Skip to content

Dependency Upgrades#147

Merged
douglowe merged 14 commits intomainfrom
develop
Apr 22, 2026
Merged

Dependency Upgrades#147
douglowe merged 14 commits intomainfrom
develop

Conversation

@douglowe
Copy link
Copy Markdown
Collaborator

@douglowe douglowe commented Apr 22, 2026

Dependency upgrades:

  • Upgraded celery from version 5.6.2 to 5.6.3.
  • Upgraded requests from version 2.32.5 to 2.33.0.
  • Upgraded Werkzeug from version 3.1.6 to 3.1.8.
  • Upgraded redis from version 7.3.0 to 7.4.0.
  • Upgraded apiflask from version 3.0.2 to 3.1.0.

dependabot Bot and others added 14 commits March 23, 2026 11:42
@dependabot
Bump apiflask from 3.0.2 to 3.1.0
2074746 
Bumps [apiflask](https://github.com/apiflask/apiflask) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/apiflask/apiflask/releases)
- [Changelog](https://github.com/apiflask/apiflask/blob/main/docs/changelog.md)
- [Commits](apiflask/apiflask@3.0.2...3.1.0)

---
updated-dependencies:
- dependency-name: apiflask
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump requests from 2.32.5 to 2.33.0
7722ff6 
Bumps [requests](https://github.com/psf/requests) from 2.32.5 to 2.33.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.5...v2.33.0)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.33.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump pygments from 2.19.2 to 2.20.0
b389d28 
Bumps [pygments](https://github.com/pygments/pygments) from 2.19.2 to 2.20.0.
- [Release notes](https://github.com/pygments/pygments/releases)
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES)
- [Commits](pygments/pygments@2.19.2...2.20.0)

---
updated-dependencies:
- dependency-name: pygments
  dependency-version: 2.20.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump flask-httpauth from 4.8.0 to 4.8.1
c4a62a0 
Bumps [flask-httpauth](https://github.com/miguelgrinberg/flask-httpauth) from 4.8.0 to 4.8.1.
- [Release notes](https://github.com/miguelgrinberg/flask-httpauth/releases)
- [Changelog](https://github.com/miguelgrinberg/Flask-HTTPAuth/blob/main/CHANGES.md)
- [Commits](miguelgrinberg/Flask-HTTPAuth@v4.8.0...v4.8.1)

---
updated-dependencies:
- dependency-name: flask-httpauth
  dependency-version: 4.8.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@douglowe
Merge pull request #140 from eScienceLab/dependabot/pip/apiflask-3.1.0
defd068 
Bump apiflask from 3.0.2 to 3.1.0
@douglowe
Merge pull request #141 from eScienceLab/dependabot/pip/requests-2.33.0
e1c1f60 
Bump requests from 2.32.5 to 2.33.0
@douglowe
Merge pull request #146 from eScienceLab/dependabot/pip/flask-httpaut…
10ac913 
…h-4.8.1

Bump flask-httpauth from 4.8.0 to 4.8.1
@douglowe
Merge pull request #145 from eScienceLab/dependabot/pip/pygments-2.20.0
b336b6b 
Bump pygments from 2.19.2 to 2.20.0
@dependabot
Bump celery from 5.6.2 to 5.6.3
20b586a 
Bumps [celery](https://github.com/celery/celery) from 5.6.2 to 5.6.3.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/v5.6.3/Changelog.rst)
- [Commits](celery/celery@v5.6.2...v5.6.3)

---
updated-dependencies:
- dependency-name: celery
  dependency-version: 5.6.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump redis from 7.3.0 to 7.4.0
7bb11eb 
Bumps [redis](https://github.com/redis/redis-py) from 7.3.0 to 7.4.0.
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](redis/redis-py@v7.3.0...v7.4.0)

---
updated-dependencies:
- dependency-name: redis
  dependency-version: 7.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@douglowe
Merge pull request #143 from eScienceLab/dependabot/pip/celery-5.6.3
b8597ec 
Bump celery from 5.6.2 to 5.6.3
@douglowe
Merge pull request #144 from eScienceLab/dependabot/pip/redis-7.4.0
0554f90 
Bump redis from 7.3.0 to 7.4.0
@dependabot
Bump werkzeug from 3.1.6 to 3.1.7
b5c1ea5 
Bumps [werkzeug](https://github.com/pallets/werkzeug) from 3.1.6 to 3.1.7.
- [Release notes](https://github.com/pallets/werkzeug/releases)
- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst)
- [Commits](pallets/werkzeug@3.1.6...3.1.7)

---
updated-dependencies:
- dependency-name: werkzeug
  dependency-version: 3.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@douglowe
Merge pull request #142 from eScienceLab/dependabot/pip/werkzeug-3.1.7
7ef8d2e 
Bump werkzeug from 3.1.6 to 3.1.8
Copilot AI review requested due to automatic review settings April 22, 2026 15:53
@douglowe douglowe merged commit 8155227 into main Apr 22, 2026
2 checks passed
Copilot AI reviewed Apr 22, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates pinned Python dependencies (and the compiled lockfile) to newer patch/minor versions to keep the service up to date and aligned with security/bugfix releases.

Changes:

  • Bumped direct dependency pins in requirements.in (celery, requests, Werkzeug, redis, apiflask).
  • Regenerated requirements.txt via pip-compile, updating the resolved/pinned set accordingly (including some transitive version bumps).

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File Description
requirements.in Updates the top-level pinned dependency versions.
requirements.txt Updates the compiled/pinned dependency set generated from requirements.in.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@douglowe