Skip to content

Comments

chore(deps): update dependency pip-tools to v7.5.3#1517

Open
red-hat-konflux[bot] wants to merge 1 commit intomainfrom
konflux/mintmaker/main/python-dependencies
Open

chore(deps): update dependency pip-tools to v7.5.3#1517
red-hat-konflux[bot] wants to merge 1 commit intomainfrom
konflux/mintmaker/main/python-dependencies

Conversation

@red-hat-konflux
Copy link

@red-hat-konflux red-hat-konflux bot commented Feb 14, 2026

This PR contains the following updates:

Package Change Age Confidence
pip-tools (changelog) ==7.5.2 -> ==7.5.3 age confidence

Release Notes

jazzband/pip-tools (pip-tools)

v7.5.3

Compare Source

2026-02-09

Bug fixes
  • The option --unsafe-package is now normalized -- by {user}shifqu.

    PRs and issues: {issue}2150

  • Fixed a bug in which pip-compile lost any index URL options when
    looking up hashes -- by {user}sirosen.

    This caused errors when a package was only available from an extra
    index, and caused pip-compile to incorrectly drop index URL options
    from output, even when they were present in the input requirements.

    PRs and issues: {issue}2220, {issue}2294, {issue}2305

  • Fixed removal of temporary files used when reading requirements from stdin
    -- by {user}sirosen.

Features
  • pip-tools is now tested against Python 3.14 and 3.14t in CI, and
    marks them as supported in the core packaging metadata
    -- by {user}webknjaz.

    PRs and issues: {issue}2255

  • pip-tools is now compatible with pip 26.0 -- by {user}sirosen.

    PRs and issues: {issue}2319, {issue}2320

Removals and backward incompatible breaking changes
  • Removed support for Python 3.8 -- by {user}sirosen.
Improved documentation
  • The change log management infra now allows the maintainers to add notes
    before and after the regular categories -- by {user}webknjaz.

    PRs and issues: {issue}2287, {issue}2322

  • Added documentation clarifying that pip-compile reads the existing
    output file as a constraint source, and how to use --upgrade to
    refresh dependencies -- by {user}maliktafheem.

    PRs and issues: {issue}2307

Packaging updates and notes for downstreams
  • pip-tools is now tested against Python 3.14 and 3.14t in CI, and
    marks them as supported in the core packaging metadata
    -- by {user}webknjaz.

    PRs and issues: {issue}2255

Contributor-facing changes
  • Consistency of the Markdown files is now being enforced by linting
    with {pypi}pymarkdownlnt -- by {user}webknjaz.

    PRs and issues: {issue}2256

  • The linting is now set up to perform structured GitHub Actions
    workflows and actions checks against json schemas
    -- by {user}webknjaz.

    PRs and issues: {issue}2273

  • The CI/CD is now set up so that the distribution build job
    is a part of the test pipeline. That pipeline is included in
    the release workflow which sources the artifact in produces.
    The tests must now pass for the release to be published to PyPI.

    -- by {user}webknjaz

    PRs and issues: {issue}2274

  • Fix actionlint hook usage to always include shellcheck integration -- by {user}sirosen.

    PRs and issues: {issue}2281

  • Utilities for interacting with pip have started to move into the
    :py:mod:piptools._internal._pip_api subpackage -- by {user}sirosen.

    PRs and issues: {issue}2285

  • The change log management infra now allows the maintainers to add notes
    before and after the regular categories -- by {user}webknjaz.

    PRs and issues: {issue}2287, {issue}2322

  • The linting is now set up to demand that {py:mod}typing is always
    imported as a module under the name of _t -- by {user}webknjaz.

    This is enforced by {user}sirosen's {pypi}flake8-typing-as-t
    plugin for {pypi}flake8.

    PRs and issues: {issue}2289

  • The {file}tox.ini and {file}.github/ parts of the repository now
    have project leads assigned as GitHub code owners -- by {user}webknjaz.

    PRs and issues: {issue}2291

  • Remove a redundant 'v' prefix from the CI release workflow job name -- by {user}anandvenugopal-tech.

    PRs and issues: {issue}2300

  • The check-jsonschema ReadTheDocs hook has been enabled, and
    the config has been tweaked to pass -- by {user}sirosen.


Configuration

📅 Schedule: Branch creation - "after 5am on saturday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.


Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@openshift-ci
Copy link

openshift-ci bot commented Feb 14, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: red-hat-konflux[bot]
Once this PR has been reviewed and has the lgtm label, please assign mffiedler for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Feb 14, 2026
@openshift-ci
Copy link

openshift-ci bot commented Feb 14, 2026

Hi @red-hat-konflux[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants