Skip to content

update setuptools#19524

Merged
SaschaCowley merged 6 commits into
betafrom
fixSetupTools
Feb 4, 2026
Merged

update setuptools#19524
SaschaCowley merged 6 commits into
betafrom
fixSetupTools

Conversation

@seanbudd

@seanbudd seanbudd commented Jan 28, 2026
edited
Loading

Copy link
Copy Markdown
Member

Link to issue number:

Replaces #19515
Follow up to #19432

Summary of the issue:

#19432 used an older version of setuptools which contains security vulnerabilities

Description of user facing changes:

none

Description of developer facing changes:

bump setuptools

Description of development approach:

bump setuptools

Testing strategy:

none

Known issues with pull request:

none

Code Review Checklist:

  • Documentation:
    • Change log entry
    • User Documentation
    • Developer / Technical Documentation
    • Context sensitive help for GUI changes
  • Testing:
    • Unit tests
    • System (end to end) tests
    • Manual testing
  • UX of all users considered:
    • Speech
    • Braille
    • Low Vision
    • Different web browsers
    • Localization in other languages / culture than English
  • API is compatible with existing add-ons.
  • Security precautions taken.

@seanbudd seanbudd requested a review from a team as a code owner January 28, 2026 06:35
@seanbudd seanbudd changed the base branch from master to beta January 28, 2026 06:35
@seanbudd seanbudd mentioned this pull request Jan 28, 2026
Closed
Copilot AI reviewed Jan 28, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates pinned setuptools versions to address security concerns stemming from older setuptools usage (notably in the 32-bit synthDriverHost runtime builder).

Changes:

  • Bumped setuptools to 80.10.2 in the main uv.lock and pyproject.toml build-system requirements.
  • Bumped setuptools to 80.10.2 in runtime-builders/synthDriverHost32 (both lockfile and pyproject.toml), including its dev/build requirements.
  • Updated the developer-facing “Updated components” documentation entry to reflect the new setuptools version.

Reviewed changes

Copilot reviewed 3 out of 5 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
uv.lock Updates the locked setuptools artifact metadata to 80.10.2.
pyproject.toml Updates build-system setuptools requirement to 80.10.2.
runtime-builders/synthDriverHost32/uv.lock Updates the 32-bit runtime builder lockfile and its setuptools dev specifier to 80.10.2.
runtime-builders/synthDriverHost32/pyproject.toml Updates build-system + dev dependency-group setuptools requirements to 80.10.2.
user_docs/en/changes.md Documents the setuptools upgrade to 80.10.2.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread pyproject.toml
Comment thread runtime-builders/synthDriverHost32/pyproject.toml
Copilot AI mentioned this pull request Jan 28, 2026
Closed

Copilot AI commented Jan 28, 2026

Copy link
Copy Markdown

@seanbudd I've opened a new pull request, #19525, to work on those changes. Once the pull request is ready, I'll request review from you.

@seanbudd seanbudd added the conceptApproved Similar 'triaged' for issues, PR accepted in theory, implementation needs review. label Jan 29, 2026
@SaschaCowley SaschaCowley added this to the 2026.1 milestone Jan 29, 2026
SaschaCowley
SaschaCowley requested changes Jan 30, 2026
View reviewed changes
Comment thread pyproject.toml Outdated
Comment thread user_docs/en/changes.md Outdated
seanbudd and others added 2 commits January 30, 2026 11:57
@seanbudd
Update user_docs/en/changes.md
8fb19d9
@seanbudd @SaschaCowley
Apply suggestion from @SaschaCowley
91b4af2 
Co-authored-by: Sascha Cowley <16543535+SaschaCowley@users.noreply.github.com>
@seanbudd seanbudd requested a review from SaschaCowley January 30, 2026 00:59
wmhn1872265132
wmhn1872265132 reviewed Jan 30, 2026
View reviewed changes
Comment thread user_docs/en/changes.md Outdated
@seanbudd @wmhn1872265132
Update user_docs/en/changes.md
811530f 
Co-authored-by: WMHN <1872265132@qq.com>
@seanbudd seanbudd marked this pull request as draft January 30, 2026 01:34
@seanbudd seanbudd marked this pull request as ready for review February 4, 2026 02:49
@SaschaCowley SaschaCowley enabled auto-merge (squash) February 4, 2026 03:26
@SaschaCowley SaschaCowley merged commit 0ad37fb into beta Feb 4, 2026
73 of 75 checks passed
@SaschaCowley SaschaCowley deleted the fixSetupTools branch February 4, 2026 03:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@SaschaCowley SaschaCowley SaschaCowley approved these changes

+1 more reviewer

@wmhn1872265132 wmhn1872265132 wmhn1872265132 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

conceptApproved Similar 'triaged' for issues, PR accepted in theory, implementation needs review.

Projects

None yet

Milestone

2026.1

Development

Successfully merging this pull request may close these issues.

5 participants

@seanbudd @SaschaCowley @wmhn1872265132