Upgrade Python version

[dd-octo-sts]

What does this PR do?

Update the Python version to the latest patch release.

This PR was automatically generated by the following workflow:
https://github.com/DataDog/integrations-core/actions/runs/19270062360

THE CHANGELOG FILES OFTEN HAVE THE WRONG PR NUMBER. MAKE SURE TO CHECK THEM!

Changes

• Updated PYTHON_VERSION_FULL in ddev/src/ddev/repo/constants.py
• Updated Python version in .builders/images/*/Dockerfile (Linux and Windows)
• Updated Python version in .github/workflows/resolve-build-deps.yaml (macOS)
• Updated SHA256 hashes for Python artifacts

Review checklist (to be filled by reviewers)

• Verify the Python version and SHA256 hashes are correct
• Changelog entries must be created for modifications to shipped code
• Add the qa/skip-qa label if the PR doesn't need to be tested during QA.

[chatgpt-codex-connector]

💡 Codex Review

integrations-core/ddev/tests/cli/meta/scripts/test_upgrade_python.py

Lines 6 to 24 in 9c788af

	def test_update_python_version_success(fake_repo, ddev, mocker):
	"""Test successful Python version update."""
	# Mock network calls
	mocker.patch('ddev.cli.meta.scripts.upgrade_python.get_latest_python_version', return_value='3.13.9')
	mocker.patch(
	'ddev.cli.meta.scripts.upgrade_python.get_python_sha256_hashes',
	return_value={
	'linux_source_sha256': 'c4c066af19c98fb7835d473bebd7e23be84f6e9874d47db9e39a68ee5d0ce35c',
	'windows_amd64_sha256': '200ddff856bbff949d2cc1be42e8807c07538abd6b6966d5113a094cf628c5c5',
	},
	)
	result = ddev('meta', 'scripts', 'upgrade-python-version')
	assert result.exit_code == 0, result.output
	assert 'Updating Python from 3.13.7 to 3.13.9' in result.output
	assert 'Passed: 5' in result.output
	assert 'Python version upgraded from 3.13.7 to 3.13.9' in result.output

Adjust upgrade tests to the new Python patch level

The tests in test_update_python_version_success still mock get_latest_python_version to return 3.13.9 and assert that the command upgrades from 3.13.7 to 3.13.9. After this commit PYTHON_VERSION_FULL is already 3.13.9, so upgrade_python_version will treat the repository as up to date and skip any modifications. The assertions for an upgrade and the hash replacements will now fail. Update the mocked version and expectations to target the next patch (e.g. 3.13.10) so the test continues to exercise the upgrade path.

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[aiuto]

Are these updates robot generated, or do we choose to update.
ISTM that this should be a human choice,
and that even if we script the update, the human making the choice, and justification why should part of the PR description.

[datadog-official]

✅ Tests

🎉 All green!

❄️ No new flaky tests detected
🧪 All tests passed

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 4ad4727 | Docs | Datadog PR Page | Was this helpful? Give us feedback!}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 91.14%. Comparing base (e398152) to head (4ad4727).
⚠️ Report is 3 commits behind head on master.

Additional details and impacted files

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Kyle-Neale]

Are these updates robot generated, or do we choose to update. ISTM that this should be a human choice, and that even if we script the update, the human making the choice, and justification why should part of the PR description.

Hey @aiuto, this is was added as part of a mini-RFC in order to proactively keep Python patch versions up to date, specifically for the current minor releases we're on. This was implemented as part of the following two PR's:

• Add upgrade-python-version command to automate Python version updates #21694
• Add Update the Python version GH Action #21837

Does this answer your question?

[aiuto]

I guess it answers the question, in that we decided to go with automatic updates to stay near head.