Dependency updates for py3.14 compat #1631
Open
+101
−99
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
also update jinja2 to 3.0 to prevent dependency conflict with markupsafe. jinja2 3.0 isn't the latest, but upgrading to it doesn't seem to break anything.
we don't have any (transitive) dependencies on pkg_resources anymore. also pin build-time setuptools to a specific version.
this also updates all the transitive deps.. i skimmed the changelogs and didn't spot anything that would be relevant to us.
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #1631 +/- ##
==========================================
+ Coverage 54.67% 54.70% +0.03%
==========================================
Files 335 335
Lines 27361 27352 -9
==========================================
+ Hits 14960 14964 +4
+ Misses 12401 12388 -13
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
arch updated their python to 3.14 and tests started failing again...
this time it was werkzeug's fault. i upgraded werkzeug to the latest release. this pulled jinja and markupsafe along aswell.
the biggest change is that werkzeug's securecookie module got extracted into a separate secure-cookie project, which appears to be abandoned now. i rewrote the usage of it using tornado's
create_signed_valuefunction (which is supposed to be an implementation detail for set_secure_cookie, which we can't use outside of a tornado request handler, but well, we already depend on this function elsewhere and it's not like there's any risk of tornado updating and breaking it ;) ).other changes were pretty trivial renames / import reorganizations. i did also discover a bug in werkzeug which i reported upstream, likely to be fixed in the next release, but i don't think it's too blocking. (see file_middleware_test.py; the bug is about improper advertising of range request support, but i think we rarely have files large enough for range requests to be relevant.)
also, now that nothing depends on pkg_resources anymore, we can remove setuptools from the runtime dependencies and bump the build-time version to 82.0 (which is the first release that actually removes pkg_resources).
updating constraints.txt also upgraded all our transitive deps. i skimmed the changelogs for most of them and didn't spot anything interesting.