Skip to content

Build(deps): Bump sqlalchemy from 2.0.36 to 2.0.48#21

Open
dependabot[bot] wants to merge 370 commits into
mainfrom
dependabot/pip/sqlalchemy-2.0.48
Open

Build(deps): Bump sqlalchemy from 2.0.36 to 2.0.48#21
dependabot[bot] wants to merge 370 commits into
mainfrom
dependabot/pip/sqlalchemy-2.0.48

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 23, 2026

Copy link
Copy Markdown
Contributor

Bumps sqlalchemy from 2.0.36 to 2.0.48.

Release notes

Sourced from sqlalchemy's releases.

2.0.48

Released: March 2, 2026

engine

  • [engine] [bug] Fixed a critical issue in Engine where connections created in conjunction with the DialectEvents.do_connect() event listeners would receive shared, mutable collections for the connection arguments, leading to a variety of potential issues including unlimited growth of the argument list as well as elements within the parameter dictionary being shared among concurrent connection calls. In particular this could impact do_connect routines making use of complex mutable authentication structures.

    References: #13144

2.0.47

Released: February 24, 2026

orm

  • [orm] [bug] Fixed issue when using ORM mappings with Python 3.14's PEP 649 feature that no longer requires "future annotations", where the ORM's introspection of the __init__ method of mapped classes would fail if non-present identifiers in annotations were present. The vendored getfullargspec() method has been amended to use Format.FORWARDREF under Python 3.14 to prevent resolution of names that aren't present.

    References: #13104

engine

  • [engine] [usecase] The connection object returned by _engine.Engine.raw_connection() now supports the context manager protocol, automatically returning the connection to the pool when exiting the context.

    References: #13116

postgresql

  • [postgresql] [bug] Fixed an issue in the PostgreSQL dialect where foreign key constraint reflection would incorrectly swap or fail to capture onupdate and ondelete values when these clauses appeared in a different order than expected in the constraint definition. This issue primarily affected

... (truncated)

Commits

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

- Move 7 docs from root to docs/ (AMBASSADORS, GLOSSARY, MANNERS, PROJECT_STRUCTURE, TESTING, TERMS_OF_USE, USER_GUIDE)
- Add PROOF_INDEX.md at root — 788 evidence documents, entry point visible on landing
- Remove TEST_RESULTS_6.0.0CC.md and VALIDATION_REPORT_v7.4.0CC.md (archived, versioned out)
- Fix CHANGELOG and proof_sheets/INDEX.md test count: 720 -> 746
- Update .gitignore: v11.0.1 header, exclude raw MP4 recordings from screenshots
- Update cross-references in README, CONTRIBUTING, MANNERS_COMPLIANCE, DOC_INDEX
- .github/dependabot.yml: weekly pip + GitHub Actions updates
- .github/workflows/codeql.yml: Python SAST on push/PR/weekly schedule
- requirements-dev.txt: dev/lint/test tooling (isort, bandit, pip-audit, coverage)
- ci.yml: install requirements-dev.txt in code-quality stage, enforce isort (remove || true)
- QUICKSTART.md: 5-minute path from clone to first governance decision
- Makefile: make test/test-unit/test-security/run/build/lint/clean
- RBAC endpoint count updated to 150 (grep-verified: main.py, api/*.py, tenant_rate_limiting.py)
- README, proof_sheets/INDEX.md, TB-PROOF-014 all updated to match
- DOC_INDEX.md: added QUICKSTART, Makefile, PROOF_INDEX entries; fixed proof count 773->788
318 replacements across 51 public-facing .md files.
DOC_INDEX: proof sheet count 773->788, three tiers, remove two archived test doc references.
PROJECT_OVERVIEW: test count 720->746, test module table rewritten with
all 16 current modules and correct counts (was 10 modules with wrong names).

PROJECT_STRUCTURE: test count 720->746, proof count 787->788, root file
tree corrected (7 files moved to docs/, added QUICKSTART/Makefile/
DOC_INDEX/PROOF_INDEX/requirements-dev.txt), .github/ block added,
deleted test docs removed from tree.
The StreamableHTTPSessionManager requires its run() async context
manager to be active before handling requests. When mounted as a
FastAPI sub-app via app.mount(), the inner Starlette app's lifespan
is not invoked, leaving the anyio task group uninitialised.

Fix: enter session_manager.run() inside the FastAPI lifespan so the
task group is active for the full server lifetime. Requests to /mcp
no longer fail with "Task group is not initialized".
StreamableHTTPSessionManager.run() can only be called once per instance.
Tests create multiple TestClient(app) contexts per process, each triggering
the lifespan. Reset _session_manager and recreate _mcp_asgi_inner at lifespan
startup so every entry gets a fresh instance.
traefik:v2.11 ships Go 1.24.1 which carries CVE-2025-68121 (CVSS 10),
CVE-2025-22871 (9.1), and ~15 additional HIGH/MEDIUM Go stdlib CVEs.
traefik:v3 builds with a patched Go release that resolves these.

All existing CLI flags and Docker labels are v3-compatible. No config
changes required. ubuntu/* CVEs (open-webui, ollama) are third-party
images outside TelsonBase scope — documented in Dockerfile.
mcp_server is attached to 4 networks. Without traefik.docker.network,
Traefik selects the first container IP alphabetically — telsonbase_ai
(172.21.x.x) — which Traefik is not connected to, causing silent
proxy timeouts on all requests through port 80.

Also adds PathPrefix('/') catch-all router rule for dev mode.
Production overlay retains Host-based routing.
README.md + huggingface_space/README.md:
- Fix "Jouneaux et al." -> "Jouneaux and Cabot" (only 2 authors)
- Add OversightLevel sentence and link to machine-readable spec

agent-autonomy-sla-spec.json: add _license_note on schema attribution

Website (frontend — local only, gitignored): new #research section added
- Anthropic disposition dial quote connected to ClawCoat 5 tiers
- Jouneaux & Cabot open challenge quote connected to OversightLevel adoption
- Link to machine-readable spec JSON on GitHub
Shows numerical values (QUARANTINE=1.0 → AGENT=0.10) inline in prose
so readers don't need to follow the JSON spec link to see them.
Includes inverse relationship note: OversightLevel ↓ as Manners floor ↑.
- Em dashes throughout (hyphens replaced)
- README stats: 6,254 tests, 162 API endpoints
- HF README: 6,254 tests, v11.0.3 footer
- Cihon et al. citation: full title and all five authors
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Mar 23, 2026
@dependabot dependabot Bot requested a review from QuietFireAI as a code owner March 23, 2026 16:33
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Mar 23, 2026
QuietFireAI and others added 21 commits March 25, 2026 13:29
…unt, version strings

Corrections verified against source code:
- RBAC-protected endpoints: 149 → 143 (actual grep of Depends(require_permission) in source; docstring example in core/auth.py was being counted; openclaw_routes uses authenticate_request not require_permission)
- Test files in standard run: 88/94 → 99 (100 total - test_mqtt_stress excluded)
- Bandit lines scanned: 61,278/93,893 → 43,457 (actual scope: core/ api/ agents/ federation/ toolroom/ gateway/)
- API endpoints: 161 → 162 (CI-verified)
- Test count: 720/746 → 6,254 across all stale docs

Version strings:
- v11.0.1 → v11.0.3 in CONTRIBUTING, GOVERNANCE, SECURITY, SUPPORT, LICENSES/*, screenshots/README, toolroom/TOOLROOM
- TelsonBase → ClawCoat in footer strings across all updated files
- CHANGELOG title: TelsonBase → ClawCoat

Proof sheets:
- TB-PROOF-001: header 88 → 99 files; added 14 missing test files to table
- TB-PROOF-014: corrected RBAC count 149 → 143 with accurate per-file breakdown
- TB-PROOF-052: header 88 → 99 files; added 14 missing files to all sections; updated summary totals
- INDEX.md: 149 → 143 RBAC endpoint count
- tb-proof-053 through tb-proof-066: "720 tests" → "6,254 tests"

Docs updated: README, FAQ, INSTALLATION_GUIDE_WINDOWS, PROJECT_OVERVIEW, SECURITY_GUIDELINES, SOC2_TYPE_I, COMPLIANCE_ROADMAP, TESTING
…ssion/RBAC invalidation

session_management.py:
- check_session/get_session/touch_session fall back to Redis on local cache miss
  (sessions created on other workers are now visible to all workers)
- terminate_session evicts entry from local dict after Redis delete
  (prevents memory leak; terminated sessions can't be re-activated from stale cache)
- terminate_all_user_sessions unions local cache + Redis user-session index
  (kills sessions created on any worker, not just the current one)

rbac.py:
- _save_session maintains rbac_user_sessions:{user_id} index in Redis
- deactivate_user fetches all session IDs from Redis index and deletes them
  (account deactivation now takes effect on all workers immediately)
- invalidate_session evicts from local dict and cleans Redis index entry

middleware.py:
- Rate limiter uses Redis Lua atomic token bucket (single shared limit across all workers)
- Falls back to in-memory bucket only when Redis unavailable (logged as warning)
- _get_client_key hashes full API key with SHA-256 instead of truncating to [:16]
  (eliminates shared-prefix bucket collision attack)

tests/test_core_session_management_depth.py:
- Update 5 tests that expected terminated sessions to remain in _sessions dict;
  corrected assertion is that session_id is NOT in _sessions after termination
H1 core/auth.py — JWT revocation fail-closed; Redis unavailable → revoke returns False, is_revoked returns True; removed in-memory fallback set
H2 core/signing.py — agent revocation persisted to Redis; survives worker restart
H3 core/secure_storage.py — integrity hash raises RuntimeError if not initialized; no silent fallback key
H4 core/secure_storage.py — ephemeral key generation removed; raises ValueError if ENCRYPTION_KEY not set
H5 core/session_management.py — role validated against VALID_ROLES allowlist on session creation
H6 core/threat_response.py — _matches_pattern requires positive criterion (anomaly_type/severity/event_type); count_threshold enforced via prior event count in window
H7 core/threat_response.py — ImportError in quarantine/isolate/escalate handlers re-raised as critical failure
H8 core/anomaly.py — rate stats (avg/std/max) computed from _recent_records via EMA, not reset to zero
H9 core/anomaly.py — baseline lazy-loaded from Redis on first access; not rebuilt from scratch each restart
H10 core/rbac.py — API key stored in Redis as SHA-256 hash; plaintext stays in-memory only
H11 core/rbac.py — zero-user bypass re-verified against Redis before allowing; Redis unavailable → 503
H12 core/rbac.py — require_permission checks JWT Bearer + session cookie, not only X-API-Key
H13 core/config.py — MCP_API_KEY required at startup; missing key raises ValueError (was silently "MISSING_API_KEY")
File headers: auth, middleware, secure_storage, signing, audit, mfa, session_management, rbac, config, openclaw, identiclaw, secrets, identiclaw_routes → ClawCoat

Functional renames:
- audit.py: chain_id prefix "telsonbase_" → "clawcoat_"
- mfa.py: issuer_name "TelsonBase" → "ClawCoat"
- openclaw.py: governance comments updated
- secure_storage.py: ENCRYPTION_KEY_ENV/ENCRYPTION_SALT_ENV → CLAWCOAT_*; legacy TELSONBASE_* checked as backward-compat fallback; default salt string updated
- secrets.py: env_var names → CLAWCOAT_ENCRYPTION_KEY / CLAWCOAT_ENCRYPTION_SALT (Docker secret filenames kept for production compat)
- config.py: DB URL default + redis_password default + production validation strings → clawcoat_dev
- identiclaw.py + routes + auth.py: telsonbase_permissions field → clawcoat_permissions (DB column kept — requires migration)
- conftest.py: encryption key env var + chain_id prefix updated
- .env.example: header, DB URL default, MOSQUITTO_USER default, comment

Docker secret filenames (telsonbase_*) intentionally unchanged — production filesystem paths.
TELSONBASE_ENV env var intentionally unchanged — extensive test + runtime dependents.
CHANGELOG: Unreleased entry — H1-H13 security fixes, branding sweep details
ENCRYPTION_AT_REST.md: checklist items updated to CLAWCOAT_ENCRYPTION_KEY/SALT
SECRETS_MANAGEMENT.md: dev default strings updated to clawcoat_dev
…er, human review gate

- threat_response.py: remove all cooldown/require_confirmation logic; every threat
  match quarantines immediately; add _persist_event/_load_events_from_persistence using
  SecurityStore; add resolve_threat(event_id, reviewed_by) — agents stay quarantined
  until explicit human review; _matches_pattern simplified to pure positive-criteria check
- anomaly.py: replace counter-based anomaly IDs with uuid4 (safe across workers);
  persist _recent_denials to Redis so capability-probe counts survive restarts and are
  shared across all workers; load on startup
- signing.py: add audit logging to clear_revocation() matching revoke_agent() pattern
- tests: update depth tests for new zero-tolerance behavior; 127/127 threat_response pass
… fix MFA test

- version.py + config.py + CITATION.cff: 11.0.3 → 11.0.4
- CHANGELOG.md: rename [Unreleased] → [11.0.4]; add MEDIUM security section for
  zero-tolerance threat response, UUID anomaly IDs, _recent_denials persistence,
  signing clear_revocation audit
- tests/test_core_mfa_depth.py: update issuer assertion TelsonBase → ClawCoat
  (mfa.py issuer_name was renamed in branding sweep, test not updated)
…ion assertions (fields removed in zero-tolerance rewrite)
…alse in no-Redis CI environment (fail-closed behavior correct for prod, breaks unit tests without Redis)
The client fixture already cleared rate_limiter._buckets (in-memory fallback)
but the Redis-backed Lua token-bucket key was never reset between tests. In CI
where Redis is available, the same hashed API key accumulates requests across
tests until the burst budget (20) is exhausted, causing compliance route tests
to return 429 instead of 200/500.

Fix: delete all ratelimit:* keys from Redis DB15 at the start of each test,
alongside the existing audit-chain and RBAC flushes.
…state bleed

AgentKeyRegistry loads signing:revoked_agents from Redis on __init__; tests that
revoke agent-001 contaminate subsequent tests whose fresh registry instance picks
up the revocation and raises PermissionError on register_agent.

AnomalyMonitor loads _recent_denials from Redis on __init__; tests that record
denials above threshold contaminate tests that expect zero denials below threshold.

Flush signing:*, security:signing:revoked_agents, security:recent_denials, and
security:threat_events in the conftest client fixture alongside the existing
rate-limit and RBAC/audit-chain flushes.
…t bleed

AgentKeyRegistry() calls _load_from_persistence() on init, loading
signing:revoked_agents from Redis. Tests that revoke agent-001 or agent_a
poison the next test's fresh registry instance, causing PermissionError
on register_agent even though the test is starting fresh.

BehaviorMonitor() loads _recent_denials from Redis on init. Tests that
record >0 denials can push a subsequent test over CAPABILITY_PROBE_THRESHOLD
before it records any denials itself.

Fix: flush relevant Redis keys in the registry and monitor fixtures
(test_core_signing_depth.py, test_core_anomaly_depth.py) and add an
autouse fixture in TestAgentKeyRegistry (test_signing.py).
- Product rename throughout: all source files, docs, tests, proof sheets,
  CITATION.cff, README, CHANGELOG, HuggingFace app.py
- GitHub repo renamed: QuietFireAI/ClawCoat → QuietFireAI/ClawFilters
- Domain updated: clawcoat.com → clawfilters.com
- Positioning: small business primary; regulated industries as quality signal
- "The Manners Engine" brand name removed from public copy; scoring mechanism
  retained as "behavioral scoring/filter" — architecture unchanged
- Audience broadened: "OpenClaw agents" → "AI agents" in public-facing copy
- clawcoat_dev defaults → clawfilters_dev in config.py
- Audit chain prefix: clawcoat_ → clawfilters_ in core/audit.py
- clawcoat_permissions DB column unchanged (migration deferred)
- CLAWCOAT_ENCRYPTION_KEY env var unchanged (internal implementation name)
- TELSONBASE_ENV and telsonbase_* Docker names unchanged
…ed files)

- M1: config.py line 380 error message now correctly names 'clawfilters_redis_dev'
- L1-L4: REM headers in config.py, audit.py, auth.py, middleware.py
- L5: .env.example header, DB/MQTT user defaults, Traefik/Telegram domain examples
- L6: FAQ.md TOC anchor links, version bump to v11.0.4
- L7: TELEGRAM_GUIDE.md example bot name and webhook domain
- L8: SECRETS_MANAGEMENT.md line 237 Redis dev default name
- L9: test_api.py federation fixture URL
- config.py default DATABASE_URL username/db updated to clawfilters
- test_core_config_depth.py: match updated DATABASE_URL default
- test_core_threat_response_depth.py: admin@clawcoat → admin@clawfilters.com
- INSTALLATION_GUIDE_WINDOWS.md: note corrected for new name
- agent-autonomy-sla-spec.json: all ClawCoat references + version updated
…ndabot)

Closes Dependabot MEDIUM (requests insecure temp file) and LOW (cryptography
DNS name constraint) alerts.
Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 2.0.36 to 2.0.48.
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

---
updated-dependencies:
- dependency-name: sqlalchemy
  dependency-version: 2.0.48
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/sqlalchemy-2.0.48 branch from 21ee190 to ff77098 Compare March 28, 2026 00:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant