Skip to content

MLE-26598 Merging master to dev, bumping pytest #133

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rjrudin merged 7 commits into from
Jan 23, 2026
Merged

MLE-26598 Merging master to dev, bumping pytest #133

rjrudin merged 7 commits into from
Jan 23, 2026

Conversation

@rjrudin
Copy link
Contributor

@rjrudin rjrudin commented Jan 23, 2026

pytest 7 has a high vulnerability, though it's a test dependency. This bumps it to the latest version. Also bumping the Python version needed for development to 3.10 to support pytest 9.

dependabot bot and others added 6 commits July 22, 2025 04:08
@dependabot
Bump nokogiri from 1.18.8 to 1.18.9 in /docs
3ae5ad1 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.18.8 to 1.18.9.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.18.8...v1.18.9)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-version: 1.18.9
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@rjrudin
Merge pull request #114 from marklogic/dependabot/bundler/docs/nokogi…
f5faa10 
…ri-1.18.9

Bump nokogiri from 1.18.8 to 1.18.9 in /docs
@rjrudin
Merge pull request #120 from marklogic/release/1.3.0
23b3944 
Merge 1.3.0 into master
@dependabot @rjrudin
Bump rexml from 3.3.9 to 3.4.2 in /docs
653ece9 
Bumps [rexml](https://github.com/ruby/rexml) from 3.3.9 to 3.4.2.
- [Release notes](https://github.com/ruby/rexml/releases)
- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md)
- [Commits](ruby/rexml@v3.3.9...v3.4.2)

---
updated-dependencies:
- dependency-name: rexml
  dependency-version: 3.4.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@rjrudin
MLE-26598 Bumped to 1.3.1
ddd3f81
@rjrudin
Merge pull request #132 from marklogic/release/1.3.1
13cfeaf 
MLE-26598 Merge release/1.3.1 into master
Copilot AI review requested due to automatic review settings January 23, 2026 15:52
@github-actions
Copy link

github-actions bot commented Jan 23, 2026
edited
Loading

Copyright Validation Results
Total: 4 | Passed: 0 | Failed: 0 | Skipped: 4 | at: 2026-01-23 16:00:27 UTC | commit: 61bd288

⏭️ Skipped (Excluded) Files

  • .copyrightconfig
  • CONTRIBUTING.md
  • poetry.lock
  • pyproject.toml

✅ All files have valid copyright headers!

Copilot AI reviewed Jan 23, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR upgrades the Python development environment and test dependencies to address security vulnerabilities. The minimum Python version is bumped from 3.9 to 3.10 to support pytest 9, which resolves a high-severity vulnerability in pytest 7.

Changes:

  • Upgraded pytest from version 7.4.0 to 9.0.2 to address security vulnerability
  • Bumped minimum Python version from 3.9 to 3.10 to support pytest 9
  • Incremented package version from 1.3.0 to 1.3.1

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated 1 comment.

File Description
pyproject.toml Updated Python version requirement, pytest version, and package version
CONTRIBUTING.md Updated Java requirement from "8 or higher" to "17"

CONTRIBUTING.md
Before running any tests, first deploy the test application:

- Use Java 8 or higher
- Use Java 17
Copy link

Copilot AI Jan 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Java version requirement change from 'Java 8 or higher' to 'Java 17' is not mentioned in the PR description or title. This appears to be an unrelated change that should either be removed from this PR or documented in the description explaining why the Java version requirement is being updated.

Suggested change
- Use Java 17
- Use Java 8 or higher

Copilot uses AI. Check for mistakes.
@rjrudin
MLE-26598 Merging master to dev, bumping pytest
61bd288 
pytest 7 has a high vulnerability, though it's a test dependency. This bumps it to the latest version. Also bumping the Python version needed for development to 3.10 to support pytest 9.
@rjrudin rjrudin force-pushed the feature/pytest-bump branch from 2e00af9 to 61bd288 Compare January 23, 2026 16:00
@rjrudin rjrudin merged commit 923abaa into develop Jan 23, 2026
3 checks passed
@rjrudin rjrudin deleted the feature/pytest-bump branch January 23, 2026 16:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@BillFarber BillFarber BillFarber approved these changes

@stevebio stevebio Awaiting requested review from stevebio stevebio is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rjrudin @BillFarber