chore(deps): update pytest-cov requirement from ~=7.0.0 to >=7.0,<7.2 by dependabot[bot] · Pull Request #35 · traceloop/opentelemetry-mcp-server

dependabot · 2026-03-23T06:21:57Z

Updates the requirements on pytest-cov to permit the latest version.

Changelog

7.1.0 (2026-03-21)

Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.

Improve handling of ResourceWarning from sqlite3.

The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.

With this fix one can suppress ResourceWarning from sqlite3 from command line::

pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

Various improvements to documentation. Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and "vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>. Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.

Fixed some assertions in tests. Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.

Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

7.0.0 (2025-09-09)

Dropped support for subprocesses measurement.

It was a feature added long time ago when coverage lacked a nice way to measure subprocesses created in tests. It relied on a .pth file, there was no way to opt-out and it created bad interations with coverage's new patch system <https://coverage.readthedocs.io/en/latest/config.html#run-patch>_ added in 7.10 <https://coverage.readthedocs.io/en/7.10.6/changes.html#version-7-10-0-2025-07-24>_.

To migrate to this release you might need to enable the suprocess patch, example for .coveragerc:

.. code-block:: ini

[run] patch = subprocess

This release also requires at least coverage 7.10.6.

Switched packaging to have metadata completely in pyproject.toml and use hatchling <https://pypi.org/project/hatchling/>_ for building. Contributed by Ofek Lev in [#551](https://github.com/pytest-dev/pytest-cov/issues/551) <https://github.com/pytest-dev/pytest-cov/pull/551>_ with some extras in [#716](https://github.com/pytest-dev/pytest-cov/issues/716) <https://github.com/pytest-dev/pytest-cov/pull/716>_.

Removed some not really necessary testing deps like six.

... (truncated)

Commits

66c8a52 Bump version: 7.0.0 → 7.1.0
f707662 Make the examples use pypy 3.11.
6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
8ebf20b Update changelog.
861d30e Remove the backup context manager - shouldn't be needed since coverage 5.0, ...
fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
78c9c4e Only run the 3.9 on older deps.
4849a92 Punctuation.
197c35e Update changelog and hopefully I don't forget to publish release again :))
14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
Additional commits viewable in compare view

dependabot · 2026-03-23T06:21:58Z

Labels

The following labels could not be found: dependencies, python. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

CLAassistant · 2026-03-23T06:22:05Z

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

github-actions · 2026-03-23T06:23:25Z

Container Security Scan (opentelemetry-mcp-server-amd64)

Click to expand results


For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your project that you believe are not actually exploitable, consider issuing a VEX (Vulnerability Exploitability eXchange) statement.
VEX allows you to communicate the actual status of vulnerabilities in your project, improving security transparency and reducing false positives for your users.
Learn more and start using VEX: https://trivy.dev/docs/v0.69/guide/supply-chain/vex/repo#publishing-vex-documents

To disable this notice, set the TRIVY_DISABLE_VEX_NOTICE environment variable.


opentelemetry-mcp-server:81eee4415de116278a62e927e62f975e12e75fc2-amd64 (debian 13.4)
=====================================================================================
Total: 6 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 6, CRITICAL: 0)

┌──────────────┬────────────────┬──────────┬──────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐
│   Library    │ Vulnerability  │ Severity │  Status  │ Installed Version │ Fixed Version │                            Title                            │
├──────────────┼────────────────┼──────────┼──────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libncursesw6 │ CVE-2025-69720 │ HIGH     │ affected │ 6.5+20250216-2    │               │ ncurses: ncurses: Buffer overflow vulnerability may lead to │
│              │                │          │          │                   │               │ arbitrary code execution.                                   │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-69720                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libsystemd0  │ CVE-2026-29111 │          │          │ 257.9-1~deb13u1   │               │ systemd: systemd: Arbitrary code execution or Denial of     │
│              │                │          │          │                   │               │ Service via spurious IPC...                                 │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2026-29111                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libtinfo6    │ CVE-2025-69720 │          │          │ 6.5+20250216-2    │               │ ncurses: ncurses: Buffer overflow vulnerability may lead to │
│              │                │          │          │                   │               │ arbitrary code execution.                                   │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-69720                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libudev1     │ CVE-2026-29111 │          │          │ 257.9-1~deb13u1   │               │ systemd: systemd: Arbitrary code execution or Denial of     │
│              │                │          │          │                   │               │ Service via spurious IPC...                                 │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2026-29111                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ ncurses-base │ CVE-2025-69720 │          │          │ 6.5+20250216-2    │               │ ncurses: ncurses: Buffer overflow vulnerability may lead to │
│              │                │          │          │                   │               │ arbitrary code execution.                                   │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-69720                  │
├──────────────┤                │          │          │                   ├───────────────┤                                                             │
│ ncurses-bin  │                │          │          │                   │               │                                                             │
│              │                │          │          │                   │               │                                                             │
│              │                │          │          │                   │               │                                                             │
└──────────────┴────────────────┴──────────┴──────────┴───────────────────┴───────────────┴─────────────────────────────────────────────────────────────┘

github-actions · 2026-03-23T06:24:27Z

Container Security Scan (opentelemetry-mcp-server-arm64)

Click to expand results


For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your project that you believe are not actually exploitable, consider issuing a VEX (Vulnerability Exploitability eXchange) statement.
VEX allows you to communicate the actual status of vulnerabilities in your project, improving security transparency and reducing false positives for your users.
Learn more and start using VEX: https://trivy.dev/docs/v0.69/guide/supply-chain/vex/repo#publishing-vex-documents

To disable this notice, set the TRIVY_DISABLE_VEX_NOTICE environment variable.


opentelemetry-mcp-server:81eee4415de116278a62e927e62f975e12e75fc2-arm64 (debian 13.4)
=====================================================================================
Total: 6 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 6, CRITICAL: 0)

┌──────────────┬────────────────┬──────────┬──────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐
│   Library    │ Vulnerability  │ Severity │  Status  │ Installed Version │ Fixed Version │                            Title                            │
├──────────────┼────────────────┼──────────┼──────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libncursesw6 │ CVE-2025-69720 │ HIGH     │ affected │ 6.5+20250216-2    │               │ ncurses: ncurses: Buffer overflow vulnerability may lead to │
│              │                │          │          │                   │               │ arbitrary code execution.                                   │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-69720                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libsystemd0  │ CVE-2026-29111 │          │          │ 257.9-1~deb13u1   │               │ systemd: systemd: Arbitrary code execution or Denial of     │
│              │                │          │          │                   │               │ Service via spurious IPC...                                 │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2026-29111                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libtinfo6    │ CVE-2025-69720 │          │          │ 6.5+20250216-2    │               │ ncurses: ncurses: Buffer overflow vulnerability may lead to │
│              │                │          │          │                   │               │ arbitrary code execution.                                   │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-69720                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libudev1     │ CVE-2026-29111 │          │          │ 257.9-1~deb13u1   │               │ systemd: systemd: Arbitrary code execution or Denial of     │
│              │                │          │          │                   │               │ Service via spurious IPC...                                 │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2026-29111                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ ncurses-base │ CVE-2025-69720 │          │          │ 6.5+20250216-2    │               │ ncurses: ncurses: Buffer overflow vulnerability may lead to │
│              │                │          │          │                   │               │ arbitrary code execution.                                   │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-69720                  │
├──────────────┤                │          │          │                   ├───────────────┤                                                             │
│ ncurses-bin  │                │          │          │                   │               │                                                             │
│              │                │          │          │                   │               │                                                             │
│              │                │          │          │                   │               │                                                             │
└──────────────┴────────────────┴──────────┴──────────┴───────────────────┴───────────────┴─────────────────────────────────────────────────────────────┘

Updates the requirements on [pytest-cov](https://github.com/pytest-dev/pytest-cov) to permit the latest version. - [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst) - [Commits](pytest-dev/pytest-cov@v7.0.0...v7.1.0) --- updated-dependencies: - dependency-name: pytest-cov dependency-version: 7.1.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot force-pushed the dependabot/pip/pytest-cov-gte-7.0-and-lt-7.2 branch from df2b164 to ce8b0c5 Compare April 6, 2026 17:45

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update pytest-cov requirement from ~=7.0.0 to >=7.0,<7.2#35

chore(deps): update pytest-cov requirement from ~=7.0.0 to >=7.0,<7.2#35
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/pytest-cov-gte-7.0-and-lt-7.2

dependabot bot commented on behalf of github Mar 23, 2026 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Mar 23, 2026

Uh oh!

CLAassistant commented Mar 23, 2026

Uh oh!

github-actions bot commented Mar 23, 2026 •

edited

Loading

Uh oh!

github-actions bot commented Mar 23, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Mar 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

7.1.0 (2026-03-21)

7.0.0 (2025-09-09)

Uh oh!

dependabot bot commented on behalf of github Mar 23, 2026

Labels

Uh oh!

CLAassistant commented Mar 23, 2026

Uh oh!

github-actions bot commented Mar 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Container Security Scan (opentelemetry-mcp-server-amd64)

Uh oh!

github-actions bot commented Mar 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Container Security Scan (opentelemetry-mcp-server-arm64)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Mar 23, 2026 •

edited

Loading

github-actions bot commented Mar 23, 2026 •

edited

Loading

github-actions bot commented Mar 23, 2026 •

edited

Loading