Bump sentry-sdk from 1.11.1 to 1.12.1

[dependabot]

Bumps sentry-sdk from 1.11.1 to 1.12.1.

Release notes

Sourced from sentry-sdk's releases.

1.12.1

Various fixes & improvements

• Link errors to OTel spans (#1787) by @​antonpirker

1.12.0

Basic OTel support

This adds support to automatically integrate OpenTelemetry performance tracing with Sentry.

See the documentation on how to set it up: https://docs.sentry.io/platforms/python/performance/instrumentation/opentelemetry/

Give it a try and let us know if you have any feedback or problems with using it.

By: @​antonpirker (#1772, #1766, #1765)

Various fixes & improvements

• Tox Cleanup (#1749) by @​antonpirker
• CI: Fix Github action checks (#1780) by @​Zylphrex
• Profiling: Introduce active thread id on scope (#1764) by @​Zylphrex
• Profiling: Eagerly hash stack for profiles (#1755) by @​Zylphrex
• Profiling: Resolve inherited method class names (#1756) by @​Zylphrex

Changelog

Sourced from sentry-sdk's changelog.

1.12.1

Various fixes & improvements

• Link errors to OTel spans (#1787) by @​antonpirker

1.12.0

Basic OTel support

This adds support to automatically integrate OpenTelemetry performance tracing with Sentry.

See the documentation on how to set it up: https://docs.sentry.io/platforms/python/performance/instrumentation/opentelemetry/

Give it a try and let us know if you have any feedback or problems with using it.

By: @​antonpirker (#1772, #1766, #1765)

Various fixes & improvements

• Tox Cleanup (#1749) by @​antonpirker
• CI: Fix Github action checks (#1780) by @​Zylphrex
• Profiling: Introduce active thread id on scope (#1764) by @​Zylphrex
• Profiling: Eagerly hash stack for profiles (#1755) by @​Zylphrex
• Profiling: Resolve inherited method class names (#1756) by @​Zylphrex

Commits

• ab1496f release: 1.12.1
• 6959941 Link errors to OTel spans (#1787)
• 561cd4b Merge branch 'release/1.12.0'
• abfdce8 Updated changelog
• 0a02915 release: 1.12.0
• d0eed0e Basic OTel support (#1772)
• eb0db0a Tox Cleanup (#1749)
• dd26fbe fix(ci): Fix Github action checks (#1780)
• b1290c6 feat(profiling): Introduce active thread id on scope (#1764)
• 46697dd Add instrumenter config to switch between Otel and Sentry instrumentation. (#...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

Merging #525 (35d1c11) into main (49e18cf) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##              main      #525   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           18        18           
  Lines         2034      2034           
  Branches       231       231           
=========================================
  Hits          2034      2034           

Flag	Coverage Δ
Python_3.10.8	?
Python_3.10.9	100.00% <ø> (?)
Python_3.11.0	?
Python_3.11.1	100.00% <ø> (?)
Python_3.12.0-alpha.2	?
Python_3.12.0-alpha.3	100.00% <ø> (?)
Python_3.8.14	?
Python_3.8.15	100.00% <ø> (?)
Python_3.9.15	?
Python_3.9.16	100.00% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

[CAM-Gerlach]

It's pretty noisy to have dependabot open 6 PRs at once, each just changing one dependency (even though it perhaps is more atomic). It also means the new dependencies aren't all tested together, as opposed to individually (which allows detecting dependency-specific issues, but does not actually test the final composed product of all of the updates until the final PR is merged). Is it possible to have dependabot submit one PR with all the updates at the designated interval? It wasn't clear from skimming the docs whether that is possible.

[AlexWaygood]

Is it possible to have dependabot submit one PR with all the updates at the designated interval?

Unfortunately not. dependabot/dependabot-core#1190 is the number-1 upvoted dependabot issue; you're not the only one to have wanted this.

[CAM-Gerlach]

Ah, I see, thanks. I also realized something more important when I wondered how I got subscribed to all notifications in this repo in the first place...apparently (perhaps due to python/core-workflow#460 ) I have Write permissions here, which subscribes you automatically, and it seems that none of the branch protection steps were implemented, so I (and I assume any other triager) can merge PRs, push branches, etc. willy nilly. That should be fixed by an admin here...maybe @Mariatta can help? I've listed the steps needed on that issue.

[Mariatta]

I don't have admin privs on the bedevere repo. Perhaps @brettcannon ?

[hugovk]

It also means the new dependencies aren't all tested together, as opposed to individually (which allows detecting dependency-specific issues, but does not actually test the final composed product of all of the updates until the final PR is merged).

Dependabot (sometimes? always?) rebases PRs after others are merged, so they do end up getting tested together. For example, see the force pushes to #524.

Is it possible to have dependabot submit one PR with all the updates at the designated interval?

No, but I use Renovate on my projects, which can be configured to create a single, grouped PR. For example: hugovk/pypistats#368 / https://github.com/hugovk/pypistats/blob/main/.github/renovate.json

[ezio-melotti]

Dependabot (sometimes? always?) rebases PRs after others are merged, so they do end up getting tested together.

IIUC she rebases when a previous change (e.g. to requirements.txt) creates a merge conflict. With small dependency files this happens quite often, but if it doesn't, it's also possible to explicitly request a rebase with @dependabot rebase.

Having multiple PRs is good because sometimes you don't want to merge them all (e.g. in case one of the dependencies has breaking changes or issues).

[brettcannon]

I don't have admin privs on the bedevere repo. Perhaps @brettcannon ?

Nope, I'm not an admin.

[CAM-Gerlach]

Okay, thanks. Then I guess @python/organization-owners ? It would have had to be an admin to make the change in the first place...

[brettcannon]

Okay, thanks. Then I guess @python/organization-owners ? It would have had to be an admin to make the change in the first place...

I think you can also email admin at python for help.