Skip to content

build(deps): bump the production-dependencies group with 4 updates#3269

Merged
smarnach merged 2 commits intomainfrom
dependabot/pip/production-dependencies-d762040789
Feb 4, 2026
Merged

build(deps): bump the production-dependencies group with 4 updates#3269
smarnach merged 2 commits intomainfrom
dependabot/pip/production-dependencies-d762040789

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 1, 2026

Bumps the production-dependencies group with 4 updates: dockerflow, gunicorn, sentry-sdk and sphinx.

Updates dockerflow from 2024.4.2 to 2026.1.26

Release notes

Sourced from dockerflow's releases.

2026.01.26

What's Changed

New Contributors

Full Changelog: mozilla-services/python-dockerflow@2024.04.2...2026.01.26

Sanic >= 20.3 support and added flask.g.request_id

No release notes provided.

Commits
  • 7297801 Pin test dependencies to fix CI, drop EOL and add Django 6.0 (#122)
  • 3221444 Fix CI and expand test matrix to Django 5.2 and Python 3.13 (#120)
  • 276ff50 chore: fix a typo (#118)
  • ba6936b Add MozlogHandler that integrates renamed formatter (#112)
  • See full diff in compare view

Updates gunicorn from 24.0.0 to 24.1.1

Release notes

Sourced from gunicorn's releases.

24.1.1

Bug Fixes

  • Fix forwarded_allow_ips and proxy_allow_ips to remain as strings for backward compatibility with external tools like uvicorn. Network validation now uses strict mode to detect invalid CIDR notation (e.g., 192.168.1.1/24 where host bits are set) (#3458, [PR #3459](benoitc/gunicorn#3459))

Full Changelog: benoitc/gunicorn@24.1.0...24.1.1

Gunicorn 24.1.0

New Features

  • Official Docker Image: Gunicorn now publishes official Docker images to GitHub Container Registry ([PR #3454](benoitc/gunicorn#3454))

    • Available at ghcr.io/benoitc/gunicorn
    • Based on Python 3.12 slim image
    • Uses recommended worker formula (2 × CPU + 1)
    • Configurable via environment variables

  • PROXY Protocol v2 Support: Extended PROXY protocol implementation to support the binary v2 format in addition to the existing text-based v1 format ([PR #3451](benoitc/gunicorn#3451))

    • New --proxy-protocol modes: off, v1, v2, auto
    • auto mode (default when enabled) detects v1 or v2 automatically
    • v2 binary format is more efficient and supports additional metadata
    • Works with HAProxy, AWS NLB/ALB, and other PROXY protocol v2 sources

  • CIDR Network Support: --forwarded-allow-ips and --proxy-allow-from now accept CIDR notation (e.g., 192.168.0.0/16) for specifying trusted networks ([PR #3449](benoitc/gunicorn#3449))

  • Socket Backlog Metric: New gunicorn.socket.backlog gauge metric reports the current socket backlog size on Linux systems ([PR #3450](benoitc/gunicorn#3450))

  • InotifyReloader Enhancement: The inotify-based reloader now watches newly imported modules, not just those loaded at startup ([PR #3447](benoitc/gunicorn#3447))

Bug Fixes

Installation

pip install gunicorn==24.1.0
</tr></table>

... (truncated)

Commits
  • 375e79e release: bump version to 24.1.1
  • ad0c12d docs: add sponsors section to README
  • 70200ee chore: add GitHub Sponsors funding configuration
  • 6841804 docs: remove incorrect PR reference from Docker changelog entry
  • abce0ca docs: add 24.1.1 changelog entry for forwarded_allow_ips fix
  • e9a3f30 fix: keep forwarded_allow_ips as strings for backward compatibility (#3459)
  • d73ff4b docs: update main changelog with 24.1.0
  • 53f2c31 ci: allow docs deploy on workflow_dispatch
  • eab5f0b ci: trigger Docker publish on tags with or without v prefix
  • a20d3fb docs: add Docker image to 24.1.0 changelog
  • Additional commits viewable in compare view

Updates sentry-sdk from 2.50.0 to 2.51.0

Release notes

Sourced from sentry-sdk's releases.

2.51.0

New Features ✨

Openai

Openai Agents

Other

Bug Fixes 🐛

Internal Changes 🔧

2.51.0a1

New Features ✨

Integrations

  • feat(integrations): OpenAI/OpenAI Agents detect and report the time to first token metric (TTFT) as gen_ai.response.time_to_first_token by @​constantinius in #5348
  • feat(integrations): openai-agents streaming support by @​constantinius in #5291

Other

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

2.51.0

New Features ✨

Openai

Openai Agents

Other

Bug Fixes 🐛

Internal Changes 🔧

Commits
  • 8517eb0 Update CHANGELOG.md
  • 93e89e4 release: 2.51.0
  • 003cb73 feat(ai): Add original input length meta attribute (#5375)
  • d4db6d3 fix(ai): Keep single content input message (#5345)
  • dafd62f ref: Replace set_data_normalized() with Span.set_data() for system instru...
  • b3aa033 feat(openai-agents): Set system instruction attribute on gen_ai.chat spans ...
  • a6b4f2e feat(openai): Set system instruction attribute for Responses API (#5376)
  • 6611957 feat(openai): Set system instruction attribute for Completions API (#5358)
  • 0d42476 feat(transport): Report 413 responses for oversized envelopes (#5380)
  • 0c81d3a feat(integrations): OpenAI/OpenAI Agents detect and report the time to first ...
  • Additional commits viewable in compare view

Updates sphinx from 8.2.3 to 9.0.4

Release notes

Sourced from sphinx's releases.

Sphinx 9.0.4

Changelog: https://www.sphinx-doc.org/en/master/changes/9.0.html

Bugs fixed

  • #14143: Fix spurious build warnings when translators reorder references in strings, or use translated display text in references. Patch by Matt Wang.

Sphinx 9.0.3

Changelog: https://www.sphinx-doc.org/en/master/changes/9.0.html

Bugs fixed

  • #14142: autodoc: Restore some missing exports in sphinx.ext.autodoc. Patch by Adam Turner.

Sphinx 9.0.2

Changelog: https://www.sphinx-doc.org/en/master/changes/9.0.html

Bugs fixed

  • #14142: autodoc: Restore sphinx.ext.autodoc.mock. Patch by Adam Turner.

Sphinx 9.0.1

Changelog: https://www.sphinx-doc.org/en/master/changes/9.0.html

Bugs fixed

  • #13942: autodoc: Restore the mapping interface for options objects. Patch by Adam Turner.
  • #13942: autodoc: Deprecate the mapping interface for options objects. Patch by Adam Turner.
  • #13387: Update translations.

Sphinx 9.0.0

Changelog: https://www.sphinx-doc.org/en/master/changes/9.0.html

Dependencies

Incompatible changes

... (truncated)

Changelog

Sourced from sphinx's changelog.

Release 9.0.4 (released Dec 04, 2025)

Bugs fixed

  • #14143: Fix spurious build warnings when translators reorder references in strings, or use translated display text in references. Patch by Matt Wang.

Release 9.0.3 (released Dec 04, 2025)

Bugs fixed

  • #14142: autodoc: Restore some missing exports in :mod:!sphinx.ext.autodoc. Patch by Adam Turner.

Release 9.0.2 (released Dec 03, 2025)

Bugs fixed

  • #14142: autodoc: Restore :mod:!sphinx.ext.autodoc.mock. Patch by Adam Turner.

Release 9.0.1 (released Dec 01, 2025)

Bugs fixed

  • #13942: autodoc: Restore the mapping interface for options objects. Patch by Adam Turner.
  • #13942: autodoc: Deprecate the mapping interface for options objects. Patch by Adam Turner.
  • #13387: Update translations.

Release 9.0.0 (released Nov 30, 2025)

Dependencies

... (truncated)

Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the production-dependencies group with 4 updates
66e1e9b 
Bumps the production-dependencies group with 4 updates: [dockerflow](https://github.com/mozilla-services/python-dockerflow), [gunicorn](https://github.com/benoitc/gunicorn), [sentry-sdk](https://github.com/getsentry/sentry-python) and [sphinx](https://github.com/sphinx-doc/sphinx).


Updates `dockerflow` from 2024.4.2 to 2026.1.26
- [Release notes](https://github.com/mozilla-services/python-dockerflow/releases)
- [Changelog](https://github.com/mozilla-services/python-dockerflow/blob/main/docs/changelog.rst)
- [Commits](mozilla-services/python-dockerflow@2024.04.2...2026.01.26)

Updates `gunicorn` from 24.0.0 to 24.1.1
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](benoitc/gunicorn@24.0.0...24.1.1)

Updates `sentry-sdk` from 2.50.0 to 2.51.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-python@2.50.0...2.51.0)

Updates `sphinx` from 8.2.3 to 9.0.4
- [Release notes](https://github.com/sphinx-doc/sphinx/releases)
- [Changelog](https://github.com/sphinx-doc/sphinx/blob/v9.0.4/CHANGES.rst)
- [Commits](sphinx-doc/sphinx@v8.2.3...v9.0.4)

---
updated-dependencies:
- dependency-name: dockerflow
  dependency-version: 2026.1.26
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: gunicorn
  dependency-version: 24.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.51.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: sphinx
  dependency-version: 9.0.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 1, 2026
@dependabot dependabot bot requested a review from a team as a code owner February 1, 2026 02:43
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 1, 2026
@smarnach smarnach added this pull request to the merge queue Feb 4, 2026
Merged via the queue into main with commit 7d49cb2 Feb 4, 2026
1 check passed
@smarnach smarnach deleted the dependabot/pip/production-dependencies-d762040789 branch February 4, 2026 13:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@smarnach smarnach smarnach approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@smarnach