Skip to content

Bump plexapi from 4.17.2 to 4.18.1#3598

Open
dependabot[bot] wants to merge 3 commits intodevfrom
dependabot/pip/plexapi-4.18.1
Open

Bump plexapi from 4.17.2 to 4.18.1#3598
dependabot[bot] wants to merge 3 commits intodevfrom
dependabot/pip/plexapi-4.18.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 6, 2026
edited by Copilot AI
Loading

  • Bump plexapi from 4.17.2 to 4.18.1 in requirements.txt
  • Update plexapi version in plex provider manifest.json
  • Update plexapi version in plex_connect provider manifest.json

@dependabot
Bump plexapi from 4.17.2 to 4.18.1
fc78035 
Bumps [plexapi](https://github.com/pushingkarmaorg/python-plexapi) from 4.17.2 to 4.18.1.
- [Release notes](https://github.com/pushingkarmaorg/python-plexapi/releases)
- [Commits](pushingkarmaorg/python-plexapi@4.17.2...4.18.1)

---
updated-dependencies:
- dependency-name: plexapi
  dependency-version: 4.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies python Pull requests that update Python code labels Apr 6, 2026
@dependabot dependabot Bot mentioned this pull request Apr 6, 2026
Closed
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 6, 2026
edited
Loading

🔒 Dependency Security Report

📦 Modified Dependencies

music_assistant/providers/plex/manifest.json

Added:

Removed:

music_assistant/providers/plex_connect/manifest.json

Added:

Removed:

The following dependencies were added or modified:

diff --git a/requirements_all.txt b/requirements_all.txt
index 862afeb7..1c6bc44c 100644
--- a/requirements_all.txt
+++ b/requirements_all.txt
@@ -49,7 +49,7 @@ numpy==2.3.5
 orjson==3.11.6
 pillow==12.1.1
 pkce==1.0.3
-plexapi==4.17.2
+plexapi==4.18.1
 podcastparser==0.6.11
 propcache>=0.2.1
 py-opensonic==8.1.2

New/modified packages to review:

  • plexapi==4.18.1

🔍 Vulnerability Scan Results

No known vulnerabilities found
✅ No known vulnerabilities found

Automated Security Checks

  • Vulnerability Scan: Passed - No known vulnerabilities
  • Trusted Sources: All packages have verified source repositories
  • Typosquatting Check: No suspicious package names detected
  • License Compatibility: All licenses are OSI-approved and compatible
  • Supply Chain Risk: Passed - packages appear mature and maintained

🤖 Automated dependency update - This PR is from a trusted source (dependabot/renovate) and will be auto-approved if all checks pass.

Manual Review

Maintainer approval required:

  • I have reviewed the changes above and approve these dependency updates

Automated PRs with all checks passing will be auto-approved.

@github-actions github-actions Bot added the dependencies-reviewed Indication that any added or modified/updated dependencies on a PR have been reviewed label Apr 6, 2026
@MarvinSchenkel
Copy link
Copy Markdown
Contributor

MarvinSchenkel commented Apr 7, 2026

@copilot Also update the provider manifest

@MarvinSchenkel
Update plexapi version to 4.18.1 in plex and plex_connect provider ma…
90858e1 
…nifests

Agent-Logs-Url: https://github.com/music-assistant/server/sessions/93f6e13b-e5c9-41cd-a1a0-eabb2bcbf736

Co-authored-by: MarvinSchenkel <17671719+MarvinSchenkel@users.noreply.github.com>
Copy link
Copy Markdown
Contributor

Copilot AI commented Apr 7, 2026

@copilot Also update the provider manifest

Done — updated plexapi to 4.18.1 in both plex and plex_connect provider manifests (commit 90858e1).

Copilot AI requested a review from MarvinSchenkel April 7, 2026 06:10
@MarvinSchenkel
Copy link
Copy Markdown
Contributor

MarvinSchenkel commented May 4, 2026

@anatosun FYI. Looks like they added a py.typed upstream but their own package is not really mypy compliant?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

@MarvinSchenkel MarvinSchenkel Awaiting requested review from MarvinSchenkel

Assignees

No one assigned

Labels

dependencies dependencies-reviewed Indication that any added or modified/updated dependencies on a PR have been reviewed python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MarvinSchenkel