Latest Results
chore(deps): bump pyo3 from 0.23.1 to 0.24.1 (#197)
Bumps [pyo3](https://github.com/pyo3/pyo3) from 0.23.1 to 0.24.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pyo3/pyo3/releases">pyo3's
releases</a>.</em></p>
<blockquote>
<h2>v0.24.1</h2>
<p>This release is a security fix for the
<code>PyString::from_object</code> method, which passed
<code>&str</code> data to the Python C API without checking for a
terminating nul byte. All historical PyO3 versions are affected, and we
recommend you upgrade if you are using
<code>PyString::from_object</code>. Thank you to <a
href="https://github.com/vthib"><code>@​vthib</code></a> for the report
and <a href="https://github.com/Dr-Emann"><code>@​Dr-Emann</code></a>
for the fix. A RUSTSEC advisory will be published shortly.</p>
<p>Aside from the security fix, this release contains a number of other
non-breaking additions:</p>
<ul>
<li>An <code>abi3-py313</code> feature to support compiling with the
Python 3.13 stable ABI.</li>
<li><code>PyAnyMethods::getattr_opt</code> to get optional attributes
without paying the cost of a Python exception when the attribute in
question does not exist.</li>
<li>Constructor for <code>PyInt::new</code>.</li>
<li><code>with_critical_section2</code> for locking two objects at the
same time on the free-threaded build.</li>
<li>Fix for a PyO3 0.24.0 regression with
<code>Option<&str></code> and
<code>Option<&T></code> (where <code>T: PyClass</code>)
function arguments no longer being permitted</li>
</ul>
<p>There are also a few other small bug fixes for edge cases, mostly
related to compile errors from PyO3's macro code.</p>
<p>Thank you to the following contributors for the improvements:</p>
<p><a
href="https://github.com/bschoenmaeckers"><code>@​bschoenmaeckers</code></a>
<a href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a>
<a href="https://github.com/Dr-Emann"><code>@​Dr-Emann</code></a>
<a href="https://github.com/emmagordon"><code>@​emmagordon</code></a>
<a href="https://github.com/epontan"><code>@​epontan</code></a>
<a href="https://github.com/Icxolu"><code>@​Icxolu</code></a>
<a
href="https://github.com/IvanIsCoding"><code>@​IvanIsCoding</code></a>
<a href="https://github.com/jelmer"><code>@​jelmer</code></a>
<a href="https://github.com/jonaspleyer"><code>@​jonaspleyer</code></a>
<a href="https://github.com/ngoldbaum"><code>@​ngoldbaum</code></a>
<a
href="https://github.com/Owen-CH-Leung"><code>@​Owen-CH-Leung</code></a>
<a href="https://github.com/Tpt"><code>@​Tpt</code></a>
<a
href="https://github.com/Trolldemorted"><code>@​Trolldemorted</code></a>
<a href="https://github.com/XuehaiPan"><code>@​XuehaiPan</code></a></p>
<h2>PyO3 0.24.0</h2>
<p>This release is an incremental improvement of refinements and
optimizations following the new APIs established in PyO3's last few
releases.</p>
<p>Support for <code>jiff</code> datetime conversions have been added,
and also UUID conversions.</p>
<p>The <code>FromPyObject</code> derive macro has gained new
<code>#[pyo3(default = ...)]</code> and <code>#[pyo3(rename_all =
...)]</code> options, and the <code>IntoPyObject</code> derive macro has
gained a new <code>#[pyo3(into_py_with = ...)]</code> option.</p>
<p>PyO3 will now pass positional arguments to Python functions using the
"vectorcall" protocol in many cases, which should be an
optimization over the previous behaviour (of creating a Python tuple of
positional arguments).</p>
<p>Many methods on iterators of Python collections have been
optimized.</p>
<p>There are also many other incremental improvements, bug fixes and
smaller features.</p>
<p>Thank you to everyone who contributed code, documentation, design
ideas, bug reports, and feedback. The following contributors' commits
are included in this release:</p>
<p><a href="https://github.com/0x676e67"><code>@​0x676e67</code></a>
<a href="https://github.com/alex"><code>@​alex</code></a>
<a href="https://github.com/arielb1"><code>@​arielb1</code></a>
<a
href="https://github.com/bschoenmaeckers"><code>@​bschoenmaeckers</code></a>
<a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/PyO3/pyo3/blob/v0.24.1/CHANGELOG.md">pyo3's
changelog</a>.</em></p>
<blockquote>
<h2>[0.24.1] - 2025-03-31</h2>
<h3>Added</h3>
<ul>
<li>Add <code>abi3-py313</code> feature. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4969">#4969</a></li>
<li>Add <code>PyAnyMethods::getattr_opt</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4978">#4978</a></li>
<li>Add <code>PyInt::new</code> constructor for all supported number
types (i32, u32, i64, u64, isize, usize). <a
href="https://redirect.github.com/PyO3/pyo3/pull/4984">#4984</a></li>
<li>Add <code>pyo3::sync::with_critical_section2</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4992">#4992</a></li>
<li>Implement <code>PyCallArgs</code> for <code>Borrowed<'_, 'py,
PyTuple></code>, <code>&Bound<'py, PyTuple></code>, and
<code>&Py<PyTuple></code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/5013">#5013</a></li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Fix <code>is_type_of</code> for native types not using same
specialized check as <code>is_type_of_bound</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4981">#4981</a></li>
<li>Fix <code>Probe</code> class naming issue with
<code>#[pymethods]</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4988">#4988</a></li>
<li>Fix compile failure with required <code>#[pyfunction]</code>
arguments taking <code>Option<&str></code> and
<code>Option<&T></code> (for <code>#[pyclass]</code> types).
<a href="https://redirect.github.com/PyO3/pyo3/pull/5002">#5002</a></li>
<li>Fix <code>PyString::from_object</code> causing of bounds reads whith
<code>encoding</code> and <code>errors</code> parameters which are not
nul-terminated. <a
href="https://redirect.github.com/PyO3/pyo3/pull/5008">#5008</a></li>
<li>Fix compile error when additional options follow after
<code>crate</code> for <code>#[pyfunction]</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/5015">#5015</a></li>
</ul>
<h2>[0.24.0] - 2025-03-09</h2>
<h3>Packaging</h3>
<ul>
<li>Add supported CPython/PyPy versions to cargo package metadata. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4756">#4756</a></li>
<li>Bump <code>target-lexicon</code> dependency to 0.13. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4822">#4822</a></li>
<li>Add optional <code>jiff</code> dependency to add conversions for
<code>jiff</code> datetime types. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4823">#4823</a></li>
<li>Add optional <code>uuid</code> dependency to add conversions for
<code>uuid::Uuid</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4864">#4864</a></li>
<li>Bump minimum supported <code>inventory</code> version to 0.3.5. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4954">#4954</a></li>
</ul>
<h3>Added</h3>
<ul>
<li>Add <code>PyIterator::send</code> method to allow sending values
into a python generator. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4746">#4746</a></li>
<li>Add <code>PyCallArgs</code> trait for passing arguments into the
Python calling protocol. This enabled using a faster calling convention
for certain types, improving performance. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4768">#4768</a></li>
<li>Add <code>#[pyo3(default = ...']</code> option for
<code>#[derive(FromPyObject)]</code> to set a default value for
extracted fields of named structs. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4829">#4829</a></li>
<li>Add <code>#[pyo3(into_py_with = ...)]</code> option for
<code>#[derive(IntoPyObject, IntoPyObjectRef)]</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4850">#4850</a></li>
<li>Add FFI definitions <code>PyThreadState_GetFrame</code> and
<code>PyFrame_GetBack</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4866">#4866</a></li>
<li>Optimize <code>last</code> for <code>BoundListIterator</code>,
<code>BoundTupleIterator</code> and <code>BorrowedTupleIterator</code>.
<a href="https://redirect.github.com/PyO3/pyo3/pull/4878">#4878</a></li>
<li>Optimize <code>Iterator::count()</code> for <code>PyDict</code>,
<code>PyList</code>, <code>PyTuple</code> & <code>PySet</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4878">#4878</a></li>
<li>Optimize <code>nth</code>, <code>nth_back</code>,
<code>advance_by</code> and <code>advance_back_by</code> for
<code>BoundTupleIterator</code> <a
href="https://redirect.github.com/PyO3/pyo3/pull/4897">#4897</a></li>
<li>Add support for <code>types.GenericAlias</code> as
<code>pyo3::types::PyGenericAlias</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4917">#4917</a></li>
<li>Add <code>MutextExt</code> trait to help avoid deadlocks with the
GIL while locking a <code>std::sync::Mutex</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4934">#4934</a></li>
<li>Add <code>#[pyo3(rename_all = "...")]</code> option for
<code>#[derive(FromPyObject)]</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4941">#4941</a></li>
</ul>
<h3>Changed</h3>
<ul>
<li>Optimize <code>nth</code>, <code>nth_back</code>,
<code>advance_by</code> and <code>advance_back_by</code> for
<code>BoundListIterator</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4810">#4810</a></li>
<li>Use <code>DerefToPyAny</code> in blanket implementations of
<code>From<Py<T>></code> and <code>From<Bound<'py,
T>></code> for <code>PyObject</code>. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4593">#4593</a></li>
<li>Map
<code>io::ErrorKind::IsADirectory</code>/<code>NotADirectory</code> to
the corresponding Python exception on Rust 1.83+. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4747">#4747</a></li>
<li><code>PyAnyMethods::call</code> and friends now require
<code>PyCallArgs</code> for their positional arguments. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4768">#4768</a></li>
<li>Expose FFI definitions for <code>PyObject_Vectorcall(Method)</code>
on the stable abi on 3.12+. <a
href="https://redirect.github.com/PyO3/pyo3/pull/4853">#4853</a></li>
<li><code>#[pyo3(from_py_with = ...)]</code> now take a path rather than
a string literal <a
href="https://redirect.github.com/PyO3/pyo3/pull/4860">#4860</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/PyO3/pyo3/commit/a213b368bd5bf859c2acb655bfed029e17c3b447"><code>a213b36</code></a>
release: 0.24.1 (<a
href="https://redirect.github.com/pyo3/pyo3/issues/5021">#5021</a>)</li>
<li><a
href="https://github.com/PyO3/pyo3/commit/d85a02d9b11f7c057e3627a0393d5d9b876dbc0a"><code>d85a02d</code></a>
split <code>PyFunctionArgument</code> to specialize <code>Option</code>
(<a
href="https://redirect.github.com/pyo3/pyo3/issues/5002">#5002</a>)</li>
<li><a
href="https://github.com/PyO3/pyo3/commit/c37a50a7a33e145f6bb87f40cb89cf85f9e5fac7"><code>c37a50a</code></a>
Add example of more complex exceptions (<a
href="https://redirect.github.com/pyo3/pyo3/issues/5014">#5014</a>)</li>
<li><a
href="https://github.com/PyO3/pyo3/commit/dcacb9bbbc8c130238bd88480fc53074e445b4fc"><code>dcacb9b</code></a>
Simplify PyFunctionArgument impl on &Bound<T> (<a
href="https://redirect.github.com/pyo3/pyo3/issues/5018">#5018</a>)</li>
<li><a
href="https://github.com/PyO3/pyo3/commit/03c31c5c7affdd8805957b5944bd8ca05d1bdec8"><code>03c31c5</code></a>
fix <code>#[pyfunction]</code> option parsing (<a
href="https://redirect.github.com/pyo3/pyo3/issues/5015">#5015</a>)</li>
<li><a
href="https://github.com/PyO3/pyo3/commit/0f49eb14b0358a8fe85c5930db84c5c404f97dd7"><code>0f49eb1</code></a>
docs: Remove examples with outdated PyO3 and unmaintained projects (<a
href="https://redirect.github.com/pyo3/pyo3/issues/4952">#4952</a>)</li>
<li><a
href="https://github.com/PyO3/pyo3/commit/1b00b0d27f1b49d4b4237bc616d99016b06c1bd8"><code>1b00b0d</code></a>
implement <code>PyCallArgs</code> for borrowed types (<a
href="https://redirect.github.com/pyo3/pyo3/issues/5013">#5013</a>)</li>
<li><a
href="https://github.com/PyO3/pyo3/commit/5caaa371dce8fe8a93c64d7a465c3c2c80ce6e2f"><code>5caaa37</code></a>
fix: convert to cstrings in PyString::from_object (<a
href="https://redirect.github.com/pyo3/pyo3/issues/5008">#5008</a>)</li>
<li><a
href="https://github.com/PyO3/pyo3/commit/4aca459fd30441fa006c3eb388c812047f5465ce"><code>4aca459</code></a>
docs: guide - add link to tables and traits (<a
href="https://redirect.github.com/pyo3/pyo3/issues/5001">#5001</a>)</li>
<li><a
href="https://github.com/PyO3/pyo3/commit/0452c0ee5299a1af42f9d966ba3d136a79edb15d"><code>0452c0e</code></a>
replace quansight-labs/setup-python with actions/setup-python (<a
href="https://redirect.github.com/pyo3/pyo3/issues/5007">#5007</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pyo3/pyo3/compare/v0.23.1...v0.24.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Active Branches
#1960%
#1810%
© 2025 CodSpeed Technology