Skip to content

deps(deps): bump the python-minor group across 1 directory with 10 updates#58

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/python-minor-434c95438d
Open

deps(deps): bump the python-minor group across 1 directory with 10 updates#58
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/python-minor-434c95438d

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 2, 2026
edited
Loading

Bumps the python-minor group with 10 updates in the / directory:

Package From To
fastapi 0.127.0 0.135.1
uvicorn[standard] 0.40.0 0.41.0
pydantic-settings 2.12.0 2.13.1
sqlalchemy 2.0.45 2.0.47
alembic 1.17.2 1.18.4
aiosqlite 0.22.0 0.22.1
python-dotenv 1.2.1 1.2.2
tenacity 9.1.2 9.1.4
prometheus-client 0.23.1 0.24.1
ruff 0.14.10 0.15.4

Updates fastapi from 0.127.0 to 0.135.1

Release notes

Sourced from fastapi's releases.

0.135.1

Fixes

  • 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed in the request async exit stack. PR #15038 by @​tiangolo.

Docs

Internal

0.135.0

Features

0.134.0

Features

  • ✨ Add support for streaming JSON Lines and binary data with yield. PR #15022 by @​tiangolo.
    • This also upgrades Starlette from >=0.40.0 to >=0.46.0, as it's needed to properly unrwap and re-raise exceptions from exception groups.
    • New docs: Stream JSON Lines.
    • And new docs: Stream Data.

Docs

  • 📝 Update Library Agent Skill with streaming responses. PR #15024 by @​tiangolo.
  • 📝 Update docs for responses and new stream with yield. PR #15023 by @​tiangolo.
  • 📝 Add await in StreamingResponse code example to allow cancellation. PR #14681 by @​casperdcl.
  • 📝 Rename docs_src/websockets to docs_src/websockets_ to avoid import errors. PR #14979 by @​YuriiMotov.

Internal

0.133.1

Features

Internal

... (truncated)

Commits
  • ca5f60e 🔖 Release version 0.135.1
  • 87f75aa 📝 Update release notes
  • 8a9258b 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed...
  • 6038507 📝 Update release notes
  • c796ba4 👥 Update FastAPI People - Experts (#15037)
  • b24aa03 📝 Update release notes
  • 2c61047 ✏️ Fix typo in docs/en/docs/_llm-test.md (#15007)
  • e3bbeef 📝 Update release notes
  • d726c8c 📝 Update release notes
  • cf514e6 👥 Update FastAPI People - Contributors and Translators (#15029)
  • Additional commits viewable in compare view

Updates uvicorn[standard] from 0.40.0 to 0.41.0

Release notes

Sourced from uvicorn[standard]'s releases.

Version 0.41.0

Added

  • Add --limit-max-requests-jitter to stagger worker restarts (#2707)
  • Add socket path to scope["server"] (#2561)

Changed

  • Rename LifespanOn.error_occured to error_occurred (#2776)

Fixed

  • Ignore permission denied errors in watchfiles reloader (#2817)
  • Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
  • Reduce the log level of 'request limit exceeded' messages (#2788)

New Contributors

Full Changelog: Kludex/uvicorn@0.40.0...0.41.0

Changelog

Sourced from uvicorn[standard]'s changelog.

0.41.0 (February 16, 2026)

Added

  • Add --limit-max-requests-jitter to stagger worker restarts (#2707)
  • Add socket path to scope["server"] (#2561)

Changed

  • Rename LifespanOn.error_occured to error_occurred (#2776)

Fixed

  • Ignore permission denied errors in watchfiles reloader (#2817)
  • Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
  • Reduce the log level of 'request limit exceeded' messages (#2788)
Commits
  • 9283c0f Version 0.41.0 (#2821)
  • a01a33e Add --limit-max-requests-jitter to stagger worker restarts (#2707)
  • 2ce65bd Ignore permission denied errors in watchfiles reloader (#2817)
  • 654f2ed Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
  • a03d9f6 Reduce the log level of 'request limit exceeded' messages (#2788)
  • e377de4 Add socket path to scope["server"] (#2561)
  • 0779f7f Poll for readiness in test_multiprocess_health_check and run_server (#2816)
  • 7e9ce2c Poll for PID changes in test_multiprocess_sighup instead of fixed sleep (#2...
  • 99f0d87 Fix grep warning in scripts/sync-version (#2807)
  • 7ae2e63 chore(deps): bump the python-packages group with 18 updates (#2801)
  • Additional commits viewable in compare view

Updates pydantic-settings from 2.12.0 to 2.13.1

Release notes

Sourced from pydantic-settings's releases.

v2.13.0

What's Changed

New Contributors

Full Changelog: pydantic/pydantic-settings@v2.12.0...v2.13.0

Commits

Updates sqlalchemy from 2.0.45 to 2.0.47

Release notes

Sourced from sqlalchemy's releases.

2.0.47

Released: February 24, 2026

orm

  • [orm] [bug] Fixed issue when using ORM mappings with Python 3.14's PEP 649 feature that no longer requires "future annotations", where the ORM's introspection of the __init__ method of mapped classes would fail if non-present identifiers in annotations were present. The vendored getfullargspec() method has been amended to use Format.FORWARDREF under Python 3.14 to prevent resolution of names that aren't present.

    References: #13104

engine

  • [engine] [usecase] The connection object returned by _engine.Engine.raw_connection() now supports the context manager protocol, automatically returning the connection to the pool when exiting the context.

    References: #13116

postgresql

  • [postgresql] [bug] Fixed an issue in the PostgreSQL dialect where foreign key constraint reflection would incorrectly swap or fail to capture onupdate and ondelete values when these clauses appeared in a different order than expected in the constraint definition. This issue primarily affected PostgreSQL-compatible databases such as CockroachDB, which may return ON DELETE before ON UPDATE in the constraint definition string. The reflection logic now correctly parses both clauses regardless of their ordering.

    References: #13105

  • [postgresql] [bug] Fixed issue in the engine_insertmanyvalues feature where using PostgreSQL's ON CONFLICT clause with _dml.Insert.returning.sort_by_parameter_order enabled would generate invalid SQL when the insert used an implicit sentinel (server-side autoincrement primary key). The generated SQL would incorrectly declare a sentinel counter column in the imp_sen table alias without providing corresponding values in the VALUES clause, leading to a ProgrammingError indicating column count mismatch. The fix allows batch execution mode when embed_values_counter is active, as the embedded counter provides the ordering capability needed even with upsert behaviors, rather than unnecessarily downgrading to row-at-a-time execution.

... (truncated)

Commits

Updates alembic from 1.17.2 to 1.18.4

Release notes

Sourced from alembic's releases.

1.18.4

Released: February 10, 2026

bug

  • [bug] [operations] Reverted the behavior of Operations.add_column() that would automatically render the "PRIMARY KEY" keyword inline when a Column with primary_key=True is added. The automatic behavior, added in version 1.18.2, is now opt-in via the new Operations.add_column.inline_primary_key parameter. This change restores the ability to render a PostgreSQL SERIAL column, which is required to be primary_key=True, while not impacting the ability to render a separate primary key constraint. This also provides consistency with the Operations.add_column.inline_references parameter and gives users explicit control over SQL generation.

    To render PRIMARY KEY inline, use the Operations.add_column.inline_primary_key parameter set to True:

    op.add_column( "my_table", Column("id", Integer, primary_key=True), inline_primary_key=True )References: #1232

1.18.3

Released: January 29, 2026

bug

  • [bug] [autogenerate] Fixed regression in version 1.18.0 due to #1771 where autogenerate would raise NoReferencedTableError when a foreign key constraint referenced a table that was not part of the initial table load, including tables filtered out by the EnvironmentContext.configure.include_name callable or tables in remote schemas that were not included in the initial reflection run.

    The change in #1771 was a performance optimization that eliminated additional reflection queries for tables that were only referenced by foreign keys but not explicitly included in the main reflection run. However, this optimization inadvertently removed the creation of Table objects for these referenced tables, causing autogenerate to fail when processing foreign key constraints that pointed to them.

    The fix creates placeholder Table objects for foreign key targets

... (truncated)

Commits

Updates aiosqlite from 0.22.0 to 0.22.1

Changelog

Sourced from aiosqlite's changelog.

v0.22.1

Bug fix release

NOTE: Starting with v0.22.0, the aiosqlite.Connection object no longer inherits from threading.Thread. If not using aiosqlite as a context manager, clients must await connection.close() or call connection.stop() to ensure the helper thread is completed and terminated correctly. A ResourceWarning will be emitted for any connection that is garbage collected without being closed or stopped.

  • Added synchronous stop() method to aiosqlite.Connection to enable safe cleanup and termination of the background thread without dependence on having an active event loop (#370)
$ git shortlog -s v0.22.0...v0.22.1
     2	Amethyst Reese
Commits

Updates python-dotenv from 1.2.1 to 1.2.2

Release notes

Sourced from python-dotenv's releases.

v1.2.2

Added

  • Support for Python 3.14, including the free-threaded (3.14t) build. (#)

Changed

  • The dotenv run command now forwards flags directly to the specified command by @​bbc2 in theskumar/python-dotenv#607
  • Improved documentation clarity regarding override behavior and the reference page.
  • Updated PyPy support to version 3.11.
  • Documentation for FIFO file support.
  • Support for Python 3.9.

Fixed

Breaking Changes

  • dotenv.set_key and dotenv.unset_key used to follow symlinks in some situations. This is no longer the case. For that behavior to be restored in all cases, follow_symlinks=True should be used.

  • In the CLI, set and unset used to follow symlinks in some situations. This is no longer the case.

  • dotenv.set_key, dotenv.unset_key and the CLI commands set and unset used to reset the file mode of the modified .env file to 0o600 in some situations. This is no longer the case: The original mode of the file is now preserved. Is the file needed to be created or wasn't a regular file, mode 0o600 is used.

Misc

New Contributors

Full Changelog: theskumar/python-dotenv@v1.2.1...v1.2.2

Changelog

Sourced from python-dotenv's changelog.

[1.2.2] - 2026-03-01

Added

  • Support for Python 3.14, including the free-threaded (3.14t) build. (#588)

Changed

  • The dotenv run command now forwards flags directly to the specified command by [@​bbc2] in #607
  • Improved documentation clarity regarding override behavior and the reference page.
  • Updated PyPy support to version 3.11.
  • Documentation for FIFO file support.
  • Dropped Support for Python 3.9.

Fixed

  • Improved set_key and unset_key behavior when interacting with symlinks by [@​bbc2] in [790c5c0]
  • Corrected the license specifier and added missing Python 3.14 classifiers in package metadata by [@​JYOuyang] in #590

Breaking Changes

  • dotenv.set_key and dotenv.unset_key used to follow symlinks in some situations. This is no longer the case. For that behavior to be restored in all cases, follow_symlinks=True should be used.

  • In the CLI, set and unset used to follow symlinks in some situations. This is no longer the case.

  • dotenv.set_key, dotenv.unset_key and the CLI commands set and unset used to reset the file mode of the modified .env file to 0o600 in some situations. This is no longer the case: The original mode of the file is now preserved. Is the file needed to be created or wasn't a regular file, mode 0o600 is used.

Commits

Updates tenacity from 9.1.2 to 9.1.4

Release notes

Sourced from tenacity's releases.

9.1.4

What's Changed

Full Changelog: jd/tenacity@9.1.3...9.1.4

9.1.3

What's Changed

New Contributors

Full Changelog: jd/tenacity@9.1.2...9.1.3

Commits
  • d4e868d Fix retry() annotations with async sleep= function (#555)
  • 24415eb support async sleep for sync fn (#551)
  • 3bf33b4 chore: drop Python 3.9 support (EOL) (#552)
  • 7027da3 chore(deps): bump the github-actions group with 2 updates (#550)
  • 21ae7d0 docs: fix syntax error in wait_chain docstring example (#548)
  • ef12c9e chore(deps): bump actions/checkout in the github-actions group (#547)
  • c35a4b3 chore(deps): bump the github-actions group with 2 updates (#545)
  • e792bba ci: fix mypy (#546)
  • 0f55245 ci: remove reno requirements (#542)
  • 815c34f feat(wait): add wait_exception strategy (#541)
  • Additional commits viewable in compare view

Updates prometheus-client from 0.23.1 to 0.24.1

Release notes

Sourced from prometheus-client's releases.

v0.24.1

v0.24.0

What's Changed

Full Changelog: prometheus/client_python@v0.23.1...v0.24.0

Commits

Updates ruff from 0.14.10 to 0.15.4

Release notes

Sourced from ruff's releases.

0.15.4

Release Notes

Released on 2026-02-26.

This is a follow-up release to 0.15.3 that resolves a panic when the new rule PLR1712 was enabled with any rule that analyzes definitions, such as many of the ANN or D rules.

Bug fixes

  • Fix panic on access to definitions after analyzing definitions (#23588)
  • [pyflakes] Suppress false positive in F821 for names used before del in stub files (#23550)

Documentation

  • Clarify first-party import detection in Ruff (#23591)
  • Fix incorrect import-heading example (#23568)

Contributors

Install ruff 0.15.4

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.15.4/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/ruff/releases/download/0.15.4/ruff-installer.ps1 | iex"

Download ruff 0.15.4

File Platform Checksum
ruff-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
ruff-x86_64-apple-darwin.tar.gz Intel macOS checksum
ruff-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
ruff-i686-pc-windows-msvc.zip x86 Windows checksum
ruff-x86_64-pc-windows-msvc.zip x64 Windows checksum
ruff-aarch64-unknown-linux-gnu.tar.gz ARM64 Linux checksum
ruff-i686-unknown-linux-gnu.tar.gz x86 Linux checksum
ruff-powerpc64-unknown-linux-gnu.tar.gz PPC64 Linux checksum

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.4

Released on 2026-02-26.

This is a follow-up release to 0.15.3 that resolves a panic when the new rule PLR1712 was enabled with any rule that analyzes definitions, such as many of the ANN or D rules.

Bug fixes

  • Fix panic on access to definitions after analyzing definitions (#23588)
  • [pyflakes] Suppress false positive in F821 for names used before del in stub files (#23550)

Documentation

  • Clarify first-party import detection in Ruff (#23591)
  • Fix incorrect import-heading example (#23568)

Contributors

0.15.3

Released on 2026-02-26.

Preview features

  • Drop explicit support for .qmd file extension (#23572)

    This can now be enabled instead by setting the extension option:

    # ruff.toml
extension = { qmd = "markdown" }
pyproject.toml
[tool.ruff]
extension = { qmd = "markdown" }

  • Include configured extensions in file discovery (#23400)

  • [flake8-bandit] Allow suspicious imports in TYPE_CHECKING blocks (S401-S415) (#23441)

  • [flake8-bugbear] Allow B901 in pytest hook wrappers (#21931)

  • [flake8-import-conventions] Add missing conventions from upstream (ICN001, ICN002) (#21373)

... (truncated)

Commits
  • f14edd8 Bump 0.15.4 (#23595)
  • fd09d37 Fix panic on access to definitions after analyzing definitions (#23588)
  • 81d655f [pyflakes] suppress false positive in F821 for names used before del in...
  • 625b4f5 [ruff] docs: Clarify first-party import detection in Ruff (#23591)
  • 60facfa one word typo fix in a while_loop.md test case (#23589)
  • fbb9fa7 docs: fix incorrect import-heading example (#23568)
  • 5bc49a9 Increase the ruleset size to 16 bits (#23586)
  • a62ba8c [ty] Fix overloaded callable assignability for unary Callable targets (#23277)
  • e5f2f36 Bump 0.15.3 (#23585)
  • 0e19fc9 [ty] defer calculating conjunctions in narrowing constraints (#23552)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also ...

Description has been truncated

@dependabot
deps(deps): bump the python-minor group across 1 directory with 10 up…
bb70e14 
…dates

Bumps the python-minor group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [fastapi](https://github.com/fastapi/fastapi) | `0.127.0` | `0.135.1` |
| [uvicorn[standard]](https://github.com/Kludex/uvicorn) | `0.40.0` | `0.41.0` |
| [pydantic-settings](https://github.com/pydantic/pydantic-settings) | `2.12.0` | `2.13.1` |
| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.45` | `2.0.47` |
| [alembic](https://github.com/sqlalchemy/alembic) | `1.17.2` | `1.18.4` |
| [aiosqlite](https://github.com/omnilib/aiosqlite) | `0.22.0` | `0.22.1` |
| [python-dotenv](https://github.com/theskumar/python-dotenv) | `1.2.1` | `1.2.2` |
| [tenacity](https://github.com/jd/tenacity) | `9.1.2` | `9.1.4` |
| [prometheus-client](https://github.com/prometheus/client_python) | `0.23.1` | `0.24.1` |
| [ruff](https://github.com/astral-sh/ruff) | `0.14.10` | `0.15.4` |



Updates `fastapi` from 0.127.0 to 0.135.1
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.127.0...0.135.1)

Updates `uvicorn[standard]` from 0.40.0 to 0.41.0
- [Release notes](https://github.com/Kludex/uvicorn/releases)
- [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md)
- [Commits](Kludex/uvicorn@0.40.0...0.41.0)

Updates `pydantic-settings` from 2.12.0 to 2.13.1
- [Release notes](https://github.com/pydantic/pydantic-settings/releases)
- [Commits](pydantic/pydantic-settings@v2.12.0...v2.13.1)

Updates `sqlalchemy` from 2.0.45 to 2.0.47
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

Updates `alembic` from 1.17.2 to 1.18.4
- [Release notes](https://github.com/sqlalchemy/alembic/releases)
- [Changelog](https://github.com/sqlalchemy/alembic/blob/main/CHANGES)
- [Commits](https://github.com/sqlalchemy/alembic/commits)

Updates `aiosqlite` from 0.22.0 to 0.22.1
- [Changelog](https://github.com/omnilib/aiosqlite/blob/main/CHANGELOG.md)
- [Commits](omnilib/aiosqlite@v0.22.0...v0.22.1)

Updates `python-dotenv` from 1.2.1 to 1.2.2
- [Release notes](https://github.com/theskumar/python-dotenv/releases)
- [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md)
- [Commits](theskumar/python-dotenv@v1.2.1...v1.2.2)

Updates `tenacity` from 9.1.2 to 9.1.4
- [Release notes](https://github.com/jd/tenacity/releases)
- [Commits](jd/tenacity@9.1.2...9.1.4)

Updates `prometheus-client` from 0.23.1 to 0.24.1
- [Release notes](https://github.com/prometheus/client_python/releases)
- [Commits](prometheus/client_python@v0.23.1...v0.24.1)

Updates `ruff` from 0.14.10 to 0.15.4
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.10...0.15.4)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.135.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-minor
- dependency-name: uvicorn[standard]
  dependency-version: 0.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-minor
- dependency-name: pydantic-settings
  dependency-version: 2.13.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-minor
- dependency-name: sqlalchemy
  dependency-version: 2.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-minor
- dependency-name: alembic
  dependency-version: 1.18.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-minor
- dependency-name: aiosqlite
  dependency-version: 0.22.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-minor
- dependency-name: python-dotenv
  dependency-version: 1.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-minor
- dependency-name: tenacity
  dependency-version: 9.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-minor
- dependency-name: prometheus-client
  dependency-version: 0.24.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-minor
- dependency-name: ruff
  dependency-version: 0.15.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 2, 2026

Labels

The following labels could not be found: dependencies, python. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot requested a review from Sakeeb91 as a code owner March 2, 2026 15:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Sakeeb91 Sakeeb91 Awaiting requested review from Sakeeb91 Sakeeb91 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants