fix(deps): update all non-major dependencies (!13) · Merge requests · Information Services / DevOps / Identity and Access Management / Lookup (Ibis) / Institution Mapping Tool

This MR contains the following updates:

Package	Change	Type	Update
PyYAML (source)	`6.0.2` → `6.0.3`	dependencies	patch
google-auth	`2.40.3` → `2.49.0`	dependencies	minor
oracledb (changelog)	`3.3.0` → `3.4.2`	dependencies	minor
pydantic (changelog)	`1.10.23` → `1.10.26`	dependencies	patch
python	`>=3.10,<3.12` → `>=3.14,<3.15`	dependencies	minor
registry.gitlab.developers.cam.ac.uk/uis/devops/lib/ucam-faas-python	`0.17.2` → `0.21.2`	final	minor

Release Notes

yaml/pyyaml (PyYAML)

`v6.0.3`

Compare Source

What's Changed

Support for Python 3.14 and free-threading (experimental).

Full Changelog: https://github.com/yaml/pyyaml/compare/6.0.2...6.0.3

googleapis/google-auth-library-python (google-auth)

`v2.48.0`

Compare Source

Features

add cryptography as required dependency (#1929) (52558ae2881b1e6555f6f5c0d76365c15807ead9)
Support the mTLS IAM domain for Certificate based Access (#1938) (8dcf91a1b05c85fbbd0bcee78d66e498099102ab)
add configurable GCE Metadata Server retries (#1488) (454b441b478ec62bbf1a6ad5bceb6c7cbbfd0c37)
honor NO_GCE_CHECK environment variable (#1610) (383c9827536d9376e8248370ce4c2b83e468d027)

Bug Fixes

resolve circular imports (#1942) (25c1b064545702cbef087cfcd15fbbb6ef1af74f)
removes content-header from AWS IMDS get request (#1934) (97bfea9e02ede953fc8ee154e0deed3a3cfc6dcc)
detect correct auth when ADC env var is set but empty (#1374) (bfc07e1050bd0aa86fa3b08cdf70c9b68b5fe6a2)
replace deprecated utcfromtimestamp (#1799) (e431f20cf73ccac71926a23ec454468cea92e053)
Use user_verification=preferred for ReAuth WebAuthn challenge (#1798) (3f88a24089c4ee6822d510de0db210b54260d873)

`v2.47.0`

Compare Source

Features

drop cachetools dependency in favor of simple local implementation (#1590) (5c07e1c4f52bc77a1b16fa3b7b3c5269c242f6f4)

Bug Fixes

Python 3.8 support (#1918) (60dc20014a35ec4ba71e8065b9a33ecbdbeca97a)

`v2.46.0`

Compare Source

Documentation

update urllib3 docstrings for v2 compatibility (#1903) (3f1aeea2d1014ea1d244a4c3470e52d74d55404b)

Features

Recognize workload certificate config in has_default_client_cert_source for mTLS for Agentic Identities (#1907) (0b9107d573123e358c347ffa067637f992af61b4)

Bug Fixes

add types to default and verify_token and Request init based on comments in the source code. (#1588) (59a5f588f7793b59d923a4185c8c07738da618f7)
fix the document of secure_authorized_session (#1536) (5d0014707fc359782df5ccfcaa75fd372fe9dce3)
remove setup.cfg configuration for creating universal wheels (#1693) (c767531ce05a89002d109f595187aff1fcaacfb7)
use .read() instead of .content.read() in aiohttp transport (#1899) (12f4470f808809e8abf1141f98d88ab720c3899b)
raise RefreshError for missing token in impersonated credentials (#1897) (94d04e090fdfc61926dd32bc1d65f8820b9cede5)
Fix test coverage for mtls_helper (#1886) (02e71631fe275d93825c2e957e830773e75133f7)

`v2.45.0`

Compare Source

Features

Adding Agent Identity bound token support and handling certificate mismatches with retries (#1890) (b32c934e6b0d09b94c467cd432a0a635e8b05f5c)

`v2.44.0`

Compare Source

Features

support Python 3.14 (#1822) (0f7097e78f247665b6ef0287d482033f7be2ed6d)
add ecdsa p-384 support (#1872) (39c381a5f6881b590025f36d333d12eff8dc60fc)
MDS connections use mTLS (#1856) (0387bb95713653d47e846cad3a010eb55ef2db4c)
Implement token revocation in STS client and add revoke() metho… (#1849) (d5638986ca03ee95bfffa9ad821124ed7e903e63)
Add shlex to correctly parse executable commands with spaces (#1855) (cf6fc3cced78bc1362a7fe596c32ebc9ce03c26b)

Bug Fixes

Use public refresh method for source credentials in ImpersonatedCredentials (#1884) (e0c3296f471747258f6d98d2d9bfde636358ecde)
Add temporary patch to workload cert logic to accomodate Cloud Run mis-configuration (#1880) (78de7907b8bdb7b5510e3c6fa8a3f3721e2436d7)
Delegate workload cert and key default lookup to helper function (#1877) (b0993c7edaba505d0fb0628af28760c43034c959)

`v2.43.0`

Compare Source

Features

Add public wrapper for _mtls_helper.check_use_client_cert which enables mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, when the MWID/X.509 cert sources detected (#1859) Add public wrapper for check_use_client_cert which enables mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, when the MWID/X.509 cert sources detected. Also, fix check_use_client_cert to return boolean value. Change #1848 added the check_use_client_cert method that helps know if client cert should be used for mTLS connection. However, that was in a private class, thus, created a public wrapper of the same function so that it can be used by python Client Libraries. Also, updated check_use_client_cert to return a boolean value instead of existing string value for better readability and future scope. --------- (1535eccbff0ad8f3fd6a9775316ac8b77dca66ba)
Enable mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, if the MWID/X.509 cert sources detected (#1848) The Python SDK will use a hybrid approach for mTLS enablement:

If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is set (either true or false), the SDK will respect that setting. This is necessary for test scenarios and users who need to explicitly control mTLS behavior.
If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is not set, the SDK will automatically enable mTLS only if it detects Managed Workload Identity (MWID) or X.509 Workforce Identity Federation (WIF) certificate sources. In other cases where the variable is not set, mTLS will remain disabled. ** This change also adds the helper method check_use_client_cert and it's unit test, which will be used for checking the criteria for setting the mTLS to true ** This change is only for Auth-Library, other changes will be created for Client-Library use-cases. --------- (395e405b64b56ddb82ee639958c2e8056ad2e82b)

onboard google-auth to librarian (#1838) This MR onboards google-auth library to the Librarian system. Wait for #1819. (c503eaa511357d7a76cc1e1f1d3a3be2dabd5bca)

`v2.42.1`

Compare Source

Bug Fixes

Catch ValueError for json.loads() (#1842) (b074cad)

`v2.42.0`

Compare Source

Features

Add trust boundary support for external accounts. (#1809) (36ecb1d)

Bug Fixes

Read scopes from ADC json for impersoanted cred (#1820) (62c0fc8)

`v2.41.1`

Compare Source

Bug Fixes

Suppress deprecation warning for ADC (#1815) (751ce3f)

`v2.41.0`

Compare Source

Features

Add support for cachetools 6.0 (#1773) (af18060)
Add trust boundary support for service accounts and impersonation. (#1778) (99be2ce)

Bug Fixes

Deprecating load_credentials_from_dict (58b66ec)
Deprecating load_credentials_from_file (58b66ec)
Fix type error in credentials.py for python 3.7 and 3.8 (#1805) (c30a6a7)

Documentation

Update user guide to include x509 feature. (#1802) (2d89ab4)

oracle/python-oracledb (oracledb)

`v3.4.2`

Compare Source

python-oracledb 3.4.2 is now released. This release addresses a number of issues. See the full release notes for all of the details.

`v3.4.1`

Compare Source

python-oracledb 3.4.1 is now released. This release addresses a number of issues. See the full release notes for all of the details.

`v3.4.0`

Compare Source

python-oracledb 3.4.0 is now released. This release has the following highlights:

support for Direct Path Load in thin mode for fast data ingestion
support for data frames is no longer considered a pre-release
support for type mapping when querying with data frames
support for ingesting more Apache Arrow data types
support for ingesting Apache Arrow data frames containing multiple chunks
support for cursor.executemany() operating on large input data in batches
fine-grained control over LOB and number handling
new optional install dependencies for plugins

See the full release notes for all of the details.

pydantic/pydantic (pydantic)

`v1.10.26`

Compare Source

GitHub release

This is the first beta release of the 2.13 version, mainly providing bug fixes and performance improvements for validation and serialization.

Notable changes include:

Add a new polymorphic_serialization option, solving issues with serialize_as_any introduced in 2.12.
Latest V1.10.26 release under the pydantic.v1 namespace. This version includes support for Python 3.14.
The pydantic-core repository was merged inside the main pydantic one.

What's Changed

Packaging

Bump Rust url dependency from 2.5.4 to 2.5.7 in pydantic-core by @dependabot[bot] in #12508
Bump Rust minimum version to 1.88, use edition 2024 by @davidhewitt and @Viicos in #12551 and #12752
Bump PyO3 to 0.28, jiter to 0.13 by @davidhewitt in #12767

New Features

Add polymorphic_serialization option by @davidhewitt in #12518
Support Root models with Literal root types as discriminator field types by @YassinNouh21 in #12680

Changes

Migrate pydantic-core CI by @Viicos in #12752
Import pydantic-core into pydantic by @davidhewitt in #12481
Backport V1 changes up to v1.10.26 by @Viicos in #12663
Use the complex() constructor unconditionally when validating complex Python data by @tanmaymunjal in #12498
Add support for three-tuple input for Decimal by @tanmaymunjal in #12500
Align @field_serializer logic with @field_validator by @Viicos in #12577
Make PydanticUserError a RuntimeError instead of a TypeError by @poliakovva in #12579
Remove redundant serialization attempts in nested unions by @davidhewitt in #12604
Copy root value when making root model shallow copies by @YassinNouh21 in #12679
Ensure deterministic JSON schema defaults by sorting sets by @drshvik in #12760

Performance

Refactor DecoratorInfos.build() implementation by @Viicos in #12536
Cache compiled regex in pydantic-core by @Viicos in #12549
Optimize creation of Literal validators by @davidhewitt in #12569
Optimize implementation of LookupKey by @davidhewitt in #12571
Use python strings for field names by @davidhewitt in #12631
Optimize datetime formatting code by @davidhewitt in #12626
Validate JSON model data by iteration by @davidhewitt in #12550
Optimize annotations evaluation of Pydantic models by @Viicos in #12681
Optimize FieldInfo._copy() by @Viicos in #12727

Fixes

Fix FieldInfo rebuilding when parameterizing generic models with an Annotated type by @Viicos in #12463
Fix nested model schema deduplication in JSON schema generation by @marwan-alloreview in #12494
Fix InitVar being ignored when using with the pydantic.Field() function by @Viicos in #12495
Fix support for enums with NamedTuple as values by @Viicos in #12506
Do not delete mock validator/serializer in rebuild_dataclass() by @Viicos in #12513
Require test suite to pass with free threading, switch back to global generic types cache by @davidhewitt in #12537
Refactor __pydantic_extra__ annotation handling by @Viicos in #12563
Do not add claim of UUID "safety" provision by @davidhewitt in #12567
Use Python hash to perform lookup in tagged union serializer by @davidhewitt in #12594
Do not emit serialization warning MISSING sentinel is present in a nested model by @Viicos in #12635
Do not eagerly evaluate annotations in signature logic by @Viicos in #12660
Fix serialization of typed dict unions when exclude_none is set by @davidhewitt in #12677
Do not reuse prebuilt serializers/validators on rebuilds by @lmmx in #12689
Fix type annotation of field_definitions in create_model() by @lehmann-hqs in #12734
Fix incorrect dataclass constructor signature when overriding class kw_only with Field() by @jfadia in #12741
Use typing.Union when replacing types under Python 3.14 by @Viicos in #12733
Improve ImportString error when internal imports fail by @tsembp in #12740
Fix serializing complex numbers with negative zero imaginary part by @lhnwrk in #12770
Preserve custom docstrings on stdlib dataclasses in JSON schema by @nightcityblade in #12815

New Contributors

@marwan-alloreview made their first contribution in #12494
@tanmaymunjal made their first contribution in #12498
@poliakovva made their first contribution in #12579
@lehmann-hqs made their first contribution in #12734
@jfadia made their first contribution in #12741
@tsembp made their first contribution in #12740
@drshvik made their first contribution in #12760
@lhnwrk made their first contribution in #12770
@nightcityblade made their first contribution in #12815

`v1.10.25`: 2025-12-18

Compare Source

What's Changed

Add minimal support for Python 3.14 by @Viicos in #12636

Full Changelog: https://github.com/pydantic/pydantic/compare/v1.10.24...v1.10.25

This is the final 2.12 release. It features the work of 20 external contributors and provides useful new features, along with initial Python 3.14 support. Several minor changes (considered non-breaking changes according to our versioning policy) are also included in this release. Make sure to look into them before upgrading.

Note that Pydantic V1 is not compatible with Python 3.14 and greater.

Changes (see the alpha and beta releases for additional changes since 2.11):

Packaging

Update V1 copy to v1.10.24 by @Viicos in #12338

New Features

Add extra parameter to the validate functions by @anvilpete in #12233
Add exclude_computed_fields serialization option by @Viicos in #12334
Add preverse_empty_path URL options by @Viicos in #12336
Add union_format parameter to JSON Schema generation by @Viicos in #12147
Add __qualname__ parameter for create_model by @Atry in #12001

Fixes

Do not try to infer name from lambda definitions in pipelines API by @Viicos in #12289
Use proper namespace for functions in TypeAdapter by @Viicos in #12324
Use Any for context type annotation in TypeAdapter by @inducer in #12279
Expose FieldInfo in pydantic.fields.__all__ by @Viicos in #12339
Respect validation_alias in @validate_call by @Viicos in #12340
Use Any as context annotation in plugin API by @Viicos in #12341
Use proper stacklevel in warnings when possible by @Viicos in #12342