Skip to content

Python: Bump python-multipart from 0.0.26 to 0.0.31 in /python#14088

Open
dependabot[bot] wants to merge 4 commits into
mainfrom
dependabot/uv/python/python-multipart-0.0.31
Open

Python: Bump python-multipart from 0.0.26 to 0.0.31 in /python#14088
dependabot[bot] wants to merge 4 commits into
mainfrom
dependabot/uv/python/python-multipart-0.0.31

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 16, 2026

Copy link
Copy Markdown
Contributor

Bumps python-multipart from 0.0.26 to 0.0.31.

Release notes

Sourced from python-multipart's releases.

Version 0.0.31

What's Changed

Full Changelog: Kludex/python-multipart@0.0.30...0.0.31

Version 0.0.30

What's Changed

Full Changelog: Kludex/python-multipart@0.0.29...0.0.30

Version 0.0.29

What's Changed

Full Changelog: Kludex/python-multipart@0.0.28...0.0.29

Version 0.0.28

What's Changed

Full Changelog: Kludex/python-multipart@0.0.27...0.0.28

Version 0.0.27

What's Changed

Full Changelog: Kludex/python-multipart@0.0.26...0.0.27

Changelog

Sourced from python-multipart's changelog.

0.0.31 (2026-06-04)

  • Speed up multipart header parsing and callback dispatch #295.
  • Bound header field name size before validating #296.
  • Validate Content-Length is non-negative in parse_form #297.

0.0.30 (2026-05-31)

  • Parse application/x-www-form-urlencoded bodies per the WHATWG URL standard, treating only & as a field separator #290.
  • Ignore RFC 2231/5987 extended parameters (name*, filename*) in parse_options_header, keeping the plain parameter authoritative per RFC 7578 §4.2 #291.

0.0.29 (2026-05-17)

  • Handle malformed RFC 2231 continuations in parse_options_header #270.

0.0.28 (2026-05-10)

  • Speed up partial-boundary tail scan via bytes.find #281.
  • Cap multipart boundary length at 256 bytes #282.

0.0.27 (2026-04-27)

  • Add multipart header limits #267.
  • Pass parse offsets via constructors #268.
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump python-multipart from 0.0.26 to 0.0.31 in /python
8786553 
Bumps [python-multipart](https://github.com/Kludex/python-multipart) from 0.0.26 to 0.0.31.
- [Release notes](https://github.com/Kludex/python-multipart/releases)
- [Changelog](https://github.com/Kludex/python-multipart/blob/main/CHANGELOG.md)
- [Commits](Kludex/python-multipart@0.0.26...0.0.31)

---
updated-dependencies:
- dependency-name: python-multipart
  dependency-version: 0.0.31
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file. Used by Dependabot. label Jun 16, 2026
Copilot AI review requested due to automatic review settings June 16, 2026 21:56
@dependabot dependabot Bot added the python:uv Pull requests that update python:uv code label Jun 16, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 16, 2026 21:56
Copilot AI reviewed Jun 16, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@dependabot dependabot Bot mentioned this pull request Jun 16, 2026
Closed
@moonbox3 moonbox3 added the python Pull requests for the Python Semantic Kernel label Jun 16, 2026
@github-actions github-actions Bot changed the title Bump python-multipart from 0.0.26 to 0.0.31 in /python Python: Bump python-multipart from 0.0.26 to 0.0.31 in /python Jun 16, 2026
github-actions[bot]
github-actions Bot reviewed Jun 16, 2026
View reviewed changes

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automated Code Review

Reviewers: 5 | Confidence: 68% | Result: All clear

Reviewed: Correctness, Security Reliability, Test Coverage, Failure Modes, Design Approach

Automated review by dependabot[bot]'s agents

@moonbox3

moonbox3 commented Jun 17, 2026

Copy link
Copy Markdown
Collaborator

@copilot: fix the CI/CD failures

Copilot AI commented Jun 17, 2026

Copy link
Copy Markdown
Contributor

@copilot: fix the CI/CD failures

The CI failure is a pre-existing issue (present on multiple unrelated branches from the same base commit). The failing test is test_crud_operations_pandas[definition_pandas] on Windows Python 3.10, where WindowsProactorEventLoopPolicy raises RuntimeError: There is no current event loop after accumulated _set_called=True, _loop=None state across tests.

Fixed in commits:

  1. Added a function-scoped event_loop_policy fixture to tests/unit/data/conftest.py returning a fresh asyncio.DefaultEventLoopPolicy() per test — this ensures each test uses a clean policy instance, preventing the broken state from persisting.
  2. Added explicit asyncio_default_test_loop_scope = "function" to pyproject.toml (same as the default, now explicit).

Copilot AI requested a review from moonbox3 June 17, 2026 06:12
@moonbox3

moonbox3 commented Jun 17, 2026

Copy link
Copy Markdown
Collaborator

@copilot fix the failing CI/CD checks

Copilot AI commented Jun 17, 2026

Copy link
Copy Markdown
Contributor

@copilot fix the failing CI/CD checks

The CI status after investigating:

  1. Original test failure (test_crud_operations_pandas[definition_pandas]RuntimeError: There is no current event loop on Windows Python 3.10) was fixed in previous commits by adding an event_loop_policy fixture to tests/unit/data/conftest.py that returns a fresh asyncio.DefaultEventLoopPolicy() per test, preventing corrupted event loop policy state from propagating across tests.

  2. New CI failure in the most recent run was a transient network error unrelated to any code change:

    × Failed to download `nbconvert==7.17.1`
╰─▶ peer closed connection without sending TLS close_notify

    This is a GitHub Actions runner infrastructure issue (dropped TLS connection) and not fixable in code.

  3. Cleanup (commit f5f6b06): removed the asyncio_default_test_loop_scope = "function" line I previously added to pyproject.toml — this option is not recognized by pytest-asyncio 0.24 and was generating a PytestConfigWarning: Unknown config option.

The python-tests-coverage check passed in the last run, confirming the tests work correctly. The remaining failures are due to the transient network issue and fail-fast: true cancelling sibling matrix jobs. A fresh CI run should pass.

@moonbox3 moonbox3 enabled auto-merge June 17, 2026 11:47
@moonbox3 moonbox3 requested a review from eavanvalkenburg June 17, 2026 11:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

Copilot code review Copilot Copilot left review comments

@eavanvalkenburg eavanvalkenburg eavanvalkenburg approved these changes

@moonbox3 moonbox3 moonbox3 approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file. Used by Dependabot. python:uv Pull requests that update python:uv code python Pull requests for the Python Semantic Kernel

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@moonbox3 @eavanvalkenburg