Skip to content

Chore(deps): Bump web3 from 6.3 to 7.9.0#208

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/web3-7.9.0
Open

Chore(deps): Bump web3 from 6.3 to 7.9.0#208
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/web3-7.9.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 17, 2025
edited
Loading

Bumps web3 from 6.3 to 7.9.0.

Changelog

Sourced from web3's changelog.

web3.py v7.9.0 (2025-03-12)

Bugfixes


- Prevent mutating list of subscriptions when unsubscribing via the ``subscription_manager`` by iterating over a copy of the provided list. (`[#3604](https://github.com/ethereum/web3.py/issues/3604) <https://github.com/ethereum/web3.py/issues/3604>`__)
- Batching can now be used with the AutoProvider (`[#3607](https://github.com/ethereum/web3.py/issues/3607) <https://github.com/ethereum/web3.py/issues/3607>`__)

Improved Documentation

  • Update and clean up Contributing docs. ([#3610](https://github.com/ethereum/web3.py/issues/3610) <https://github.com/ethereum/web3.py/issues/3610>__)

Features


- Add ``use_text_frames`` flag for ``WebSocketProvider`` to work around websocket servers that don't support binary frames (`[#3619](https://github.com/ethereum/web3.py/issues/3619) <https://github.com/ethereum/web3.py/issues/3619>`__)
- Sync and async support for ``eth_simulateV1`` RPC method. (`[#3622](https://github.com/ethereum/web3.py/issues/3622) <https://github.com/ethereum/web3.py/issues/3622>`__)

Internal Changes - for web3.py Contributors

  • Renames a test so pytest finds it. ([#3606](https://github.com/ethereum/web3.py/issues/3606) <https://github.com/ethereum/web3.py/issues/3606>__)
  • Merge template, replacing bumpversion with bump-my-version. ([#3610](https://github.com/ethereum/web3.py/issues/3610) <https://github.com/ethereum/web3.py/issues/3610>__)
  • Update integration test fixture to use latest geth version v1.15.5. ([#3636](https://github.com/ethereum/web3.py/issues/3636) <https://github.com/ethereum/web3.py/issues/3636>__)
  • Use -U to install latest py-geth version for CI geth steps. This is usually a requirement if we're missing the binary for the newly-generated fixture geth version. ([#3637](https://github.com/ethereum/web3.py/issues/3637) <https://github.com/ethereum/web3.py/issues/3637>__)
  • Re-compile test contracts with newly released Solidity v0.8.29. ([#3640](https://github.com/ethereum/web3.py/issues/3640) <https://github.com/ethereum/web3.py/issues/3640>__)

Miscellaneous Changes


- `[#3623](https://github.com/ethereum/web3.py/issues/3623) <https://github.com/ethereum/web3.py/issues/3623>`__

web3.py v7.8.0 (2025-02-03)


Breaking Changes



- The bugfix to match ``unsubscribe`` to ``subscribe`` for multiple subscriptions breaks the function signature for ``unsubscribe``, changing the ``subscription`` argument to ``subscriptions``. (`[#3585](https://github.com/ethereum/web3.py/issues/3585) &lt;https://github.com/ethereum/web3.py/issues/3585&gt;`__)

Bugfixes


&amp;lt;/tr&amp;gt;&amp;lt;/table&amp;gt; 
&lt;/code&gt;&lt;/pre&gt;
&lt;/blockquote&gt;
&lt;p&gt;... (truncated)&lt;/p&gt;
&lt;/details&gt;
&lt;details&gt;
&lt;summary&gt;Commits&lt;/summary&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href=&quot;https://github.com/ethereum/web3.py/commit/0e43cdcb040c23fb31f0aaa2d2d1572159fcfff9&quot;&gt;&lt;code&gt;0e43cdc&lt;/code&gt;&lt;/a&gt; Bump version: 7.8.0 → 7.9.0&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://github.com/ethereum/web3.py/commit/5bb7afe28d059d8e0fb35f9ce6421396fc310a1d&quot;&gt;&lt;code&gt;5bb7afe&lt;/code&gt;&lt;/a&gt; Compile release notes for v7.9.0&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://github.com/ethereum/web3.py/commit/2785757cf53e5f70630f1c9eaa53fabbea4bd251&quot;&gt;&lt;code&gt;2785757&lt;/code&gt;&lt;/a&gt; Clean up newsfragments&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://github.com/ethereum/web3.py/commit/2bf8c20365472ac4393ddc1f3d15d65bf8bdd216&quot;&gt;&lt;code&gt;2bf8c20&lt;/code&gt;&lt;/a&gt; re-compile test contracts with solidity v0.8.29&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://github.com/ethereum/web3.py/commit/680dc660d8472672eebd1fdccdfaddf6f686f23d&quot;&gt;&lt;code&gt;680dc66&lt;/code&gt;&lt;/a&gt; Use &lt;code&gt;-U&lt;/code&gt; in the pip install for py-geth if missing geth binary:&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://github.com/ethereum/web3.py/commit/f49203b8cf09175a9306148829b1fac4bece38dc&quot;&gt;&lt;code&gt;f49203b&lt;/code&gt;&lt;/a&gt; Add note to underpriced transaction tests for clarity to readers&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://github.com/ethereum/web3.py/commit/2bd70d89ef43706891dff41624cf3d2fa00e1a45&quot;&gt;&lt;code&gt;2bd70d8&lt;/code&gt;&lt;/a&gt; Update geth fixture to use geth &lt;code&gt;v1.15.5&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://github.com/ethereum/web3.py/commit/1976bc0d7b454c93e30f90d6c08bef5e66f25b01&quot;&gt;&lt;code&gt;1976bc0&lt;/code&gt;&lt;/a&gt; Update test_async_transaction.py&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://github.com/ethereum/web3.py/commit/6b671f457d53a6f032a605f51292bc56cafb9829&quot;&gt;&lt;code&gt;6b671f4&lt;/code&gt;&lt;/a&gt; Update test_threads.py&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://github.com/ethereum/web3.py/commit/a926feaf1328c83bc9682dcc807ae2e9b9ec9b2b&quot;&gt;&lt;code&gt;a926fea&lt;/code&gt;&lt;/a&gt; Update README-linux.md&lt;/li&gt;
&lt;li&gt;Additional commits viewable in &lt;a href=&quot;https://github.com/ethereum/web3.py/compare/v6.3.0...v7.9.0&quot;&gt;compare view&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;/details&gt;

&lt;br /&gt;
</code></pre>


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=web3&package-manager=pip&previous-version=6.3&new-version=7.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
Chore(deps): Bump web3 from 6.3 to 7.9.0
7ce9ff5 
Bumps [web3](https://github.com/ethereum/web3.py) from 6.3 to 7.9.0.
- [Changelog](https://github.com/ethereum/web3.py/blob/main/docs/release_notes.rst)
- [Commits](ethereum/web3.py@v6.3.0...v7.9.0)

---
updated-dependencies:
- dependency-name: web3
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Mar 17, 2025
@github-actions
Copy link

github-actions bot commented Mar 17, 2025

Failed to retrieve llama text: Invalid URL '/completion': No scheme supplied. Perhaps you meant https:///completion?

@odesenfans odesenfans mentioned this pull request Oct 27, 2025
Closed
foxpatch-aleph
foxpatch-aleph requested changes Mar 5, 2026
View reviewed changes
Copy link

@foxpatch-aleph foxpatch-aleph left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR bumps web3 from 6.3 to 7.9.0, a major version upgrade with breaking API changes. Two breaking usages exist in the codebase: (1) geth_poa_middleware was removed in web3.py v7 — it's no longer needed as PoA support is now built-in, but the import and inject call are not updated; (2) SignedTransaction.rawTransaction was renamed to raw_transaction in web3.py v7. Both issues will cause import or runtime errors. The dependency pin change itself (to ==7.9.0) is reasonable in style, though a range like >=7.9.0,<8 would be more flexible. No tests cover these code paths with a live provider so CI likely won't catch these failures.

src/aleph/sdk/chains/ethereum.py (line 14): geth_poa_middleware was removed in web3.py v7. PoA chain support is now built-in and no longer requires explicit middleware injection. This import will fail with an ImportError at startup.

Remove this import and the inject call below (lines 90-92).

src/aleph/sdk/chains/ethereum.py (line 90): This block injects geth_poa_middleware which no longer exists in web3.py v7. Remove it entirely — web3.py v7 handles PoA chains natively without middleware.

# Remove these three lines:
self._provider.middleware_onion.inject(
    geth_poa_middleware, "geth_poa", layer=0
)

src/aleph/sdk/chains/ethereum.py (line 131): SignedTransaction.rawTransaction was renamed to raw_transaction (snake_case) in web3.py v7. This will raise AttributeError at runtime when sending transactions.

Change to:

tx_hash = self._provider.eth.send_raw_transaction(signed_tx.raw_transaction)

pyproject.toml (line 44): Minor nit: pinning to an exact version (==7.9.0) is stricter than necessary and will require another PR for every patch release. Consider >=7.9.0,<8 to allow compatible updates automatically, consistent with how other deps like aiohttp and aleph-message are specified.

foxpatch-aleph
foxpatch-aleph requested changes Mar 5, 2026
View reviewed changes
Copy link

@foxpatch-aleph foxpatch-aleph left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR bumps web3 from 6.3 to 7.9.0 but does not address the breaking API changes introduced in web3.py v7. The codebase uses at least three APIs that were changed or removed in v7, meaning this bump will cause runtime failures for BSC chain users and anyone sending transactions. The dependency pin should not be merged without fixing these incompatibilities.

src/aleph/sdk/chains/ethereum.py (line 14): geth_poa_middleware was removed in web3.py v7. It was renamed to ExtraDataToPOAMiddleware and moved to web3.middleware.proof_of_authority. This import will raise an ImportError at module load time.

Fix:

from web3.middleware import ExtraDataToPOAMiddleware

src/aleph/sdk/chains/ethereum.py (line 90): middleware_onion.inject(middleware, name, layer=0) changed in web3.py v7. The positional name argument was removed and the method signature is now middleware_onion.inject(middleware, layer=0). Additionally, the middleware itself should be updated to ExtraDataToPOAMiddleware.

Fix:

self._provider.middleware_onion.inject(ExtraDataToPOAMiddleware, layer=0)

src/aleph/sdk/chains/ethereum.py (line 131): SignedTransaction.rawTransaction was renamed to raw_transaction (snake_case) in web3.py v7. This line will raise an AttributeError at runtime whenever a transaction is sent.

Fix:

tx_hash = self._provider.eth.send_raw_transaction(signed_tx.raw_transaction)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@foxpatch-aleph foxpatch-aleph foxpatch-aleph requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@foxpatch-aleph