Skip to content

Comments

Bump django-filter from 24.3 to 25.2#852

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/django-filter-25.2
Open

Bump django-filter from 24.3 to 25.2#852
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/django-filter-25.2

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 2, 2026
edited
Loading

Bumps django-filter from 24.3 to 25.2.

Changelog

Sourced from django-filter's changelog.

Version 25.2 (2025-10-05)

  • Added testing for Django 6.0.

  • Dropped support for Django <5.2 LTS

  • Dropped support for Python 3.9.

Version 25.1 (2025-02-14)

  • Removed the in-built API schema generation methods, which have been deprecated since v23.2.

    You should use drf-spectacular <https://drf-spectacular.readthedocs.io/en/latest/>_ for generating OpenAPI schemas with DRF.

  • Dropped support for EOL Python 3.8.

  • Added testing against Python 3.13.

  • Added official support for Django 5.2.

Commits
  • 17ec565 Bumped version for 25.2 release.
  • 9b4b8fd Updated testing for Django 6.0. (#1730)
  • 1b07b3e Bump actions/setup-python from 5 to 6 in the github-actions group (#1726)
  • 27a1168 Bump the github-actions group with 2 updates (#1722)
  • 7f59b6f Add drf as optional dependencies (#1724)
  • 635343e Add reference anchors to filter types to facilitate intersphinx refs (#1706)
  • 7b3176e Document steps for postgres full text search (#1704)
  • 27dd672 Updated Change notes for 25.1 release.
  • 2ea3817 Added Trove classifier for Django 5.2.
  • 4d2306c Replaced hardcoded pks in tests (#1703)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 2, 2026
@claude
Copy link

claude bot commented Feb 2, 2026

PR Review: django-filter 24.3 → 25.2 Upgrade

⚠️ CRITICAL COMPATIBILITY ISSUE

This PR cannot be merged as-is due to a breaking compatibility issue.

The Problem

django-filter 25.2 requires Django >= 5.2 LTS, but this project currently uses Django 4.2.24 (base.txt:20).

From the django-filter 25.2 changelog:

  • Dropped support for Django < 5.2 LTS
  • Dropped support for Python 3.9

Impact Analysis

Current Usage: django-filter is used in config/graphql/filters.py (694 lines) for:

  • GraphQL query filtering across all major models
  • 20+ FilterSet classes (AnalysisFilter, CorpusFilter, DocumentFilter, etc.)
  • Custom filter methods for complex queries

Breaking Changes in 25.x:

  1. v25.1: Removed in-built API schema generation methods (deprecated since v23.2)
  2. v25.2: Django 5.2+ requirement enforced

Recommended Actions

Option 1: Stay on django-filter 24.x (Recommended)

  • Keep django-filter==24.3 until Django is upgraded to 5.2+
  • Close this Dependabot PR with @dependabot ignore this major version

Option 2: Upgrade Django First

  • Upgrade Django 4.2 → 5.2 LTS (major undertaking)
  • Test all migrations, signals, and GraphQL resolvers
  • Then accept this django-filter upgrade
  • Note: This is a significant change requiring extensive testing per CLAUDE.md baseline rules

Test Requirements (if proceeding with Option 2)

Per CLAUDE.md:

  1. Run full backend test suite: docker compose -f test.yml run django pytest -n 4 --dist loadscope --create-db
  2. Verify all GraphQL filters still work correctly
  3. Check for any schema generation deprecation warnings
  4. Ensure pre-commit hooks pass

Files Checked

  • requirements/base.txt: Django 4.2.24 (incompatible)
  • config/graphql/filters.py: Extensive django-filter usage
  • compose/production/django/Dockerfile: PyTorch base image (Python version TBD)

Recommendation

Do not merge this PR. The Django version incompatibility will cause immediate import/runtime failures. Either:

  1. Ignore this major version upgrade until Django 5.2 migration is complete, OR
  2. Plan a coordinated Django + django-filter upgrade as a separate initiative

cc: This requires a decision on Django upgrade timeline before proceeding.

@dependabot dependabot bot force-pushed the dependabot/pip/django-filter-25.2 branch from db0b7de to 87dc678 Compare February 6, 2026 02:35
@claude
Copy link

claude bot commented Feb 6, 2026

PR Review: django-filter 24.3 → 25.2 Upgrade

Summary

This PR bumps django-filter from 24.3 to 25.2, a major version upgrade with breaking changes that require careful review.

Critical Compatibility Issues

1. Django Version Incompatibility - BLOCKING ISSUE

  • django-filter 25.2 dropped support for Django < 5.2 LTS
  • This project uses Django 4.2.24 (per requirements/base.txt:20)
  • Result: This upgrade will likely fail or cause runtime errors

Evidence from django-filter changelog (v25.2):

Dropped support for Django <5.2 LTS

Recommendation: This PR should NOT be merged until the project upgrades to Django 5.2+.

2. Python Version Compatibility - COMPATIBLE

  • django-filter 25.1+ dropped Python 3.8 and 3.9 support
  • This project uses Python 3.12 (.github/workflows/backend.yml:38)
  • Result: Python version is compatible

Breaking Changes in django-filter 25.1-25.2

Removed Features (v25.1):

  • Removed in-built API schema generation methods (deprecated since v23.2)
  • Projects should use drf-spectacular for OpenAPI schemas with DRF

Impact Assessment:

  • Low risk - this project uses django-filter primarily with GraphQL/Graphene, not DRF REST endpoints
  • The codebase uses filterset_class with GraphQL DjangoFilterConnectionField (config/graphql/queries.py)
  • No DRF-specific schema generation detected in codebase

Affected Code Analysis

Primary usage location: config/graphql/filters.py

FilterSet classes in use (32+ filters):

  • GremlinEngineFilter, AnalyzerFilter, AnalysisFilter
  • CorpusFilter, DocumentFilter, AnnotationFilter
  • ConversationFilter, BadgeFilter, UserBadgeFilter
  • And 20+ more...

Usage pattern: All filters use standard django-filter features - no deprecated API usage detected

Security Concerns

None identified - This is a dependency version bump with no new attack surface.

Performance Considerations

Neutral - No performance-related changes in this django-filter release.

Final Recommendation

DO NOT MERGE - Blocking Issues

Reason: Django version incompatibility will cause failures.

Required Actions:

  1. Option A - Defer upgrade (Recommended):

    • Close this PR
    • Upgrade Django to 5.2+ first
    • Then upgrade django-filter

  2. Option B - Downgrade target version:

    • Change PR to upgrade to django-filter 24.x (latest compatible with Django 4.2)
    • Check if there is a 24.x version newer than 24.3

  3. Option C - Coordinate upgrade:

    • Create a coordinated upgrade plan:
      a. Upgrade Django 4.2 → 5.2
      b. Run full test suite
      c. Then merge this django-filter upgrade

Additional Notes

  • The project CI (backend.yml) will likely catch the Django incompatibility during test runs
  • Per CLAUDE.md baseline rules: Always ensure all affected (or new) tests pass
  • The Dependabot bot may not be aware of the Django version constraint

Reviewed per: CLAUDE.md project guidelines
Test recommendation: Full parallel backend test suite with pytest -n 4

@JSv4
Copy link
Collaborator

JSv4 commented Feb 9, 2026

@dependabot rebase

@dependabot
Bump django-filter from 24.3 to 25.2
544d856 
Bumps [django-filter](https://github.com/carltongibson/django-filter) from 24.3 to 25.2.
- [Release notes](https://github.com/carltongibson/django-filter/releases)
- [Changelog](https://github.com/carltongibson/django-filter/blob/main/CHANGES.rst)
- [Commits](carltongibson/django-filter@24.3...25.2)

---
updated-dependencies:
- dependency-name: django-filter
  dependency-version: '25.2'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/django-filter-25.2 branch from 87dc678 to 544d856 Compare February 9, 2026 05:12
@claude
Copy link

claude bot commented Feb 9, 2026

Pull Request Review - django-filter 24.3 → 25.2

Summary

This PR upgrades django-filter from 24.3 to 25.2, a major version bump. Based on my analysis, this upgrade introduces compatibility concerns that need to be addressed.

⚠️ Critical Compatibility Issues

1. Django Version Incompatibility

  • Current Django version: 4.2.24 (LTS)
  • django-filter 25.2 requirements: Django ≥ 5.2 (dropped support for Django < 5.2 LTS)
  • Impact: This is a blocking issue. The application is running Django 4.2, but django-filter 25.2 requires Django 5.2+.

Evidence from django-filter 25.2 changelog:

"Dropped support for Django <5.2 LTS"

2. Python Version Check

  • Current Python: 3.12.3 ✅
  • django-filter 25.2 requirements: Python ≥ 3.10 (dropped 3.9)
  • Status: Python version is compatible.

📋 Breaking Changes in django-filter 25.x

Based on the changelog:

Version 25.1 Changes:

  1. Removed deprecated API schema generation methods (deprecated since v23.2)

    • If using DRF schema generation, must migrate to drf-spectacular
    • Need to verify if codebase uses these methods

  2. Dropped Python 3.8 support (not relevant - using 3.12)

  3. Added Django 5.2 support (but requires minimum 5.2)

Version 25.2 Changes:

  1. Added Django 6.0 testing support
  2. Enforced Django ≥ 5.2 requirement

🔍 Code Impact Analysis

File: config/graphql/filters.py

  • Contains extensive use of django_filters.FilterSet
  • Uses django_filters.OrderingFilter, django_filters.ModelMultipleChoiceFilter, etc.
  • Assessment: Standard FilterSet usage appears compatible with 25.x API

Potential concerns:

  • No obvious use of deprecated API schema generation methods
  • Standard filter patterns should work with newer version
  • However, Django version incompatibility blocks testing

🛡️ Security Considerations

  • No known security vulnerabilities in either version
  • This is a dependency maintenance update from Dependabot

⚡ Performance Considerations

  • No significant performance changes documented in changelog
  • Mainly compatibility and deprecation removals

🧪 Test Coverage Concerns

  • Cannot verify without Django upgrade: Tests will fail with Django 4.2
  • Need to upgrade Django to 5.2 LTS before upgrading django-filter
  • CI likely failing due to version incompatibility

✅ Recommendations

Option 1: Reject this PR (Recommended)

  1. Close this PR
  2. Plan Django 4.2 → 5.2 LTS upgrade first
  3. Then accept django-filter upgrade
  4. Rationale: Upgrading django-filter without Django breaks the application

Option 2: Coordinate Upgrades

  1. Create a migration plan for Django 5.2 upgrade
  2. Bundle django-filter upgrade with Django upgrade
  3. Test both together comprehensively

Immediate Actions:

# Configure Dependabot to ignore this version until Django is upgraded
@dependabot ignore this major version

📝 Additional Notes

Per repository CLAUDE.md baseline rules:

  1. ✅ Tests should be run (but will fail due to Django incompatibility)
  2. ✅ Type checking would pass (dependency-only change)
  3. ✅ Pre-commit hooks would pass

Verdict: Do not merge until Django is upgraded to 5.2 LTS. This PR creates a dependency mismatch that will cause runtime failures.

🔗 References

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 9, 2026

Sorry, only users with push access can use that command.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@JSv4