FAQ | This is a LIVE service | Changelog

Skip to content

fix(deps): update all non-major dependencies

uis-devops-renovatebotrequested to merge
renovate/all-minor-patch into main

This MR contains the following updates:

Package Type Update Change Age Confidence
DavidAnson/markdownlint-cli2 repository minor v0.18.1 -> v0.20.0 age confidence
certifi minor ==2025.6.15 -> ==2025.11.12 age confidence
charset-normalizer (changelog) patch ==3.4.2 -> ==3.4.4 age confidence
gitlab.developers.cam.ac.uk/uis/gcp-function/devops module patch 2.3.20 -> 2.3.26 age confidence
google-api-core minor ==2.25.1 -> ==2.28.1 age confidence
google-api-python-client minor ==2.172.0 -> ==2.187.0 age confidence
google-auth minor ==2.40.3 -> ==2.43.0 age confidence
google-auth-httplib2 patch ==0.2.0 -> ==0.2.1 age confidence
google-cloud-secret-manager (source) minor ==2.24.0 -> ==2.25.0 age confidence
googleapis-common-protos (source) minor ==1.70.0 -> ==1.72.0 age confidence
grpc-google-iam-v1 patch ==0.14.2 -> ==0.14.3 age confidence
grpcio (source) minor ==1.73.0 -> ==1.76.0 age confidence
grpcio-status minor ==1.73.0 -> ==1.76.0 age confidence
httplib2 minor ==0.22.0 -> ==0.31.0 age confidence
idna (changelog) minor ==3.10 -> ==3.11 age confidence
protobuf minor ==6.31.1 -> ==6.33.2 age confidence
pyparsing patch ==3.2.3 -> ==3.2.5 age confidence
registry.gitlab.developers.cam.ac.uk/uis/devops/infra/dockerimages/logan-terraform minor 1.13 -> 1.14 age confidence
requests (source, changelog) patch ==2.32.4 -> ==2.32.5 age confidence
ucam-observe patch ==0.2.1 -> ==0.2.2 age confidence
uis/devops/continuous-delivery/ci-templates repository minor v7.18.0 -> v7.23.1 age confidence
urllib3 (changelog) minor ==2.4.0 -> ==2.6.0 age confidence

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

Release Notes

DavidAnson/markdownlint-cli2 (DavidAnson/markdownlint-cli2)

v0.20.0

Compare Source

v0.19.1

Compare Source

v0.19.0

Compare Source

certifi/python-certifi (certifi)

v2025.11.12

Compare Source

v2025.10.5

Compare Source

v2025.8.3

Compare Source

v2025.7.14

Compare Source

v2025.7.9

Compare Source

jawah/charset_normalizer (charset-normalizer)

v3.4.4

Compare Source

Changed
  • Bound setuptools to a specific constraint setuptools>=68,<=81.
  • Raised upper bound of mypyc for the optional pre-built extension to v1.18.2
Removed
  • setuptools-scm as a build dependency.
Misc
  • Enforced hashes in dev-requirements.txt and created ci-requirements.txt for security purposes.
  • Additional pre-built wheels for riscv64, s390x, and armv7l architectures.
  • Restore multiple.intoto.jsonl in GitHub releases in addition to individual attestation file per wheel.

v3.4.3

Compare Source

Changed
  • mypy(c) is no longer a required dependency at build time if CHARSET_NORMALIZER_USE_MYPYC isn't set to 1. (#​595) (#​583)
  • automatically lower confidence on small bytes samples that are not Unicode in detect output legacy function. (#​391)
Added
  • Custom build backend to overcome inability to mark mypy as an optional dependency in the build phase.
  • Support for Python 3.14
Fixed
  • sdist archive contained useless directories.
  • automatically fallback on valid UTF-16 or UTF-32 even if the md says it's noisy. (#​633)
Misc
  • SBOM are automatically published to the relevant GitHub release to comply with regulatory changes. Each published wheel comes with its SBOM. We choose CycloneDX as the format.
  • Prebuilt optimized wheel are no longer distributed by default for CPython 3.7 due to a change in cibuildwheel.
uis/devops/infra/terraform/gcp-function (gitlab.developers.cam.ac.uk/uis/gcp-function/devops)

v2.3.26

Compare Source

Bug Fixes
  • deps: update dependency uis/devops/continuous-delivery/ci-templates to v7.23.0 (6260bb4)
  • deps: update devops base image logan-terraform to 35eb8e1 (6d29ab4)

v2.3.25

Compare Source

Bug Fixes
  • deps: update copier template to v0.4.19 (e6e752e)

v2.3.24

Compare Source

Bug Fixes
  • deps: update dependency uis/devops/continuous-delivery/ci-templates to v7.22.1 (18e9c3d)

v2.3.23

Compare Source

Bug Fixes
  • deps: update copier template to v0.4.18 (fc6ed3d)

v2.3.22

Compare Source

Bug Fixes
  • deps: update copier template to v0.4.17 (48d7370)
  • deps: update dependency uis/devops/continuous-delivery/ci-templates to v7.22.0 (f7e5e85)

v2.3.21

Compare Source

Bug Fixes
  • deps: update all non-major dependencies (a1f9e85)
  • deps: update devops base image logan-terraform to v1.14 (5207010)
googleapis/python-api-core (google-api-core)

v2.28.1

Compare Source

Bug Fixes
  • Remove dependency on packaging and pkg_resources (#​852) (ca59a86)

v2.28.0

Compare Source

Features

v2.27.0

Compare Source

Features

v2.26.0

Compare Source

Features

v2.25.2

Compare Source

Bug Fixes
googleapis/google-api-python-client (google-api-python-client)

v2.187.0

Compare Source

Features
Bug Fixes

v2.186.0

Compare Source

Features
Bug Fixes

v2.185.0

Compare Source

Features
Bug Fixes

v2.184.0

Compare Source

Features
Bug Fixes

v2.183.0

Compare Source

Features

v2.182.0

Compare Source

Features
Bug Fixes

v2.181.0

Compare Source

Features
Bug Fixes

v2.179.0

Compare Source

Features

v2.178.0

Compare Source

Features
Bug Fixes

v2.177.0

Compare Source

Features
Bug Fixes

v2.176.0

Compare Source

Features
Bug Fixes

v2.175.0

Compare Source

Features

v2.174.0

Compare Source

Features
Bug Fixes

v2.173.0

Compare Source

Features
Bug Fixes
googleapis/google-auth-library-python (google-auth)

v2.43.0

Compare Source

Features
  • Add public wrapper for _mtls_helper.check_use_client_cert which enables mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, when the MWID/X.509 cert sources detected (#​1859) Add public wrapper for check_use_client_cert which enables mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, when the MWID/X.509 cert sources detected. Also, fix check_use_client_cert to return boolean value. Change #​1848 added the check_use_client_cert method that helps know if client cert should be used for mTLS connection. However, that was in a private class, thus, created a public wrapper of the same function so that it can be used by python Client Libraries. Also, updated check_use_client_cert to return a boolean value instead of existing string value for better readability and future scope. --------- (1535eccbff0ad8f3fd6a9775316ac8b77dca66ba)
  • Enable mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, if the MWID/X.509 cert sources detected (#​1848) The Python SDK will use a hybrid approach for mTLS enablement:
  • If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is set (either true or false), the SDK will respect that setting. This is necessary for test scenarios and users who need to explicitly control mTLS behavior.
  • If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is not set, the SDK will automatically enable mTLS only if it detects Managed Workload Identity (MWID) or X.509 Workforce Identity Federation (WIF) certificate sources. In other cases where the variable is not set, mTLS will remain disabled. ** This change also adds the helper method check_use_client_cert and it's unit test, which will be used for checking the criteria for setting the mTLS to true ** This change is only for Auth-Library, other changes will be created for Client-Library use-cases. --------- (395e405b64b56ddb82ee639958c2e8056ad2e82b)

v2.42.1

Compare Source

Bug Fixes

v2.42.0

Compare Source

Features
Bug Fixes

v2.41.1

Compare Source

Bug Fixes

v2.41.0

Compare Source

Features
Bug Fixes
Documentation
GoogleCloudPlatform/google-auth-library-python-httplib2 (google-auth-httplib2)

v0.2.1

Compare Source

Bug Fixes
  • deps: Require google-auth >= 1.32.0,<3.0.0 (a69b725)
  • deps: Require httplib2 >= 0.19.0,<1.0.0 (a69b725)
  • Drop python 3.6; require python 3.7+ (a69b725)
  • Remove setup.cfg configuration for creating universal wheels (#​191) (c2be0ae)
googleapis/google-cloud-python (google-cloud-secret-manager)

v2.25.0: google-cloud-secret-manager: v2.25.0

Compare Source

Features
  • Add support for Python 3.14 (4763aa7)
Bug Fixes
  • Deprecate credentials_file argument (4763aa7)
grpc/grpc (grpcio)

v1.76.0

Compare Source

This is release 1.76.0 (genuine) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

  • Prioritize system CA over bundled CA. (#​40583)
  • [event_engine] Introduce a event_engine_poller_for_python experiment. (#​40243)
  • [metrics] add grpc.lb.backend_service label. (#​40486)

C#

  • [csharp tools] #​39374 Grpc.Tools can't process file Suffix name with Upper character. (#​40072)

Python

  • [Python] gRPC AsyncIO: Improve CompletionQueue polling performance. (#​39993)

v1.75.1

Compare Source

This is release gRPC Core 1.75.1 (gemini).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes.

What's Changed

Python
  • Release grpcio wheels with Python 3.14 support (#​40403)
  • Asyncio: fixes grpc shutdown race condition occurring during python interpreter finalizations. (#​40447)
    • This also addresses previously reported issues with empty error message on Python interpreter exit (Error in sys.excepthook:/Original exception was: empty): #​36655, #​38679, #​33342
  • Python 3.14: preserve current behavior when using grpc.aio async methods outside of a running event loop. (#​40750)
    • Note: using async methods outside of a running event loop is discouraged by Python, and will be deprecated in future gRPC releases. Please use the asyncio.run() function (or asyncio.Runner for custom loop factories). For interactive mode, use dedicated asyncio REPL: python -m asyncio.

Full Changelog: https://github.com/grpc/grpc/compare/v1.75.0...v1.75.1

v1.75.0

Compare Source

This is release 1.75.0 (gemini) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

  • [Security] Cherry Pick Spiffe Verification. (#​40515)
  • [Python][Typeguard] Part 3 - Add Typeguard to AIO stack in tests. (#​40217)
  • [c-ares] update version to 1.34.5. (#​39508)
  • [pick_first] fix bug that caused us to stop attempting to connect. (#​40162)

C++

  • [OTel C++] Implement retry metrics. (#​39195)

Objective-C

  • Fix data race by adding custom getter for state property with @synchronized locking. (#​40146)

Python

  • gRPC Python (grpcio) now depends on typing-extensions~=4.13. (#​40137)
  • Update musllinux wheels from musllinux_1_1 to musllinux_1_2. (#​40317)
    • Dropping musllinux_1_1 because it reached EOL in November 2024
    • Reference on musllinux platform tags: PEP 656
  • grpc.aio typehint fixes. (#​40215, #​40217)
    • Fixes type hints for grpc.aio._utils, grpc.aio._call, grpc.aio._interceptor and grpc.aio._utils
    • Fixing the error in public API: ClientCallDetails.method was declared as str but always called with bytes, see InterceptedUnaryUnaryCall.
  • Fixes issue #​40325 with grpcio failing to install on all non-Mac Apple devices internal builds. (#​40347)

Ruby

  • Ruby: Mark credential object in channel. (#​40394)
  • [Ruby] Add rubygems support for linux-gnu and linux-musl platforms. (#​39549)

v1.74.0

Compare Source

This is release 1.74.0 (gee) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

  • [OTel C++, Posix EE] Plumb TCP write timestamps and metrics to OTel tracers. (#​39946)
  • [event_engine] Implement fork support in Posix Event Engine. (#​38980)
  • [http2] Fix GRPC_ARG_HTTP2_STREAM_LOOKAHEAD_BYTES for when BDP is disabled. (#​39585)

Objective-C

  • [dep] Upgrade Protobuf Version 31.1. (#​39916)

PHP

  • [PHP] Fully qualify stdClass with global namespace. (#​39996)
  • [php] Fix PHPDoc so that UnaryCall defines the proper return type. (#​37563)
  • fix typing of nullable parameters. (#​39199)

Python

Ruby

  • [Ruby] Add rubygems support for linux-gnu and linux-musl platforms . (#​40174)
  • [ruby] enable EE fork support. (#​39786)
  • [ruby] Return nil for c functions expected to return a VALUE. (#​39214)
  • [ruby] remove connectivity state watch thread, fix cancellations from spurious signals. (#​39409)
  • [ruby] Drop Ruby 3.0 support. (#​39607)

v1.73.1

Compare Source

This is release 1.73.1 (gradient) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Python

httplib2/httplib2 (httplib2)

v0.31.0

Compare Source

v0.30.2

Compare Source

v0.30.0

Compare Source

kjd/idna (idna)

v3.11

Compare Source

psf/requests (requests)

v2.32.5

Compare Source

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.
uis/devops/continuous-delivery/ci-templates (uis/devops/continuous-delivery/ci-templates)

v7.23.1: 7.23.1

Compare Source

7.23.1 (2025-12-05)

v7.23.0: 7.23.0

Compare Source

7.23.0 (2025-11-28)
Features
  • tox-tests to use dind config from fragments (c765400)

v7.22.1: 7.22.1

Compare Source

7.22.1 (2025-11-25)
Bug Fixes
  • add missing before_script reference to dind in .terraform-test-cleanup (2852ccd)

v7.22.0: 7.22.0

Compare Source

7.22.0 (2025-11-24)
Features
  • docker-in-docker: add waiting before_script to fragment (2b0924e), closes #​178

v7.21.0: 7.21.0

Compare Source

7.21.0 (2025-11-19)

Features
  • re-work maven jobs rules (da9962b)
  • re-work maven jobs rules: try to re-name the job (4efa101)

v7.20.3: 7.20.3

Compare Source

7.20.3 (2025-11-03)
Bug Fixes
  • use only needed bits of Terraform-Module.gitlab-ci.yml to avoid duplicate jobs (ff646a0)

v7.20.2: 7.20.2

Compare Source

7.20.2 (2025-10-30)
Bug Fixes
  • check-latest-tag-in-changelog: skip job if tag is an alpha or beta release (210ffd5)

v7.20.1: 7.20.1

Compare Source

7.20.1 (2025-10-29)
Bug Fixes
  • allow no test coverage in maven (40db7bf)

v7.20.0: 7.20.0

Compare Source

7.20.0 (2025-10-28)
Features
  • add code coverage to maven jobs (53c1345)

v7.19.2: 7.19.2

Compare Source

7.19.2 (2025-10-23)
Bug Fixes
  • maven.gitab-ci.yml: added missing GKE_RUNNER_TAG on build_artifact (470fc86)

v7.19.1: 7.19.1

Compare Source

7.19.1 (2025-10-23)
Bug Fixes
  • maven.gitlab-ci.yml: update publish to use CI_COMMIT_TAG for a release, or script for snapshot (e616bd4)

v7.19.0: 7.19.0

Compare Source

7.19.0 (2025-10-16)

Features
  • add poe-based test runner proof of concept (8e159c9)
urllib3/urllib3 (urllib3)

v2.6.0

Compare Source

==================

Security

  • Fixed a security issue where streaming API could improperly handle highly compressed HTTP content ("decompression bombs") leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (GHSA-2xpw-w6gg-jr37 <https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37>__)
  • Fixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the Content-Encoding header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (GHSA-gm62-xv2j-4w53 <https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53>__)

.. caution::

  • If urllib3 is not installed with the optional urllib3[brotli] extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to benefit from the security fixes and avoid warnings. Prefer using urllib3[brotli] to install a compatible Brotli package automatically.

  • If you use custom decompressors, please make sure to update them to respect the changed API of urllib3.response.ContentDecoder.

Features

  • Enabled retrieval, deletion, and membership testing in HTTPHeaderDict using bytes keys. (#&#8203;3653 <https://github.com/urllib3/urllib3/issues/3653>__)
  • Added host and port information to string representations of HTTPConnection. (#&#8203;3666 <https://github.com/urllib3/urllib3/issues/3666>__)
  • Added support for Python 3.14 free-threading builds explicitly. (#&#8203;3696 <https://github.com/urllib3/urllib3/issues/3696>__)

Removals

  • Removed the HTTPResponse.getheaders() method in favor of HTTPResponse.headers. Removed the HTTPResponse.getheader(name, default) method in favor of HTTPResponse.headers.get(name, default). (#&#8203;3622 <https://github.com/urllib3/urllib3/issues/3622>__)

Bugfixes

  • Fixed redirect handling in urllib3.PoolManager when an integer is passed for the retries parameter. (#&#8203;3649 <https://github.com/urllib3/urllib3/issues/3649>__)
  • Fixed HTTPConnectionPool when used in Emscripten with no explicit port. (#&#8203;3664 <https://github.com/urllib3/urllib3/issues/3664>__)
  • Fixed handling of SSLKEYLOGFILE with expandable variables. (#&#8203;3700 <https://github.com/urllib3/urllib3/issues/3700>__)

Misc

  • Changed the zstd extra to install backports.zstd instead of zstandard on Python 3.13 and before. (#&#8203;3693 <https://github.com/urllib3/urllib3/issues/3693>__)
  • Improved the performance of content decoding by optimizing BytesQueueBuffer class. (#&#8203;3710 <https://github.com/urllib3/urllib3/issues/3710>__)
  • Allowed building the urllib3 package with newer setuptools-scm v9.x. (#&#8203;3652 <https://github.com/urllib3/urllib3/issues/3652>__)
  • Ensured successful urllib3 builds by setting Hatchling requirement to >= 1.27.0. (#&#8203;3638 <https://github.com/urllib3/urllib3/issues/3638>__)

v2.5.0

Compare Source

==================

Features

  • Added support for the compression.zstd module that is new in Python 3.14. See PEP 784 <https://peps.python.org/pep-0784/>_ for more information. (#&#8203;3610 <https://github.com/urllib3/urllib3/issues/3610>__)
  • Added support for version 0.5 of hatch-vcs (#&#8203;3612 <https://github.com/urllib3/urllib3/issues/3612>__)

Bugfixes

  • Fixed a security issue where restricting the maximum number of followed redirects at the urllib3.PoolManager level via the retries parameter did not work.
  • Made the Node.js runtime respect redirect parameters such as retries and redirects.
  • Raised exception for HTTPResponse.shutdown on a connection already released to the pool. (#&#8203;3581 <https://github.com/urllib3/urllib3/issues/3581>__)
  • Fixed incorrect CONNECT statement when using an IPv6 proxy with connection_from_host. Previously would not be wrapped in []. (#&#8203;3615 <https://github.com/urllib3/urllib3/issues/3615>__)

Configuration

📅 Schedule: Branch creation - Monday through Friday ( * * * * 1-5 ) in timezone Europe/London, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻️ Rebasing: Whenever MR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This MR will be recreated if closed unmerged. Get config help if that's undesired.

  • [ ] If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Edited by uis-devops-renovatebot

Merge request reports