fix(deps): update dependency pydantic to v1.10.13 [security] #92

renovate · 2024-08-06T06:45:45Z

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
pydantic (changelog)	`1.10.4` -> `1.10.13`

GitHub Vulnerability Alerts

CVE-2024-3772

Regular expression denial of service in Pydantic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted email string.

Release Notes

pydantic/pydantic (pydantic)

`v1.10.13`

Compare Source

Fix: Add max length check to pydantic.validate_email, #7673 by @hramezani
Docs: Fix pip commands to install v1, #6930 by @chbndrhnns

`v1.10.12`

Compare Source

Fixes the maxlen property being dropped on deque validation. Happened only if the deque item has been typed. Changes the _validate_sequence_like func, #6581 by @maciekglowka

`v1.10.11`

Compare Source

Importing create_model in tools.py through relative path instead of absolute path - so that it doesn't import V2 code when copied over to V2 branch, #6361 by @SharathHuddar

`v1.10.10`

Compare Source

Add Pydantic Json field support to settings management, #6250 by @hramezani
Fixed literal validator errors for unhashable values, #6188 by @markus1978
Fixed bug with generics receiving forward refs, #6130 by @mark-todd
Update install method of FastAPI for internal tests in CI, #6117 by @Kludex

`v1.10.9`

Compare Source

Fix trailing zeros not ignored in Decimal validation, #5968 by @hramezani
Fix mypy plugin for v1.4.0, #5928 by @cdce8p
Add future and past date hypothesis strategies, #5850 by @bschoenmaeckers
Discourage usage of Cython 3 with Pydantic 1.x, #5845 by @lig

`v1.10.8`

Compare Source

Fix a bug in Literal usage with typing-extension==4.6.0, #5826 by @hramezani
This solves the (closed) issue #3849 where aliased fields that use discriminated union fail to validate when the data contains the non-aliased field name, #5736 by @benwah
Update email-validator dependency to >=2.0.0post2, #5627 by @adriangb
update AnyClassMethod for changes in python/typeshed#9771, #5505 by @ITProKyle

`v1.10.7`

Compare Source

Fix creating schema from model using ConstrainedStr with regex as dict key, #5223 by @matejetz
Address bug in mypy plugin caused by explicit_package_bases=True, #5191 by @dmontagu
Add implicit defaults in the mypy plugin for Field with no default argument, #5190 by @dmontagu
Fix schema generated for Enum values used as Literals in discriminated unions, #5188 by @javibookline
Fix mypy failures caused by the pydantic mypy plugin when users define from_orm in their own classes, #5187 by @dmontagu
Fix InitVar usage with pydantic dataclasses, mypy version 1.1.1 and the custom mypy plugin, #5162 by @cdce8p

`v1.10.6`

Compare Source

Implement logic to support creating validators from non standard callables by using defaults to identify them and unwrapping functools.partial and functools.partialmethod when checking the signature, #5126 by @JensHeinrich
Fix mypy plugin for v1.1.1, and fix dataclass_transform decorator for pydantic dataclasses, #5111 by @cdce8p
Raise ValidationError, not ConfigError, when a discriminator value is unhashable, #4773 by @kurtmckee

`v1.10.5`

Compare Source

Fix broken parametrized bases handling with GenericModels with complex sets of models, #5052 by @MarkusSintonen
Invalidate mypy cache if plugin config changes, #5007 by @cdce8p
Fix RecursionError when deep-copying dataclass types wrapped by pydantic, #4949 by @mbillingr
Fix X | Y union syntax breaking GenericModel, #4146 by @thenx
Switch coverage badge to show coverage for this branch/release, #5060 by @samuelcolvin

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

renovate bot force-pushed the renovate/pypi-pydantic-vulnerability branch 2 times, most recently from c8a186c to 58819cd Compare October 28, 2024 17:34

renovate bot force-pushed the renovate/pypi-pydantic-vulnerability branch from 58819cd to a6f0569 Compare November 3, 2024 10:07

renovate bot changed the title ~~fix(deps): update dependency pydantic to v1.10.13 [security]~~ fix(deps): update dependency pydantic to v1.10.13 [security] - autoclosed Dec 9, 2024

renovate bot closed this Dec 9, 2024

renovate bot deleted the renovate/pypi-pydantic-vulnerability branch December 9, 2024 06:54

renovate bot changed the title ~~fix(deps): update dependency pydantic to v1.10.13 [security] - autoclosed~~ fix(deps): update dependency pydantic to v1.10.13 [security] Dec 9, 2024

renovate bot reopened this Dec 9, 2024

renovate bot force-pushed the renovate/pypi-pydantic-vulnerability branch from b0d1a17 to a6f0569 Compare December 9, 2024 11:56

fix(deps): update dependency pydantic to v1.10.13 [security]

0701886

renovate bot force-pushed the renovate/pypi-pydantic-vulnerability branch from a6f0569 to 0701886 Compare December 9, 2024 13:41

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(deps): update dependency pydantic to v1.10.13 [security] #92

fix(deps): update dependency pydantic to v1.10.13 [security] #92

renovate bot commented Aug 6, 2024 •

edited

Loading

fix(deps): update dependency pydantic to v1.10.13 [security] #92

Are you sure you want to change the base?

fix(deps): update dependency pydantic to v1.10.13 [security] #92

Conversation

renovate bot commented Aug 6, 2024 • edited Loading

GitHub Vulnerability Alerts

Release Notes

Configuration

renovate bot commented Aug 6, 2024 •

edited

Loading