search

SpamExperts / OrangeAssassin

OrangeAssassin
https://orangeassassin.org
Apache License 2.0
60 stars 19 forks source link

Bump sqlalchemy from 1.4.29 to 2.0.7 #467

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps sqlalchemy from 1.4.29 to 2.0.7.

Release notes

Sourced from sqlalchemy's releases.

2.0.7

Released: March 18, 2023

sql

  • [sql] [bug] Fixed critical SQL caching issue where use of the _sql.Operators.op() custom operator function would not produce an appropriate cache key, leading to reduce the effectiveness of the SQL cache.

    This change is also backported to: 1.4.47

    References: #9506

typing

  • [typing] [bug] Fixed typing issue where _orm.composite() would not allow an arbitrary callable as the source of the composite class.

    References: #9502

postgresql

  • [postgresql] [usecase] Added new PostgreSQL type _postgresql.CITEXT. Pull request courtesy Julian David Rath.

    References: #9416

  • [postgresql] [usecase] Modifications to the base PostgreSQL dialect to allow for better integration with the sqlalchemy-redshift third party dialect for SQLAlchemy 2.0. Pull request courtesy matthewgdv.

    References: #9442

2.0.6

Released: March 13, 2023

orm

  • [orm] [bug] Fixed bug where the "active history" feature was not fully implemented for composite attributes, making it impossible to receive events that included the "old" value. This seems to have been the case with older SQLAlchemy versions as well, where "active_history" would be propagated to the underlying column-based attributes, but an event handler listening to the composite attribute itself would not be given

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
jbnable commented 1 year ago

Logo Checkmarx One – Scan Summary & Details9c1b896a-7214-4214-989f-01eb504793a6

No New Or Fixed Issues Found

dependabot[bot] commented 1 year ago

Superseded by #469.