Closed dependabot[bot] closed 3 days ago
Requesting review from @jsignell as I've tweaked this depandabot PR to take care of #508 and #509.
Do you think we need to change some of the tests. In particular I am looking at test_client/TestSigning.test_signing.yaml +135k seems like too many lines for a test.
Yup, I think that the test is a bit wild to be using w/ VCR, e.g. it fetches all items: https://github.com/stac-utils/pystac-client/blob/f699ffa1c51f975edce800a94eb96b0f27248030/tests/test_client.py#L535
I'll open a separate ticket to trim down that test (and any others that are obviously too big), solve that first, then re-do this PR. Thanks for the catch 🙇🏼
Marking as ready for re-review as https://github.com/stac-utils/pystac-client/issues/729 is closed as not planned.
Updates the requirements on urllib3 to permit the latest version.
Release notes
Sourced from urllib3's releases.
Changelog
Sourced from urllib3's changelog.
... (truncated)
Commits
27e2a5c
Release 2.2.2 (#3406)accff72
Merge pull request from GHSA-34jh-p97f-mpxf34be4a5
Pin CFFI to a new release candidate instead of a Git commit (#3398)da41058
Bump browser-actions/setup-chrome from 1.6.0 to 1.7.1 (#3399)b07a669
Bump github/codeql-action from 2.13.4 to 3.25.6 (#3396)b8589ec
Measure coverage with v4 of artifact actions (#3394)f3bdc55
Allow triggering CI manually (#3391)5239265
Fix HTTP version in debug log (#3316)b34619f
Bump actions/checkout to 4.1.4 (#3387)9961d14
Bump browser-actions/setup-chrome from 1.5.0 to 1.6.0 (#3386)You can trigger a rebase of this PR by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show