Skip to content

fix(deps): update osv-lib#79

Open
renovate[bot] wants to merge 1 commit intomasterfrom
renovate/osv-lib
Open

fix(deps): update osv-lib#79
renovate[bot] wants to merge 1 commit intomasterfrom
renovate/osv-lib

Conversation

@renovate
Copy link

@renovate renovate bot commented Aug 5, 2025
edited
Loading

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence
attrs (changelog) 25.1.025.4.0 age confidence
google-cloud-logging (source) 3.11.43.14.0 age confidence
google-cloud-ndb 2.3.22.4.0 age confidence
google-cloud-storage 3.1.03.10.0 age confidence
grpcio 1.71.01.78.0 age confidence
grpcio-tools 1.71.01.78.0 age confidence
jsonschema (changelog) 4.23.04.26.0 age confidence
mypy-protobuf 3.6.03.7.0 age confidence
packageurl-python ==0.16.0==0.17.6 age confidence
pygit2 (changelog) 1.17.01.19.1 age confidence
pylint (changelog) 3.3.53.3.9 age confidence
pyyaml (source) 6.0.26.0.3 age confidence

Release Notes

python-attrs/attrs (attrs)

v25.4.0

Compare Source

Backwards-incompatible Changes

  • Class-level kw_only=True behavior is now consistent with dataclasses.

    Previously, a class that sets kw_only=True makes all attributes keyword-only, including those from base classes.
    If an attribute sets kw_only=False, that setting is ignored, and it is still made keyword-only.

    Now, only the attributes defined in that class that doesn't explicitly set kw_only=False are made keyword-only.

    This shouldn't be a problem for most users, unless you have a pattern like this:

    @​attrs.define(kw_only=True)
class Base:
    a: int
    b: int = attrs.field(default=1, kw_only=False)

@​attrs.define
class Subclass(Base):
    c: int

    Here, we have a kw_only=True attrs class (Base) with an attribute that sets kw_only=False and has a default (Base.b), and then create a subclass (Subclass) with required arguments (Subclass.c).
    Previously this would work, since it would make Base.b keyword-only, but now this fails since Base.b is positional, and we have a required positional argument (Subclass.c) following another argument with defaults.
    #​1457

Changes

  • Values passed to the __init__() method of attrs classes are now correctly passed to __attrs_pre_init__() instead of their default values (in cases where kw_only was not specified).
    #​1427

  • Added support for Python 3.14 and PEP 749.
    #​1446,
    #​1451

  • attrs.validators.deep_mapping() now allows to leave out either key_validator xor value_validator.
    #​1448

  • attrs.validators.deep_iterator() and attrs.validators.deep_mapping() now accept lists and tuples for all validators and wrap them into a attrs.validators.and_().
    #​1449

  • Added a new experimental way to inspect classes:

    attrs.inspect(cls) returns the effective class-wide parameters that were used by attrs to construct the class.

    The returned class is the same data structure that attrs uses internally to decide how to construct the final class.
    #​1454

  • Fixed annotations for attrs.field(converter=...).
    Previously, a tuple of converters was only accepted if it had exactly one element.
    #​1461

  • The performance of attrs.asdict() has been improved by 45–260%.
    #​1463

  • The performance of attrs.astuple() has been improved by 49–270%.
    #​1469

  • The type annotation for attrs.validators.or_() now allows for different types of validators.

    This was only an issue on Pyright.
    #​1474

v25.3.0

Compare Source

Changes
  • Restore support for generator-based field_transformers.
    #​1417

v25.2.0

Compare Source

Changes
  • Checking mandatory vs non-mandatory attribute order is now performed after the field transformer, since the field transformer may change attributes and/or their order.
    #​1147
  • attrs.make_class() now allows for Unicode class names.
    #​1406
  • Speed up class creation by 30%-50% by compiling methods only once and using a variety of other techniques.
    #​1407
  • The error message if an attribute has both an annotation and a type argument will now disclose what attribute seems to be the problem.
    #​1410
googleapis/google-cloud-python (google-cloud-logging)

v3.14.0: google-cloud-logging: v3.14.0

Compare Source

Features

v3.13.0

v3.12.1: google-cloud-vision 3.12.1

Bug Fixes

v3.12.0: google-cloud-vision 3.12.0

3.12.0 (2026-01-09)

googleapis/python-ndb (google-cloud-ndb)

v2.4.0

Compare Source

Features

v2.3.4

Compare Source

Bug Fixes

v2.3.3

Compare Source

Bug Fixes
googleapis/python-storage (google-cloud-storage)

v3.10.0

Compare Source

Features
Perf Improvments
Bug Fixes

v3.9.0

Compare Source

Features
Bug Fixes

v3.8.0

Compare Source

Features
Bug Fixes

v3.7.0

Compare Source

Features
Bug Fixes

v3.6.0

Compare Source

Features
  • Add support for partial list buckets (#​1606) (92fc2b0)
  • Make return_partial_success and unreachable fields public for list Bucket (#​1601) (323cddd)
  • zb-experimental: Add async write object stream (5ab8103)
  • zb-experimental: Add async write object stream (#​1612) (5ab8103)
Bug Fixes

v3.5.0

Compare Source

Features
Bug Fixes
  • Deprecate credentials_file argument (74415a2)
  • Flaky system tests for resumable_media (#​1592) (7fee3dd)
  • Make download_ranges compatible with asyncio.create_task(..) (#​1591) (faf8b83)
  • Make download_ranges compatible with asyncio.create_task(..) (#​1591) (faf8b83)
  • Redact sensitive data from OTEL traces and fix env var parsing (#​1553) (a38ca19)
  • Redact sensitive data from OTEL traces and fix env var parsing (#​1553) (a38ca19)
  • Use separate header object for each upload in Transfer Manager MPU (#​1595) (0d867bd)

v3.4.1

Compare Source

Bug Fixes
  • Fixes #​1561 by adding an option to specify the entire object checksum for resumable uploads via the upload_from_string, upload_from_file, and upload_from_filename methods (acb918e)

v3.4.0

Compare Source

Features
Bug Fixes

v3.3.1

Compare Source

Bug Fixes
  • Provide option to user to set entire object checksum at "initiate a resumable upload session" and send the same (#​1525) (a8109e0)
  • Send part's checksum for XML MPU part upload (#​1529) (2ad77c7)

v3.3.0

Compare Source

Features
Bug Fixes
Documentation

v3.2.0

Compare Source

Features

v3.1.1

Compare Source

Bug Fixes
  • Add a check for partial response data (#​1487) (7e0412a)
  • Add trove classifier for Python 3.13 (0100916)
  • deps: Require google-crc32c >= 1.1.3 (0100916)
  • deps: Require protobuf >= 3.20.2, < 7.0.0 (0100916)
  • deps: Require requests >= 2.22.0 (0100916)
  • Remove setup.cfg configuration for creating universal wheels (#​1448) (d3b6b3f)
  • Resolve issue where pre-release versions of dependencies are installed (0100916)
  • Segmentation fault in tink while writing data (#​1490) (2a46c0b)
Documentation
grpc/grpc (grpcio)

v1.78.0

Compare Source

This is release 1.78.0 (gutsy) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

C++

  • adding address_sorting dep in naming test build. (#​41045)

Objective-C

  • [Backport][v1.78.x][Fix][Compiler] Plugins fall back to the edition 2023 for older protobuf. (#​41358)

Python

  • [python] aio: fix race condition causing asyncio.run() to hang forever during the shutdown process. (#​40989)
  • [Python] Migrate to pyproject.toml build system from setup.py builds. (#​40833)
  • [Python] Log error details when ExecuteBatchError occurs (at DEBUG level). (#​40921)
  • [Python] Update setuptools min version to 77.0.1 . (#​40931)

Ruby

  • [ruby] Fix version comparison for the ruby_abi_version symbol for ruby 4 compatibility. (#​41061)

v1.76.0

Compare Source

This is release 1.76.0 (genuine) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

  • Prioritize system CA over bundled CA. (#​40583)
  • [event_engine] Introduce a event_engine_poller_for_python experiment. (#​40243)
  • [metrics] add grpc.lb.backend_service label. (#​40486)

C#

  • [csharp tools] #​39374 Grpc.Tools can't process file Suffix name with Upper character. (#​40072)

Python

  • [Python] gRPC AsyncIO: Improve CompletionQueue polling performance. (#​39993)

v1.75.1

Compare Source

This is release gRPC Core 1.75.1 (gemini).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes.

What's Changed

Python
  • Release grpcio wheels with Python 3.14 support (#​40403)
  • Asyncio: fixes grpc shutdown race condition occurring during python interpreter finalizations. (#​40447)
    • This also addresses previously reported issues with empty error message on Python interpreter exit (Error in sys.excepthook:/Original exception was: empty): #​36655, #​38679, #​33342
  • Python 3.14: preserve current behavior when using grpc.aio async methods outside of a running event loop. (#​40750)
    • Note: using async methods outside of a running event loop is discouraged by Python, and will be deprecated in future gRPC releases. Please use the asyncio.run() function (or asyncio.Runner for custom loop factories). For interactive mode, use dedicated asyncio REPL: python -m asyncio.

Full Changelog: grpc/grpc@v1.75.0...v1.75.1

v1.75.0

Compare Source

This is release 1.75.0 (gemini) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

  • [Security] Cherry Pick Spiffe Verification. (#​40515)
  • [Python][Typeguard] Part 3 - Add Typeguard to AIO stack in tests. (#​40217)
  • [c-ares] update version to 1.34.5. (#​39508)
  • [pick_first] fix bug that caused us to stop attempting to connect. (#​40162)

C++

  • [OTel C++] Implement retry metrics. (#​39195)

Objective-C

  • Fix data race by adding custom getter for state property with @synchronized locking. (#​40146)

Python

  • gRPC Python (grpcio) now depends on typing-extensions~=4.13. (#​40137)
  • Update musllinux wheels from musllinux_1_1 to musllinux_1_2. (#​40317)
    • Dropping musllinux_1_1 because it reached EOL in November 2024
    • Reference on musllinux platform tags: PEP 656
  • grpc.aio typehint fixes. (#​40215, #​40217)
    • Metadata type validation: Fixed metadata handling to support all sequence types (not just tuples), preventing runtime errors. Enhanced metadata type validation: isinstance(metadata, Sequence) instead of isinstance(metadata, tuple)
    • Serializer parameters: Changed to Optional[SerializingFunction] for more accurate type representation
    • Fixing the error in public API: ClientCallDetails.method was declared as str but always called with bytes, see InterceptedUnaryUnaryCall.
  • Fixes issue #​40325 with grpcio failing to install on all non-Mac Apple devices internal builds. (#​40347)

Ruby

  • Ruby: Mark credential object in channel. (#​40394)
  • [Ruby] Add rubygems support for linux-gnu and linux-musl platforms. (#​39549)

v1.74.0

Compare Source

This is release 1.74.0 (gee) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

  • [OTel C++, Posix EE] Plumb TCP write timestamps and metrics to OTel tracers. (#​39946)
  • [event_engine] Implement fork support in Posix Event Engine. (#​38980)
  • [http2] Fix GRPC_ARG_HTTP2_STREAM_LOOKAHEAD_BYTES for when BDP is disabled. (#​39585)

Objective-C

  • [dep] Upgrade Protobuf Version 31.1. (#​39916)

PHP

  • [PHP] Fully qualify stdClass with global namespace. (#​39996)
  • [php] Fix PHPDoc so that UnaryCall defines the proper return type. (#​37563)
  • fix typing of nullable parameters. (#​39199)

Python

Ruby

  • [Ruby] Add rubygems support for linux-gnu and linux-musl platforms . (#​40174)
  • [ruby] enable EE fork support. (#​39786)
  • [ruby] Return nil for c functions expected to return a VALUE. (#​39214)
  • [ruby] remove connectivity state watch thread, fix cancellations from spurious signals. (#​39409)
  • [ruby] Drop Ruby 3.0 support. (#​39607)

v1.73.1

Compare Source

This is release 1.73.1 (gradient) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Python

v1.73.0

Compare Source

This is release 1.73.0 (gradient) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

As of this version, gRPC on MacOS & iOS will utilize Abseil's synchronization features, aligning it with other platforms. Should you encounter any issues due to this update, you can disable it by enabling GPR_DISABLE_ABSEIL_SYNC. If you do this, please report any problems by filing a bug at https://github.com/grpc/grpc.

  • [Dep] Update Protobuf to v31.0. (#​39392)
  • [Core] Added GPR_DISABLE_ABSEIL_SYNC. (#​39562)
  • [xds_override_host] pass through per-endpoint args when creating subchannels. (#​39532)
  • Expose GRPC_OPENSSL_CLEANUP_TIMEOUT to control shutdown grace period. (#​39297)
  • [URI] fix parsing of user_info in proxy settings. (#​39004)
  • [EventEngine] Fix busy loop in thread pool when shutting down. (#​39258)
  • [Dep] Added a flag to build with openssl instead of boringssl. (#​39188)
  • [EventEngine] Cleanup: EventEngine client, listener, and dns experiments are on by default on all platforms. (#​39079)

C++

  • [OpenCensus] Mark OpenCensus and dependent APIs as deprecated. (#​39554)

Python

  • [Python] Pin Cython to 3.1.1. (#​39609)
  • [Python] grpc_tools: make PythonGrpcGenerator handle dot . in proto paths the same way as native Generator/PyiGenerator. (#​39586)

Ruby

  • [Ruby] add remove_unused_artifacts to opt build. (#​39593)

v1.72.2

Compare Source

This is release 1.72.2 (gusto) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Python

v1.72.1

Compare Source

This is release gRPC Core 1.72.1 (gusto).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

C++

  • [Backport of #​39266 to v1.71.x] Protect grpc generated sources from unwanted system macros (#​39484).

Python

  • [Backport of #​39609 to v1.71.x] Pin Cython to 3.1.1 (#​39632). This addresses several issues:
    • #​39588 Using inconsistent Cython version in released platform-specific wheels within the same grpcio release.
    • cython/cython#6878 Several published grpcio wheels were built with Cython 3.1.0 and are affected by Cython memory leak issue when using AsyncIO APIs (grpc.aio.*).
  • [Backport of #​39418 to v1.71.x] Fix Python 3.12 MacOS universal release artifact (#​39504).

v1.72.0

Compare Source

This is release gRPC Core 1.72.0 (gusto).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes.

v1.71.2

Compare Source

This is release 1.71.2 (gears) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

C++

  • [Backport of #​39266 to v1.71.x] Protect grpc generated sources from unwanted system macros (#​39484).

Python

  • [Backport of #​39894 to v1.71.x] Fix the issue with gRPC Python Client not reconnecting in certain situations: #​38290, #​39113, #​39631 (#​39948).
  • [Backport of #​39609 to v1.71.x] Pin Cython to 3.1.1 (#​39636). This addresses several issues:
    • #​39588 Using inconsistent Cython version in released platform-specific wheels within the same grpcio release.
    • cython/cython#6878 Several published grpcio wheels were built with Cython 3.1.0 and are affected by Cython memory leak issue when using AsyncIO APIs (grpc.aio.*).
python-jsonschema/jsonschema (jsonschema)

v4.26.0

Compare Source

=======

  • Decrease import time by delaying importing of urllib.request (#​1416).

v4.25.1

Compare Source

=======

  • Fix an incorrect required argument in the Validator protocol's type annotations (#​1396).

v4.25.0

Compare Source

=======

  • Add support for the iri and iri-reference formats to the format-nongpl extra via the MIT-licensed rfc3987-syntax.
    They were alread supported by the format extra. (#​1388).

[v4.24.1](https://redirect.github.com

Configuration

📅 Schedule: Branch creation - "before 6am on wednesday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies label Aug 5, 2025
@renovate renovate bot force-pushed the renovate/osv-lib branch 2 times, most recently from 1700040 to a40d996 Compare August 10, 2025 04:01
@renovate renovate bot force-pushed the renovate/osv-lib branch from a40d996 to d6a218e Compare August 14, 2025 12:25
@renovate renovate bot force-pushed the renovate/osv-lib branch from d6a218e to 8688a6a Compare August 22, 2025 02:16
@renovate renovate bot changed the title fix(deps): lock file maintenance osv-lib chore(deps): lock file maintenance osv-lib Aug 22, 2025
@renovate renovate bot force-pushed the renovate/osv-lib branch from 8688a6a to efc9caa Compare September 1, 2025 06:42
@renovate renovate bot force-pushed the renovate/osv-lib branch from efc9caa to 71ed269 Compare September 17, 2025 00:11
@renovate renovate bot force-pushed the renovate/osv-lib branch from 71ed269 to 0cb72ae Compare September 27, 2025 00:00
@renovate renovate bot force-pushed the renovate/osv-lib branch 2 times, most recently from 940e83b to b1c0082 Compare October 8, 2025 20:07
@renovate renovate bot force-pushed the renovate/osv-lib branch 2 times, most recently from 8f77489 to 4c6b860 Compare October 25, 2025 23:37
@renovate renovate bot force-pushed the renovate/osv-lib branch from 4c6b860 to 673b528 Compare November 9, 2025 11:46
@renovate renovate bot force-pushed the renovate/osv-lib branch 2 times, most recently from 8816d8d to 785d718 Compare November 25, 2025 23:30
@renovate renovate bot force-pushed the renovate/osv-lib branch 2 times, most recently from a9354fa to 3e878c1 Compare December 16, 2025 22:33
@renovate renovate bot force-pushed the renovate/osv-lib branch from 3e878c1 to 210d211 Compare December 30, 2025 08:06
@renovate renovate bot force-pushed the renovate/osv-lib branch 2 times, most recently from 6961b1a to 9cae8fa Compare January 14, 2026 20:00
@renovate renovate bot force-pushed the renovate/osv-lib branch 2 times, most recently from f37af4a to e7b75c5 Compare February 6, 2026 11:53
@renovate renovate bot force-pushed the renovate/osv-lib branch from e7b75c5 to 889d3f7 Compare February 13, 2026 00:16
@renovate renovate bot changed the title chore(deps): lock file maintenance osv-lib fix(deps): update osv-lib Feb 13, 2026
@renovate renovate bot force-pushed the renovate/osv-lib branch from 889d3f7 to a756d1e Compare February 20, 2026 02:22
@renovate renovate bot force-pushed the renovate/osv-lib branch 2 times, most recently from ead2754 to 17b0a4e Compare March 8, 2026 10:05
@renovate renovate bot force-pushed the renovate/osv-lib branch from 17b0a4e to f8bc0b1 Compare March 14, 2026 17:21
@renovate renovate bot force-pushed the renovate/osv-lib branch from f8bc0b1 to 9a07ede Compare March 19, 2026 01:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants