Bump fastapi from 0.117.1 to 0.118.0

[dependabot]

Bumps fastapi from 0.117.1 to 0.118.0.

Release notes

Sourced from fastapi's releases.

0.118.0

Fixes

• 🐛 Fix support for StreamingResponses with dependencies with yield or UploadFiles, close after the response is done. PR #14099 by @​tiangolo.

Before FastAPI 0.118.0, if you used a dependency with yield, it would run the exit code after the path operation function returned but right before sending the response.

This change also meant that if you returned a StreamingResponse, the exit code of the dependency with yield would have been already run.

For example, if you had a database session in a dependency with yield, the StreamingResponse would not be able to use that session while streaming data because the session would have already been closed in the exit code after yield.

This behavior was reverted in 0.118.0, to make the exit code after yield be executed after the response is sent.

You can read more about it in the docs for Advanced Dependencies - Dependencies with yield, HTTPException, except and Background Tasks. Including what you could do if you wanted to close a database session earlier, before returning the response to the client.

Docs

• 📝 Update tutorial/security/oauth2-jwt/ to use pwdlib with Argon2 instead of passlib. PR #13917 by @​Neizvestnyj.
• ✏️ Fix typos in OAuth2 password request forms. PR #14112 by @​alv2017.
• 📝 Update contributing guidelines for installing requirements. PR #14095 by @​alejsdev.

Translations

• 🌐 Sync German docs. PR #14098 by @​nilslindemann.

Internal

• ⬆ [pre-commit.ci] pre-commit autoupdate. PR #14103 by @​pre-commit-ci[bot].
• ♻️ Refactor sponsor image handling. PR #14102 by @​alejsdev.
• 🐛 Fix sponsor display issue by hiding element on image error. PR #14097 by @​alejsdev.
• 🐛 Hide sponsor badge when sponsor image is not displayed. PR #14096 by @​alejsdev.

Commits

• 333f1ba 🔖 Release version 0.118.0
• 1d5168a 📝 Update release notes
• bfa54b4 📝 Update release notes
• e329d78 🐛 Fix support for StreamingResponses with dependencies with yield or `Upl...
• 861b22c 📝 Update release notes
• efdafa4 📝 Update tutorial/security/oauth2-jwt/ to use pwdlib with Argon2 instead ...
• 450a334 📝 Update release notes
• 3eb2ee7 ✏️ Fix typos in OAuth2 password request forms (#14112)
• 287eb31 📝 Update release notes
• cca3341 🌐 Sync German docs (#14098)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

📊 Performance Benchmark Report

Comparing dev (baseline) vs dependabot/pip/dev/fastapi-0.118.0 (current)

📈 Detailed Results (All Benchmarks)

📋 Complete results for all benchmarks - includes both significant and insignificant changes

🧪 Test Name	📏 Base	📏 Current	📈 Change	🎯 Status
Bloom Filter Dns Mutation Tracking Performance	4.17ms	4.30ms	+3.1% ⚪	✅
Bloom Filter Large Scale Dns Brute Force	18.38ms	18.31ms	-0.4% ⚪	✅
Large Closest Match Lookup	360.27ms	358.96ms	-0.4% ⚪	✅
Realistic Closest Match Workload	193.59ms	191.34ms	-1.2% ⚪	✅
Event Validation Full Scan Startup Small Batch	452.30ms	470.57ms	+4.0% ⚪	✅
Event Validation Full Scan Startup Large Batch	802.70ms	811.94ms	+1.2% ⚪	✅
Make Event Autodetection Small	31.21ms	31.18ms	-0.1% ⚪	✅
Make Event Autodetection Large	319.60ms	319.64ms	+0.0% ⚪	✅
Make Event Explicit Types	13.93ms	14.10ms	+1.2% ⚪	✅
Excavate Single Thread Small	4.072s	4.029s	-1.1% ⚪	✅
Excavate Single Thread Large	9.502s	9.556s	+0.6% ⚪	✅
Excavate Parallel Tasks Small	4.259s	4.238s	-0.5% ⚪	✅
Excavate Parallel Tasks Large	7.301s	7.290s	-0.1% ⚪	✅
Is Ip Performance	3.20ms	3.15ms	-1.6% ⚪	✅
Make Ip Type Performance	11.42ms	11.32ms	-0.9% ⚪	✅
Mixed Ip Operations	4.46ms	4.48ms	+0.4% ⚪	✅
Typical Queue Shuffle	64.29µs	61.52µs	-4.3% ⚪	✅
Priority Queue Shuffle	720.17µs	697.86µs	-3.1% ⚪	✅

🎯 Performance Summary

✅ No significant performance changes detected (all changes <10%)

---

🐍 Python Version 3.11.13