chore(deps): bump python-dotenv from 1.2.1 to 1.2.2#22
chore(deps): bump python-dotenv from 1.2.1 to 1.2.2#22dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps [python-dotenv](https://github.com/theskumar/python-dotenv) from 1.2.1 to 1.2.2. - [Release notes](https://github.com/theskumar/python-dotenv/releases) - [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md) - [Commits](theskumar/python-dotenv@v1.2.1...v1.2.2) --- updated-dependencies: - dependency-name: python-dotenv dependency-version: 1.2.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
Security Scan ResultsThe security scan has completed. Please review the workflow results for details.
Check the Actions tab for full details: https://github.com/taylorparsons/interview-practice-app/actions/runs/22763716120 |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: edcc46d5a7
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| # Use modern OpenAI SDK for AsyncOpenAI support | ||
| openai>=1.40.0 | ||
| python-dotenv==1.2.1 | ||
| python-dotenv==1.2.2 |
There was a problem hiding this comment.
Pinning python-dotenv to 1.2.2 breaks environments that still use Python 3.9, because that upstream release dropped 3.9 support, while this repo still documents Python 3.9+ as a prerequisite (README.md:71). In those setups, pip install -r requirements.txt can no longer resolve dependencies, so this dependency bump introduces an install-time regression unless the project’s supported Python version is raised in the same change.
Useful? React with 👍 / 👎.
Bumps python-dotenv from 1.2.1 to 1.2.2.
Release notes
Sourced from python-dotenv's releases.
Changelog
Sourced from python-dotenv's changelog.
Commits
36004e0Bump version: 1.2.1 → 1.2.2eb20252docs: update changelog for v1.2.2790c5c0Merge commit from fork43340daRemove the use ofshin tests (#612)09d7ceedocs: clarify override behavior and document FIFO support (#610)c8de288ci: improve workflow efficiency with best practices (#609)7bd9e3dAdd Windows testing to CI (#604)1baaf04Drop Python 3.9 support and update to PyPy 3.11 (#608)4a22cf8ci: enable testing on Python 3.14t (free-threaded) (#588)e2e8e77Fix license specifier (#597)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)