chore: upgrade Python dependencies and GitHub Actions to latest versions

Aryamanz29 · claude · Aryamanz29 · commit 9c479a6e053f · 2026-03-06T14:50:49.000+05:30
Python dependencies (pyproject.toml + uv.lock):
- pydantic: 2.12.4 -&gt; 2.12.5
- pytz: 2025.2 -&gt; 2026.1.post1
- httpx-retries: 0.4.5 -&gt; 0.4.6
- mypy: 1.18.0 -&gt; 1.19.0
- ruff: 0.14.5 -&gt; 0.15.5
- types-setuptools: 80.9.0 -&gt; 81.0.0.20260209
- types-Authlib: 1.6.5 -&gt; 1.6.7.20260208
- filelock: 3.20.3 -&gt; 3.25.0 (Python &gt;=3.10)
- virtualenv: 20.36.1 -&gt; 21.1.0
- pytest-sugar: 1.0.0 -&gt; 1.1.1
- furo: 2025.9.25 -&gt; 2025.12.19
Skipped (Python 3.9 constraint): pytest 9.x, vcrpy 8.x, sphinx 8.x,
tenacity 9.1.4, pre-commit 4.4+, pytest-asyncio 1.3, networkx 3.3+

GitHub Actions:
- astral-sh/setup-uv: v6 -&gt; v7
- aquasecurity/trivy-action: 0.33.1 -&gt; 0.34.2
- docker/build-push-action: v6 -&gt; v7
- docker/login-action: v3 -&gt; v4
- docker/setup-buildx-action: v3 -&gt; v4
- ruff pre-commit rev: v0.12.8 -&gt; v0.15.5

Co-Authored-By: Claude Sonnet 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/.github/workflows/pyatlan-chainguard.yaml b/.github/workflows/pyatlan-chainguard.yaml
@@ -48,24 +48,24 @@ jobs:
           fetch-depth: 0  # Need full history for commit hash
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v4
 
       - name: Log in to GitHub Container Registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Log in to Atlan Harbor Registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           registry: registry.atlan.com
           username: ${{ secrets.HARBOR_USERNAME }}
           password: ${{ secrets.HARBOR_PASSWORD }}
 
       - name: Log in to Chainguard Container Registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           registry: cgr.dev
           username: ${{ secrets.CHAINGUARD_USERNAME }}
@@ -172,7 +172,7 @@ jobs:
           echo "Generated image tag: ghcr.io/atlanhq/pyatlan-chainguard-base:$IMAGE_TAG"
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@v7
         with:
           context: .
           file: ./Dockerfile
diff --git a/.github/workflows/pyatlan-docs.yaml b/.github/workflows/pyatlan-docs.yaml
@@ -21,7 +21,7 @@ jobs:
           python-version: "3.12"
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@v7
 
       - name: Install dependencies
         run: uv sync --group docs
diff --git a/.github/workflows/pyatlan-pr.yaml b/.github/workflows/pyatlan-pr.yaml
@@ -67,7 +67,7 @@ jobs:
           python-version: ${{ matrix.python-version }}
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@v7
 
       - uses: pypa/gh-action-pip-audit@v1.1.0
         with:
@@ -161,7 +161,7 @@ jobs:
           python-version: ${{ matrix.python-version }}
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@v7
 
       - name: Install dependencies
         run: uv sync --group dev
@@ -223,7 +223,7 @@ jobs:
           python-version: "3.9"
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@v7
 
       - name: Install dependencies
         run: uv sync --group dev
@@ -265,7 +265,7 @@ jobs:
           python-version: "3.9"
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@v7
 
       - name: Install dependencies
         run: uv sync --group dev
@@ -304,7 +304,7 @@ jobs:
           python-version: ${{ matrix.python-version }}
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@v7
 
       - name: Install dependencies
         run: uv sync --group dev
@@ -381,7 +381,7 @@ jobs:
           python-version: "3.11"
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@v7
 
       - name: Install dependencies
         run: uv sync --group dev
@@ -417,7 +417,7 @@ jobs:
           python-version: "3.11"
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@v7
 
       - name: Install dependencies
         run: uv sync --group dev
diff --git a/.github/workflows/pyatlan-publish.yaml b/.github/workflows/pyatlan-publish.yaml
@@ -28,7 +28,7 @@ jobs:
         with:
           python-version: '3.9'
       - name: Install uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@v7
       - name: Install dependencies
         run: uv sync --group dev
       - name: check tag
diff --git a/.github/workflows/pyatlan-scheduled-scan.yml b/.github/workflows/pyatlan-scheduled-scan.yml
@@ -20,17 +20,17 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v4
 
       - name: Log in to container registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           registry: cgr.dev
           username: ${{ secrets.CHAINGUARD_USERNAME }}
           password: ${{ secrets.CHAINGUARD_PASSWORD }}
 
       - name: Build image
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@v7
         with:
           context: '.'
           file: './Dockerfile'
@@ -41,7 +41,7 @@ jobs:
       # ── Image scan ──
 
       - name: Trivy image scan (JSON)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           image-ref: 'pyatlan:trivy-scan'
           scanners: 'vuln'
@@ -56,7 +56,7 @@ jobs:
           TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db:1
 
       - name: Trivy image scan (table)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           image-ref: 'pyatlan:trivy-scan'
           scanners: 'vuln'
@@ -73,7 +73,7 @@ jobs:
       # ── Dependency scan ──
 
       - name: Trivy dependency scan (JSON)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           scan-type: fs
           input: 'uv.lock'
@@ -88,7 +88,7 @@ jobs:
           TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
 
       - name: Trivy dependency scan (table)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           scan-type: fs
           input: 'uv.lock'
diff --git a/.github/workflows/pyatlan-test-cron.yaml b/.github/workflows/pyatlan-test-cron.yaml
@@ -21,7 +21,7 @@ jobs:
           python-version: ${{ matrix.python-version }}
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@v7
 
       - name: Install dependencies
         run: uv sync --group dev
diff --git a/.github/workflows/scheduled-trivy-scan.yml b/.github/workflows/scheduled-trivy-scan.yml
@@ -20,17 +20,17 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v4
 
       - name: Log in to container registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           registry: cgr.dev
           username: ${{ secrets.CHAINGUARD_USERNAME }}
           password: ${{ secrets.CHAINGUARD_PASSWORD }}
 
       - name: Build image
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@v7
         with:
           context: '.'
           file: './Dockerfile'
@@ -41,7 +41,7 @@ jobs:
       # ── Image scan ──
 
       - name: Trivy image scan (JSON)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           image-ref: 'pyatlan:trivy-scan'
           scanners: 'vuln'
@@ -56,7 +56,7 @@ jobs:
           TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db:1
 
       - name: Trivy image scan (table)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           image-ref: 'pyatlan:trivy-scan'
           scanners: 'vuln'
@@ -73,7 +73,7 @@ jobs:
       # ── Dependency scan ──
 
       - name: Trivy dependency scan (JSON)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           scan-type: fs
           input: 'uv.lock'
@@ -88,7 +88,7 @@ jobs:
           TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
 
       - name: Trivy dependency scan (table)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           scan-type: fs
           input: 'uv.lock'
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -22,17 +22,17 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v4
 
       - name: Log in to Chainguard Container Registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           registry: cgr.dev
           username: ${{ secrets.CHAINGUARD_USERNAME }}
           password: ${{ secrets.CHAINGUARD_PASSWORD }}
 
       - name: Build image
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@v7
         with:
           context: .
           file: ./Dockerfile
@@ -41,7 +41,7 @@ jobs:
           tags: pyatlan-trivy:latest
 
       - name: Trivy image scan (table)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           image-ref: pyatlan-trivy:latest
           scanners: 'vuln'
@@ -67,7 +67,7 @@ jobs:
           fi
 
       - name: Trivy image scan (SARIF)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           image-ref: pyatlan-trivy:latest
           scanners: 'vuln'
@@ -82,7 +82,7 @@ jobs:
           TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db:1
 
       - name: Trivy dependency scan (uv.lock, table)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           scan-type: fs
           scan-ref: uv.lock
@@ -108,7 +108,7 @@ jobs:
           fi
 
       - name: Trivy dependency scan (uv.lock, SARIF)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           scan-type: fs
           scan-ref: uv.lock
@@ -163,7 +163,7 @@ jobs:
           } >> "$GITHUB_STEP_SUMMARY"
 
       - name: Fail on High/Critical vulnerabilities (image)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           image-ref: pyatlan-trivy:latest
           scanners: 'vuln'
@@ -177,7 +177,7 @@ jobs:
           TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db:1
 
       - name: Fail on High/Critical vulnerabilities (uv.lock)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           scan-type: fs
           scan-ref: uv.lock
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -11,7 +11,7 @@ repos:
 
   # Use uv to run formatting and QA tools
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.12.8
+    rev: v0.15.5
     hooks:
       - id: ruff
       - id: ruff
diff --git a/pyatlan/client/atlan.py b/pyatlan/client/atlan.py
@@ -601,9 +601,11 @@ def _call_api_internal(
                         _stream_lines=response_data[
                             "lines"
                         ],  # Store lines for event processing
-                        json=lambda: json.loads(response_data["text"])
-                        if response_data["text"]
-                        else {},
+                        json=lambda: (
+                            json.loads(response_data["text"])
+                            if response_data["text"]
+                            else {}
+                        ),
                     )
             else:
                 response = self._session.request(
diff --git a/pyatlan/model/assets/relations/custom_related_from_entities_custom_related_to_entities.py b/pyatlan/model/assets/relations/custom_related_from_entities_custom_related_to_entities.py
@@ -17,7 +17,9 @@ class CustomRelatedFromEntitiesCustomRelatedToEntities(RelationshipAttributes):
         description="Inter-relationship between two custom assets.",
     )
     attributes: CustomRelatedFromEntitiesCustomRelatedToEntities.Attributes = Field(  # type: ignore[name-defined]
-        default_factory=lambda: CustomRelatedFromEntitiesCustomRelatedToEntities.Attributes(),
+        default_factory=lambda: (
+            CustomRelatedFromEntitiesCustomRelatedToEntities.Attributes()
+        ),
         description="Map of attributes in the instance and their values",
     )
 
diff --git a/pyatlan_v9/client/atlan.py b/pyatlan_v9/client/atlan.py
@@ -484,9 +484,11 @@ def _call_api_internal(
                         text=response_data["text"],
                         content=response_data["content"],
                         _stream_lines=response_data["lines"],
-                        json=lambda: json.loads(response_data["text"])
-                        if response_data["text"]
-                        else {},
+                        json=lambda: (
+                            json.loads(response_data["text"])
+                            if response_data["text"]
+                            else {}
+                        ),
                     )
             else:
                 response = self._session.request(
diff --git a/pyproject.toml b/pyproject.toml
diff --git a/requirements.txt b/requirements.txt
diff --git a/uv.lock b/uv.lock
