chore(deps): bump the gha group across 1 directory with 6 updates

[dependabot]

Bumps the gha group with 6 updates in the /packages/opentelemetry-instrumentation-replicate directory:

Package	From	To
opentelemetry-semantic-conventions-ai	0.4.11	0.4.12
flake8	7.0.0	7.3.0
pytest	8.2.2	8.4.1
vcrpy	6.0.1	7.0.0
pytest-recording	0.13.2	0.13.4
replicate	0.26.1	1.0.7

Updates opentelemetry-semantic-conventions-ai from 0.4.11 to 0.4.12

Updates flake8 from 7.0.0 to 7.3.0

Commits

• c48217e Release 7.3.0
• f9e0f33 Merge pull request #1986 from PyCQA/document-f542
• 6bcdb62 document F542
• 70a15b8 Merge pull request #1985 from PyCQA/upgrade-deps
• 4941a3e upgrade pyflakes / pycodestyle
• 23e4005 Merge pull request #1983 from PyCQA/py314
• 019424b add support for t-strings
• 6b6f3d5 Merge pull request #1980 from PyCQA/asottile-patch-1
• 8dfa669 add rtd sphinx config
• ce34111 Merge pull request #1976 from PyCQA/document-f824
• Additional commits viewable in compare view

Updates pytest from 8.2.2 to 8.4.1

Release notes

Sourced from pytest's releases.

8.4.1

pytest 8.4.1 (2025-06-17)

Bug fixes

• #13461: Corrected _pytest.terminal.TerminalReporter.isatty to support being called as a method. Before it was just a boolean which could break correct code when using -o log_cli=true).

• #13477: Reintroduced pytest.PytestReturnNotNoneWarning{.interpreted-text role="class"} which was removed by accident in pytest [8.4]{.title-ref}.

  This warning is raised when a test functions returns a value other than None, which is often a mistake made by beginners.

  See return-not-none{.interpreted-text role="ref"} for more information.

• #13497: Fixed compatibility with Twisted 25+.

Improved documentation

• #13492: Fixed outdated warning about faulthandler not working on Windows.

8.4.0

pytest 8.4.0 (2025-06-02)

Removals and backward incompatible breaking changes

• #11372: Async tests will now fail, instead of warning+skipping, if you don't have any suitable plugin installed.

• #12346: Tests will now fail, instead of raising a warning, if they return any value other than None.

• #12874: We dropped support for Python 3.8 following its end of life (2024-10-07).

• #12960: Test functions containing a yield now cause an explicit error. They have not been run since pytest 4.0, and were previously marked as an expected failure and deprecation warning.

  See the docs <yield tests deprecated>{.interpreted-text role="ref"} for more information.

Deprecations (removal in next major release)

• #10839: Requesting an asynchronous fixture without a [pytest_fixture_setup]{.title-ref} hook that resolves it will now give a DeprecationWarning. This most commonly happens if a sync test requests an async fixture. This should have no effect on a majority of users with async tests or fixtures using async pytest plugins, but may affect non-standard hook setups or autouse=True. For guidance on how to work around this warning see sync-test-async-fixture{.interpreted-text role="ref"}.

New features

• #11538: Added pytest.RaisesGroup{.interpreted-text role="class"} as an equivalent to pytest.raises{.interpreted-text role="func"} for expecting ExceptionGroup{.interpreted-text role="exc"}. Also adds pytest.RaisesExc{.interpreted-text role="class"} which is now the logic behind pytest.raises{.interpreted-text role="func"} and used as parameter to pytest.RaisesGroup{.interpreted-text role="class"}. RaisesGroup includes the ability to specify multiple different expected exceptions, the structure of nested exception groups, and flags for emulating except* <except_star>{.interpreted-text role="ref"}. See assert-matching-exception-groups{.interpreted-text role="ref"} and docstrings for more information.

• #12081: Added capteesys{.interpreted-text role="fixture"} to capture AND pass output to next handler set by --capture=.

• #12504: pytest.mark.xfail{.interpreted-text role="func"} now accepts pytest.RaisesGroup{.interpreted-text role="class"} for the raises parameter when you expect an exception group. You can also pass a pytest.RaisesExc{.interpreted-text role="class"} if you e.g. want to make use of the check parameter.

• #12713: New [--force-short-summary]{.title-ref} option to force condensed summary output regardless of verbosity level.

... (truncated)

Commits

• 8d99211 Prepare release version 8.4.1
• 5dc5880 docs: update pytest.ini addopts example to use separate -p entries (#13529) (...
• d0c7ed0 Reintroduce PytestReturnNotNoneWarning (#13495) (#13527)
• a1b3a78 Fix compatibility with Twisted 25 (#13502) (#13531)
• 4c161ab pytester: avoid unraisableexception gc collects in inline runs to speed up te...
• a86ee09 Fix typo in parametrize.rst (#13514) (#13516)
• 1a0581b Remove outdated warning about faulthandler_timeout on Windows (#13492) (#13493)
• 4e631a7 Merge pull request #13486 from hosmir/fixtypo (#13487)
• b49745e fix: support TerminalReporter.isatty being called (#13462) (#13483)
• cc5ceed RELEASING: remove pytest mailing list (#13472) (#13473)
• Additional commits viewable in compare view

Updates vcrpy from 6.0.1 to 7.0.0

Release notes

Sourced from vcrpy's releases.

v7.0.0

What's Changed

- Drop support for python 3.8 (major version bump) - thanks @jairhenrique
- Various linting and test fixes - thanks @jairhenrique
- Bugfix for urllib2>=2.3.0 - missing version_string ([#888](https://github.com/kevin1024/vcrpy/issues/888))
- Bugfix for asyncio.run - thanks @alekeik1

New Contributors

• @​exslim made their first contribution in kevin1024/vcrpy#889
• @​alekseik1 made their first contribution in kevin1024/vcrpy#886

v6.0.2

• Ensure body is consumed only once (#846) - thanks @​sathieu
• Permit urllib3 2.x for non-PyPy Python >=3.10
• Fix typos in test commands - thanks @​chuckwondo
• Several test and workflow improvements - thanks @​hartwork and @​graingert

Changelog

Sourced from vcrpy's changelog.

Changelog

For a full list of triaged issues, bugs and PRs and what release they are targeted for please see the following link.

ROADMAP MILESTONES <https://github.com/kevin1024/vcrpy/milestones>_

All help in providing PRs to close out bug issues is appreciated. Even if that is providing a repo that fully replicates issues. We have very generous contributors that have added these to bug issues which meant another contributor picked up the bug and closed it out.

• 7.0.0

  • Drop support for python 3.8 (major version bump) - thanks @​jairhenrique
  • Various linting and test fixes - thanks @​jairhenrique
  • Bugfix for urllib2>=2.3.0 - missing version_string (#888)
  • Bugfix for asyncio.run - thanks @​alekeik1

• 6.0.2

  • Ensure body is consumed only once (#846) - thanks @​sathieu
  • Permit urllib3 2.x for non-PyPy Python >=3.10
  • Fix typos in test commands - thanks @​chuckwondo
  • Several test and workflow improvements - thanks @​hartwork and @​graingert

• 6.0.1

  • Bugfix with to Tornado cassette generator (thanks @​graingert)

• 6.0.0

  • BREAKING: Fix issue with httpx support (thanks @​parkerhancock) in #784. NOTE: You may have to recreate some of your cassettes produced in previous releases due to the binary format being saved incorrectly in previous releases
  • BREAKING: Drop support for boto (vcrpy still supports boto3, but is dropping the deprecated boto support in this release. (thanks @​jairhenrique)
  • Fix compatibility issue with Python 3.12 (thanks @​hartwork)
  • Drop simplejson (fixes some compatibility issues) (thanks @​jairhenrique)
  • Run CI on Python 3.12 and PyPy 3.9-3.10 (thanks @​mgorny)
  • Various linting and docs improvements (thanks @​jairhenrique)
  • Tornado fixes (thanks @​graingert)

• 5.1.0

  • Use ruff for linting (instead of current flake8/isort/pyflakes) - thanks @​jairhenrique
  • Enable rule B (flake8-bugbear) on ruff - thanks @​jairhenrique
  • Configure read the docs V2 - thanks @​jairhenrique
  • Fix typo in docs - thanks @​quasimik
  • Make json.loads of Python >=3.6 decode bytes by itself - thanks @​hartwork
  • Fix body matcher for chunked requests (fixes #734) - thanks @​hartwork
  • Fix query param filter for aiohttp (fixes #517) - thanks @​hartwork and @​salomvary
  • Remove unnecessary dependency on six. - thanks @​charettes
  • build(deps): update sphinx requirement from <7 to <8 - thanks @​jairhenrique
  • Add action to validate docs - thanks @​jairhenrique
  • Add editorconfig file - thanks @​jairhenrique
  • Drop iscoroutinefunction fallback function for unsupported python thanks @​jairhenrique

• 5.0.0

  • BREAKING CHANGE: Drop support for Python 3.7. 3.7 is EOL as of 6/27/23 Thanks @​jairhenrique
  • BREAKING CHANGE: Custom Cassette persisters no longer catch ValueError. If you have implemented a custom persister (has anyone implemented a custom persister? Let us know!) then you will need to throw a CassetteNotFoundError when unable to find a cassette. See #681 for discussion and reason for this change. Thanks @​amosjyng for the PR and the review from @​hartwork

• 4.4.0

  • HUGE thanks to @​hartwork for all the work done on this release!
  • Bring vcr/unittest in to vcrpy as a full feature of vcr instead of a separate library. Big thanks to @​hartwork for doing this and to @​agriffis for originally creating the library
  • Make decompression robust towards already decompressed input (thanks @​hartwork)

... (truncated)

Commits

• 3278619 Release v7.0.0
• 3fb62e0 fix: correctly handle asyncio.run when loop exists
• 8197865 build(deps): update sphinx requirement from <8 to <9
• be651bd pre-commit: Autoupdate
• a6698ed Fix aiohttp tests
• 48d0a2e Fixed missing version_string attribute when used with urllib3>=2.3.0
• 5b858b1 Fix lint
• c8d99a9 Fix ruff configuration
• ce27c63 Merge pull request #736 from kevin1024/drop-python38
• ab8944d Drop python 3.8 support
• Additional commits viewable in compare view

Updates pytest-recording from 0.13.2 to 0.13.4

Release notes

Sourced from pytest-recording's releases.

Release 0.13.4

Fixed

• AttributeError on Windows. #174

Release 0.13.3

Fixed

• Limit generated cassette names to prevent OSError. #172

Changelog

Sourced from pytest-recording's changelog.

0.13.4_ - 2025-04-24

• AttributeError on Windows. [#174](https://github.com/kiwicom/pytest-recording/issues/174)_

0.13.3_ - 2025-04-24

• Limit generated cassette names to prevent OSError. [#172](https://github.com/kiwicom/pytest-recording/issues/172)_

Commits

• c2d2db7 chore: Release 0.13.4
• cf919c9 test: Run tests on Windows
• b8b45b7 fix: Use fallback for max filename length on Windows
• 8a7e19f docs: Update README.rst
• 3ad7910 chore: Release 0.13.3
• 9a6e12c docs: Add a note for package maintainers
• a70532b chore: Revert "test: Disable pretty plugin in pytest"
• 6b84832 chore(deps): update codecov/codecov-action action to v5.4.2
• 460a7f9 test: Add long_cassette_name test
• 9822a50 fix: Check default_cassette to prevent it from being too long.
• Additional commits viewable in compare view

Updates replicate from 0.26.1 to 1.0.7

Release notes

Sourced from replicate's releases.

1.0.7

What's Changed

If you run replicate-python within a cog model running cog 0.14.11 or later, it is now possible to pass a REPLICATE_API_TOKEN via the context as part of a prediction request.

The Replicate() constructor will now use this context when available. This grants cog models the ability to use the Replicate client libraries, scoped to a user on a per request basis.

Full Changelog: replicate/replicate-python@1.0.6...1.0.7

1.0.6

Full Changelog: replicate/replicate-python@1.0.4...1.0.6

There was no 1.0.5 release, the release system failed and we chose not to re-use the identifier.

1.0.4

What's Changed

• Fix two bugs in the base64 file_encoding_strategy by @​aron in replicate/replicate-python#398
  • replicate.run() now correctly converts the file provided into a valid base64 encoded data URL.
  • replicate.async_run() now respects the file_encoding_strategy flag.

Full Changelog: replicate/replicate-python@1.0.3...1.0.4

1.0.3

What's Changed

• Fix a bug where replicate.run would swallow tokens (or files) at the start of a prediction's output. Thanks to @​aron in replicate/replicate-python#383

Full Changelog: replicate/replicate-python@1.0.2...1.0.3

1.0.2

What's Changed

• Configure read timeout based on wait parameter by @​aron in replicate/replicate-python#373

Full Changelog: replicate/replicate-python@1.0.1...1.0.2

1.0.1

What's Changed

• 1.0.1 candidate by @​zeke in replicate/replicate-python#368

Full Changelog: replicate/replicate-python@1.0.0...1.0.1

1.0.0

[!WARNING] Breaking changes

This 1.0.0 latest release of replicate contains breaking changes. The replicate.run() method will now return FileObjects rather than URL strings by default for models that output files.

The FileObject implements an iterable object similar to httpx.Response to make it easier to work with files and ensures that Replicate can deliver file data to the client in the most efficient manner possible.

... (truncated)

Commits

• 42ba2f7 Release 1.0.7
• 36c95a8 format and lint
• 48acf51 Update replicate/client.py
• 68551cf Linting
• 302f5da Make scope lookup case insensitive
• 52c373c Document alternative authentication
• ab9982f Support getting REPLICATE_API_TOKEN from cog context
• 9f8d753 bump to 1.0.6
• f5d53cd bump patch to 1.0.5
• 804fd1d fix(package): include py.typed marker file
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

---

Important

Update dependencies in pyproject.toml for opentelemetry-instrumentation-replicate, including flake8, vcrpy, and replicate.

• Dependencies Updated:
  • opentelemetry-semantic-conventions-ai from 0.4.11 to 0.4.12.
  • flake8 from 7.0.0 to 7.3.0.
  • vcrpy from 6.0.1 to 7.0.0.
  • replicate from 0.26.1 to 1.0.7.
• Version Constraints:
  • vcrpy updated to >=6.0.1,<8.0.0.
  • replicate updated to >=0.23.1,<1.1.0.

^{This description was created by for 7e9f121. You can customize this summary. It will automatically update as commits are pushed.}

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Join our Discord community for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to 7e9f121 in 1 minute and 55 seconds. Click for details.

• Reviewed 30 lines of code in 1 files
• Skipped 1 files when reviewing.
• Skipped posting 2 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. packages/opentelemetry-instrumentation-replicate/pyproject.toml:37

• Draft comment:
  vcrpy: The current version constraint allows versions from 6.0.1 up to but not including 8.0.0. Since the update targets v7.0.0 changes, consider setting the lower bound to 7.0.0 to enforce use of the new major version.
• Reason this comment was not posted:
  Decided after close inspection that this draft comment was likely wrong and/or not actionable: usefulness confidence = 10% vs. threshold = 50% The comment makes an assumption about targeting v7.0.0 changes without any evidence. The actual change in the diff is just widening the version constraint to allow newer versions while maintaining backward compatibility. There's no indication that v7.0.0 features are specifically needed. This seems like speculation. Maybe there's documentation or commit history that shows v7.0.0 features are needed that I can't see. Maybe the wider version range could cause compatibility issues. Without clear evidence that v7.0.0 features are required, suggesting to restrict to >= 7.0.0 could unnecessarily break compatibility with working 6.x versions. The comment makes speculative assumptions about version requirements without evidence. It should be deleted.

2. packages/opentelemetry-instrumentation-replicate/pyproject.toml:40

• Draft comment:
  replicate: The dependency version range was widened to <1.1.0 but the lower bound remains at 0.23.1. If the instrumentation is meant to work with replicate 1.x (e.g. 1.0.7), update the lower bound to at least 1.0.0 to avoid accidental usage of incompatible older versions.
• Reason this comment was not posted:
  Decided after close inspection that this draft comment was likely wrong and/or not actionable: usefulness confidence = 20% vs. threshold = 50% The comment raises a valid concern about version compatibility. If the package now supports replicate 1.x versions (as evidenced by the upper bound of 1.1.0), it's reasonable to question whether older 0.x versions would still be compatible. However, without seeing the actual instrumentation code or knowing the breaking changes between replicate 0.x and 1.x, we can't be certain that older versions are incompatible. I don't have concrete evidence that versions 0.23.1 through 0.99.x are actually incompatible. The comment is somewhat speculative. While the concern is logical, we should follow our rule of requiring strong evidence before keeping a comment. This seems more like a "what if" scenario. The comment should be deleted as it's speculative about version compatibility without concrete evidence of incompatibility.

Workflow ID: wflow_v4DPFlhFvVjLdKA3

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.