aio-libs / aiohttp-security

auth and permissions for aiohttp
Apache License 2.0
229 stars 68 forks source link

Bump sqlalchemy from 1.4.46 to 2.0.4 #566

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps sqlalchemy from 1.4.46 to 2.0.4.

Release notes

Sourced from sqlalchemy's releases.

2.0.4

Released: February 17, 2023

orm

  • [orm] [usecase] The _orm.Session.refresh() method will now immediately load a relationship-bound attribute that is explicitly named within the _orm.Session.refresh.attribute_names collection even if it is currently linked to the "select" loader, which normally is a "lazy" loader that does not fire off during a refresh. The "lazy loader" strategy will now detect that the operation is specifically a user-initiated _orm.Session.refresh() operation which named this attribute explicitly, and will then call upon the "immediateload" strategy to actually emit SQL to load the attribute. This should be helpful in particular for some asyncio situations where the loading of an unloaded lazy-loaded attribute must be forced, without using the actual lazy-loading attribute pattern not supported in asyncio.

    References: #9298

  • [orm] [bug] [regression] Fixed regression introduced in version 2.0.2 due to #9217 where using DML RETURNING statements, as well as _sql.Select.from_statement() constructs as was "fixed" in #9217, in conjunction with ORM mapped classes that used expressions such as with _orm.column_property(), would lead to an internal error within Core where it would attempt to match the expression by name. The fix repairs the Core issue, and also adjusts the fix in #9217 to not take effect for the DML RETURNING use case, where it adds unnecessary overhead.

    References: #9273

  • [orm] [bug] Marked the internal EvaluatorCompiler module as private to the ORM, and renamed it to _EvaluatorCompiler. For users that may have been relying upon this, the name EvaluatorCompiler is still present, however this use is not supported and will be removed in a future release.

  • [orm] [use_case] To accommodate a change in column ordering used by ORM Declarative in SQLAlchemy 2.0, a new parameter _orm.mapped_column.sort_order has been added that can be used to control the order of the columns defined in the table by the ORM, for common use cases such as mixins with primary key columns that should appear first in tables. The change notes at change_9297 illustrate the default change in ordering behavior (which is part of all SQLAlchemy 2.0 releases) as well as use of the _orm.mapped_column.sort_order to control column ordering when using mixins and multiple classes (new in 2.0.4).

    References: #9297

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #571.