Skip to content

chore(deps-dev): bump schemathesis from 4.16.1 to 4.21.1 in /clients/python#2802

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/clients/python/schemathesis-4.21.1
Closed

chore(deps-dev): bump schemathesis from 4.16.1 to 4.21.1 in /clients/python#2802
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/clients/python/schemathesis-4.21.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 8, 2026

Copy link
Copy Markdown
Contributor

Bumps schemathesis from 4.16.1 to 4.21.1.

Release notes

Sourced from schemathesis's releases.

Release 4.21.1

🐛 Fixed

  • Missing boundary negative in the coverage phase for boolean exclusiveMinimum / exclusiveMaximum.
  • UnicodeEncodeError when failure or error output contains lone Unicode surrogate characters. #4229

Release 4.21.0

🚀 Added

  • Chain GraphQL operations on non-id identifiers (fullPath, slug, ...) in stateful and fuzzing phases.

🏎️ Performance

  • Much lower peak memory and faster validation for schemas with very large maxLength / maxItems.
  • Cache failed validator builds to avoid recompiling invalid patterns from large maxLength / maxItems values.
  • Update hypothesis-graphql to 0.13.0 that brings up to 180x performance improvements for deeply nested GraphQL schemas.
  • Update harfile to 0.5.0 for slightly better performance.
  • Lower memory usage in long stateful runs.
  • Faster, lower-memory stateful state machine construction for large schemas.

🐛 Fixed

  • Excessive re-runs in stateful testing against APIs with mutable state.
  • Stateful testing restarting on a single transient transport failure (e.g. dropped connection).
  • Semantic value substitution overwriting const / enum fields with invalid data.

🔧 Changed

  • Mine additionalProperties: false from Pydantic extra_forbidden errors and the exception_detail validation envelope.

Release 4.20.3

🏎️ Performance

  • Skip coverage generation for header and cookie parameters whose pattern requires a non-alphanumeric character.
  • Faster operation ordering and case traversal in stateful testing for schemas with many operations.

🐛 Fixed

  • Fuzzing phase marked as failed without any reported failure. #4209
  • Generate maximum-length boundary cases for unanchored multi-part patterns with maxLength.
  • Display the actual response time in milliseconds in max_response_time failures.

Release 4.20.2

🔧 Changed

  • Re-raise original server exceptions in WSGI apps for distinct error deduplication. #1289

... (truncated)

Changelog

Sourced from schemathesis's changelog.

4.21.1 - 2026-06-06

🐛 Fixed

  • Missing boundary negative in the coverage phase for boolean exclusiveMinimum / exclusiveMaximum.
  • UnicodeEncodeError when failure or error output contains lone Unicode surrogate characters. #4229

4.21.0 - 2026-06-01

🚀 Added

  • Chain GraphQL operations on non-id identifiers (fullPath, slug, ...) in stateful and fuzzing phases.

🏎️ Performance

  • Much lower peak memory and faster validation for schemas with very large maxLength / maxItems.
  • Cache failed validator builds to avoid recompiling invalid patterns from large maxLength / maxItems values.
  • Update hypothesis-graphql to 0.13.0 that brings up to 180x performance improvements for deeply nested GraphQL schemas.
  • Update harfile to 0.5.0 for slightly better performance.
  • Lower memory usage in long stateful runs.
  • Faster, lower-memory stateful state machine construction for large schemas.

🐛 Fixed

  • Excessive re-runs in stateful testing against APIs with mutable state.
  • Stateful testing restarting on a single transient transport failure (e.g. dropped connection).
  • Semantic value substitution overwriting const / enum fields with invalid data.

🔧 Changed

  • Mine additionalProperties: false from Pydantic extra_forbidden errors and the exception_detail validation envelope.

4.20.3 - 2026-05-29

🏎️ Performance

  • Skip coverage generation for header and cookie parameters whose pattern requires a non-alphanumeric character.
  • Faster operation ordering and case traversal in stateful testing for schemas with many operations.

🐛 Fixed

  • Fuzzing phase marked as failed without any reported failure. #4209
  • Generate maximum-length boundary cases for unanchored multi-part patterns with maxLength.
  • Display the actual response time in milliseconds in max_response_time failures.

4.20.2 - 2026-05-28

🔧 Changed

  • Re-raise original server exceptions in WSGI apps for distinct error deduplication. #1289

... (truncated)

Commits
  • 9dec055 chore: Release 4.21.1
  • b22d897 docs: Add Huma trophy case
  • 861fe89 fix: UnicodeEncodeError when failure or error output contains lone Unicode ...
  • a10f383 build(deps): bump github/codeql-action from 4.36.0 to 4.36.2
  • e95f4a4 refactor: Flatten allOf structurally for dependency inference
  • b78e48d refactor: Flatten allOf structurally for dependency inference
  • e7f8ec0 fix: Missing boundary negative in the coverage phase for boolean `exclusiveMi...
  • f3e329d chore: Release 4.21.0
  • 17372a3 perf: Much lower peak memory and faster validation for schemas with very larg...
  • 3761741 perf: Cache failed validator builds to avoid recompiling invalid patterns fro...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps-dev): bump schemathesis in /clients/python
a15f2d5 
Bumps [schemathesis](https://github.com/schemathesis/schemathesis) from 4.16.1 to 4.21.1.
- [Release notes](https://github.com/schemathesis/schemathesis/releases)
- [Changelog](https://github.com/schemathesis/schemathesis/blob/master/CHANGELOG.md)
- [Commits](schemathesis/schemathesis@v4.16.1...v4.21.1)

---
updated-dependencies:
- dependency-name: schemathesis
  dependency-version: 4.21.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jun 8, 2026
@dependabot dependabot Bot mentioned this pull request Jun 8, 2026
Closed
@google-oss-prow

google-oss-prow Bot commented Jun 8, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign pboyd for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@google-oss-prow google-oss-prow Bot requested review from chambridge and fege June 8, 2026 12:44
@Al-Pragliola

Al-Pragliola commented Jun 8, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Running fuzz tests before approving https://github.com/kubeflow/hub/actions/runs/27142482150
/lgtm

@google-oss-prow google-oss-prow Bot added the lgtm label Jun 8, 2026
@Al-Pragliola

Al-Pragliola commented Jun 8, 2026

Copy link
Copy Markdown
Contributor

run failed, checking why

/hold

@dependabot @github

dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #2835.

@dependabot dependabot Bot closed this Jun 15, 2026
@dependabot dependabot Bot deleted the dependabot/pip/clients/python/schemathesis-4.21.1 branch June 15, 2026 12:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chambridge chambridge Awaiting requested review from chambridge

@fege fege Awaiting requested review from fege

Assignees

@Al-Pragliola Al-Pragliola

Labels

Area/MR Python client dependencies Pull requests that update a dependency file do-not-merge/hold lgtm python Pull requests that update Python code size/L

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Al-Pragliola