You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This PR updates all Python dev/test dependencies and generates new lock files (py/requirements_lock.txt, multitool.lock.json) with updated hashes, and removes some unnecessary test dependencies when running bazel.
🔄 Types of changes
Cleanup
Dev/Test/Build/CI
PR Type
Enhancement
Description
Bump ruff from 0.14.9 to 0.14.10 with updated checksums
Update Python dev/test dependencies to latest versions
Remove unnecessary test dependencies from Bazel configuration
Regenerate lock files with updated package hashes
Diagram Walkthrough
flowchart LR
A["Python Dependencies"] -->|Update versions| B["requirements.txt"]
A -->|Update hashes| C["requirements_lock.txt"]
A -->|Update ruff| D["multitool.lock.json"]
E["Test Dependencies"] -->|Remove unnecessary| F["py/BUILD.bazel"]
B --> G["Lock Files Generated"]
C --> G
Loading
File Walkthrough
Relevant files
Dependencies
multitool.lock.json
Upgrade ruff to 0.14.10 with new checksums
multitool.lock.json
Upgrade ruff from version 0.14.9 to 0.14.10
Update SHA256 checksums for all platform-specific ruff binaries
Includes updates for Linux (aarch64, x86_64), macOS (aarch64, x86_64), and Windows (x86_64)
cgoldberg
changed the title
[py] Bump dev/test dependencies and remove unnecessary
[py] Bump versions and remove unnecessary dev/test dependencies
Dec 31, 2025
[To ensure code accuracy, apply this suggestion manually]
Suggestion importance[1-10]: 9
__
Why: The suggestion correctly identifies that removing the pluggy dependency, which is essential for pytest, will likely break the test suite in a Bazel environment that requires explicit dependency declarations.
High
add attrs to test dependencies
Re-add the attrs requirement to TEST_DEPS to prevent potential import errors during test execution.
[To ensure code accuracy, apply this suggestion manually]
Suggestion importance[1-10]: 8
__
Why: The suggestion correctly points out that removing attrs, a common transitive dependency for test utilities, is likely to cause import errors in a strict Bazel environment.
Medium
High-level
Re-evaluate removal of tox dependency
The PR removes tox from requirements.txt but updates tox.ini, creating a contradiction. The suggestion is to either restore tox as a dependency or remove tox.ini if it's no longer used.
# Option 1: Restore tox if it's still used# py/requirements.txt
...
tox==<latest_version>
...
# py/tox.ini[testenv:linting]deps =
ruff==0.14.10
commands =
ruff check ...
# Option 2: Remove tox.ini if tox is no longer used# (file py/tox.ini is deleted)
Suggestion importance[1-10]: 7
__
Why: The suggestion correctly identifies a logical contradiction where tox is removed as a dependency while its configuration file tox.ini is updated, which could break development workflows.
Medium
More
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
User description
💥 What does this PR do?
This PR updates all Python dev/test dependencies and generates new lock files (
py/requirements_lock.txt,multitool.lock.json) with updated hashes, and removes some unnecessary test dependencies when running bazel.🔄 Types of changes
PR Type
Enhancement
Description
Bump ruff from 0.14.9 to 0.14.10 with updated checksums
Update Python dev/test dependencies to latest versions
Remove unnecessary test dependencies from Bazel configuration
Regenerate lock files with updated package hashes
Diagram Walkthrough
File Walkthrough
multitool.lock.json
Upgrade ruff to 0.14.10 with new checksumsmultitool.lock.json
and Windows (x86_64)
requirements.txt
Update and clean up Python dependenciespy/requirements.txt
importlib_metadata (version bump), jaraco.context (version bump),
jaraco.functools (version bump), keyring (version bump), platformdirs,
py, pyproject-api, tox, virtualenv
jaraco.context, jaraco.functools, keyring, pytest, secretstorage,
urllib3, wsproto
requirements_lock.txt
Regenerate lock file with updated dependenciespy/requirements_lock.txt
platformdirs, py, pyproject-api, tox, virtualenv packages entirely
jaraco-context, jaraco-functools, keyring, pytest, secretstorage,
urllib3, wsproto
requirement
BUILD.bazel
Remove unnecessary test dependencies from Bazelpy/BUILD.bazel
h11, more-itertools, multidict, outcome, pluggy, py, sortedcontainers,
sniffio
pytest-trio, pytest-mock, zipp
tox.ini
Update ruff version in tox configurationpy/tox.ini