chore: Bump the ci group in /.github/workflows with 2 updates

[dependabot]

Bumps the ci group in /.github/workflows with 2 updates: meltano and tox.

Updates meltano from 3.6.0 to 3.7.1

Release notes

Sourced from meltano's releases.

v3.7.1 (2025-03-26)

• Docker Hub 🐋
• PyPI 🐍

🐛 Fixes

• #9173 Avoid parsing valid ISO 8601 strings

📦 Packaging changes

• #9171 Bump tzlocal to 5.3

v3.7.0 (2025-03-25)

• Docker Hub 🐋
• PyPI 🐍

Highlights

This release brings several major enhancements including support for relative dates, custom state backends, and improved logging capabilities and user-friendliness.

Relative dates

Settings of kind date_iso8601 now support relative date values. For example:

plugins:
  - name: tap-example
    variant: meltanolabs
    pip_url: git+https://github.com/MeltanoLabs/tap-example.git
    config:
      start_date: last week  # relative date

Custom State Backends

Meltano now supports custom state backends via packaging plugins. See the docs for more information.

Custom project-level settings are also supported. This allows you to let Meltano know about the settings used by the custom state backend.

Reach out to us in Slack if you wanna learn more about creating a custom state backend. We might add in-depth guides and templates if there's interest!

Improved logging

• A logging configuration is now automatically added for Singer extractors, loaders and mappers and passed to the plugin at runtime. This improves how the plugin logs are formatted in Meltano's own logs.

• A new cli.log_format setting and --log-format CLI option are available to quickly change the format of logs. See the CLI help for more information.

... (truncated)

Changelog

Sourced from meltano's changelog.

v3.7.1 (2025-03-26)

🐛 Fixes

• #9173 Avoid parsing valid ISO 8601 strings

📦 Packaging changes

• #9171 Bump tzlocal to 5.3

v3.7.0 (2025-03-25)

✨ New

• #9158 Pass project env to installation environment
• #9119 Parse relative dates in plugin config
• #9019 Set application/json as the content type for blobs uploaded with the GCS state backend
• #8367 Support state backend and setting add-ons
• #9047 Added a default Meltano User-Agent env var that plugins can refer to in config
• #9077 Pass a default logging configuration for Pipelinewise and Singer SDK extractors, loaders and mappers
• #9046 The process key containing the process ID for a Meltano invocation is now added to logs when callsite_parameters: true is used
• #9018 Add descriptions to Meltano's internal settings
• #8975 Added a --log-format option as a shorcut to quickly change the format of logs
• #8991 Uv venv backend is no longer experimental
• #8951 Add a simple log formatter that only contains the event by default

🐛 Fixes

• #9162 Stringify YAML values from top-level env key of meltano.yml
• #9153 Display catalog file contents when it cannot be parsed as valid JSON
• #9148 Send first heartbeat when initializing job
• #9117 Avoid prepending a slash to state file path in Cloud state backends
• #9045 Added help to --extras option of meltano config ... list
• #9035 Limit boto3 to < 1.36 to fix incompatibility with Minio (S3-compatible state backend)
• #9003 Disable local variables by default in JSON logs
• #8973 Print the time when the job will go stale if no more heartbeats are sent

⚙️ Under the Hood

• #9165 Refactor base state backend so that a lock is always acquired when supported
• #9000 Use anyio to open pathlib.Path instances
• #8972 Enable Ruff ASYNC rules, open files with anyio and run subprocess with asyncio.create_subprocess_exec in async contexts

📚 Documentation Improvements

• #9116 Mention meltano schedule run whenever we discuss meltano schedule
• #9115 Document common metadata keys
• #9109 Updated the contributing guide
• #9084 Use meltano-map-transform PyPI distribution in examples
• #9069 Update plugin development guide to use uv

... (truncated)

Commits

• dec6690 chore: Release v3.7.1 (#9175)
• 2c7c1f0 fix: Avoid parsing valid ISO 8601 strings (#9173)
• cab78a1 packaging: Bump tzlocal to 5.3 (#9171)
• ffd19ad chore: Fix link to responsible disclosure policy in readme (#9170)
• 3af8f21 chore: Release v3.7.0 (#9168)
• 8d2d6ce ci: bump the actions group with 2 updates (#9167)
• 523a7ff chore: Release v3.7.0rc3 (#9166)
• a7c219b refactor: Refactor base state backend so that a lock is always acquired when ...
• 8f08838 ci: Pin GitHub actions in reusable workflows (#9164)
• 84844a6 chore: Release v3.7.0rc2 (#9163)
• Additional commits viewable in compare view

Updates tox from 4.24.2 to 4.25.0

Release notes

Sourced from tox's releases.

4.25.0

What's Changed

• Tests: Adjust expected exception message for Python 3.14.0a6 by @​hroncok in tox-dev/tox#3500
• feat(config): Allow ranges in envlist by @​mimre25 in tox-dev/tox#3503

Full Changelog: tox-dev/tox@4.24.2...4.25.0

Changelog

Sourced from tox's changelog.

v4.25.0 (2025-03-27)

Features - 4.25.0

- Add support for number ranges in generative environments, more details :ref:`here<generative-environment-list>`. - by :user:`mimre25` (:issue:`3502`)
Bugfixes - 4.25.0

• Make tox tests pass with Python 3.14.0a6
  • by :user:hroncok (:issue:3500)

Commits

• 3d35559 release 4.25.0
• 0e6b4ad feat(config): Allow ranges in envlist (#3503)
• 5a67ae1 [pre-commit.ci] pre-commit autoupdate (#3505)
• f5f5cb1 [pre-commit.ci] pre-commit autoupdate (#3499)
• beba4be Tests: Adjust expected exception message for Python 3.14.0a6 (#3500)
• 794e6be [pre-commit.ci] pre-commit autoupdate (#3496)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions