Skip to content

chore(deps): Update dependencies in bulk (filelock, pynacl, urllib3)#52

Merged
m1so merged 2 commits intomainfrom
mb/update-dependabot-dependencies-20260114
Jan 14, 2026
Merged

chore(deps): Update dependencies in bulk (filelock, pynacl, urllib3)#52
m1so merged 2 commits intomainfrom
mb/update-dependabot-dependencies-20260114

Conversation

@m1so
Copy link
Contributor

@m1so m1so commented Jan 14, 2026

Summary by CodeRabbit

  • Chores
    • Updated snowflake-sqlalchemy upper version constraint from <1.8 to <1.9 for enhanced compatibility
    • Added filelock and pynacl as new dependencies with Python-version-specific constraints
    • Enhanced urllib3 security constraints for Python 3.10 and later versions
    • Updated nox development dependency to latest compatible release
    • Added virtualenv as a new development dependency

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jan 14, 2026

📝 Walkthrough

Walkthrough

The pull request updates dependency constraints in pyproject.toml. The upper bound for snowflake-sqlalchemy is increased from <1.8 to <1.9. New dependencies are added: filelock with Python version-specific constraints (3.19.1 for Python <3.10, 3.20.3 for Python ≥3.10) and pynacl (>=1.6.2,<2). The urllib3 constraint is tightened for security purposes. Dev dependencies are updated with nox version bumped and virtualenv added. A total of 7 lines added and 3 removed.

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed Title accurately summarizes the main change: a bulk dependency update including filelock, pynacl, and urllib3, plus additional dependencies like snowflake-sqlalchemy, nox, and virtualenv.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.


Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link

github-actions bot commented Jan 14, 2026

📦 Python package built successfully!

  • Version: 1.2.0.dev5+f4402f2
  • Wheel: deepnote_toolkit-1.2.0.dev5+f4402f2-py3-none-any.whl
  • Install:
    pip install "deepnote-toolkit @ https://deepnote-staging-runtime-artifactory.s3.amazonaws.com/deepnote-toolkit-packages/1.2.0.dev5%2Bf4402f2/deepnote_toolkit-1.2.0.dev5%2Bf4402f2-py3-none-any.whl"

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Fix all issues with AI agents
In `@pyproject.toml`:
- Around line 208-209: The dev dependency for virtualenv currently lacks an
upper-bound and should follow the project's "<X.0.0" pattern for consistency;
update the string "virtualenv>=20.36.1" to include an upper bound like
"virtualenv>=20.36.1,<21.0.0" in pyproject.toml so it matches the existing style
used for other dev deps.
- Around line 139-147: The pyproject dependency list is missing a urllib3
constraint for Python 3.9 (Snowflake requires urllib3 <2.0.0); add a urllib3
dependency entry that restricts urllib3 to be below 2.0.0 specifically for
python_version == '3.9' (mirroring the style of the existing urllib3 entry for
python_version >= '3.10') so that urllib3 is constrained to <2.0.0 on 3.9 while
leaving the >= '3.10' entry intact.
📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

  • Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 10ab3d7 and 7d6430c.

⛔ Files ignored due to path filters (1)
  • poetry.lock is excluded by !**/*.lock
📒 Files selected for processing (1)
  • pyproject.toml
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (15)
  • GitHub Check: Test - Python 3.12
  • GitHub Check: Test - Python 3.10
  • GitHub Check: Test - Python 3.11
  • GitHub Check: Test - Python 3.9
  • GitHub Check: Typecheck - 3.9
  • GitHub Check: Test - Python 3.13
  • GitHub Check: Typecheck - 3.13
  • GitHub Check: Typecheck - 3.12
  • GitHub Check: Typecheck - 3.11
  • GitHub Check: Typecheck - 3.10
  • GitHub Check: Build and push artifacts for Python 3.10
  • GitHub Check: Build and push artifacts for Python 3.11
  • GitHub Check: Build and push artifacts for Python 3.13
  • GitHub Check: Build and push artifacts for Python 3.12
  • GitHub Check: Build and push artifacts for Python 3.9
🔇 Additional comments (1)
pyproject.toml (1)

99-99: LGTM. Minor version bump for snowflake-sqlalchemy.

✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.

@codecov
Copy link

codecov bot commented Jan 14, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 73.27%. Comparing base (d64095b) to head (6285a62).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files
@@           Coverage Diff           @@
##             main      #52   +/-   ##
=======================================
  Coverage   73.27%   73.27%           
=======================================
  Files          93       93           
  Lines        5194     5194           
  Branches      758      758           
=======================================
  Hits         3806     3806           
  Misses       1144     1144           
  Partials      244      244           
Flag Coverage Δ
combined 73.27% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@deepnote-bot
Copy link

deepnote-bot commented Jan 14, 2026

🚀 Review App Deployment Started

📝 Description 🌐 Link / Info
🌍 Review application ra-52
🔑 Sign-in URL Click to sign-in
📊 Application logs View logs
🔄 Actions Click to redeploy
🚀 ArgoCD deployment View deployment
Last deployed 2026-01-14 17:30:27 (UTC)
📜 Deployed commit 3f8fb44c8bbb15073728bba1e14edbd259cbd63b
🛠️ Toolkit version f4402f2

@m1so m1so marked this pull request as ready for review January 14, 2026 17:21
@m1so m1so requested a review from a team as a code owner January 14, 2026 17:21
@m1so m1so requested review from FilipPyrek and mfranczel January 14, 2026 17:21
@m1so m1so enabled auto-merge (squash) January 14, 2026 17:24
@m1so m1so merged commit 2f838ef into main Jan 14, 2026
35 checks passed
@m1so m1so deleted the mb/update-dependabot-dependencies-20260114 branch January 14, 2026 17:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants

Comments