chore: upgrade dependencies to latest#21
Merged
ServerSideHannes merged 4 commits intomainfrom Apr 22, 2026
Merged
Conversation
Python runtime + dev deps refreshed via uv lock --upgrade; pyproject floors bumped to match. Docker images bumped in Dockerfile, local test/e2e docker-compose, and kind/kubectl/helm/operator versions driving the e2e harness. Notable bumps: - fastapi 0.109 -> 0.136, uvicorn 0.27 -> 0.45 - pydantic 2.5 -> 2.13, pydantic-settings 2.1 -> 2.14 - boto3/botocore 1.34 -> 1.40, aioboto3 13 -> 15.5 - cryptography 42 -> 46, redis 5 -> 7.4, orjson 3.9 -> 3.11 - structlog 24.1 -> 25.5, httpx 0.26 -> 0.28 - pytest 8 -> 9, mypy 1.8 -> 1.20, ruff 0.2 -> 0.15 - uv 0.9 -> 0.11 (Dockerfile), redis:7-alpine -> redis:8-alpine - kind node v1.32.2 -> v1.34.3, kubectl v1.32.2 -> v1.34.3 - helm v3.14 -> v3.20.2, cert-manager v1.17.2 -> v1.19.0 - ECK 3.2.0 -> 3.3.2, scylla-operator v1.19.0 -> v1.20.2 Full unit test suite (388 tests) passes against upgraded deps.
Path-filtered required checks never fire when no matching files change, leaving the PR stuck on "Expected — Waiting for status to be reported". The job is <1min; run it on every PR.
Weekly updates, grouped where chatty: - uv (pyproject.toml) — minor/patch bundled, major separate - docker (Dockerfile base images) - github-actions — all bundled Image tags embedded in shell heredocs inside e2e/docker-compose.yml are not picked up by Dependabot (no docker-compose ecosystem). Those remain manual bumps or migrate to Renovate later.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
uv lock --upgrade;pyproject.tomlfloors bumped to match current latestuv0.9 → 0.11,redis7-alpine → 8-alpine (local test compose)e2e/docker-compose.yml) updated: kind node v1.32.2 → v1.34.3, kubectl v1.32.2 → v1.34.3, helm v3.14 → v3.20.2, cert-manager v1.17.2 → v1.19.0, ECK 3.2.0 → 3.3.2, scylla-operator v1.19.0 → v1.20.2, esrally base image python 3.12 → 3.14Notable Python bumps:
No GitHub Actions workflow files changed.
Test plan
uv lockresolves cleanlyuv sync --extra devinstalls without conflictsuv run pytest -m "not e2e and not ha"— 388 passeduv run ruff check s3proxy/— cleanuv run mypy s3proxy/— 186 errors (189 before upgrade; pre-existing, unrelated to this change)Helm Install Testworkflow) — runs on merge/schedulee2e/docker-compose.yml) smoke run