:
    Decided after close inspection that this draft comment was likely wrong and/or not actionable: usefulness confidence = 10% vs. threshold = 50% This is a dependency version change comment. One of our explicit rules is to NOT comment on dependency changes or library versions. The comment is asking the author to verify compatibility, which is another rule violation - we shouldn't ask authors to verify or confirm things. The change is in test dependencies, making it even less critical. Maybe breaking changes in test dependencies could cause significant issues in the test suite that would be hard to debug later? While test dependency issues could be problematic, our rules explicitly state not to comment on dependency changes. Additionally, asking for verification violates our rules against requesting confirmations. Delete this comment as it violates multiple rules: commenting on dependency changes and asking for verification/confirmation.

Workflow ID: wflow_G2zAxgio8oo1kH3w

You can customize Ellipsis by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.

@dependabot dependabot bot force-pushed the dependabot/pip/packages/opentelemetry-instrumentation-bedrock/gha-3a9f51b6b9 branch 2 times, most recently from b65fd95 to bc0d821 Compare August 4, 2025 11:09
@dependabot dependabot bot force-pushed the dependabot/pip/packages/opentelemetry-instrumentation-bedrock/gha-3a9f51b6b9 branch 7 times, most recently from 7a2b7cf to 9fe18fe Compare August 14, 2025 12:12
@dependabot
chore(deps): bump the gha group across 1 directory with 8 updates
8e2a2d5 
Bumps the gha group with 8 updates in the /packages/opentelemetry-instrumentation-bedrock directory:

| Package | From | To |
| --- | --- | --- |
| opentelemetry-semantic-conventions-ai | `0.4.11` | `0.4.12` |
| [anthropic](https://github.com/anthropics/anthropic-sdk-python) | `0.31.2` | `0.59.0` |
| [tokenizers](https://github.com/huggingface/tokenizers) | `0.21.0` | `0.21.2` |
| [flake8](https://github.com/pycqa/flake8) | `7.0.0` | `7.3.0` |
| [boto3](https://github.com/boto/boto3) | `1.34.145` | `1.39.14` |
| [vcrpy](https://github.com/kevin1024/vcrpy) | `6.0.1` | `7.0.0` |
| [pytest](https://github.com/pytest-dev/pytest) | `8.2.2` | `8.4.1` |
| [pytest-recording](https://github.com/kiwicom/pytest-recording) | `0.13.2` | `0.13.4` |



Updates `opentelemetry-semantic-conventions-ai` from 0.4.11 to 0.4.12

Updates `anthropic` from 0.31.2 to 0.59.0
- [Release notes](https://github.com/anthropics/anthropic-sdk-python/releases)
- [Changelog](https://github.com/anthropics/anthropic-sdk-python/blob/main/CHANGELOG.md)
- [Commits](anthropics/anthropic-sdk-python@v0.31.2...v0.59.0)

Updates `tokenizers` from 0.21.0 to 0.21.2
- [Release notes](https://github.com/huggingface/tokenizers/releases)
- [Changelog](https://github.com/huggingface/tokenizers/blob/main/RELEASE.md)
- [Commits](huggingface/tokenizers@v0.21.0...v0.21.2)

Updates `flake8` from 7.0.0 to 7.3.0
- [Commits](PyCQA/flake8@7.0.0...7.3.0)

Updates `boto3` from 1.34.145 to 1.39.14
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.34.145...1.39.14)

Updates `vcrpy` from 6.0.1 to 7.0.0
- [Release notes](https://github.com/kevin1024/vcrpy/releases)
- [Changelog](https://github.com/kevin1024/vcrpy/blob/master/docs/changelog.rst)
- [Commits](kevin1024/vcrpy@v6.0.1...v7.0.0)

Updates `pytest` from 8.2.2 to 8.4.1
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.2.2...8.4.1)

Updates `pytest-recording` from 0.13.2 to 0.13.4
- [Release notes](https://github.com/kiwicom/pytest-recording/releases)
- [Changelog](https://github.com/kiwicom/pytest-recording/blob/master/docs/changelog.rst)
- [Commits](kiwicom/pytest-recording@v0.13.2...v0.13.4)

---
updated-dependencies:
- dependency-name: opentelemetry-semantic-conventions-ai
  dependency-version: 0.4.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gha
- dependency-name: anthropic
  dependency-version: 0.59.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha
- dependency-name: tokenizers
  dependency-version: 0.21.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gha
- dependency-name: flake8
  dependency-version: 7.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: gha
- dependency-name: boto3
  dependency-version: 1.39.14
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: gha
- dependency-name: vcrpy
  dependency-version: 7.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: gha
- dependency-name: pytest
  dependency-version: 8.4.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: gha
- dependency-name: pytest-recording
  dependency-version: 0.13.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: gha
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/packages/opentelemetry-instrumentation-bedrock/gha-3a9f51b6b9 branch from 9fe18fe to 8e2a2d5 Compare August 14, 2025 14:43
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 14, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Aug 14, 2025
@dependabot dependabot bot deleted the dependabot/pip/packages/opentelemetry-instrumentation-bedrock/gha-3a9f51b6b9 branch August 14, 2025 15:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ellipsis-dev ellipsis-dev[bot] ellipsis-dev[bot] left review comments

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants