chore(deps): bump mistune from 3.2.0 to 3.3.0 in /python/agents/short-movie-agents#2206
Conversation
Bumps [mistune](https://github.com/lepture/mistune) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/lepture/mistune/releases) - [Changelog](https://github.com/lepture/mistune/blob/main/docs/changes.rst) - [Commits](lepture/mistune@v3.2.0...v3.3.0) --- updated-dependencies: - dependency-name: mistune dependency-version: 3.3.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
There was a problem hiding this comment.
Here are the correctness review findings from the patch:
In python/agents/financial-advisor/financial_advisor/init.py:
-
Unconditional Call to google.auth.default():
Calling google.auth.default() unconditionally at module import time (line 24) will raise DefaultCredentialsError and crash the application if Application Default Credentials are not set (e.g. in test or container-only setups where the environment is not pre-authenticated). Consider wrapping it in a try-except block. -
None value causing TypeError on os.environ.setdefault():
If google.auth.default() does not return a project ID, project_id will be None (line 25), which causes os.environ.setdefault("GOOGLE_CLOUD_PROJECT", project_id) to raise a TypeError: str expected, not NoneType, crashing the module import immediately. We should ensure project_id is not None before attempting to write it to os.environ.
Bumps mistune from 3.2.0 to 3.3.0.
Release notes
Sourced from mistune's releases.
Changelog
Sourced from mistune's changelog.
Commits
15c3b79chore: release 3.3.0bdc01adtests: increase run time on pypy7cf1814tests: increase run time for pypy6dfdc3dtests: add more tests17c50f6chore: fix mypy issues63abe4bchore: use ruff check and formate6c1b18chore: resolve mypy issuesdcf8902test(math): cover escaped math outputc4093c4fix(toc): avoid generated id collisionse3e51defix(image): validate figure width optionDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.