Build(deps): bump strawberry-graphql[fastapi] from 0.254.0 to 0.257.0

Bumps strawberry-graphql[fastapi] from 0.254.0 to 0.257.0.

Release notes

Sourced from strawberry-graphql[fastapi]'s releases.

🍓 0.257.0

The common node: Node used to resolve relay nodes means we will be relying on is_type_of to check if the returned object is in fact a subclass of the Node interface.

However, integrations such as Django, SQLAlchemy and Pydantic will not return the type itself, but instead an alike object that is later resolved to the expected type.

In case there are more than one possible type defined for that model that is being returned, the first one that replies True to is_type_of check would be used in the resolution, meaning that when asking for "PublicUser:123", strawberry could end up returning "User:123", which can lead to security issues (such as data leakage).

In here we are introducing a new strawberry.cast, which will be used to mark an object with the already known type by us, and when asking for is_type_of that mark will be used to check instead, ensuring we will return the correct type.

That cast is already in place for the relay node resolution and pydantic.

Releases contributed by @​bellini666 via #3749

🍓 0.256.1

This release updates Strawberry internally to no longer pass keywords arguments to pathlib.PurePath. Support for supplying keyword arguments to pathlib.PurePath is deprecated and scheduled for removal in Python 3.14

Releases contributed by @​DoctorJohn via #3738

🍓 0.256.0

This release drops support for Python 3.8, which reached its end-of-life (EOL) in October 2024. The minimum supported Python version is now 3.9.

We strongly recommend upgrading to Python 3.9 or a newer version, as older versions are no longer maintained and may contain security vulnerabilities.

Releases contributed by @​bellini666 via #3730

🍓 0.255.0

This release adds support for making Relay connection optional, this is useful when you want to add permission classes to the connection and not fail the whole query if the user doesn't have permission to access the connection.

Example:

import strawberry
from strawberry import relay
from strawberry.permission import BasePermission
</tr></table> 

... (truncated)

Changelog

Sourced from strawberry-graphql[fastapi]'s changelog.

0.257.0 - 2025-01-09

The common node: Node used to resolve relay nodes means we will be relying on is_type_of to check if the returned object is in fact a subclass of the Node interface.

However, integrations such as Django, SQLAlchemy and Pydantic will not return the type itself, but instead an alike object that is later resolved to the expected type.

In case there are more than one possible type defined for that model that is being returned, the first one that replies True to is_type_of check would be used in the resolution, meaning that when asking for "PublicUser:123", strawberry could end up returning "User:123", which can lead to security issues (such as data leakage).

In here we are introducing a new strawberry.cast, which will be used to mark an object with the already known type by us, and when asking for is_type_of that mark will be used to check instead, ensuring we will return the correct type.

That cast is already in place for the relay node resolution and pydantic.

Contributed by Thiago Bellini Ribeiro via [PR #3749](strawberry-graphql/strawberry#3749)

0.256.1 - 2024-12-23

This release updates Strawberry internally to no longer pass keywords arguments to pathlib.PurePath. Support for supplying keyword arguments to pathlib.PurePath is deprecated and scheduled for removal in Python 3.14

Contributed by Jonathan Ehwald via [PR #3738](strawberry-graphql/strawberry#3738)

0.256.0 - 2024-12-21

This release drops support for Python 3.8, which reached its end-of-life (EOL) in October 2024. The minimum supported Python version is now 3.9.

We strongly recommend upgrading to Python 3.9 or a newer version, as older versions are no longer maintained and may contain security vulnerabilities.

Contributed by Thiago Bellini Ribeiro via [PR #3730](strawberry-graphql/strawberry#3730)

0.255.0 - 2024-12-20

... (truncated)

Commits

• 1e0e1ef Release 🍓 0.257.0
• 526eb82 fix: Prevent a possible security issue when resolving a relay node with multi...
• fc854f1 [pre-commit.ci] pre-commit autoupdate (#3748)
• bf386fa Typo fix (#3747)
• 6bc7332 chore(ruff): Enable and fix all ruff rules that we can (#3742)
• 15044cd Type internal test clients stricter (#3745)
• e78f8c6 Remove unused chalice test code (#3739)
• 85789d5 Clean up python 3.8 leftovers (#3740)
• bd29cff [pre-commit.ci] pre-commit autoupdate (#3675)
• ddfc084 Fix warnings directly caused by test code (#3737)
• Additional commits viewable in compare view