chore(deps): update dependency django-environ to v0.12.0 #13401
Conversation
trusted-contributions-gcf
bot
added
kokoro:force-run
product-auto-label
bot
added
samples
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Hello @renovate-bot, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
Summary of Changes
Hello team, gemini-code-assist here to provide a summary of this pull request. This PR, authored by renovate-bot, focuses on updating the django-environ dependency from version 0.11.2 to 0.12.0. This is a routine dependency update to bring the project up to the latest stable version of the library, incorporating its latest features, fixes, and compatibility improvements. The changes are limited to updating the version specification in the relevant requirements.txt files.
Highlights
- Dependency Update: The primary change is the update of the
django-environlibrary from version0.11.2to0.12.0. - Python/Django Version Support: According to the
django-environchangelog, version0.12.0adds support for Python 3.12 and 3.13, and Django 5.1. It also removes support for Python 3.6, 3.7, 3.8 and Django 1.x. While this PR only updates the dependency version, the compatibility implications of the newdjango-environversion should be considered in the context of the project's target Python/Django versions. - Inline Comments Handling: Version
0.12.0ofdjango-environdisables inline comments handling by default. If any.envfiles relied on this feature, they might need adjustment or the feature might need to be explicitly re-enabled.
Changelog
- appengine/flexible/django_cloudsql/requirements.txt
- Updated
django-environfrom0.11.2to0.12.0.
- Updated
- appengine/flexible_python37_and_earlier/django_cloudsql/requirements.txt
- Updated
django-environfrom0.11.2to0.12.0.
- Updated
- run/django/requirements.txt
- Updated
django-environfrom0.11.2to0.12.0.
- Updated
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
A dependency bumps,
No major humps,
Just version change,
Across a small range,
No need for major jumps.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
There was a problem hiding this comment.
Code Review
This pull request updates django-environ from v0.11.2 to v0.12.0. While keeping dependencies up-to-date is generally good, this specific update introduces breaking changes regarding Python version support that critically affect several samples in this repository. Additionally, there's a change in how inline comments in .env files are handled by default, which could be a high-impact change for some users.
Detailed feedback is provided in the comments below.
Summary of Findings
- Python Version Incompatibility (Critical):
django-environ==0.12.0removes support for Python 3.6, 3.7, and 3.8. This critically affects:
appengine/flexible/django_cloudsql(uses Python 3.7)appengine/flexible_python37_and_earlier/django_cloudsql(uses Python 3.7)run/django(requirements.txt allows Python 3.8)
- Change in Inline Comment Handling (High):
django-environ==0.12.0disables handling of inline comments in.envfiles by default. This is a potential breaking change if samples or users rely on inline comments for their environment configuration, as it could lead to misparsed values.
Merge Readiness
This pull request, in its current state, introduces critical compatibility issues for multiple Python samples due to django-environ==0.12.0 dropping support for Python versions (3.7, 3.8) that these samples are configured to use. Additionally, a change in the default handling of inline comments by django-environ poses a high risk of misconfiguration.
I strongly recommend that these critical issues be addressed before merging. This may involve pinning django-environ to an older version for affected samples, updating the Python runtimes of these samples, or adjusting their requirements.txt files. As a reviewer, I am not authorized to approve pull requests, but based on this review, changes are required.
| @@ -1,6 +1,6 @@ | |||
| Django==5.2.1 | |||
| gunicorn==23.0.0 | |||
| psycopg2-binary==2.9.10 | |||
| django-environ==0.11.2 | |||
| django-environ==0.12.0 | |||
There was a problem hiding this comment.
The update to django-environ==0.12.0 is likely to cause this sample to fail. According to the django-environ v0.12.0 release notes, this version removes support for Python 3.7 and 3.8.
The app.yaml configuration for this sample (appengine/flexible/django_cloudsql/app.yaml) explicitly sets python_version: 3.7:
runtime_config:
python_version: 3.7This mismatch will likely lead to installation or runtime errors.
Could you clarify how this incompatibility should be handled? Possible solutions include:
- Updating this sample's Python runtime in
app.yamlto Python 3.9 or newer. - Pinning
django-environto a version compatible with Python 3.7 (e.g.,django-environ<0.12.0).
| @@ -1,6 +1,6 @@ | |||
| Django==5.2.1 | |||
| gunicorn==23.0.0 | |||
| psycopg2-binary==2.9.10 | |||
| django-environ==0.11.2 | |||
| django-environ==0.12.0 | |||
There was a problem hiding this comment.
This update to django-environ==0.12.0 presents a critical compatibility issue for this sample. As noted in the v0.12.0 release notes, support for Python 3.7 and 3.8 has been removed.
The app.yaml for this sample (appengine/flexible_python37_and_earlier/django_cloudsql/app.yaml) specifies python_version: 3.7. Furthermore, the directory name flexible_python37_and_earlier strongly implies that this sample is intended for use with Python 3.7 or older versions.
Given this, django-environ==0.12.0 is incompatible. What is the recommended approach here?
- Should this sample pin
django-environto a version<0.12.0to maintain Python 3.7 compatibility? - Or is there a plan to update or archive this specific sample, as it targets an older Python runtime?
| @@ -1,7 +1,7 @@ | |||
| Django==5.2.1; python_version >= "3.10" | |||
| Django==4.2.21; python_version >= "3.8" and python_version < "3.10" | |||
| django-storages[google]==1.14.5 | |||
| django-environ==0.11.2 | |||
| django-environ==0.12.0 | |||
There was a problem hiding this comment.
The update to django-environ==0.12.0 may break compatibility for environments using Python 3.8 with this sample. The v0.12.0 release notes indicate that support for Python 3.8 (along with 3.6 and 3.7) has been dropped.
This requirements.txt file includes a conditional Django dependency that explicitly supports Python 3.8:
Django==4.2.21; python_version >= "3.8" and python_version < "3.10"If this sample is deployed or run in a Python 3.8 environment, django-environ==0.12.0 would be installed but is not designed to work with Python 3.8, likely leading to failures.
How should this incompatibility be addressed? Some options could be:
- Pin
django-environto a version<0.12.0if Python 3.8 support remains a requirement for this sample. - Modify the Python version specifiers in this
requirements.txtto require Python 3.9+ when usingdjango-environ==0.12.0. - Implement more granular dependency management if different
django-environversions are needed for different Python runtimes.
| @@ -1,6 +1,6 @@ | |||
| Django==5.2.1 | |||
| gunicorn==23.0.0 | |||
| psycopg2-binary==2.9.10 | |||
| django-environ==0.11.2 | |||
| django-environ==0.12.0 | |||
There was a problem hiding this comment.
A notable change in django-environ==0.12.0 is that inline comments in .env files are no longer handled by default. The release notes state: "Disabled inline comments handling by default due to potential side effects."
If any .env files or secrets loaded via env.read_env() (as seen in mysite/settings.py for these samples) rely on inline comments (e.g., MY_VAR=value # this is a comment), these comments might now be incorrectly parsed as part of the environment variable's value, or potentially cause other parsing issues.
Has this potential impact been assessed across the samples? Projects relying on this feature might need to:
- Remove inline comments from their
.envfiles/secret payloads. - Explicitly configure
django-environto re-enable inline comment parsing if the new default behavior is problematic.
kokoro-team
removed
the
kokoro:force-run
This PR contains the following updates:
==0.11.2->==0.12.0Release Notes
joke2k/django-environ (django-environ)
v0.12.0Compare Source
Fixed
+++++
ImproperlyConfigurederror message#​513 <https://github.com/joke2k/django-environ/issues/513>_.Added
+++++
#​538 <https://github.com/joke2k/django-environ/issues/538>_.#​535 <https://github.com/joke2k/django-environ/issues/535>_.#​509 <https://github.com/joke2k/django-environ/issues/509>_.#​266 <https://github.com/joke2k/django-environ/issues/266>_.Changed
+++++++
While the feature itself is useful, the project's philosophy dictates that
it should not be enabled by default for all users
#​499 <https://github.com/joke2k/django-environ/issues/499>_.Removed
+++++++
#​538 <https://github.com/joke2k/django-environ/issues/538>_.#​538 <https://github.com/joke2k/django-environ/issues/538>_.Configuration
📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, on day 1 of the month ( * 0-3 1 * * ) (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Never, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.