Skip to content

⬆️ Bump the python-deps group with 5 updates#2

Merged
NEFORCEO merged 1 commit intomasterfrom
dependabot/uv/python-deps-aae7fd43bb
Mar 21, 2026
Merged

⬆️ Bump the python-deps group with 5 updates#2
NEFORCEO merged 1 commit intomasterfrom
dependabot/uv/python-deps-aae7fd43bb

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 21, 2026

Bumps the python-deps group with 5 updates:

Package From To
fastapi 0.128.0 0.135.1
rich 14.2.0 14.3.3
sqlalchemy 2.0.45 2.0.48
typer 0.21.1 0.24.1
uvicorn 0.40.0 0.42.0

Updates fastapi from 0.128.0 to 0.135.1

Release notes

Sourced from fastapi's releases.

0.135.1

Fixes

  • 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed in the request async exit stack. PR #15038 by @​tiangolo.

Docs

Internal

0.135.0

Features

0.134.0

Features

  • ✨ Add support for streaming JSON Lines and binary data with yield. PR #15022 by @​tiangolo.
    • This also upgrades Starlette from >=0.40.0 to >=0.46.0, as it's needed to properly unrwap and re-raise exceptions from exception groups.
    • New docs: Stream JSON Lines.
    • And new docs: Stream Data.

Docs

  • 📝 Update Library Agent Skill with streaming responses. PR #15024 by @​tiangolo.
  • 📝 Update docs for responses and new stream with yield. PR #15023 by @​tiangolo.
  • 📝 Add await in StreamingResponse code example to allow cancellation. PR #14681 by @​casperdcl.
  • 📝 Rename docs_src/websockets to docs_src/websockets_ to avoid import errors. PR #14979 by @​YuriiMotov.

Internal

0.133.1

Features

Internal

... (truncated)

Commits
  • ca5f60e 🔖 Release version 0.135.1
  • 87f75aa 📝 Update release notes
  • 8a9258b 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed...
  • 6038507 📝 Update release notes
  • c796ba4 👥 Update FastAPI People - Experts (#15037)
  • b24aa03 📝 Update release notes
  • 2c61047 ✏️ Fix typo in docs/en/docs/_llm-test.md (#15007)
  • e3bbeef 📝 Update release notes
  • d726c8c 📝 Update release notes
  • cf514e6 👥 Update FastAPI People - Contributors and Translators (#15029)
  • Additional commits viewable in compare view

Updates rich from 14.2.0 to 14.3.3

Release notes

Sourced from rich's releases.

The infinite Release

Fixed a infinite loop in split_graphemes

[14.3.3] - 2026-02-19

Fixed

The ZWJy release

A fix for cell_len edge cases

[14.3.2] - 2026-02-01

Fixed

The Nerdy Fix release

Fixed issue with characters outside of unicode range reporting 0 cell size

[14.3.1] - 2026-01-24

Fixed

The more emojis release

Rich now has support for multi-codepoint emojis. There have also been some Markdown improvements, and a number of fixes. See the release notes below for details.

[14.3.0] - 2026-01-24

Fixed

Added

Changed

... (truncated)

Changelog

Sourced from rich's changelog.

[14.3.3] - 2026-02-19

Fixed

[14.3.2] - 2026-02-01

Fixed

[14.3.1] - 2026-01-24

Fixed

[14.3.0] - 2026-01-24

Fixed

Added

Changed

Commits

Updates sqlalchemy from 2.0.45 to 2.0.48

Release notes

Sourced from sqlalchemy's releases.

2.0.48

Released: March 2, 2026

engine

  • [engine] [bug] Fixed a critical issue in Engine where connections created in conjunction with the DialectEvents.do_connect() event listeners would receive shared, mutable collections for the connection arguments, leading to a variety of potential issues including unlimited growth of the argument list as well as elements within the parameter dictionary being shared among concurrent connection calls. In particular this could impact do_connect routines making use of complex mutable authentication structures.

    References: #13144

2.0.47

Released: February 24, 2026

orm

  • [orm] [bug] Fixed issue when using ORM mappings with Python 3.14's PEP 649 feature that no longer requires "future annotations", where the ORM's introspection of the __init__ method of mapped classes would fail if non-present identifiers in annotations were present. The vendored getfullargspec() method has been amended to use Format.FORWARDREF under Python 3.14 to prevent resolution of names that aren't present.

    References: #13104

engine

  • [engine] [usecase] The connection object returned by _engine.Engine.raw_connection() now supports the context manager protocol, automatically returning the connection to the pool when exiting the context.

    References: #13116

postgresql

  • [postgresql] [bug] Fixed an issue in the PostgreSQL dialect where foreign key constraint reflection would incorrectly swap or fail to capture onupdate and ondelete values when these clauses appeared in a different order than expected in the constraint definition. This issue primarily affected

... (truncated)

Commits

Updates typer from 0.21.1 to 0.24.1

Release notes

Sourced from typer's releases.

0.24.1

Internal

0.24.0

Breaking Changes

0.23.1

Fixes

  • 🐛 Fix TYPER_USE_RICH parsing to allow disabling Rich completely. PR #1539 by @​bckohan.

Docs

  • 📝 Remove documentation pages that reference using Click directly. PR #1538 by @​svlandeg.

Internal

0.23.0

Breaking Changes

  • ♻️ When printing error tracebacks with Rich, default to not showing locals, which are sometimes verbose. PR #1072 by @​tiangolo.

Docs

  • 📝 Add more explicit deprecation note in shell packages. PR #1534 by @​tiangolo.

Internal

0.22.0

... (truncated)

Changelog

Sourced from typer's changelog.

0.24.1

Internal

0.24.0

Breaking Changes

0.23.2

Features

  • ✅ Monkeypatch console width to allow running pytest directly. PR #1542 by @​SwaatiR.

Internal

0.23.1

Fixes

  • 🐛 Fix TYPER_USE_RICH parsing to allow disabling Rich completely. PR #1539 by @​bckohan.

Docs

  • 📝 Remove documentation pages that reference using Click directly. PR #1538 by @​svlandeg.

Internal

0.23.0

... (truncated)

Commits
  • eaec8fa 🔖 Release version 0.24.1
  • c73cc2b 📝 Update release notes
  • 6c6259c 👷 Fix CI, do not attempt to build typer-slim, nor typer-cli (#1569)
  • bc65ad8 📝 Update release notes
  • 3aedc0a ➖ Drop support for typer-slim and typer-cli, no more versions will be rel...
  • 4b13020 📝 Update release notes
  • 19aaf0b ⬆ Bump rich from 14.3.2 to 14.3.3 (#1565)
  • 0ece295 📝 Update release notes
  • 833c005 📝 Update release notes
  • 64c0dcb ⬆ Bump pydantic-settings from 2.13.0 to 2.13.1 (#1566)
  • Additional commits viewable in compare view

Updates uvicorn from 0.40.0 to 0.42.0

Release notes

Sourced from uvicorn's releases.

Version 0.42.0

Changed

  • Use bytearray for request body accumulation to avoid O(n^2) allocation on fragmented bodies (#2845)

Fixed

  • Escape brackets and backslash in httptools HEADER_RE regex (#2824)
  • Fix multiple issues in websockets sans-io implementation (#2825)

New Contributors

Full Changelog: Kludex/uvicorn@0.41.0...0.42.0

Version 0.41.0

Added

  • Add --limit-max-requests-jitter to stagger worker restarts (#2707)
  • Add socket path to scope["server"] (#2561)

Changed

  • Rename LifespanOn.error_occured to error_occurred (#2776)

Fixed

  • Ignore permission denied errors in watchfiles reloader (#2817)
  • Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
  • Reduce the log level of 'request limit exceeded' messages (#2788)

New Contributors

Full Changelog: Kludex/uvicorn@0.40.0...0.41.0

Changelog

Sourced from uvicorn's changelog.

0.42.0 (March 16, 2026)

Changed

  • Use bytearray for request body accumulation to avoid O(n^2) allocation on fragmented bodies (#2845)

Fixed

  • Escape brackets and backslash in httptools HEADER_RE regex (#2824)
  • Fix multiple issues in websockets sans-io implementation (#2825)

0.41.0 (February 16, 2026)

Added

  • Add --limit-max-requests-jitter to stagger worker restarts (#2707)
  • Add socket path to scope["server"] (#2561)

Changed

  • Rename LifespanOn.error_occured to error_occurred (#2776)

Fixed

  • Ignore permission denied errors in watchfiles reloader (#2817)
  • Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
  • Reduce the log level of 'request limit exceeded' messages (#2788)
Commits
  • 02bed6f Version 0.42.0 (#2852)
  • d8f2501 chore: pre-create Config objects in benchmarks to measure protocol hot paths ...
  • 9dbb783 Add WebSocket protocol benchmarks for wsproto and websockets-sansio (#2849)
  • b3c69da Use bytearray for request body accumulation (#2845)
  • 3f3ebee Disable pytest-xdist for CodSpeed benchmark runs (#2847)
  • d072de7 Add fragmented body benchmark for chunked body accumulation (#2846)
  • e300c2c Add CodSpeed benchmark suite for HTTP protocol hot paths (#2844)
  • 1fa6976 Escape brackets and backslash in httptools HEADER_RE regex (#2824)
  • 59ec1de Fix multiple issues in websockets sansio implementation (#2825)
  • 2fc0efc Clarify Windows asyncio event loop selection in docs (#2843)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
⬆️ Bump the python-deps group with 5 updates
35c3b08 
Bumps the python-deps group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [fastapi](https://github.com/fastapi/fastapi) | `0.128.0` | `0.135.1` |
| [rich](https://github.com/Textualize/rich) | `14.2.0` | `14.3.3` |
| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.45` | `2.0.48` |
| [typer](https://github.com/fastapi/typer) | `0.21.1` | `0.24.1` |
| [uvicorn](https://github.com/Kludex/uvicorn) | `0.40.0` | `0.42.0` |


Updates `fastapi` from 0.128.0 to 0.135.1
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.128.0...0.135.1)

Updates `rich` from 14.2.0 to 14.3.3
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](Textualize/rich@v14.2.0...v14.3.3)

Updates `sqlalchemy` from 2.0.45 to 2.0.48
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

Updates `typer` from 0.21.1 to 0.24.1
- [Release notes](https://github.com/fastapi/typer/releases)
- [Changelog](https://github.com/fastapi/typer/blob/master/docs/release-notes.md)
- [Commits](fastapi/typer@0.21.1...0.24.1)

Updates `uvicorn` from 0.40.0 to 0.42.0
- [Release notes](https://github.com/Kludex/uvicorn/releases)
- [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md)
- [Commits](Kludex/uvicorn@0.40.0...0.42.0)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.135.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-deps
- dependency-name: rich
  dependency-version: 14.3.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-deps
- dependency-name: sqlalchemy
  dependency-version: 2.0.48
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-deps
- dependency-name: typer
  dependency-version: 0.24.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-deps
- dependency-name: uvicorn
  dependency-version: 0.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Mar 21, 2026
@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 21, 2026

👋 Thanks @dependabot[bot] for this contribution! 🚀

We're excited to review your PR.

💡 Tips:

  • Keep your PR focused and atomic
  • Add tests if applicable
  • Update docs if needed

Happy coding! ✨

@NEFORCEO NEFORCEO merged commit 12470b2 into master Mar 21, 2026
1 check passed
@dependabot dependabot bot deleted the dependabot/uv/python-deps-aae7fd43bb branch March 21, 2026 11:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@NEFORCEO