Skip to content

Bump snowflake-connector-python from 4.6.0 to 4.7.0#1406

Closed
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/pip/develop/snowflake-connector-python-4.7.0
Closed

Bump snowflake-connector-python from 4.6.0 to 4.7.0#1406
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/pip/develop/snowflake-connector-python-4.7.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor

Bumps snowflake-connector-python from 4.6.0 to 4.7.0.

Release notes

Sourced from snowflake-connector-python's releases.

4.7.0

  • v4.7.0(Jul 2,2026)
    • Fixed python-connector.log not rotating on Windows, and every record being logged twice, when easy logging is enabled via config.toml (SNOW-3680325).
      • Note: As part of this fix, easy logging no longer calls logging.basicConfig() and therefore no longer configures the root logger. python-connector.log now captures only the snowflake.connector, botocore, and boto3.
    • Improved URL validation reliability by replacing the hand-rolled regex in is_valid_url() with urllib.parse.urlparse (SNOW-3392651).
    • Fixed OAuth infinite loop when tokens expire by ensuring reauthenticate() calls _request_tokens() directly instead of looping through prepare(). Token cache is now read exactly once per connection, and _store_tokens() preserves macOS Keychain ACL by never calling remove(). The async OAuth reauthenticate() now runs the synchronous OAuth flow on a worker thread instead of blocking the event loop.
    • Fixed OAuth scope handling for Snowflake custom OAuth: when refresh tokens are enabled, the connector no longer appends the OIDC offline_access scope for token endpoints on *.snowflakecomputing.com or *.snowflakecomputing.cn, which caused invalid_scope errors. Snowflake custom OAuth expects refresh_token in scope instead. External IdP behavior is unchanged.
    • Fixed input validation for scale metadata in Arrow result set processing for TIME, TIMESTAMP_NTZ, TIMESTAMP_LTZ, and TIMESTAMP_TZ columns (SNOW-3388299).
    • Removed pandas upper bound dependency constraint on the [pandas] extra to allow installation of pandas 3.0.0 and later.
    • Fixed S3 storage client to correctly handle 307/308 (method-preserving) and 301/302 (GET/HEAD only) redirects by disabling automatic redirect following and re-signing each request with AWS SigV4 credentials for the redirect target. The region is updated from the x-amz-bucket-region response header on each redirect. Redirects are capped at 5 hops.
    • Added native AKS (Azure Kubernetes Service) workload identity support. When running on AKS with workload identity configured, the connector automatically uses WorkloadIdentityCredential to authenticate via the injected service account credentials. OIDC backward compatibility is also supported.
    • Added the workload_identity_aws_use_outbound_token connection option (default false) to opt into AWS WIF JWT attestation via STS GetWebIdentityToken instead of the default SigV4 GetCallerIdentity method.
    • Fixed a bug where a fully-qualified DDL statement (e.g. CREATE VIEW db.schema.obj) on a session with no current schema would populate the connector's cached _schema/_database from the referenced object's namespace. This made get_current_schema() diverge from the server's CURRENT_SCHEMA() and mis-qualified Snowpark temp objects (SNOW-3665226).
Commits
  • 9766894 Update 4.7.0 release date to Jul 2, 2026 (#2921)
  • 23a40af SNOW-3665226: fix FQN DDL cache test to assert unchanged instead of None (#2920)
  • 0d6bc48 SNOW-3665226: prevent fully-qualified DDL from polluting schema/database cach...
  • 449a6b3 Bump up version to 4.7.0 (#2919)
  • 3ed16e3 SNOW-3680325: fix python-connector.log rotation on Windows (#2912)
  • 73ba34f SNOW-3650888: Upgrade python prober images (#2916)
  • d8edbf6 SNOW-3677751 Add connection option to WIF outbound token (#2917)
  • ebdf0df NO-SNOW: skip CLA Assistant on internal "-private" repos (#2915)
  • 3a1831c SNOW-3675580: make WIF CI source-fetch repo-agnostic; drop flaky RT T… (#2914)
  • fbe18d0 NO-SNOW: stabilize unit tests in CI envs (azure-identity dev extra + cpu_coun...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [snowflake-connector-python](https://github.com/snowflakedb/snowflake-connector-python) from 4.6.0 to 4.7.0.
- [Release notes](https://github.com/snowflakedb/snowflake-connector-python/releases)
- [Commits](snowflakedb/snowflake-connector-python@v4.6.0...v4.7.0)

---
updated-dependencies:
- dependency-name: snowflake-connector-python
  dependency-version: 4.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jul 3, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 9, 2026

Copy link
Copy Markdown
Contributor Author

Looks like snowflake-connector-python is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 9, 2026
@dependabot
dependabot Bot deleted the dependabot/pip/develop/snowflake-connector-python-4.7.0 branch July 9, 2026 01:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants