Skip to content

chore: bump pydantic-ai-slim from 1.99.0 to 1.102.0#278

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/uv/pydantic-ai-slim-1.102.0
Jun 29, 2026
Merged

chore: bump pydantic-ai-slim from 1.99.0 to 1.102.0#278
github-actions[bot] merged 1 commit into
mainfrom
dependabot/uv/pydantic-ai-slim-1.102.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps pydantic-ai-slim from 1.99.0 to 1.102.0.

Release notes

Sourced from pydantic-ai-slim's releases.

v1.102.0 (2026-05-22)

What's Changed

🛡️ Security

  • Expand IPv6 transition-form handling in URL validation by @​DouweM in pydantic/pydantic-ai#5596
    • Security advisory: SSRF cloud-metadata blocklist bypass via additional IPv6 transition forms GHSA-cg7w-rg45-pc59
    • You are affected only if your application explicitly opts a FileUrl into force_download='allow-local' on a URL that is, or could be, influenced by untrusted input, AND runs on a NAT64- or ISATAP-configured network (e.g. some IPv6-only or dual-stack-with-NAT64 Kubernetes setups).
    • You are not affected if you run on a standard dual-stack cloud VM or container, which does not route these forms in practice.
    • You are not affected if you use any of the bundled integrations to ingest user input: Agent.to_web / clai web; VercelAIAdapter; AGUIAdapter / Agent.to_ag_ui

🐛 Bug Fixes

New Contributors

Full Changelog: pydantic/pydantic-ai@v1.101.0...v1.102.0

v1.101.0 (2026-05-21)

What's Changed

🚀 Features

🐛 Bug Fixes

📦 Dependencies

New Contributors

Full Changelog: pydantic/pydantic-ai@v1.100.0...v1.101.0

v1.100.0 (2026-05-20)

... (truncated)

Changelog

Sourced from pydantic-ai-slim's changelog.

Upgrade Guide

In September 2025, Pydantic AI reached V1 and committed to API stability: no changes that break your code until V2. V2 is now available, collecting the breaking and behavior changes that stability guarantee didn't allow. This guide is the canonical place to learn what's in V2, how to install it, and how to upgrade; for the guarantees behind these version numbers, see the Version Policy.

Breaking Changes

Here's a filtered list of the breaking changes for each version to help you upgrade Pydantic AI.

v2.0.0 (2026-06-23)

The stable V2.0 release. There are no new breaking or behavior changes since the betas; the full breaking-change list and recommended upgrade path are in the v2.0.0b1 entry below. Install it with:

uv add pydantic-ai

v2.0.0b7 (2026-06-10)

The seventh V2 beta, forked from v1.107.0. There are no new V2 breaking or behavior changes since v2.0.0b6 below — everything in that entry applies unchanged — but this beta picks up the latest V1 release on top, which adds Claude Fable 5 / Mythos 5 model support and OpenRouter prompt caching (CachePoint), plus known_model_names() and Anthropic fixes; see the v1.107.0 release notes for the full list.

Install it the same way, pinning the exact pre-release version:

pip/uv-add "pydantic-ai==2.0.0b7"

For the full breaking-change list and the recommended upgrade path, see the v2.0.0b1 entry below; the only difference is that the latest V1 to upgrade through first is now v1.107.0.

v2.0.0b6 (2026-06-04)

The sixth V2 beta, forked from v1.106.0. There are no new V2 breaking or behavior changes since v2.0.0b5 below — everything in that entry applies unchanged — but this beta picks up the latest V1 release on top, which adds api_host/timeout configuration and base seed mapping for the xAI provider, plus streaming and data-URI handling fixes; see the v1.106.0 release notes for the full list.

Install it the same way, pinning the exact pre-release version:

pip/uv-add "pydantic-ai==2.0.0b6"

For the full breaking-change list and the recommended upgrade path, see the v2.0.0b1 entry below; the only difference is that the latest V1 to upgrade through first is now v1.106.0.

v2.0.0b5 (2026-06-02)

The fifth V2 beta, forked from v1.105.0. There are no new V2 breaking or behavior changes since v2.0.0b4 below — everything in that entry (including the prepare-callbacks change) still applies — but this beta picks up the latest V1 release on top, which adds on-demand (deferred-loading) capabilities and Grok 4.3 reasoning_effort support, plus GoogleModelSettings.google_cached_content and Temporal gateway/ fixes; see the v1.105.0 release notes for the full list.

Install it the same way, pinning the exact pre-release version:

pip/uv-add "pydantic-ai==2.0.0b5"

... (truncated)

Commits
  • 1add061 fix: expand IPv6 transition-form handling in URL validation (#5596)
  • 1d1ecb8 ci: add UI adapter security review agentic workflow (#5591)
  • d30951d Normalize trailing dot and case in WebFetchTool domain matching (#5592)
  • 4e2771c Add Pydantic AI gh-aw agentic workflows + custom harness (#5569)
  • 35ab013 Fix: VercelAIAdapter now accepts providerExecuted / title on dynamic-to...
  • 5ba908d fix(instrumentation): Prevent false positive variable_instructions span att...
  • 130e85b fix(bedrock): Disable Opus 4.7 native structured output (#5582)
  • a18c583 Don't auto-promote strict=None tools to strict mode with Bedrock, and skip ...
  • 9871f75 Add complete-partial-pr skill (#5573)
  • 100e795 Add pending message queue (ctx.enqueue / agent_run.enqueue) (#4980)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore: bump pydantic-ai-slim from 1.99.0 to 1.102.0
826426e 
Bumps [pydantic-ai-slim](https://github.com/pydantic/pydantic-ai) from 1.99.0 to 1.102.0.
- [Release notes](https://github.com/pydantic/pydantic-ai/releases)
- [Changelog](https://github.com/pydantic/pydantic-ai/blob/main/docs/changelog.md)
- [Commits](pydantic/pydantic-ai@v1.99.0...v1.102.0)

---
updated-dependencies:
- dependency-name: pydantic-ai-slim
  dependency-version: 1.102.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@github-actions github-actions Bot enabled auto-merge (squash) June 29, 2026 01:58
@github-actions github-actions Bot merged commit 750a229 into main Jun 29, 2026
10 checks passed
@github-actions github-actions Bot deleted the dependabot/uv/pydantic-ai-slim-1.102.0 branch June 29, 2026 01:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies ignore-for-release

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants