Bump redis from 7.4.0 to 8.0.0

[dependabot]

Bumps redis from 7.4.0 to 8.0.0.

Release notes

Sourced from redis's releases.

8.0.0

Changes

🚀 Highlights

Async Cluster PubSub

This release introduces full asyncio Cluster PubSub support, bringing shard-channel capabilities (SSUBSCRIBE, SUNSUBSCRIBE, SPUBLISH) to the async RedisCluster client. The new ClusterPubSub class in redis.asyncio.cluster automatically routes shard-channel subscriptions to the correct cluster node based on key-slot hashing, manages per-node PubSub connections, and supports round-robin message retrieval across nodes. Users can create a cluster pubsub instance via RedisCluster.pubsub() and use ssubscribe(), sunsubscribe(), and get_sharded_message() just as they would with the sync cluster client.

Keyspace and subkey notifications

Redis Keyspace Notifications are now supported for standalone and cluster deployments in both sync and async modes. New classes — KeyspaceNotifications, ClusterKeyspaceNotifications, AsyncKeyspaceNotifications, and AsyncClusterKeyspaceNotifications — provide a high-level API for keyspace/keyevent subscriptions and subkey notification families: subkeyspace, subkeyevent, subkeyspaceitem, and subkeyspaceevent. Convenience methods like subscribe_keyspace(), subscribe_keyevent(), subscribe_subkeyspace(), subscribe_subkeyevent(), subscribe_subkeyspaceitem(), and subscribe_subkeyspaceevent() simplify common patterns, with channel classes for both key and subkey channels.

In cluster mode, subscriptions are managed across primary nodes because each node emits notifications only for keys it owns, with built-in topology-change handling. Sync run_in_thread() and async listen() workflows are supported.

Redis Array commands(https://redis.io/docs/latest/develop/data-types/arrays/)

redis-py now supports Redis Arrays, a preview Redis data type for sparse, index-addressable sequences of strings. New AR* command helpers cover indexed reads/writes, range scans, deletion, cursor-based insertion, ring-buffer writes, metadata, text search, and aggregation, including ARGET, ARSET, ARMGET, ARMSET, ARSCAN, ARGREP, ARRING, and AROP.

Type Hints Improvements (breaking changes)

The @overload pattern has been applied systematically across core commands (core.py), VectorSet commands, and module commands (Search, JSON, TimeSeries, Bloom filters) to provide distinct return types for sync and async clients. Previously, methods returned a combined ResponseT (i.e., Union[Awaitable[Any], Any]), which caused static analysis tools like mypy and Pyright to flag false positives. Now, sync clients see concrete return types (e.g., int, bool, list[str]) while async clients see Awaitable[...] wrappers. This is a breaking change for type-checking only—runtime behavior is unchanged, but code relying on the old union return types in type annotations may need updates. Two new protocol types, SyncClientProtocol and AsyncClientProtocol, are used in overload signatures to enable this distinction.

RESP3 by default with opt-in unified responses

redis-py 8.0.0 now uses RESP3 on the wire by default while preserving legacy RESP2-compatible Python response shapes for existing applications (#4052). Protocol-independent unified response shapes are available by setting legacy_responses=False, so affected commands return the same Python structure with RESP2 or RESP3.

Use protocol=2 to force RESP2 on the wire, protocol=3 to opt into native RESP3 response shapes, or legacy_responses=False to migrate to unified responses. See https://github.com/redis/redis-py/blob/HEAD/docs/unified_responses.rst and https://github.com/redis/redis-py/blob/HEAD/specs/unified_responses_migration_guide.md for the affected commands and migration details.

Connection and retry defaults

Default connection settings were updated: socket_timeout and socket_connect_timeout now default to 5 seconds, TCP keepalive is enabled by default, socket reads use a 32 KB buffer, connection pools default to max_connections=100, and retry defaults now use 10 attempts with exponential jitter backoff.

Note: socket_timeout can affect blocking commands such as BLPOP/BRPOP; if a command blocks longer than the client socket timeout, it may raise TimeoutError before the command timeout elapses (#2807).

🧪 Experimental Features

• Added support for new array commands (#4055)

🚀 New Features

• Support Cluster PubSub in asyncio (#3736)
• Add Redis Keyspace Notifications Support for Redis Cluster (#3962)
• Add random load balancing strategy which allows for use of the primary (#4027)
• Add FPHA (floating-point homogeneous array) arg support to JSON.SET (#4011)
• Added custom Claude command + XNACK command support (#4030)
• Adding Time Series Multiple Aggregators support (#4035)
• Adding support for new COUNT aggregator for some sorted set commands - ZINTER, ZINTERSTORE, ZUNION, ZUNIONSTORE (#4034)
• Adding support for new INCREX command (#4067 #4077)
• Add support for PubSub subscriptions with binary channel names and handlers (#4068)

... (truncated)

Commits

• 733f80e Updates in default connection and retry settings (#4082)
• a68a16c Updating Redis supported versions in README.md and lib version to 8.0.0
• 43a41d3 Updating INCREX command arg - SATURATE now controls overflow behaviour (#4077)
• 1496deb Preserve explicit None for client metadata config (#4081)
• 57dc08c Avoid zero-timeout async reads in hiredis connections readiness checks and re...
• cd54ddd fix(typing): correct type annotation for XReadResponse (#4046)
• ab2d41f Add support for PubSub subscriptions with binary channel names and handlers (...
• ef24dc9 Randomize cluster startup node order during topology refresh (#4060)
• b604015 Add CLAUDE.md and /sync-claude-md skill for managing (#4066)
• 2b8b4fc Fix flaky tests (#4071)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[redreceipt]

⚠️ Risk & migration note — redis 7.4.0 → 8.0.0 (major)

Major version bump of the redis (redis-py) client. CI is fully green (ruff, mypy, vulture, unit-tests, gunicorn-smoke), but a major can carry runtime/behavioral changes that unit tests don't catch — hence this note rather than an auto-merge.

Blast radius: small and isolated. The only consumer is fleet_health_cache.py (the Airflow fleet-health cache). It is an optional dependency (try/except ImportError) and only active when REDIS_URL is set (should_use_redis_cache()), and every Redis call is wrapped in try/except with graceful degradation (cache miss / disabled), so a failure cannot crash the app — it just bypasses the cache.

Audit checklist

• API surface used is stable across redis-py majors — only redis.Redis.from_url(...), .get(), .set(), .setex(). None of these signatures changed in 8.0.
• Connection kwargs reviewed — decode_responses, socket_connect_timeout, socket_timeout, and ssl_cert_reqs (none/optional/required) are all still valid from_url params in 8.0.
• Failure modes are safe — optional import + per-call exception handling means a regression degrades to "no cache", not an outage.
• Live rediss:// TLS smoke test — CI does not stand up a real Redis, so the TLS connect path (ssl_cert_reqs handling) is unexercised. Before/at deploy, confirm a real rediss:// connection still authenticates and that get/setex round-trip. This is the only item not coverable in CI.
• Confirm the deployed runtime's Python version is still supported by redis-py 8.x.

Recommendation: Low risk given the isolation and graceful degradation. Safe to merge once a maintainer confirms the live rediss:// path against the deploy target; no code changes were required by the audit.

---

Generated by Claude Code

[redreceipt]

⚠️ Major bump — redis 7.4.0 → 8.0.0 (risk assessment)

redis-py 8.0 is a major with a few behavioral changes worth flagging, but our usage is narrow. The only consumer is fleet_health_cache.py, which does redis.Redis.from_url(redis_url, socket_timeout=2, ...) and wraps every get/set in try/except. All CI is green (ruff, mypy, unit-tests, vulture, gunicorn-smoke).

redis-py 8.0 changes vs. our exposure

• RESP3 is now the default protocol — but legacy RESP2-compatible response shapes are preserved by default, and we only do simple string get/set, so parsing is unaffected.
• New default socket_timeout/socket_connect_timeout = 5s — we pass an explicit socket_timeout=2, so the new default doesn't change our behavior.
• New retry defaults (10 attempts, jittered backoff) — only relevant on transient failures, and our reads/writes are already exception-guarded with logging.
• socket_timeout can interrupt blocking commands (BLPOP/BRPOP) — N/A, we use no blocking commands.
• Sanity-check the deployed REDIS_URL connection once merged (the cache is best-effort, so a regression degrades gracefully rather than failing requests).

Assessment: low real risk for this codebase + green CI. Leaving the merge decision to a human reviewer since it's a major; not enabling auto-merge.

---

Generated by Claude Code