Skip to content

chore(deps): bump the python-dependencies-v2 group across 1 directory with 4 updates#21562

Open
dependabot[bot] wants to merge 1 commit into2.xfrom
dependabot/pip/2.x/python-dependencies-v2-ef2ac4c127
Open

chore(deps): bump the python-dependencies-v2 group across 1 directory with 4 updates#21562
dependabot[bot] wants to merge 1 commit into2.xfrom
dependabot/pip/2.x/python-dependencies-v2-ef2ac4c127

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 16, 2026

Updates the requirements on importlib-resources, packaging, rich and kubernetes to permit the latest version.
Updates importlib-resources to 6.5.2

Changelog

Sourced from importlib-resources's changelog.

v6.5.2

Bugfixes

  • Replaced reference to typing_extensions with stdlib Literal. (#323)

v6.5.1

Bugfixes

  • Updated Traversable.read_text() to reflect the errorspython/cpython#127012#321)

v6.5.0

Features

  • Add type annotations for Traversable.open. (#317)
  • Require Python 3.9 or later.

v6.4.5

Bugfixes

  • Omit sentinel values from a namespace path. (#311)

v6.4.4

No significant changes.

v6.4.3

Bugfixes

  • When inferring the caller in files()python/cpython#123085

... (truncated)

Commits
  • 7d3b2bf Finalize
  • 1440809 Merge pull request #324 from pstjohn/patch-1
  • 6569354 Add news fragment.
  • 6c1bc3c Rely on Literal from stdlib.
  • 883380a Update pyproject.toml
  • a61a948 Add typing-extensions as a dependency
  • 78c4bda Finalize
  • 10d87bf Merge pull request #321 from kurtmckee/add-readtext-errors-parameter-cpython-...
  • 9a872e5 Add news fragment.
  • cf269ce Replace unreachable block with simple assertion. Fixes diffcov failure.
  • Additional commits viewable in compare view

Updates packaging to 26.1

Release notes

Sourced from packaging's releases.

26.1

Features:

Behavior adaptations:

Pylock (PEP 751) updates:

Fixes:

Performance:

... (truncated)

Changelog

Sourced from packaging's changelog.

26.1 - 2026-04-14


Features:

    

  • PEP 783: add handling for Emscripten wheel tags in (:pull:804)
    • 

  • PEP 803: add handling for the abi3.abi3t free-threading tag in (:pull:1099)
    • 

  • PEP 723: add packaging.dependency_groups module, based on the dependency-groups package in (:pull:1065)
    • 

  • Add the packaging.direct_url module in (:pull:944)
    • 

  • Add the packaging.errors module in (:pull:1071)
    • 

  • Add SpecifierSet.is_unsatisfiable using ranges (new internals that will be expanded in future versions) in (:pull:1119)
    • 

  • Add create_compatible_tags_selector to select compatible tags in (:pull:1110)
    • 

  • Add a key argument to SpecifierSet.filter() in (:pull:1068)
    • 

  • Support & and | for Marker's in (:pull:1146)
    • 

  • Normalize Version.__replace__ and add Version.from_parts in (:pull:1078)
    • 

  • Add an option to validate compressed tag set sort order in parse_wheel_filename in (:pull:1150)
    • 



Behavior adaptations:


    

  • Narrow exclusion of pre-releases for <V.postN to match spec in (:pull:1140)
    • 

  • Narrow exclusion of post-releases for >V to match spec in (:pull:1141)
    • 

  • Rename format_full_version to _format_full_version to make it visibly private in (:pull:1125)
    • 

  • Restrict local version to ASCII in (:pull:1102)
    • 



Pylock (PEP 751) updates:


    

  • Add pylock select function in (:pull:1092)
    • 

  • Document pylock select() method and PylockSelectError in (:pull:1153)
    • 

  • Add filename property to PackageSdist and PackageWheel, more validation in (:pull:1095)
    • 

  • Give preference to path over url in (:pull:1128)
    • 

  • Validate name/version consistency in file names in (:pull:1114)
    • 



Fixes:


    

  • Fix > comparison for versions with dev+local segments in (:pull:1097)
    • 

  • Fix incorrect self-comparison for InfinityType and NegativeInfinityType in (:pull:1093)
    • 

  • Canonicalize when deduplicating specifiers in SpecifierSet in (:pull:1109)
    • 

  • Fix charset error message formatting in (:pull:1121)
    • 

  • Handle the key parameter in SpecifierSet.filter when specifiers are empty and prerelease is False in (:pull:1096)
    • 

  • Standardize inner components of repr output in (:pull:1090)
    • 

  • Specifier's === uses original string, not normalized, when available in (:pull:1124)
    • 

  • Propagate int-max-str-digits ValueError in (:pull:1155)
    • 



Performance:


    

  • Add fast path for parsing simple versions (digits and dots only) in (:pull:1082)
    • 

  • Add fast path for Version to Version comparison by skipping _key property in (:pull:1083)
    • 

  • Cache Version hash value in dedicated slot in (:pull:1118)
    • 

  • Overhaul _cmpkey to remove use of custom objects in (:pull:1116)
    • 

  • Skip __replace__ in Specifier comparison if not needed in (:pull:1081)
    
</tr></table>

... (truncated)

Commits
  • c1a88a3 Bump for release
  • 702c25e docs: update changelog for 26.1 (#1156)
  • 3f4f5d4 Implement is_unsatisfiable on SpecifierSet using ranges (#1119)
  • 06c6555 Propagate int-max-str-digits ValueError (#1155)
  • 905c90c feat: option to validate compressed tag set sort order in `parse_wheel_filena...
  • af0026c docs(pylock): document select() method and PylockSelectError (#1153)
  • 668da86 Rename format_full_version to _format_full_version to make it visibly private...
  • f294d52 tests: do not reload the tags module (#1152)
  • 2c6c7df feat: add handling for Emscripten wheels tags per PEP 783 (#804)
  • 6762eea docs(markers): document & and | operators for combining Marker objects (#1151)
  • Additional commits viewable in compare view

Updates rich to 15.0.0

Release notes

Sourced from rich's releases.

The So Long 3.8 Release

A few fixes. The major version bump is to honor the passing of 3.8 support which reached its EOL in October 7, 2024

[15.0.0] - 2026-04-12

Changed

  • Breaking change: Dropped support for Python3.8

Fixed

Changelog

Sourced from rich's changelog.

[15.0.0] - 2026-04-12

Changed

  • Breaking change: Dropped support for Python3.8

Fixed

[14.3.4] - 2026-04-11

Changed

[14.3.3] - 2026-02-19

Fixed

[14.3.2] - 2026-02-01

Fixed

[14.3.1] - 2026-01-24

Fixed

[14.3.0] - 2026-01-24

Fixed

Added

... (truncated)

Commits

Updates kubernetes to 35.0.0

Release notes

Sourced from kubernetes's releases.

Kubernetes Python Client v35.0.0 Stable Release

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v35.0.0.zip
cd client-python-v35.0.0
python setup.py install

Then follow examples in https://github.com/kubernetes-client/python/tree/release-35.0/examples

Changelog: https://github.com/kubernetes-client/python/blob/release-35.0/CHANGELOG.md

Changelog

Sourced from kubernetes's changelog.

v35.0.0+snapshot

Kubernetes API Version: v1.35.0

API Change

  • Added ObservedGeneration to CustomResourceDefinition conditions. (kubernetes/kubernetes#134984, @​michaelasp)

  • Added WithOrigin within apis/core/validation with adjusted tests. (kubernetes/kubernetes#132825, @​PatrickLaabs)

  • Added scoring for the prioritized list feature so nodes that best satisfy the highest-ranked subrequests were chosen. (kubernetes/kubernetes#134711, @​mortent) [SIG Node, Scheduling and Testing]

  • Added the --min-compatibility-version flag to kube-apiserver, kube-controller-manager, and kube-scheduler. (kubernetes/kubernetes#133980, @​siyuanfoundation) [SIG API Machinery, Architecture, Cluster Lifecycle, Etcd, Scheduling and Testing]

  • Added the StorageVersionMigration v1beta1 API and removed the v1alpha1 API.

    ACTION REQUIRED: The v1alpha1 API is no longer supported. Users must remove any v1alpha1 resources before upgrading. (kubernetes/kubernetes#134784, @​michaelasp) [SIG API Machinery, Apps, Auth, Etcd and Testing]

  • Added validation to ensure log-flush-frequency is a positive value, returning an error instead of causing a panic. (kubernetes/kubernetes#133540, @​BenTheElder) [SIG Architecture, Instrumentation, Network and Node]

  • All containers are restarted when a source container in a restart policy rule exits. This alpha feature is gated behind RestartAllContainersOnContainerExit. (kubernetes/kubernetes#134345, @​yuanwang04) [SIG Apps, Node and Testing]

  • CSI drivers can now opt in to receive service account tokens via the secrets field instead of volume context by setting spec.serviceAccountTokenInSecrets: true in the CSIDriver object. This prevents tokens from being exposed in logs and other outputs. The feature is gated by the CSIServiceAccountTokenSecrets feature gate (beta in v1.35). (kubernetes/kubernetes#134826, @​aramase) [SIG API Machinery, Auth, Storage and Testing]

  • Changed kuberc configuration schema. Two new optional fields added to kuberc configuration, credPluginPolicy and credPluginAllowlist. This is documented in KEP-3104 and documentation is added to the website by kubernetes/website#52877 (kubernetes/kubernetes#134870, @​pmengelbert) [SIG API Machinery, Architecture, Auth, CLI, Instrumentation and Testing]

  • DRA device taints: DeviceTaintRule status provides information about the rule, including whether Pods still need to be evicted (EvictionInProgress condition). The newly added None effect can be used to preview what a DeviceTaintRule would do if it used the NoExecute effect and to taint devices (device health) without immediately affecting scheduling or running Pods. (kubernetes/kubernetes#134152, @​pohly) [SIG API Machinery, Apps, Auth, Node, Release, Scheduling and Testing]

  • DRA: The DynamicResourceAllocation feature gate for the core functionality (GA in v1.34) has now been locked to enabled-by-default and cannot be disabled anymore. (kubernetes/kubernetes#134452, @​pohly) [SIG Auth, Node, Scheduling and Testing]

  • Enabled kubectl get -o kyaml by default. To disable it, set KUBECTL_KYAML=false. (kubernetes/kubernetes#133327, @​thockin)

  • Enabled in-place resizing of pod-level resources.

    • Added Resources in PodStatus to capture resources set in the pod-level cgroup.
    • Added AllocatedResources in PodStatus to capture resources requested in the PodSpec. (kubernetes/kubernetes#132919, @​ndixita) [SIG API Machinery, Apps, Architecture, Auth, CLI, Instrumentation, Node, Scheduling and Testing]

  • Enabled the NominatedNodeNameForExpectation feature in kube-scheduler by default.

    • Enabled the ClearingNominatedNodeNameAfterBinding feature in kube-apiserver by default. (kubernetes/kubernetes#135103, @​ania-borowiec) [SIG API Machinery, Apps, Architecture, Auth, Autoscaling, CLI, Cloud Provider, Cluster Lifecycle, Etcd, Instrumentation, Network, Node, Scheduling, Storage and Testing]

  • Enhanced discovery responses to merge API groups and resources from all peer apiservers when the UnknownVersionInteroperabilityProxy feature is enabled. (kubernetes/kubernetes#133648, @​richabanker) [SIG API Machinery, Auth, Cloud Provider, Node, Scheduling and Testing]

  • Extended core/v1 Toleration to support numeric comparison operators (Gt,Lt). (kubernetes/kubernetes#134665, @​helayoty) [SIG API Machinery, Apps, Node, Scheduling, Testing and Windows]

  • Feature gate dependencies are now explicit, and validated at startup. A feature can no longer be enabled if it depends on a disabled feature. In particular, this means that AllAlpha=true will no longer work without enabling disabled-by-default beta features that are depended on (either with AllBeta=true or explicitly enumerating the disabled dependencies). (kubernetes/kubernetes#133697, @​tallclair) [SIG API Machinery, Architecture, Cluster Lifecycle and Node]

  • Generated OpenAPI model packages for API types into zz_generated.model_name.go files, accessible via the OpenAPIModelName() function. This allows API authors to declare desired OpenAPI model packages instead of relying on the Go package path of API types. (kubernetes/kubernetes#131755, @​jpbetz) [SIG API Machinery, Apps, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Network, Node, Scheduling, Storage and Testing]

  • Implemented constrained impersonation as described in KEP-5284. (kubernetes/kubernetes#134803, @​enj) [SIG API Machinery, Auth and Testing]

  • Introduced a new declarative validation tag +k8s:customUnique to control listmap uniqueness. (kubernetes/kubernetes#134279, @​yongruilin) [SIG API Machinery and Auth]

  • Introduced a structured and versioned v1alpha1 response for the statusz endpoint. (kubernetes/kubernetes#134313, @​richabanker) [SIG API Machinery, Architecture, Instrumentation, Network, Node, Scheduling and Testing]

  • Introduced a structured and versioned v1alpha1 response format for the flagz endpoint. (kubernetes/kubernetes#134995, @​yongruilin) [SIG API Machinery, Architecture, Instrumentation, Network, Node, Scheduling and Testing]

  • Introduced the GangScheduling kube-scheduler plugin to support "all-or-nothing" scheduling using the scheduling.k8s.io/v1alpha1 Workload API. (kubernetes/kubernetes#134722, @​macsko) [SIG API Machinery, Apps, Auth, CLI, Etcd, Scheduling and Testing]

  • Introduced the Node Declared Features capability (alpha), which includes:

    • A new Node.Status.DeclaredFeatures field for publishing node-specific features.
    • A component-helpers library for feature registration and inference.
    • A NodeDeclaredFeatures scheduler plugin to match pods with nodes that provide required features.
    • A NodeDeclaredFeatureValidator admission plugin to validate pod updates against a node's declared features. (kubernetes/kubernetes#133389, @​pravk03) [SIG API Machinery, Apps, Node, Release, Scheduling and Testing]

  • Introduced the scheduling.k8s.io/v1alpha1 Workload API to express workload-level scheduling requirements and allow the kube-scheduler to act on them. (kubernetes/kubernetes#134564, @​macsko) [SIG API Machinery, Apps, CLI, Etcd, Scheduling and Testing]

  • Introduced the alpha MutableSchedulingDirectivesForSuspendedJobs feature gate (disabled by default), which allows mutating a Job's scheduling directives while the Job is suspended. It also updates the Job controller to clears the status.startTime field for suspended Jobs. (kubernetes/kubernetes#135104, @​mimowo) [SIG Apps and Testing]

  • Kube-apiserver: Fixed a v1.34 regression in CustomResourceDefinition handling that incorrectly warned about unrecognized formats on number and integer properties. (kubernetes/kubernetes#133896, @​yongruilin) [SIG API Machinery, Apps, Architecture, Auth, CLI, Cloud Provider, Contributor Experience, Network, Node and Scheduling]

  • Kube-apiserver: Fixed a possible panic validating a custom resource whose CustomResourceDefinition indicates a status subresource exists, but which does not define a status property in the openAPIV3Schema. (kubernetes/kubernetes#133721, @​fusida) [SIG API Machinery, Apps, Architecture, Auth, Autoscaling, CLI, Cloud Provider, Cluster Lifecycle, Etcd, Instrumentation, Network, Node, Release, Scheduling, Storage and Testing]

  • Kubernetes API Go types removed runtime use of the github.com/gogo/protobuf library, and are no longer registered into the global gogo type registry. Kubernetes API Go types were not suitable for use with the google.golang.org/protobuf library, and no longer implement ProtoMessage() by default to avoid accidental incompatible use. If removal of these marker methods impacts your use, it can be re-enabled for one more release with a kubernetes_protomessage_one_more_release build tag, but will be removed in v1.36. (kubernetes/kubernetes#134256, @​liggitt) [SIG API Machinery, Apps, Architecture, Auth, CLI, Cluster Lifecycle, Instrumentation, Network, Node, Scheduling and Storage]

  • Made node affinity in Persistent Volume mutable. (kubernetes/kubernetes#134339, @​huww98) [SIG API Machinery, Apps and Node]

  • Moved the ImagePullIntent and ImagePulledRecord objects used by the kubelet to track image pulls to the v1beta1 API version. (kubernetes/kubernetes#132579, @​stlaz) [SIG Auth and Node]

  • Pod resize now only allows CPU and memory resources; other resource types are forbidden. (kubernetes/kubernetes#135084, @​tallclair) [SIG Apps, Node and Testing]

  • Prevented Pods from being scheduled onto nodes that lack the required CSI driver. (kubernetes/kubernetes#135012, @​gnufied) [SIG API Machinery, Scheduling, Storage and Testing]

  • Promoted HPA configurable tolerance to beta. The HPAConfigurableTolerance feature gate has now been enabled by default. (kubernetes/kubernetes#133128, @​jm-franc) [SIG API Machinery and Autoscaling]

  • Promoted ReplicaSet and Deployment .status.terminatingReplicas tracking to beta. The DeploymentReplicaSetTerminatingReplicas feature gate is now enabled by default. (kubernetes/kubernetes#133087, @​atiratree) [SIG API Machinery, Apps and Testing]

... (truncated)

Commits
  • ce36f0b Merge pull request #2503 from yliaog/automated-release-of-35.0.0-upstream-rel...
  • b2dac4f updated compatibility matrix and maintenance status
  • a12b59b generated client change
  • 74a1b50 update changelog
  • c01bc6e update version constants for 35.0.0 release
  • 7b0378c examples: add README and improve error handling in apply_from_dict
  • 38dfa82 Merge pull request #2500 from yliaog/automated-release-of-35.0.0b1-upstream-r...
  • 2157448 updated the compatibility matrix
  • ad157bb generated client change
  • 042ab9e update changelog
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the python-dependencies-v2 group across 1 directory…
cc9a76c 
… with 4 updates

Updates the requirements on [importlib-resources](https://github.com/python/importlib_resources), [packaging](https://github.com/pypa/packaging), [rich](https://github.com/Textualize/rich) and [kubernetes](https://github.com/kubernetes-client/python) to permit the latest version.

Updates `importlib-resources` to 6.5.2
- [Release notes](https://github.com/python/importlib_resources/releases)
- [Changelog](https://github.com/python/importlib_resources/blob/main/NEWS.rst)
- [Commits](python/importlib_resources@v6.1.3...v6.5.2)

Updates `packaging` to 26.1
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](pypa/packaging@21.3...26.1)

Updates `rich` to 15.0.0
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](Textualize/rich@v11.0.0...v15.0.0)

Updates `kubernetes` to 35.0.0
- [Release notes](https://github.com/kubernetes-client/python/releases)
- [Changelog](https://github.com/kubernetes-client/python/blob/master/CHANGELOG.md)
- [Commits](kubernetes-client/python@v24.2.0...v35.0.0)

---
updated-dependencies:
- dependency-name: importlib-resources
  dependency-version: 6.5.2
  dependency-type: direct:production
  dependency-group: python-dependencies-v2
- dependency-name: packaging
  dependency-version: '26.1'
  dependency-type: direct:production
  dependency-group: python-dependencies-v2
- dependency-name: rich
  dependency-version: 15.0.0
  dependency-type: direct:production
  dependency-group: python-dependencies-v2
- dependency-name: kubernetes
  dependency-version: 35.0.0
  dependency-type: direct:production
  dependency-group: python-dependencies-v2
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added 2.x development Tech debt, refactors, CI, tests, and other related work. labels Apr 16, 2026
@dependabot dependabot bot added development Tech debt, refactors, CI, tests, and other related work. 2.x labels Apr 16, 2026
@github-actions github-actions bot added the upstream dependency An upstream issue caused by a bug in one of our dependencies label Apr 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cicdw cicdw Awaiting requested review from cicdw cicdw is a code owner

@desertaxle desertaxle Awaiting requested review from desertaxle desertaxle is a code owner

@zzstoatzz zzstoatzz Awaiting requested review from zzstoatzz zzstoatzz is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

2.x development Tech debt, refactors, CI, tests, and other related work. upstream dependency An upstream issue caused by a bug in one of our dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants