Skip to content

⬆️ bump the python-deps group across 1 directory with 5 updates#6

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/uv/python-deps-96f72f2e84
Open

⬆️ bump the python-deps group across 1 directory with 5 updates#6
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/uv/python-deps-96f72f2e84

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 1, 2026

Bumps the python-deps group with 5 updates in the / directory:

Package From To
fastapi 0.135.1 0.136.1
rich 14.3.3 15.0.0
sqlalchemy 2.0.48 2.0.49
typer 0.24.1 0.25.1
uvicorn 0.42.0 0.46.0

Updates fastapi from 0.135.1 to 0.136.1

Release notes

Sourced from fastapi's releases.

0.136.1

Upgrades

Internal

0.136.0

Upgrades

0.135.4

Refactors

Internal

0.135.3

... (truncated)

Commits

Updates rich from 14.3.3 to 15.0.0

Release notes

Sourced from rich's releases.

The So Long 3.8 Release

A few fixes. The major version bump is to honor the passing of 3.8 support which reached its EOL in October 7, 2024

[15.0.0] - 2026-04-12

Changed

  • Breaking change: Dropped support for Python3.8

Fixed

The Faster Startup Release

No new features in this release, but there should be improved startup time for Rich apps, and potentially improved runtime if you have a lot of links.

[14.3.4] - 2026-04-11

Changed

Changelog

Sourced from rich's changelog.

[15.0.0] - 2026-04-12

Changed

  • Breaking change: Dropped support for Python3.8

Fixed

[14.3.4] - 2026-04-11

Changed

Commits

Updates sqlalchemy from 2.0.48 to 2.0.49

Release notes

Sourced from sqlalchemy's releases.

2.0.49

Released: April 3, 2026

orm

  • [orm] [bug] Fixed issue where _orm.Session.get() would bypass the identity map and emit unnecessary SQL when with_for_update=False was passed, rather than treating it equivalently to the default of None. Pull request courtesy of Joshua Swanson.

    References: #13176

  • [orm] [bug] Fixed issue where chained _orm.joinedload() options would not be applied correctly when the final relationship in the chain is declared on a base mapper and accessed through a subclass mapper in a _orm.with_polymorphic() query. The path registry now correctly computes the natural path when a property declared on a base class is accessed through a path containing a subclass mapper, ensuring the loader option can be located during query compilation.

    References: #13193

  • [orm] [bug] [inheritance] Fixed issue where using _orm.Load.options() to apply a chained loader option such as _orm.joinedload() or _orm.selectinload() with _orm.PropComparator.of_type() for a polymorphic relationship would not generate the necessary clauses for the polymorphic subclasses. The polymorphic loading strategy is now correctly propagated when using a call such as joinedload(A.b).options(joinedload(B.c.of_type(poly))) to match the behavior of direct chaining e.g. joinedload(A.b).joinedload(B.c.of_type(poly)).

    References: #13202

  • [orm] [bug] [inheritance] Fixed issue where using chained loader options such as _orm.selectinload() after _orm.joinedload() with _orm.PropComparator.of_type() for a polymorphic relationship would not properly apply the chained loader option. The loader option is now correctly applied when using a call such as joinedload(A.b.of_type(poly)).selectinload(poly.SubClass.c) to eagerly load related objects.

    References: #13209

typing

  • [typing] [bug] Fixed a typing issue where the typed members of :data:.func would return the appropriate class of the same name, however this creates an issue for

... (truncated)

Commits

Updates typer from 0.24.1 to 0.25.1

Release notes

Sourced from typer's releases.

0.25.1

Features

Internal

0.25.0

Features

  • 🚸 Don't truncate code lines in traceback when formatted with Rich. PR #1695 by @​YuriiMotov.

0.24.2

Fixes

  • 🐛 Ensure that typer.launch forwards correctly when launching a file. PR #1708 by @​svlandeg.

Refactors

Docs

Internal

... (truncated)

Changelog

Sourced from typer's changelog.

0.25.1 (2026-04-30)

Features

Internal

0.25.0 (2026-04-26)

Features

  • 🚸 Don't truncate code lines in traceback when formatted with Rich. PR #1695 by @​YuriiMotov.

0.24.2 (2026-04-22)

Fixes

  • 🐛 Ensure that typer.launch forwards correctly when launching a file. PR #1708 by @​svlandeg.

Refactors

Docs

Internal

... (truncated)

Commits

Updates uvicorn from 0.42.0 to 0.46.0

Release notes

Sourced from uvicorn's releases.

Version 0.46.0

What's Changed

Full Changelog: Kludex/uvicorn@0.45.0...0.46.0

Version 0.45.0

What's Changed

New Contributors

Full Changelog: Kludex/uvicorn@0.44.0...0.45.0

Version 0.44.0

What's Changed

Full Changelog: Kludex/uvicorn@0.43.0...0.44.0

Version 0.43.0

Changed

  • Emit http.disconnect ASGI receive() event on server shutting down for streaming responses (#2829)
  • Use native context parameter for create_task on Python 3.11+ (#2859)
  • Drop cast in ASGI types (#2875)

Full Changelog: Kludex/uvicorn@0.42.0...0.43.0

Changelog

Sourced from uvicorn's changelog.

0.46.0 (April 23, 2026)

Added

  • Support ws_max_size in wsproto implementation (#2915)
  • Support ws_ping_interval and ws_ping_timeout in wsproto implementation (#2916)

Changed

  • Use bytearray for incoming WebSocket message buffer in websockets-sansio (#2917)

0.45.0 (April 21, 2026)

Added

  • Add --reset-contextvars flag to isolate ASGI request context (#2912)
  • Accept os.PathLike for log_config (#2905)
  • Accept log_level strings case-insensitively (#2907)

Changed

  • Revert "Emit http.disconnect on server shutdown for streaming responses" (#2913)
  • Revert "Explicitly start ASGI run with empty context" (#2911)

Fixed

  • Preserve forwarded client ports in proxy headers middleware (#2903)
  • Raise helpful ImportError when PyYAML is missing for YAML log config (#2906)

0.44.0 (April 6, 2026)

Added

  • Implement websocket keepalive pings for websockets-sansio (#2888)

0.43.0 (April 3, 2026)

You can quit Uvicorn now. We heard you, @​pamelafox - all 47 of your Ctrl+C's (thanks for flagging it, and thanks to @​tiangolo for the fix 🙏). See the tweet.

Changed

  • Emit http.disconnect ASGI receive() event on server shutting down for streaming responses (#2829)
  • Use native context parameter for create_task on Python 3.11+ (#2859)
  • Drop cast in ASGI types (#2875)
Commits
  • b224045 Version 0.46.0 (#2918)
  • 7375b5b Use bytearray for incoming WebSocket message buffer in websockets-sansio (#...
  • d438fb1 Support ws_ping_interval and ws_ping_timeout in wsproto implementation ...
  • 3e6b964 Support ws_max_size in wsproto implementation (#2915)
  • 2c423bd Version 0.45.0 (#2914)
  • 7f027f8 Revert "Emit http.disconnect on server shutdown for streaming responses" (#...
  • 73a80c3 Add --reset-contextvars flag to isolate ASGI request context (#2912)
  • 45c0b56 Revert empty context for ASGI runs (#2911)
  • 850d926 Raise helpful ImportError when PyYAML is missing for YAML log config (#2906)
  • fdcacb4 Accept log_level strings case-insensitively (#2907)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
⬆️ bump the python-deps group across 1 directory with 5 updates
78a3467 
Bumps the python-deps group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [fastapi](https://github.com/fastapi/fastapi) | `0.135.1` | `0.136.1` |
| [rich](https://github.com/Textualize/rich) | `14.3.3` | `15.0.0` |
| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.48` | `2.0.49` |
| [typer](https://github.com/fastapi/typer) | `0.24.1` | `0.25.1` |
| [uvicorn](https://github.com/Kludex/uvicorn) | `0.42.0` | `0.46.0` |



Updates `fastapi` from 0.135.1 to 0.136.1
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.135.1...0.136.1)

Updates `rich` from 14.3.3 to 15.0.0
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](Textualize/rich@v14.3.3...v15.0.0)

Updates `sqlalchemy` from 2.0.48 to 2.0.49
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

Updates `typer` from 0.24.1 to 0.25.1
- [Release notes](https://github.com/fastapi/typer/releases)
- [Changelog](https://github.com/fastapi/typer/blob/master/docs/release-notes.md)
- [Commits](fastapi/typer@0.24.1...0.25.1)

Updates `uvicorn` from 0.42.0 to 0.46.0
- [Release notes](https://github.com/Kludex/uvicorn/releases)
- [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md)
- [Commits](Kludex/uvicorn@0.42.0...0.46.0)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.136.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-deps
- dependency-name: rich
  dependency-version: 15.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-deps
- dependency-name: sqlalchemy
  dependency-version: 2.0.49
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-deps
- dependency-name: typer
  dependency-version: 0.25.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-deps
- dependency-name: uvicorn
  dependency-version: 0.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels May 1, 2026
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 1, 2026

👋 Thanks @dependabot[bot] for this contribution! 🚀

We're excited to review your PR.

💡 Tips:

  • Keep your PR focused and atomic
  • Add tests if applicable
  • Update docs if needed

Happy coding! ✨

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants