Skip to content

Bump the production-version-updates group with 4 updates#339

Merged
github-actions[bot] merged 1 commit intomainfrom
dependabot/pip/production-version-updates-019f65ef8a
Mar 2, 2026
Merged

Bump the production-version-updates group with 4 updates#339
github-actions[bot] merged 1 commit intomainfrom
dependabot/pip/production-version-updates-019f65ef8a

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 2, 2026

Bumps the production-version-updates group with 4 updates: fastapi, sqlalchemy, certifi and python-dotenv.

Updates fastapi from 0.131.0 to 0.135.1

Release notes

Sourced from fastapi's releases.

0.135.1

Fixes

  • 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed in the request async exit stack. PR #15038 by @​tiangolo.

Docs

Internal

0.135.0

Features

0.134.0

Features

  • ✨ Add support for streaming JSON Lines and binary data with yield. PR #15022 by @​tiangolo.
    • This also upgrades Starlette from >=0.40.0 to >=0.46.0, as it's needed to properly unrwap and re-raise exceptions from exception groups.
    • New docs: Stream JSON Lines.
    • And new docs: Stream Data.

Docs

  • 📝 Update Library Agent Skill with streaming responses. PR #15024 by @​tiangolo.
  • 📝 Update docs for responses and new stream with yield. PR #15023 by @​tiangolo.
  • 📝 Add await in StreamingResponse code example to allow cancellation. PR #14681 by @​casperdcl.
  • 📝 Rename docs_src/websockets to docs_src/websockets_ to avoid import errors. PR #14979 by @​YuriiMotov.

Internal

0.133.1

Features

Internal

... (truncated)

Commits
  • ca5f60e 🔖 Release version 0.135.1
  • 87f75aa 📝 Update release notes
  • 8a9258b 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed...
  • 6038507 📝 Update release notes
  • c796ba4 👥 Update FastAPI People - Experts (#15037)
  • b24aa03 📝 Update release notes
  • 2c61047 ✏️ Fix typo in docs/en/docs/_llm-test.md (#15007)
  • e3bbeef 📝 Update release notes
  • d726c8c 📝 Update release notes
  • cf514e6 👥 Update FastAPI People - Contributors and Translators (#15029)
  • Additional commits viewable in compare view

Updates sqlalchemy from 2.0.46 to 2.0.47

Release notes

Sourced from sqlalchemy's releases.

2.0.47

Released: February 24, 2026

orm

  • [orm] [bug] Fixed issue when using ORM mappings with Python 3.14's PEP 649 feature that no longer requires "future annotations", where the ORM's introspection of the __init__ method of mapped classes would fail if non-present identifiers in annotations were present. The vendored getfullargspec() method has been amended to use Format.FORWARDREF under Python 3.14 to prevent resolution of names that aren't present.

    References: #13104

engine

  • [engine] [usecase] The connection object returned by _engine.Engine.raw_connection() now supports the context manager protocol, automatically returning the connection to the pool when exiting the context.

    References: #13116

postgresql

  • [postgresql] [bug] Fixed an issue in the PostgreSQL dialect where foreign key constraint reflection would incorrectly swap or fail to capture onupdate and ondelete values when these clauses appeared in a different order than expected in the constraint definition. This issue primarily affected PostgreSQL-compatible databases such as CockroachDB, which may return ON DELETE before ON UPDATE in the constraint definition string. The reflection logic now correctly parses both clauses regardless of their ordering.

    References: #13105

  • [postgresql] [bug] Fixed issue in the engine_insertmanyvalues feature where using PostgreSQL's ON CONFLICT clause with _dml.Insert.returning.sort_by_parameter_order enabled would generate invalid SQL when the insert used an implicit sentinel (server-side autoincrement primary key). The generated SQL would incorrectly declare a sentinel counter column in the imp_sen table alias without providing corresponding values in the VALUES clause, leading to a ProgrammingError indicating column count mismatch. The fix allows batch execution mode when embed_values_counter is active, as the embedded counter provides the ordering capability needed even with upsert behaviors, rather than unnecessarily downgrading to row-at-a-time execution.

... (truncated)

Commits

Updates certifi from 2026.1.4 to 2026.2.25

Commits

Updates python-dotenv from 1.2.1 to 1.2.2

Release notes

Sourced from python-dotenv's releases.

v1.2.2

Added

  • Support for Python 3.14, including the free-threaded (3.14t) build. (#)

Changed

  • The dotenv run command now forwards flags directly to the specified command by @​bbc2 in theskumar/python-dotenv#607
  • Improved documentation clarity regarding override behavior and the reference page.
  • Updated PyPy support to version 3.11.
  • Documentation for FIFO file support.
  • Support for Python 3.9.

Fixed

Breaking Changes

  • dotenv.set_key and dotenv.unset_key used to follow symlinks in some situations. This is no longer the case. For that behavior to be restored in all cases, follow_symlinks=True should be used.

  • In the CLI, set and unset used to follow symlinks in some situations. This is no longer the case.

  • dotenv.set_key, dotenv.unset_key and the CLI commands set and unset used to reset the file mode of the modified .env file to 0o600 in some situations. This is no longer the case: The original mode of the file is now preserved. Is the file needed to be created or wasn't a regular file, mode 0o600 is used.

Misc

New Contributors

Full Changelog: theskumar/python-dotenv@v1.2.1...v1.2.2

Changelog

Sourced from python-dotenv's changelog.

[1.2.2] - 2026-03-01

Added

  • Support for Python 3.14, including the free-threaded (3.14t) build. (#588)

Changed

  • The dotenv run command now forwards flags directly to the specified command by [@​bbc2] in #607
  • Improved documentation clarity regarding override behavior and the reference page.
  • Updated PyPy support to version 3.11.
  • Documentation for FIFO file support.
  • Dropped Support for Python 3.9.

Fixed

  • Improved set_key and unset_key behavior when interacting with symlinks by [@​bbc2] in [790c5c0]
  • Corrected the license specifier and added missing Python 3.14 classifiers in package metadata by [@​JYOuyang] in #590

Breaking Changes

  • dotenv.set_key and dotenv.unset_key used to follow symlinks in some situations. This is no longer the case. For that behavior to be restored in all cases, follow_symlinks=True should be used.

  • In the CLI, set and unset used to follow symlinks in some situations. This is no longer the case.

  • dotenv.set_key, dotenv.unset_key and the CLI commands set and unset used to reset the file mode of the modified .env file to 0o600 in some situations. This is no longer the case: The original mode of the file is now preserved. Is the file needed to be created or wasn't a regular file, mode 0o600 is used.

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the production-version-updates group with 4 updates
e2464be 
Bumps the production-version-updates group with 4 updates: [fastapi](https://github.com/fastapi/fastapi), [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy), [certifi](https://github.com/certifi/python-certifi) and [python-dotenv](https://github.com/theskumar/python-dotenv).


Updates `fastapi` from 0.131.0 to 0.135.1
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.131.0...0.135.1)

Updates `sqlalchemy` from 2.0.46 to 2.0.47
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

Updates `certifi` from 2026.1.4 to 2026.2.25
- [Commits](certifi/python-certifi@2026.01.04...2026.02.25)

Updates `python-dotenv` from 1.2.1 to 1.2.2
- [Release notes](https://github.com/theskumar/python-dotenv/releases)
- [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md)
- [Commits](theskumar/python-dotenv@v1.2.1...v1.2.2)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.135.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-version-updates
- dependency-name: sqlalchemy
  dependency-version: 2.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-version-updates
- dependency-name: certifi
  dependency-version: 2026.2.25
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-version-updates
- dependency-name: python-dotenv
  dependency-version: 1.2.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 2, 2026
@github-actions github-actions bot enabled auto-merge March 2, 2026 12:15
@github-actions github-actions bot merged commit 32ee44e into main Mar 2, 2026
4 checks passed
@github-actions github-actions bot deleted the dependabot/pip/production-version-updates-019f65ef8a branch March 2, 2026 12:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants