OperationCode / resources_api

Flask API for programming and cyber security learning resources
https://resources.operationcode.org/
MIT License
67 stars 65 forks source link

Bump sqlalchemy from 1.3.22 to 1.4.42 #565

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps sqlalchemy from 1.3.22 to 1.4.42.

Release notes

Sourced from sqlalchemy's releases.

1.4.42

Released: October 16, 2022

orm

  • [orm] [bug] The _orm.Session.execute.bind_arguments dictionary is no longer mutated when passed to _orm.Session.execute() and similar; instead, it's copied to an internal dictionary for state changes. Among other things, this fixes and issue where the "clause" passed to the _orm.Session.get_bind() method would be incorrectly referring to the _sql.Select construct used for the "fetch" synchronization strategy, when the actual query being emitted was a _dml.Delete or _dml.Update. This would interfere with recipes for "routing sessions".

    References: #8614

  • [orm] [bug] A warning is emitted in ORM configurations when an explicit _orm.remote() annotation is applied to columns that are local to the immediate mapped class, when the referenced class does not include any of the same table columns. Ideally this would raise an error at some point as it's not correct from a mapping point of view.

    References: #7094

  • [orm] [bug] A warning is emitted when attempting to configure a mapped class within an inheritance hierarchy where the mapper is not given any polymorphic identity, however there is a polymorphic discriminator column assigned. Such classes should be abstract if they never intend to load directly.

    References: #7545

  • [orm] [bug] [regression] Fixed regression for 1.4 in _orm.contains_eager() where the "wrap in subquery" logic of _orm.joinedload() would be inadvertently triggered for use of the _orm.contains_eager() function with similar statements (e.g. those that use distinct(), limit() or offset()), which would then lead to secondary issues with queries that used some combinations of SQL label names and aliasing. This "wrapping" is not appropriate for _orm.contains_eager() which has always had the contract that the user-defined SQL statement is unmodified with the exception of adding the appropriate columns to be fetched.

    References: #8569

  • [orm] [bug] [regression] Fixed regression where using ORM update() with synchronize_session='fetch' would fail due to the use of evaluators that are now used to determine the in-Python value for expressions in the the SET clause when refreshing objects; if the evaluators make use of math operators against non-numeric

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 2 years ago

Superseded by #567.