Bump fastapi from 0.121.3 to 0.123.0

[dependabot]

Bumps fastapi from 0.121.3 to 0.123.0.

Release notes

Sourced from fastapi's releases.

0.123.0

Fixes

• 🐛 Cache dependencies that don't use scopes and don't have sub-dependencies with scopes. PR #14419 by @​tiangolo.

0.122.1

Fixes

• 🐛 Fix hierarchical security scope propagation. PR #5624 by @​kristjanvalur.

Docs

• 💅 Update CSS to explicitly use emoji font. PR #14415 by @​tiangolo.

Internal

• ⬆ Bump markdown-include-variants from 0.0.5 to 0.0.6. PR #14418 by @​YuriiMotov.

0.122.0

Fixes

• 🐛 Use 401 status code in security classes when credentials are missing. PR #13786 by @​YuriiMotov.
  • If your code depended on these classes raising the old (less correct) 403 status code, check the new docs about how to override the classes, to use the same old behavior: Use Old 403 Authentication Error Status Codes.

Internal

• 🔧 Configure labeler to exclude files that start from underscore for lang-all label. PR #14213 by @​YuriiMotov.
• 👷 Add pre-commit config with local script for permalinks. PR #14398 by @​tiangolo.
• 💄 Use font Fira Code to fix display of Rich panels in docs in Windows. PR #14387 by @​tiangolo.
• 👷 Add custom pre-commit CI. PR #14397 by @​tiangolo.
• ⬆ Bump actions/checkout from 5 to 6. PR #14381 by @​dependabot[bot].
• 👷 Upgrade latest-changes GitHub Action and pin actions/checkout@v5. PR #14403 by @​svlandeg.
• 🛠️ Add add-permalinks and add-permalinks-page to scripts/docs.py. PR #14033 by @​YuriiMotov.
• 🔧 Upgrade Material for MkDocs and remove insiders. PR #14375 by @​tiangolo.

Commits

• f2bab95 🔖 Release version 0.123.0
• c38e3e0 📝 Update release notes
• 7fbd304 🐛 Cache dependencies that don't use scopes and don't have sub-dependencies wi...
• 63d7a2b 🔖 Release version 0.122.1
• 7681f29 📝 Update release notes
• 378ad68 🐛 Fix hierarchical security scope propagation (#5624)
• c6487ed 📝 Update release notes
• 62a6974 ⬆ Bump markdown-include-variants from 0.0.5 to 0.0.6 (#14418)
• 9982882 📝 Update release notes
• 8ab7167 💅 Update CSS to explicitly use emoji font (#14415)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[overcut-ai]

Completed Working on "Code Review"

✅ Review submitted: COMMENT. Total comments: 0 across 0 files.

---

👉 View complete log

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
pip/anyio	4.12.0	🟢 5.7	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 13/21 approved changesets -- score normalized to 6 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/fastapi	0.124.0	Unknown	Unknown
pip/pydantic	2.12.5	🟢 6.5	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Branch-Protection ⚠️ 1 branch protection is not maximal on development and all release branches Packaging 🟢 10 packaging workflow detected Fuzzing 🟢 10 project is fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 6 4 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• Pipfile.lock

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[overcut-ai]

Automated review: No issues found with the FastAPI dependency upgrade to 0.123.0. Ready to merge.

[overcut-ai]

Automated review: dependency bump validated for FastAPI 0.123.0; no compatibility issues detected.