Skip to content

Bump web3 from 7.10.0 to 7.15.0 in /dincli in the pip group across 1 directory#3

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/dincli/pip-c2cf705eb5
Closed

Bump web3 from 7.10.0 to 7.15.0 in /dincli in the pip group across 1 directory#3
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/dincli/pip-c2cf705eb5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 12, 2026

Copy link
Copy Markdown

Bumps the pip group with 1 update in the /dincli directory: web3.

Updates web3 from 7.10.0 to 7.15.0

Changelog

Sourced from web3's changelog.

web3.py v7.15.0 (2026-04-02)

Features


- Added configurations for CCIP-Read, defaulting to a more secure configuration based on the EIP recommendations. (`[#3818](https://github.com/ethereum/web3.py/issues/3818) <https://github.com/ethereum/web3.py/issues/3818>`__)

web3.py v7.14.1 (2026-02-03)

Bugfixes

  • Wrap timeout in ClientTimeout for AsyncBeacon post request ([#3784](https://github.com/ethereum/web3.py/issues/3784) <https://github.com/ethereum/web3.py/issues/3784>__)
  • Fix HTTPProvider to share an explicitly provided session across all threads, rather than only the creating thread. ([#3800](https://github.com/ethereum/web3.py/issues/3800) <https://github.com/ethereum/web3.py/issues/3800>__)
  • Fix TypedDict field names to use camelCase (validatorIndex, yParity) matching JSON-RPC conventions and formatter outputs. ([#3801](https://github.com/ethereum/web3.py/issues/3801) <https://github.com/ethereum/web3.py/issues/3801>__)
  • Exclude type checking in Sphinx module and submodules ([#3803](https://github.com/ethereum/web3.py/issues/3803) <https://github.com/ethereum/web3.py/issues/3803>__)

Improved Documentation


- Added documentation for formatters explaining how they work, what the default formatters do, and how to customize them. (`[#2994](https://github.com/ethereum/web3.py/issues/2994) <https://github.com/ethereum/web3.py/issues/2994>`__)

Internal Changes - for web3.py Contributors

  • Upgrade geth version in CI ([#3787](https://github.com/ethereum/web3.py/issues/3787) <https://github.com/ethereum/web3.py/issues/3787>__)

web3.py v7.14.0 (2025-10-16)

Bugfixes


- Fix tests flakiness due to slow data generation from hypothesis triggering a timeout. (`[#3730](https://github.com/ethereum/web3.py/issues/3730) <https://github.com/ethereum/web3.py/issues/3730>`__)
- Fix ``topics`` type for ``LogsSubscription`` to reflect AND / OR nested list conditions on log filters. (`[#3748](https://github.com/ethereum/web3.py/issues/3748) <https://github.com/ethereum/web3.py/issues/3748>`__)
- Make `AsyncWeb3` with respect to the provider it is instantiated with, fixing static type issues. (`[#3761](https://github.com/ethereum/web3.py/issues/3761) <https://github.com/ethereum/web3.py/issues/3761>`__)

Improved Documentation

  • Update a few broken links ([#3746](https://github.com/ethereum/web3.py/issues/3746) <https://github.com/ethereum/web3.py/issues/3746>__)
  • Fix indentation in the code block in "An introduction to subscriptions" ([#3752](https://github.com/ethereum/web3.py/issues/3752) <https://github.com/ethereum/web3.py/issues/3752>__)

... (truncated)

Commits
  • cf051a7 Bump version: 7.14.1 → 7.15.0
  • 10fe633 Compile release notes for v7.15.0
  • b45343d fix: linting related to backporting from main (py38 and py39)
  • fe17ccb update newsfragment for v7 PR
  • d2e5294 doc: add documentation for CCIP-Read updates
  • d62e67d feat: added restrictions on CCIP read durin calls
  • ea5e072 Bump version: 7.14.0 → 7.14.1
  • 8396964 Compile release notes for v7.14.1
  • 1864c89 minor nit for release notes
  • 555aec6 backport commits from main to v7 (#3809)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the pip group with 1 update in the /dincli directory: [web3](https://github.com/ethereum/web3.py).


Updates `web3` from 7.10.0 to 7.15.0
- [Changelog](https://github.com/ethereum/web3.py/blob/main/docs/release_notes.rst)
- [Commits](ApeWorX/web3.py@v7.10.0...v7.15.0)

---
updated-dependencies:
- dependency-name: web3
  dependency-version: 7.15.0
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Apr 12, 2026
@dependabot @github

dependabot Bot commented on behalf of github Apr 13, 2026

Copy link
Copy Markdown
Author

Superseded by #9.

@dependabot dependabot Bot closed this Apr 13, 2026
@dependabot dependabot Bot deleted the dependabot/pip/dincli/pip-c2cf705eb5 branch April 13, 2026 22:54
Santiagocetran added a commit to Santiagocetran/DevNet that referenced this pull request Jul 8, 2026
…teZeroFoundation#2, InfiniteZeroFoundation#3, InfiniteZeroFoundation#5 in connect-wallet

Bugs InfiniteZeroFoundation#2/InfiniteZeroFoundation#3 both touch connect_wallet and InfiniteZeroFoundation#3/InfiniteZeroFoundation#5 share the _get_password
signature + a new _UNSET sentinel, so they land together as one coherent,
cherry-pickable unit rather than incoherent split commits.

InfiniteZeroFoundation#2 — overwrite guard: connect-wallet now confirms before overwriting an
  existing named keystore, with --yes/-y to bypass (mirrors send-eth).
  `yes` is normalized to a real bool so direct callers that omit it (which
  receive a truthy OptionInfo) don't silently skip the guard. Keystore
  non-secret validation (exists/parse/_extract_keystore) is hoisted above
  the guard; the passphrase getpass + decrypt stay after it, so no secret is
  requested before the overwrite decision and a doomed --keystore fails fast
  without prompting. Guard keys on the exact target file; a legacy wallet.json
  for 'default' is a non-destructive migration and intentionally not guarded.
  Docstring corrected: demo mode is config-driven, not tied to --yes.

InfiniteZeroFoundation#3 — new-wallet password: _get_password gains is_new_wallet; when creating
  or overwriting a wallet the in-memory cache is skipped so a fresh keystore
  is never silently encrypted with a stale cached password. DIN_WALLET_PASSWORD
  env is still honored (deliberate automation path); only the cache is ignored.

InfiniteZeroFoundation#5 — single .env parse per unlock: load_account fetches DIN_WALLET_PASSWORD
  once and threads it into _get_password/_cache_password_in_memory via an
  _UNSET sentinel, instead of each self-parsing .env (get_env_key is not
  memoized). Callers that omit env_pass self-fetch as before.

Adds 7 tests: overwrite guard (omitted-yes/decline/accept/--yes/doomed-input),
stale-cache-not-reused on create, and single-env-parse on unlock.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants