build(deps)(deps): bump python from 3.12-slim-bookworm to 3.14-slim-bookworm#137
build(deps)(deps): bump python from 3.12-slim-bookworm to 3.14-slim-bookworm#137dependabot[bot] wants to merge 1 commit into
Conversation
Bumps python from 3.12-slim-bookworm to 3.14-slim-bookworm. --- updated-dependencies: - dependency-name: python dependency-version: 3.14-slim-bookworm dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
|
Closing in favour of a counter-PR that bumps to Python 3.13 (not 3.14). Why not 3.14: Why 3.13: Both base images exist on the registry ( Path forward:
Verified wheel availability for the heavy C-extensions (cp314 column included for posterity — they're ready, the image isn't):
·@·d·ependabot i·gnore t·his major version Generated by Claude Code |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
…137) Closes the loop on dependabot PR #137 (3.12 → 3.14). Goes to 3.13 instead of 3.14 because the upstream constraint is: - `ghcr.io/astral-sh/uv` hasn't published a `python3.14-bookworm-slim` tag yet (current registry: 3.10 / 3.12 / 3.13 on bookworm-slim + trixie-slim). Bumping the Dockerfile runtime alone (what dependabot proposed) leaves stage 1 of the multi-stage build on 3.12-built wheels — the C extensions (psycopg-binary, pydantic-core, pglast) would fail to load on the 3.14 runtime ABI. 3.13 is the clean path forward: - both base images exist on the registry - all heavy C-extensions ship cp313 wheels (verified on PyPI) - the `Programming Language :: Python :: 3.13` classifier is already in pyproject.toml - 3.13 has been GA for >1 year; every dep has battle-tested wheels Bumps: - Dockerfile stage 1 (builder): python3.13-bookworm-slim - Dockerfile stage 2 (runtime): python:3.13-slim-bookworm - .github/workflows/ci.yml: 3 `python-version: "3.12"` → "3.13" - .github/workflows/publish.yml: same 3 sites - pyproject.toml `[tool.mypy] python_version`: 3.13 - .python-version: 3.13 (drives `uv venv` / local dev shell) Intentionally NOT changed: - `requires-python = ">=3.12"` — 3.12 stays supported for users installing from PyPI. We just don't test 3.12 in CI any more (single Python version in the matrix; adding 3.12 + 3.13 would Cartesian-product against the 6-version PG matrix into 12 jobs). - `[tool.ruff] target-version = "py312"` — ruff's fix suggestions stay at the support floor, not the test version. Otherwise ruff might propose py313-only syntax (e.g. PEP 695 type bounds) that would break installs on 3.12. - The `Python :: 3.12` classifier — still supported. Revisit 3.14 once astral publishes `uv:python3.14-bookworm-slim` (~6 weeks per their historical cadence). Wheel availability for our heavy C-extensions on cp314 is already there (verified before this PR — pglast 7.14 cp314 + cp314t, psycopg-binary 3.3.4 cp314, pydantic-core 2.47.0 cp314). Verified locally: - uv run python --version → Python 3.13.12 - uv run pytest -q --ignore=tests/integration → 2,295 passed - uv run ruff check . && ruff format --check . → clean - uv run mypy src/mcpg → clean (89 source files) Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_0122yLZLJ8t4W43sdN6BmTZc
Bumps python from 3.12-slim-bookworm to 3.14-slim-bookworm.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)