Skip to content

build(deps): bump pandas from 2.3.2 to 2.3.3 #520

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
aevri merged 2 commits into from
Jan 1, 2026
Merged

build(deps): bump pandas from 2.3.2 to 2.3.3 #520

aevri merged 2 commits into from
Jan 1, 2026

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 30, 2025
edited
Loading

Bumps pandas from 2.3.2 to 2.3.3.

Release notes

Sourced from pandas's releases.

Pandas 2.3.3

We are pleased to announce the release of pandas 2.3.3. This release includes some improvements and fixes to the future string data type (preview feature for the upcoming pandas 3.0). We recommend that all users upgrade to this version.

See the full whatsnew for a list of all the changes. Pandas 2.3.3 supports Python 3.9 and higher, and is the first release to support Python 3.14.

The release will be available on the conda-forge channel:

conda install pandas --channel conda-forge

Or via PyPI:

python3 -m pip install --upgrade pandas

Please report any issues with the release on the pandas issue tracker.

Thanks to all the contributors who made this release possible.

Commits
  • 9c8bc3e RLS: 2.3.3
  • 6aa788a [backport 2.3.x] DOC: prepare 2.3.3 whatsnew notes for release (#62499) (#62508)
  • b64f0df [backport 2.3.x] BUG: avoid validation error for ufunc with string[python] ar...
  • 058eb2b [backport 2.3.x] BUG: String[pyarrow] comparison with mixed object (#62424) (...
  • 2ca088d [backport 2.3.x] DEPR: remove the Period resampling deprecation (#62480) (#62...
  • 92bf98f [backport 2.3.x] BUG: fix .str.isdigit to honor unicode superscript for older...
  • e57c7d6 Backport PR #62452 on branch 2.3.x (TST: Adjust tests for numexpr 2.13) (#62454)
  • e0fe9a0 Backport to 2.3.x: REGR: from_records not initializing subclasses properly (#...
  • 23a1085 BUG: improve future warning for boolean operations with missaligned indexes (...
  • 6113696 Backport PR #62396 on branch 2.3.x (PKG/DOC: indicate Python 3.14 support in ...
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
build(deps): bump pandas from 2.3.2 to 2.3.3
54a386b 
Bumps [pandas](https://github.com/pandas-dev/pandas) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/pandas-dev/pandas/releases)
- [Commits](pandas-dev/pandas@v2.3.2...v2.3.3)

---
updated-dependencies:
- dependency-name: pandas
  dependency-version: 2.3.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Sep 30, 2025
@aevri aevri enabled auto-merge (rebase) January 1, 2026 12:35
@claude
Copy link
Contributor

claude bot commented Jan 1, 2026

Pull Request Review: Pandas 2.3.2 → 2.3.3

Summary

This is a straightforward dependency update from Dependabot that bumps pandas from 2.3.2 to 2.3.3 (patch version update).

Code Quality ✅

  • Change scope: Minimal - single line change in requirements.txt
  • Style: Follows existing format and conventions
  • Best practices: Patch version updates are low-risk and recommended

Functionality Analysis ✅

Pandas usage in codebase: Limited to a single file (mel/cmd/timelog.py:8)

The timelog command uses basic pandas operations:

  • pd.read_csv() with dtype and date parsing
  • String operations (.str.removeprefix(), .str.split(), .str.startswith())
  • DataFrame filtering with .loc[]
  • Groupby and aggregation operations

Pandas 2.3.3 changes (from release notes):

  • Improvements and fixes to future string data type (preview feature for pandas 3.0)
  • Bug fixes for string operations and ufunc handling
  • Python 3.14 support added
  • Deprecation adjustments for Period resampling

Compatibility Assessment ✅

The operations used in mel/cmd/timelog.py are all stable, core pandas functionality:

  • No use of experimental string dtypes
  • No Period resampling that was deprecated
  • Standard CSV reading, string operations, and groupby aggregations

Risk level: Very low - patch releases maintain backward compatibility

Potential Issues 🟢

None identified. The changes in pandas 2.3.3 are:

  1. Bug fixes (improvements to existing functionality)
  2. Features unrelated to the code's usage patterns
  3. Backward compatible within the 2.3.x series

Test Coverage 📝

  • No dedicated tests found for timelog functionality
  • Recommend: Manual verification by running mel timelog command with an existing timelog CSV file (if available)
  • The update should not break existing functionality given the conservative usage patterns

Security Concerns ✅

No security concerns - this is an official pandas release addressing bug fixes.

Performance Considerations ✅

Patch releases typically include performance improvements or maintain existing performance. No performance regressions expected.

Recommendations

  1. Approve and merge - This is a safe patch update
  2. 🔍 Optional: Run ./meta/unit_tests.sh to verify no regressions (if CI hasn't already)
  3. 📋 Optional: Consider adding basic tests for timelog command functionality for future confidence

Verdict: APPROVED

This is a standard, low-risk dependency patch update that should be merged.

@aevri aevri merged commit 5bc73b2 into main Jan 1, 2026
2 checks passed
@aevri aevri deleted the dependabot/pip/pandas-2.3.3 branch January 1, 2026 16:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aevri