Sourced from redis's releases.

6.1.0

Changes

🚀 New Features

• Support for transactions in RedisCluster client (#3611)
• Add equality and hashability to Retry and backoff classes (#3628)

🐛 Bug Fixes

• Fix RedisCluster ssl_check_hostname not set to connections. For SSL verification with ssl_cert_reqs="none", check_hostname is set to False (#3637)
• Prevent RuntimeError while reinitializing clusters - sync and async (#3633)
• Add equality and hashability to Retry and backoff classes (#3628) - fixes integration with Django RQ
• Fix AttributeError on ClusterPipeline (#3634)

🧰 Maintenance

• Updating the readme and lib version to contain the changes from the latest stable release (#3644)
• Export REDIS_MAJOR_VERSION correctly in run-tests (#3642)
• Fix matrix in hiredis-py-integration.yaml (#3641)
• Test against unstable hiredis-py (#3617)
• Adding return types for the RedisModuleCommands class (#3632)
• Updating Redis 8 test image for GH pipeline (#3639)
• Allow newer PyJWT versions (#3636)
• Change type hints with possible None args or return types to be annotated with Optional - includes commands in core.py and json commands (#3610)

🙏 Special Thanks

A big thank you to our collaborators at Scopely for their valuable contributions to this release! Your support and improvements help move the project forward — we appreciate it!

Contributors

We'd like to thank all the contributors who worked on this release! @​robertosantamaria-scopely @​sentrivana @​terencehonles @​kesha1225 @​aberres @​uglide @​omerfeyzioglu @​petyaslavova @​vladvildanov @​andy-stark-redis

6.0.0

Changes

🚀 New Features

• New hash commands with expiration options support are added - HGETDEL, HGETEX, HSETEX (#3570)
• Adds option not to raise an exception when leaving context manager after lock expiration (#3531)
• Add force_master_ip support to async Sentinel client (#3524)

🧪 Experimental Features

• Adding VectorSet commands support. (#3584)

🔥 Breaking changes

• Changing the default value for ssl_check_hostname to True, to ensure security validations are not skipped by default (#3626) Important: When connecting to a Redis master via Sentinel, you may need to set ssl_check_hostname=False if the Sentinel service is not configured to return hostnames. Refer to [issue #3629](https://github.com/redis/redis-py/releases/edit/v6.0.0#3629) for more details.
• Updated default value of 'require_full_coverage' argument to true for sync Cluster client to match sync/async cluster APIs (#3434)
• Adding default retry configuration changes for cluster clients (#3622) Important: When instantiating a cluster client retry object becomes mandatory.
  • If retry object is not provided a default one is created with ExponentialWithJitterBackoff strategy and number of retries synced with 'cluster_error_retry_attempts'
  • In case a retry object is provided, its number of retries will be used for cluster operations number of retries and 'cluster_error_retry_attempts' will be ignored

... (truncated)

• 3331a42 Adding comment for the lib version in init.py (to force ci pipeline execu...
• def589d Fix Readme formatting for Installation section
• 0d28291 Updating the readme and lib version to contain the changes from the latest st...
• e9f22dd Fix RedisCluster ssl_check_hostname not set to connections. For SSL verifica...
• 91be4a0 Multi exec on cluster (#3611)
• 02b2ab6 Export REDIS_MAJOR_VERSION correctly in run-tests (#3642)
• 92e2ff7 Fix matrix in hiredis-py-integration.yaml (#3641)
• 7130e1a Test against unstable hiredis-py (#3617)
• 4fd1100 Adding return types for the RedisModuleCommands class (#3632)
• e13c42b Prevent RuntimeError while reinitializing clusters - sync and async (#3633)
• Additional commits viewable in compare view

Sourced from flask-cors's releases.

6.0.0

Breaking

Path specificity ordering has changed to improve specificity. This may break users who expected the previous incorrect ordering.

• [CVE-2024-6839] Sort Paths by Regex Specificity by @​adrianosela in corydolphin/flask-cors#391
• [CVE-2024-6844] Replace use of (urllib) unquote_plus with unquote by @​adrianosela in corydolphin/flask-cors#389

What's Changed

• [CVE-2024-6866] Case Sensitive Request Path Matching by @​adrianosela in corydolphin/flask-cors#390

Full Changelog: https://github.com/corydolphin/flask-cors/compare/5.0.1...6.0.0

• 35d8753 [CVE-2024-6844] Replace use of (urllib) unquote_plus with unquote for paths (...
• e970988 [CVE-2024-6839] Sort Paths by Regex Specificity (#391)
• eb39516 [CVE-2024-6866] Case Sensitive Request Path Matching (#390)
• See full diff in compare view

Sourced from sqlalchemy's releases.

2.0.41

Released: May 14, 2025

platform

• [platform] [bug] Adjusted the test suite as well as the ORM's method of scanning classes for annotations to work under current beta releases of Python 3.14 (currently 3.14.0b1) as part of an ongoing effort to support the production release of this Python release. Further changes to Python's means of working with annotations is expected in subsequent beta releases for which SQLAlchemy's test suite will need further adjustments.

  References: #12405

engine

• [engine] [bug] The error message that is emitted when a URL cannot be parsed no longer includes the URL itself within the error message.

  References: #12579

typing

• [typing] [bug] Removed __getattr__() rule from sqlalchemy/__init__.py that appeared to be trying to correct for a previous typographical error in the imports. This rule interferes with type checking and is removed.

  References: #12588

postgresql

• [postgresql] [usecase] Added support for postgresql_include keyword argument to _schema.UniqueConstraint and _schema.PrimaryKeyConstraint. Pull request courtesy Denis Laxalde.

  References: #10665

mysql

• [mysql] [bug] Fixed regression caused by the DEFAULT rendering changes in version 2.0.40 via #12425 where using lowercase on update in a MySQL server default would incorrectly apply parenthesis, leading to errors when MySQL interpreted the rendered DDL. Pull request courtesy Alexander Ruehe.

... (truncated)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions