Sourced from sqlalchemy's releases.

1.4.44

Released: November 12, 2022

sql

• [sql] [bug] Fixed critical memory issue identified in cache key generation, where for very large and complex ORM statements that make use of lots of ORM aliases with subqueries, cache key generation could produce excessively large keys that were orders of magnitude bigger than the statement itself. Much thanks to Rollo Konig Brock for their very patient, long term help in finally identifying this issue.

  References: #8790

postgresql

• [postgresql] [bug] [mssql] For the PostgreSQL and SQL Server dialects only, adjusted the compiler so that when rendering column expressions in the RETURNING clause, the "non anon" label that's used in SELECT statements is suggested for SQL expression elements that generate a label; the primary example is a SQL function that may be emitting as part of the column's type, where the label name should match the column's name by default. This restores a not-well defined behavior that had changed in version 1.4.21 due to #6718, #6710. The Oracle dialect has a different RETURNING implementation and was not affected by this issue. Version 2.0 features an across the board change for its widely expanded support of RETURNING on other backends.

  References: #8770

oracle

• [oracle] [bug] Fixed issue in the Oracle dialect where an INSERT statement that used insert(some_table).values(...).returning(some_table) against a full Table object at once would fail to execute, raising an exception.

tests

• [tests] [bug] Fixed issue where the --disable-asyncio parameter to the test suite would fail to not actually run greenlet tests and would also not prevent the suite from using a "wrapping" greenlet for the whole suite. This parameter now ensures that no greenlet or asyncio use will occur within the entire run when set.

  References: #8793

... (truncated)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from sqlalchemy's releases.

1.4.42

Released: October 16, 2022

orm

• [orm] [bug] The _orm.Session.execute.bind_arguments dictionary is no longer mutated when passed to _orm.Session.execute() and similar; instead, it's copied to an internal dictionary for state changes. Among other things, this fixes and issue where the "clause" passed to the _orm.Session.get_bind() method would be incorrectly referring to the _sql.Select construct used for the "fetch" synchronization strategy, when the actual query being emitted was a _dml.Delete or _dml.Update. This would interfere with recipes for "routing sessions".

  References: #8614

• [orm] [bug] A warning is emitted in ORM configurations when an explicit _orm.remote() annotation is applied to columns that are local to the immediate mapped class, when the referenced class does not include any of the same table columns. Ideally this would raise an error at some point as it's not correct from a mapping point of view.

  References: #7094

• [orm] [bug] A warning is emitted when attempting to configure a mapped class within an inheritance hierarchy where the mapper is not given any polymorphic identity, however there is a polymorphic discriminator column assigned. Such classes should be abstract if they never intend to load directly.

  References: #7545

• [orm] [bug] [regression] Fixed regression for 1.4 in _orm.contains_eager() where the "wrap in subquery" logic of _orm.joinedload() would be inadvertently triggered for use of the _orm.contains_eager() function with similar statements (e.g. those that use distinct(), limit() or offset()), which would then lead to secondary issues with queries that used some combinations of SQL label names and aliasing. This "wrapping" is not appropriate for _orm.contains_eager() which has always had the contract that the user-defined SQL statement is unmodified with the exception of adding the appropriate columns to be fetched.

  References: #8569

• [orm] [bug] [regression] Fixed regression where using ORM update() with synchronize_session='fetch' would fail due to the use of evaluators that are now used to determine the in-Python value for expressions in the the SET clause when refreshing objects; if the evaluators make use of math operators against non-numeric

... (truncated)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from black's releases.

22.10.0

Highlights

• Runtime support for Python 3.6 has been removed. Formatting 3.6 code will still be supported until further notice.

Stable style

• Fix a crash when # fmt: on is used on a different block level than # fmt: off (#3281)

Preview style

• Fix a crash when formatting some dicts with parenthesis-wrapped long string keys (#3262)

Configuration

• .ipynb_checkpoints directories are now excluded by default (#3293)
• Add --skip-source-first-line / -x option to ignore the first line of source code while formatting (#3299)

Packaging

• Executables made with PyInstaller will no longer crash when formatting several files at once on macOS. Native x86-64 executables for macOS are available once again. (#3275)
• Hatchling is now used as the build backend. This will not have any effect for users who install Black with its wheels from PyPI. (#3233)
• Faster compiled wheels are now available for CPython 3.11 (#3276)

Blackd

• Windows style (CRLF) newlines will be preserved (#3257).

Integrations

• Vim plugin: add flag (g:black_preview) to enable/disable the preview style (#3246)
• Update GitHub Action to support formatting of Jupyter Notebook files via a jupyter option (#3282)
• Update GitHub Action to support use of version specifiers (e.g. <23) for Black version (#3265)

22.8.0

Highlights

• Python 3.11 is now supported, except for blackd as aiohttp does not support 3.11 as of publishing (#3234)
• This is the last release that supports running Black on Python 3.6 (formatting 3.6 code will continue to be supported until further notice)
• Reword the stability policy to say that we may, in rare cases, make changes that affect code that was not previously formatted by Black (#3155)

... (truncated)

Sourced from black's changelog.

22.10.0

Highlights

• Runtime support for Python 3.6 has been removed. Formatting 3.6 code will still be supported until further notice.

Stable style

• Fix a crash when # fmt: on is used on a different block level than # fmt: off (#3281)

Preview style

• Fix a crash when formatting some dicts with parenthesis-wrapped long string keys (#3262)

Configuration

• .ipynb_checkpoints directories are now excluded by default (#3293)
• Add --skip-source-first-line / -x option to ignore the first line of source code while formatting (#3299)

Packaging

• Executables made with PyInstaller will no longer crash when formatting several files at once on macOS. Native x86-64 executables for macOS are available once again. (#3275)
• Hatchling is now used as the build backend. This will not have any effect for users who install Black with its wheels from PyPI. (#3233)
• Faster compiled wheels are now available for CPython 3.11 (#3276)

Blackd

• Windows style (CRLF) newlines will be preserved (#3257).

Integrations

• Vim plugin: add flag (g:black_preview) to enable/disable the preview style (#3246)
• Update GitHub Action to support formatting of Jupyter Notebook files via a jupyter option (#3282)
• Update GitHub Action to support use of version specifiers (e.g. <23) for Black version (#3265)

22.8.0

Highlights

• Python 3.11 is now supported, except for blackd as aiohttp does not support 3.11 as of publishing (#3234)

... (truncated)

• 27d2014 Prepare release 22.10.0 (#3311)
• 4da0851 Add option to skip the first line of source code (#3299)
• 0359b85 Preserve crlf line endings in blackd (#3257)
• 27d7ea4 Bump docutils from 0.18.1 to 0.19 in /docs (#3161)
• 1a20c4d Bump sphinx from 5.2.1 to 5.2.3 in /docs (#3305)
• 980997f Bump furo from 2022.9.15 to 2022.9.29 in /docs (#3304)
• b1077aa Bump myst-parser from 0.18.0 to 0.18.1 in /docs (#3303)
• 956bf39 Add .ipynb_checkpoints to DEFAULT_EXCLUDES (#3293)
• 141291a Enable build isolation under CIWB (#3297)
• ddb9924 Bump pypa/cibuildwheel from 2.10.0 to 2.10.2 (#3290)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 1c2b899 Bump version to 0.982
• 51d9858 Restore Type vs Callable special-casing that was broken in refactoring (#13784)
• d03f201 Suggest using upper bound for unbound tvar (#13730)
• 5b17cc6 Fix overload overlap check for UninhabitedType (#13461)
• c7b4714 Update version to 0.981
• 2bd7da2 [0.980 backport] build changes (#13688)
• 2b2953a [0.980 backport] Update pos-only unit tests for Python 3.10.7 (#13660) (#13665)
• ada0078 Remove dev from version
• efd1d38 [0.980 backport] Fix stubtest custom_typeshed_dir regression (#13656) (#13658)
• 70bc348 [0.980 backport] Allow unpacking from TypeVars with iterable bounds (#13425) ...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• c7b4714 Update version to 0.981
• 2bd7da2 [0.980 backport] build changes (#13688)
• 2b2953a [0.980 backport] Update pos-only unit tests for Python 3.10.7 (#13660) (#13665)
• ada0078 Remove dev from version
• efd1d38 [0.980 backport] Fix stubtest custom_typeshed_dir regression (#13656) (#13658)
• 70bc348 [0.980 backport] Allow unpacking from TypeVars with iterable bounds (#13425) ...
• e43dbb9 Work around mypyc test failures in CI (#13593)
• 64add91 Another cherry-pick fix
• 228bd29 Fix error codes option serialization (#13523)
• 1f80611 Allow per-module error codes (#13502)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from sqlalchemy's releases.

1.4.41

Released: September 6, 2022

orm

• [orm] [bug] [events] Fixed event listening issue where event listeners added to a superclass would be lost if a subclass were created which then had its own listeners associated. The practical example is that of the sessionmaker class created after events have been associated with the _orm.Session class.

  References: #8467

• [orm] [bug] Hardened the cache key strategy for the _orm.aliased() and _orm.with_polymorphic() constructs. While no issue involving actual statements being cached can easily be demonstrated (if at all), these two constructs were not including enough of what makes them unique in their cache keys for caching on the aliased construct alone to be accurate.

  References: #8401

• [orm] [bug] [regression] Fixed regression appearing in the 1.4 series where a joined-inheritance query placed as a subquery within an enclosing query for that same entity would fail to render the JOIN correctly for the inner query. The issue manifested in two different ways prior and subsequent to version 1.4.18 (related issue #6595), in one case rendering JOIN twice, in the other losing the JOIN entirely. To resolve, the conditions under which "polymorphic loading" are applied have been scaled back to not be invoked for simple joined inheritance queries.

  References: #8456

• [orm] [bug] Fixed issue in sqlalchemy.ext.mutable extension where collection links to the parent object would be lost if the object were merged with Session.merge() while also passing Session.merge.load as False.

  References: #8446

• [orm] [bug] Fixed issue involving _orm.with_loader_criteria() where a closure variable used as bound parameter value within the lambda would not carry forward correctly into additional relationship loaders such as _orm.selectinload() and _orm.lazyload() after the statement were cached, using the stale originally-cached value instead.

  References: #8399

sql

... (truncated)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pytest's releases.

7.1.3

pytest 7.1.3 (2022-08-31)

Bug Fixes

• #10060: When running with --pdb, TestCase.tearDown is no longer called for tests when the class has been skipped via unittest.skip or pytest.mark.skip.
• #10190: Invalid XML characters in setup or teardown error messages are now properly escaped for JUnit XML reports.
• #10230: Ignore .py files created by pyproject.toml-based editable builds introduced in pip 21.3.
• #3396: Doctests now respect the --import-mode flag.
• #9514: Type-annotate FixtureRequest.param as Any as a stop gap measure until 8073{.interpreted-text role="issue"} is fixed.
• #9791: Fixed a path handling code in rewrite.py that seems to work fine, but was incorrect and fails in some systems.
• #9917: Fixed string representation for pytest.approx{.interpreted-text role="func"} when used to compare tuples.

Improved Documentation

• #9937: Explicit note that tmpdir{.interpreted-text role="fixture"} fixture is discouraged in favour of tmp_path{.interpreted-text role="fixture"}.

Trivial/Internal Changes

• #10114: Replace atomicwrites dependency on windows with [os.replace]{.title-ref}.

7.1.2

pytest 7.1.2 (2022-04-23)

Bug Fixes

• #9726: An unnecessary numpy import inside pytest.approx{.interpreted-text role="func"} was removed.
• #9820: Fix comparison of dataclasses with InitVar.
• #9869: Increase stacklevel for the NODE_CTOR_FSPATH_ARG deprecation to point to the user's code, not pytest.
• #9871: Fix a bizarre (and fortunately rare) bug where the [temp_path]{.title-ref} fixture could raise an internal error while attempting to get the current user's username.

7.1.1

pytest 7.1.1 (2022-03-17)

Bug Fixes

• #9767: Fixed a regression in pytest 7.1.0 where some conftest.py files outside of the source tree (e.g. in the [site-packages]{.title-ref} directory) were not picked up.

7.1.0

pytest 7.1.0 (2022-03-13)

... (truncated)

• 4645bcd Remove incorrect output in how-to/fixtures.rst
• fadfb4f Prepare release version 7.1.3
• ab96ea8 Merge pull request #10258 from pytest-dev/backport-10252-to-7.1.x
• fc0e024 [7.1.x] Fix regendoc
• 8f5088f Merge pull request #10249 from pytest-dev/backport-10231-to-7.1.x
• aae93d6 Ignore type-errors related to attr.asdict
• 71b79fc [7.1.x] Ignore editable installation modules
• 89f7518 Merge pull request #10222 from pytest-dev/backport-10171-to-7.1.x
• 88fc45b [7.1.x] Update fixtures.rst w/ finalizer order
• d0b53d6 Merge pull request #10221 from pytest-dev/backport-10217-to-7.1.x
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from black's releases.

22.8.0

Highlights

• Python 3.11 is now supported, except for blackd as aiohttp does not support 3.11 as of publishing (#3234)
• This is the last release that supports running Black on Python 3.6 (formatting 3.6 code will continue to be supported until further notice)
• Reword the stability policy to say that we may, in rare cases, make changes that affect code that was not previously formatted by Black (#3155)

Stable style

• Fix an infinite loop when using # fmt: on/off in the middle of an expression or code block (#3158)
• Fix incorrect handling of # fmt: skip on colon (:) lines (#3148)
• Comments are no longer deleted when a line had spaces removed around power operators (#2874)

Preview style

• Single-character closing docstring quotes are no longer moved to their own line as this is invalid. This was a bug introduced in version 22.6.0. (#3166)
• --skip-string-normalization / -S now prevents docstring prefixes from being normalized as expected (#3168)
• When using --skip-magic-trailing-comma or -C, trailing commas are stripped from subscript expressions with more than 1 element (#3209)
• Implicitly concatenated strings inside a list, set, or tuple are now wrapped inside parentheses (#3162)
• Fix a string merging/split issue when a comment is present in the middle of implicitly concatenated strings on its own line (#3227)

Blackd

• blackd now supports enabling the preview style via the X-Preview header (#3217)

Configuration

• Black now uses the presence of debug f-strings to detect target version (#3215)
• Fix misdetection of project root and verbose logging of sources in cases involving --stdin-filename (#3216)
• Immediate .gitignore files in source directories given on the command line are now also respected, previously only .gitignore files in the project root and automatically discovered directories were respected (#3237)

Documentation

• Recommend using BlackConnect in IntelliJ IDEs (#3150)

Integrations

• Vim plugin: prefix messages with Black: so it's clear they come from Black (#3194)
• Docker: changed to a /opt/venv installation + added to PATH to be available to non-root users (#3202)

Output

• Change from deprecated asyncio.get_event_loop() to create our event loop which removes DeprecationWarning (#3164)
• Remove logging from internal blib2to3 library since it regularly emits error logs about failed caching that can and should be ignored (#3193)

Parser

• Type comments are now included in the AST equivalence check consistently so accidental deletion raises an error. Though type comments can't be tracked when running on PyPy 3.7 due to standard library limitations. (#2874)

Performance

... (truncated)

Sourced from black's changelog.

22.8.0

Highlights

• Python 3.11 is now supported, except for blackd as aiohttp does not support 3.11 as of publishing (#3234)
• This is the last release that supports running Black on Python 3.6 (formatting 3.6 code will continue to be supported until further notice)
• Reword the stability policy to say that we may, in rare cases, make changes that affect code that was not previously formatted by Black (#3155)

Stable style

• Fix an infinite loop when using # fmt: on/off in the middle of an expression or code block (#3158)
• Fix incorrect handling of # fmt: skip on colon (:) lines (#3148)
• Comments are no longer deleted when a line had spaces removed around power operators (#2874)

Preview style

• Single-character closing docstring quotes are no longer moved to their own line as this is invalid. This was a bug introduced in version 22.6.0. (#3166)
• --skip-string-normalization / -S now prevents docstring prefixes from being normalized as expected (#3168)
• When using --skip-magic-trailing-comma or -C, trailing commas are stripped from subscript expressions with more than 1 element (#3209)
• Implicitly concatenated strings inside a list, set, or tuple are now wrapped inside parentheses (#3162)
• Fix a string merging/split issue when a comment is present in the middle of implicitly concatenated strings on its own line (#3227)

Blackd

• blackd now supports enabling the preview style via the X-Preview header (#3217)

Configuration

• Black now uses the presence of debug f-strings to detect target version (#3215)
• Fix misdetection of project root and verbose logging of sources in cases involving --stdin-filename (#3216)
• Immediate .gitignore files in source directories given on the command line are now also respected, previously only .gitignore files in the project root and automatically discovered directories were respected (#3237)

Documentation

• Recommend using BlackConnect in IntelliJ IDEs (#3150)

Integrations

... (truncated)

• 2018e66 Prepare docs for release 22.8.0 (#3248)
• 0019261 Update stable branch after publishing to PyPI (#3223)
• 7757078 Improve & update release process to reflect recent changes (#3242)
• 767604e Use .gitignore files in the initial source directories (#3237)
• 2c90480 Use strict mypy checking (#3222)
• ba618a3 Add parens around implicit string concatenations where it increases readabili...
• c0cc19b Delay worker count determination
• afed2c0 Load .gitignore and exclude regex at time of use
• e269f44 Lazily import parallelized format modules
• c47b91f Fix misdetection of project root with --stdin-filename (#3216)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from sqlalchemy's releases.

1.4.40

Released: August 8, 2022

orm

• [orm] [bug] Fixed issue where referencing a CTE multiple times in conjunction with a polymorphic SELECT could result in multiple "clones" of the same CTE being constructed, which would then trigger these two CTEs as duplicates. To resolve, the two CTEs are deep-compared when this occurs to ensure that they are equivalent, then are treated as equivalent.

  References: #8357

• [orm] [bug] A _sql.select() construct that is passed a sole '*' argument for SELECT *, either via string, _sql.text(), or _sql.literal_column(), will be interpreted as a Core-level SQL statement rather than as an ORM level statement. This is so that the *, when expanded to match any number of columns, will result in all columns returned in the result. the ORM- level interpretation of _sql.select() needs to know the names and types of all ORM columns up front which can't be achieved when '*' is used.

  If '* is used amongst other expressions simultaneously with an ORM statement, an error is raised as this can't be interpreted correctly by the ORM.

  References: #8235

orm declarative

• [orm] [declarative] [bug] Fixed issue where a hierarchy of classes set up as an abstract or mixin declarative classes could not declare standalone columns on a superclass that would then be copied correctly to a _orm.declared_attr callable that wanted to make use of them on a descendant class.

  References: #8190

engine

• [engine] [usecase] Implemented new _engine.Connection.execution_options.yield_per execution option for _engine.Connection in Core, to mirror that of the same yield_per <orm_queryguide_yield_per> option available in the ORM. The option sets both the _engine.Connection.execution_options.stream_results option at the same time as invoking _engine.Result.yield_per(), to provide the most common streaming result configuration which also mirrors that of the

... (truncated)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pre-commit's releases.

pre-commit v2.20.0

Features

• Expose source and object-name (positional args) of prepare-commit-msg hook as PRE_COMMIT_COMIT_MSG_SOURCE and PRE_COMMIT_COMMIT_OBJECT_NAME.
  • #2407 PR by @​M-Whitaker.
  • #2406 issue by @​M-Whitaker.

Fixes

• Fix language: ruby installs when --user-install is set in gemrc.
  • #2394 PR by @​narpfel.
  • #2393 issue by @​narpfel.
• Adjust pty setup for solaris.
  • #2390 PR by @​gaige.
  • #2389 issue by @​gaige.
• Remove unused --config option from gc, sample-config, validate-config, validate-manifest sub-commands.
  • #2429 PR by @​asottile.

pre-commit v2.19.0

Features

• Allow multiple outputs from language: dotnet hooks.
  • #2332 PR by @​WallucePinkham.
• Add more information to healthy() failure.
  • #2348 PR by @​asottile.
• Upgrade ruby-build.
  • #2342 PR by @​jalessio.
• Add pre-commit validate-config / pre-commit validate-manifest and deprecate pre-commit-validate-config and pre-commit-validate-manifest.
  • #2362 PR by @​asottile.

Fixes

• Fix pre-push when pushed ref contains spaces.
  • #2345 PR by @​wwade.
  • #2344 issue by @​wwade.

Updating

• Change pre-commit-validate-config / pre-commit-validate-manifest to pre-commit validate-config / pre-commit validate-manifest.
  • #2362 PR by @​asottile.

pre-commit v2.18.1

Fixes

• Fix regression for repo: local hooks running python<3.7
  • #2324 PR by @​asottile.

pre-commit v2.18.0

Features

• Keep GIT_HTTP_PROXY_AUTHMETHOD in git environ.
  • #2272 PR by @​VincentBerthier.
  • #2271 issue by @​VincentBerthier.
• Support both cs and coursier executables for coursier hooks.
  • #2293 PR by @​Holzhaus.
• Include more information in errors for language_version / additional_dependencies for languages which do not support them.
  • #2315 PR by @​asottile.

... (truncated)

Sourced from pre-commit's changelog.

2.20.0 - 2022-07-10

Features

• Expose source and object-name (positional args) of prepare-commit-msg hook as PRE_COMMIT_COMIT_MSG_SOURCE and PRE_COMMIT_COMMIT_OBJECT_NAME.
  • #2407 PR by @​M-Whitaker.
  • #2406 issue by @​M-Whitaker.

Fixes

• Fix language: ruby installs when --user-install is set in gemrc.
  • #2394 PR by @​narpfel.
  • #2393 issue by @​narpfel.
• Adjust pty setup for solaris.
  • #2390 PR by @​gaige.
  • #2389 issue by @​gaige.
• Remove unused --config option from gc, sample-config, validate-config, validate-manifest sub-commands.
  • #2429 PR by @​asottile.

2.19.0 - 2022-05-05

Features

• Allow multiple outputs from language: dotnet hooks.
  • #2332 PR by @​WallucePinkham.
• Add more information to healthy() failure.
  • #2348 PR by @​asottile.
• Upgrade ruby-build.
  • #2342 PR by @​jalessio.
• Add pre-commit validate-config / pre-commit validate-manifest and deprecate pre-commit-validate-config and pre-commit-validate-manifest.
  • #2362 PR by @​asottile.

Fixes

• Fix pre-push when pushed ref contains spaces.
  • #2345 PR by @​wwade.
  • #2344 issue by @​wwade.

Updating

• Change pre-commit-validate-config / pre-commit-validate-manifest to pre-commit validate-config / pre-commit validate-manifest.
  • #2362 PR by @​asottile.

2.18.1 - 2022-04-02

Fixes

• Fix regression for repo: local hooks running python<3.7
  • #2324 PR by @​asottile.

... (truncated)

• 78a2d86 v2.20.0
• e3dc5b7 Merge pull request #2454 from pre-commit/asottile-patch-1
• ebce88c remove warnings checks
• d6cc8a1 Merge pull request #2453 from hroncok/python3.11
• 901e831 Tests: Adjust traceback regexes to allow Python 3.11+ ^^^^^^^
• 98bb7e6 Merge pull request #2440 from pre-commit/pre-commit-ci-update-config
• 706d1e9 Merge pull request #2439 from pre-commit/all-repos_autofix_type-checking
• 3ebd101 [pre-commit.ci] pre-commit autoupdate
• d8b5930 remove imports from TYPE_CHECKING (py37+)
• 170335c Merge pull request #2429 from pre-commit/remove-config-option-when-unused
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from sqlalchemy's releases.

1.4.45

Released: December 10, 2022

orm

• [orm] [bug] Fixed bug where _orm.Session.merge() would fail to preserve the current loaded contents of relationship attributes that were indicated with the _orm.relationship.viewonly parameter, thus defeating strategies that use _orm.Session.merge() to pull fully loaded objects from caches and other similar techniques. In a related change, fixed issue where an object that contains a loaded relationship that was nonetheless configured as lazy='raise' on the mapping would fail when passed to _orm.Session.merge(); checks for "raise" are now suspended within the merge process assuming the _orm.Session.merge.load parameter remains at its default of True.

  Overall, this is a behavioral adjustment to a change introduced in the 1.4 series as of #4994, which took "merge" out of the set of cascades applied by default to "viewonly" relationships. As "viewonly" relationships aren't persisted under any circumstances, allowing their contents to transfer during "merge" does not impact the persistence behavior of the target object. This allows _orm.Session.merge() to correctly suit one of its use cases, that of adding objects to a Session that were loaded elsewhere, often for the purposes of restoring from a cache.

  References: #8862

• [orm] [bug] Fixed issues in _orm.with_expression() where expressions that were composed of columns that were referenced from the enclosing SELECT would not render correct SQL in some contexts, in the case where the expression had a label name that matched the attribute which used _orm.query_expression(), even when _orm.query_expression() had no default expression. For the moment, if the _orm.query_expression() does have a default expression, that label name is still used for that default, and an additional label with the same name will continue to be ignored. Overall, this case is pretty thorny so further adjustments might be warranted.

  References: #8881

engine

• [engine] [bug] Fixed issue where _engine.Result.freeze() method would not work for textual SQL using either _sql.text() or _engine.Connection.exec_driver_sql().

  References: #8963

... (truncated)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from black's releases.

22.12.0

Preview style

• Enforce empty lines before classes and functions with sticky leading comments (#3302)
• Reformat empty and whitespace-only files as either an empty file (if no newline is present) or as a single newline character (if a newline is present) (#3348)
• Implicitly concatenated strings used as function args are now wrapped inside parentheses (#3307)
• Correctly handle trailing commas that are inside a line's leading non-nested parens (#3370)

Configuration

• Fix incorrectly applied .gitignore rules by considering the .gitignore location and the relative path to the target file (#3338)
• Fix incorrectly ignoring .gitignore presence when more than one source directory is specified (#3336)

Parser

• Parsing support has been added for walruses inside generator expression that are passed as function args (for example, any(match := my_re.match(text) for text in texts)) (#3327).

Integrations

• Vim plugin: Optionally allow using the system installation of Black via let g:black_use_virtualenv = 0(#3309)

22.10.0

Highlights

• Runtime support for Python 3.6 has been removed. Formatting 3.6 code will still be supported until further notice.

Stable style

• Fix a crash when # fmt: on is used on a different block level than # fmt: off (#3281)

Preview style

... (truncated)

Sourced from black's changelog.

22.12.0

Preview style

• Enforce empty lines before classes and functions with sticky leading comments (#3302)
• Reformat empty and whitespace-only files as either an empty file (if no newline is present) or as a single newline character (if a newline is present) (#3348)
• Implicitly concatenated strings used as function args are now wrapped inside parentheses (#3307)
• For assignment statements, prefer splitting the right hand side if the left hand side fits on a single line (#3368)
• Correctly handle trailing commas that are inside a line's leading non-nested parens (#3370)

Configuration

• Fix incorrectly applied .gitignore rules by considering the .gitignore location and the relative path to the target file (#3338)
• Fix incorrectly ignoring .gitignore presence when more than one source directory is specified (#3336)

Parser

• Parsing support has been added for walruses inside generator expression that are passed as function args (for example, any(match := my_re.match(text) for text in texts)) (#3327).

Integrations

• Vim plugin: Optionally allow using the system installation of Black via let g:black_use_virtualenv = 0(#3309)

22.10.0

Highlights

• Runtime support for Python 3.6 has been removed. Formatting 3.6 code will still be supported until further notice.

Stable style

• Fix a crash when # fmt: on is used on a different block level than # fmt: off

... (truncated)

• 2ddea29 Prepare release 22.12.0 (#3413)
• 5b1443a release: skip bad macos wheels for now (#3411)
• 9ace064 Bump peter-evans/find-comment from 2.0.1 to 2.1.0 (#3404)
• 19c5fe4 Fix CI with latest flake8-bugbear (#3412)
• d4a8564 Bump sphinx-copybutton from 0.5.0 to 0.5.1 in /docs (#3390)
• 2793249 Wordsmith current_style.md (#3383)
• d97b789 Remove whitespaces of whitespace-only files (#3348)
• c23a5c1 Clarify that Black runs with --safe by default (#3378)
• 8091b25 Correctly handle trailing commas that are inside a line's leading non-nested ...
• ffaaf48 Compare each .gitignore found with an appropiate relative path (#3338)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pre-commit's releases.

pre-commit v2.21.0

Features

• Require new-enough virtualenv to prevent 3.10 breakage
  • #2467 PR by @​asottile.
• Respect aliases with SKIP for environment install.
  • #2480 PR by @​kmARC.
  • #2478 issue by @​kmARC.
• Allow pre-commit run --files against unmerged paths.
  • #2484 PR by @​asottile.
• Also apply regex warnings to repo: local hooks.
  • #2524 PR by @​chrisRedwine.
  • #2521 issue by @​asottile.
• rust is now a "first class" language -- supporting language_version and installation when not present.
  • #2534 PR by @​Holzhaus.
• r now uses more-reliable binary installation.
  • #2460 PR by @​lorenzwalthert.
• GIT_ALLOW_PROTOCOL is now passed through for git operations.
  • #2555 PR by @​asottile.
• GIT_ASKPASS is now passed through for git operations.
  • #2564 PR by @​mattp-.
• Remove toml dependency by using cargo add directly.
  • #2568 PR by @​m-rsha.
• Support dotnet hooks which have dotted prefixes.
  • #2641 PR by @​rkm.
  • #2629 issue by @​rkm.

Fixes

• Properly adjust --commit-msg-filename if run from a sub directory.
  • #2459 PR by @​asottile.
• Simplify --intent-to-add detection by using git diff.
  • #2580 PR by @​m-rsha.
• Fix R.exe selection on windows.
  • #2605 PR by @​lorenzwalthert.
  • #2599 issue by @​SInginc.
• Skip default nuget source when installing dotnet packages.
  • #2642 PR by @​rkm.

pre-commit v2.20.0

Features

• Expose source and object-name (positional args) of prepare-commit-msg hook as PRE_COMMIT_COMIT_MSG_SOURCE and PRE_COMMIT_COMMIT_OBJECT_NAME.
  • #2407 PR by @​M-Whitaker.
  • #2406 issue by @​M-Whitaker.

Fixes

• Fix language: ruby installs when --user-install is set in gemrc.
  • #2394 PR by @​narpfel.
  • #2393 issue by @​narpfel.
• Adjust pty setup for solaris.
  • #2390 PR by @​gaige.
  • #2389 issue by @​gaige.

... (truncated)

Sourced from pre-commit's changelog.

2.21.0 - 2022-12-25

Features

• Require new-enough virtualenv to prevent 3.10 breakage
  • #2467 PR by @​asottile.
• Respect aliases with SKIP for environment install.
  • #2480 PR by @​kmARC.
  • #2478 issue by @​kmARC.
• Allow pre-commit run --files against unmerged paths.
  • #2484 PR by @​asottile.
• Also apply regex warnings to repo: local hooks.
  • #2524 PR by @​chrisRedwine.
  • #2521 issue by @​asottile.
• rust is now a "first class" language -- supporting language_version and installation when not present.
  • #2534 PR by @​Holzhaus.
• r now uses more-reliable binary installation.
  • #2460 PR by @​lorenzwalthert.
• GIT_ALLOW_PROTOCOL is now passed through for git operations.
  • #2555 PR by @​asottile.
• GIT_ASKPASS is now passed through for git operations.
  • #2564 PR by @​mattp-.
• Remove toml dependency by using cargo add directly.
  • #2568 PR by @​m-rsha.
• Support dotnet hooks which have dotted prefixes.
  • #2641 PR by @​rkm.
  • #2629 issue by @​rkm.

Fixes

• Properly adjust --commit-msg-filename if run from a sub directory.
  • #2459 PR by @​asottile.
• Simplify --intent-to-add detection by using git diff.
  • #2580 PR by @​m-rsha.
• Fix R.exe selection on windows.
  • #2605 PR by @​lorenzwalthert.
  • #2599 issue by @​SInginc.
• Skip default nuget source when installing dotnet packages.
  • #2642 PR by @​rkm.

2.20.0 - 2022-07-10

Features

• Expose source and object-name (positional args) of prepare-commit-msg hook as PRE_COMMIT_COMIT_MSG_SOURCE and PRE_COMMIT_COMMIT_OBJECT_NAME.
  • #2407 PR by @​M-Whitaker.
  • #2406 issue by @​M-Whitaker.

Fixes

... (truncated)

• 40c5bda v2.21.0
• bb27ea3 Merge pull request #2642 from rkm/fix/dotnet-nuget-config
• c38e0c7 dotnet: ignore nuget source during tool install
• bce513f Merge pull request #2641 from rkm/fix/dotnet-tool-prefix
• e904628 fix dotnet hooks with prefixes
• d7b8b12 Merge pull request #2646 from pre-commit/pre-commit-ci-update-config
• 94b6178 [pre-commit.ci] pre-commit autoupdate
• b474a83 Merge pull request #2643 from pre-commit/pre-commit-ci-update-config
• a179808 [pre-commit.ci] pre-commit autoupdate
• 3aa6206 Merge pull request #2605 from lorenzwalthert/r/fix-exe
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• b7788fc Update version to remove "+dev" for releasing 0.991
• 6077d19 manually CP typeshed #9130
• ab0ea1e Fix crash with function redefinition (#14064)
• 592a9ce Fix another crash with report generation on namespace packages (#14063)
• 1650ae0 Update --no-warn-no-return docs for empty body changes (#14065)
• b9daa31 Don't ignore errors in files passed on the command line (#14060)
• 02fd8a5 Filter out wasm32 wheel in upload-pypi.py (#14035)
• 131c8d7 Fix crash on inference with recursive alias to recursive instance (#14038)
• 1368338 Change version to 0.991+dev in preparation for the point release
• b71dc3d Remove +dev from version
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)