Skip to content

Bump the python-packages group with 9 updates #331

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
MTSOnGithub merged 1 commit into from
Oct 13, 2025
Merged

Bump the python-packages group with 9 updates #331

MTSOnGithub merged 1 commit into from
Oct 13, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 13, 2025

Bumps the python-packages group with 9 updates:

Package From To
pydantic 2.11.10 2.12.0
alembic 1.16.5 1.17.0
sqlalchemy 2.0.43 2.0.44
cachetools 6.2.0 6.2.1
fastapi 0.118.1 0.119.0
uvicorn 0.36.1 0.37.0
faker 37.8.0 37.11.0
pytest-rerunfailures 16.0.1 16.1
psycopg2-binary 2.9.10 2.9.11

Updates pydantic from 2.11.10 to 2.12.0

Release notes

Sourced from pydantic's releases.

v2.12.0 2025-10-07

v2.12.0 (2025-10-07)

[!NOTE] Check out the blog post for release highlights. Several minor changes (considered non-breaking changes according to our versioning policy) are also included in this release. Make sure to look into them before upgrading.

[!WARNING] The core functionality of Pydantic V1 is not compatible with Python 3.14 or greater.

This is the final 2.12 release. It features the work of 20 external contributors and provides useful new features, along with initial Python 3.14 support.

Changelog (see the 2.12.0a1 and 2.12.0b1 releases for additional changes since 2.11):

Packaging

New Features

Fixes

New Contributors

Full Changelog: pydantic/pydantic@v2.11.10...v2.12.0

v2.12.0b1 2025-10-03

... (truncated)

Changelog

Sourced from pydantic's changelog.

v2.12.0 (2025-10-07)

GitHub release

What's Changed

This is the final 2.12 release. It features the work of 20 external contributors and provides useful new features, along with initial Python 3.14 support. Several minor changes (considered non-breaking changes according to our versioning policy) are also included in this release. Make sure to look into them before upgrading.

Note that Pydantic V1 is not compatible with Python 3.14 and greater.

Changes (see the alpha and beta releases for additional changes since 2.11):

Packaging

New Features

Fixes

New Contributors

v2.12.0b1 (2025-10-03)

GitHub release

This is the first beta release of the upcoming 2.12 release.

What's Changed

... (truncated)

Commits

Updates alembic from 1.16.5 to 1.17.0

Release notes

Sourced from alembic's releases.

1.17.0

Released: October 11, 2025

  • [change] [tests] The top-level test runner has been changed to use nox, adding a noxfile.py as well as some included modules. The tox.ini file remains in place so that tox runs will continue to function in the near term, however it will be eventually removed and improvements and maintenance going forward will be only towards noxfile.py.

  • [change] [general] The minimum Python version is now 3.10, as Python 3.9 is EOL.

Commits

Updates sqlalchemy from 2.0.43 to 2.0.44

Release notes

Sourced from sqlalchemy's releases.

2.0.44

Released: October 10, 2025

platform

  • [platform] [bug] Unblocked automatic greenlet installation for Python 3.14 now that there are greenlet wheels on pypi for python 3.14.

orm

  • [orm] [usecase] The way ORM Annotated Declarative interprets Python PEP 695 type aliases in Mapped[] annotations has been refined to expand the lookup scheme. A PEP 695 type can now be resolved based on either its direct presence in _orm.registry.type_annotation_map or its immediate resolved value, as long as a recursive lookup across multiple PEP 695 types is not required for it to resolve. This change reverses part of the restrictions introduced in 2.0.37 as part of #11955, which deprecated (and disallowed in 2.1) the ability to resolve any PEP 695 type that was not explicitly present in _orm.registry.type_annotation_map. Recursive lookups of PEP 695 types remains deprecated in 2.0 and disallowed in version 2.1, as do implicit lookups of NewType types without an entry in _orm.registry.type_annotation_map.

    Additionally, new support has been added for generic PEP 695 aliases that refer to PEP 593 Annotated constructs containing _orm.mapped_column() configurations. See the sections below for examples.

    References: #12829

  • [orm] [bug] Fixed a caching issue where _orm.with_loader_criteria() would incorrectly reuse cached bound parameter values when used with _sql.CompoundSelect constructs such as _sql.union(). The issue was caused by the cache key for compound selects not including the execution options that are part of the _sql.Executable base class, which _orm.with_loader_criteria() uses to apply its criteria dynamically. The fix ensures that compound selects and other executable constructs properly include execution options in their cache key traversal.

    References: #12905

engine

  • [engine] [bug] Implemented initial support for free-threaded Python by adding new tests and reworking the test harness to include Python 3.13t and Python 3.14t in

... (truncated)

Commits

Updates cachetools from 6.2.0 to 6.2.1

Changelog

Sourced from cachetools's changelog.

v6.2.1 (2025-10-12)

  • Add support for Python 3.14.

  • Improve documentation.

  • Update CI environment.

Commits
  • ca7508f Release v6.2.1.
  • f719307 Fix #339: Improve documentation regarding funtion default arguments.
  • b32d00b Fix typos.
  • a9a7e2c Move extended @​ttl_cache docs to proper place.
  • 072b7e1 docs: clarify what units the ttl argument uses (i.e., seconds)
  • b620ef9 Add support for Python 3.14.
  • 8d7b64f Bump actions/checkout from 4.2.2 to 5.0.0
  • feb17ff Bump codecov/codecov-action from 5.4.3 to 5.5.1
  • 22c1652 Bump actions/setup-python from 5.6.0 to 6.0.0
  • See full diff in compare view

Updates fastapi from 0.118.1 to 0.119.0

Release notes

Sourced from fastapi's releases.

0.119.0

FastAPI now (temporarily) supports both Pydantic v2 models and pydantic.v1 models at the same time in the same app, to make it easier for any FastAPI apps still using Pydantic v1 to gradually but quickly migrate to Pydantic v2.

from fastapi import FastAPI
from pydantic import BaseModel as BaseModelV2
from pydantic.v1 import BaseModel
class Item(BaseModel):
name: str
description: str | None = None
class ItemV2(BaseModelV2):
title: str
summary: str | None = None
app = FastAPI()
@​app.post("/items/", response_model=ItemV2)
def create_item(item: Item):
return {"title": item.name, "summary": item.description}

Adding this feature was a big effort with the main objective of making it easier for the few applications still stuck in Pydantic v1 to migrate to Pydantic v2.

And with this, support for Pydantic v1 is now deprecated and will be removed from FastAPI in a future version soon.

Note: have in mind that the Pydantic team already stopped supporting Pydantic v1 for recent versions of Python, starting with Python 3.14.

You can read in the docs more about how to Migrate from Pydantic v1 to Pydantic v2.

Features

  • ✨ Add support for from pydantic.v1 import BaseModel, mixed Pydantic v1 and v2 models in the same app. PR #14168 by @​tiangolo.

0.118.3

Upgrades

0.118.2

Fixes

Internal

... (truncated)

Commits
  • 2e721e1 🔖 Release version 0.119.0
  • fc7a068 📝 Update release notes
  • 3a3879b 📝 Update release notes
  • d34918a ✨ Add support for from pydantic.v1 import BaseModel, mixed Pydantic v1 and ...
  • 352dbef 🔖 Release version 0.118.3
  • 96e7d6e 📝 Update release notes
  • 3611c3f ⬆️ Add support for Python 3.14 (#14165)
  • 942fce3 🔖 Release version 0.118.2
  • 13b067c 📝 Update release notes
  • 185cecd 🐛 Fix tagged discriminated union not recognized as body field (#12942)
  • Additional commits viewable in compare view

Updates uvicorn from 0.36.1 to 0.37.0

Release notes

Sourced from uvicorn's releases.

Version 0.37.0

What's Changed

New Contributors

Full Changelog: Kludex/uvicorn@0.36.1...0.37.0

Changelog

Sourced from uvicorn's changelog.

0.37.0 (September 23, 2025)

Added

  • Add --timeout-worker-healthcheck option (#2711)
  • Add os.PathLike[str] type to ssl_ca_certs (#2676)
Commits

Updates faker from 37.8.0 to 37.11.0

Release notes

Sourced from faker's releases.

Release v37.11.0

See CHANGELOG.md.

Release v37.10.0

See CHANGELOG.md.

Release v37.9.0

See CHANGELOG.md.

Changelog

Sourced from faker's changelog.

v37.11.0 - 2025-10-07

v37.9.0 - 2025-10-07

  • Add names generation to en_KE locale. Thanks @​titustum.
Commits

Updates pytest-rerunfailures from 16.0.1 to 16.1

Changelog

Sourced from pytest-rerunfailures's changelog.

16.1 (2025-10-10)

  • Drop support for Python 3.9.

  • Changed "localhost" to "127.0.0.1" to avoid bad hostname resolution.

  • Added --force-reruns to override rerun count globally. Fixes [#306](https://github.com/pytest-dev/pytest-rerunfailures/issues/306) <https://github.com/pytest-dev/pytest-rerunfailures/issues/306>_.

Commits
  • b015092 Preparing release 16.1
  • c1666dd Prepare release.
  • 8d04ad9 Fix NotImplementedError crash when using xdist schedulers without `mark_tes...
  • cb8ede7 Add a --force-reruns to override rerun count globally (#307)
  • 5e01132 Bump actions/setup-python from 5 to 6 in the actions group (#310)
  • 88e0023 Drop support for Python 3.9. (#308)
  • df47974 Change 'localhost' to '127.0.0.1' (#305)
  • f149c7d Back to development: 16.1
  • See full diff in compare view

Updates psycopg2-binary from 2.9.10 to 2.9.11

Changelog

Sourced from psycopg2-binary's changelog.

Current release

What's new in psycopg 2.9.11 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Add support for Python 3.14.
  • Avoid a segfault passing more arguments than placeholders if Python is built with assertions enabled (:ticket:[#1791](https://github.com/psycopg/psycopg2/issues/1791)).
  • ~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 18.
  • Drop support for Python 3.8.

What's new in psycopg 2.9.10 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Add support for Python 3.13.
  • Receive notifications on commit (:ticket:[#1728](https://github.com/psycopg/psycopg2/issues/1728)).
  • ~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 17.
  • Drop support for Python 3.7.

What's new in psycopg 2.9.9 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Add support for Python 3.12.
  • Drop support for Python 3.6.

What's new in psycopg 2.9.8 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Wheel package bundled with PostgreSQL 16 libpq in order to add support for recent features, such as sslcertmode.

What's new in psycopg 2.9.7 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Fix propagation of exceptions raised during module initialization (:ticket:[#1598](https://github.com/psycopg/psycopg2/issues/1598)).
  • Fix building when pg_config returns an empty string (:ticket:[#1599](https://github.com/psycopg/psycopg2/issues/1599)).
  • Wheel package bundled with OpenSSL 1.1.1v.

What's new in psycopg 2.9.6 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

... (truncated)

Commits
  • fd9ae8c chore: bump to version 2.9.11
  • d923840 chore: update docs requirements
  • d42dc71 Merge branch 'fix-1791'
  • 4fde656 fix: avoid failed assert passing more arguments than placeholders
  • 8308c19 fix: drop warning about the use of deprecated PyWeakref_GetObject function
  • 1a1eabf build(deps): bump actions/github-script from 7 to 8
  • 897af8b build(deps): bump peter-evans/repository-dispatch from 3 to 4
  • ceefd30 build(deps): bump actions/checkout from 4 to 5
  • 4dc5854 build(deps): bump actions/setup-python from 5 to 6
  • 1945788 Merge pull request #1802 from edgarrmondragon/cp314-wheels
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the python-packages group with 9 updates
e9e10da 
Bumps the python-packages group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [pydantic](https://github.com/pydantic/pydantic) | `2.11.10` | `2.12.0` |
| [alembic](https://github.com/sqlalchemy/alembic) | `1.16.5` | `1.17.0` |
| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.43` | `2.0.44` |
| [cachetools](https://github.com/tkem/cachetools) | `6.2.0` | `6.2.1` |
| [fastapi](https://github.com/fastapi/fastapi) | `0.118.1` | `0.119.0` |
| [uvicorn](https://github.com/Kludex/uvicorn) | `0.36.1` | `0.37.0` |
| [faker](https://github.com/joke2k/faker) | `37.8.0` | `37.11.0` |
| [pytest-rerunfailures](https://github.com/pytest-dev/pytest-rerunfailures) | `16.0.1` | `16.1` |
| [psycopg2-binary](https://github.com/psycopg/psycopg2) | `2.9.10` | `2.9.11` |


Updates `pydantic` from 2.11.10 to 2.12.0
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](pydantic/pydantic@v2.11.10...v2.12.0)

Updates `alembic` from 1.16.5 to 1.17.0
- [Release notes](https://github.com/sqlalchemy/alembic/releases)
- [Changelog](https://github.com/sqlalchemy/alembic/blob/main/CHANGES)
- [Commits](https://github.com/sqlalchemy/alembic/commits)

Updates `sqlalchemy` from 2.0.43 to 2.0.44
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

Updates `cachetools` from 6.2.0 to 6.2.1
- [Changelog](https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst)
- [Commits](tkem/cachetools@v6.2.0...v6.2.1)

Updates `fastapi` from 0.118.1 to 0.119.0
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.118.1...0.119.0)

Updates `uvicorn` from 0.36.1 to 0.37.0
- [Release notes](https://github.com/Kludex/uvicorn/releases)
- [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md)
- [Commits](Kludex/uvicorn@0.36.1...0.37.0)

Updates `faker` from 37.8.0 to 37.11.0
- [Release notes](https://github.com/joke2k/faker/releases)
- [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md)
- [Commits](joke2k/faker@v37.8.0...v37.11.0)

Updates `pytest-rerunfailures` from 16.0.1 to 16.1
- [Changelog](https://github.com/pytest-dev/pytest-rerunfailures/blob/master/CHANGES.rst)
- [Commits](pytest-dev/pytest-rerunfailures@16.0.1...16.1)

Updates `psycopg2-binary` from 2.9.10 to 2.9.11
- [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS)
- [Commits](psycopg/psycopg2@2.9.10...2.9.11)

---
updated-dependencies:
- dependency-name: pydantic
  dependency-version: 2.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: alembic
  dependency-version: 1.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: sqlalchemy
  dependency-version: 2.0.44
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-packages
- dependency-name: cachetools
  dependency-version: 6.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-packages
- dependency-name: fastapi
  dependency-version: 0.119.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: uvicorn
  dependency-version: 0.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: faker
  dependency-version: 37.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: pytest-rerunfailures
  dependency-version: '16.1'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: psycopg2-binary
  dependency-version: 2.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-packages
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the type:dependency Dependency-related changes label Oct 13, 2025
@MTSOnGithub MTSOnGithub enabled auto-merge (rebase) October 13, 2025 19:01
@github-actions
Copy link

github-actions bot commented Oct 13, 2025

Coverage

Coverage Report •
FileStmtsMissCoverMissing
TOTAL705039794% 
report-only-changed-files is enabled. No files were changed during this commit :)

@MTSOnGithub MTSOnGithub merged commit d3ea795 into develop Oct 13, 2025
11 checks passed
@MTSOnGithub MTSOnGithub deleted the dependabot/uv/python-packages-855d046cd9 branch October 13, 2025 19:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MTSOnGithub MTSOnGithub MTSOnGithub approved these changes

Assignees

No one assigned

Labels

type:dependency Dependency-related changes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MTSOnGithub