chore(deps): update fastapi requirement from <1,>=0.136.3 to >=0.138.0,<1#107
chore(deps): update fastapi requirement from <1,>=0.136.3 to >=0.138.0,<1#107dependabot[bot] wants to merge 1 commit into
Conversation
Updates the requirements on [fastapi](https://github.com/fastapi/fastapi) to permit the latest version. - [Release notes](https://github.com/fastapi/fastapi/releases) - [Commits](fastapi/fastapi@0.136.3...0.138.0) --- updated-dependencies: - dependency-name: fastapi dependency-version: 0.138.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
…ut v0.19.5 (#111) Bundles the six open Dependabot PRs (#105–#110). All six were failing the CI `security` gate on the same stale lock pin: pydantic-settings==2.14.1 (GHSA-4xgf-cpjx-pc3j, fixed in 2.14.2). The gate audits requirements.lock, which Dependabot never regenerates, so every PR was blocked by a CVE most of them don't touch. Regenerating the lockfile clears it. - fastapi >=0.136.3 → >=0.138.0 (#107) - slowapi >=0.1.9 → >=0.1.10 (#108) - pydantic-settings >=2.14.1 → >=2.14.2 (#110) - ruff >=0.15.17 → >=0.15.19 (#106, dev) - pytest >=9.1.0 → >=9.1.1 (#109, dev) - actions/checkout v6 → v7 (#105, CI) Lockfile regen also floated anyio, click, fastapi, wrapt transitives. pip-audit -r requirements.lock: no known vulnerabilities. 222 tests pass. Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
Superseded by #111 (merged as part of the v0.19.5 dependency bundle), which applies this bump along with the regenerated |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
1 participant
Updates the requirements on fastapi to permit the latest version.
Release notes
Sourced from fastapi's releases.
Commits
4b83b0d🔖 Release version 0.138.0 (#15808)041cb0c📝 Update release notes1039384📝 Fix typo in release notes (#15807)0303491📝 Update release notes190f6e2📝 Add Frontend instructions to Agent Library Skill (#15805)17945e5📝 Update release notes2260afa🐛 Fix failing test, update format for raised errors (#15804)0cd5001📝 Update release notes7cb1ab6👷 Fix test-alls-green (#15803)9c7eceb📝 Update release notesDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)