Skip to content

chore(deps): bump pydantic from 2.12.5 to 2.13.4#6024

Merged
rtibbles merged 1 commit into
unstablefrom
dependabot/uv/pydantic-2.13.4
Jul 1, 2026
Merged

chore(deps): bump pydantic from 2.12.5 to 2.13.4#6024
rtibbles merged 1 commit into
unstablefrom
dependabot/uv/pydantic-2.13.4

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps pydantic from 2.12.5 to 2.13.4.

Release notes

Sourced from pydantic's releases.

v2.13.4 2026-05-06

v2.13.4 (2026-05-06)

What's Changed

Packaging

Fixes

Full Changelog: pydantic/pydantic@v2.13.3...v2.13.4

v2.13.3 2026-04-20

v2.13.3 (2026-04-20)

What's Changed

Fixes

Full Changelog: pydantic/pydantic@v2.13.2...v2.13.3

v2.13.2 2026-04-17

v2.13.2 (2026-04-17)

What's Changed

Fixes

  • Fix ValidationInfo.field_name missing with model_validate_json() by @​Viicos in #13084

Full Changelog: pydantic/pydantic@v2.13.1...v2.13.2

v2.13.1 2026-04-15

v2.13.1 (2026-04-15)

What's Changed

Fixes

Full Changelog: pydantic/pydantic@v2.13.0...v2.13.1

v2.13.0 2026-04-13

... (truncated)

Changelog

Sourced from pydantic's changelog.

v2.13.4 (2026-05-06)

GitHub release

What's Changed

Packaging

Fixes

v2.13.3 (2026-04-20)

GitHub release

What's Changed

Fixes

v2.13.2 (2026-04-17)

GitHub release

What's Changed

Fixes

  • Fix ValidationInfo.field_name missing with model_validate_json() by @​Viicos in #13084

v2.13.1 (2026-04-15)

GitHub release

What's Changed

Fixes

v2.13.0 (2026-04-13)

GitHub release

The highlights of the v2.13 release are available in the blog post.

... (truncated)

Commits
  • cf67d4b Fix linting
  • f0d8a21 Prepare release v2.13.4
  • 5e3fe1d Check for pydantic tag pattern in CI
  • 7f9edcc Document tagging conventions
  • b46a0c9 Adapt pydantic-core linker flags on macOS
  • 50629c8 Update to PyPy 7.3.22
  • 8522ebb Preserve RootModel core metadata
  • a37f3af Adapt MISSING sentinel test to work with unreleased typing_extensions ver...
  • 909259a Remove Logfire example in documentation
  • 2c4174c Bump libc from 0.2.155 to 0.2.185
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.12.5 to 2.13.4.
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](pydantic/pydantic@v2.12.5...v2.13.4)

---
updated-dependencies:
- dependency-name: pydantic
  dependency-version: 2.13.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jul 1, 2026

@rtibblesbot rtibblesbot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Routine minor bump, changelog is clean, and CI is green.

Package: pydantic 2.12.5 → 2.13.4 (production, requirements.in)
Semver risk: Minor (spans patch releases 2.13.0–2.13.4)
Breaking changes: None — v2.13.0 release notes describe the changes as non-breaking per pydantic's versioning policy.
Security fixes: None (v2.13.0 bumps jiter to 0.14.0 for a musl-Linux segfault fix — robustness, not a CVE).
Other notable changes:

  • Narrow bug fixes across 2.13.1–2.13.4 (ValidationInfo under model_validate_json(), RootModel metadata, private-attr factories)
  • pydantic-core bumped 2.41.5 → 2.46.4 alongside

See inline note on the unrelated [grpc] extras change in requirements.txt.


@rtibblesbot's comments are generated by an LLM, and should be evaluated accordingly

How was this generated?

Ran a dependency-update review pipeline over the version bump:

  • Classified the bump by semver (patch / minor / major) and dependency type (production vs. development)
  • Extracted the changelog and release notes across the version range
  • Assessed compatibility with this project's usage and whether any code changes are required
  • Treated CI as the primary safety net
  • Scaled the review depth to the update's risk
  • Chose the verdict from semver risk, changelog findings, and CI status

Comment thread requirements.txt
exceptiongroup==1.3.1
# via celery
google-api-core[grpc]==2.30.0
google-api-core==2.30.0

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: [grpc] extra dropped from this pin (and from googleapis-common-protos at line 137). Unrelated to the pydantic bump.

  • Pinned versions of both packages are unchanged
  • grpcio/grpcio-status still resolve via grpc-google-iam-v1
  • Likely a uv pip compile resolver-annotation quirk, not a manual edit
  • Worth a quick sanity check that grpc-based transports still work as expected

@rtibbles rtibbles left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No concerns from changelog - pydantic usage has good test coverage.

@rtibbles rtibbles merged commit cc49c94 into unstable Jul 1, 2026
43 checks passed
@dependabot dependabot Bot deleted the dependabot/uv/pydantic-2.13.4 branch July 1, 2026 02:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants