chore(deps): update pydantic-ai-slim[logfire] requirement from >=1.90.0 to >=1.102.0

[dependabot]

Updates the requirements on pydantic-ai-slim[logfire] to permit the latest version.

Release notes

Sourced from pydantic-ai-slim[logfire]'s releases.

v1.102.0 (2026-05-22)

What's Changed

🛡️ Security

• Expand IPv6 transition-form handling in URL validation by @​DouweM in pydantic/pydantic-ai#5596
  • Security advisory: SSRF cloud-metadata blocklist bypass via additional IPv6 transition forms GHSA-cg7w-rg45-pc59
  • You are affected only if your application explicitly opts a FileUrl into force_download='allow-local' on a URL that is, or could be, influenced by untrusted input, AND runs on a NAT64- or ISATAP-configured network (e.g. some IPv6-only or dual-stack-with-NAT64 Kubernetes setups).
  • You are not affected if you run on a standard dual-stack cloud VM or container, which does not route these forms in practice.
  • You are not affected if you use any of the bundled integrations to ingest user input: Agent.to_web / clai web; VercelAIAdapter; AGUIAdapter / Agent.to_ag_ui

🐛 Bug Fixes

• Don't auto-promote strict=None tools to strict mode with Bedrock, and skip strict field when botocore is too old by @​shailendher in pydantic/pydantic-ai#5580
• fix(bedrock): Disable Opus 4.7 native structured output by @​cosmopolitan033 in pydantic/pydantic-ai#5582
• fix(instrumentation): Prevent false positive variable_instructions span attribute by @​madanlalit in pydantic/pydantic-ai#5487
• Fix: VercelAIAdapter now accepts providerExecuted / title on dynamic-tool message parts by @​he-yufeng in pydantic/pydantic-ai#5474
• Normalize trailing dot and case in WebFetchTool domain matching by @​DouweM in pydantic/pydantic-ai#5592

New Contributors

• @​cosmopolitan033 made their first contribution in pydantic/pydantic-ai#5582
• @​he-yufeng made their first contribution in pydantic/pydantic-ai#5474

Full Changelog: pydantic/pydantic-ai@v1.101.0...v1.102.0

Changelog

Sourced from pydantic-ai-slim[logfire]'s changelog.

Upgrade Guide

In September 2025, Pydantic AI reached V1, which means we're committed to API stability: we will not introduce changes that break your code until V2. For more information, review our Version Policy.

Breaking Changes

Here's a filtered list of the breaking changes for each version to help you upgrade Pydantic AI.

v1.0.1 (2025-09-05)

The following breaking change was accidentally left out of v1.0.0:

• See #2808 - Remove Python evaluator from pydantic_evals for security reasons

v1.0.0 (2025-09-04)

• See #2725 - Drop support for Python 3.9
• See #2738 - Make many dataclasses require keyword arguments
• See #2715 - Remove cases and averages attributes from pydantic_evals spans
• See #2798 - Change ModelRequest.parts and ModelResponse.parts types from list to Sequence
• See #2726 - Default InstrumentationSettings version to 2
• See #2717 - Remove errors when passing AsyncRetrying or Retrying object to AsyncTenacityTransport or TenacityTransport instead of RetryConfig

v0.x.x

Before V1, minor versions were used to introduce breaking changes:

v0.8.0 (2025-08-26)

See #2689 - AgentStreamEvent was expanded to be a union of ModelResponseStreamEvent and HandleResponseEvent, simplifying the event_stream_handler function signature. Existing code accepting AgentStreamEvent | HandleResponseEvent will continue to work.

v0.7.6 (2025-08-26)

The following breaking change was inadvertently released in a patch version rather than a minor version:

See #2670 - TenacityTransport and AsyncTenacityTransport now require the use of pydantic_ai.retries.RetryConfig (which is just a TypedDict containing the kwargs to tenacity.retry) instead of tenacity.Retrying or tenacity.AsyncRetrying.

v0.7.0 (2025-08-12)

See #2458 - pydantic_ai.models.StreamedResponse now yields a FinalResultEvent along with the existing PartStartEvent and PartDeltaEvent. If you're using pydantic_ai.direct.model_request_stream or pydantic_ai.direct.model_request_stream_sync, you may need to update your code to account for this.

See #2458 - pydantic_ai.models.Model.request_stream now receives a run_context argument. If you've implemented a custom Model subclass, you will need to account for this.

See #2458 - pydantic_ai.models.StreamedResponse now requires a model_request_parameters field and constructor argument. If you've implemented a custom Model subclass and implemented request_stream, you will need to account for this.

v0.6.0 (2025-08-06)

This release was meant to clean some old deprecated code, so we can get a step closer to V1.

See #2440 - The next method was removed from the Graph class. Use async with graph.iter(...) as run: run.next() instead.

... (truncated)

Commits

• 1add061 fix: expand IPv6 transition-form handling in URL validation (#5596)
• 1d1ecb8 ci: add UI adapter security review agentic workflow (#5591)
• d30951d Normalize trailing dot and case in WebFetchTool domain matching (#5592)
• 4e2771c Add Pydantic AI gh-aw agentic workflows + custom harness (#5569)
• 35ab013 Fix: VercelAIAdapter now accepts providerExecuted / title on dynamic-to...
• 5ba908d fix(instrumentation): Prevent false positive variable_instructions span att...
• 130e85b fix(bedrock): Disable Opus 4.7 native structured output (#5582)
• a18c583 Don't auto-promote strict=None tools to strict mode with Bedrock, and skip ...
• 9871f75 Add complete-partial-pr skill (#5573)
• 100e795 Add pending message queue (ctx.enqueue / agent_run.enqueue) (#4980)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[amrit110]

Security Vulnerability — No Patch Available Yet

aieng-bot found the following security vulnerability reported by pip-audit, but cannot fix it automatically because no patched version has been released to PyPI yet:

Package	Version	Vulnerability	Status
fastapi	0.136.3	MAL-2026-4750	No fix available on PyPI (0.136.3 is latest)

Why this cannot be auto-fixed

fastapi 0.136.3 is flagged as a malicious package (MAL-2026-4750) in the PyPI vulnerability database. Since 0.136.3 is the latest released version, there is no newer clean version available to upgrade to. A fix requires the upstream maintainers (fastapi) to release a new version.

Recommended next steps

1. Monitor the MAL-2026-4750 advisory for a clean release
2. Consider temporarily downgrading fastapi to the last known-clean version (e.g., 0.136.1) if urgency requires
3. Once a patched release is published to PyPI, aieng-bot can re-run and apply the update automatically
4. If this is a false positive, a human reviewer can add MAL-2026-4750 to the ignore-vulns list in .github/workflows/code_checks.yml

This PR will not be auto-merged until the vulnerability is resolved.

[dependabot]

Superseded by #162.