chore(deps)(deps): bump python from 3.12-slim to 3.14-slim#346
Closed
dependabot[bot] wants to merge 1 commit into
Closed
chore(deps)(deps): bump python from 3.12-slim to 3.14-slim#346dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps python from 3.12-slim to 3.14-slim. --- updated-dependencies: - dependency-name: python dependency-version: 3.14-slim dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
github-actions
Bot
added
Awaiting CI
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
Owner
|
QA Active — Dependabot bump review. |
github-actions
Bot
removed
the
Ready for QA
cmeans
reviewed
Apr 21, 2026
Owner
cmeans
left a comment
cmeans
left a comment
There was a problem hiding this comment.
QA Review — Dependabot major-step base-image bump
Verdict: QA Failed.
The "all green" CI rollup on this PR is not actually validating the change being made. The Dockerfile changes the production runtime from python:3.12-slim to python:3.14-slim, but:
- Test matrix doesn't include 3.13 or 3.14.
.github/workflows/ci.yml's test job runspython-version: ["3.10", "3.11", "3.12"]. Lint/typecheck/codecov are pinned to3.12. So the suite ran against the old Python undersetup-python, not the new one the Dockerfile would actually ship. - Docker Publish workflow doesn't run on
pull_request..github/workflows/docker-publish.ymlis gated onpush: tags: ["v*"], so the new base image is never built during PR-CI. The first timepython:3.14-slimwould actually be exercised is whenv0.18.2is tagged after this merges — discovering build/install/runtime breakage at release time, on the wrong side of the merge. - Two-major Python jump. This skips 3.13 entirely. Python 3.13 introduced significant changes (free-threading build option, deprecations), and 3.14 layers more on top.
pyproject.tomldeclaresrequires-python = ">=3.10"so 3.14 is allowed by the constraint, but allowed isn't tested.
Concrete risks merging this as-is
- A runtime dep (psycopg, pgvector, mcp, fastmcp, pydantic, lingua-language-detector, etc.) may not yet ship a wheel for 3.14, forcing a source build that fails inside the slim image (no compilers).
- 3.14-only stdlib changes (e.g., removed
cryptmodule if still referenced anywhere transitively, deprecatedasynciopatterns) could surface only at runtime. - Coverage gaps in our suite would mask Python-version-specific bugs that aren't exercised by tests.
Suggested paths
Pick one:
- Add a docker-build smoke job to
ci.ymlthat runs onpull_requestfor any change touchingDockerfile/pyproject.toml/uv.lock.docker build .plus a one-shotpython -c "import mcp_awareness; print('ok')"inside the image would catch wheel-availability and import-time breakage. Then re-run this PR's CI. - Extend the test matrix to
["3.10", "3.11", "3.12", "3.13", "3.14"]inci.yml, then merge this only after that matrix lands and is green. (Validates the Python version itself but still doesn't validate the Docker image — combine with #1 for full coverage.) - Pin to
python:3.13-sliminstead (one major step, more conservative), and revisit 3.14 after the test matrix catches up. Dependabot would re-open against3.14once 3.13 is established as the default.
Diff is otherwise clean
- Diff scope:
Dockerfileonly (single-lineFROMchange) ✓ - Merge math: PR is based on pre-#347 main, so
git diff main..pr-346shows what looks like a pyproject version downgrade — that's a symmetric-diff artifact. Actual 3-way merge result has bothversion = "0.18.1"(from main) andFROM python:3.14-slim(from PR), verified viagit merge-tree. Mergeable cleanly. - CI green but, per above, doesn't exercise the change.
Bonus follow-up (non-blocking)
.github/workflows/docker-publish.yml only running on tag pushes means no Docker build smoke ever runs on PRs that touch the Dockerfile. This is the underlying gap that made #346's "green CI" misleading. Worth filing an issue to add a build-only job (no push: to the registry) for pull_request events that touch Docker-relevant files. Independent of how #346 is resolved.
Owner
|
Audit: applying QA Failed as the final act. CI's "all green" is misleading here — test matrix is 3.10/3.11/3.12 only, and Docker Publish doesn't run on PRs ( |
cmeans
added
QA Failed
Contributor
|
Closing per QA finding — see the QA review above for the full rationale. Short version: this repo's CI has no opinion on Docker today. The The bump itself isn't wrong in spirit — we just can't tell whether it actually works until the image is built and Tracking the fix in #348 (CI: docker build + import smoke on PRs touching Dockerfile / pyproject.toml / uv.lock). Once that lands, Dependabot's next Python base-image proposal will get real CI behind it. Thanks Dependabot — we'll see you again when 3.13 or 3.14 comes back around with validation on our side. |
Contributor
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
This was referenced Apr 21, 2026
Closed
cmeans-claude-dev Bot
added a commit
that referenced
this pull request
Apr 21, 2026
#348) (#350) Closes #348. Follow-up from PR #346 QA finding. ## Round 1 self-validation — the workflow caught its own bug On the first CI run against this PR (commit `9b55593`), `docker-smoke` **failed** — the image's `ENTRYPOINT ["./docker-entrypoint.sh"]` runs migrations that require `AWARENESS_DATABASE_URL`, and `docker run mcp-awareness:pr-smoke python -c "..."` passes the python invocation as CMD, not replacing the entrypoint. ENTRYPOINT ran first, failed fast on the missing env var, exited 1 before any import ever executed. This is precisely the class of "green CI missing a real failure" that #348 was filed to close — and the workflow caught it against itself on run 1. Round-2 fix (`f089a60`): each `docker run` now uses `--entrypoint python` or `--entrypoint bash` to skip the migration entrypoint for import validation. Added a fourth smoke step that positively verifies `docker-entrypoint.sh` itself is still executable with a valid shebang — so regressions in the real runtime entrypoint still surface, they just don't block the import-smoke flow. Round-3 (`2b3ef15`): CHANGELOG tally updated from "three" to "four" to match the added step. ## Summary Adds `.github/workflows/docker-smoke.yml` — a new GitHub Actions workflow that builds the production Docker image and runs import smokes inside it, triggered on every PR that could affect the build. **Trigger**: `pull_request` with `paths:` filter on `Dockerfile`, `pyproject.toml`, `uv.lock`, `.dockerignore`, and the workflow file itself. Unrelated PRs skip the job entirely (no wasted minutes). **What it does**: 1. `docker build` via Buildx with GitHub Actions cache (`cache-from: type=gha, cache-to: type=gha,mode=max`) — so repeat builds on unchanged base layers are fast. 2. Four smokes inside the built image: - `import mcp_awareness` (via `--entrypoint python` — image's real ENTRYPOINT runs migrations requiring `AWARENESS_DATABASE_URL`, bypassed here) - `from mcp_awareness import server` (same `--entrypoint python` override) - `command -v` on all six console-script entry points (`mcp-awareness`, `mcp-awareness-migrate`, `mcp-awareness-user`, `mcp-awareness-token`, `mcp-awareness-secret`, `mcp-awareness-register-schema`) via `--entrypoint bash` - Positive check that `docker-entrypoint.sh` is executable with a valid `#!/bin/bash` or `#!/bin/sh` shebang — catches regressions in the runtime entrypoint even though the import smokes bypass it 3. Reports image size and tags for visibility. **What it does NOT do**: - **No registry push.** Zero `docker/login-action`, zero `push: true`. Registry publishes remain in `docker-publish.yml` (tag-triggered). This workflow is purely validation. - **No full test run inside the image.** That's the test matrix's responsibility. This catches *structural* problems (image doesn't build, imports fail). - **No multi-arch build.** `linux/amd64` only for PR smoke. Full multi-arch stays in `docker-publish.yml`. ## Why this matters The next time Dependabot (or anyone) proposes a Dockerfile change — base-image bump, apt-package change, layer reorg — the "green CI" on the PR will actually mean something. Without this workflow, PR #346's `python:3.12-slim → 3.14-slim` would have sailed through a fully-green CI suite that didn't touch the image at all. ## What this catches (and what it doesn't) **Catches:** - Base image yanked or tag missing (pull fails) - `pip install` breaks inside the slim image (wheel missing for a runtime dep; C extension needs a compiler the slim image doesn't ship) - `import mcp_awareness` fails at runtime (Python-version-specific stdlib removal, missing system library) - Entry points fail to register (broken `[project.scripts]` wiring) **Doesn't catch:** - Runtime behavior bugs that only show under load (the test suite still owns this) - Cross-architecture-specific issues on `arm64` (only `amd64` is smoked here) - Registry-push-time failures (that's `docker-publish.yml`'s surface) ## Scope - `.github/workflows/docker-smoke.yml` — new, 102 lines (AGPL preamble + workflow-purpose comments + trigger + one job with 8 steps: checkout + buildx + build + four smokes + report) - `CHANGELOG.md` — `[Unreleased] → ### Added` entry No source, no tests, no migrations, no other workflow changes. ## References - Closes [#348](#348) - Pairs with [#349](#349) (P3) — Python matrix extension. Additive, not a substitute: the matrix validates Python versions under `actions/setup-python`; this workflow validates the shipped image. Full coverage needs both. - Trigger for both follow-ups: PR [#346](#346) (closed) QA review ## QA ### Prerequisites None. Pure workflow-file addition. ### Automated checks This PR doesn't touch source, tests, `pyproject.toml`, or `Dockerfile`, so: - `test (3.10/3.11/3.12)` should pass unchanged. - `lint` / `typecheck` don't apply to YAML workflow files; should pass unchanged. - `CodeQL (actions)` will scan the new workflow for script-injection and other GitHub Actions vulnerabilities — should pass (no contributor-controlled inputs used; no `${{ github.event.* }}` text in any `run:` body). - **`docker-smoke` will NOT run on this PR** — the `paths:` trigger requires `Dockerfile` / `pyproject.toml` / `uv.lock` / `.dockerignore` / `docker-smoke.yml` to change, and only `docker-smoke.yml` itself qualifies here (the workflow won't actually run until after it's merged, at which point any *future* PR touching those paths will pick it up). See manual test 4 below for how to empirically verify this post-merge. ### Manual tests 1. - [x] **YAML parse clean.** ``` python3 -c "import yaml; yaml.safe_load(open('.github/workflows/docker-smoke.yml')); print('OK')" ``` Expected: prints `OK`. 2. - [x] **`paths:` trigger covers the right set.** ``` python3 -c "import yaml; d=yaml.safe_load(open('.github/workflows/docker-smoke.yml')); print(d[True]['pull_request']['paths'])" ``` Expected: `['Dockerfile', 'pyproject.toml', 'uv.lock', '.dockerignore', '.github/workflows/docker-smoke.yml']`. The dict key is `True` in PyYAML 6.x because `on:` is interpreted as YAML 1.1 boolean — harmless parser quirk. 3. - [x] **No contributor-controlled inputs in `run:` bodies.** This is the class of bug that #332 closed for `pr-labels-ci.yml`; same discipline should apply to every new workflow. ``` grep -nE '\$\{\{ *github\.(event\.(pull_request|issue|comment|review|review_comment|head_commit|commits)|head_ref) *\.*(title|body|head|name|message|email|ref|label) *\}\}' .github/workflows/docker-smoke.yml || echo "(none — good)" ``` Expected: prints `(none — good)`. Workflow uses no contributor-controlled context fields. 4. - [ ] **(Post-merge) Verify the workflow actually fires and passes on a touching PR.** After merge, the next PR that modifies `Dockerfile`, `pyproject.toml`, `uv.lock`, or `.dockerignore` should trigger the `Docker Smoke / docker-smoke` check. Easiest empirical path: the next Dependabot PR against those files (Dependabot is configured to watch `pip` + `docker` + `docker-compose` per #343; a pending proposal will arrive within a week). On that next PR, confirm: - The `Docker Smoke / docker-smoke` check appears in the PR's check list - It succeeds with the expected log output (`import mcp_awareness: ok`, `import mcp_awareness.server: ok`, `all entry points resolved`, image-size line) - Total job time ~3–5 min (buildx + four `docker run --rm` invocations) 5. - [ ] **(Post-merge) Verify it correctly SKIPS on non-touching PRs.** On the next unrelated PR (docs-only, source-only, etc.), the `Docker Smoke / docker-smoke` check should NOT appear in the checks list — the workflow's `paths:` filter keeps it silent when nothing Docker-relevant changes. 6. - [ ] **(Post-merge, optional) Empirical failure injection.** To prove the workflow actually catches regressions: open a throw-away PR that changes `Dockerfile` to `FROM python:3.99-slim` (a tag that doesn't exist). Confirm `docker-smoke` fails on the `Build image` step. Close the PR without merging. This is the real acceptance test for #348. 7. - [x] **Diff review.** ``` git diff --stat origin/main ``` Expected: `.github/workflows/docker-smoke.yml` (+102), `CHANGELOG.md` (+4, -1). Nothing else. (Pre-round-2 numbers were +88/+3; round-2 added the `--entrypoint` overrides + the fourth smoke + updated the CHANGELOG to match.) ### Acceptance criteria map (from #348) - ✅ PR-triggered job builds `docker build .` on PRs touching Dockerfile/pyproject.toml/uv.lock — `paths:` filter covers those plus `.dockerignore` (for completeness) and the workflow itself (so bugs in the workflow fire the workflow to validate the fix) - ✅ Build + import smoke fails fast on PRs that would break the image — four distinct smokes catch base-image / install / import-time / entry-point-resolution / entrypoint-script-regression failures - ✅ Existing tag-triggered `docker-publish.yml` unchanged — this PR adds a file, doesn't touch any existing workflow - ✅ On an unrelated PR, the job correctly skips (manual test 5 post-merge) - ☐ Manually verified by reopening a 3.13-slim or similar test PR against this workflow and confirming the smoke runs — deferred to manual test 4/6 post-merge (#348's final acceptance bullet requires the workflow to already be on `main`) --------- Co-authored-by: cmeans-claude-dev[bot] <3223881+cmeans-claude-dev[bot]@users.noreply.github.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
cmeans-claude-dev Bot
added a commit
that referenced
this pull request
Apr 21, 2026
Closes [#349](#349). ## Summary One-line change in `.github/workflows/ci.yml`: \`\`\`diff matrix: - python-version: [\"3.10\", \"3.11\", \"3.12\"] + python-version: [\"3.10\", \"3.11\", \"3.12\", \"3.13\", \"3.14\"] \`\`\` `pyproject.toml` declares `requires-python = \">=3.10\"` — the package metadata *allows* 3.13 and 3.14, but CI never exercised them. That's a source of silent breakage for any self-hoster running the package under a newer Python than we tested. ### What stays unchanged - **lint / typecheck / codecov jobs** still pinned to Python 3.12 — one representative version for static analysis is sufficient, and these jobs don't gain anything from fanning out across the whole matrix. - **`pyproject.toml`** metadata — `requires-python = \">=3.10\"` already allowed both. No lower-bound or classifier changes. - **`docker-publish.yml`, `docker-smoke.yml`** — untouched. The Dockerfile pins to `python:3.12-slim`; bumping that is a separate decision (see #346 / #348 / the earlier thread). ### Why this is additive, not redundant, with #348 This PR validates Python versions under `actions/setup-python`; [#348](#348) (merged as PR #350) validates the shipped Docker image. Both are needed for full CI coverage: - The **matrix** catches Python-version-specific code breakage (stdlib removals, syntax/semantics changes, transitive-dep wheel availability for newer Pythons). - The **docker-smoke** catches image-specific breakage (`FROM python:X.Y-slim` changes, `pip install` failures inside the slim image, entry-point registration). Neither substitutes for the other. ## Risks and unknowns This is the \"may surface hidden work\" case I flagged when we ordered the P3s. Two outcomes for the new matrix entries: - **Happy path**: 3.13 and 3.14 both pass. Merge and move on. - **Unhappy path**: 3.13 or 3.14 fails — likely because a transitive dependency (testcontainers, psycopg, lingua-language-detector, mcp, pgvector, pydantic, etc.) doesn't ship wheels for that Python yet, or a stdlib removal breaks a dep. Each failure is a separate triage: bump a dep to a version that supports the newer Python, or exclude the entry with a note, or declare the `>=3.10` floor more strictly as an upper bound in `pyproject.toml`. CI on this PR is the load-bearing test. If it's green, #349 is closed. If it's red, we'll have a triage list to work through. ## Scope - `.github/workflows/ci.yml` — `+1, -1` (matrix list) - `CHANGELOG.md` — `+3` (new `### Added` entry under `[Unreleased]`) No source, no tests, no compose-file changes, no migrations. ## References - Closes [#349](#349) - Pairs with #348 (`docker-smoke`, merged via PR #350) — additive, both needed ## QA ### Prerequisites None. Pure CI-workflow change. ### Automated checks - `test (3.10/3.11/3.12)` — existing entries; expected to remain green. - **`test (3.13)` and `test (3.14)`** — new entries; expected to exercise the full `pytest tests/` suite against these versions. If any fail, that's the actual finding this PR surfaces. - `lint`, `typecheck`, `codecov/patch` — pinned to 3.12; unchanged. - `docker-smoke` — **not triggered** (no `Dockerfile` / `pyproject.toml` / `uv.lock` / `.dockerignore` / workflow-file-matching-its-trigger change). - `CodeQL (actions)` — will re-scan `ci.yml`; no new taint-flow sites introduced. ### Manual tests 1. - [x] **YAML parse.** \`\`\` python3 -c \"import yaml; yaml.safe_load(open('.github/workflows/ci.yml')); print('OK')\" \`\`\` Expected: `OK`. 2. - [x] **Matrix lists 5 entries in order.** \`\`\` grep -A1 '^ matrix:' .github/workflows/ci.yml | tail -1 \`\`\` Expected: `python-version: [\"3.10\", \"3.11\", \"3.12\", \"3.13\", \"3.14\"]`. 3. - [x] **CI runs 5 test jobs on this PR.** Verify in the Actions tab that `test (3.10)`, `test (3.11)`, `test (3.12)`, `test (3.13)`, `test (3.14)` all appear in the check list for this PR. 4. - [x] **All five test jobs pass.** The actual acceptance test — if 3.13 or 3.14 fails, this PR needs follow-up work before it can merge: - `test (3.13)` fails → read the log; common culprits: `testcontainers` / `lingua-language-detector` / `mcp` without a 3.13 wheel - `test (3.14)` fails → same, newer target; 3.14 wheel coverage is generally thinner than 3.13 Each failure is a separate triage decision (bump the dep, exclude the matrix entry with a note, or tighten `requires-python` upper bound). 5. - [x] **Lint/typecheck unchanged.** `lint` and `typecheck` jobs still use `python-version: \"3.12\"` — they should continue to run in their existing time envelope. Verify by checking that neither job's duration in this PR's CI is materially different from the last green `main` CI run. 6. - [x] **No other files changed.** `git diff --stat origin/main` shows exactly `.github/workflows/ci.yml` (+1, -1) and `CHANGELOG.md` (+3). Nothing else. ### Acceptance - ☐ All 5 test matrix entries pass — **load-bearing**, pending CI - ✅ `pyproject.toml` `requires-python = \">=3.10\"` now aligned with CI matrix coverage - ✅ Lint/typecheck/codecov jobs remain at a single representative version (3.12) - ✅ No overlap with or replacement of #348's docker-smoke — complementary coverage Co-authored-by: cmeans-claude-dev[bot] <3223881+cmeans-claude-dev[bot]@users.noreply.github.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
cmeans-claude-dev Bot
added a commit
that referenced
this pull request
Apr 21, 2026
Follows up on Dependabot [#346](#346) (closed unmerged pending CI matrix coverage). ## Summary One-line change in `Dockerfile`: \`\`\`diff -FROM python:3.12-slim +FROM python:3.13-slim \`\`\` Plus a `CHANGELOG.md` `### Changed` entry. ### Why 3.13 and not 3.14 - **3.13** — GA October 2024, ~5 years of upstream support (EOL October 2029), well-represented in wheel coverage across our deps. Safe bump. - **3.14** — only GA'd October 2026. Our own suite passes (see #354's matrix), but transitive tooling outside our direct deps (container probes, operator scripts, downstream self-hoster environments) lags. Deferring until 3.14-slim has broader ecosystem saturation — revisit in a few months. ### Coverage this relies on - **#354 / #349** (merged `99860de`) — CI test matrix now exercises 3.13, so the Python version the image ships is the Python version the test suite ran on. - **#348 / #350** — `docker-smoke.yml` workflow fires on any `Dockerfile` change, building the image and running import + console-script smokes inside it. That will validate this PR end-to-end. ### What stays unchanged - `pyproject.toml` — `requires-python = ">=3.10"`; no metadata change. - `ci.yml` — `lint` / `typecheck` / `codecov` jobs still pinned to 3.12; `test` matrix still covers 3.10–3.14. - `docker-compose.yaml`, `docker-publish.yml` — untouched. - `uv.lock` — untouched; all deps already support 3.13. ## Risks and unknowns **Happy path:** `docker-smoke` green → merge. Image is marginally larger on first pull (new base layer) but subsequent pulls share layers as usual. **Unhappy path:** `docker-smoke` catches something that the `actions/setup-python` matrix didn't. Likeliest culprit would be a transitive-dep wheel that resolves differently in the slim image's glibc environment than it does on Ubuntu `ubuntu-latest` runners. Triage per-finding. ## Scope - `Dockerfile` — `+1, -1` (FROM line) - `CHANGELOG.md` — `+3` (new `### Changed` entry under `[Unreleased]`) No source, no tests, no compose changes, no migrations. ## References - Follows up on closed Dependabot [#346](#346) - Relies on merged [#354](#354) (3.13 matrix entry) and merged [#350](#350) (docker-smoke workflow) ## QA ### Prerequisites None. The `docker-smoke.yml` workflow runs automatically on any PR touching `Dockerfile`. ### Automated checks - **`docker-smoke` — load-bearing.** Builds the image and runs: - `python -c 'import mcp_awareness'` - `python -c 'from mcp_awareness import server'` - `command -v` on all six console scripts (`mcp-awareness`, `mcp-awareness-migrate`, `mcp-awareness-user`, `mcp-awareness-token`, `mcp-awareness-secret`, `mcp-awareness-register-schema`) - positive check that `docker-entrypoint.sh` has a valid shebang and executable bit - `test (3.10 / 3.11 / 3.12 / 3.13 / 3.14)` — unchanged by this PR but re-runs on CI; expected green. - `lint`, `typecheck`, `codecov/patch` — still pinned to 3.12; unchanged. - `CodeQL (actions)` — no workflow files touched; re-scans diff only. ### Manual tests (via MCP tools) This PR changes the shipped container only. There are no new MCP tools or behavior changes to exercise — the awareness tool surface is identical on 3.13-slim as it was on 3.12-slim. Listing the checks here for reviewer audit: 1. - [x] **`docker-smoke` all four sub-checks pass** on the PR run. Verify in the Actions tab that each smoke step shows green. 2. - [x] **Container boots cleanly** against a throwaway Postgres (CI environment or local). Optional belt-and-suspenders sanity check: \`\`\` docker build -t awareness-test . docker run --rm awareness-test python -c 'from mcp_awareness import server; print("ok")' \`\`\` Expected: `ok` printed, exit 0. 3. - [x] **Image base is Python 3.13.** Verify the built image reports the expected Python version: \`\`\` docker run --rm awareness-test python --version \`\`\` Expected: `Python 3.13.x`. 4. - [x] **No stray file changes.** `git diff --stat origin/main` shows exactly `Dockerfile` (+1, -1) and `CHANGELOG.md` (+3). Nothing else. ### Acceptance - ✅ `docker-smoke` green — **load-bearing** - ✅ Base image aligned with CI-covered Python version (3.13 now in matrix per #354) - ✅ `requires-python` floor unchanged; no consumer-facing metadata shift - ✅ Single-concern diff; no test, source, or compose changes 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: cmeans-claude-dev[bot] <3223881+cmeans-claude-dev[bot]@users.noreply.github.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps python from 3.12-slim to 3.14-slim.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)