#3011 chore(deps): bump nox from 2025.2.9 to 2025.5.1 in /.github/workflows/resources in the ci group Pull request opened by dependabot[bot] Bumps the ci group in /.github/workflows/resources with 1 update: nox. Updates

nox

from 2025.2.9 to 2025.5.1 Release notes Sourced from nox's releases.

## 2025.05.01 🌸

This is a bugfix release that primarily adds support for uv 0.7+. A few other small fixes were made.

We'd like to thank the following folks who contributed to this release:

• `@​chirizxc`

• `@​gschaffner`

• `@​henryiii`

• `@​living180`

• `@​Spectre5` (first contribution)

Bugfixes:

•

uv version

is now

uv self version

, respect

UV

by `@​henryiii` and `@​Spectre5` in wntrblm/nox#955

• Add

UV_PYTHON

to disallowed vars by `@​henryiii` in wntrblm/nox#959

• Never ignore URL dependencies in PEP 723 noxfiles by `@​gschaffner` in wntrblm/nox#935

• Support forcing Python on parametrized session by `@​henryiii` in wntrblm/nox#958

• Fix

conda_install

issue with newer conda (only Unix) by `@​henryiii` in wntrblm/nox#957

• Show skip reason by default by `@​chirizxc` in wntrblm/nox#941

• Support

Path

for envdir by `@​henryiii` in wntrblm/nox#932

• Use Python 3.12 for action, allow 3.13, drop 3.8 from auto versions by `@​henryiii` in wntrblm/nox#946

Documentation:

• Fix a typo in the changelog by `@​gschaffner` in wntrblm/nox#936

• Update uv recipe by `@​henryiii` in wntrblm/nox#933

• Fix parametrized session tagging example by `@​living180` in wntrblm/nox#942

• uv now supports

pip install .

reinstallation by `@​henryiii` in wntrblm/nox#947

Internal changes:

• Use PEP 639 license info by `@​henryiii` in wntrblm/nox#956

• Make test skips a bit smarter by `@​henryiii` in wntrblm/nox#929

• Add our own requirements to conda too by `@​henryiii` in wntrblm/nox#945

Changelog Sourced from nox's changelog.

# Changelog

## 2025.05.01

This is a bugfix release that primarily adds support for uv 0.7+. A few other small fixes were made.

We'd like to thank the following folks who contributed to this release:

• `@​chirizxc`

• `@​gschaffner`

• `@​henryiii`

• `@​living180`

• `@​Spectre5` (first contribution)

Bugfixes:

•

uv version

is now

uv self version

, respect

UV

by `@​henryiii` and `@​Spectre5` in wntrblm/nox#955

• Add

UV_PYTHON

to disallowed vars by `@​henryiii` in wntrblm/nox#959

• Never ignore URL dependencies in PEP 723 noxfiles by `@​gschaffner` in wntrblm/nox#935

• Support forcing Python on parametrized session by `@​henryiii` in wntrblm/nox#958

• Fix

conda_install

issue with newer conda (only Unix) by `@​henryiii` in wntrblm/nox#957

• Show skip reason by default by `@​chirizxc` in wntrblm/nox#941

• Support

Path

for envdir by `@​henryiii` in wntrblm/nox#932

• Use Python 3.12 for action, allow 3.13, drop 3.8 from auto versions by `@​henryiii` in wntrblm/nox#946

Documentation:

• Fix a typo in the changelog by `@​gschaffner` in wntrblm/nox#936

• Update uv recipe by `@​henryiii` in wntrblm/nox#933

• Fix parametrized session tagging example by `@​living180` in wntrblm/nox#942

• uv now supports

pip install .

reinstallation by `@​henryiii` in wntrblm/nox#947

Internal changes:

• Use PEP 639 license info by `@​henryiii` in wntrblm/nox#956

• Make test skips a bit smarter by `@​henryiii` in wntrblm/nox#929

• Add our own requirements to conda too by `@​henryiii` in wntrblm/nox#945

## 2025.02.09

This release improves PEP 723 support, including adding dependencies to the noxfile itself ("plugins"). It adds the long-awaited "requires" option, allowing sessions to require other sessions. And it brings further improvements to the

pyproject.toml

support, including helpers for dependency-groups and Python version lists.

We'd like to thank the following folks who contributed to this release:

• `@​btemplep` (first contribution)

• `@​chirizxc` (first contribution)

• `@​davidhewitt` (first contribution)

• `@​gschaffner` (first contribution)

... (truncated) Commits • `2254a1e` chore: bump version to 2025.05.01 (#960) • `e0b5e33` fix: conda_install issue with newer conda (#957) • `a58fe60` fix: support forcing Python on parametrized session (#958) • `aa475d6` fix: add … meltano/sdk

#9243 chore(deps): bump the runtime-dependencies group with 4 updates Pull request opened by dependabot[bot] Bumps the runtime-dependencies group with 4 updates: pip, uv, azure-core and boto3. Updates

pip

from 25.1 to 25.1.1 Changelog Sourced from pip's changelog.

# 25.1.1 (2025-05-02)

## Bug Fixes

• Fix

req.source_dir

AssertionError when using the legacy resolver. (`[#13353](https://github.com/pypa/pip/issues/13353) https://github.com/pypa/pip/issues/13353`_)

• Fix crash on Python 3.9.6 and lower when pip failed to compile a Python module during installation. (`[#13364](https://github.com/pypa/pip/issues/13364) https://github.com/pypa/pip/issues/13364`_)

• Names in dependency group includes are now normalized before lookup, which fixes incorrect

Dependency group '...' not found

errors. (`[#13372](https://github.com/pypa/pip/issues/13372) https://github.com/pypa/pip/issues/13372`_)

## Vendored Libraries

• Fix issues with using tomllib from the stdlib if available, rather than tomli

• Upgrade dependency-groups to 1.3.1

Commits • `01857ef` Bump for release • `08d8bb9` Merge pull request #13374 from pfmoore/fixups • `2bff84e` Merge pull request #13363 from sbidoul/fix-source_dir-assert • `644e71d` News file fixups • `426856f` Merge pull request #13364 from ichard26/bugfix/python39 • `b7e3aea` Merge pull request #13356 from eli-schwartz/tomllib • `8c678fe` Merge pull request #13373 from sirosen/update-vendored-dependency-groups • `7d00639` Update newsfiles for dependency-groups patch • `6d28bbf` Update version of

dependency-groups

to v1.3.1 • `94bd66d` Revert StreamWrapper removal to restore Python 3.9.{0,6} compat • Additional commits viewable in compare view Updates

uv

from 0.7.0 to 0.7.2 Release notes Sourced from uv's releases.

## 0.7.2

## Release Notes

### Enhancements

• Improve trace log for retryable errors (#13228)

• Use "error" instead of "warning" for self-update message (#13229)

• Error when

uv version

is used with project-specific flags but no project is found (#13203)

### Bug fixes

• Fix incorrect virtual environment invalidation for pre-release Python versions (#13234)

• Fix patching of

clang

in managed Python sysconfig (#13237)

• Respect

--project

in

uv version

(#13230)

## Install uv 0.7.2

### Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.7.2/uv-installer.sh | sh

### Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.7.2/uv-installer.ps1 | iex"

## Download uv 0.7.2

| File | Platform | Checksum |

| -------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | ------------------------------------------------------------------------------------------------------------------- |

| [uv-aarch64-apple-darwin.tar.gz](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-aarch64-apple-darwin.tar.gz) | Apple Silicon macOS | [checksum](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-aarch64-apple-darwin.tar.gz.sha256) |

| [uv-x86_64-apple-darwin.tar.gz](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-x86%5F64-apple-darwin.tar.gz) | Intel macOS | [checksum](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-x86%5F64-apple-darwin.tar.gz.sha256) |

| [uv-aarch64-pc-windows-msvc.zip](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-aarch64-pc-windows-msvc.zip) | ARM64 Windows | [checksum](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-aarch64-pc-windows-msvc.zip.sha256) |

| [uv-i686-pc-windows-msvc.zip](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-i686-pc-windows-msvc.zip) | x86 Windows | [checksum](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-i686-pc-windows-msvc.zip.sha256) |

| [uv-x86_64-pc-windows-msvc.zip](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-x86%5F64-pc-windows-msvc.zip) | x64 Windows | [checksum](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-x86%5F64-pc-windows-msvc.zip.sha256) |

| [uv-aarch64-unknown-linux-gnu.tar.gz](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-aarch64-unknown-linux-gnu.tar.gz) | ARM64 Linux | [checksum](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-aarch64-unknown-linux-gnu.tar.gz.sha256) |

| [uv-i686-unknown-linux-gnu.tar.gz](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-i686-unknown-linux-gnu.tar.gz) | x86 Linux | [checksum](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-i686-unknown-linux-gnu.tar.gz.sha256) |

| [uv-powerpc64-unknown-linux-gnu.tar.gz](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-powerpc64-unknown-linux-gnu.tar.gz) | PPC64 Linux | [checksum](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-powerpc64-unknown-linux-gnu.tar.gz.sha256) |

| [uv-powerpc64le-unknown-linux-gnu.tar.gz](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-powerpc64le-unknown-linux-gnu.tar.gz) | PPC64LE Linux | [checksum](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-powerpc64le-unknown-linux-gnu.tar.gz.sha256) |

| [uv-s390x-unknown-linux-gnu.tar.gz](https://github.com/astral-sh/uv/releases/download/0.7.2/uv-s390x-unknown-linux-gnu.tar.gz) | S390x Linux | [checksum](<https://github.com/astral-sh/uv/releases/download/0.7.2/uv-s390x-unknow…

meltano/meltano

#9244 chore(deps-dev): bump eslint from 9.25.1 to 9.26.0 in /docs in the development-dependencies group Pull request opened by dependabot[bot] Bumps the development-dependencies group in /docs with 1 update: eslint. Updates

eslint

from 9.25.1 to 9.26.0 Release notes Sourced from eslint's releases.

## v9.26.0

## Features

• `e9754e7` feat: add reportGlobalThis to no-shadow-restricted-names (#19670) (sethamus)

• `0fa2b7a` feat: add suggestions for

eqeqeq

rule (#19640) (Nitin Kumar)

• `dcbdcc9` feat: Add MCP server (#19592) (Nicholas C. Zakas)

• `2dfd83e` feat: add

ignoreDirectives

option in

no-unused-expressions

(#19645) (sethamus)

## Bug Fixes

• `96e84de` fix: check cache file existence before deletion (#19648) (sethamus)

• `d683aeb` fix: don't crash on tests with circular references in

RuleTester

(#19664) (Milos Djermanovic)

• `9736d5d` fix: add

namespace

to

Plugin.meta

type (#19661) (Milos Djermanovic)

• `17bae69` fix: update

RuleTester.run()

type (#19634) (Nitin Kumar)

## Documentation

• `dd98d63` docs: Update README (GitHub Actions Bot)

• `c25e858` docs: Update README (GitHub Actions Bot)

• `b2397e9` docs: Update README (GitHub Actions Bot)

• `addd0a6` docs: fix formatting of unordered lists in Markdown (#19660) (Milos Djermanovic)

• `a21b38d` docs: Update README (GitHub Actions Bot)

• `c0721a7` docs: fix double space in command (#19657) (CamWass)

## Chores

• `5b247c8` chore: upgrade to

@eslint/js@9.26.0

(#19681) (Francesco Trotta)

• `d6fa4ac` chore: package.json update for

@​eslint/js

release (Jenkins)

• `0958690` chore: disambiguate internal types

LanguageOptions

and

Rule

(#19669) (Francesco Trotta)

• `f1c858e` chore: fix internal type references to

Plugin

and

Rule

(#19665) (Francesco Trotta)

• `40dd299` refactor: One-shot ESQuery selector analysis (#19652) (Nicholas C. Zakas)

• `1cfd702` chore: update dependency

@​eslint/json

to ^0.12.0 (#19656) (renovate[bot])

Changelog Sourced from eslint's changelog.

v9.26.0 - May 2, 2025

• `5b247c8` chore: upgrade to

@eslint/js@9.26.0

(#19681) (Francesco Trotta)

• `d6fa4ac` chore: package.json update for

@​eslint/js

release (Jenkins)

• `e9754e7` feat: add reportGlobalThis to no-shadow-restricted-names (#19670) (sethamus)

• `0fa2b7a` feat: add suggestions for

eqeqeq

rule (#19640) (Nitin Kumar)

• `dd98d63` docs: Update README (GitHub Actions Bot)

• `96e84de` fix: check cache file existence before deletion (#19648) (sethamus)

• `c25e858` docs: Update README (GitHub Actions Bot)

• `0958690` chore: disambiguate internal types

LanguageOptions

and

Rule

(#19669) (Francesco Trotta)

• `dcbdcc9` feat: Add MCP server (#19592) (Nicholas C. Zakas)

• `b2397e9` docs: Update README (GitHub Actions Bot)

• `d683aeb` fix: don't crash on tests with circular references in

RuleTester

(#19664) (Milos Djermanovic)

• `f1c858e` chore: fix internal type references to

Plugin

and

Rule

(#19665) (Francesco Trotta)

• `9736d5d` fix: add

namespace

to

Plugin.meta

type (#19661) (Milos Djermanovic)

• `40dd299` refactor: One-shot ESQuery selector analysis (#19652) (Nicholas C. Zakas)

• `addd0a6` docs: fix formatting of unordered lists in Markdown (#19660) (Milos Djermanovic)

• `a21b38d` docs: Update README (GitHub Actions Bot)

• <https://gith…

meltano/meltano

#9245 ci: bump the actions group with 2 updates Pull request opened by dependabot[bot] Bumps the actions group with 2 updates: astral-sh/setup-uv and github/codeql-action. Updates

astral-sh/setup-uv

from 6.0.0 to 6.0.1 Release notes Sourced from astral-sh/setup-uv's releases.

## v6.0.1 🌈 Fix default cache dependency glob

## Changes

The new default in v6 used illegal patterns and therefore didn't match requirements files. This is now fixed.

## 🐛 Bug fixes

• Fix default cache dependency glob `@​eifinger` (#388)

## 🧰 Maintenance

• chore: update known checksums for 0.6.17 @github-actions[bot] (#384)

## ⬆️ Dependency updates

• Bump dependencies `@​eifinger` (#389)

Commits • `6b9c606` Bump dependencies (#389) • `ef6bcdf` Fix default cache dependency glob (#388) • `9a31171` chore: update known checksums for 0.6.17 (#384) • See full diff in compare view Updates

github/codeql-action

from 3.28.16 to 3.28.17 Release notes Sourced from github/codeql-action's releases.

## v3.28.17

# CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

## 3.28.17 - 02 May 2025

• Update default CodeQL bundle version to 2.21.2. #2872

See the full CHANGELOG.md for more information.

Changelog Sourced from github/codeql-action's changelog.

# CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

## [UNRELEASED]

No user facing changes.

## 3.28.17 - 02 May 2025

• Update default CodeQL bundle version to 2.21.2. #2872

## 3.28.16 - 23 Apr 2025

• Update default CodeQL bundle version to 2.21.1. #2863

## 3.28.15 - 07 Apr 2025

• Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

## 3.28.14 - 07 Apr 2025

• Update default CodeQL bundle version to 2.21.0. #2838

## 3.28.13 - 24 Mar 2025

No user facing changes.

## 3.28.12 - 19 Mar 2025

• Dependency caching should now cache more dependencies for Java

build-mode: none

extractions. This should speed up workflows and avoid inconsistent alerts in some cases.

• Update default CodeQL bundle version to 2.20.7. #2810

## 3.28.11 - 07 Mar 2025

• Update default CodeQL bundle version to 2.20.6. #2793

## 3.28.10 - 21 Feb 2025

• Update default CodeQL bundle version to 2.20.5. #2772

• Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

## 3.28.9 - 07 Feb 2025

• Update default CodeQL bundle version to 2.20.4. #2753

## 3.28.8 - 29 Jan 2025

• Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

... (truncated) Commits • `60168ef` Merge pull request #2886 from github/update-v3.28.17-97a2bfd2a • `0d5a311` Update changelog for v3.28.17 • `97a2bfd` Merge pull request #2872 from github/update-bundle/codeql-bundle-v2.21.2 • `9aba20e` Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2 • `81a9508` Merge pull request #2876 from github/henrymercer/fix-diff-informed-multiple-a... • `1569f4c` Disable diff-informed queries in code scanning config tests • `62fbeb6` Merge branch 'main' into henrymercer/fix-diff-informed-multiple-analyze • `f122d1d` Address test failures from computing temporary directory too early • `083772a` Do not fail diff informed analyses when

analyze

is run twice in the same job • `5db14d0` Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2 • Additional commits viewable in compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting

@dependabot rebase

. --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot show <dependency name> ignore conditions

will show all of the ignore conditions of the specified dependency •

@dependabot ignore <dependency name> major version

wi… meltano/meltano

#9246 ci: bump nox from 2025.2.9 to 2025.5.1 in /.github/workflows in the default group Pull request opened by dependabot[bot] Bumps the default group in /.github/workflows with 1 update: nox. Updates

nox

from 2025.2.9 to 2025.5.1 Release notes Sourced from nox's releases.

## 2025.05.01 🌸

This is a bugfix release that primarily adds support for uv 0.7+. A few other small fixes were made.

We'd like to thank the following folks who contributed to this release:

• `@​chirizxc`

• `@​gschaffner`

• `@​henryiii`

• `@​living180`

• `@​Spectre5` (first contribution)

Bugfixes:

•

uv version

is now

uv self version

, respect

UV

by `@​henryiii` and `@​Spectre5` in wntrblm/nox#955

• Add

UV_PYTHON

to disallowed vars by `@​henryiii` in wntrblm/nox#959

• Never ignore URL dependencies in PEP 723 noxfiles by `@​gschaffner` in wntrblm/nox#935

• Support forcing Python on parametrized session by `@​henryiii` in wntrblm/nox#958

• Fix

conda_install

issue with newer conda (only Unix) by `@​henryiii` in wntrblm/nox#957

• Show skip reason by default by `@​chirizxc` in wntrblm/nox#941

• Support

Path

for envdir by `@​henryiii` in wntrblm/nox#932

• Use Python 3.12 for action, allow 3.13, drop 3.8 from auto versions by `@​henryiii` in wntrblm/nox#946

Documentation:

• Fix a typo in the changelog by `@​gschaffner` in wntrblm/nox#936

• Update uv recipe by `@​henryiii` in wntrblm/nox#933

• Fix parametrized session tagging example by `@​living180` in wntrblm/nox#942

• uv now supports

pip install .

reinstallation by `@​henryiii` in wntrblm/nox#947

Internal changes:

• Use PEP 639 license info by `@​henryiii` in wntrblm/nox#956

• Make test skips a bit smarter by `@​henryiii` in wntrblm/nox#929

• Add our own requirements to conda too by `@​henryiii` in wntrblm/nox#945

Changelog Sourced from nox's changelog.

# Changelog

## 2025.05.01

This is a bugfix release that primarily adds support for uv 0.7+. A few other small fixes were made.

We'd like to thank the following folks who contributed to this release:

• `@​chirizxc`

• `@​gschaffner`

• `@​henryiii`

• `@​living180`

• `@​Spectre5` (first contribution)

Bugfixes:

•

uv version

is now

uv self version

, respect

UV

by `@​henryiii` and `@​Spectre5` in wntrblm/nox#955

• Add

UV_PYTHON

to disallowed vars by `@​henryiii` in wntrblm/nox#959

• Never ignore URL dependencies in PEP 723 noxfiles by `@​gschaffner` in wntrblm/nox#935

• Support forcing Python on parametrized session by `@​henryiii` in wntrblm/nox#958

• Fix

conda_install

issue with newer conda (only Unix) by `@​henryiii` in wntrblm/nox#957

• Show skip reason by default by `@​chirizxc` in wntrblm/nox#941

• Support

Path

for envdir by `@​henryiii` in wntrblm/nox#932

• Use Python 3.12 for action, allow 3.13, drop 3.8 from auto versions by `@​henryiii` in wntrblm/nox#946

Documentation:

• Fix a typo in the changelog by `@​gschaffner` in wntrblm/nox#936

• Update uv recipe by `@​henryiii` in wntrblm/nox#933

• Fix parametrized session tagging example by `@​living180` in wntrblm/nox#942

• uv now supports

pip install .

reinstallation by `@​henryiii` in wntrblm/nox#947

Internal changes:

• Use PEP 639 license info by `@​henryiii` in wntrblm/nox#956

• Make test skips a bit smarter by `@​henryiii` in wntrblm/nox#929

• Add our own requirements to conda too by `@​henryiii` in wntrblm/nox#945

## 2025.02.09

This release improves PEP 723 support, including adding dependencies to the noxfile itself ("plugins"). It adds the long-awaited "requires" option, allowing sessions to require other sessions. And it brings further improvements to the

pyproject.toml

support, including helpers for dependency-groups and Python version lists.

We'd like to thank the following folks who contributed to this release:

• `@​btemplep` (first contribution)

• `@​chirizxc` (first contribution)

• `@​davidhewitt` (first contribution)

• `@​gschaffner` (first contribution)

... (truncated) Commits • `2254a1e` chore: bump version to 2025.05.01 (#960) • `e0b5e33` fix: conda_install issue with newer conda (#957) • `a58fe60` fix: support forcing Python on parametrized session (#958) • `aa475d6` fix: add UV_PY… meltano/meltano

#3012 chore(deps): bump the actions group with 3 updates Pull request opened by dependabot[bot] Bumps the actions group with 3 updates: astral-sh/setup-uv, github/codeql-action and actions/attest-build-provenance. Updates

astral-sh/setup-uv

from 6.0.0 to 6.0.1 Release notes Sourced from astral-sh/setup-uv's releases.

## v6.0.1 🌈 Fix default cache dependency glob

## Changes

The new default in v6 used illegal patterns and therefore didn't match requirements files. This is now fixed.

## 🐛 Bug fixes

• Fix default cache dependency glob `@​eifinger` (#388)

## 🧰 Maintenance

• chore: update known checksums for 0.6.17 @github-actions[bot] (#384)

## ⬆️ Dependency updates

• Bump dependencies `@​eifinger` (#389)

Commits • `6b9c606` Bump dependencies (#389) • `ef6bcdf` Fix default cache dependency glob (#388) • `9a31171` chore: update known checksums for 0.6.17 (#384) • See full diff in compare view Updates

github/codeql-action

from 3.28.16 to 3.28.17 Release notes Sourced from github/codeql-action's releases.

## v3.28.17

# CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

## 3.28.17 - 02 May 2025

• Update default CodeQL bundle version to 2.21.2. #2872

See the full CHANGELOG.md for more information.

Changelog Sourced from github/codeql-action's changelog.

# CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

## [UNRELEASED]

No user facing changes.

## 3.28.17 - 02 May 2025

• Update default CodeQL bundle version to 2.21.2. #2872

## 3.28.16 - 23 Apr 2025

• Update default CodeQL bundle version to 2.21.1. #2863

## 3.28.15 - 07 Apr 2025

• Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

## 3.28.14 - 07 Apr 2025

• Update default CodeQL bundle version to 2.21.0. #2838

## 3.28.13 - 24 Mar 2025

No user facing changes.

## 3.28.12 - 19 Mar 2025

• Dependency caching should now cache more dependencies for Java

build-mode: none

extractions. This should speed up workflows and avoid inconsistent alerts in some cases.

• Update default CodeQL bundle version to 2.20.7. #2810

## 3.28.11 - 07 Mar 2025

• Update default CodeQL bundle version to 2.20.6. #2793

## 3.28.10 - 21 Feb 2025

• Update default CodeQL bundle version to 2.20.5. #2772

• Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

## 3.28.9 - 07 Feb 2025

• Update default CodeQL bundle version to 2.20.4. #2753

## 3.28.8 - 29 Jan 2025

• Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

... (truncated) Commits • `60168ef` Merge pull request #2886 from github/update-v3.28.17-97a2bfd2a • `0d5a311` Update changelog for v3.28.17 • `97a2bfd` Merge pull request #2872 from github/update-bundle/codeql-bundle-v2.21.2 • `9aba20e` Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2 • `81a9508` Merge pull request #2876 from github/henrymercer/fix-diff-informed-multiple-a... • `1569f4c` Disable diff-informed queries in code scanning config tests • `62fbeb6` Merge branch 'main' into henrymercer/fix-diff-informed-multiple-analyze • `f122d1d` Address test failures from computing temporary directory too early • `083772a` Do not fail diff informed analyses when

analyze

is run twice in the same job • `5db14d0` Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2 • Additional commits viewable in compare view Updates

actions/attest-build-provenance

from 2.2.3 to 2.3.0 Release notes Sourced from actions/attest-build-provenance's releases.

## v2.3.0

## What's Changed

• Bump

actions/attest

from 2.2.1 to 2.3.0 by `@​bdehamer` in actions/attest-build-provenance#615

• Updates

@sigstore/oci

from 0.4.0 to 0.5.0

Full Changelog: actions/attest-build-provenance@v2.2.3...v2.3.0

Commits • `db473fd` bump actions/attest from 2.2.1 to 2.3.0 (#615) • <https://github.com/actions/attest-build-prove… meltano/sdk

#2989 feat(taps): Allow pagination to continue after an empty page Pull request opened by edgarrmondragon Closes #2980. ## Summary by Sourcery Enhance pagination handling to support continuing pagination after encountering an empty page New Features: • Add a configurable method to determine if pagination should continue when an empty page is encountered Enhancements: • Introduce a

continue_if_empty

method in the pagination base class to allow custom pagination logic for different API endpoints --- 📚 Documentation preview 📚: https://meltano-sdk--2989.org.readthedocs.build/en/2989/ ## Summary by Sourcery Enhance pagination handling to support more flexible pagination strategies, allowing continued pagination after encountering empty pages New Features: • Add a configurable method to determine if pagination should continue when an empty page is encountered Enhancements: • Introduce a

continue_if_empty

method in the pagination base class to allow custom pagination logic for different API endpoints Tests: • Add test cases to verify pagination behavior with empty pages and custom continuation logic meltano/sdk

#3013 chore: Remove `reviewers` field from dependabot config to rely on CODEOWNERS file instead Pull request opened by edgarrmondragon ## Summary by Sourcery Chores: • Remove redundant reviewers specification in dependabot configuration --- 📚 Documentation preview 📚: https://meltano-sdk--3013.org.readthedocs.build/en/3013/ meltano/sdk

#3014 feat: Conform primitive properties from strings Issue created by edgarrmondragon ### Discussed in #2994 Originally posted by ReubenFrankel April 22, 2025 Why does the SDK conform primitive properties of a record dict towards a JSON compatible format (e.g.

datetime.datetime

to

str

), but not from strings to their expected schema type? Is/should it be the responsibility of the developer to define this mapping? sdk/singer_sdk/helpers/_typing.py Lines 521 to 547 in</meltano/sdk/commit/c152403ba539a11d0d2b4a699c0885b31d4c7567|c152403> | def _conform_primitive_property( # noqa: PLR0911 | | -------------------------------------------------------------------------------- | | elem: t.Any, # noqa: ANN401 | | property_schema: dict, | | ) -> t.Any: # noqa: ANN401 | | """Converts a primitive (i.e. not object or array) to a json compatible type.""" | | if isinstance(elem, (datetime.datetime,)): | | return to_json_compatible(elem) | | if isinstance(elem, datetime.date): | | return elem.isoformat() | | if isinstance(elem, datetime.timedelta): | | epoch = datetime.datetime.fromtimestamp(0, UTC) | | timedelta_from_epoch = epoch + elem | | if timedelta_from_epoch.tzinfo is None: | | timedelta_from_epoch = timedelta_from_epoch.replace(tzinfo=UTC) | | return timedelta_from_epoch.isoformat() | | if isinstance(elem, datetime.time): | | return str(elem) | | if isinstance(elem, bytes): | | # for BIT value, treat 0 as False and anything else as True | | return elem != b"\x00" if is_boolean_type(property_schema) else elem.hex() | | if isinstance(elem, (float, decimal.Decimal)): | | if math.isnan(elem) or math.isinf(elem): | | return None | | return elem | | if _is_exclusive_boolean_type(property_schema): | | return None if elem is None else elem != 0 | | return elem | i.e. if isinstance(elem, str) and th.IntegerType.__type_name__ in property_schema["type"]: return int(elem) ```</div> meltano/sdk

#3015 chore: Limit max records for tap-dummyjson tests to 15 Pull request opened by edgarrmondragon ## Summary by Sourcery Chores: • Added a max records limit of 15 to the tap-dummyjson test configuration --- 📚 Documentation preview 📚: https://meltano-sdk--3015.org.readthedocs.build/en/3015/ meltano/sdk

#3016 chore: pre-commit autoupdate Pull request opened by pre-commit-ci[bot] updates: • github.com/astral-sh/ruff-pre-commit: v0.11.7 → v0.11.8 • github.com/astral-sh/uv-pre-commit: 0.6.17 → 0.7.2 ## Summary by Sourcery Update pre-commit tool versions to their latest releases Chores: • Upgrade Ruff pre-commit hook from v0.11.7 to v0.11.8 • Upgrade UV pre-commit hook from 0.6.17 to 0.7.2 meltano/sdk

#9247 chore: pre-commit autoupdate Pull request opened by pre-commit-ci[bot] updates: • github.com/astral-sh/ruff-pre-commit: v0.11.7 → v0.11.8 • github.com/astral-sh/uv-pre-commit: 0.6.17 → 0.7.2 meltano/meltano

#3018 chore: Lock file maintenance Pull request opened by edgarrmondragon ## Summary by Sourcery Chores: • Perform routine lock file maintenance to keep dependencies up to date --- 📚 Documentation preview 📚: https://meltano-sdk--3018.org.readthedocs.build/en/3018/ meltano/sdk

#9248 chore: Lock file maintenance Pull request opened by edgarrmondragon ## Description ## Related Issues • Closes #XXXX meltano/meltano

#3019 fix: Encode `nan`, `inf` and `-inf` values as `null` in Singer stream Pull request opened by edgarrmondragon Changes the behavior of JSON serialization for Singer output to convert

nan

,

inf

and

-inf

values to

null

in compliance with the ECMA-262 specification. ## Implementation details •

simplejson

supports this with the `ignore_nan=True`1 parameter. •

msgspec

already does this by default2. ## Related • Closes #2213 ## Summary by Sourcery Modify JSON serialization in Singer output to convert special float values (

nan

,

inf

,

-inf

) to

null

Bug Fixes: • Ensure proper handling of special float values in JSON serialization Tests: • Add test case to verify

nan

values are encoded as

null

--- 📚 Documentation preview 📚: https://meltano-sdk--3019.org.readthedocs.build/en/3019/ ## Footnotes 1. https://simplejson.readthedocs.io/en/latest/#simplejson.dumps :leftwards_arrow_with_hook: 2. https://jcristharif.com/msgspec/supported-types.html#float :leftwards_arrow_with_hook: meltano/sdk

#2213 bug: ValueError: Out of range float values are not JSON compliant Issue created by dgawlowsky ### Singer SDK Version 0.34.1 ### Is this a regression? • Yes ### Python Version 3.9 ### Bug scope Taps (catalog, state, etc.) ### Operating System MacOS ### Description I get

ValueError: Out of range float values are not JSON compliant

when trying to sync Amazon Document DB collection. The probably reason is that

simple_json.dumps()

has

allow_nan=False

default, while standard

dumps()

function from standard

json

library has

allow_nan=True

. As there is no way to pass configuration from outside could we add this functionality? I can introduce relevant fix. ### Code No response meltano/sdk

#2162 feat: Expose metric dictionary to make logging metrics as JSON easier Pull request opened by edgarrmondragon --- 📚 Documentation preview 📚: https://meltano-sdk--2162.org.readthedocs.build/en/2162/ ## Summary by Sourcery Expose metric dictionary to make logging metrics as JSON easier. Enhancements: • Adds a

to_dict

method to the

Point

class to convert a metric to a dictionary. • Adds a

SingerMetricsFormatter

class to format metrics as JSON. • Updates the default logging configuration to include a metrics formatter. • Updates the

log

function to include the metric dictionary in the log record. • Updates the documentation to include an example of how to log metrics as JSON. meltano/sdk

#1679 bug: Consider an alternative filesystem framework to PyFilesystem for batch and other operations Issue created by edgarrmondragon ### Singer SDK Version 0.26.0 ### Is this a regression? • Yes ### Python Version NA ### Bug scope Other ### Operating System NA ### Description ## Why Development of `PyFilesystem` has arguably become stagnant. I'm concerned that the Python ecosystem is moving and PyFilesytem and plugins will be left behind. A recent example of this was the release of urllib3 2.0, which is incompatible with botocore. The offender is currently the botocore library, but it's actively developed so it's more likely that the maintainers will add support for urllib3 2.0+, but that may require them to bump the major version of their package, which `fs-s3fs` will not be compatible with, and it's not clear if the fs-s3fs is still being maintained (last activity on 2019). ## Alternatives ### `fsspec` #### Advantages • Automatically read/write from S3 when a

s3://...

URL is used, similar to the current situation with PyFilesystem. • Good community support and maintenance. Used by Dask. #### Disadvantages • See breaking changes ### `smart-open` #### Advantages • Simple to use #### Disadvantages • Requires explicitly defining the transport config • See breaking changes ## Breaking changes Changing the library we use to support different file storage systems will break any taps that currently have rely on having

fs-s3fs

as a dependency. cc @kgpayne ### Code No response meltano/sdk

#3020 fix(targets): In SQL targets, use stream name as table name instead of splitting by hyphen if `default_target_schema` is speficied Pull request opened by edgarrmondragon ## Related • Closes #2909 cc @ReubenFrankel ## Summary by Sourcery Modify SQL target table naming logic to use the full stream name when a default target schema is specified New Features: • Add new test cases to validate table and schema name generation for SQL targets Bug Fixes: • Fix table name generation to preserve full stream name when a default target schema is provided Tests: • Add comprehensive parametrized test cases for table name and schema name generation in different scenarios --- 📚 Documentation preview 📚: https://meltano-sdk--3020.org.readthedocs.build/en/3020/ meltano/sdk

#2909 bug: Incorrect table name resolved if stream name is hyphenated Issue created by ReubenFrankel ### Singer SDK Version 0.44.3 ### Is this a regression? • Yes ### Python Version NA ### Bug scope Targets (data type handling, batching, SQL object generation, etc.) ### Operating System No response ### Description For SQL targets, if a stream name is hyphenated it is assumed to be fully-qualified and the part after the last hyphen is taken as the table name. In our case, we have a tap stream name of

tap_bigquery-weekly_fuel_prices

and expect a table of name in similar shape to be created in Snowflake - instead,

weekly_fuel_prices

is resolved which is not desirable is our case. Is there a reason for this behaviour? sdk/singer_sdk/sinks/sql.py Lines 76 to 85 in</meltano/sdk/commit/881ffd2041c9eca9c50a5e94ffe61a121579ef61|881ffd2> | @property | | ---------------------------------------------------------- | | def table_name(self) -> str: | | """Return the table name, with no schema or database part. | | | | Returns: | | The target table name. | | """ | | parts = self.stream_name.split("-") | | table = self.stream_name if len(parts) == 1 else parts[-1] | | return self.conform_name(table, "table") | ### Link to Slack/Linen No response meltano/sdk

#3021 chore: Release v0.46.0 Pull request opened by MeltyBot Prepare MeltanoSDK

v0.46.0

for release. Checklist: • Check that the right version is set in all the files. • Groom the changelog for wording or missing entries. • Merge this PR once everything looks good. Release Draft ## Summary by Sourcery Prepare and release MeltanoSDK version 0.46.0 with various improvements and bug fixes New Features: • Expose metric dictionary to make logging metrics as JSON easier • Limit extraction to 25 records by default in builtin tap tests • Allow pagination to continue after an empty page Bug Fixes: • Use stream name as table name in SQL targets when default target schema is specified • Encode NaN and infinity values as null in Singer stream • Preserve microsecond precision when comparing datetime replication values • Stop loading package files to allow taps and targets to run as Python scripts • Fix infinite recursion error when resolving JSON schemas with circular references Enhancements: • Replace filesystem library used for BATCH mode • Use dict instead of OrderedDict Chores: • Update version to 0.46.0 across multiple project files • Update SDK dependency version in cookiecutter templates --- 📚 Documentation preview 📚: https://meltano-sdk--3021.org.readthedocs.build/en/3021/ meltano/sdk

#3022 chore: Update tap, target and mapper templates Pull request opened by edgarrmondragon ## Summary by Sourcery Update pre-commit hooks and GitHub Actions workflow dependencies in mapper, tap, and target templates CI: • Update actions/download-artifact from v4.2.1 to v4.3.0 • Update actions/setup-python from v5.5.0 to v5.6.0 Chores: • Update Ruff pre-commit hook from v0.11.6 to v0.11.8 • Update UV pre-commit hook from 0.6.14 to 0.7.2 --- 📚 Documentation preview 📚: https://meltano-sdk--3022.org.readthedocs.build/en/3022/ meltano/sdk

Release - v0.46.0 New release published by edgarrmondragon ## v0.46.0 (2025-05-06) ### ✨ New • #2162 Expose metric dictionary to make logging metrics as JSON easier • #2977 Limit extraction to 25 records by default in built-in tap tests • #2989 Allow pagination to continue after an empty page ### 🐛 Fixes • #3020 In SQL targets, use stream name as table name instead of splitting by hyphen if

default_target_schema

is specified • #3019 Encode

nan

,

inf

and

-inf

values as

null

in Singer stream • #2999 Preserve microsecond precision when comparing datetime replication values • #2986 Stop loading package files to allow taps and targets to run as Python scripts • #3009 Fix infinite recursion error when resolving JSON schemas with circular references ### ⚙️ Under the Hood • #2990 Replace filesystem library used for BATCH mode • #3010 Use dict instead of

OrderedDict

meltano/sdk

#9249 refactor: Make installation error details an extra context key of the main installation error log Pull request opened by edgarrmondragon ## Description SSIA. Instead of two messages, now there's just one with added context. ## Related Issues • Closes #XXXX meltano/meltano

#9250 docs: Updated `docker compose` commands Pull request opened by edgarrmondragon ## Description ## Related Issues • Closes #XXXX meltano/meltano

#3023 feat: Apply `post_process` automatically to all stream types Pull request opened by edgarrmondragon With this change, developers won't need to re-implement the call to

post_process

when they override the public

Stream.get_records(...)

method. A few examples just from MeltanoLabs: https://github.com/search?q=org%3AMeltanoLabs+%22self.post_process%22&amp;type=code. i.e. • https://github.com/MeltanoLabs/tap-dbt/blob/49cbf08f91d297d73f2cf19d73614a9a65a31f70/tap_dbt/streams.py#L107-L111 • https://github.com/MeltanoLabs/tap-postgres/blob/d7e11bcaae0d87717771a5a38744d0ec674dabf5/tap_postgres/client.py#L259-L267 • https://github.com/MeltanoLabs/tap-jira/blob/caa12cdc5ee890a440e61df880f76172c9a85e8a/tap_jira/streams.py#L2402-L2406 • https://github.com/MeltanoLabs/tap-messagebird/blob/37a64a4b178e7c1e511ac4481bd69b2e145c6df6/tap_messagebird/streams.py#L98-L102 ## Summary by Sourcery Automatically apply

post_process

method to all stream types during record synchronization New Features: • Automatically invoke

post_process

method for all stream types during record sync Enhancements: • Updated record processing workflow to consistently apply post-processing across different stream types Tests: • Added test case to verify post-processing functionality for streams meltano/sdk

#3024 refactor: Deprecate returning tuples of (record, child context) from `Stream.get_records` Pull request opened by edgarrmondragon ## Summary by Sourcery Deprecate the practice of returning tuples from

Stream.get_records

method in the Singer SDK Enhancements: • Introduce a deprecation warning when tuple-style record and context returns are used Documentation: • Update documentation to remove references to tuple-based record and context returns Chores: • Prepare for future removal of tuple-based record and context return method --- 📚 Documentation preview 📚: https://meltano-sdk--3024.org.readthedocs.build/en/3024/ meltano/sdk

#3025 chore: Add `.git-blame-ignore-revs` Pull request opened by edgarrmondragon ## Summary by Sourcery Chores: • Create .git-blame-ignore-revs file to improve code attribution --- 📚 Documentation preview 📚: https://meltano-sdk--3025.org.readthedocs.build/en/3025/ meltano/sdk

#3026 docs: Auto-format markdown with `mdformat` Pull request opened by edgarrmondragon ## Summary by Sourcery Documentation: • Added mdformat pre-commit hook to automatically format markdown files --- 📚 Documentation preview 📚: https://meltano-sdk--3026.org.readthedocs.build/en/3026/ meltano/sdk

#7054 bug: meltano.yml updates overwrite user-changed indentation Issue created by menzenski ### Meltano Version 2.10.0 ### Python Version 3.9 ### Bug scope Other ### Operating System Mac OS 12.6 Monterey ### Description Steps to replicate: 1. Run

meltano init test

2.

cat test/meltano.yml

output: cat test/meltano.yml version: 1 default_environment: dev project_id: b02272c0-d17d-4512-ab23-47ed7c9133ad environments: - name: dev - name: staging - name: prod 1. Format YAML indentation differently: version: 1 default_environment: dev project_id: b02272c0-d17d-4512-ab23-47ed7c9133ad environments: - name: dev - name: staging - name: prod 1. Run a

meltano

CLI command that updates

meltano.yml

file. In my case I ran

meltano add loader target-jsonl

. 2. Notice the leading indentation of the

environments

array members in

meltano.yml

has reverted from two spaces to zero: version: 1 default_environment: dev project_id: b02272c0-d17d-4512-ab23-47ed7c9133ad environments: - name: dev - name: staging - name: prod plugins: loaders: - name: target-jsonl variant: andyh1203 pip_url: target-jsonl ### Code n/a meltano/meltano