Skip to content

Bump the pip group across 2 directories with 3 updates#4066

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/pip-2bb3877195
Open

Bump the pip group across 2 directories with 3 updates#4066
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/pip-2bb3877195

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 16, 2026

Copy link
Copy Markdown
Contributor

Bumps the pip group with 3 updates in the / directory: ansible-core, pytest and pyopenssl.
Bumps the pip group with 1 update in the /docs directory: ansible-core.

Updates ansible-core from 2.15.13 to 2.16.19rc1

Release notes

Sourced from ansible-core's releases.

v2.16.19rc1

Changelog

See the full changelog for the changes included in this release.

Release Artifacts

v2.16.18

Changelog

See the full changelog for the changes included in this release.

Release Artifacts

v2.16.18rc1

Changelog

See the full changelog for the changes included in this release.

Release Artifacts

v2.16.17

Changelog

See the full changelog for the changes included in this release.

Release Artifacts

v2.16.17rc1

Changelog

See the full changelog for the changes included in this release.

Release Artifacts

... (truncated)

Commits

Updates pytest from 8.3.3 to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

  • #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

  • #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

    Previously this resulted in an internal assertion failure during plugin loading.

    Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

  • #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

  • #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

  • #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

  • #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
  • #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
  • #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
  • #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

  • #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

    -- by aleguy02

9.0.2

pytest 9.0.2 (2025-12-06)

Bug fixes

  • #13896: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.

    You may enable it again by passing -p terminalprogress. We may enable it by default again once compatibility improves in the future.

    Additionally, when the environment variable TERM is dumb, the escape codes are no longer emitted, even if the plugin is enabled.

  • #13904: Fixed the TOML type of the tmp_path_retention_count settings in the API reference from number to string.

  • #13946: The private config.inicfg attribute was changed in a breaking manner in pytest 9.0.0. Due to its usage in the ecosystem, it is now restored to working order using a compatibility shim. It will be deprecated in pytest 9.1 and removed in pytest 10.

... (truncated)

Commits

Updates pyopenssl from 24.2.1 to 26.0.0

Changelog

Sourced from pyopenssl's changelog.

26.0.0 (2026-03-15)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Dropped support for Python 3.7.
  • The minimum cryptography version is now 46.0.0.

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

  • Added support for using aws-lc instead of OpenSSL.
  • Properly raise an error if a DTLS cookie callback returned a cookie longer than DTLS1_COOKIE_LENGTH bytes. Previously this would result in a buffer-overflow. Credit to dark_haxor for reporting the issue. CVE-2026-27459
  • Added OpenSSL.SSL.Connection.get_group_name to determine which group name was negotiated.
  • Context.set_tlsext_servername_callback now handles exceptions raised in the callback by calling sys.excepthook and returning a fatal TLS alert. Previously, exceptions were silently swallowed and the handshake would proceed as if the callback had succeeded. Credit to Leury Castillo for reporting this issue. CVE-2026-27448

25.3.0 (2025-09-16)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

  • Maximum supported cryptography version is now 46.x.

25.2.0 (2025-09-14)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • The minimum cryptography version is now 45.0.7.

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

  • pyOpenSSL now sets SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER on connections by default, matching CPython's behavior.

... (truncated)

Commits
  • 358cbf2 Prepare for 26.0.0 release (#1487)
  • a8d28e7 Bump actions/cache from 4 to 5 (#1486)
  • 6fefff0 Add aws-lc compatibility to tests and CI (#1476)
  • a739f96 Bump actions/download-artifact from 8.0.0 to 8.0.1 (#1485)
  • 8b4c66b Bump actions/upload-artifact in /.github/actions/upload-coverage (#1484)
  • 02a5c78 Bump actions/upload-artifact from 6.0.0 to 7.0.0 (#1483)
  • d973387 Bump actions/download-artifact from 7.0.0 to 8.0.0 (#1482)
  • 57f09bb Fix buffer overflow in DTLS cookie generation callback (#1479)
  • d41a814 Handle exceptions in set_tlsext_servername_callback callbacks (#1478)
  • 7b29beb Fix not using a cryptography wheel on uv (#1475)
  • Additional commits viewable in compare view

Updates ansible-core from 2.15.13 to 2.16.19rc1

Release notes

Sourced from ansible-core's releases.

v2.16.19rc1

Changelog

See the full changelog for the changes included in this release.

Release Artifacts

v2.16.18

Changelog

See the full changelog for the changes included in this release.

Release Artifacts

v2.16.18rc1

Changelog

See the full changelog for the changes included in this release.

Release Artifacts

v2.16.17

Changelog

See the full changelog for the changes included in this release.

Release Artifacts

v2.16.17rc1

Changelog

See the full changelog for the changes included in this release.

Release Artifacts

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the pip group with 3 updates in the / directory: [ansible-core](https://github.com/ansible/ansible), [pytest](https://github.com/pytest-dev/pytest) and [pyopenssl](https://github.com/pyca/pyopenssl).
Bumps the pip group with 1 update in the /docs directory: [ansible-core](https://github.com/ansible/ansible).


Updates `ansible-core` from 2.15.13 to 2.16.19rc1
- [Release notes](https://github.com/ansible/ansible/releases)
- [Commits](ansible/ansible@v2.15.13...v2.16.19rc1)

Updates `pytest` from 8.3.3 to 9.0.3
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.3.3...9.0.3)

Updates `pyopenssl` from 24.2.1 to 26.0.0
- [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst)
- [Commits](pyca/pyopenssl@24.2.1...26.0.0)

Updates `ansible-core` from 2.15.13 to 2.16.19rc1
- [Release notes](https://github.com/ansible/ansible/releases)
- [Commits](ansible/ansible@v2.15.13...v2.16.19rc1)

---
updated-dependencies:
- dependency-name: ansible-core
  dependency-version: 2.16.19rc1
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: pytest
  dependency-version: 9.0.3
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: pyopenssl
  dependency-version: 26.0.0
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: ansible-core
  dependency-version: 2.16.19rc1
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jul 16, 2026
@openshift-ci

openshift-ci Bot commented Jul 16, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign evallesp for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci

openshift-ci Bot commented Jul 16, 2026

Copy link
Copy Markdown
Contributor

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openstack-k8s-operators member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file needs-ok-to-test python Pull requests that update Python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants