Skip to content

Bump django-anymail from 10.2 to 13.1 #2261

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 15, 2025
Merged

Bump django-anymail from 10.2 to 13.1 #2261

merged 1 commit into from
Oct 15, 2025
+4 −5

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 1, 2025

Bumps django-anymail from 10.2 to 13.1.

Release notes

Sourced from django-anymail's releases.

v13.1

Changelog

v13.0.1

Changelog

v13.0

Changelog

v12.0

Changelog

v11.1

Changelog

v11.0.1

Changelog

(This release is solely to update documentation and metadata. Code is identical to v11.0.)

v11.0

  • Breaking changes for Amazon SES; SparkPost (with template_id)
  • New merge_headers feature
  • And more…

Please check the changelog

v10.3

Changelog

Changelog

Sourced from django-anymail's changelog.

v13.1

2025-09-03

Features


* **Scaleway:** Add support for this ESP.
  (See `docs <https://anymail.dev/en/stable/esps/scaleway/>`__.
  Thanks to `@hleroy`_ for the contribution.)

    

  • SendGrid: Add optional signature verification for tracking webhooks.
To support this, Anymail now includes the :pypi:cryptography package when
installed with the django-anymail[sendgrid] extra.
(Thanks to @blag_ for contributing this improvement. Note this was tested
against SendGrid's live API by its contributor at the time it was added,
but cannot be independently verified by Anymail's maintainers as we
no longer have access &lt;https://github.com/anymail/django-anymail/issues/432&gt;__
to a SendGrid test account.)
    • 



v13.0.1


2025-07-25


Breaking changes (external)

  • SendGrid: Anymail no longer officially supports SendGrid, because we are unable to test it. Although it will probably keep working, you'll get warnings about this change in status. See Dropping support for SendGrid <https://github.com/anymail/django-anymail/issues/432>__ for details and actions SendGrid customers can take. (Since this breaking change is due to external causes and impacts SendGrid users on all versions of Anymail, it is being handled as a minor patch release rather than a semver major version change.)

Fixes


* **Amazon SES:** Require boto3 1.24.6 or later to ensure support for the SESv2
  close method. (Thanks to `@mgibeau`_ for identifying the issue.)

v13.0


2025-04-03
</tr></table>

... (truncated)

Commits
  • 74b5e25 Release 13.1
  • 12f2032 Scaleway: cleanup and enable integration tests
  • 8be0aaa Readme: fix test status badges
  • 90367b3 Scaleway: new ESP
  • 4b2d6f8 SendGrid: Add optional webhook signature verification
  • b8a5ee8 CI: fix typo in release.yml
  • 30c6130 Release 13.0.1
  • 6b27bd9 CI: fix outdated Django 5.2 alpha reference
  • dfa4ce0 SendGrid: change to "unsupported" status
  • c29c993 Fix lint
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump django-anymail from 10.2 to 13.1
652d838 
Bumps [django-anymail](https://github.com/anymail/django-anymail) from 10.2 to 13.1.
- [Release notes](https://github.com/anymail/django-anymail/releases)
- [Changelog](https://github.com/anymail/django-anymail/blob/main/CHANGELOG.rst)
- [Commits](anymail/django-anymail@v10.2...v13.1)

---
updated-dependencies:
- dependency-name: django-anymail
  dependency-version: '13.1'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Oct 1, 2025
seer-by-sentry[bot]
seer-by-sentry bot reviewed Oct 1, 2025
View reviewed changes
uv.lock
[[package]]
name = "django-anymail"
version = "10.2"
version = "13.1"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Potential bug: The code imports EmailAddress from anymail.utils instead of allauth.account.models, but then attempts to use it as a Django model, which will fail.

  • Description: The code imports EmailAddress from anymail.utils, which is a utility class, not a Django model. It then attempts to call .objects.filter() on this class when checking a user's secondary emails during the invitation acceptance process. This will raise an AttributeError because the utility class does not have an .objects manager. This issue is confirmed by a production crash reported in Sentry: AttributeError: type object 'EmailAddress' has no attribute 'objects'. The failure occurs when an authenticated user with a non-matching primary email accepts an invitation.

  • Suggested fix: Change the import statement in apps/teams/views/invitation_views.py. Replace from anymail.utils import EmailAddress with from allauth.account.models import EmailAddress to use the correct Django model, which has the required .objects manager.
    severity: 0.85, confidence: 0.98

Did we get this right? 👍 / 👎 to inform future reviews.

@snopoke snopoke merged commit 1f6714e into main Oct 15, 2025
7 checks passed
@snopoke snopoke deleted the dependabot/uv/django-anymail-13.1 branch October 15, 2025 08:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@seer-by-sentry seer-by-sentry[bot] seer-by-sentry[bot] left review comments

@snopoke snopoke snopoke approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@snopoke