Skip to content

Bump the taskcluster-pip group in /taskcluster with 6 updates #10836

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the taskcluster-pip group in /taskcluster with 6 updates #10836

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 27, 2025
edited
Loading

Bumps the taskcluster-pip group in /taskcluster with 6 updates:

Package From To
mozilla-taskgraph 3.4.1 4.0.0
taskcluster-taskgraph 15.4.0 17.1.0
multidict 6.6.4 6.7.0
sentry-cli 2.50.2 2.57.0
taskcluster 88.1.1 91.1.0
yarl 1.20.1 1.22.0

Updates mozilla-taskgraph from 3.4.1 to 4.0.0

Release notes

Sourced from mozilla-taskgraph's releases.

4.0.0

What's Changed

New Contributors

Full Changelog: mozilla-releng/mozilla-taskgraph@3.4.2...4.0.0

3.4.2

What's Changed

Full Changelog: mozilla-releng/mozilla-taskgraph@3.4.1...3.4.2

Changelog

Sourced from mozilla-taskgraph's changelog.

4.0.0 (2025-10-17)

Fix

  • declare support for Taskgraph 17.x

  • added support for taskcluster-taskgraph v16.2.1 (#117)

  • drop support for Python 3.8

3.4.2 (2025-10-08)

Added

  • mark as compatible with taskcluster-taskgraph 16
Commits
  • 157405e chore: version bump 4.0.0
  • f70de04 style: fix lint issues caused by dropping 3.8 support
  • 3a64cb0 chore!: drop support for Python 3.8
  • d440790 fix: declare support for Taskgraph 17.x
  • fc337b2 fix: added support for taskcluster-taskgraph v16.2.1 (#117)
  • aacda3d chore: mark as compatible with taskcluster-taskgraph 16 (#116)
  • 177cccd chore: pre-commit autoupdate (#115)
  • dc4a831 chore: pre-commit autoupdate (#113)
  • See full diff in compare view

Updates taskcluster-taskgraph from 15.4.0 to 17.1.0

Release notes

Sourced from taskcluster-taskgraph's releases.

17.1.0

What's Changed

Full Changelog: taskcluster/taskgraph@17.0.0...17.1.0

17.0.0

What's Changed

Full Changelog: taskcluster/taskgraph@16.2.1...17.0.0

16.2.1

What's Changed

Full Changelog: taskcluster/taskgraph@16.2.0...16.2.1

16.2.0

What's Changed

... (truncated)

Changelog

Sourced from taskcluster-taskgraph's changelog.

[17.1.0] - 2025-10-22

Added

  • Support for "graph_config" verifications

Fixed

  • Added Python 3.8 support back to fetch-content script for Gecko workaround

[17.0.0] - 2025-10-17

Changed

  • BREAKING CHANGE: Dropped support for Python 3.8
  • BREAKING CHANGE: base_ref parameter no longer gets reset to default branch by Decision task
  • BREAKING CHANGE: base_rev parameter no longer gets reset to merge-base by Decision task
  • BREAKING CHANGE: run-task script no longer fetches or checks out base_ref parameter
  • BREAKING CHANGE: run-task script no longer fetches all heads if head_ref was not specified

Added

  • run-task now supports shallow Git clones
  • Improved support for shallow clones in repo.get_changed_files()

Perf

  • Improvements to graph traversal logic and caching

Fixed

  • Bug in retrigger-multiple action's schema definition
  • run-task no longer fetches head ref twice in some scenarios
  • run-task avoids fetching tags in some scenarios when not necessary
  • run-task properly normalizes head_ref before checking it out
  • Appropriate exception now being caught in various taskcluster call sites

[16.2.1] - 2025-10-14

Fixed

  • run-task script now cleans up zombie processes
  • Fixed regression to taskgraph.util.taskcluster.list_artifacts
  • Fixed regression to taskgraph.util.taskcluster.get_artifact

[16.2.0] - 2025-09-26

Added

  • perfherder-data-fetch-content.json artifact now available in production environment

... (truncated)

Commits
  • 8d41f7b chore: version bump 17.1.0
  • 9677ecd fix: revert style changes to fetch-content
  • 234e8e4 ci: move tests to new linux-docker pool (bug 1995275) (#830)
  • 06698c4 test: fix test_main under Python 3.14
  • 683b236 ci: run tests against Python 3.14
  • 86f9b54 ci: bump uv version to 0.9.3
  • 6c0e83a generator: add support for "graph_config" verifications (#802)
  • e8283fe chore: version bump 17.0.0
  • 420b66d fix: Updated Error Type to TaskclusterRestFailure to align with the switch to...
  • 3a80bed fix(vcs): better support for shallow clones in repo.get_changed_files()
  • Additional commits viewable in compare view

Updates multidict from 6.6.4 to 6.7.0

Release notes

Sourced from multidict's releases.

6.7.0

Contributor-facing changes

  • Updated tests and added CI for CPython 3.14 -- by :user:kumaraditya303.

    Related issues and pull requests on GitHub: #1235.

Changelog

Sourced from multidict's changelog.

6.7.0

(2025-10-05)

Contributor-facing changes

  • Updated tests and added CI for CPython 3.14 -- by :user:kumaraditya303.

    Related issues and pull requests on GitHub: :issue:1235.

Commits

Updates sentry-cli from 2.50.2 to 2.57.0

Release notes

Sourced from sentry-cli's releases.

2.57.0

New Features

  • (JS API) Add projects field to SentryCliUploadSourceMapsOptions (#2856)

Deprecations

  • Deprecated the upload-proguard subcommand's --app-id, --version, and --version-code flags (#2852), as we plan to remove these flags in Sentry CLI 3.x. Users should simply stop using the flags; the values specified there have never had an effect on deobfuscation, and are no longer visible in Sentry.
  • Added a deprecation notice for release bundle uploads, a legacy method for uploading source maps (#2844). Release bundle uploads will be removed in Sentry CLI 3.x in favor of artifact bundles, the newer source map upload method introduced in Sentry version 23.6.2. Self-hosted users: You must upgrade to Sentry 23.6.2 or later before upgrading to Sentry CLI 3.x.

Fixes

  • Fixed a bug where some log messages would not show up in CI environments or when redirecting stderr to a file (#2830). Specifically, this bug was affecting any subcommand that uses a progress bar, such as sentry-cli debug-files bundle-jvm and sentry-cli sourcemaps upload. Any stderr output during the progress bar was lost if stderr was redirected.

2.56.1

Deprecations

  • Added a deprecation notice for legacy uploading methods (#2836, #2837)
    • Support for these legacy uploading methods, required to upload to self-hosted Sentry servers below version 10.0.0, will be removed in the next major release (3.x). If you observe these new deprecation notices, we recommend upgrading your self-hosted Sentry server, or pinning Sentry CLI to a compatible version (2.x).
    • You may encounter these deprecation notices when uploading debug files or sourcemaps.

Fixes & improvements

  • Fixed a bug with sourcemap injection (#2764) by @​szokeasaurusrex
    • This change ensures we do not attempt to associate multiple compiled sources with the same sourcemap. As there should be at most one sourcemap for each compiled source, associating multiple compiled sources with the same sourcemap would lead to an invalid state.
  • Updated some outdated dependencies (#2816, #2818, and #2819)

2.56.0

Various fixes & improvements

2.55.0

Various fixes & improvements

... (truncated)

Changelog

Sourced from sentry-cli's changelog.

2.57.0

New Features

  • (JS API) Add projects field to SentryCliUploadSourceMapsOptions (#2856)

Deprecations

  • Deprecated the upload-proguard subcommand's --app-id, --version, and --version-code flags (#2852), as we plan to remove these flags in Sentry CLI 3.x. Users should simply stop using the flags; the values specified there have never had an effect on deobfuscation, and are no longer visible in Sentry.
  • Added a deprecation notice for release bundle uploads, a legacy method for uploading source maps (#2844). Release bundle uploads will be removed in Sentry CLI 3.x in favor of artifact bundles, the newer source map upload method introduced in Sentry version 23.6.2. Self-hosted users: You must upgrade to Sentry 23.6.2 or later before upgrading to Sentry CLI 3.x.

Fixes

  • Fixed a bug where some log messages would not show up in CI environments or when redirecting stderr to a file (#2830). Specifically, this bug was affecting any subcommand that uses a progress bar, such as sentry-cli debug-files bundle-jvm and sentry-cli sourcemaps upload. Any stderr output during the progress bar was lost if stderr was redirected.

2.56.1

Deprecations

  • Added a deprecation notice for legacy uploading methods (#2836, #2837)
    • Support for these legacy uploading methods, required to upload to self-hosted Sentry servers below version 10.0.0, will be removed in the next major release (3.x). If you observe these new deprecation notices, we recommend upgrading your self-hosted Sentry server, or pinning Sentry CLI to a compatible version (2.x).
    • You may encounter these deprecation notices when uploading debug files or sourcemaps.

Fixes & improvements

  • Fixed a bug with sourcemap injection (#2764) by @​szokeasaurusrex
    • This change ensures we do not attempt to associate multiple compiled sources with the same sourcemap. As there should be at most one sourcemap for each compiled source, associating multiple compiled sources with the same sourcemap would lead to an invalid state.
  • Updated some outdated dependencies (#2816, #2818, and #2819)

2.56.0

Various fixes & improvements

2.55.0

Various fixes & improvements

... (truncated)

Commits
  • d92820d release: 2.57.0
  • cf19858 meta(changelog): Polish changelog for release (#2861)
  • ee76d61 build(deps): bump github/codeql-action from 4.30.8 to 4.30.9 (#2857)
  • 34cf21d fix: Don't use hidden progress bar (#2830)
  • 21febea fix(js): Add projects field to SentryCliUploadSourceMapsOptions (#2856)
  • 62d4d68 build(deps): bump actions/setup-node from 5.0.0 to 6.0.0 (#2858)
  • a47babb chore(preprod): Save images as original file format to ParsedAssets (#2859)
  • b6d72df chore(proguard): Deprecate release association flags (#2852)
  • 8ad27a9 chore(sourcemaps): Deprecate release bundle uploads (#2844)
  • b867302 ref: Introduce non-empty types for UploadContext (#2846)
  • Additional commits viewable in compare view

Updates taskcluster from 88.1.1 to 91.1.0

Release notes

Sourced from taskcluster's releases.

v91.1.0

WORKER-DEPLOYERS

▶ [minor] #7979 Azure worker pools can now provision via ARM templates in launch configs, reducing provisioning latency and letting Azure cascade resource creation/cleanup automatically.

▶ [patch] #7979 Azure ARM template deployments allow keeping history for debug purposes by using workerManager.keepDeployment: true

▶ [patch] #8023 Generic Worker: limits concurrent artifact uploads to 100 at a time.

USERS

▶ [patch] #8031 GitHub service handles missing users (404 from getByUsername) when processing webhooks.

▶ [patch] bug 1990567 Python client exceptions are now picklable.

v91.0.4

DEVELOPERS

▶ [patch] Client (python): fixes release of client. v91.0.3 did not work in fixing.

v91.0.3

DEVELOPERS

▶ [patch] Client (python): fixes release of client.

v91.0.2

WORKER-DEPLOYERS

▶ [patch] #8025 Generic Worker (macOS): updates the socket-based communication between the LaunchAgent and LaunchDaemon to handle any size of payload.

DEVELOPERS

▶ [patch] #8020 Client (python): declares what python versions are supported. Moves to modern standards with pyproject.toml and uv usage.

v91.0.1

GENERAL

▶ [patch] Switches CI tasks to use uv tool and to the latest stable Debian release (trixie).

... (truncated)

Changelog

Sourced from taskcluster's changelog.

v91.1.0

WORKER-DEPLOYERS

▶ [minor] #7979 Azure worker pools can now provision via ARM templates in launch configs, reducing provisioning latency and letting Azure cascade resource creation/cleanup automatically.

▶ [patch] #7979 Azure ARM template deployments allow keeping history for debug purposes by using workerManager.keepDeployment: true

▶ [patch] #8023 Generic Worker: limits concurrent artifact uploads to 100 at a time.

USERS

▶ [patch] #8031 GitHub service handles missing users (404 from getByUsername) when processing webhooks.

▶ [patch] bug 1990567 Python client exceptions are now picklable.

v91.0.4

DEVELOPERS

▶ [patch] Client (python): fixes release of client. v91.0.3 did not work in fixing.

v91.0.3

DEVELOPERS

▶ [patch] Client (python): fixes release of client.

v91.0.2

WORKER-DEPLOYERS

▶ [patch] #8025 Generic Worker (macOS): updates the socket-based communication between the LaunchAgent and LaunchDaemon to handle any size of payload.

DEVELOPERS

▶ [patch] #8020 Client (python): declares what python versions are supported. Moves to modern standards with pyproject.toml and uv usage.

v91.0.1

... (truncated)

Commits
  • b8f3433 v91.1.0
  • dcec98f Merge pull request #8036 from taskcluster/feat/8031-github-copilot
  • 5e6c728 feat(github): Handle case when user is missing in webhook
  • 38da049 Merge pull request #8032 from taskcluster/matt-boris/limitGenericWorkersConcu...
  • 743b56f Merge pull request #8033 from taskcluster/feat/arm-templates-fixes
  • 3cf7a9a feat(w-m): Properly pass tags to arm template deployment
  • b03da67 fix(generic-worker): limit concurrent artifact uploads to 100
  • cdf92b8 Merge pull request #8029 from ahal/ahal/push-pyoqqvtynprr
  • fa6af4f fix(client-py): make Python client exception pickleable
  • f7ba6cc Azure ARM template deployments (#7977)
  • Additional commits viewable in compare view

Updates yarl from 1.20.1 to 1.22.0

Release notes

Sourced from yarl's releases.

1.22.0

Features

  • Added arm64 Windows wheel builds -- by :user:finnagin.

    Related issues and pull requests on GitHub: #1516.

Changelog

Sourced from yarl's changelog.

1.22.0

(2025-10-05)

Features

  • Added arm64 Windows wheel builds -- by :user:finnagin.

    Related issues and pull requests on GitHub: :issue:1516.

1.21.0

(2025-10-05)

Contributor-facing changes

  • The :file:reusable-cibuildwheel.yml workflow has been refactored to be more generic and :file:ci-cd.yml now holds all the configuration toggles -- by :user:webknjaz.

    Related issues and pull requests on GitHub: :issue:1535.

  • When building wheels, the source distribution is now passed directly to the cibuildwheel invocation -- by :user:webknjaz.

    Related issues and pull requests on GitHub: :issue:1536.

  • Added CI for Python 3.14 -- by :user:kumaraditya303.

    Related issues and pull requests on GitHub: :issue:1560.

Commits

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
taskcluster [>= 57.1.a, < 57.2]
taskcluster-taskgraph [>= 8.a, < 9]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Oct 27, 2025
@dependabot dependabot bot requested a review from a team as a code owner October 27, 2025 05:23
@dependabot dependabot bot requested review from hneiva and removed request for a team October 27, 2025 05:23
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Oct 27, 2025
@dependabot
Bump the taskcluster-pip group in /taskcluster with 6 updates
3fc7e3d 
Bumps the taskcluster-pip group in /taskcluster with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [mozilla-taskgraph](https://github.com/mozilla-releng/mozilla-taskgraph) | `3.4.1` | `4.0.0` |
| [taskcluster-taskgraph](https://github.com/taskcluster/taskgraph) | `15.4.0` | `17.1.0` |
| [multidict](https://github.com/aio-libs/multidict) | `6.6.4` | `6.7.0` |
| [sentry-cli](https://github.com/getsentry/sentry-cli) | `2.50.2` | `2.57.0` |
| [taskcluster](https://github.com/taskcluster/taskcluster) | `88.1.1` | `91.1.0` |
| [yarl](https://github.com/aio-libs/yarl) | `1.20.1` | `1.22.0` |


Updates `mozilla-taskgraph` from 3.4.1 to 4.0.0
- [Release notes](https://github.com/mozilla-releng/mozilla-taskgraph/releases)
- [Changelog](https://github.com/mozilla-releng/mozilla-taskgraph/blob/main/CHANGELOG.md)
- [Commits](mozilla-releng/mozilla-taskgraph@3.4.1...4.0.0)

Updates `taskcluster-taskgraph` from 15.4.0 to 17.1.0
- [Release notes](https://github.com/taskcluster/taskgraph/releases)
- [Changelog](https://github.com/taskcluster/taskgraph/blob/main/CHANGELOG.md)
- [Commits](taskcluster/taskgraph@15.4.0...17.1.0)

Updates `multidict` from 6.6.4 to 6.7.0
- [Release notes](https://github.com/aio-libs/multidict/releases)
- [Changelog](https://github.com/aio-libs/multidict/blob/master/CHANGES.rst)
- [Commits](aio-libs/multidict@v6.6.4...v6.7.0)

Updates `sentry-cli` from 2.50.2 to 2.57.0
- [Release notes](https://github.com/getsentry/sentry-cli/releases)
- [Changelog](https://github.com/getsentry/sentry-cli/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-cli@2.50.2...2.57.0)

Updates `taskcluster` from 88.1.1 to 91.1.0
- [Release notes](https://github.com/taskcluster/taskcluster/releases)
- [Changelog](https://github.com/taskcluster/taskcluster/blob/main/CHANGELOG.md)
- [Commits](taskcluster/taskcluster@v88.1.1...v91.1.0)

Updates `yarl` from 1.20.1 to 1.22.0
- [Release notes](https://github.com/aio-libs/yarl/releases)
- [Changelog](https://github.com/aio-libs/yarl/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/yarl/commits/v1.22.0)

---
updated-dependencies:
- dependency-name: mozilla-taskgraph
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: taskcluster-pip
- dependency-name: taskcluster-taskgraph
  dependency-version: 17.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: taskcluster-pip
- dependency-name: multidict
  dependency-version: 6.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: taskcluster-pip
- dependency-name: sentry-cli
  dependency-version: 2.57.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: taskcluster-pip
- dependency-name: taskcluster
  dependency-version: 91.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: taskcluster-pip
- dependency-name: yarl
  dependency-version: 1.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: taskcluster-pip
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/taskcluster/taskcluster-pip-3fd167942c branch from 1d33fcb to 3fc7e3d Compare November 3, 2025 05:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hneiva hneiva Awaiting requested review from hneiva hneiva is a code owner automatically assigned from mozilla-mobile/releng

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant