Update dependency pydantic to ~=2.4.0 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
pydantic (changelog)	~=2.2.0 -> ~=2.4.0

GitHub Vulnerability Alerts

CVE-2024-3772

Regular expression denial of service in Pydantic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted email string.

---

Release Notes

pydantic/pydantic (pydantic)

v2.4.0

Compare Source

GitHub release

What's Changed

Packaging

• Update pydantic-core to 2.10.0 by @​samuelcolvin in #​7542

New Features

• Add Base64Url types by @​dmontagu in #​7286
• Implement optional number to str coercion by @​lig in #​7508
• Allow access to field_name and data in all validators if there is data and a field name by @​samuelcolvin in #​7542
• Add BaseModel.model_validate_strings and TypeAdapter.validate_strings by @​hramezani in #​7552
• Add Pydantic plugins experimental implementation by @​lig @​samuelcolvin and @​Kludex in #​6820

Changes

• Do not override model_post_init in subclass with private attrs by @​Viicos in #​7302
• Make fields with defaults not required in the serialization schema by default by @​dmontagu in #​7275
• Mark Extra as deprecated by @​disrupted in #​7299
• Make EncodedStr a dataclass by @​Kludex in #​7396
• Move annotated_handlers to be public by @​samuelcolvin in #​7569

Performance

• Simplify flattening and inlining of CoreSchema by @​adriangb in #​7523
• Remove unused copies in CoreSchema walking by @​adriangb in #​7528
• Add caches for collecting definitions and invalid schemas from a CoreSchema by @​adriangb in #​7527
• Eagerly resolve discriminated unions and cache cases where we can't by @​adriangb in #​7529
• Replace dict.get and dict.setdefault with more verbose versions in CoreSchema building hot paths by @​adriangb in #​7536
• Cache invalid CoreSchema discovery by @​adriangb in #​7535
• Allow disabling CoreSchema validation for faster startup times by @​adriangb in #​7565

Fixes

• Fix config detection for TypedDict from grandparent classes by @​dmontagu in #​7272
• Fix hash function generation for frozen models with unusual MRO by @​dmontagu in #​7274
• Make strict config overridable in field for Path by @​hramezani in #​7281
• Use ser_json_<timedelta|bytes> on default in GenerateJsonSchema by @​Kludex in #​7269
• Adding a check that alias is validated as an identifier for Python by @​andree0 in #​7319
• Raise an error when computed field overrides field by @​sydney-runkle in #​7346
• Fix applying SkipValidation to referenced schemas by @​adriangb in #​7381
• Enforce behavior of private attributes having double leading underscore by @​lig in #​7265
• Standardize __get_pydantic_core_schema__ signature by @​hramezani in #​7415
• Fix generic dataclass fields mutation bug (when using TypeAdapter) by @​sydney-runkle in #​7435
• Fix TypeError on model_validator in wrap mode by @​pmmmwh in #​7496
• Improve enum error message by @​hramezani in #​7506
• Make repr work for instances that failed initialization when handling ValidationErrors by @​dmontagu in #​7439
• Fixed a regular expression denial of service issue by limiting whitespaces by @​prodigysml in #​7360
• Fix handling of UUID values having UUID.version=None by @​lig in #​7566
• Fix __iter__ returning private cached_property info by @​sydney-runkle in #​7570
• Improvements to version info message by @​samuelcolvin in #​7594

New Contributors

• @​15498th made their first contribution in #​7238
• @​GabrielCappelli made their first contribution in #​7213
• @​tobni made their first contribution in #​7184
• @​redruin1 made their first contribution in #​7282
• @​FacerAin made their first contribution in #​7288
• @​acdha made their first contribution in #​7297
• @​andree0 made their first contribution in #​7319
• @​gordonhart made their first contribution in #​7375
• @​pmmmwh made their first contribution in #​7496
• @​disrupted made their first contribution in #​7299
• @​prodigysml made their first contribution in #​7360

v2.3.0

Compare Source

GitHub release

• 🔥 Remove orphaned changes file from repo by @​lig in #​7168
• Add copy button on documentation by @​Kludex in #​7190
• Fix docs on JSON type by @​Kludex in #​7189
• Update mypy 1.5.0 to 1.5.1 in CI by @​hramezani in #​7191
• fix download links badge by @​samuelcolvin in #​7200
• add 2.2.1 to changelog by @​samuelcolvin in #​7212
• Make ModelWrapValidator protocols generic by @​dmontagu in #​7154
• Correct Field(..., exclude: bool) docs by @​samuelcolvin in #​7214
• Make shadowing attributes a warning instead of an error by @​adriangb in #​7193
• Document Base64Str and Base64Bytes by @​Kludex in #​7192
• Fix config.defer_build for serialization first cases by @​samuelcolvin in #​7024
• clean Model docstrings in JSON Schema by @​samuelcolvin in #​7210
• fix #​7228 (typo): docs in validators.md to correct validate_default kwarg by @​lmmx in #​7229
• ✅ Implement tzinfo.fromutc method for TzInfo in pydantic-core by @​lig in #​7019
• Support __get_validators__ by @​hramezani in #​7197

v2.2.1

Compare Source

GitHub release

• Make xfailing test for root model extra stop xfailing by @​dmontagu in #​6937
• Optimize recursion detection by stopping on the second visit for the same object by @​mciucu in #​7160
• fix link in docs by @​tlambert03 in #​7166
• Replace MiMalloc w/ default allocator by @​adriangb in pydantic/pydantic-core#900
• Bump pydantic-core to 2.6.1 and prepare 2.2.1 release by @​adriangb in #​7176

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 1666e40

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR