Skip to content

Deps: Bump the python-packages group with 8 updates#99

Merged
greenbonebot merged 1 commit into
mainfrom
dependabot/pip/python-packages-a6a63a0f43
Oct 13, 2025
Merged

Deps: Bump the python-packages group with 8 updates#99
greenbonebot merged 1 commit into
mainfrom
dependabot/pip/python-packages-a6a63a0f43

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Oct 13, 2025

Copy link
Copy Markdown
Contributor

Bumps the python-packages group with 8 updates:

Package From To
fastapi 0.118.0 0.119.0
httptools 0.6.4 0.7.1
idna 3.10 3.11
platformdirs 4.4.0 4.5.0
pydantic 1.10.24 2.12.0
rich 14.1.0 14.2.0
ruff 0.13.3 0.14.0
sqlalchemy 2.0.43 2.0.44

Updates fastapi from 0.118.0 to 0.119.0

Release notes

Sourced from fastapi's releases.

0.119.0

FastAPI now (temporarily) supports both Pydantic v2 models and pydantic.v1 models at the same time in the same app, to make it easier for any FastAPI apps still using Pydantic v1 to gradually but quickly migrate to Pydantic v2.

from fastapi import FastAPI
from pydantic import BaseModel as BaseModelV2
from pydantic.v1 import BaseModel
class Item(BaseModel):
name: str
description: str | None = None
class ItemV2(BaseModelV2):
title: str
summary: str | None = None
app = FastAPI()
@​app.post("/items/", response_model=ItemV2)
def create_item(item: Item):
return {"title": item.name, "summary": item.description}

Adding this feature was a big effort with the main objective of making it easier for the few applications still stuck in Pydantic v1 to migrate to Pydantic v2.

And with this, support for Pydantic v1 is now deprecated and will be removed from FastAPI in a future version soon.

Note: have in mind that the Pydantic team already stopped supporting Pydantic v1 for recent versions of Python, starting with Python 3.14.

You can read in the docs more about how to Migrate from Pydantic v1 to Pydantic v2.

Features

  • ✨ Add support for from pydantic.v1 import BaseModel, mixed Pydantic v1 and v2 models in the same app. PR #14168 by @​tiangolo.

0.118.3

Upgrades

0.118.2

Fixes

Internal

... (truncated)

Commits
  • 2e721e1 🔖 Release version 0.119.0
  • fc7a068 📝 Update release notes
  • 3a3879b 📝 Update release notes
  • d34918a ✨ Add support for from pydantic.v1 import BaseModel, mixed Pydantic v1 and ...
  • 352dbef 🔖 Release version 0.118.3
  • 96e7d6e 📝 Update release notes
  • 3611c3f ⬆️ Add support for Python 3.14 (#14165)
  • 942fce3 🔖 Release version 0.118.2
  • 13b067c 📝 Update release notes
  • 185cecd 🐛 Fix tagged discriminated union not recognized as body field (#12942)
  • Additional commits viewable in compare view

Updates httptools from 0.6.4 to 0.7.1

Release notes

Sourced from httptools's releases.

v0.7.1

This is identical to 0.7.0 whose CI failed uploading

v0.7.0

Changes

Commits

Updates idna from 3.10 to 3.11

Changelog

Sourced from idna's changelog.

3.11 (2025-10-12)

  • Update to Unicode 16.0.0, including significant changes to UTS46 processing. As a result of Unicode ending support for it, transitional processing no longer has an effect and returns the same result.
  • Add support for Python 3.14, lowest supported version is Python 3.8.
  • Various updates to packaging, including PEP 740 support.
Commits
  • ad949ee Release v3.11
  • cae4ba7 Second release candidate for 3.11
  • 8adb305 Add space in RST link
  • 74cb2b6 Release candidate for 3.11
  • 05dab09 Format idna-data with ruff
  • 90eac78 Apply ruff formatting
  • a31ce7e Remove errant test vectors
  • 81f0333 Omit vectors known to be broken in test suite
  • a0f3257 Merge branch 'master' into unicode-16-uts46-changes
  • 38d9886 Remove extra UTS46 test vector
  • Additional commits viewable in compare view

Updates platformdirs from 4.4.0 to 4.5.0

Release notes

Sourced from platformdirs's releases.

4.5.0

What's Changed

New Contributors

Full Changelog: tox-dev/platformdirs@4.4.0...4.5.0

Commits

Updates pydantic from 1.10.24 to 2.12.0

Release notes

Sourced from pydantic's releases.

v2.12.0 2025-10-07

v2.12.0 (2025-10-07)

[!NOTE] Check out the blog post for release highlights.

[!WARNING] The core functionality of Pydantic V1 is not compatible with Python 3.14 or greater.

This is the final 2.12 release. It features the work of 20 external contributors and provides useful new features, along with initial Python 3.14 support. Several minor changes (considered non-breaking changes according to our versioning policy) are also included in this release. Make sure to look into them before upgrading.

Changes (see the 2.12.0a1 and 2.12.0b1 releases for additional changes since 2.11):

Packaging

New Features

Fixes

New Contributors

Full Changelog: pydantic/pydantic@v2.11.10...v2.12.0

v2.12.0b1 2025-10-03

v2.12.0b1 (2025-10-03)

... (truncated)

Changelog

Sourced from pydantic's changelog.

v2.12.0 (2025-10-07)

GitHub release

What's Changed

This is the final 2.12 release. It features the work of 20 external contributors and provides useful new features, along with initial Python 3.14 support. Several minor changes (considered non-breaking changes according to our versioning policy) are also included in this release. Make sure to look into them before upgrading.

Changes (see the alpha and beta releases for additional changes since 2.11):

Packaging

New Features

Fixes

New Contributors

v2.12.0b1 (2025-10-03)

GitHub release

This is the first beta release of the upcoming 2.12 release.

What's Changed

Packaging

... (truncated)

Commits

Updates rich from 14.1.0 to 14.2.0

Release notes

Sourced from rich's releases.

The Easy as Pi release

This release bumps Python compatibility to the just-released Python 3.14.

[14.2.0] - 2025-10-09

Changed

Changelog

Sourced from rich's changelog.

[14.2.0] - 2025-10-09

Changed

Commits

Updates ruff from 0.13.3 to 0.14.0

Release notes

Sourced from ruff's releases.

0.14.0

Release Notes

Released on 2025-10-07.

Breaking changes

  • Update default and latest Python versions for 3.14 (#20725)

Preview features

  • [flake8-bugbear] Include certain guaranteed-mutable expressions: tuples, generators, and assignment expressions (B006) (#20024)
  • [refurb] Add fixes for FURB101 and FURB103 (#20520)
  • [ruff] Extend FA102 with listed PEP 585-compatible APIs (#20659)

Bug fixes

  • [flake8-annotations] Fix return type annotations to handle shadowed builtin symbols (ANN201, ANN202, ANN204, ANN205, ANN206) (#20612)
  • [flynt] Fix f-string quoting for mixed quote joiners (FLY002) (#20662)
  • [isort] Fix inserting required imports before future imports (I002) (#20676)
  • [ruff] Handle argfile expansion errors gracefully (#20691)
  • [ruff] Skip RUF051 if else/elif block is present (#20705)
  • [ruff] Improve handling of intermixed comments inside from-imports (#20561)

Documentation

  • [flake8-comprehensions] Clarify fix safety documentation (C413) (#20640)

Contributors

Install ruff 0.14.0

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.14.0/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

</tr></table> 

... (truncated)

Changelog

Sourced from ruff's changelog.

0.14.0

Released on 2025-10-07.

Breaking changes

  • Update default and latest Python versions for 3.14 (#20725)

Preview features

  • [flake8-bugbear] Include certain guaranteed-mutable expressions: tuples, generators, and assignment expressions (B006) (#20024)
  • [refurb] Add fixes for FURB101 and FURB103 (#20520)
  • [ruff] Extend FA102 with listed PEP 585-compatible APIs (#20659)

Bug fixes

  • [flake8-annotations] Fix return type annotations to handle shadowed builtin symbols (ANN201, ANN202, ANN204, ANN205, ANN206) (#20612)
  • [flynt] Fix f-string quoting for mixed quote joiners (FLY002) (#20662)
  • [isort] Fix inserting required imports before future imports (I002) (#20676)
  • [ruff] Handle argfile expansion errors gracefully (#20691)
  • [ruff] Skip RUF051 if else/elif block is present (#20705)
  • [ruff] Improve handling of intermixed comments inside from-imports (#20561)

Documentation

  • [flake8-comprehensions] Clarify fix safety documentation (C413) (#20640)

Contributors

0.13.x

See changelogs/0.13.x

0.12.x

See changelogs/0.12.x

0.11.x

See changelogs/0.11.x

... (truncated)

Commits

Updates sqlalchemy from 2.0.43 to 2.0.44

Release notes

Sourced from sqlalchemy's releases.

2.0.44

Released: October 10, 2025

platform

  • [platform] [bug] Unblocked automatic greenlet installation for Python 3.14 now that there are greenlet wheels on pypi for python 3.14.

orm

  • [orm] [usecase] The way ORM Annotated Declarative interprets Python PEP 695 type aliases in Mapped[] annotations has been refined to expand the lookup scheme. A PEP 695 type can now be resolved based on either its direct presence in _orm.registry.type_annotation_map or its immediate resolved value, as long as a recursive lookup across multiple PEP 695 types is not required for it to resolve. This change reverses part of the restrictions introduced in 2.0.37 as part of #11955, which deprecated (and disallowed in 2.1) the ability to resolve any PEP 695 type that was not explicitly present in _orm.registry.type_annotation_map. Recursive lookups of PEP 695 types remains deprecated in 2.0 and disallowed in version 2.1, as do implicit lookups of NewType types without an entry in _orm.registry.type_annotation_map.

    Additionally, new support has been added for generic PEP 695 aliases that refer to PEP 593 Annotated constructs containing _orm.mapped_column() configurations. See the sections below for examples.

    References: #12829

  • [orm] [bug] Fixed a caching issue where _orm.with_loader_criteria() would incorrectly reuse cached bound parameter values when used with _sql.CompoundSelect constructs such as _sql.union(). The issue was caused by the cache key for compound selects not including the execution options that are part of the _sql.Executable base class, which _orm.with_loader_criteria() uses to apply its criteria dynamically. The fix ensures that compound selects and other executable constructs properly include execution options in their cache key traversal.

    References: #12905

engine

  • [engine] [bug] Implemented initial support for free-threaded Python by adding new tests and reworking the test harness to include Python 3.13t and Python 3.14t in

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the python-packages group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [fastapi](https://github.com/fastapi/fastapi) | `0.118.0` | `0.119.0` |
| [httptools](https://github.com/MagicStack/httptools) | `0.6.4` | `0.7.1` |
| [idna](https://github.com/kjd/idna) | `3.10` | `3.11` |
| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.4.0` | `4.5.0` |
| [pydantic](https://github.com/pydantic/pydantic) | `1.10.24` | `2.12.0` |
| [rich](https://github.com/Textualize/rich) | `14.1.0` | `14.2.0` |
| [ruff](https://github.com/astral-sh/ruff) | `0.13.3` | `0.14.0` |
| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.43` | `2.0.44` |


Updates `fastapi` from 0.118.0 to 0.119.0
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.118.0...0.119.0)

Updates `httptools` from 0.6.4 to 0.7.1
- [Release notes](https://github.com/MagicStack/httptools/releases)
- [Commits](MagicStack/httptools@v0.6.4...v0.7.1)

Updates `idna` from 3.10 to 3.11
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.10...v3.11)

Updates `platformdirs` from 4.4.0 to 4.5.0
- [Release notes](https://github.com/tox-dev/platformdirs/releases)
- [Changelog](https://github.com/tox-dev/platformdirs/blob/main/CHANGES.rst)
- [Commits](tox-dev/platformdirs@4.4.0...4.5.0)

Updates `pydantic` from 1.10.24 to 2.12.0
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](pydantic/pydantic@v1.10.24...v2.12.0)

Updates `rich` from 14.1.0 to 14.2.0
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](Textualize/rich@v14.1.0...v14.2.0)

Updates `ruff` from 0.13.3 to 0.14.0
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.13.3...0.14.0)

Updates `sqlalchemy` from 2.0.43 to 2.0.44
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.119.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: httptools
  dependency-version: 0.7.1
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: idna
  dependency-version: '3.11'
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: platformdirs
  dependency-version: 4.5.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: pydantic
  dependency-version: 2.12.0
  dependency-type: indirect
  update-type: version-update:semver-major
  dependency-group: python-packages
- dependency-name: rich
  dependency-version: 14.2.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: ruff
  dependency-version: 0.14.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: sqlalchemy
  dependency-version: 2.0.44
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: python-packages
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Oct 13, 2025
@dependabot dependabot Bot requested review from a team as code owners October 13, 2025 04:14
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Oct 13, 2025
@greenbonebot greenbonebot enabled auto-merge (rebase) October 13, 2025 04:14
@greenbonebot greenbonebot merged commit 861eb01 into main Oct 13, 2025
8 of 11 checks passed
@greenbonebot greenbonebot deleted the dependabot/pip/python-packages-a6a63a0f43 branch October 13, 2025 05:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants