Skip to content

chore(deps): update dependency pytest to v9 #2751

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
renovate wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update dependency pytest to v9 #2751

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,7 @@ dev = [
"moto>=5.0.0,<6",
"nplusone>=1.0.0,<2",
"pdbpp>=0.11.6,<0.12",
"pytest>=8.0.0,<9",
"pytest>=9.0.2,<10",
Copy link
Copy Markdown

@sentry sentry bot Mar 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: The pytest upgrade to 9.0.2 is incompatible with the pinned pytest-freezegun version (0.4.2), which is unmaintained. This will cause tests using freezegun to fail at runtime.
Severity: CRITICAL

Suggested Fix

Replace the unmaintained pytest-freezegun dependency with its actively maintained fork, pytest-freezer. This requires updating pyproject.toml to remove pytest-freezegun and add pytest-freezer. Alternatively, revert the pytest upgrade until the project can be migrated.

Prompt for AI Agent 
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: pyproject.toml#L131

Potential issue: The pull request upgrades `pytest` to version 9.0.2, but the project's
dependency `pytest-freezegun` is pinned to version `0.4.2` in `pyproject.toml`. This
version of `pytest-freezegun` is over five years old, unmaintained, and known to be
incompatible with `pytest` versions 8 and 9. The codebase actively uses `freezegun` in
multiple tests, such as `test_attestation_order()` and
`test_execute_learn_search_with_script_score()`. When the test suite is executed with
`pytest` 9, the outdated plugin will cause runtime failures, breaking the test suite and
CI/CD pipeline.

Copy link
Copy Markdown

@sentry sentry bot Mar 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: The pytest dependency was updated in pyproject.toml, but the uv.lock file was not regenerated. This will cause the old version to be installed in production and CI.
Severity: HIGH

Suggested Fix

Regenerate the uv.lock file to reflect the updated dependencies in pyproject.toml. This can be done by running a command like uv lock or uv sync and committing the updated uv.lock file.

Prompt for AI Agent 
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: pyproject.toml#L131

Potential issue: The `pytest` dependency was updated in `pyproject.toml` to version
`9.0.2` or higher, but the `uv.lock` file was not regenerated. The lock file still
specifies the old constraint (`>=8.0.0,<9`) and pins `pytest` to version `8.4.2`. Since
the production `Dockerfile` and CI workflow use `uv sync` with `--frozen` and `--locked`
flags respectively, they will install the old version from the lock file. This renders
the intended dependency upgrade ineffective and may cause the build to fail due to the
mismatch.

"pytest-cov>=7.0.0,<8",
"pytest-django>=4.5.2,<5",
"pytest-env>=1.0.0,<2",
Expand Down
Loading