Skip to content

[py] Bump dependencies for dev and fix script #16244

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 22, 2025
Merged

[py] Bump dependencies for dev and fix script #16244

merged 2 commits into from
Aug 22, 2025
+326 −334

Conversation

cgoldberg
Copy link
Contributor

@cgoldberg cgoldberg commented Aug 22, 2025
edited
Loading

User description

💥 What does this PR do?

This PR bumps development dependencies to their latest versions and re-generates dependency hashes.

Notes:

  • the markdown-it-py transitive dependency is pinned to version 3.0.0 because the latest version (4.0.0) requires Python 3.10 and we need to support 3.9.
  • the docutils transitive dependency is pinned to version 0.21.2 because the latest version (0.22) isn't compatible with the version of sphinx we use.

🔄 Types of changes

  • Development/Build

PR Type

Bug fix, Other

Description

• Fixed regex pattern in dependency update script to correctly parse pip list output
• Bumped multiple Python development dependencies to their latest versions including certifi, charset-normalizer, cryptography, debugpy, and others
• Regenerated dependency hashes in requirements_lock.txt to match updated versions
• Note: markdown-it-py remains pinned to version 3.0.0 for Python 3.9 compatibility

Diagram Walkthrough

flowchart LR
  A["update_py_dependencies.sh"] -- "fix regex pattern" --> B["Fixed Script"]
  C["requirements.txt"] -- "bump versions" --> D["Updated Dependencies"]
  D -- "regenerate hashes" --> E["requirements_lock.txt"]
Loading

File Walkthrough
Relevant files
Bug fix
update_py_dependencies.sh
Fix dependency update script regex pattern                             

scripts/update_py_dependencies.sh

• Fixed regex pattern in pip list parsing to match "Version" instead
of "Version Latest"
• This corrects the script's ability to properly
identify outdated packages from pip list output

 +1/-1     
Dependencies
requirements_lock.txt
Bump locked development dependencies to latest versions   

py/requirements_lock.txt

• Updated certifi from 2025.6.15 to 2025.8.3 with new SHA256 hashes

Updated charset-normalizer from 3.4.2 to 3.4.3 with new SHA256 hashes

• Updated cryptography from 45.0.5 to 45.0.6 with new SHA256 hashes

Updated debugpy from 1.8.14 to 1.8.16 with new SHA256 hashes
• Updated
multiple other dependencies including distlib, docutils, filelock,
jaraco-functools, multidict, nh3, requests, rich, tox, and virtualenv

 +315/-323
requirements.txt
Update development dependencies to latest versions             

py/requirements.txt

• Updated multiple development dependencies to their latest versions

Key updates include certifi, charset-normalizer, cryptography,
debugpy, distlib, docutils, filelock, and others
• All version bumps
align with the corresponding changes in requirements_lock.txt

 +14/-14 

@selenium-ci selenium-ci added C-py Python Bindings B-build Includes scripting, bazel and CI integrations labels Aug 22, 2025
@SeleniumHQ SeleniumHQ deleted a comment from qodo-merge-pro bot Aug 22, 2025
@SeleniumHQ SeleniumHQ deleted a comment from qodo-merge-pro bot Aug 22, 2025
@cgoldberg cgoldberg merged commit fb3ba7e into SeleniumHQ:trunk Aug 22, 2025
4 checks passed
@cgoldberg cgoldberg deleted the py-bump-deps-fix branch August 22, 2025 13:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
B-build Includes scripting, bazel and CI integrations C-py Python Bindings Review effort 2/5
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cgoldberg @selenium-ci