Skip to content

Update dependency fastapi to v0.110.0 - autoclosed

renovate-bot requested to merge renovate/fastapi-0.x into master

This MR contains the following updates:

Package Type Update Change
fastapi dependencies minor 0.104.1 -> 0.110.0

Release Notes

tiangolo/fastapi (fastapi)

v0.110.0

Compare Source

Breaking Changes
  • 🐛 Fix unhandled growing memory for internal server errors, refactor dependencies with yield and except to require raising again as in regular Python. MR #​11191 by @​tiangolo.
    • This is a breaking change (and only slightly) if you used dependencies with yield, used except in those dependencies, and didn't raise again.
    • This was reported internally by @​rushilsrivastava as a memory leak when the server had unhandled exceptions that would produce internal server errors, the memory allocated before that point would not be released.
    • Read the new docs: Dependencies with yield and except.

In short, if you had dependencies that looked like:

def my_dep():
    try:
        yield
    except SomeException:
        pass

Now you need to make sure you raise again after except, just as you would in regular Python:

def my_dep():
    try:
        yield
    except SomeException:
        raise
Docs
Translations

v0.109.2

Compare Source

Upgrades
Translations
Internal

v0.109.1

Compare Source

Security fixes
  • ️ Upgrade minimum version of python-multipart to >=0.0.7 to fix a vulnerability when using form data with a ReDos attack. You can also simply upgrade python-multipart.

Read more in the advisory: Content-Type Header ReDoS.

Features
Refactors
  • Refactor tests for duplicate operation ID generation for compatibility with other tools running the FastAPI test suite. MR #​10876 by @​emmettbutler.
  • ️ Simplify string format with f-strings in fastapi/utils.py. MR #​10576 by @​eukub.
  • 🔧 Fix Ruff configuration unintentionally enabling and re-disabling mccabe complexity check. MR #​10893 by @​jiridanek.
  • Re-enable test in tests/test_tutorial/test_header_params/test_tutorial003.py after fix in Starlette. MR #​10904 by @​ooknimm.
Docs
Translations
Internal

v0.109.0

Compare Source

Features
Upgrades
  • ️ Upgrade Starlette to >=0.29.0,<0.33.0, update docs and usage of templates with new Starlette arguments. Remove pin of AnyIO >=3.7.1,<4.0.0, add support for AnyIO 4.x.x. MR #​10846 by @​tiangolo.
Docs
Translations
Internal

v0.108.0

Compare Source

Upgrades
  • ️ Upgrade Starlette to >=0.29.0,<0.33.0, update docs and usage of templates with new Starlette arguments. MR #​10846 by @​tiangolo.

v0.107.0

Compare Source

Upgrades
Docs

v0.106.0

Compare Source

Breaking Changes

Using resources from dependencies with yield in background tasks is no longer supported.

This change is what supports the new features, read below. 🤓

Dependencies with yield, HTTPException and Background Tasks

Dependencies with yield now can raise HTTPException and other exceptions after yield. 🎉

Read the new docs here: Dependencies with yield and HTTPException.

from fastapi import Depends, FastAPI, HTTPException
from typing_extensions import Annotated

app = FastAPI()

data = {
    "plumbus": {"description": "Freshly pickled plumbus", "owner": "Morty"},
    "portal-gun": {"description": "Gun to create portals", "owner": "Rick"},
}

class OwnerError(Exception):
    pass

def get_username():
    try:
        yield "Rick"
    except OwnerError as e:
        raise HTTPException(status_code=400, detail=f"Onwer error: {e}")

@&#8203;app.get("/items/{item_id}")
def get_item(item_id: str, username: Annotated[str, Depends(get_username)]):
    if item_id not in data:
        raise HTTPException(status_code=404, detail="Item not found")
    item = data[item_id]
    if item["owner"] != username:
        raise OwnerError(username)
    return item

Before FastAPI 0.106.0, raising exceptions after yield was not possible, the exit code in dependencies with yield was executed after the response was sent, so Exception Handlers would have already run.

This was designed this way mainly to allow using the same objects "yielded" by dependencies inside of background tasks, because the exit code would be executed after the background tasks were finished.

Nevertheless, as this would mean waiting for the response to travel through the network while unnecessarily holding a resource in a dependency with yield (for example a database connection), this was changed in FastAPI 0.106.0.

Additionally, a background task is normally an independent set of logic that should be handled separately, with its own resources (e.g. its own database connection).

If you used to rely on this behavior, now you should create the resources for background tasks inside the background task itself, and use internally only data that doesn't depend on the resources of dependencies with yield.

For example, instead of using the same database session, you would create a new database session inside of the background task, and you would obtain the objects from the database using this new session. And then instead of passing the object from the database as a parameter to the background task function, you would pass the ID of that object and then obtain the object again inside the background task function.

The sequence of execution before FastAPI 0.106.0 was like the diagram in the Release Notes for FastAPI 0.106.0.

The new execution flow can be found in the docs: Execution of dependencies with yield.

v0.105.0

Compare Source

Features
  • Add support for multiple Annotated annotations, e.g. Annotated[str, Field(), Query()]. MR #​10773 by @​tiangolo.
Refactors
Docs
Internal

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.


  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Edited by renovate-bot

Merge request reports

Loading