Skip to content

Bump fastapi from 0.128.1 to 0.135.1#71

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/fastapi-0.135.1
Closed

Bump fastapi from 0.128.1 to 0.135.1#71
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/fastapi-0.135.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 2, 2026

Bumps fastapi from 0.128.1 to 0.135.1.

Release notes

Sourced from fastapi's releases.

0.135.1

Fixes

  • 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed in the request async exit stack. PR #15038 by @​tiangolo.

Docs

Internal

0.135.0

Features

0.134.0

Features

  • ✨ Add support for streaming JSON Lines and binary data with yield. PR #15022 by @​tiangolo.
    • This also upgrades Starlette from >=0.40.0 to >=0.46.0, as it's needed to properly unrwap and re-raise exceptions from exception groups.
    • New docs: Stream JSON Lines.
    • And new docs: Stream Data.

Docs

  • 📝 Update Library Agent Skill with streaming responses. PR #15024 by @​tiangolo.
  • 📝 Update docs for responses and new stream with yield. PR #15023 by @​tiangolo.
  • 📝 Add await in StreamingResponse code example to allow cancellation. PR #14681 by @​casperdcl.
  • 📝 Rename docs_src/websockets to docs_src/websockets_ to avoid import errors. PR #14979 by @​YuriiMotov.

Internal

0.133.1

Features

Internal

... (truncated)

Commits
  • ca5f60e 🔖 Release version 0.135.1
  • 87f75aa 📝 Update release notes
  • 8a9258b 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed...
  • 6038507 📝 Update release notes
  • c796ba4 👥 Update FastAPI People - Experts (#15037)
  • b24aa03 📝 Update release notes
  • 2c61047 ✏️ Fix typo in docs/en/docs/_llm-test.md (#15007)
  • e3bbeef 📝 Update release notes
  • d726c8c 📝 Update release notes
  • cf514e6 👥 Update FastAPI People - Contributors and Translators (#15029)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump fastapi from 0.128.1 to 0.135.1
8e7c439 
Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.128.1 to 0.135.1.
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.128.1...0.135.1)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.135.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Mar 2, 2026
@dependabot dependabot bot mentioned this pull request Mar 2, 2026
Closed
@mandeepbal
Copy link
Copy Markdown
Contributor

mandeepbal commented Mar 30, 2026

Risk Assessment — claude-code

Risk Level: 🟡 MEDIUM — Merge with awareness

What changed (0.128.1 → 0.135.1, 7 minor versions):

  • New: Native SSE support (v0.135.0)
  • New: Streaming JSON Lines + binary streaming with yield (v0.134.0)
  • Fix: TaskGroup async context manager — yield inside a TaskGroup was incorrectly used as a generator; now only usable as an async CM (v0.135.1)
  • Transitive: Starlette minimum raised from >=0.40.0>=0.46.0

Primary concern: Starlette transitive bump. The Starlette upgrade is required for proper exception group unwrapping in streaming endpoints. If any exception handling in this repo catches generic exceptions from async generators or streaming handlers, behavior may change subtly.

Test suite confidence: Low-moderate. The full FastAPI app stack (middleware, routes, MCP protocol) is exercised end-to-end, and those tests pass. However, the test suite is only 2 happy-path tests with no error-path or middleware unit tests. The TaskGroup fix could surface previously-silent async bugs — worth watching logs on first deploy.

Verdict: Safe to merge given passing CI. Monitor logs post-deploy for any async exception group surprises.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Mar 30, 2026

Superseded by #74.

@dependabot dependabot bot closed this Mar 30, 2026
@dependabot dependabot bot deleted the dependabot/pip/fastapi-0.135.1 branch March 30, 2026 04:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mandeepbal