Skip to content

Bump marshmallow from 3.26.2 to 4.2.2#5661

Merged
marco-c merged 3 commits intomasterfrom
dependabot/pip/marshmallow-4.2.2
Mar 31, 2026
Merged

Bump marshmallow from 3.26.2 to 4.2.2#5661
marco-c merged 3 commits intomasterfrom
dependabot/pip/marshmallow-4.2.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Feb 9, 2026
edited by Copilot AI
Loading

  • Identify breaking changes in marshmallow 4.x that cause ImportError in tests
  • Fix fields.Str()fields.String() (explicit, consistent)
  • Fix default=dump_default= for UnauthorizedError.message (removed in marshmallow 4.0)
  • Fix keyword metadata args → metadata={...} for enum= and example= kwargs (removed in marshmallow 4.0)
  • Fix fields.List(fields.Str) (class ref) → fields.List(fields.String()) (instance), which now errors at class declaration time in 4.0
  • Verified all schema definitions work correctly with marshmallow 4.2.2
  • CodeQL scan: 0 alerts

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 9, 2026
@dependabot dependabot bot mentioned this pull request Feb 9, 2026
Closed
@dependabot dependabot bot force-pushed the dependabot/pip/marshmallow-4.2.2 branch 3 times, most recently from c1cbe1c to eec05a3 Compare February 16, 2026 19:21
@dependabot
Bump marshmallow from 3.26.2 to 4.2.2
073318d 
Bumps [marshmallow](https://github.com/marshmallow-code/marshmallow) from 3.26.2 to 4.2.2.
- [Changelog](https://github.com/marshmallow-code/marshmallow/blob/dev/CHANGELOG.rst)
- [Commits](marshmallow-code/marshmallow@3.26.2...4.2.2)

---
updated-dependencies:
- dependency-name: marshmallow
  dependency-version: 4.2.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/marshmallow-4.2.2 branch from eec05a3 to 073318d Compare February 16, 2026 23:07
@suhaibmujahid
Copy link
Copy Markdown
Member

suhaibmujahid commented Mar 31, 2026

@copilot updating the dependency caused the following test error:

+ pytest --cov=http_service http_service/tests/ -vvv
2026-02-16 23:18:46,514:INFO:matplotlib.font_manager:generated new fontManager
ImportError while loading conftest '/bugbug/http_service/tests/conftest.py'.
http_service/tests/conftest.py:30: in <module>
    from bugbug_http import app
http_service/bugbug_http/app.py:110: in <module>
    class NotAvailableYet(Schema):
http_service/bugbug_http/app.py:111: in NotAvailableYet
    ready = fields.Boolean(enum=[False])
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/usr/local/lib/python3.12/site-packages/marshmallow/fields.py:1173: in __init__
    super().__init__(**kwargs)
E   TypeError: Field.__init__() got an unexpected keyword argument 'enum'

Please fix the root cause.

@suhaibmujahid
Fix marshmallow 4.x compatibility in app.py schema definitions
c52be13 
Agent-Logs-Url: https://github.com/mozilla/bugbug/sessions/d702cb56-39ae-4803-b4f5-c2e5734cd789

Co-authored-by: suhaibmujahid <4151357+suhaibmujahid@users.noreply.github.com>
Copy link
Copy Markdown
Contributor

Copilot AI commented Mar 31, 2026
edited
Loading

@copilot updating the dependency caused the following test error:

...

Fixed in commit c52be13. The test failure was caused by several marshmallow 4.x breaking changes in app.py:

  1. default= removed → replaced with dump_default= (deprecated in 3.13, removed in 4.0)
  2. Metadata as kwargs removed → moved enum= and example= into metadata={...} dict (deprecated in 3.10, removed in 4.0)
  3. fields.List(fields.Str) (class reference)fields.List(fields.String()) (instance) — marshmallow 4.0 now errors at class declaration time when a class is passed instead of an instance
  4. fields.Str()fields.String() for clarity and consistency

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • marshmallow.readthedocs.io
    • Triggering command: /home/REDACTED/work/_temp/ghcca-node/node/bin/node /home/REDACTED/work/_temp/ghcca-node/node/bin/node --enable-source-maps /home/REDACTED/work/_temp/copilot-developer-action-main/dist/index.js (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Copilot AI requested a review from suhaibmujahid March 31, 2026 13:36
@marco-c marco-c merged commit 4af83d6 into master Mar 31, 2026
11 checks passed
@marco-c marco-c deleted the dependabot/pip/marshmallow-4.2.2 branch March 31, 2026 15:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marco-c marco-c marco-c approved these changes

@suhaibmujahid suhaibmujahid Awaiting requested review from suhaibmujahid

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@suhaibmujahid @marco-c