Update pydantic-settings requirement from <2.14.0,>=2.7.1 to >=2.7.1,<2.15.0 in the python group by dependabot[bot] · Pull Request #147 · trailofbits/it-depends

dependabot · 2026-04-28T06:14:59Z

Updates the requirements on pydantic-settings to permit the latest version.
Updates pydantic-settings to 2.14.0

Release notes

Sourced from pydantic-settings's releases.

v2.14.0

What's Changed

Fix parsing env vars into Optional Strict types by @hramezani in pydantic/pydantic-settings#792

Fix RecursionError with mutually recursive models in CLI by @hramezani in pydantic/pydantic-settings#794

Fix env_file from model_config ignored in CliApp.run() (#795) by @hramezani in pydantic/pydantic-settings#796

Update dependencies by @hramezani in pydantic/pydantic-settings#798

Add Dependabot configuration by @hramezani in pydantic/pydantic-settings#801

Bump samuelcolvin/check-python-version from 4.1 to 5 by @dependabot[bot] in pydantic/pydantic-settings#802

Bump actions/upload-artifact from 4 to 7 by @dependabot[bot] in pydantic/pydantic-settings#803

Bump actions/checkout from 4 to 6 by @dependabot[bot] in pydantic/pydantic-settings#804

Bump astral-sh/setup-uv from 5 to 7 by @dependabot[bot] in pydantic/pydantic-settings#805

Bump actions/setup-python from 5 to 6 by @dependabot[bot] in pydantic/pydantic-settings#806

Ignore chardet and group GitHub Actions in Dependabot by @hramezani in pydantic/pydantic-settings#808

Bump actions/download-artifact from 4 to 8 in the github-actions group by @dependabot[bot] in pydantic/pydantic-settings#809

Bump the python-packages group with 2 updates by @dependabot[bot] in pydantic/pydantic-settings#810

Support reading .env files from FIFOs (e.g. 1Password Environments) by @JacobHayes in pydantic/pydantic-settings#776

Fix AliasChoices ignored when changing provider priority by @hramezani in pydantic/pydantic-settings#813

fix: resolve KeyError in run_subcommand for underscore field names by @bradykieffer in pydantic/pydantic-settings#799

Bump the python-packages group with 3 updates by @dependabot[bot] in pydantic/pydantic-settings#814

Fix Literal[numeric Enum] coercion for CLI and env vars by @m9810223 in pydantic/pydantic-settings#811

Fix nested discriminated unions not discovered by env/CLI providers by @hramezani in pydantic/pydantic-settings#816

Bump the python-packages group with 3 updates by @dependabot[bot] in pydantic/pydantic-settings#820

CLI ensure env nested max split internally. by @kschwab in pydantic/pydantic-settings#821

Bump the python-packages group with 4 updates by @dependabot[bot] in pydantic/pydantic-settings#824

Migrate boto3-stubs to types-boto3 by @hramezani in pydantic/pydantic-settings#831

Fix CLI not recognizing field name with validate_by_name and AliasChoices by @hramezani in pydantic/pydantic-settings#826

Allow customisation of the dotevn setting source to filter variables by @CaselIT in pydantic/pydantic-settings#832

Bump the python-packages group with 3 updates by @dependabot[bot] in pydantic/pydantic-settings#833

Introduce yamlfmt by @Viicos in pydantic/pydantic-settings#836

Bump boto3 from 1.42.82 to 1.42.83 in the python-packages group by @dependabot[bot] in pydantic/pydantic-settings#837

Introduce zizmor by @Viicos in pydantic/pydantic-settings#838

Fix CliPositionalArg[list[CustomType]] crash for custom types by @hramezani in pydantic/pydantic-settings#839

Add note about Mypy plugin for BaseSettings.__init__() by @Viicos in pydantic/pydantic-settings#842

Fix cli_ignore_unknown_args=True not working on subcommands by @hramezani in pydantic/pydantic-settings#844

Bump the python-packages group with 4 updates by @dependabot[bot] in pydantic/pydantic-settings#847

Fix CLI descriptions lost under python -OO by falling back to json_schema_extra by @hramezani in pydantic/pydantic-settings#843

Prepare release 2.14.0 by @hramezani in pydantic/pydantic-settings#848

New Contributors

@dependabot[bot] made their first contribution in pydantic/pydantic-settings#802

@JacobHayes made their first contribution in pydantic/pydantic-settings#776

@bradykieffer made their first contribution in pydantic/pydantic-settings#799

@CaselIT made their first contribution in pydantic/pydantic-settings#832

Full Changelog: pydantic/pydantic-settings@v2.13.1...v2.14.0

Commits

8916bee Prepare release 2.14.0 (#848)
39e551c Fix CLI descriptions lost under python -OO by falling back to `json_schema_...
9ed7f48 Bump the python-packages group with 4 updates (#847)
617c690 Fix cli_ignore_unknown_args=True not working on subcommands (#844)
577c05f Add note about Mypy plugin for BaseSettings.__init__() (#842)
2355bc5 Fix CliPositionalArg[list[CustomType]] crash for custom types (#839)
16bd6fd Introduce zizmor (#838)
df8b239 Bump boto3 from 1.42.82 to 1.42.83 in the python-packages group (#837)
c5401a2 Introduce yamlfmt (#836)
953e28e Bump the python-packages group with 3 updates (#833)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Updates the requirements on [pydantic-settings](https://github.com/pydantic/pydantic-settings) to permit the latest version. Updates `pydantic-settings` to 2.14.0 - [Release notes](https://github.com/pydantic/pydantic-settings/releases) - [Commits](pydantic/pydantic-settings@v2.7.1...v2.14.0) --- updated-dependencies: - dependency-name: pydantic-settings dependency-version: 2.14.0 dependency-type: direct:production dependency-group: python ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Apr 28, 2026

dependabot Bot requested a review from evandowning as a code owner April 28, 2026 06:15

evandowning approved these changes Apr 28, 2026

View reviewed changes

evandowning merged commit e758b8a into master Apr 28, 2026
13 checks passed

evandowning deleted the dependabot/uv/python-0b80898646 branch April 28, 2026 12:22

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update pydantic-settings requirement from <2.14.0,>=2.7.1 to >=2.7.1,<2.15.0 in the python group#147

Update pydantic-settings requirement from <2.14.0,>=2.7.1 to >=2.7.1,<2.15.0 in the python group#147
evandowning merged 1 commit intomasterfrom
dependabot/uv/python-0b80898646

dependabot Bot commented on behalf of github Apr 28, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Apr 28, 2026

v2.14.0

What's Changed

New Contributors

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant