⬆️(dependencies) update pydantic-ai-slim to v1.99.0 [SECURITY] - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
pydantic-ai-slim (source, changelog)	==1.77.0 → ==1.99.0

---

Pydantic AI: SSRF cloud-metadata blocklist bypass via IPv4-mapped IPv6 (Incomplete fix of CVE-2026-25580)

CVE-2026-46678 / GHSA-cqp8-fcvh-x7r3

More information

Details

Summary

When an application using Pydantic AI opts a URL into force_download='allow-local' (which disables the default block on private/internal IPs), the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form (IPv4-mapped IPv6, 6to4, or NAT64). Dual-stack and translated networks route the IPv6 wrapper to the underlying IPv4 endpoint, exposing cloud IAM short-term credentials.

This is an incomplete fix of GHSA-2jrp-274c-jhv3 / CVE-2026-25580. The parent advisory's remediation guaranteed that "cloud metadata endpoints are always blocked, even with allow-local." That guarantee did not hold for IPv6-encoded forms of the metadata IPs.

Severity

Same impact metrics as the parent CVE, but materially narrower attack surface (AC:H instead of AC:L), because exploitation requires the application to have opted into allow-local on a URL influenced by untrusted input.

Who Is Affected

Applications are affected only if they explicitly opt for FileUrl (ImageUrl, AudioUrl, VideoUrl, DocumentUrl) into force_download='allow-local' on a URL that is, or could be, influenced by untrusted input.

Applications are not affected if they use any of the bundled integrations to ingest user input, because they do not propagate force_download from external data:

• Agent.to_web / clai web
• VercelAIAdapter
• AGUIAdapter / Agent.to_ag_ui

Applications that only download from developer-controlled URLs are not affected.

Remediation

Upgrade to 1.99.0 or later. The cloud-metadata and private-IP blocklists now apply to IPv6 transition forms that route to a blocked IPv4 endpoint (IPv4-mapped IPv6, 6to4, and NAT64 well-known prefix). The blocklists have also been extended to cover additional IANA-reserved IPv4 and IPv6 special-purpose ranges.

Workaround for Unpatched Versions

Avoid passing force_download='allow-local' on any URL that could be influenced by untrusted input. If developers must, resolve the hostname themselves and validate the result against their own metadata blocklist — including IPv6-encoded forms — before constructing the FileUrl.

Credits

Reported by j0hndo.

Severity

• CVSS Score: 6.8 / 10 (Medium)
• Vector String: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

References

• https://github.com/pydantic/pydantic-ai/security/advisories/GHSA-2jrp-274c-jhv3
• https://github.com/pydantic/pydantic-ai/security/advisories/GHSA-cqp8-fcvh-x7r3
• https://github.com/advisories/GHSA-cqp8-fcvh-x7r3

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

Release Notes

pydantic/pydantic-ai (pydantic-ai-slim)

v1.99.0: (2026-05-19)

Compare Source

What's Changed

🛡️ Security

• Normalize IPv6 transition forms in URL validation by @​DouweM in #​5528
  • Security advisory: SSRF cloud-metadata blocklist bypass via IPv6-encoded address forms GHSA-cqp8-fcvh-x7r3
  • You are affected only if your application explicitly opts a FileUrl into force_download='allow-local' on a URL that is, or could be, influenced by untrusted input.
  • You are not affected if you use any of the bundled integrations to ingest user input: Agent.to_web / clai web; VercelAIAdapter; AGUIAdapter / Agent.to_ag_ui

🚀 Features

• Add gemini-3.5-flash model by @​dsfaccini in #​5527

🐛 Bug Fixes

• Avoid OpenAI strict schemas with regex lookarounds by @​dsfaccini in #​5519

Full Changelog: pydantic/pydantic-ai@v1.98.0...v1.99.0

v1.98.0: (2026-05-18)

Compare Source

What's Changed

🚀 Features

• Add OpenAI Responses input token counting (OpenAIResponsesModel.count_tokens) by @​colesmcintosh in #​3951
• Replace Agent tool_retries=/output_retries= with retries: int | AgentRetries by @​Kludex in #​5500

🐛 Bug Fixes

• fix(mcp): Don't require fastmcp.server at runtime by @​Kymi808 in #​5514

🆕 V2 Preparation

• Deprecate pydantic_ai.ext.aci (tool_from_aci and ACIToolset) by @​dsfaccini in #​5510

New Contributors

• @​Kymi808 made their first contribution in #​5514

Full Changelog: pydantic/pydantic-ai@v1.97.0...v1.98.0

v1.97.0: (2026-05-15)

Compare Source

What's Changed

🚀 Features

• feat(evals): add OnlineEvaluator.run_on_errors to opt into evaluating failed calls by @​dmontagu in #​5456
• Split GoogleProvider(vertexai=True|False) into GoogleProvider + GoogleCloudProvider; rename provider ID google-gla: to google:, google-vertex: to google-cloud:; deprecate old names by @​dsfaccini in #​5336
• Add MCPToolset that uses fastmcp-slim[client], deprecate MCPServer* and FastMCPToolset by @​DouweM in #​5325
• Set ModelResponse.state to incomplete while response is still streaming by @​adtyavrdhn in #​5455
• Move pydantic_graph.beta API out of beta, deprecate old API by @​dmontagu in #​5306

🆕 V2 Preparation

• Deprecate stream_responses() for stream_response(); new singular yields ModelResponse instead of (ModelResponse, is_last) tuple by @​dsfaccini in #​5296
• Deprecate Agent.to_a2a() and bundled fasta2a integration; fasta2a has been adopted by DataLayer and users can use fasta2a.pydantic_ai (requires fasta2a v0.6.1) instead by @​dsfaccini in #​5426

New Contributors

• @​Quratulain-bilal made their first contribution in #​5439

Full Changelog: pydantic/pydantic-ai@v1.96.1...v1.97.0

v1.96.1: (2026-05-14)

Compare Source

What's Changed

🆕 V2 Preparation (coming in June)

• Deprecate Agent constructor prepare_tools=, prepare_output_tools=, event_stream_handler= in favor of PrepareTools, PrepareOutputTools, ProcessEventStream capabilities by @​dsfaccini in #​5335

🐛 Bug Fixes

• openai: omit input_fidelity when None in image generation tool by @​pydanty[bot] in #​5415
• openai: respect openai_system_prompt_role in OpenAIResponsesModel by @​navalprakhar in #​5430

New Contributors

• @​pydanty[bot] made their first contribution in #​5415

Full Changelog: pydantic/pydantic-ai@v1.96.0...v1.96.1

v1.96.0: (2026-05-13)

Compare Source

What's Changed

🆕 V2 Preparation (coming in June)

• Add openai-chat: prefix and warn on bare openai: which will switch to use the Responses API in v2 by @​dsfaccini in #​5334
• Deprecate Agent(history_processors=) in favor of capabilities=[ProcessHistory(...)] by @​dsfaccini in #​5425
• Deprecate method-style result.usage(), result.timestamp(), stream.get() in favor of property-style result.usage, result.timestamp, stream.response by @​dsfaccini in #​5263
• Deprecate AGUIApp, Agent.to_ag_ui(), and pydantic_ai.ag_ui shim in favor of AGUIAdapter by @​dsfaccini in #​5345
• Deprecate OutlinesModel and OutlinesProvider by @​DouweM in #​5432

Full Changelog: pydantic/pydantic-ai@v1.95.1...v1.96.0

v1.95.1: (2026-05-13)

Compare Source

What's Changed

🐛 Bug Fixes

• fix: make current_otel_traceparent imports eager (unbreak agent runs in Temporal workflows) by @​DouweM in #​5422
• fix: un-deprecate Agent.instrument setter and InstrumentedModel by @​DouweM in #​5427

Full Changelog: pydantic/pydantic-ai@v1.95.0...v1.95.1

v1.95.0: (2026-05-12)

Compare Source

What's Changed

🚀 Features

• feat: native Tool Search on Anthropic and OpenAI, with custom search strategies on any provider by @​DouweM in #​5143
• Add Instrumentation capability; deprecate Agent(instrument=...) by @​DouweM in #​4967
• feat(google): support structured output + tool combination for Gemini 3 by @​dsfaccini in #​4848

🆕 V2 Preparation (coming in June)

• Rename “built-in tools” to “native tools”; deprecate old fields; register via capabilities=[NativeTool(...)] by @​DouweM in #​5338
• Add local= opt-in for provider-adaptive capability fallback; deprecate auto-fallback by @​DouweM in #​5331

🐛 Bug Fixes

• Restore ability to swap the Bedrock client at runtime by @​DouweM in #​5392
• fix(anthropic): normalize Bedrock model IDs for capability profile lookup by @​DouweM in #​5395
• fix(vercel_ai): emit tool-input-(available|error) on FunctionToolCallEvent by @​sadra-barikbin in #​5292

📦 Dependencies

• Reinstate mistral as default dependency, exclude compromised 2.4.6 by @​dsfaccini in #​5393

New Contributors

• @​sadra-barikbin made their first contribution in #​5292

Full Changelog: pydantic/pydantic-ai@v1.94.0...v1.95.0

v1.94.0: (2026-05-12)

Compare Source

What's Changed

🚀 Features

• feat(openai): add openai_chat_supports_multiple_system_messages profile flag by @​DouweM in #​5375

📦 Dependencies

• Drop mistralai as dependency from pydantic-ai by @​Kludex in #​5384

Full Changelog: pydantic/pydantic-ai@v1.93.0...v1.94.0

v1.93.0: (2026-05-08)

Compare Source

What's Changed

🚀 Features

• Add tool_choice setting by @​dsfaccini in #​3611
• Yield OutputToolCallEvent/OutputToolResultEvent for output tool calls; deprecate function-tool events for failing output tool calls by @​DouweM in #​5320

🐛 Bug Fixes

• Drain spawned tasks during agent cancellation by @​adtyavrdhn in #​5341

New Contributors

• @​DhruvGarg111 made their first contribution in #​4958

Full Changelog: pydantic/pydantic-ai@v1.92.0...v1.93.0

v1.92.0: (2026-05-07)

Compare Source

What's Changed

🚀 Features

• Add Anthropic task budget support by @​dsfaccini in #​5140
• Add runtime output_retries override + deprecate retries + internal retry-field rename by @​dsfaccini in #​5075

🐛 Bug Fixes

• Fix: Clean up streaming responses on cancellation by @​adtyavrdhn in #​5313
• Fix attempted exit cancel scope in different task by running MCP session in a dedicated task by @​dsfaccini in #​4514
• Populate for_run RunContext with run_id, conversation_id, and metadata by @​DouweM in #​5330
• fix(evals): guarantee CaseLifecycle.teardown() by @​voorhs in #​5322

New Contributors

• @​voorhs made their first contribution in #​5322

Full Changelog: pydantic/pydantic-ai@v1.91.0...v1.92.0

v1.91.0: (2026-05-06)

Compare Source

What's Changed

🚀 Features

• feat(openai): support gpt-image-2 options by @​banteg in #​5234
• feat(deepseek): add support for deepseek-v4-flash anddeepseek-v4-pro by @​SuperMarioYL in #​5195

🐛 Bug Fixes

• fix(evals): preserve Unicode in YAML datasets by @​Kcstring in #​5245
• Skip empty ModelResponse in OpenAI Chat assistant message mapping by @​DouweM in #​5300
• Fix MCP history replay for empty tool arguments by @​adtyavrdhn in #​5314

New Contributors

• @​Kcstring made their first contribution in #​5245
• @​khaldon made their first contribution in #​5301
• @​SuperMarioYL made their first contribution in #​5195
• @​banteg made their first contribution in #​5234

Full Changelog: pydantic/pydantic-ai@v1.90.0...v1.91.0

v1.90.0: (2026-05-04)

Compare Source

What's Changed

🚀 Features

• feat: add OpenAI Conversations API state support via OpenAIResponsesModelSettings.openai_conversation_id by @​corytomlinson in #​5224
• feat: typed OTel metadata for code tool call syntax highlighting by @​DouweM in #​5297

📦 Dependencies

• Upgrade web UI to pydantic/ai-chat-ui 1.2.0 by @​johnthagen in #​5246

New Contributors

• @​johnthagen made their first contribution in #​5246
• @​Acacian made their first contribution in #​4888
• @​VeniVeci made their first contribution in #​5283

Full Changelog: pydantic/pydantic-ai@v1.89.1...v1.90.0

v1.89.1: (2026-05-01)

Compare Source

What's Changed

🤖 Coding Agent Experience

• Add bundled Library Skills(https://library-skills.io) for improved coding-agent support by @​adtyavrdhn in #​5271

🐛 Bug Fixes

• fix: restore wrap_validation_errors on ToolManager function-tool methods by @​DouweM in #​5275
• Defer anyio.Lock creation via cached_property to bind to running loop by @​Kludex in #​5265

New Contributors

• @​dependabot[bot] made their first contribution in #​5268

Full Changelog: pydantic/pydantic-ai@v1.89.0...v1.89.1

v1.89.0: (2026-04-30)

Compare Source

What's Changed

🚀 Features

• feat: add conversation_id for cross-run correlation by @​DouweM in #​5251
• feat(capabilities): support dynamic capabilities via callables in capabilities list by @​DouweM in #​5252
• feat: add builtin_tools to agent.override by @​mplemay in #​5248

🐛 Bug Fixes

• fix(evals): use non-daemon thread for background evaluators by @​alexmojaki in #​5247

Full Changelog: pydantic/pydantic-ai@v1.88.0...v1.89.0

v1.88.0: (2026-04-28)

Compare Source

What's Changed

🚀 Features

• feat(capabilities)!: output validate/process hooks; scope prepare_tools to function tools, add prepare_output_tools by @​DouweM in #​4859
• feat: cross-provider service_tier model setting; Anthropic + Gemini API + Vertex Priority PayGo support by @​markmcd in #​4926
• Add anthropic speed, fast mode for opus 4.6 by @​bohdanhr in #​4300
• feat: support OpenAI Responses phase on assistant messages by @​DouweM in #​5229
• feat(ui): add UIAdapter.sanitize_messages and allowed_file_url_schemes by @​DouweM in #​5228

🐛 Bug Fixes

• fix: restore per-block cache_control for anthropic_cache_messages by @​Wh1isper in #​5227
• fix: propagate original error when CallToolsNode stream fails by @​thejens in #​4799
• fix: propagate Agent(retries=...) to user-provided toolsets by @​dsfaccini in #​4745

New Contributors

• @​markmcd made their first contribution in #​4926

Full Changelog: pydantic/pydantic-ai@v1.87.0...v1.88.0

v1.87.0: (2026-04-24)

Compare Source

What's Changed

🚀 Features

• Add HandleDeferredToolCalls capability and handle_deferred_tool_calls hook by @​DouweM in #​5142
• Add ProcessEventStream capability by @​DouweM in #​5141
• Handle thinking setting for GPT-5.5 by @​dsfaccini in #​5196

Full Changelog: pydantic/pydantic-ai@v1.86.1...v1.87.0

v1.86.1: (2026-04-23)

Compare Source

What's Changed

🐛 Bug Fixes

• fix(openai): guard against choices=None in streamed chunks (#​5165) by @​adtyavrdhn in #​5170
• fix(anthropic): send container_id as string on reuse; unwrap broken {id: x} shape by @​adtyavrdhn in #​5168
• fix: preserve validation error input on tool-call retries by @​DouweM in #​5181
• fix(toolsets): prevent MCPServer.__aexit__ called more times than __aenter__ in DynamicToolset by @​anishesg in #​5171
• Warn about dict fields with Anthropic strict mode by @​rahulmansharamani14 in #​4321
• Set gen_ai.operation.name=execute_tool on tool-execution spans by @​DouweM in #​5182
• fix: avoid stale client references in model and embedding classes by @​Deeven-Seru in #​4276

New Contributors

• @​anishesg made their first contribution in #​5171
• @​rahulmansharamani14 made their first contribution in #​4321
• @​Deeven-Seru made their first contribution in #​4276

Full Changelog: pydantic/pydantic-ai@v1.86.0...v1.86.1

v1.86.0: (2026-04-22)

Compare Source

What's Changed

🚀 Features

• feat(ui): add UIAdapter.manage_system_prompt + ReinjectSystemPrompt capability by @​dsfaccini in #​4087

🐛 Bug Fixes

• fix(vercel-ai): allow regenerate requests without messageId by @​MukundaKatta in #​5156
• Handle dict reasoning_content from Gemini 2.5 models by @​JulieLiu99 in #​5155

New Contributors

• @​MukundaKatta made their first contribution in #​5156
• @​JulieLiu99 made their first contribution in #​5155

Full Changelog: pydantic/pydantic-ai@v1.85.1...v1.86.0

v1.85.1: (2026-04-21)

Compare Source

What's Changed

🐛 Bug Fixes

• fix: exclude validation error input from retry messages by @​navalprakhar in #​4947
• fix(vercel-ai): auto-detect deferred tool approval state in dump_messages() by @​tijmenhammer in #​4831

New Contributors

• @​abhicris made their first contribution in #​5149
• @​navalprakhar made their first contribution in #​4947
• @​tijmenhammer made their first contribution in #​4831

Full Changelog: pydantic/pydantic-ai@v1.85.0...v1.85.1

v1.85.0: (2026-04-21)

Compare Source

What's Changed

🚀 Features

• Online evaluation via OpenTelemetry events by @​dmontagu in #​5125

Full Changelog: pydantic/pydantic-ai@v1.84.1...v1.85.0

v1.84.1: (2026-04-17)

Compare Source

What's Changed

🐛 Bug Fixes

• Skip tool hooks for internal output tools by @​DouweM in #​5128
• Always pass dict-shaped validated args to hooks for single-BaseModel tools by @​DouweM in #​5137

Full Changelog: pydantic/pydantic-ai@v1.84.0...v1.84.1

v1.84.0: (2026-04-16)

Compare Source

What's Changed

🔒 Security

• Fix exponential-time regex in Google FileSearchTool response parsing by @​DouweM in #​5106. This was first released in yesterday's v1.83.0. The pattern was reachable in principle from Gemini streaming responses but could not be triggered via real Gemini output in testing, so we're treating it as a hardening fix rather than a vulnerability.

🚀 Features

• Add Claude Opus 4.7 support by @​dsfaccini in #​5118
• Add stateful compaction mode to OpenAICompaction by @​DouweM in #​5108
• Add OllamaModel subclass and correct Ollama capability flags to fix structured output on Ollama Cloud by @​Goldokpa in #​4160

🐛 Bug Fixes

• Fix deferred tool search keyword matching by @​pandego in #​5014
• Fixing parsing openai_logprobs for streamed responses by @​iAmir97 in #​5091
• fix(openai): handle null text in Responses API output by @​DouweM in #​5124
• Chain OpenAI Responses retries through concrete openai_previous_response_id seeds by @​DouweM in #​5126
• fix: exclude resumed requests from new_messages() even with current run_id by @​madanlalit in #​4731

New Contributors

• @​iAmir97 made their first contribution in #​5091

Full Changelog: pydantic/pydantic-ai@v1.83.0...v1.84.0

v1.83.0: (2026-04-15)

Compare Source

🤖 Pydantic AI Harness is now live with Code Mode powered by Monty!

What's Changed

🚀 Features

• feat: Add XSearchTool and FileSearch support for xAI by @​colesmcintosh in #​4165
• Allow injecting metadata per tool call with FastMCPToolset by @​Boryotto in #​4929
• feat(bedrock): add prompt cache TTL support by @​imdigitalashish in #​4581
• Add Anthropic automatic prompt caching support by @​DenysMoskalenko in #​4840
• Add 'graceful' end strategy for parallel tool calls by @​awkoy in #​4333
• Support Agent(output_type=str | None) for optional output by @​Pavanmanikanta98 in #​4042

New Contributors

• @​colesmcintosh made their first contribution in #​4165
• @​Boryotto made their first contribution in #​4929
• @​imdigitalashish made their first contribution in #​4581
• @​awkoy made their first contribution in #​4333

Full Changelog: pydantic/pydantic-ai@v1.82.0...v1.83.0

v1.82.0: (2026-04-14)

Compare Source

🤖 Pydantic AI Harness is now live with Code Mode powered by Monty!

What's Changed

🐛 Bug Fixes

• Fix OpenAI compaction chain when openai_previous_response_id='auto' by @​DouweM in #​5086
• Fix orphan-task leak in CombinedToolset and CombinedCapability by @​DouweM in #​5085
• Lazily compute ToolDefinition.function_signature by @​DouweM in #​5087

📦 Dependencies

• chore: bump fastmcp 2.x → 3.2.0 by @​dsfaccini in #​4982

New Contributors

• @​gvdongen made their first contribution in #​5041

Full Changelog: pydantic/pydantic-ai@v1.81.0...v1.82.0

v1.81.0: (2026-04-13)

Compare Source

🤖 Pydantic AI Harness is now live with Code Mode powered by Monty!

What's Changed

🐛 Bug Fixes

• Fix Anthropic compaction usage totals by @​pandego in #​5068
• Exclude run_id from cache key computation in PrefectAgentInputs by @​adtyavrdhn in #​3890
• fix: handle boolean JSON Schema nodes in JsonSchemaTransformer by @​Dharit13 in #​4989
• fix: close pending tool calls on stream error by @​proever in #​4963
• fix: skip api-version query parameter for Azure AI Foundry serverless endpoints by @​Ricardo-M-L in #​5071

New Contributors

• @​Dharit13 made their first contribution in #​4989
• @​pandego made their first contribution in #​5068

Full Changelog: pydantic/pydantic-ai@v1.80.0...v1.81.0

v1.80.0: (2026-04-10)

Compare Source

What's Changed

🚀 Features

• Add CapabilityOrdering (innermost, outermost, wraps, wrapped_by, requires`) by @​DouweM in #​5036
• Hooks ordering parameter and instance refs in wraps/wrapped_by by @​DouweM in #​5048
• Add server-side compaction support via OpenAICompaction and AnthropicCompaction capabilities by @​DouweM in #​4943

🐛 Bug Fixes

• Reverse capability get_wrapper_toolset iteration for consistency with wrap_ hooks by @​DouweM in #​5036
• Remove warning suppression fixed by the bump to mistral version >= 2.0.0 by @​DarthJuri in #​4629
• fix: make mcp optional for DBOS module import by @​DouweM in #​5050
• bug: Warn about Azure OpenAI completions file-incompatibility by @​dsfaccini in #​4048
• fix: unknown tool calls no longer exhaust global retry counter by @​dsfaccini in #​4940
• fix: output validators see global retry counter on tool output path by @​dsfaccini in #​4956

Full Changelog: pydantic/pydantic-ai@v1.79.0...v1.80.0

v1.79.0: (2026-04-09)

Compare Source

What's Changed

🚀 Features

• Full support for AG-UI 0.1.13 and 0.1.15: reasoning, multi-modal, dump_messages by @​dsfaccini in #​3971
• Replace HTTP client cache with create_async_http_client and context manager by @​dsfaccini in #​4421
• Add apply() to AbstractCapability, CombinedCapability, and WrapperCapability by @​DouweM in #​5022

🐛 Bug Fixes

• fix: update internal $refs in renamed schema defs, handle missing keywords, and detect semantically different defs by @​Ricardo-M-L in #​5020
• fix: force streaming in run() when capability/hook overrides wrap_run_event_stream by @​DouweM in #​5028
• Fix on_node_run_error and after_node_run hook recovery by @​DouweM in #​5023
• fix: add missing space in provider UserError messages by @​graydeon in #​4976

New Contributors

• @​15r10nk made their first contribution in #​4108
• @​graydeon made their first contribution in #​4976

Full Changelog: pydantic/pydantic-ai@v1.78.0...v1.79.0

v1.78.0: (2026-04-07)

Compare Source

What's Changed

🚀 Features

• Add cached token span attributes per OTel spec by @​alexmojaki in #​5013
• feat: add return_schema and function_signature to ToolDefinition by @​adtyavrdhn in #​4964
• feat: add SetToolMetadata capability by @​DouweM in #​4964

New Contributors

• @​Ricardo-M-L made their first contribution in #​4968
• @​chernistry made their first contribution in #​5005
• @​vladdoster made their first contribution in #​4620
• @​edmcman made their first contribution in #​4584
• @​drPod made their first contribution in #​4809
• @​1Ninad made their first contribution in #​4945

Full Changelog: pydantic/pydantic-ai@v1.77.0...v1.78.0

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • ""
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: src/backend/uv.lock

Command failed: uv lock --upgrade-package pydantic-ai-slim
Using CPython 3.13.13 interpreter at: /opt/containerbase/tools/python/3.13.13/bin/python3
  × No solution found when resolving dependencies for split (markers:
  │ python_full_version == '3.13.*' and sys_platform == 'win32'):
  ╰─▶ Because there is no version of pydantic-ai-slim[openai]==1.99.0 and your
      project depends on pydantic-ai-slim[openai]==1.99.0, we can conclude
      that your project's requirements are unsatisfiable.
      And because your project requires conversations[dev], we can conclude
      that your project's requirements are unsatisfiable.

hint: The resolution failed for an environment that is not the current one, consider limiting the environments with `tool.uv.environments`.
hint: `pydantic-ai-slim` was filtered by `exclude-newer` to only include packages uploaded before 2026-05-14T22:48:47.917497024Z. The requested version, v1.99.0, was published at 2026-05-20T01:32:17.583Z. Consider using `exclude-newer-package` to override the cutoff for this package.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud