Skip to content

chore(deps): bump opensearch-py from 3.1.0 to 3.2.0 in /src/backend in the backend-dependencies group#6

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/src/backend/backend-dependencies-a7442762b9
Closed

chore(deps): bump opensearch-py from 3.1.0 to 3.2.0 in /src/backend in the backend-dependencies group#6
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/src/backend/backend-dependencies-a7442762b9

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026
edited
Loading

Bumps the backend-dependencies group in /src/backend with 1 update: opensearch-py.

Updates opensearch-py from 3.1.0 to 3.2.0

Release notes

Sourced from opensearch-py's releases.

v3.2.0

What's Changed

New Contributors

Full Changelog: opensearch-project/opensearch-py@v3.1.0...v3.2.0

Changelog

Sourced from opensearch-py's changelog.

[3.2.0]

Added

  • Add dependency on opensearch-protobufs to provide client libraries for gRPC transport (#977)
  • Add ML Commons plugin documentation (#992)

Updated APIs

Changed

Deprecated

Removed

Fixed

  • Fixed AWSV4Signer.sign() not passing custom headers to AWSRequest, causing x-amz-* headers to be excluded from SigV4 signature (#1034)
  • Fixed AWSV4Signer.sign() not setting X-Amz-Content-SHA256 before SigV4Auth.add_auth(), causing the header to be absent from SignedHeaders in the Authorization header. The fix uses a guarded assignment that preserves caller-provided values (e.g., UNSIGNED-PAYLOAD, precomputed hashes) (#1038, #1039)
  • Fixed the linkchecker CI step (#987)

Security

Dependencies

  • Bump pytest-asyncio from <=1.2.0 to <=1.3.0 (#984)
  • Bump actions/checkout from 5 to 6 (#986)
  • Bump codecov/codecov-action from 4 to 5 (#985)
  • Bump actions/upload-artifact from 5 to 6 (#989)
  • Bump actions/download-artifact from 6 to 7 (#988)
  • Bump peter-evans/create-pull-request from 7 to 8 (#990)
  • Bump opensearch-protobufs from 0.19.0 to 1.2.0 (#1000)
Commits
  • 8991792 fix(signer): Include X-Amz-Content-SHA256 in SignedHeaders (#1038) (#1039)
  • d8a8c57 Fix AWSV4Signer.sign() not passing headers to AWSRequest (#1035)
  • 6551595 Bump opensearch protobufs - 1.2.0. (#1000)
  • 94ae310 Fix CI failures due to API spec updates (#1007)
  • 1ce5b46 fix(docs): use keyword arguments in security API examples (#1004)
  • 9b6d240 Bump peter-evans/create-pull-request from 7 to 8 (#990)
  • 02c5dcc Bump actions/download-artifact from 6 to 7 (#988)
  • fa8a862 Bump actions/upload-artifact from 5 to 6 (#989)
  • f5ef694 Updated opensearch-py to reflect the latest OpenSearch API spec (2026-01-22) ...
  • 10ab792 ci: fix mypy type ignore for untyped decorator in tests (#993)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump opensearch-py
aab074b 
Bumps the backend-dependencies group in /src/backend with 1 update: [opensearch-py](https://github.com/opensearch-project/opensearch-py).


Updates `opensearch-py` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/opensearch-project/opensearch-py/releases)
- [Changelog](https://github.com/opensearch-project/opensearch-py/blob/main/CHANGELOG.md)
- [Commits](opensearch-project/opensearch-py@v3.1.0...v3.2.0)

---
updated-dependencies:
- dependency-name: opensearch-py
  dependency-version: 3.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 4, 2026

Looks like opensearch-py is updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 4, 2026
@dependabot dependabot Bot deleted the dependabot/pip/src/backend/backend-dependencies-a7442762b9 branch May 4, 2026 17:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

backend dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants