chore(deps)(deps): bump redis from 5.0.4 to 7.2.1

[dependabot]

Bumps redis from 5.0.4 to 7.2.1.

Release notes

Sourced from redis's releases.

7.2.1

Changes

🐛 Bug Fixes

• Handle connection attributes conditionally for metrics and set connection data on exceptions in cluster error handling (#3964)

⚠️ Deprecations

• Removed batch_size and consumer_name attributes from OTel metrics (#3978)

🧰 Maintenance

• Fixing error handling of connection buffer purging of closed connections. Enabling troubleshooting logging for maintenance notifications e2e tests. (#3971)
• Fix protocol validation: replace finally with else and store parsed int (#3965)
• Return copies from _get_free/in_use_connections and fix async _mock (#3967)
• Add missing shard channel message types to async PubSub (#3966)
• Fix issues with ClusterPipeline connection management (#3804)
• fix(pubsub): avoid UnicodeDecodeError on reconnect with binary channel names (#3944)
• Hold references to ClusterNode disconnect task (#3826)
• remove remaining imports of typing_extensions (#3873)

We'd like to thank all the contributors who worked on this release! @​dotlambda @​rhoboro @​skylarkoo7 @​praboud @​bysiber @​vladvildanov @​petyaslavova

7.2.0

Changes

Redis 8.6 Support Added support for Redis 8.6, including new commands and features for streams idempotent production and HOTKEYS.

Smart Client Handoff (Maintenance Notifications) for Cluster note: Pending a Redis Enterprise version release

This release introduces comprehensive support for Redis Enterprise Cluster maintenance notifications via SMIGRATING/SMIGRATED push notifications. The client now automatically handles slot migrations by:

Relaxing timeouts during migration (SMIGRATING) to prevent false failures Triggering cluster state reloads upon completion (SMIGRATED) Enabling seamless operations during Redis Enterprise maintenance windows

OpenTelemetry Native Metrics Support Added comprehensive OpenTelemetry metrics support following the OpenTelemetry Database Client Semantic Conventions. Metric groups include:

• Command metrics: Operation duration with retry tracking
• Connection basic: Connection count and creation time
• Resiliency: Errors, handoffs, timeout relaxation
• Connection advanced: Wait time and use time
• Pubsub metrics: Published and received messages
• Stream metrics: Processing duration and maintenance notifications

🚀 New Features

• Added OTel instrumentation and metrics export for sync client (#3954)
• Add maintenance notifications support for OSS API cluster clients (#3946)

... (truncated)

Commits

• 56859cf Updating lib version to 7.2.1
• c671fd9 remove remaining imports of typing_extensions (#3873)
• e203796 Hold references to ClusterNode disconnect task (#3826)
• a21f768 Removed batch_size and consumer_name attributes from OTel metrics (#3978)
• 2098114 fix(pubsub): avoid UnicodeDecodeError on reconnect with binary channel names ...
• f02c66b Fix issues with ClusterPipeline connection management (#3804)
• 1958065 Add missing shard channel message types to async PubSub (#3966)
• abc519d Return copies from _get_free/in_use_connections and fix async _mock (#3967)
• bb2b6f3 Fix protocol validation: replace finally with else and store parsed int (#3965)
• 631c053 Fixing error handling of connection buffer purging of closed connecton. Enabl...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: dependencies, python. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[ZeroPointSix]

总体结论：本轮巡检审查了 PR #22 当前 head fe33997。该 PR 将 redis 从 5.0.4 跨两个主版本升到 7.2.1，且 CI 测试 job 已失败；合并前需要先定位测试失败并确认 Redis 客户端兼容性。

关键发现：

• 阻塞：GitHub Actions CI #49 中 代码检查 job 通过，但 测试（含集成） job 在 运行测试 步骤失败，Docker 构建被跳过。依赖安装已通过，说明失败更可能发生在测试执行或应用兼容性层面，而不是包无法安装。
• 高：redis-py 从 5.x 到 7.x 属于主版本跨越，可能影响连接池、异常类型、async/pubsub/stream 行为、cluster 处理和 OpenTelemetry 相关属性。项目如果封装了 Redis 连接、队列、缓存、stream 或 pub/sub，需要针对这些路径补充回归验证。
• 中：当前无法从过期/不可用日志中读取具体失败用例，因此不能判断是 redis 7 行为变化、fakeredis/测试替身不匹配，还是既有测试不稳定。建议重跑 CI 或本地执行测试，先把失败用例贴回 PR。

优先级建议：

• 阻塞：测试通过前不要合并。
• 高：检查项目中所有 Redis 调用路径，尤其是连接初始化参数、decode/responses、stream/pubsub、pipeline、异常处理和 async API。
• 中：如果测试依赖 fakeredis，建议同步确认 fakeredis 版本是否支持 redis-py 7.2.x；否则可能出现生产依赖升级但测试替身不兼容的假阴性或假阳性。

后续建议：

• 建议将 redis 与 fakeredis 的升级作为一个兼容性批次验证，至少跑完整测试和一次真实 Redis 服务的集成路径；如果失败集中在 redis 7 API 差异，再补代码适配后合并。