Skip to content

chore(deps): update limits requirement from >=2.3 to >=5.8.0#77

Merged
bk86a merged 1 commit into
mainfrom
dependabot/pip/limits-gte-5.8.0
May 7, 2026
Merged

chore(deps): update limits requirement from >=2.3 to >=5.8.0#77
bk86a merged 1 commit into
mainfrom
dependabot/pip/limits-gte-5.8.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 7, 2026
edited
Loading

Updates the requirements on limits to permit the latest version.

Release notes

Sourced from limits's releases.

5.8.0

Bug Fix

  • Allow explicit keyword arguments for storage options for username & password for storages that support it.
  • Allow explicitly specifying startup_nodes through keyword arguments for all redis cluster storages.
  • Support IPv6 addresses in cluster locators in storage uri
Changelog

Sourced from limits's changelog.

v5.8.0

Release Date: 2026-02-04

  • Bug Fix

    • Allow explicit keyword arguments for storage options for username & password for storages that support it.
    • Allow explicitly specifying startup_nodes through keyword arguments for all redis cluster storages.
    • Support IPv6 addresses in cluster locators in storage uri

v5.7.0

Release Date: 2026-02-03

  • Compatibility

    • Relax extras constraints for redis (<8)

v5.6.0

Release Date: 2025-09-29

  • Development

    • Move all project metadata to pyproject
    • Use uv for development
    • Use hatch for package build
    • Remove versioneer for versioning

v5.5.0

Release Date: 2025-08-05

  • Compatibility

    • Relax upper bound of packaging requirement
    • Increase upper bound of coredis requirement
    • Increase upper bound of redis requirement

v5.4.0

Release Date: 2025-06-16

  • Feature

    • Relax regular expression used in limits.parse and limits.parse_many to capture any granularity instead of just the hardcoded ones so that custom rate limits can

... (truncated)

Commits
  • cc5eafc Update changelog for 5.8.0
  • d309f43 Add concurrency controls to CI to cancel previous runs
  • 2b88260 Upgrade pytest
  • 917ecf1 Raise url parse error from underlying ValueError
  • a9a257a Update all documentation dependencies
  • 6fe4d83 Support ipv6 in storage schema uri
  • 183403a Centralize storage URI parsing and scheme registry
  • 6fd9909 Update changelog for 5.7.0
  • dd76b8c update tagging script
  • 227c7f0 Update release notes script
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): update limits requirement from >=2.3 to >=5.8.0
e8b4bea 
Updates the requirements on [limits](https://github.com/alisaifee/limits) to permit the latest version.
- [Release notes](https://github.com/alisaifee/limits/releases)
- [Changelog](https://github.com/alisaifee/limits/blob/master/HISTORY.rst)
- [Commits](alisaifee/limits@2.3.0...5.8.0)

---
updated-dependencies:
- dependency-name: limits
  dependency-version: 5.8.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 7, 2026
bk86a
bk86a approved these changes May 7, 2026
View reviewed changes
Copy link
Copy Markdown
Owner

@bk86a bk86a left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

limits 2.3 -> 5.8.0. Only used transitively via slowapi; CI all green.

@bk86a bk86a merged commit cdc6f0c into main May 7, 2026
9 checks passed
@bk86a bk86a deleted the dependabot/pip/limits-gte-5.8.0 branch May 7, 2026 06:33
bk86a added a commit that referenced this pull request May 7, 2026
@bk86a @claude
chore: cut v0.19.1
f53ee7a 
Bumps __version__ to 0.19.1 and folds the [Unreleased] CHANGELOG block
into a dated [0.19.1] release. Maintenance release covering the five
Dependabot bumps merged today (#77-#81): fastapi 0.136.1, pydantic
2.13.4, limits 5.8.0 (transitive via slowapi), pytest-asyncio 1.3.0,
and pytest 9.0.3. The pytest 9 bump required pytest-asyncio 1.x first
to avoid the 'Package object has no attribute obj' collection error.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bk86a bk86a bk86a approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bk86a