Skip to content

chore(deps): raise dependency floors and sync lockfile#271

Merged
MinhHaDuong merged 1 commit into
mainfrom
chore/deps-floor-bumps
Jun 23, 2026
Merged

chore(deps): raise dependency floors and sync lockfile#271
MinhHaDuong merged 1 commit into
mainfrom
chore/deps-floor-bumps

Conversation

@MinhHaDuong

Copy link
Copy Markdown
Collaborator

Consolidates the five open Dependabot floor bumps into one PR with a regenerated uv.lock.

Why consolidate

Each Dependabot PR touched only pyproject.toml. Three of them (#261, #263, #264) raised the lower bound above the currently-locked version without updating uv.lock. CI runs plain uv sync (never uv sync --locked), so the resulting lockfile drift would land on main uncaught. Merging the five PRs individually also means four sequential rebases on the same file.

Landing them together with a regenerated lockfile keeps uv.lock consistent and merges in one step.

Changes

package floor locked
plotly >=5.0.0>=6.7.0 6.3.1 → 6.8.0
ibis-framework >=8.0.0>=12.0.0 11.0.0 → 12.0.0
pyarrow >=14.0.0>=23.0.1 21.0.0 → 24.0.0
seaborn >=0.13.0>=0.13.2 already 0.13.2
mypy <2.0<3.0 1.16.1 unchanged

Verification

  • uv lock --locked passes (lockfile consistent with pyproject.toml)
  • uv sync --group dev, ruff check ., ruff format --check . all pass
  • plotly / ibis / pyarrow / seaborn import at the new versions

Supersedes #261, #262, #263, #264, #265.

Ticket: none

🤖 Generated with Claude Code

Consolidates five Dependabot floor bumps that each touched pyproject.toml
in isolation (#261 plotly, #262 seaborn, #263 ibis-framework, #264 pyarrow,
#265 mypy). Three raised the lower bound above the locked version without
updating uv.lock, which would leave the lockfile inconsistent with
pyproject.toml after merge (CI only runs plain `uv sync`, never --locked,
so the drift goes uncaught).

Landing them together with a regenerated uv.lock keeps the lockfile
consistent (`uv lock --locked` passes) and avoids four sequential
Dependabot rebases on the same file.

  plotly        >=5.0.0  -> >=6.7.0   (locked 6.3.1 -> 6.8.0)
  ibis-framework>=8.0.0  -> >=12.0.0  (locked 11.0.0 -> 12.0.0)
  pyarrow       >=14.0.0 -> >=23.0.1  (locked 21.0.0 -> 24.0.0)
  seaborn       >=0.13.0 -> >=0.13.2  (already locked at 0.13.2)
  mypy          <2.0     -> <3.0      (locked 1.16.1 unchanged)

Verified: uv sync, uv lock --locked, ruff check, ruff format --check all
pass; plotly/ibis/pyarrow/seaborn import at the new versions.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant