Bump sqlalchemy from 1.4.5 to 1.4.14

[dependabot-preview[bot]]

Bumps sqlalchemy from 1.4.5 to 1.4.14.

Release notes

Sourced from sqlalchemy's releases.

1.4.14

Released: May 6, 2021

orm

• [orm] [bug] [regression] Fixed regression involving lazy='dynamic' loader in conjunction with a detached object. The previous behavior was that the dynamic loader upon calling methods like .all() returns empty lists for detached objects without error, this has been restored; however a warning is now emitted as this is not the correct result. Other dynamic loader scenarios correctly raise DetachedInstanceError.

  References: #6426

engine

• [engine] [usecase] [orm] Applied consistent behavior to the use case of calling .commit() or .rollback() inside of an existing .begin() context manager, with the addition of potentially emitting SQL within the block subsequent to the commit or rollback. This change continues upon the change first added in #6155 where the use case of calling "rollback" inside of a .begin() contextmanager block was proposed:

  -   calling `.commit()` or `.rollback()` will now be allowed
      without error or warning within all scopes, including
      that of legacy and future `_engine.Engine`, ORM
      `_orm.Session`, asyncio `AsyncEngine`.  Previously,
      the `_orm.Session` disallowed this.
  
  
  The remaining scope of the context manager is then closed;
  when the block ends, a check is emitted to see if the transaction
  was already ended, and if so the block returns without action.
  
  
  It will now raise an error if subsequent SQL of any kind
  is emitted within the block, after .commit() or
  .rollback() is called.   The block should be closed as
  the state of the executable object would otherwise be undefined
  in this state.
  

References: #6288

[engine] [bug] [regression] Established a deprecation path for calling upon the _cursor.CursorResult.keys() method for a statement that returns no rows to provide support for legacy patterns used by the "records" package as well as any other non-migrated applications. Previously, this would raise ResourceClosedException unconditionally in the same way as

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)

[dependabot-preview[bot]]

Superseded by #398.