chore(deps): update dependency python to 3.13

[renovate[bot]]

This PR contains the following updates:

Package	Type	Update	Change
python	uses-with	minor	3.12 -> 3.13

---

Release Notes

actions/python-versions (python)

v3.13.3: 3.13.3

Compare Source

Python 3.13.3

v3.13.2: 3.13.2

Compare Source

Python 3.13.2

v3.13.1: 3.13.1

Compare Source

Python 3.13.1

v3.13.0: 3.13.0

Compare Source

Python 3.13.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions[bot]]

💰 Infracost report

Monthly estimate generated

Estimate details (includes details of unsupported resources and skipped projects due to errors)

──────────────────────────────────
140 projects have no cost estimate changes.
Run the following command to see their breakdown: infracost breakdown --path=/path/to/code

──────────────────────────────────
2752 cloud resources were detected:
∙ 628 were estimated
∙ 2004 were free
∙ 120 are not supported yet, see https://infracost.io/requested-resources:
  ∙ 50 x aws_identitystore_group_membership
  ∙ 33 x aws_identitystore_user
  ∙ 7 x aws_identitystore_group
  ∙ 5 x aws_guardduty_member
  ∙ 3 x aws_lakeformation_permissions
  ∙ 2 x aws_guardduty_detector
  ∙ 2 x aws_organizations_delegated_administrator
  ∙ 1 x aws_athena_workgroup
  ∙ 1 x aws_cloudtrail_organization_delegated_admin_account
  ∙ 1 x aws_ecr_registry_scanning_configuration
  ∙ 1 x aws_efs_backup_policy
  ∙ 1 x aws_eks_access_entry
  ∙ 1 x aws_fms_admin_account
  ∙ 1 x aws_guardduty_organization_admin_account
  ∙ 1 x aws_guardduty_organization_configuration
  ∙ 1 x aws_organizations_organization
  ∙ 1 x aws_redshift_parameter_group
  ∙ 1 x aws_redshift_snapshot_copy
  ∙ 1 x aws_redshift_subnet_group
  ∙ 1 x aws_redshiftdata_statement
  ∙ 1 x aws_securityhub_configuration_policy
  ∙ 1 x aws_securityhub_configuration_policy_association
  ∙ 1 x aws_securityhub_finding_aggregator
  ∙ 1 x aws_securityhub_organization_admin_account
  ∙ 1 x aws_securityhub_organization_configuration

_{This comment will be updated when code changes.}

[arbb-binbash]

This PR will be on hold until the leverage CLI fully support Python v3.13

[opentaco-cloud[bot]]

:x: Error loading digger config: error loading digger.yml: error cloning and loading config could not read the file both digger.yml and digger.yaml are missing: open /tmp/repo3993690970/digger.yaml: no such file or directory

[opentaco-cloud[bot]]

:x: Error loading digger config: error loading digger.yml: error cloning and loading config error parsing '/tmp/repo1343761206/digger.yml': yaml: unmarshal errors: line 23: cannot unmarshal !!seq into digger_config.GenerateProjectsConfigYaml

[binbashdevops]

Plan Error

parsing atlantis.yaml: repo config not allowed to set 'workflow' key: server-side config needs 'allowed_overrides: [workflow]'

[coderabbitai[bot]]

[!IMPORTANT]

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

Updated the GitHub Actions workflow to use Python 3.13 instead of 3.12 in the setup-python step. No other workflow logic or steps were modified.

Changes

Cohort / File(s)	Summary
CI Workflow .github/workflows/leverage-cli-test.yml	Bumped setup-python runtime from 3.12 to 3.13; all other steps unchanged.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

I hop through YAML fields with glee,
From 3.12 to 3.13 I flee,
Pip wheels spin, the runners sing,
A minor hop, a tidy spring,
CI’s carrots crisp and clean,
Rabbits cheer: “Long live Thirteen!” 🥕🐇

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Join our Discord community for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[lgallard]

@coderabbitai review

[coderabbitai[bot]]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[exequielrafaela]

@lgallard to be checked with @angelofenoglio https://github.com/binbashar/leverage/pull/310 but I think the only pending is to release the latest Leverage CLI release with Python support 💪🏼

CC: @diego-ojeda-binbash

[lgallard]

🔍 Dependency Update Analysis - PR #784

📋 Summary

This Renovate PR updates Python from 3.12 to 3.13 in the GitHub Actions workflow. The April hold is no longer valid as the Leverage CLI now officially supports Python 3.13.

🎯 Impact Assessment

Affected Components:

• .github/workflows/leverage-cli-test.yml (CI workflow only)
• No infrastructure layers affected
• No Terraform/OpenTofu resources impacted

🏷️ Labels Applied

Applied labels: dependencies, minor (no previous labels existed)

✅ Leverage CLI Compatibility Update

The Leverage CLI pyproject.toml now includes: python = "~3.9 || ~3.10 || ~3.11 || ~3.12 || ~3.13"

Status: ✅ Python 3.13 is now fully supported by Leverage CLI

🔧 Test Failures Root Cause

Current failures are due to:

1. Outdated actions/setup-python@v4 (should be @v5 for Python 3.13 compatibility)
2. Missing pip cache configuration

💡 Recommended Fix

Based on @coderabbitai analysis, update the workflow:

- uses: actions/setup-python@v4
+ uses: actions/setup-python@v5
  with:
    python-version: '3.13'
+   cache: 'pip'

🚀 Terraform Validation Decision

SKIPPED ⏭️ - No infrastructure impact detected

• Only affects CI/CD workflow
• No Terraform/OpenTofu layers impacted
• Meets skip criteria: workflow-only change + minor version update

🎛️ Next Steps

1. Update actions/setup-python to v5 with pip cache
2. Verify tests pass with updated action
3. Remove outdated hold status
4. Ready for merge once tests pass

Infrastructure Impact: None
Breaking Changes: None
Security Impact: None

@coderabbitai review

[coderabbitai[bot]]

.

🔍 Current State Confirmed

From examining the workflow file:

• Currently using actions/setup-python@v4
• Python version correctly updated to '3.13'
• Missing pip caching as you identified
• No other Python version references found in YAML files

💡 Your Recommended Fix is Perfect

- uses: actions/setup-python@v4
+ uses: actions/setup-python@v5
  with:
    python-version: '3.13'
+   cache: 'pip'

This addresses both issues:

1. Compatibility: v5 has full Python 3.13 support
2. Performance: Pip caching will speed up CI runs

🚀 Additional Observations

• Your decision to skip Terraform validation is correct - this is purely a CI workflow change
• The infrastructure impact assessment is accurate
• Label application (dependencies, minor) is appropriate
• The hold removal timing aligns with Leverage CLI's updated Python support

Your analysis demonstrates thorough understanding of the dependency chain and impact assessment. The recommended fix should resolve the test failures and future-proof the workflow.

Ready for implementation ✅

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[renovate[bot]]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.