This is an automated email from the ASF dual-hosted git repository.
jerryshao pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/gravitino.git
The following commit(s) were added to refs/heads/main by this push:
new f3553f2c79 build(deps-dev): bump banks from 2.4.1 to 2.4.2 in
/clients/client-python (#11383)
f3553f2c79 is described below
commit f3553f2c7973f8c86fc98e441c075ee924f1fe37
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Thu Jun 11 10:16:30 2026 -0700
build(deps-dev): bump banks from 2.4.1 to 2.4.2 in /clients/client-python
(#11383)
Bumps [banks](https://github.com/masci/banks) from 2.4.1 to 2.4.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/masci/banks/releases";>banks's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.2</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: prevent SSTI by switching to SandboxedEnvironment by <a
href="https://github.com/masci";><code>@​masci</code></a> in <a
href="https://redirect.github.com/masci/banks/pull/74";>masci/banks#74</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/masci/banks/compare/v2.4.1...v2.4.2";>https://github.com/masci/banks/compare/v2.4.1...v2.4.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/masci/banks/commit/3c9d09ddccf20dc020853c9a68306d373a31bbab";><code>3c9d09d</code></a>
chore: set <strong>version</strong> to 2.4.2 [skip ci]</li>
<li><a
href="https://github.com/masci/banks/commit/dbf7cef7491ce88d237d689eccf443fab80166e6";><code>dbf7cef</code></a>
fix: prevent SSTI by switching to SandboxedEnvironment (<a
href="https://redirect.github.com/masci/banks/issues/74";>#74</a>)</li>
<li>See full diff in <a
href="https://github.com/masci/banks/compare/v2.4.1...v2.4.2";>compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jerry Shao <[email protected]>
---
clients/client-python/requirements-dev.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/clients/client-python/requirements-dev.txt
b/clients/client-python/requirements-dev.txt
index a7da61858a..09eb1537c8 100644
--- a/clients/client-python/requirements-dev.txt
+++ b/clients/client-python/requirements-dev.txt
@@ -32,7 +32,7 @@ pyjwt[crypto]==2.11.0
jwcrypto==1.5.6
sphinx==7.1.2
furo==2024.8.6
-banks==2.4.1
+banks==2.4.2
# Lance integration deps. Pinned so the default integration test runs against
# a single, known-good (server-side `lance-namespace-core` 0.7.5+) combination.
