Skip to content

chore(deps): update all dependencies #1303

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
renovate-bot wants to merge 1 commit into
base: main
Choose a base branch
from
+26 −26
Open

chore(deps): update all dependencies #1303

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion dev_requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@ sqlalchemy>=2.0.15,<2.1.0
google-cloud-bigquery>=1.6.0
pytest===6.2.5
pytest-flake8===1.1.0 # versions 1.1.1 and above require pytest 7
pytz==2025.2
pytz==2026.1.post1
Copy link

@gemini-code-assist gemini-code-assist bot Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

critical

The new version 2026.1.post1 for pytz appears to be from the future. The previous version 2025.2 also seems to be a future-dated version. This is a critical security risk, as it could indicate a malicious package or a compromised package source. Please investigate and use an official, verified version of this package.

12 changes: 6 additions & 6 deletions samples/snippets/requirements-test.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
attrs==25.4.0
click===8.1.8; python_version <= '3.9'
click==8.3.0; python_version >= '3.10'
google-auth==2.41.1
google-cloud-testutils==1.6.4
iniconfig==2.1.0
packaging==25.0
click==8.3.1; python_version >= '3.10'
Copy link

@gemini-code-assist gemini-code-assist bot Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

critical

The version 8.3.1 for click appears to be a future version. The PR description mentions a release date in 2025 for this version, while the latest official version is 8.1.7. This is a critical security risk. Please verify the package source.

google-auth==2.49.0
google-cloud-testutils==1.7.0
iniconfig==2.3.0
packaging==26.0
pluggy==1.6.0; python_version >= '3.9'
py==1.11.0
pyasn1==0.6.2
pyasn1-modules==0.4.2
pyparsing==3.2.5; python_version >= '3.9'
pyparsing==3.3.2; python_version >= '3.9'
pytest===6.2.5
rsa==4.9.1
six==1.17.0
Expand Down
38 changes: 19 additions & 19 deletions samples/snippets/requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,30 +1,30 @@
alembic==1.16.5; python_version >= '3.9'
certifi==2025.10.5
charset-normalizer==3.4.3
alembic==1.18.4; python_version >= '3.9'
Copy link

@gemini-code-assist gemini-code-assist bot Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

critical

The version 1.18.4 for alembic appears to be a future version. The latest official version is 1.13.1. This is a critical security risk and suggests a problem with the package source being used.

certifi==2026.2.25
Copy link

@gemini-code-assist gemini-code-assist bot Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

critical

The new version 2026.2.25 for certifi appears to be from the future. The previous version 2025.10.5 also seems to be a future-dated version. This is a critical security risk, as it could indicate a malicious package or a compromised package source. Please investigate and use an official, verified version of this package.

charset-normalizer==3.4.5
geoalchemy2===0.17.1; python_version == '3.9'
geoalchemy2==0.18.0; python_version >= '3.10'
google-api-core[grpc]==2.25.2
google-auth==2.41.1
google-cloud-bigquery==3.38.0; python_version >= '3.9'
google-cloud-core==2.4.3
google-crc32c==1.7.1; python_version >= '3.9'
google-resumable-media==2.7.2
googleapis-common-protos==1.70.0
greenlet==3.2.4; python_version >= '3.9'
grpcio==1.75.1; python_version >= '3.9'
grpcio-status==1.75.1; python_version >= '3.9'
idna==3.10
geoalchemy2==0.18.4; python_version >= '3.10'
google-api-core[grpc]==2.30.0
google-auth==2.49.0
google-cloud-bigquery==3.40.1; python_version >= '3.9'
google-cloud-core==2.5.0
google-crc32c==1.8.0; python_version >= '3.9'
google-resumable-media==2.8.0
googleapis-common-protos==1.73.0
greenlet==3.3.2; python_version >= '3.9'
grpcio==1.78.0; python_version >= '3.9'
grpcio-status==1.78.0; python_version >= '3.9'
idna==3.11
importlib-resources==6.5.2; python_version >= '3.9'
mako==1.3.10; python_version >= '3.9'
markupsafe==3.0.3; python_version >= '3.9'
packaging==25.0
proto-plus==1.26.1
packaging==26.0
proto-plus==1.27.1
protobuf==6.32.1; python_version >= '3.9'
pyasn1==0.6.2
pyasn1-modules==0.4.2
pyparsing==3.2.5; python_version >= '3.9'
pyparsing==3.3.2; python_version >= '3.9'
python-dateutil==2.9.0.post0
pytz==2025.2
pytz==2026.1.post1
requests==2.32.5
rsa==4.9.1
shapely===2.0.7; python_version <= '3.9'
Expand Down