Skip to content

Update dependencies#22996

Merged
NouemanKHAL merged 1 commit intomasterfrom
bot/update-dependencies-1774007099
Mar 23, 2026
Merged

Update dependencies#22996
NouemanKHAL merged 1 commit intomasterfrom
bot/update-dependencies-1774007099

Conversation

@dd-octo-sts
Copy link
Copy Markdown
Contributor

@dd-octo-sts dd-octo-sts Bot commented Mar 20, 2026

What does this PR do?

Update the dependencies

Dependency Bumps

Package Old Version New Version
azure-identity 1.25.2 1.25.3
boto3 1.42.54 1.42.72
botocore 1.42.54 1.42.72
cachetools 7.0.1 7.0.5
clickhouse-connect 0.11.0 0.14.1
lazy-loader 0.4 0.5
mmh3 5.2.0 5.2.1
protobuf 6.33.5 7.34.0
pyjwt 2.11.0 2.12.1
redis 7.2.0 7.3.0
wrapt 2.1.1 2.1.2

This PR was automatically generated by the following workflow:
https://github.com/DataDog/integrations-core/actions/runs/23341321215

Review checklist (to be filled by reviewers)

  • Feature or bugfix MUST have appropriate tests (unit, integration, e2e)
  • Changelog entries must be created for modifications to shipped code
  • Add the qa/skip-qa label if the PR doesn't need to be tested during QA.

@dd-octo-sts dd-octo-sts Bot added bot qa/skip-qa Automatically skip this PR for the next QA labels Mar 20, 2026
@dd-octo-sts dd-octo-sts Bot requested review from a team as code owners March 20, 2026 11:45
@dd-octo-sts dd-octo-sts Bot added the bot label Mar 20, 2026
@dd-octo-sts dd-octo-sts Bot requested a review from a team as a code owner March 20, 2026 11:45
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Mar 20, 2026

⚠️ The qa/skip-qa label has been added with shippable changes

The following files, which will be shipped with the agent, were modified in this PR and
the qa/skip-qa label has been added.

You can ignore this if you are sure the changes in this PR do not require QA. Otherwise, consider removing the label.

List of modified files that will be shipped with the agent 
amazon_msk/changelog.d/22996.added
clickhouse/changelog.d/22996.added
datadog_checks_base/changelog.d/22996.added
do_query_actions/changelog.d/22996.added
kafka_actions/changelog.d/22996.added
kafka_consumer/changelog.d/22996.added
mongo/changelog.d/22996.added
mysql/changelog.d/22996.added
postgres/changelog.d/22996.added
redisdb/changelog.d/22996.added
riakcs/changelog.d/22996.added
sqlserver/changelog.d/22996.added
amazon_msk/pyproject.toml
clickhouse/pyproject.toml
datadog_checks_base/pyproject.toml
do_query_actions/pyproject.toml
kafka_actions/pyproject.toml
kafka_consumer/pyproject.toml
mongo/pyproject.toml
mysql/pyproject.toml
postgres/pyproject.toml
redisdb/pyproject.toml
riakcs/pyproject.toml
sqlserver/pyproject.toml

@datadog-datadog-prod-us1-2

This comment has been minimized.

Sign in to view
@codecov
Copy link
Copy Markdown

codecov Bot commented Mar 20, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 90.39%. Comparing base (fe21317) to head (c932817).
⚠️ Report is 8 commits behind head on master.

Additional details and impacted files
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@lucia-sb lucia-sb changed the title Update dependencies [DON'T MERGE] Update dependencies Mar 20, 2026
@lucia-sb lucia-sb changed the title [DON'T MERGE] Update dependencies Update dependencies Mar 23, 2026
@NouemanKHAL NouemanKHAL added this pull request to the merge queue Mar 23, 2026
Merged via the queue into master with commit fe5d0a0 Mar 23, 2026
738 of 754 checks passed
@NouemanKHAL NouemanKHAL deleted the bot/update-dependencies-1774007099 branch March 23, 2026 09:37
@datadog-agent-integrations-bot datadog-agent-integrations-bot Bot mentioned this pull request Mar 23, 2026
Closed
aldrickdev pushed a commit that referenced this pull request Mar 25, 2026
@dd-octo-sts @lucia-sb @aldrickdev
Update dependencies (#22996)
1c674ca 
Co-authored-by: lucia-sb <200915154+lucia-sb@users.noreply.github.com>
Kyle-Neale added a commit that referenced this pull request Mar 26, 2026
@Kyle-Neale @claude
Bump PyJWT to 2.12.1 to address CVE-2026-32597
b4a22fd 
PyJWT < 2.12.0 does not validate the crit header parameter per RFC 7515 §4.1.11,
allowing tokens with unrecognized critical extensions to be accepted. CVSS 7.5 (High).
Backport of #22996 to 7.78.x.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Kyle-Neale added a commit that referenced this pull request Mar 26, 2026
@Kyle-Neale @claude
Bump PyJWT to 2.12.1 to address CVE-2026-32597
675cf19 
PyJWT < 2.12.0 does not validate the crit header parameter per RFC 7515 §4.1.11,
allowing tokens with unrecognized critical extensions to be accepted. CVSS 7.5 (High).
Backport of #22996 to 7.77.x.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This was referenced Mar 26, 2026
Merged
Merged
Kyle-Neale added a commit that referenced this pull request Mar 26, 2026
@Kyle-Neale @claude
Bump PyJWT to 2.12.1 to address CVE-2026-32597 (#23065)
4acccb9 
* Bump PyJWT to 2.12.1 to address CVE-2026-32597

PyJWT < 2.12.0 does not validate the crit header parameter per RFC 7515 §4.1.11,
allowing tokens with unrecognized critical extensions to be accepted. CVSS 7.5 (High).
Backport of #22996 to 7.78.x.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* Add changelog for CVE-2026-32597 pyjwt bump

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* Update agent_requirements.in for pyjwt 2.12.1

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Kyle-Neale added a commit that referenced this pull request Mar 27, 2026
@Kyle-Neale @claude
Bump PyJWT to 2.12.1 to address CVE-2026-32597 (#23064)
3f6615d 
* Bump PyJWT to 2.12.1 to address CVE-2026-32597

PyJWT < 2.12.0 does not validate the crit header parameter per RFC 7515 §4.1.11,
allowing tokens with unrecognized critical extensions to be accepted. CVSS 7.5 (High).
Backport of #22996 to 7.77.x.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* Add changelog for CVE-2026-32597 pyjwt bump

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* Update agent_requirements.in for pyjwt 2.12.1

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment