Skip to content

chore(deps): bump pydantic-core from 2.46.3 to 2.46.4#238

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot-pip-pydantic-core-2.46.4
Open

chore(deps): bump pydantic-core from 2.46.3 to 2.46.4#238
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot-pip-pydantic-core-2.46.4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 11, 2026
edited
Loading

Bumps pydantic-core from 2.46.3 to 2.46.4.

Commits
  • cf67d4b Fix linting
  • f0d8a21 Prepare release v2.13.4
  • 5e3fe1d Check for pydantic tag pattern in CI
  • 7f9edcc Document tagging conventions
  • b46a0c9 Adapt pydantic-core linker flags on macOS
  • 50629c8 Update to PyPy 7.3.22
  • 8522ebb Preserve RootModel core metadata
  • a37f3af Adapt MISSING sentinel test to work with unreleased typing_extensions ver...
  • 909259a Remove Logfire example in documentation
  • 2c4174c Bump libc from 0.2.155 to 0.2.185
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 11, 2026
@codacy-production
Copy link
Copy Markdown

codacy-production Bot commented May 11, 2026
edited
Loading

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 complexity

Metric Results
Complexity 0

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 11, 2026
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
pip/pydantic-core 2.46.4 🟢 6.7
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review🟢 10all changesets reviewed
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
License🟢 10license file detected
Fuzzing🟢 10project is fuzzed
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection🟢 4branch protection is not maximal on development and all release branches
Security-Policy🟢 10security policy file detected
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0

Scanned Files

  • requirements.txt

@saidsef saidsef mentioned this pull request May 13, 2026
Merged
2 tasks
@dependabot
chore(deps): bump pydantic-core from 2.46.3 to 2.46.4
e019e20 
Bumps [pydantic-core](https://github.com/pydantic/pydantic) from 2.46.3 to 2.46.4.
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](pydantic/pydantic@core-v2.46.3...core-v2.46.4)

---
updated-dependencies:
- dependency-name: pydantic-core
  dependency-version: 2.46.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot-pip-pydantic-core-2.46.4 branch from 47ba181 to e019e20 Compare May 13, 2026 17:17
saidsef added a commit that referenced this pull request May 17, 2026
@saidsef
feat(tools): add two new GraphQL tools (#242)
2fc8a6d 
* chore(deps): combine dependabot dependency updates

Batch update 5 dependencies from open dependabot PRs (#234-#237, #239):

- authlib 1.7.0 -> 1.7.1 (PR #239)
- cryptography 47.0.0 -> 48.0.0 (PR #234)
- jsonschema-path 0.4.5 -> 0.4.6 (PR #237)
- pydantic-settings 2.14.0 -> 2.14.1 (PR #235)
- uv 0.11.12 -> 0.11.13 (PR #236)

Note: pydantic-core (PR #238) excluded - bumping it independently
conflicts with pydantic==2.13.3 which pins pydantic-core==2.46.3 exactly.

* feat(tools): add get_pr_linked_issues and get_pr_status_checks

Two new GraphQL-backed tools that close genuine agent blind spots:

- get_pr_linked_issues: queries closingIssuesReferences to return the
  authoritative list of issues that auto-close on merge. More reliable
  than text-parsing "Closes #N" keywords from the PR body, and picks up
  issues linked via the GitHub UI.

- get_pr_status_checks: queries check suites and legacy commit status
  from the PR HEAD commit. Derives an overall "passing/failing/pending/
  unknown" state so agents can make a merge decision without asking the
  user whether CI is green.

Both auto-register as MCP tools via the existing inspect.getmembers()
mechanism. Also fix pre-existing ruff formatting issues in auth.py,
tests/__init__.py, and tests/test_auth.py.

* refactor(tools): raise ToolError on failure, add ToolAnnotations, remove IP tools

- Replace all return {"status": "error"} patterns with raise ToolError so
  agents see failures as errors rather than successful results with error
  payloads; merge_pr preserves the GitHub API message before raising
- Add ToolAnnotations to the registration layer: readOnlyHint=True on all
  read-only tools so Claude skips confirmation prompts; destructiveHint=True
  on merge_pr
- Remove get_ipv4_info and get_ipv6_info (IPIntegration, ip_integration.py,
  ip-lookup skill, IPInfoError) - no genuine value in a GitHub-focused MCP
- Remove traceback import from github_integration (now unused)

* refactor(tools): apply ToolAnnotations directly to methods via decorators

Replace the centralised _TOOL_ANNOTATIONS lookup dict in issues_pr_analyser.py
with _read_only/_destructive decorator helpers in github_integration.py that
stamp a _mcp_annotations attribute directly on each method.

* fix(quality): resolve duplicate heading and reduce cyclomatic complexity

Rename duplicate '### Features' heading in README to '### Tool Categories'.
Extract status-set literals in _derive_overall to module-level frozensets and
replace comprehension conditionals with set-difference, reducing cyclomatic
complexity from 13 to 7.

* refactor(tools): split _derive_overall into focused boolean helpers

Replace module-level frozenset constants with _has_failing_checks and
_has_pending_checks private methods, restoring inline local sets and
reducing _derive_overall cyclomatic complexity from 10 to 6.

* feat(tools): add @_write annotations to all write-operation tools

Eleven public methods were registered without ToolAnnotations, leaving
MCP clients unable to classify them as read/write. Adds a _write()
decorator (readOnlyHint=False) and applies it to add_pr_comments,
add_inline_pr_comment, update_pr_description, create_pr, create_issue,
update_pr_branch, update_issue, update_reviews, update_assignees,
create_tag, and create_release.

* fix(annotation): add correct hints to mr merge
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants