Skip to content

⬆ Bump strawberry-graphql from 0.291.2 to 0.307.1#15033

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/uv/strawberry-graphql-0.307.1
Open

⬆ Bump strawberry-graphql from 0.291.2 to 0.307.1#15033
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/uv/strawberry-graphql-0.307.1

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 1, 2026

Bumps strawberry-graphql from 0.291.2 to 0.307.1.

Release notes

Sourced from strawberry-graphql's releases.

🍓 0.307.1

This release fixes issues with explicit field definitions in experimental pydantic types:

all_fields=True now respects explicit field definitions: Previously, using all_fields=True would override any explicitly defined fields in the strawberry type. Now, explicit definitions take precedence, allowing you to:

  • Mark fields as strawberry.Private to hide them from the GraphQL schema
  • Add field extensions (e.g., for authentication, caching, transformations)
  • Override field types
  • Add custom resolvers

The warning "Using all_fields overrides any explicitly defined fields" has been removed since combining all_fields=True with explicit definitions is now a valid and useful pattern.

Private fields are auto-populated from pydantic models: When a strawberry.Private field has the same name as a pydantic model field, from_pydantic() will automatically populate it from the model (can be overridden via the extra dict).

Example:

from pydantic import BaseModel
import strawberry
from strawberry.experimental.pydantic import type as pyd_type
from strawberry.extensions.field_extension import FieldExtension
class MaskExtension(FieldExtension):
def resolve(self, next_, source, info, **kwargs):
result = next_(source, info, **kwargs)
return result[:3] + "****" if result else result
class UserModel(BaseModel):
name: str
email: str
password: str
@​pyd_type(model=UserModel, all_fields=True)
class User:
# Add extension to mask email in responses
email: str = strawberry.field(extensions=[MaskExtension()])
# Hide password from GraphQL schema entirely
password: strawberry.Private[str]
name and email are exposed in schema, password is not
email will be masked by the extension
pydantic_user = UserModel(name="Alice", email="alice@example.com", password="secret")
strawberry_user = User.from_pydantic(pydantic_user)
Private field is still accessible internally
print(strawberry_user.password)  # "secret"
</tr></table>

... (truncated)

Changelog

Sourced from strawberry-graphql's changelog.

0.307.1 - 2026-02-24

This release fixes issues with explicit field definitions in experimental pydantic types:

all_fields=True now respects explicit field definitions: Previously, using all_fields=True would override any explicitly defined fields in the strawberry type. Now, explicit definitions take precedence, allowing you to:

  • Mark fields as strawberry.Private to hide them from the GraphQL schema
  • Add field extensions (e.g., for authentication, caching, transformations)
  • Override field types
  • Add custom resolvers

The warning "Using all_fields overrides any explicitly defined fields" has been removed since combining all_fields=True with explicit definitions is now a valid and useful pattern.

Private fields are auto-populated from pydantic models: When a strawberry.Private field has the same name as a pydantic model field, from_pydantic() will automatically populate it from the model (can be overridden via the extra dict).

Example:

from pydantic import BaseModel
import strawberry
from strawberry.experimental.pydantic import type as pyd_type
from strawberry.extensions.field_extension import FieldExtension
class MaskExtension(FieldExtension):
def resolve(self, next_, source, info, **kwargs):
result = next_(source, info, **kwargs)
return result[:3] + "****" if result else result
class UserModel(BaseModel):
name: str
email: str
password: str
@​pyd_type(model=UserModel, all_fields=True)
class User:
# Add extension to mask email in responses
email: str = strawberry.field(extensions=[MaskExtension()])
# Hide password from GraphQL schema entirely
password: strawberry.Private[str]
name and email are exposed in schema, password is not
email will be masked by the extension
pydantic_user = UserModel(name="Alice", email="alice@example.com", password="secret")
strawberry_user = User.from_pydantic(pydantic_user)
</tr></table>

... (truncated)

Commits
  • e0764c2 Release 🍓 0.307.1
  • 1b5d199 Allow strawberry.auto to override all_fields=True | Allow Private Fields to w...
  • eae8995 Release 🍓 0.307.0
  • 3b15ec9 Remove deprecated _type_definition and _enum_definition aliases (#4219)
  • 2c9bc4b [pre-commit.ci] pre-commit autoupdate (#4266)
  • ab4def9 ci(deps): bump github/codeql-action from 4.32.3 to 4.32.4 (#4261)
  • 012b369 ci(deps): bump actions/checkout from 4.3.1 to 6.0.2 (#4262)
  • 1aef9b9 deps(python)(deps-dev): bump the all-dependencies group with 4 updates (#4264)
  • 438fe2c deps(e2e)(deps): bump lucide-react from 0.564.0 to 0.575.0 in /e2e (#4263)
  • 8f739e0 deps(python)(deps): bump wheel from 0.45.1 to 0.46.2 (#4265)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
⬆ Bump strawberry-graphql from 0.291.2 to 0.307.1
0943762 
Bumps [strawberry-graphql](https://github.com/strawberry-graphql/strawberry) from 0.291.2 to 0.307.1.
- [Release notes](https://github.com/strawberry-graphql/strawberry/releases)
- [Changelog](https://github.com/strawberry-graphql/strawberry/blob/main/CHANGELOG.md)
- [Commits](strawberry-graphql/strawberry@0.291.2...0.307.1)

---
updated-dependencies:
- dependency-name: strawberry-graphql
  dependency-version: 0.307.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Mar 1, 2026
@codspeed-hq
Copy link

codspeed-hq bot commented Mar 1, 2026

Merging this PR will not alter performance

✅ 20 untouched benchmarks

Comparing dependabot/uv/strawberry-graphql-0.307.1 (0943762) with master (924a535)1

Open in CodSpeed

Footnotes

  1. No successful run was found on master (f5c7b20) during the generation of this report, so 924a535 was used instead as the comparison base. There might be some changes unrelated to this pull request in this report.

@github-actions
Copy link
Contributor

github-actions bot commented Mar 1, 2026

📝 Docs preview

Last commit 0943762 at: https://1f63733f.fastapitiangolo.pages.dev

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file internal python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants