aio-libs / aiohttp-security

auth and permissions for aiohttp
Apache License 2.0
229 stars 68 forks source link

Bump sqlalchemy from 1.4.46 to 2.0.11 #595

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps sqlalchemy from 1.4.46 to 2.0.11.

Release notes

Sourced from sqlalchemy's releases.

2.0.11

Released: April 26, 2023

orm

  • [orm] [usecase] The ORM bulk INSERT and UPDATE <orm_expression_update_delete> features now add these capabilities:

    -   The requirement that extra parameters aren't passed when using ORM
        INSERT using the "orm" dml_strategy setting is lifted.
    
    • The requirement that additional WHERE criteria is not passed when using ORM UPDATE using the "bulk" dml_strategy setting is lifted. Note that in this case, the check for expected row count is turned off.

References: #9583, #9595

  • [orm] [bug] Fixed 2.0 regression where use of _sql.bindparam() inside of _dml.Insert.values() would fail to be interpreted correctly when executing the _dml.Insert statement using the ORM _orm.Session, due to the new ORM-enabled insert feature <orm_queryguide_bulk_insert> not implementing this use case.

    References: #9583, #9595

  • engine

    • [engine] [performance] A series of performance enhancements to _engine.Row:

      -   `__getattr__` performance of the row's "named tuple" interface has
          been improved; within this change, the `_engine.Row`
          implementation has been streamlined, removing constructs and logic
          that were specific to the 1.4 and prior series of SQLAlchemy.
          As part of this change, the serialization format of `_engine.Row`
          has been modified slightly, however rows which were pickled with previous
          SQLAlchemy 2.0 releases will be recognized within the new format.
          Pull request courtesy J. Nick Koston.
      
      • Improved row processing performance for "binary" datatypes by making the "bytes" handler conditional on a per driver basis. As a result, the "bytes" result handler has been removed for nearly all drivers other than psycopg2, all of which in modern forms support returning Python "bytes" directly. Pull request courtesy J. Nick Koston.

      • Additional refactorings inside of _engine.Row to improve

    ... (truncated)

    Commits


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options
    You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependabot[bot] commented 1 year ago

    Superseded by #598.