Skip to content

chore(deps): lock file maintenance#1703

Open
renovate[bot] wants to merge 2 commits into
mainfrom
renovate/lock-file-maintenance
Open

chore(deps): lock file maintenance#1703
renovate[bot] wants to merge 2 commits into
mainfrom
renovate/lock-file-maintenance

Conversation

@renovate

@renovate renovate Bot commented Jun 21, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Update Change
lockFileMaintenance All locks refreshed

🔧 This Pull Request updates lock files to use the latest dependency versions.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • "before 6am on Sunday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@github-actions

github-actions Bot commented Jun 21, 2026

Copy link
Copy Markdown
Contributor

Workflow run and artifacts

Performance Benchmarks

Compared 13 shared benchmarks with a regression threshold of 15%.
Status: 0 regressions, 0 improved, 13 stable, 0 new, 0 missing.
Aggregate shared-benchmark median: 4.395s -> 4.426s (+0.7%).

Workload Benchmark Target Size Files Baseline Current Change Status
nested-payload-review tests/benchmarks/test_picklescan_benchmarks.py::test_picklescan_nested_payload_review[nested_raw] nested_raw 78 B 1 274.1us 283.9us +3.6% stable
padded-multi-stream-upload tests/benchmarks/test_picklescan_benchmarks.py::test_picklescan_padded_multi_stream_upload multi_stream_padded 4.1 KiB 1 345.2us 338.2us -2.0% stable
mixed-model-repository tests/benchmarks/test_scan_benchmarks.py::test_scan_release_candidate_repository release-candidate 547.3 KiB 32 634.44ms 642.74ms +1.3% stable
chunked-upload-stream tests/benchmarks/test_picklescan_benchmarks.py::test_picklescan_chunked_upload_stream chunked_stream 278.2 KiB 1 113.46ms 114.94ms +1.3% stable
direct-malicious-upload tests/benchmarks/test_picklescan_benchmarks.py::test_picklescan_direct_malicious_upload malicious_reduce 52 B 1 220.9us 223.5us +1.2% stable
suspicious-pickle-intake tests/benchmarks/test_scan_benchmarks.py::test_scan_suspicious_pickle_intake suspicious-intake 183.8 KiB 4 151.28ms 152.81ms +1.0% stable
rejected-basic-auth-candidates tests/benchmarks/test_scan_benchmarks.py::test_rejected_basic_auth_candidates_scan_linearly - 371.1 KiB 1 2.537s 2.562s +1.0% stable
nested-payload-review tests/benchmarks/test_picklescan_benchmarks.py::test_picklescan_nested_payload_review[nested_base64] nested_base64 98 B 1 300.1us 302.9us +0.9% stable
clean-training-checkpoint tests/benchmarks/test_picklescan_benchmarks.py::test_picklescan_clean_training_checkpoint safe_large 278.2 KiB 1 110.94ms 111.94ms +0.9% stable
duplicate-heavy-registry tests/benchmarks/test_scan_benchmarks.py::test_scan_duplicate_registry_snapshot registry-snapshot 915.2 KiB 13 584.50ms 579.27ms -0.9% stable
warm-cache-rescan tests/benchmarks/test_scan_benchmarks.py::test_scan_warm_cached_repository_rescan release-candidate 547.3 KiB 32 156.89ms 155.69ms -0.8% stable
nested-payload-review tests/benchmarks/test_picklescan_benchmarks.py::test_picklescan_nested_payload_review[nested_hex] nested_hex 130 B 1 309.6us 307.4us -0.7% stable
single-checkpoint-preflight tests/benchmarks/test_scan_benchmarks.py::test_scan_single_checkpoint_before_load single_checkpoint.pkl 183.0 KiB 1 104.83ms 105.17ms +0.3% stable

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 597c6ae2d0

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread uv.lock Outdated
]

[[package]]
name = "opentelemetry-proto"
version = "1.41.0"
version = "1.11.1"

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Keep OpenTelemetry proto compatible with protobuf 7

When installing the all-ci/mlflow extra, this lock now pairs opentelemetry-proto==1.11.1 with protobuf==7.35.1 (uv.lock:3716). That older OpenTelemetry proto package contains generated _pb2 code that fails under protobuf 7 when MLflow tracing imports OTLP protos, so users scanning models:/... MLflow URIs can hit import-time descriptor/runtime errors instead of getting a scan. Please keep opentelemetry-proto on a protobuf-7-compatible release or cap protobuf below 7 until the stack supports it.

Useful? React with 👍 / 👎.

@renovate renovate Bot force-pushed the renovate/lock-file-maintenance branch from 597c6ae to 2eb35a0 Compare June 25, 2026 21:10
@renovate

renovate Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor Author

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant