search

pallets-eco / flask-sqlalchemy

Adds SQLAlchemy support to Flask
https://flask-sqlalchemy.palletsprojects.com
BSD 3-Clause "New" or "Revised" License
4.18k stars 896 forks source link

Bump the python-requirements group in /requirements with 5 updates #1299

Closed dependabot[bot] closed 5 months ago

dependabot[bot] commented 6 months ago

Bumps the python-requirements group in /requirements with 5 updates:

Package From To
coverage[toml] 7.3.1 7.4.0
pytest 7.4.3 7.4.4
mypy 1.7.1 1.8.0
pre-commit 3.5.0 3.6.0
sqlalchemy 2.0.23 2.0.24

Updates coverage[toml] from 7.3.1 to 7.4.0

Release notes

Sourced from coverage[toml]'s releases.

7.4.0

  • In Python 3.12 and above, you can try an experimental core based on the new sys.monitoring <python:sys.monitoring> module by defining a COVERAGE_CORE=sysmon environment variable. This should be faster for line coverage, but not for branch coverage, and plugins and dynamic contexts are not yet supported with it. I am very interested to hear how it works (or doesn't!) for you.

:arrow_right:  PyPI page: coverage 7.4.0. :arrow_right:  To install: python3 -m pip install coverage==7.4.0

7.3.4

  • Fix: the change for multi-line signature exclusions in 7.3.3 broke other forms of nested clauses being excluded properly. This is now fixed, closing issue 1713.
  • Fix: in the HTML report, selecting code for copying won't select the line numbers also. Thanks, Robert Harris.

:arrow_right:  PyPI page: coverage 7.3.4. :arrow_right:  To install: python3 -m pip install coverage==7.3.4

7.3.3

  • Fix: function definitions with multi-line signatures can now be excluded by matching any of the lines, closing issue 684. Thanks, Jan Rusak, Maciej Kowalczyk and Joanna Ejzel.
  • Fix: XML reports could fail with a TypeError if files had numeric components that were duplicates except for leading zeroes, like file1.py and file001.py. Fixes issue 1709.
  • The coverage annotate command used to announce that it would be removed in a future version. Enough people got in touch to say that they use it, so it will stay. Don't expect it to keep up with other new features though.
  • Added new debug options <cmd_run_debug>:
    • pytest writes the pytest test name into the debug output.
    • dataop2 writes the full data being added to CoverageData objects.

:arrow_right:  PyPI page: coverage 7.3.3. :arrow_right:  To install: python3 -m pip install coverage==7.3.3

7.3.2

  • The coverage lcov command ignored the [report] exclude_lines and [report] exclude_also settings (issue 1684). This is now fixed, thanks Jacqueline Lee.
  • Sometimes SQLite will create journal files alongside the coverage.py database files. These are ephemeral, but could be mistakenly included when combining data files. Now they are always ignored, fixing issue 1605. Thanks to Brad Smith for suggesting fixes and providing detailed debugging.
  • On Python 3.12+, we now disable SQLite writing journal files, which should be a little faster.
  • The new 3.12 soft keyword type is properly bolded in HTML reports.
  • Removed the "fullcoverage" feature used by CPython to measure the coverage of early-imported standard library modules. CPython stopped using it in 2021, and it stopped working completely in Python 3.13.

:arrow_right:  PyPI page: coverage 7.3.2. :arrow_right:  To install: python3 -m pip install coverage==7.3.2

Changelog

Sourced from coverage[toml]'s changelog.

Version 7.4.0 — 2023-12-27

  • In Python 3.12 and above, you can try an experimental core based on the new :mod:sys.monitoring <python:sys.monitoring> module by defining a COVERAGE_CORE=sysmon environment variable. This should be faster for line coverage, but not for branch coverage, and plugins and dynamic contexts are not yet supported with it. I am very interested to hear how it works (or doesn't!) for you.

.. _changes_7-3-4:

Version 7.3.4 — 2023-12-20

  • Fix: the change for multi-line signature exclusions in 7.3.3 broke other forms of nested clauses being excluded properly. This is now fixed, closing issue 1713_.

  • Fix: in the HTML report, selecting code for copying won't select the line numbers also. Thanks, Robert Harris <pull 1717_>_.

.. _issue 1713: nedbat/coveragepy#1713 .. _pull 1717: nedbat/coveragepy#1717

.. _changes_7-3-3:

Version 7.3.3 — 2023-12-14

  • Fix: function definitions with multi-line signatures can now be excluded by matching any of the lines, closing issue 684. Thanks, Jan Rusak, Maciej Kowalczyk and Joanna Ejzel <pull 1705_>.

  • Fix: XML reports could fail with a TypeError if files had numeric components that were duplicates except for leading zeroes, like file1.py and file001.py. Fixes issue 1709_.

  • The coverage annotate command used to announce that it would be removed in a future version. Enough people got in touch to say that they use it, so it will stay. Don't expect it to keep up with other new features though.

  • Added new :ref:debug options <cmd_run_debug>:

    • pytest writes the pytest test name into the debug output.

    • dataop2 writes the full data being added to CoverageData objects.

... (truncated)

Commits
  • 23a015c docs: sample HTML for 7.4.0
  • 4f020d4 docs: prep for 7.4.0
  • 5bb88c3 build: temporarily disable metacov, it's flaky now with sysmon support
  • 3879b97 docs: mention sys.monitoring support
  • 9a84eeb style: environment variable names should be monospace
  • 7882b8c refactor: clean lint and mypy for sysmon et al
  • 5dad1a1 test: test which core we get
  • b7e0c34 fix: don't default to sysmon yet
  • e5babcf docs: explain the COVERAGE_*_CORE testing variables
  • ebdc277 fix: use core more consistently than tracer
  • Additional commits viewable in compare view


Updates pytest from 7.4.3 to 7.4.4

Release notes

Sourced from pytest's releases.

pytest 7.4.4 (2023-12-31)

Bug Fixes

  • #11140: Fix non-string constants at the top of file being detected as docstrings on Python>=3.8.
  • #11572: Handle an edge case where sys.stderr{.interpreted-text role="data"} and sys.__stderr__{.interpreted-text role="data"} might already be closed when faulthandler{.interpreted-text role="ref"} is tearing down.
  • #11710: Fixed tracebacks from collection errors not getting pruned.
  • #7966: Removed unhelpful error message from assertion rewrite mechanism when exceptions are raised in __iter__ methods. Now they are treated un-iterable instead.

Improved Documentation

  • #11091: Updated documentation to refer to hyphenated options: replaced --junitxml with --junit-xml and --collectonly with --collect-only.
Commits
  • 33f694f Prepare release version 7.4.4
  • 76c107c Merge pull request #11751 from bluetech/backport-11143-to-7.4.x
  • 531d76d [7.4.x] Improve reporting from iter exceptions (#11749)
  • a0f58fa Merge pull request #11143 from tushar-deepsource/patch-1
  • b1f3387 [7.4.x] #11091: documentation should use hypthonated properties (#11750)
  • 2cdd619 Merge pull request #11747 from pytest-dev/backport-11711-to-7.4.x
  • d06c05b [7.4.x] nodes: fix tracebacks from collection errors are not getting pruned
  • 5582bfc [7.4.x] Improves clarity in Sphinx documentation for function signature. (#11...
  • 13024ef [7.4.x] Fix for operation on closed file in faulthandler teardown (#11631)
  • a40dacf [7.4.x] XFAIL TestLocalPath.test_make_numbered_dir_multiprocess_safe (#11616)
  • Additional commits viewable in compare view


Updates mypy from 1.7.1 to 1.8.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

Mypy 1.8

We’ve just uploaded mypy 1.8 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Type-checking Improvements

  • Do not intersect types in isinstance checks if at least one is final (Christoph Tyralla, PR 16330)
  • Detect that @final class without __bool__ cannot have falsey instances (Ilya Priven, PR 16566)
  • Do not allow TypedDict classes with extra keywords (Nikita Sobolev, PR 16438)
  • Do not allow class-level keywords for NamedTuple (Nikita Sobolev, PR 16526)
  • Make imprecise constraints handling more robust (Ivan Levkivskyi, PR 16502)
  • Fix strict-optional in extending generic TypedDict (Ivan Levkivskyi, PR 16398)
  • Allow type ignores of PEP 695 constructs (Shantanu, PR 16608)
  • Enable type_check_only support for TypedDict and NamedTuple (Nikita Sobolev, PR 16469)

Performance Improvements

  • Add fast path to analyzing special form assignments (Jukka Lehtosalo, PR 16561)

Improvements to Error Reporting

  • Don't show documentation links for plugin error codes (Ivan Levkivskyi, PR 16383)
  • Improve error messages for super checks and add more tests (Nikita Sobolev, PR 16393)
  • Add error code for mutable covariant override (Ivan Levkivskyi, PR 16399)

Stubgen Improvements

  • Preserve simple defaults in function signatures (Ali Hamdan, PR 15355)
  • Include __all__ in output (Jelle Zijlstra, PR 16356)
  • Fix stubgen regressions with pybind11 and mypy 1.7 (Chad Dombrova, PR 16504)

Stubtest Improvements

  • Improve handling of unrepresentable defaults (Jelle Zijlstra, PR 16433)
  • Print more helpful errors if a function is missing from stub (Alex Waygood, PR 16517)
  • Support @type_check_only decorator (Nikita Sobolev, PR 16422)
  • Warn about missing __del__ (Shantanu, PR 16456)
  • Fix crashes with some uses of final and deprecated (Shantanu, PR 16457)

Fixes to Crashes

  • Fix crash with type alias to Callable[[Unpack[Tuple[Any, ...]]], Any] (Alex Waygood, PR 16541)
  • Fix crash on TypeGuard in __call__ (Ivan Levkivskyi, PR 16516)
  • Fix crash on invalid enum in method (Ivan Levkivskyi, PR 16511)
  • Fix crash on unimported Any in TypedDict (Ivan Levkivskyi, PR 16510)

Documentation Updates

  • Update soft-error-limit default value to -1 (Sveinung Gundersen, PR 16542)

... (truncated)

Commits
  • 3b46750 remove +dev suffix from version
  • c9bc833 Fix tests broken by hatchling (#16655)
  • 60d30e3 Fix crash with type alias to Callable[[Unpack[Tuple[Any, ...]]], Any] (#16541)
  • f53f422 Allow type ignores of PEP 695 constructs (#16608)
  • 7c33e7c @​final class without bool cannot have falsey instances (#16566)
  • c224da5 Do not intersect types in isinstance checks if at least one is final (#16330)
  • d54cc35 Change example in test cases with no stubs available (#16513)
  • eb1ee97 Update hashes in sync-typeshed.py following recent typeshed sync (#16600)
  • 344298e Revert use of ParamSpec for functools.wraps
  • 3e5d813 Revert typeshed ctypes change
  • Additional commits viewable in compare view


Updates pre-commit from 3.5.0 to 3.6.0

Release notes

Sourced from pre-commit's releases.

pre-commit v3.6.0

Features

  • Check minimum_pre_commit_version first when parsing configs.

Fixes

Updating

Changelog

Sourced from pre-commit's changelog.

3.6.0 - 2023-12-09

Features

  • Check minimum_pre_commit_version first when parsing configs.

Fixes

Updating

Commits
  • 9c9983d v3.6.0
  • 7dc0a59 Merge pull request #3093 from pre-commit/removeprefix
  • d3fa7f4 Merge pull request #3092 from pre-commit/minimum-version-first
  • 08478ec python 3.9+: use removeprefix
  • 047439a attempt minimum_pre_commit_version first when parsing configs
  • 23a2b73 Merge pull request #3079 from edgarrmondragon/deprecation-rmtree-onerror
  • cffabe5 Address deprecation warning in shutil.rmtree(onerror=...)
  • 51df34e Merge pull request #3078 from pre-commit/pre-commit-ci-update-config
  • e36cefc [pre-commit.ci] pre-commit autoupdate
  • 2280645 Merge pull request #3064 from pre-commit/pre-commit-ci-update-config
  • Additional commits viewable in compare view


Updates sqlalchemy from 2.0.23 to 2.0.24

Release notes

Sourced from sqlalchemy's releases.

2.0.24

Released: December 28, 2023

orm

  • [orm] [bug] Improved a fix first implemented for #3208 released in version 0.9.8, where the registry of classes used internally by declarative could be subject to a race condition in the case where individual mapped classes are being garbage collected at the same time while new mapped classes are being constructed, as can happen in some test suite configurations or dynamic class creation environments. In addition to the weakref check already added, the list of items being iterated is also copied first to avoid "list changed while iterating" errors. Pull request courtesy Yilei Yang.

    This change is also backported to: 1.4.51

    References: #10782

  • [orm] [bug] Fixed issue where use of _orm.foreign() annotation on a non-initialized _orm.mapped_column() construct would produce an expression without a type, which was then not updated at initialization time of the actual column, leading to issues such as relationships not determining use_get appropriately.

    References: #10597

  • [orm] [bug] Improved the error message produced when the unit of work process sets the value of a primary key column to NULL due to a related object with a dependency rule on that column being deleted, to include not just the destination object and column name but also the source column from which the NULL value is originating. Pull request courtesy Jan Vollmer.

    References: #10668

  • [orm] [bug] Modified the __init_subclass__() method used by _orm.MappedAsDataclass, _orm.DeclarativeBase and _orm.DeclarativeBaseNoMeta to accept arbitrary **kw and to propagate them to the super() call, allowing greater flexibility in arranging custom superclasses and mixins which make use of __init_subclass__() keyword arguments. Pull request courtesy Michael Oliver.

    References: #10732

  • [orm] [bug] Ensured the use case of Bundle objects used in the returning() portion of ORM-enabled INSERT, UPDATE and DELETE statements is tested and works fully. This was never explicitly implemented or

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 5 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.