Skip to content

chore(deps): update prometheus-fastapi-instrumentator requirement from >=8.0.0 to >=8.0.2#125

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/prometheus-fastapi-instrumentator-gte-8.0.2
Open

chore(deps): update prometheus-fastapi-instrumentator requirement from >=8.0.0 to >=8.0.2#125
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/prometheus-fastapi-instrumentator-gte-8.0.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Updates the requirements on prometheus-fastapi-instrumentator to permit the latest version.

Release notes

Sourced from prometheus-fastapi-instrumentator's releases.

8.0.2 / 2026-06-23

Fixed

  • Replaced deprecated asyncio.iscoroutinefunction() with inspect.iscoroutinefunction() in Instrumentator.add() to avoid warnings on Python 3.12+ in #378.
Changelog

Sourced from prometheus-fastapi-instrumentator's changelog.

8.0.2 / 2026-06-23

Fixed

  • Replaced deprecated asyncio.iscoroutinefunction() with inspect.iscoroutinefunction() in Instrumentator.add() to avoid warnings on Python 3.12+ in #378.

8.0.1 / 2026-06-22

Fixed

  • Fixed resolving route names for routers registered via include_router() on FastAPI 0.116+ leading to AttributeError getting raised on every request. The internal route name resolution now also handles _IncludedRouter and recurses into the included router's own routes so the Prometheus label reflects the leaf endpoint. Thanks to @​adeebmirza in #371 for fixing it.
  • Fixed hitting mounts with slash redirection collecting wrong handler name. Thanks to @​lbonn for raising and fixing this issue in #369.

8.0.0 / 2026-05-29

Changed

  • BREAKING: Ported project to Starlette v1. This includes new required minimum versions of Python, Starlette, and FastAPI. Bumped starlette dependency from >=0.30.0,<1.0.0 to >=1.0.0,<2.0.0. Bumped requires-python from >=3.8 to >=3.10 (starlette dropped support). Bumped fastapi dev dependency to ^0.133.0 (first version supporting starlette v1). Adjusted middleware app parameter type from Starlette to ASGIApp. Thanks to @​bgermann in #357 for implementing it.

Fixed

  • Corrected documentation for setting custom labels. Thanks to @​rickie95 in #342 for implementing it.

7.1.0 / 2025-03-19

Added

... (truncated)

Commits
  • c1c1fb6 chore: Prepare release v8.0.2
  • 652991e docs: Add link to pr in changelog
  • 4cca8aa build(deps): bump pre-commit/action from 3.0.0 to 3.0.1 (#301)
  • dd185b0 build(deps): bump softprops/action-gh-release from 2 to 3 (#363)
  • 8e8f8c5 build(deps): bump amannn/action-semantic-pull-request from 5 to 6 (#364)
  • 778526b build(deps): bump actions/cache from 4 to 5 (#365)
  • c212ede build(deps): bump github/codeql-action from 2 to 4 (#366)
  • f31451c chore: Replace deprecated coroutine detection (#378)
  • c433368 test(routing): add 405/Mount/WebSocket coverage for _IncludedRouter (#377)
  • e7b3266 Remove incorrect build badge from readme
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

View with Codesmith Autofix with Codesmith
Need help on this PR? Tag /codesmith with what you need. Autofix is disabled.

Updates the requirements on [prometheus-fastapi-instrumentator](https://github.com/trallnag/prometheus-fastapi-instrumentator) to permit the latest version.
- [Release notes](https://github.com/trallnag/prometheus-fastapi-instrumentator/releases)
- [Changelog](https://github.com/trallnag/prometheus-fastapi-instrumentator/blob/master/CHANGELOG.md)
- [Commits](trallnag/prometheus-fastapi-instrumentator@v8.0.0...v8.0.2)

---
updated-dependencies:
- dependency-name: prometheus-fastapi-instrumentator
  dependency-version: 8.0.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @github

dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: dependencies, python. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@sonarqubecloud

sonarqubecloud Bot commented Jul 1, 2026

Copy link
Copy Markdown

@YiWang24

YiWang24 commented Jul 1, 2026

Copy link
Copy Markdown
Collaborator

代码审查报告

风险等级: 低 | 审查置信度: 高 | 结论: 可直接合入

变更摘要

  • 更新 依赖版本约束: →
  • 补丁版本升级,无破坏性变更

版本更新内容

  • 8.0.2 (2026-06-23): 修复 Python 3.12+ 中已弃用的 警告
  • 8.0.1 (2026-06-22): 修复 FastAPI 0.116+ 路由名称解析问题

审查意见

依赖更新合理 - 补丁版本包含重要的兼容性修复,建议采纳

无回归风险 - 语义化版本约束保证向后兼容,仅允许补丁版本自动升级

符合最佳实践 - 使用 约束而非锁定版本,允许自动获取 bug 修复

需要修复的问题

最终结论

可直接合入 - 安全的依赖维护更新,建议尽快合并以获取 bug 修复。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant