Skip to content

Update pydantic-ai-slim requirement from <2,>=1.107.0 to >=2.0.0,<3#2059

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/pydantic-ai-slim-gte-2.0.0-and-lt-3
Open

Update pydantic-ai-slim requirement from <2,>=1.107.0 to >=2.0.0,<3#2059
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/pydantic-ai-slim-gte-2.0.0-and-lt-3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 23, 2026

Copy link
Copy Markdown
Contributor

Updates the requirements on pydantic-ai-slim to permit the latest version.

Release notes

Sourced from pydantic-ai-slim's releases.

v2.0.0 (2026-06-23)

🎉 Pydantic AI V2.0 is here!

After seven betas, Pydantic AI V2 is now stable. V2 leans into a harness-first design with capabilities as a core primitive — a single composable unit that bundles an agent's tools, hooks, instructions, and model settings, reaching every layer of the agent through one concept.

Install it with:

uv add pydantic-ai

See the Upgrade Guide for everything that's changed and the recommended path from V1.

What's Changed

🚀 Features

🐛 Bug Fixes

New Contributors

... (truncated)

Changelog

Sourced from pydantic-ai-slim's changelog.

v2.0.0 (2026-06-23)

The stable V2.0 release. There are no new breaking or behavior changes since the betas; the full breaking-change list and recommended upgrade path are in the v2.0.0b1 entry below. Install it with:

uv add pydantic-ai

v2.0.0b7 (2026-06-10)

The seventh V2 beta, forked from v1.107.0. There are no new V2 breaking or behavior changes since v2.0.0b6 below — everything in that entry applies unchanged — but this beta picks up the latest V1 release on top, which adds Claude Fable 5 / Mythos 5 model support and OpenRouter prompt caching (CachePoint), plus known_model_names() and Anthropic fixes; see the v1.107.0 release notes for the full list.

Install it the same way, pinning the exact pre-release version:

pip/uv-add "pydantic-ai==2.0.0b7"

For the full breaking-change list and the recommended upgrade path, see the v2.0.0b1 entry below; the only difference is that the latest V1 to upgrade through first is now v1.107.0.

v2.0.0b6 (2026-06-04)

The sixth V2 beta, forked from v1.106.0. There are no new V2 breaking or behavior changes since v2.0.0b5 below — everything in that entry applies unchanged — but this beta picks up the latest V1 release on top, which adds api_host/timeout configuration and base seed mapping for the xAI provider, plus streaming and data-URI handling fixes; see the v1.106.0 release notes for the full list.

Install it the same way, pinning the exact pre-release version:

pip/uv-add "pydantic-ai==2.0.0b6"

For the full breaking-change list and the recommended upgrade path, see the v2.0.0b1 entry below; the only difference is that the latest V1 to upgrade through first is now v1.106.0.

v2.0.0b5 (2026-06-02)

The fifth V2 beta, forked from v1.105.0. There are no new V2 breaking or behavior changes since v2.0.0b4 below — everything in that entry (including the prepare-callbacks change) still applies — but this beta picks up the latest V1 release on top, which adds on-demand (deferred-loading) capabilities and Grok 4.3 reasoning_effort support, plus GoogleModelSettings.google_cached_content and Temporal gateway/ fixes; see the v1.105.0 release notes for the full list.

Install it the same way, pinning the exact pre-release version:

pip/uv-add "pydantic-ai==2.0.0b5"

For the full breaking-change list and the recommended upgrade path, see the v2.0.0b1 entry below; the only difference is that the latest V1 to upgrade through first is now v1.105.0.

v2.0.0b4 (2026-05-28)

The fourth V2 beta, forked from v1.104.0. One new V2 behavior change since v2.0.0b3:

  • Prepare callbacks (prepare_tools= / PrepareTools capability) that return None now raise TypeError instead of silently stripping all tools. V1.103.0 announces this change via PydanticAIDeprecationWarning (see #5188); V2 turns the warning into a hard error (see #5668). Return an empty list ([]) when you mean "no tools for this turn."

... (truncated)

Commits
  • e19e180 docs: de-beta the Upgrade Guide and Version Policy for the stable v2.0 releas...
  • e2b661c Pydantic AI V2 (#5451)
  • 61c71f0 Emit reasoning_effort='none' for Cerebras, deprecate `cerebras_disable_reas...
  • 3e83d4c Fix broken xAI and ACI.dev doc links (#6020)
  • a249886 Add scheduled lychee workflow to check docs links (#6018)
  • 46c6a61 docs: fix broken temporalio API reference links (#5740)
  • 82a484d fix(mistral): forward penalties in completions (#5695)
  • adfec3a fix(cohere): forward usage.cached_tokens as cache_read_tokens (#5957)
  • e59f24e Make retry-after transport test deterministic (#5533)
  • de3a512 fix: use running loop in chat app example (#5971)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Update pydantic-ai-slim requirement from <2,>=1.107.0 to >=2.0.0,<3
f7313d1 
Updates the requirements on [pydantic-ai-slim](https://github.com/pydantic/pydantic-ai) to permit the latest version.
- [Release notes](https://github.com/pydantic/pydantic-ai/releases)
- [Changelog](https://github.com/pydantic/pydantic-ai/blob/main/docs/changelog.md)
- [Commits](pydantic/pydantic-ai@v1.107.0...v2.0.0)

---
updated-dependencies:
- dependency-name: pydantic-ai-slim
  dependency-version: 2.0.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jun 23, 2026
@claude

claude Bot commented Jun 23, 2026

Copy link
Copy Markdown

Review: pydantic-ai-slim v1 → v2 major version bump

This PR bumps the core LLM framework dependency from >=1.107.0,<2 to >=2.0.0,<3. The investigation below covers the single-line diff plus its impact on all pydantic-ai call sites across the codebase.

Overall assessment

The codebase appears to have been pre-migrated to v2-compatible APIs. Key v2 names — ProcessHistory (from pydantic_ai.capabilities), FunctionToolset (from pydantic_ai.toolsets), CallToolsNode/ModelRequestNode/UserPromptNode (from pydantic_ai.agent) — are already used and the mypy config confirms they resolve cleanly. The stable v2.0.0 release notes state "no new breaking changes since the betas," and v2.0.0b7 was forked from v1.107.0, making the v1.107.0 → v2.0.0 delta minimal. No prepare_tools= usage exists in the codebase, so the b4 breaking change (returning NoneTypeError) is not a risk here.

That said, there are two actionable items before merging:

1. Missing changelog fragment (convention violation)

File: changelog.d/ — no entry for this PR

CLAUDE.md requires a changelog fragment for "database migrations, dependency updates that affect system behavior, and architecture changes." A v1→v2 major version bump for the core LLM framework qualifies. Example fragment to add:

# changelog.d/2059-pydantic-ai-v2.changed.md
- Upgraded `pydantic-ai-slim` from `>=1.107.0,<2` to `>=2.0.0,<3` (stable V2 release). 
  The codebase was already using v2-compatible APIs; this aligns the version constraint 
  with the code. Run `test_pydantic_ai_factory.py` and `test_data_extract_failure_classification.py` 
  to verify the canary tests pass.

2. Stale comment on the openai requirement line

File: requirements/base.txt, line 43

-openai>=2.43.0,<3  # https://github.com/openai/openai-python (pydantic-ai 1.x requires >=2.11.0)
+openai>=2.43.0,<3  # https://github.com/openai/openai-python (pydantic-ai 2.x requires >=2.43.0)

The inline comment still says "pydantic-ai 1.x" — it should be updated to "2.x" (and the floor constraint is now >=2.43.0, not >=2.11.0).

Known forward-looking risk (not a blocker)

opencontractserver/llms/history_processors.py lines 59–65 has an intentional module-level assertion that fires RuntimeError at startup if ModelRequest, ModelResponse, or ToolReturnPart stop being stdlib @dataclass instances (which would break the dataclasses.replace() calls at lines 206, 232, 254). This guard is documented in CLAUDE.md pitfall #17 and is not currently triggered by pydantic-ai v2.0.0 (the types remain @dataclass). If a future 2.x release migrates those types to Pydantic BaseModel, the fix is to replace dataclasses.replace() with .model_copy(update={...}) and update the assertion — but this is out of scope for this PR.

What to confirm before merging

The codebase has dedicated canary test files for exactly this scenario:

  • opencontractserver/tests/test_pydantic_ai_factory.py — tests instructions= vs system_prompt= precedence, ProcessHistory capability injection
  • opencontractserver/tests/test_data_extract_failure_classification.py — asserts message type discriminator values (kind, part_kind) at the schema level

These two test files should be confirmed green with the new constraint before merging. A full parallel test run (pytest -n 4 --dist loadscope) is recommended given the breadth of the LLM layer.

@JSv4

JSv4 commented Jun 25, 2026

Copy link
Copy Markdown
Collaborator

Holding this major bump rather than merging it.

pydantic-ai-slim is pinned >=1.107.0,<2 deliberately — the comment in requirements/base.txt points at #1451, and the upper bound guards two runtime behaviours that a major bump can change silently, neither of which mypy catches:

  1. system_prompt / instructions precedence (CLAUDE.md pitfall Bump coverage from 6.2 to 6.5.0 #14, issue Wrap PydanticAIAgent construction to fail loud on system_prompt regression #1451). chat() always calls run() with a non-empty message_history, so a precedence change in 2.x could silently drop or reorder the effective system prompt.
  2. Import-time dataclass-shape assertion (CLAUDE.md pitfall Bump pytz from 2021.3 to 2022.5 #17). opencontractserver/llms/history_processors.py asserts ToolReturnPart/ModelRequest/ModelResponse are still stdlib @dataclasses; if 2.x flips any to a BaseModel, the app raises RuntimeError at startup (runserver / Celery boot).

The 2.x API deltas mypy already flags (OpenAIModelOpenAIChatModel, UsageLimits.request_tokens_limitrequest_limit, GoogleProvider api_key typing) are only the surface — pydantic_ai is imported across 62 modules (agents, models, providers, message types, streaming events, usage limits, history processors). A correct bump is a dedicated migration that must be validated by rebuilding the Docker image on 2.x and running the LLM/agent integration suite, not a mypy-only patch that would turn CI green while leaving the runtime behaviour unverified.

Recommend this stays closed/held until the dedicated 2.x migration tracked under #1451 lands. Not merging via the PR-babysitting pass.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@JSv4