Upgrade SQLAlchemy to the latest 2.0.x release #825
Labels
dependencies
Pull requests that update a dependency file
engineering
python
Pull requests that update Python code
The Notify.gov API is still running SQLAlchemy 1.4.x, which is the legacy version; we'd like to upgrade to the latest 2.0.x release to take advantage of the new features, improvements, and security updates. Dependabot continues to try and update this for us, but the PR tests fail because we have to go through a whole migration to get there.
There is a SQLAlchemy 2.0 migration guide that we ought to go through to get a sense of the things we need to look at and double check to make sure we're set. Furthermore, we'll also need keep the Flask-SQLAlchemy dependency in mind as we use that too, since the API is a Flask-based app.
Lastly, we have some current work taking place that will have an impact and should make this a bit easier. @xlorepdarkhelm has been working on swapping out string constants and other custom values to be proper Enums throughout the code base in this pull request, which includes swapping to
db.enum
fields at the model layer.We also have @samathad2023 looking at the Python 3.12 upgrade for Notify.gov, which may dovetail with this work as well.
Implementation Sketch and Acceptance Criteria
There are a couple of phases involved with this as we're treating it as a standalone project. First is getting a plan together:
If we have more time to go beyond a proposed plan, the next steps would be to get the changes in place and the migration done.
Security Considerations
The text was updated successfully, but these errors were encountered: