Skip to content

Bump marshmallow from 3.21.3 to 3.26.2 #399

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
MartinWheelerMT merged 3 commits into from
Jan 30, 2026
Merged

Bump marshmallow from 3.21.3 to 3.26.2 #399

MartinWheelerMT merged 3 commits into from
Jan 30, 2026

Conversation

@MartinWheelerMT
Copy link
Collaborator

@MartinWheelerMT MartinWheelerMT commented Jan 29, 2026
edited
Loading

What

  • Bump marshmallow from 3.21.3 to 3.26.2 in `mhs/common'
  • Enforce marshmallow to 3.26.2 in `mhs/spineroutelookup'.
  • Enforce marshmallow to 3.26.2 in `mhs/outbound'.
  • Regenerate pipfile.lock files.

Why

To address vulnerability:

image

Type of change

Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Internal change (non-breaking change with no effect on the functionality affecting end users)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist:

  • I have performed a self-review of my code
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • I have updated the Changelog with details of my change in the UNRELEASED section if this change will affect end users

@MartinWheelerMT
Bump marshmallow from 3.21.3 to 3.26.2
e6d16f8 
* Bump `marshmallow` from `3.21.3` to `3.26.2`.
@MartinWheelerMT MartinWheelerMT requested a review from a team as a code owner January 29, 2026 16:15
@MartinWheelerMT
* Regenerate Pipfile.lock
cf90069 
* Update `request_body_schema.py` to reflect changes to `marshmallow.fields` which require `description` keyword to be in metadata.
* Update `request_body_schema.py` to reflect changes to `marshmallow.fields` which have removed the `missing` parameter and replaced with `load_default`.
@MartinWheelerMT
* Enforce marshmallow version in mhs/outbound.
b0df924 
* Enforce `marshmallow` version in `mhs/spineroutelookup`.
* Regenerate Pipfile.lock files.
@MartinWheelerMT MartinWheelerMT enabled auto-merge (squash) January 30, 2026 15:23
@MartinWheelerMT MartinWheelerMT changed the title Bump marshmallow from 3.21.3 to 3.26.2 in common Bump marshmallow from 3.21.3 to 3.26.2 Jan 30, 2026
@MartinWheelerMT MartinWheelerMT merged commit e1b644b into main Jan 30, 2026
13 checks passed
@MartinWheelerMT MartinWheelerMT deleted the bump-marshmallow-to-3.26.2 branch January 30, 2026 15:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chiaramapellimt chiaramapellimt chiaramapellimt approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MartinWheelerMT @chiaramapellimt