Skip to content

chore(deps): batch dependency + CI-action bumps (supersedes Dependabot #43-#56)#57

Merged
kutsenko merged 1 commit into
mainfrom
chore/deps-batch
May 17, 2026
Merged

chore(deps): batch dependency + CI-action bumps (supersedes Dependabot #43-#56)#57
kutsenko merged 1 commit into
mainfrom
chore/deps-batch

Conversation

@kutsenko
Copy link
Copy Markdown
Owner

@kutsenko kutsenko commented May 17, 2026

Summary

Applies fourteen Dependabot bumps directly in one commit instead of
merging the PRs individually — they all touch pyproject.toml or
docker-publish.yml and would conflict-cascade. The individual
Dependabot PRs also fail build-and-push because Dependabot PRs get no
registry-secret access; this regular-branch PR does not have that
limitation.

pyproject.toml>= version floors (no pinning):

Dependency From To PR
setuptools (build-system) >=69 >=82.0.1 #55
ocrmypdf >=16.12.0 >=17.4.1 #47
pikepdf >=9.0.0 >=10.5.1 #49
uvicorn >=0.32 >=0.44.0 #54
img2pdf >=0.5.0 >=0.6.3 #52
httpx >=0.28 >=0.28.1 #48
ruff >=0.9 >=0.15.10 #53
pytest-asyncio >=0.23.0 >=1.3.0 #56
pytest-timeout >=2.1.0 >=2.4.0 #51
pip-audit >=2.7 >=2.10.0 #50

.github/workflows/docker-publish.yml — CI action majors:

Action From To PR
docker/login-action v3 v4 #43
docker/metadata-action v5 v6 #44
docker/setup-buildx-action v3 v4 #45
docker/build-push-action v5 v7 #46

Closes #43, closes #44, closes #45, closes #46, closes #47, closes #48,
closes #49, closes #50, closes #51, closes #52, closes #53, closes #54,
closes #55, closes #56.

🤖 Generated with Claude Code

@kutsenko @claude
chore(deps): batch dependency + CI-action bumps (Dependabot #43-#56)
84fd07f 
Applies fourteen Dependabot bumps directly in one commit instead of
merging the PRs individually (they all touch pyproject.toml or
docker-publish.yml and would conflict-cascade; the Dependabot PRs also
fail build-and-push because Dependabot PRs get no registry-secret
access — a regular-branch PR does not).

pyproject.toml — `>=` version floors (no pinning):
- setuptools      >=69      -> >=82.0.1   (#55, build-system)
- ocrmypdf        >=16.12.0 -> >=17.4.1   (#47)
- pikepdf         >=9.0.0   -> >=10.5.1   (#49)
- uvicorn         >=0.32    -> >=0.44.0   (#54)
- img2pdf         >=0.5.0   -> >=0.6.3    (#52)
- httpx           >=0.28    -> >=0.28.1   (#48)
- ruff            >=0.9     -> >=0.15.10  (#53)
- pytest-asyncio  >=0.23.0  -> >=1.3.0    (#56)
- pytest-timeout  >=2.1.0   -> >=2.4.0    (#51)
- pip-audit       >=2.7     -> >=2.10.0   (#50)

.github/workflows/docker-publish.yml — CI action majors:
- docker/login-action        v3 -> v4    (#43)
- docker/metadata-action     v5 -> v6    (#44)
- docker/setup-buildx-action v3 -> v4    (#45)
- docker/build-push-action   v5 -> v7    (#46)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@kutsenko kutsenko merged commit aa8a3e8 into main May 17, 2026
4 checks passed
@kutsenko kutsenko deleted the chore/deps-batch branch May 17, 2026 11:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kutsenko