Skip to content

chore(deps): bump hotdata from 0.2.5 to 0.4.1#15

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/hotdata-0.4.1
Open

chore(deps): bump hotdata from 0.2.5 to 0.4.1#15
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/hotdata-0.4.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 19, 2026

Copy link
Copy Markdown

Bumps hotdata from 0.2.5 to 0.4.1.

Release notes

Sourced from hotdata's releases.

hotdata 0.4.1

Changed

  • Configuration now defaults to a retry policy that transparently retries pre-response connection resets (stale pooled keep-alive connections, e.g. ProtocolError('Connection aborted.', ConnectionResetError)) on every method, including POST. Such a reset happens before the request reaches the server, so retrying on a fresh connection cannot double-execute. Read timeouts and status retries stay idempotent-only. Pass an explicit retries to override (#118).
  • chore: make api doc language end-user focused

hotdata 0.4.0

Added

  • hotdata.query.QueryApi: enhanced query client that transparently retries HTTP 429 (OVERLOADED) admission shedding honoring Retry-After, and auto-follows truncated results to materialize the full row set, guarded by configurable max_auto_rows (default 1M) and max_auto_bytes (default 64 MiB) ceilings (#688).
  • ResultError base class for the result-lifecycle exceptions (ResultFailedError, ResultTimeoutError, ResultTooLargeError, ResultIncompleteError, ResultUnavailableError) so callers can catch them with a single except.

Changed

  • from hotdata import QueryApi / ResultsApi now resolve to the enhanced clients (429 retry + truncation auto-follow; Arrow IPC fetch) instead of the bare generated classes, so the default happy path gets the safe behavior the query contract needs. The raw generated classes remain importable from hotdata.api.query_api / hotdata.api.results_api.

hotdata 0.3.1

Security

  • Raised dependency floors to patched releases: pyarrow >= 14.0.1 (CVE-2023-47248, RCE via unsafe deserialization) and pydantic >= 2.4.0 (CVE-2024-3772, regex denial of service).

hotdata 0.3.0

Added

  • Transparent API-token → JWT exchange: the client now exchanges an opaque API token for a short-lived JWT on first use and keeps it refreshed, so the wire always carries a current token. Credentials already shaped like a JWT pass through unchanged. Set HOTDATA_DISABLE_JWT_EXCHANGE to an affirmative value (1, true, yes, on) as a hard escape hatch.
  • Managed-catalog editing endpoints: add_managed_schema and add_managed_table on ConnectionsApi and DatabasesApi, with new models AddManagedSchemaRequest, AddManagedTableDecl, AddManagedTableRequest, ManagedSchemaResponse, and ManagedTableResponse.
  • Typed x_database_id parameter on SavedQueriesApi.execute_saved_query (required) and DatasetsApi.create_dataset, scoping execution to a database the same way QueryApi.query does — no more _headers override.
  • database_id field on QueryRequest as a body-level alternative to the X-Database-Id header.
  • storage_backend field on CreateDatabaseRequest to select the default catalog's physical backend (parquet or ducklake).
  • default_catalog field on CreateDatabaseRequest to name the database's auto-created default catalog within its query scope, surfaced on CreateDatabaseResponse, DatabaseDetailResponse, and DatabaseSummary.

hotdata 0.2.6

Added

... (truncated)

Changelog

Sourced from hotdata's changelog.

[0.4.1] - 2026-06-19

Changed

  • Configuration now defaults to a retry policy that transparently retries pre-response connection resets (stale pooled keep-alive connections, e.g. ProtocolError('Connection aborted.', ConnectionResetError)) on every method, including POST. Such a reset happens before the request reaches the server, so retrying on a fresh connection cannot double-execute. Read timeouts and status retries stay idempotent-only. Pass an explicit retries to override (#118).
  • chore: make api doc language end-user focused

[0.4.0] - 2026-06-16

Added

  • hotdata.query.QueryApi: enhanced query client that transparently retries HTTP 429 (OVERLOADED) admission shedding honoring Retry-After, and auto-follows truncated results to materialize the full row set, guarded by configurable max_auto_rows (default 1M) and max_auto_bytes (default 64 MiB) ceilings (#688).
  • ResultError base class for the result-lifecycle exceptions (ResultFailedError, ResultTimeoutError, ResultTooLargeError, ResultIncompleteError, ResultUnavailableError) so callers can catch them with a single except.

Changed

  • from hotdata import QueryApi / ResultsApi now resolve to the enhanced clients (429 retry + truncation auto-follow; Arrow IPC fetch) instead of the bare generated classes, so the default happy path gets the safe behavior the query contract needs. The raw generated classes remain importable from hotdata.api.query_api / hotdata.api.results_api.

[0.3.4] - 2026-06-15

Changed

  • feat(queries): add preview and total row count fields

[0.3.3] - 2026-06-10

Changed

  • chore: regenerate client, drop orphaned sandbox files

[0.3.1] - 2026-06-06

Security

... (truncated)

Commits
  • 8d67148 chore: release hotdata v0.4.1 (#120)
  • f89af03 feat(retry): retry pre-response connection resets on all methods (#118) (#119)
  • 9a239b2 chore: make api doc language end-user focused (#116)
  • 9cb237c ci(publish): post to #deploy on PyPI publish (#115)
  • 6790ab1 fix(release): collapse double blank line after Unreleased heading (#114)
  • 27133b5 chore: release hotdata v0.4.0 (#112)
  • b37b379 feat(query): 429 retry + truncation auto-follow (#688) (#111)
  • 5c785ba feat(queries): add preview and total row count fields (#110)
  • b597d18 chore: regenerate client, drop orphaned sandbox files (#109)
  • 6a6ba04 ci: harden client regeneration (#108)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump hotdata from 0.2.5 to 0.4.1
88b431c 
Bumps [hotdata](https://github.com/hotdata-dev/sdk-python) from 0.2.5 to 0.4.1.
- [Release notes](https://github.com/hotdata-dev/sdk-python/releases)
- [Changelog](https://github.com/hotdata-dev/sdk-python/blob/main/CHANGELOG.md)
- [Commits](hotdata-dev/sdk-python@v0.2.5...v0.4.1)

---
updated-dependencies:
- dependency-name: hotdata
  dependency-version: 0.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jun 19, 2026
@dependabot dependabot Bot mentioned this pull request Jun 19, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants