fix(deps): update dependency opensearch-py to v3 by renovate[bot] · Pull Request #2764 · mitodl/mit-learn

renovate · 2025-11-25T15:49:15Z

This PR contains the following updates:

Package	Change	Age	Confidence
opensearch-py	`>=2.0.0,<3` → `>=3.1,<4`

Release Notes

opensearch-project/opensearch-py (opensearch-py)

`v3.1.0`

Compare Source

Added

Updated APIs

Updated opensearch-py APIs to reflect opensearch-api-specification@eaf4bf8
Updated opensearch-py APIs to reflect opensearch-api-specification@3be80d7
Updated opensearch-py APIs to reflect opensearch-api-specification@89c586c
Updated opensearch-py APIs to reflect opensearch-api-specification@cac8c5d
Updated opensearch-py APIs to reflect opensearch-api-specification@578a78d

Changed

Rename DenseVector field type to KnnVector (925)

Deprecated

Deprecate python 3.8 and 3.9 support which are end of life. (966)

Removed

Fixed

Moved client tests to dedicated files to ensure they are run (944)
Fix Async request signer (932)
Fix memory leak in parallel_bulk (981)

Security

Dependencies

Bumps aiohttp from >=3.9.4,<4 to >=3.10.11,<4 (#920)
Bumps aiohttp from >=3.10.11 to >=3.12.14 (#966)
Bump pytest-asyncio from <=0.25.1 to <=1.2.0 (#936, #950)
Bumps lycheeverse/lychee-action from 1.9.3 to 2.7.0 (#946, #980)
Bump actions/download-artifact from 4 to 6 (#957, #968)
Bump actions/cache from 3 to 4 (#958)
Bump peter-evans/create-pull-request from 6 to 7 (#959)
Bump actions/setup-python from 5 to 6 (#961)
Bump dangoslen/dependabot-changelog-helper from 3 to 4 (#960)
Bump stefanzweifel/git-auto-commit-action from 5 to 7 (#962)
Bump actions/checkout from 4 to 5 (#967)
Bump VachaShah/backport from 1.1.4 to 2.2.0 (#969)
Bump actions/github-script from 7 to 8 (#973)
Bump actions/upload-artifact from 4 to 5 (#972)
Bump actions/setup-java from 4 to 5 (#974)

`v3.0.0`

Compare Source

Added

Added option to pass custom headers to 'AWSV4SignerAsyncAuth' (863)
Added sync and async sample that uses search_after parameter (859)
Enforced mandatory keyword-only arguments for calling auto-generated OpenSearch-py APIs (#907)

Updated APIs

Updated opensearch-py APIs to reflect opensearch-api-specification@d4eab1a

Changed

Small refactor of AWS Signer classes for both sync and async clients (866)
Small refactor to fix overwriting the module files when generating apis (874)
Fixed a "type ignore" lint error
Added support for explicit proxy to RequestsHttpConnection (908)

Deprecated

Removed

Fixed

Security

Dependencies

Bump pytest-asyncio from <=0.24.0 to <=0.25.1 (#881)

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone US/Eastern, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

github-actions · 2026-01-22T15:14:41Z

OpenAPI Changes

Show/hide No detectable change.

Unexpected changes? Ensure your branch is up-to-date with main (consider rebasing).

pyproject.toml

sentry · 2026-02-25T17:35:29Z

pyproject.toml

@@ -74,7 +74,7 @@ ocw-data-parser = "^0.35.1"
 onnxruntime = "1.22.1"
 openai = "^2.0.0"
 opensearch-dsl = "^2.0.0"


Bug: The project relies on the deprecated opensearch-dsl package, which may be incompatible with the newly upgraded opensearch-py v3.0.0, creating a risk of runtime errors.
_{Severity: MEDIUM}

Suggested Fix

Remove the opensearch-dsl dependency from pyproject.toml. Refactor the code to use the DSL functionality now built into the opensearch-py library. This involves updating all imports from opensearch_dsl (e.g., Search, Percolate) to use the corresponding helpers from opensearch-py.

Prompt for AI Agent

Review the code at the location below. A potential bug has been identified by an AI agent. Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not valid. Location: pyproject.toml#L76 Potential issue: The pull request upgrades `opensearch-py` to version 3.0.0 but continues to use the `opensearch-dsl` package, which was deprecated and had its functionality merged into `opensearch-py` starting with version 2.2.0. The `opensearch-dsl` version 2.1.0 was designed to work with `opensearch-py` version 2.x. Relying on this deprecated package alongside a new major version of `opensearch-py` creates a risk of runtime incompatibilities, as the internal APIs that `opensearch-dsl` depends on may have changed or been removed in `opensearch-py` v3.0.0. This could lead to unexpected behavior or errors when DSL-related features are executed.

sentry · 2026-02-25T19:40:06Z

pyproject.toml

@@ -74,7 +74,7 @@ ocw-data-parser = "^0.35.1"
 onnxruntime = "1.22.1"
 openai = "^2.0.0"
 opensearch-dsl = "^2.0.0"


Bug: The upgrade of opensearch-py to v3.0.0 while opensearch-dsl remains at v2.x may introduce runtime incompatibilities due to breaking changes in the underlying client library.
_{Severity: MEDIUM}

Suggested Fix

Verify through testing that opensearch-dsl v2.1.0 is compatible with opensearch-py v3.0.0. If they are incompatible, upgrade opensearch-dsl to a version that officially supports opensearch-py v3.0.0. Alternatively, revert the opensearch-py upgrade until a compatible opensearch-dsl version is available.

Prompt for AI Agent

Review the code at the location below. A potential bug has been identified by an AI agent. Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not valid. Location: pyproject.toml#L76 Potential issue: The pull request upgrades `opensearch-py` to version 3.0.0, a major release with breaking changes, while the `opensearch-dsl` library remains at version 2.1.0. Although the dependency manager resolves these versions without conflict, there is a risk of runtime errors. `opensearch-dsl` relies heavily on the `opensearch-py` client, and breaking changes in the client's API could cause `opensearch-dsl` functions used throughout the application to fail. This potential incompatibility could lead to failures in search-related operations.

sentry · 2026-03-05T17:23:55Z

pyproject.toml

    "openai>=2.0.0,<3",
    "opensearch-dsl>=2.0.0,<3",
-    "opensearch-py>=2.0.0,<3",
+    "opensearch-py>=3.1,<4",


Bug: Calls to the opensearch-py client use positional arguments, such as conn.indices.get_alias(temp_alias), which are no longer supported after the library upgrade and will cause a TypeError.
_{Severity: HIGH}

Suggested Fix

Update all calls to the opensearch-py client to use keyword arguments instead of positional arguments. For example, change conn.indices.get_alias(temp_alias) to conn.indices.get_alias(name=temp_alias) and conn.indices.create(index_name, ...) to conn.indices.create(index=index_name, ...).

Prompt for AI Agent

Review the code at the location below. A potential bug has been identified by an AI agent. Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not valid. Location: pyproject.toml#L73 Potential issue: The upgrade to `opensearch-py` v3.1.0 introduces a breaking change that requires keyword-only arguments for API calls. The codebase contains several calls that use positional arguments, which will now raise a `TypeError` at runtime. For example, `conn.indices.get_alias(temp_alias)` in `create_backing_index` will fail during reindexing operations, breaking the entire workflow. Other affected calls include `conn.indices.refresh(index)`, `conn.indices.exists(alias)`, and `conn.indices.create(index_name, ...)`. These will cause runtime errors when their respective code paths are executed.

sentry · 2026-03-09T14:55:04Z

pyproject.toml

    "openai>=2.0.0,<3",
    "opensearch-dsl>=2.0.0,<3",
-    "opensearch-py>=2.0.0,<3",
+    "opensearch-py>=3.1,<4",


Bug: The opensearch-dsl version is incompatible with the upgraded opensearch-py v3, which will likely cause runtime failures. The tests do not cover this incompatibility.
_{Severity: CRITICAL}

Suggested Fix

Since opensearch-dsl is deprecated, the recommended fix is to migrate all code using opensearch-dsl APIs (like Search, MoreLikeThis, Percolate) to use the native opensearch-py v3 client directly. After the migration, the opensearch-dsl dependency should be removed from pyproject.toml.

Prompt for AI Agent

Review the code at the location below. A potential bug has been identified by an AI agent. Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not valid. Location: pyproject.toml#L73 Potential issue: The pull request upgrades `opensearch-py` to version 3, but leaves the `opensearch-dsl` library at version 2. The documentation for `opensearch-dsl` v2 specifies a dependency on `opensearch-py` version 2 (`<3`), making it incompatible with the newly upgraded version. The application uses `opensearch-dsl` for search functionality, and this version mismatch will likely cause runtime errors such as `TypeError` or `AttributeError` when `opensearch-dsl` makes calls to the underlying `opensearch-py` client. The existing test suite will not detect this issue because it mocks the client connections, bypassing the actual library interaction that would fail in a live environment.

renovate bot force-pushed the renovate/opensearch-py-3.x branch 2 times, most recently from f606c4b to 5b40116 Compare November 25, 2025 16:45

abeglova force-pushed the renovate/opensearch-py-3.x branch from 5b40116 to 93a5755 Compare November 25, 2025 17:52

renovate bot force-pushed the renovate/opensearch-py-3.x branch 2 times, most recently from 8adeaf9 to baf968b Compare December 1, 2025 16:18

renovate bot force-pushed the renovate/opensearch-py-3.x branch 13 times, most recently from 1d7f163 to 1ee3df6 Compare December 12, 2025 21:24

renovate bot force-pushed the renovate/opensearch-py-3.x branch 12 times, most recently from 33154e1 to d04160a Compare December 18, 2025 04:01

renovate bot force-pushed the renovate/opensearch-py-3.x branch 13 times, most recently from 2e7388f to 74b3109 Compare January 16, 2026 15:11

sentry bot reviewed Feb 5, 2026

View reviewed changes