⬆️ Upgrade minimum version of python-multipart to >=0.0.7 to fix a vulnerability when using form data with a ReDos attack. You can also simply upgrade python-multipart.
[postgresql] [bug] [regression] Fixed regression caused by just-released fix for #10863 where an
invalid exception class were added to the "except" block, which does not
get exercised unless such a catch actually happens. A mock-style test has
been added to ensure this catch is exercised in unit tests.
[orm] [bug] Replaced the "loader depth is excessively deep" warning with a shorter
message added to the caching badge within SQL logging, for those statements
where the ORM disabled the cache due to a too-deep chain of loader options.
The condition which this warning highlights is difficult to resolve and is
generally just a limitation in the ORM's application of SQL caching. A
future feature may include the ability to tune the threshold where caching
is disabled, but for now the warning will no longer be a nuisance.
[orm] [bug] Fixed issue where it was not possible to use a type (such as an enum)
within a _orm.Mapped container type if that type were declared
locally within the class body. The scope of locals used for the eval now
includes that of the class body itself. In addition, the expression within
_orm.Mapped may also refer to the class name itself, if used as a
string or with future annotations mode.
[orm] [bug] Fixed issue where using _orm.Session.delete() along with the
_orm.Mapper.version_id_col feature would fail to use the
correct version identifier in the case that an additional UPDATE were
emitted against the target object as a result of the use of
_orm.relationship.post_update on the object. The issue is
similar to #10800 just fixed in version 2.0.25 for the case of
updates alone.
Fixed a bug where comments where mistakenly removed along with redundant parentheses
(#4218)
Preview style
Move the hug_parens_with_braces_and_square_brackets feature to the unstable style
due to an outstanding crash and proposed formatting tweaks (#4198)
Fixed a bug where base expressions caused inconsistent formatting of ** in tenary
expression (#4154)
Checking for newline before adding one on docstring that is almost at the line limit
(#4185)
Remove redundant parentheses in case statement if guards (#4214).
Configuration
Fix issue where Black would ignore input files in the presence of symlinks (#4222)
Black now ignores pyproject.toml that is missing a tool.black section when
discovering project root and configuration. Since Black continues to use version
control as an indicator of project root, this is expected to primarily change behavior
for users in a monorepo setup (desirably). If you wish to preserve previous behavior,
simply add an empty [tool.black] to the previously discovered pyproject.toml
(#4204)
Output
Black will swallow any SyntaxWarnings or DeprecationWarnings produced by the ast
module when performing equivalence checks (#4189)
Integrations
Add a JSONSchema and provide a validate-pyproject entry-point (#4181)
24.1.1
Bugfix release to fix a bug that made Black unusable on certain file systems
with strict limits on path length.
Preview style
Consistently add trailing comma on typed parameters (#4164)
Configuration
Shorten the length of the name of the cache file to fix crashes on file systems that
do not support long paths (#4176)
Fixed a bug where comments where mistakenly removed along with redundant parentheses
(#4218)
Preview style
Move the hug_parens_with_braces_and_square_brackets feature to the unstable style
due to an outstanding crash and proposed formatting tweaks (#4198)
Fixed a bug where base expressions caused inconsistent formatting of ** in tenary
expression (#4154)
Checking for newline before adding one on docstring that is almost at the line limit
(#4185)
Remove redundant parentheses in case statement if guards (#4214).
Configuration
Fix issue where Black would ignore input files in the presence of symlinks (#4222)
Black now ignores pyproject.toml that is missing a tool.black section when
discovering project root and configuration. Since Black continues to use version
control as an indicator of project root, this is expected to primarily change behavior
for users in a monorepo setup (desirably). If you wish to preserve previous behavior,
simply add an empty [tool.black] to the previously discovered pyproject.toml
(#4204)
Output
Black will swallow any SyntaxWarnings or DeprecationWarnings produced by the ast
module when performing equivalence checks (#4189)
Integrations
Add a JSONSchema and provide a validate-pyproject entry-point (#4181)
24.1.1
Bugfix release to fix a bug that made Black unusable on certain file systems with strict
limits on path length.
Preview style
Consistently add trailing comma on typed parameters (#4164)
Configuration
Shorten the length of the name of the cache file to fix crashes on file systems that
do not support long paths (#4176)
#11875: Correctly handle errors from getpass.getuser{.interpreted-text role="func"} in Python 3.13.
#11879: Fix an edge case where ExceptionInfo._stringify_exception could crash pytest.raises{.interpreted-text role="func"}.
#11906: Fix regression with pytest.warns{.interpreted-text role="func"} using custom warning subclasses which have more than one parameter in their [__init__]{.title-ref}.
#11907: Fix a regression in pytest 8.0.0 whereby calling pytest.skip{.interpreted-text role="func"} and similar control-flow exceptions within a pytest.warns(){.interpreted-text role="func"} block would get suppressed instead of propagating.
#11929: Fix a regression in pytest 8.0.0 whereby autouse fixtures defined in a module get ignored by the doctests in the module.
#11937: Fix a regression in pytest 8.0.0 whereby items would be collected in reverse order in some circumstances.
pytest 8.0.0 (2024-01-27)
See 8.0.0rc1 and 8.0.0rc2 for the full changes since pytest 7.4!
Bug Fixes
#11842: Properly escape the reason of a skip <pytest.mark.skip ref>{.interpreted-text role="ref"} mark when writing JUnit XML files.
#11861: Avoid microsecond exceeds 1_000_000 when using log-date-format with %f specifier, which might cause the test suite to crash.
8.0.0rc2
pytest 8.0.0rc2 (2024-01-17)
Improvements
#11233: Improvements to -r for xfailures and xpasses:
Report tracebacks for xfailures when -rx is set.
Report captured output for xpasses when -rX is set.
For xpasses, add - in summary between test name and reason, to match how xfail is displayed.
#11825: The pytest_plugin_registered{.interpreted-text role="hook"} hook has a new plugin_name parameter containing the name by which plugin is registered.
Bug Fixes
#11706: Fix reporting of teardown errors in higher-scoped fixtures when using [--maxfail]{.title-ref} or [--stepwise]{.title-ref}.
#11758: Fixed IndexError: string index out of range crash in if highlighted[-1] == "\n" and source[-1] != "\n".
This bug was introduced in pytest 8.0.0rc1.
#9765, #11816: Fixed a frustrating bug that afflicted some users with the only error being assert mod not in mods. The issue was caused by the fact that str(Path(mod)) and mod.__file__ don't necessarily produce the same string, and was being erroneously used interchangably in some places in the code.
This fix also broke the internal API of PytestPluginManager.consider_conftest by introducing a new parameter -- we mention this in case it is being used by external code, even if marked as private.
The proxy argument was added. You should use the proxy argument instead of the deprecated proxies, or use mounts= for more complex configurations. (#2879)
Deprecated
The proxies argument is now deprecated. It will still continue to work, but it will be removed in the future. (#2879)
Fixed
Fix cases of double escaping of URL path components. Allow / as a safe character in the query portion. (#2990)
Handle NO_PROXY envvar cases when a fully qualified URL is supplied as the value. (#2741)
Allow URLs where username or password contains unescaped '@'. (#2986)
Ensure ASGI raw_path does not include URL query component. (#2999)
The proxy argument was added. You should use the proxy argument instead of the deprecated proxies, or use mounts= for more complex configurations. (#2879)
Deprecated
The proxies argument is now deprecated. It will still continue to work, but it will be removed in the future. (#2879)
Fixed
Fix cases of double escaping of URL path components. Allow / as a safe character in the query portion. (#2990)
Handle NO_PROXY envvar cases when a fully qualified URL is supplied as the value. (#2741)
Allow URLs where username or password contains unescaped '@'. (#2986)
Ensure ASGI raw_path does not include URL query component. (#2999)
:exclamation: Current head d18aa3c differs from pull request most recent head 62fd7ac. Consider uploading reports for the commit 62fd7ac to get more accurate results
Bumps the python-packages group with 11 updates:
0.104.10.109.22.0.232.0.272.5.22.6.10.24.0.post10.27.123.12.124.2.07.4.48.0.10.25.20.27.01.1.01.1.119.13.023.2.11.7.11.8.02.31.0.102.31.0.20240218Updates
fastapi[all]from 0.104.1 to 0.109.2Release notes
Sourced from fastapi[all]'s releases.
... (truncated)
Commits
141e34f📝 Update release notes57b0983🔖 Release FastAPI version 0.109.250e558e📝 Update release notes4a2be2a⬆️ Upgrade version of Starlette to>= 0.36.3(#11086)43f9cbc📝 Update release notes739739c🍱 Add new FastAPI logo (#11090)6944ae1📝 Update release notese239c56:globe_with_meridians: Update Turkish translation for `docs/tr/docs/fastapi-p...3f3ee24📝 Update release notes7633d15🔖 Release version 0.109.1Updates
sqlalchemyfrom 2.0.23 to 2.0.27Release notes
Sourced from sqlalchemy's releases.
... (truncated)
Commits
Updates
pydanticfrom 2.5.2 to 2.6.1Release notes
Sourced from pydantic's releases.
... (truncated)
Changelog
Sourced from pydantic's changelog.
... (truncated)
Commits
cf822bdprep for 2.6.1 releasefa8acbbVersion bump for pydantic 2.16.2 (#8717)2d812a8Reverting problematic fix from 2.6 release, fixing schema building bug (#8718)8e790d5Fix unsupported types bug with plain validator (#8710)aac1069Fix regression in core schema generation for indirect definition references (...43327d8Fix inheriting annotations in dataclasses (#8679)f3532edFixByteSizeerrortypechange (#8681)50259d7Fix bug with mypy plugin andno_strict_optional = True(#8666)afd0aa8Drop pypy-3.8 from CI (#8667)0b2578dupdate date for 2.6 releaseUpdates
uvicornfrom 0.24.0.post1 to 0.27.1Release notes
Sourced from uvicorn's releases.
... (truncated)
Changelog
Sourced from uvicorn's changelog.
Commits
bd552dfVersion 0.27.1 (#2250)2ff704bFix spurious LocalProtocolError errors when processing pipelined requests (#2...4f74ed1Bump the python-packages group with 5 updates (#2241)f39933cVersion 0.27.0.post1 (#2239)bda1c8aFix nav overrides for newer version of Mkdocs Material (#2233)bcde07dDowngrade mkdocs-material (#2229)892c788Version 0.27.0 (#2223)b0092cbBump ASGI spec version to 2.4 (#2221)04c1974Improve type hints ontest_http.pyandtest_websockets.py(#2219)afed732RaiseDisconnectonsend()when client disconnected (#2218)Updates
blackfrom 23.12.1 to 24.2.0Release notes
Sourced from black's releases.
... (truncated)
Changelog
Sourced from black's changelog.
... (truncated)
Commits
6fdf8a4Prepare release 24.2.0 (#4226)8af4394fix: Don't remove comments along with parens (#4218)35e9776Bump pre-commit/action from 3.0.0 to 3.0.1 (#4225)23dfc5bFix ignoring input files for symlink reasons (#4222)a201003Simplify check for symlinks that resolve outside root (#4221)dab37a6Remove redundant parentheses incasestatementifguards (#4214)32230e6fix: bug where the doublestar operation had inconsistent formatting. (#4154)7edb50ffix: additional newline added to docstring when the previous line length is l...3e80de3Bump furo from 2023.9.10 to 2024.1.29 in /docs (#4211)a08b480Bump pypa/cibuildwheel from 2.16.4 to 2.16.5 (#4212)Updates
pytestfrom 7.4.4 to 8.0.1Release notes
Sourced from pytest's releases.
... (truncated)
Commits
d7d320aPrepare release version 8.0.19369916Merge pull request #11992 from bluetech/backport-11991a232abd[8.0.x] recwarn: fix pytest.warns handling of Warnings with multiple arguments92203d2Merge pull request #11990 from bluetech/backport-11920f1aa922[8.0.x] recwarn: let base exceptions propagate throughpytest.warnsagaind86d081[8.0.x] Addedlogotto the plugin list (#11977)c554c3dMerge pull request #11968 from pytest-dev/backport-11957-to-8.0.xa6851e3[8.0.x] main: fix reversed collection order in Sessione6f6be3[8.0.x] Improve error message when using@pytest.fixture twice (#11958)23b91d1[8.0.x] Merge pull request #11941 from bluetech/doctest-parsefactories (#11948)Updates
httpxfrom 0.25.2 to 0.27.0Release notes
Sourced from httpx's releases.
Changelog
Sourced from httpx's changelog.
Commits
326b943Version 0.27.0 (#3095)3faa4a8Improve 'Custom transports' docs (#3081)c51af4bExtensions docs (#3080)cabd1c0Deprecateapp=...in favor of explicitWSGITransport/ASGITransport. (#3...6f46152Bump the python-packages group with 6 updates (#3077)37a2901Mention NO_PROXY environment variable on Advanced Usage page (#3066)371b6e9Use__future__.annotations(#3068)4f6edf3testparse_header_linksvia public api (#3061)c7cd6aatestobfuscate_sensitive_headersvia public api (#3063)15f9253Drop outdated section (#3057)Updates
pytest-random-orderfrom 1.1.0 to 1.1.1Release notes
Sourced from pytest-random-order's releases.
Commits
763f0f9Fix error when cacheprovider plugin disabled or missing (#56)Updates
fakerfrom 19.13.0 to 23.2.1Release notes
Sourced from faker's releases.
... (truncated)
Changelog
Sourced from faker's changelog.
... (truncated)
Commits
cfb62eeBump version: 23.2.0 → 23.2.17a25f6b:pencil: Update CHANGELOG.md695f500fix: updatepydecimalalgorithm to ensure left part is not generated with a...Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Additional details and impacted files
```diff @@ Coverage Diff @@ ## main #282 +/- ## ======================================= Coverage 97.96% 97.96% ======================================= Files 17 17 Lines 491 491 ======================================= Hits 481 481 Misses 10 10 ```:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
@dependabot rebase
Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!
If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request
@dependabot recreate.@dependabot recreate
Superseded by #283.