Skip to content

build(deps): update pydantic-ai requirement from ==0.2.* to ==1.39.* #752

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): update pydantic-ai requirement from ==0.2.* to ==1.39.* #752

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 29, 2025
edited
Loading

Updates the requirements on pydantic-ai to permit the latest version.

Release notes

Sourced from pydantic-ai's releases.

v1.39.0 (2025-12-23)

What's Changed

New Contributors

Full Changelog: pydantic/pydantic-ai@v1.38.0...v1.39.0

Changelog

Sourced from pydantic-ai's changelog.

Upgrade Guide

In September 2025, Pydantic AI reached V1, which means we're committed to API stability: we will not introduce changes that break your code until V2. For more information, review our Version Policy.

Breaking Changes

Here's a filtered list of the breaking changes for each version to help you upgrade Pydantic AI.

v1.0.1 (2025-09-05)

The following breaking change was accidentally left out of v1.0.0:

  • See #2808 - Remove Python evaluator from pydantic_evals for security reasons

v1.0.0 (2025-09-04)

  • See #2725 - Drop support for Python 3.9
  • See #2738 - Make many dataclasses require keyword arguments
  • See #2715 - Remove cases and averages attributes from pydantic_evals spans
  • See #2798 - Change ModelRequest.parts and ModelResponse.parts types from list to Sequence
  • See #2726 - Default InstrumentationSettings version to 2
  • See #2717 - Remove errors when passing AsyncRetrying or Retrying object to AsyncTenacityTransport or TenacityTransport instead of RetryConfig

v0.x.x

Before V1, minor versions were used to introduce breaking changes:

v0.8.0 (2025-08-26)

See #2689 - AgentStreamEvent was expanded to be a union of ModelResponseStreamEvent and HandleResponseEvent, simplifying the event_stream_handler function signature. Existing code accepting AgentStreamEvent | HandleResponseEvent will continue to work.

v0.7.6 (2025-08-26)

The following breaking change was inadvertently released in a patch version rather than a minor version:

See #2670 - TenacityTransport and AsyncTenacityTransport now require the use of pydantic_ai.retries.RetryConfig (which is just a TypedDict containing the kwargs to tenacity.retry) instead of tenacity.Retrying or tenacity.AsyncRetrying.

v0.7.0 (2025-08-12)

See #2458 - pydantic_ai.models.StreamedResponse now yields a FinalResultEvent along with the existing PartStartEvent and PartDeltaEvent. If you're using pydantic_ai.direct.model_request_stream or pydantic_ai.direct.model_request_stream_sync, you may need to update your code to account for this.

See #2458 - pydantic_ai.models.Model.request_stream now receives a run_context argument. If you've implemented a custom Model subclass, you will need to account for this.

See #2458 - pydantic_ai.models.StreamedResponse now requires a model_request_parameters field and constructor argument. If you've implemented a custom Model subclass and implemented request_stream, you will need to account for this.

v0.6.0 (2025-08-06)

This release was meant to clean some old deprecated code, so we can get a step closer to V1.

See #2440 - The next method was removed from the Graph class. Use async with graph.iter(...) as run: run.next() instead.

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 29, 2025
@dependabot dependabot bot mentioned this pull request Dec 29, 2025
Closed
@claude
Copy link

claude bot commented Dec 29, 2025

PR Review: pydantic-ai v0.2.* → v1.39.* Upgrade

Summary

This PR upgrades pydantic-ai from v0.2.* to v1.39.*, representing a major version jump that includes the v1.0 release. This is a significant dependency update that requires careful validation.

Critical Analysis

🔴 Major Version Jump Risk

This upgrade skips from v0.2 directly to v1.39, crossing the v1.0 stability boundary. According to pydantic-ai's version policy, v1.0+ commits to API stability until v2.0, but the path from v0.2 → v1.0 included several breaking changes.

Key Breaking Changes to Watch

Based on the pydantic-ai changelog, breaking changes occurred in:

v1.0.0 (2025-09-04):

  • Dropped Python 3.9 support ✅ Likely OK for this project
  • Made many dataclasses require keyword arguments
  • Changed ModelRequest.parts and ModelResponse.parts types from list to Sequence
  • Default InstrumentationSettings version changed to 2
  • Removed support for passing AsyncRetrying/Retrying objects to transports

v0.8.0:

  • AgentStreamEvent expanded to union type (backward compatible)

v0.7.6:

  • TenacityTransport now requires RetryConfig instead of tenacity.Retrying ⚠️

v0.7.0:

  • StreamedResponse now yields FinalResultEvent
  • Model.request_stream receives run_context argument
  • StreamedResponse requires model_request_parameters field

Code Impact Assessment

Current Usage Audit

I examined how pydantic-ai is used in the codebase:

Core Files:

  • opencontractserver/llms/agents/pydantic_ai_agents.py (main agent implementation)
  • opencontractserver/llms/tools/pydantic_ai_tools.py (tool wrappers)
  • opencontractserver/llms/vector_stores/pydantic_ai_*.py (vector stores)

Key Imports:

from pydantic_ai.agent import Agent, CallToolsNode, End, ModelRequestNode, UserPromptNode
from pydantic_ai.messages import ModelMessage, ModelRequest, ModelResponse, ...
from pydantic_ai.tools import RunContext
from pydantic_ai.models.test import TestModel
from pydantic_ai import capture_run_messages

🟡 Potential Compatibility Issues

  1. ModelRequest.parts / ModelResponse.parts type change (list → Sequence)

    • Used in: pydantic_ai_agents.py:221, 223, 226, 328, 1258
    • Risk: Medium - Code treats these as lists but Sequence is compatible for read operations
    • Action: Verify no list-specific mutations (append, extend, etc.)

  2. Dataclass keyword argument requirements

    • Used in: Various model instantiations
    • Risk: Low-Medium - May break if using positional arguments
    • Action: Search for dataclass instantiations without keywords

  3. Transport/Retry configuration

    • No evidence of TenacityTransport usage found
    • Risk: Low - Doesn't appear to affect this codebase

  4. TestModel usage

    • Used in: test_pydantic_ai_agents.py, test_pydantic_ai_integration_testmodel.py
    • Risk: Low - TestModel API appears stable in v1.x
    • Action: Run test suite to verify

New Features in v1.39.0

The PR description highlights:

  • Embedding models support - New capability
  • Agent/run metadata - Enhanced observability
  • System prompts returning None - Flexibility improvement
  • MCP ThinkingPart handling - Better integration
  • Bedrock service tier settings - AWS improvements

Testing Requirements

🔴 CRITICAL: Must Run Before Merge

Per CLAUDE.md baseline commit rules:

  1. Backend Tests (REQUIRED):

    # Run all pydantic-ai related tests in parallel
docker compose -f test.yml run django pytest opencontractserver/tests/test_pydantic_ai* -n 4 --dist loadscope

# Run LLM agent tests
docker compose -f test.yml run django pytest opencontractserver/llms/tests/ -n 4 --dist loadscope

  2. Pre-commit Checks:

    pre-commit run --all-files

  3. Integration Testing:

    • Test document agent creation and streaming
    • Test corpus agent creation and streaming
    • Verify tool approval gates still work
    • Test vector store operations
    • Verify WebSocket streaming events

Security Considerations

No security concerns identified

  • This is a dependency update from the official pydantic-ai package
  • No code changes in this PR beyond version constraint
  • pydantic-ai v1.0+ has stable API guarantees

Performance Considerations

⚠️ Unknown performance impact

  • Major version bumps can include performance changes
  • Recommend monitoring:
    • Agent response times
    • Memory usage during streaming
    • Vector search performance

Recommendations

Before Merging:

  1. Run comprehensive test suite (backend tests with pydantic-ai components)
  2. ⚠️ Manual testing of key agent flows:
    • Document Q&A with streaming
    • Corpus analysis with tool calls
    • Approval-required tool gates
  3. ⚠️ Check for dataclass positional args: 
    # Search for potential issues
grep -r "PydanticAI\|RunContext\|ModelRequest\|ModelResponse" opencontractserver/ --include="*.py" -A 2

After Merging:

  1. Monitor production logs for pydantic-ai related errors
  2. Watch for performance regressions in agent responses
  3. Test WebSocket streaming thoroughly in staging

Changelog Update Required

Per CLAUDE.md guidelines, this change should be documented in CHANGELOG.md:

## [Unreleased] - 2025-12-29

### Changed
- Updated pydantic-ai from v0.2.* to v1.39.* (`requirements/base.txt:53`)
  - Major version upgrade crossing v1.0 stability boundary
  - Includes new embedding models support, metadata tracking, and MCP improvements
  - Breaking change: ModelRequest/ModelResponse.parts now Sequence (was list)
  - See: https://github.com/pydantic/pydantic-ai/blob/main/docs/changelog.md

Overall Assessment

Risk Level: 🟡 MEDIUM

This is a necessary update to get pydantic-ai's v1.x stability guarantees and new features, but the major version jump warrants thorough testing.

Recommendation: ✅ APPROVE pending successful test runs

The codebase appears to use pydantic-ai's stable APIs (Agent, RunContext, messages) that should be compatible with v1.39, but the list → Sequence change for .parts needs validation.

Action Items

  • Run backend test suite with pydantic-ai tests
  • Update CHANGELOG.md with this dependency change
  • Manual test agent streaming in development
  • Verify tool approval gates still function
  • Monitor first deployment to staging closely

@dependabot
build(deps): update pydantic-ai requirement from ==0.2.* to ==1.39.*
59e0838 
Updates the requirements on [pydantic-ai](https://github.com/pydantic/pydantic-ai) to permit the latest version.
- [Release notes](https://github.com/pydantic/pydantic-ai/releases)
- [Changelog](https://github.com/pydantic/pydantic-ai/blob/main/docs/changelog.md)
- [Commits](pydantic/pydantic-ai@v0.2.0...v1.39.0)

---
updated-dependencies:
- dependency-name: pydantic-ai
  dependency-version: 1.39.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/pydantic-ai-eq-1.39.star branch from f00173b to 59e0838 Compare December 30, 2025 01:26
@claude
Copy link

claude bot commented Dec 30, 2025

Pull Request Review: Pydantic-AI Version Bump (v0.2.* → v1.39.*)

Summary

This PR updates pydantic-ai from version 0.2.* to 1.39.*, a major version jump (79 minor versions) that spans the library's transition to v1.0 and beyond. This is a Dependabot-generated dependency update that requires careful review and testing.

Risk Assessment: HIGH RISK

Why this is high risk:

  1. Major version jump: Jumping from v0.2 to v1.39 crosses multiple breaking changes
  2. Critical APIs in use: The codebase uses several pydantic-ai APIs that have undergone significant changes
  3. Production impact: Used in core data extraction pipeline and agent framework

Key Breaking Changes (v0.2 → v1.39)

Based on the pydantic-ai changelog, the following breaking changes are relevant to this codebase:

v1.0.0 Breaking Changes:

  1. Python 3.9 dropped - OpenContracts likely uses 3.10+ (verify)
  2. Dataclasses now require keyword arguments - May affect agent initialization
  3. ModelRequest.parts and ModelResponse.parts changed from list to Sequence - Used in pydantic_ai_agents.py
  4. Removed errors for AsyncRetrying/Retrying - Not directly used in this codebase

v0.8.0 Breaking Changes:
5. AgentStreamEvent union expanded - Used in streaming implementations

v0.7.6 Breaking Changes:
6. TenacityTransport now requires RetryConfig - Check if retry logic is configured

v0.7.0 Breaking Changes:
7. StreamedResponse now yields FinalResultEvent - May affect stream processing
8. Model.request_stream receives run_context argument - Only relevant if custom models exist

Code Impact Analysis

I analyzed the codebase usage of pydantic-ai and found the following critical files:

  1. Core Agent Implementation (opencontractserver/llms/agents/pydantic_ai_agents.py)

    • Lines 10-30: Imports from pydantic_ai.agent and pydantic_ai.messages
    • Uses: Agent, CallToolsNode, End, ModelRequestNode, UserPromptNode
    • Uses message types: ModelMessage, ModelRequest, ModelResponse, PartDeltaEvent, etc.
    • Risk: Message part types changed from list to Sequence

  2. Data Extraction Pipeline (opencontractserver/tasks/data_extract_tasks.py)

    • Lines 94-95, 260-275: Uses capture_run_messages context manager
    • Critical for LLM debugging and logging
    • Risk: This API may have changed

  3. Tool System (opencontractserver/llms/tools/pydantic_ai_tools.py)

    • Line 9: Uses RunContext for tool dependencies
    • Risk: RunContext typing may have changed

  4. Test Infrastructure

    • Multiple test files use TestModel and FunctionModel from pydantic_ai.models.test
    • Risk: Test utilities may have different APIs

Required Testing

Before merging, run these critical tests:

docker compose -f test.yml run django pytest opencontractserver/tests/test_pydantic_ai_agents.py -n 4 --dist loadscope
docker compose -f test.yml run django pytest opencontractserver/tests/test_structured_response_api.py -n 4 --dist loadscope
docker compose -f test.yml run django pytest opencontractserver/tests/test_pydantic_ai_tools_module.py -n 4 --dist loadscope
docker compose -f test.yml run django pytest opencontractserver/tests/test_pydantic_ai_integration_testmodel.py -n 4 --dist loadscope

Or run all tests: docker compose -f test.yml run django pytest -n auto --dist loadscope

Recommendations

Before Merging:

  1. Run all pydantic-ai related tests (commands above)
  2. Manual testing of data extraction pipeline - This is critical production functionality
  3. Test WebSocket-based agent conversations - Streaming may be affected
  4. Verify Python version compatibility - Ensure Python >= 3.10

If Tests Pass:

  1. Update CHANGELOG.md with this dependency change
  2. Consider staging deployment first - Test in production-like environment before full rollout

If Tests Fail:

  1. Do NOT merge - Fix compatibility issues first
  2. Check for type errors with Sequence vs list, changes to capture_run_messages API, changes to streaming event types, dataclass initialization patterns

Security Considerations

No security concerns identified - This is a legitimate dependency update from the official pydantic-ai repository.

Performance Considerations

According to the v1.39.0 release notes, this version includes:

  • Embedding models support - New feature that may be useful for future enhancements
  • Agent metadata and instrumentation improvements - Better observability
  • Bug fixes and optimizations

Monitor: Data extraction task execution times and WebSocket message processing latency

Final Verdict

Recommendation: CONDITIONAL APPROVAL

This PR should be merged IF AND ONLY IF:

  1. All pydantic-ai related tests pass
  2. Manual testing of data extraction pipeline succeeds
  3. CHANGELOG.md is updated
  4. Pre-commit hooks pass

Reviewed by: Claude Code
Review Date: 2025-12-30
Risk Level: High
Testing Required: Yes (Critical)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant