Skip to content

Comments

Build(deps): bump pyo3 from 0.28.1 to 0.28.2#224

Merged
github-actions[bot] merged 1 commit intomainfrom
dependabot/cargo/pyo3-0.28.2
Feb 19, 2026
Merged

Build(deps): bump pyo3 from 0.28.1 to 0.28.2#224
github-actions[bot] merged 1 commit intomainfrom
dependabot/cargo/pyo3-0.28.2

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 19, 2026

Bumps pyo3 from 0.28.1 to 0.28.2.

Release notes

Sourced from pyo3's releases.

PyO3 0.28.2

This patch release contains a soundness fix for subclassing native types such as PyList with the abi3 feature enabled when targeting a minimum version of Python 3.12 or higher. (Support for doing such subclassing was newly added in PyO3 0.28.0.)

PyO3 0.28.0 and 0.28.1 will be yanked.

This release also contains a correction to the FFI definition PyType_GetTypeDataSize and incorrectly-generated __qualname__ on #[pyclass] enum variant types when using #[pyo3(name = "...")] option to rename the enum and/or variant.

Thank you to the following contributors for the improvements:

@​davidhewitt @​Icxolu @​ngoldbaum

Changelog

Sourced from pyo3's changelog.

[0.28.2] - 2026-02-18

Fixed

  • Fix complex enum __qualname__ not using python name #5815
  • Fix FFI definition PyType_GetTypeDataSize (was incorrectly named PyObject_GetTypeDataSize). #5819
  • Fix memory corruption when subclassing native types with abi3 feature on Python 3.12+ (newly enabled in PyO3 0.28.0). #5823
Commits
  • 2b392c8 release: 0.28.2
  • 7e44c1d fix complex enum __qualname__ not using python name (#5815)
  • 75abd86 fix memory corruption when subclassing variable-size types (e.g. abi3 + 3.1...
  • b62c7a2 Fix typo in PyType_GetTypeDataSize bindings (#5819)
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Build(deps): bump pyo3 from 0.28.1 to 0.28.2
34547f2 
Bumps [pyo3](https://github.com/pyo3/pyo3) from 0.28.1 to 0.28.2.
- [Release notes](https://github.com/pyo3/pyo3/releases)
- [Changelog](https://github.com/PyO3/pyo3/blob/v0.28.2/CHANGELOG.md)
- [Commits](PyO3/pyo3@v0.28.1...v0.28.2)

---
updated-dependencies:
- dependency-name: pyo3
  dependency-version: 0.28.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Feb 19, 2026
@dependabot dependabot bot requested a review from Diapolo10 as a code owner February 19, 2026 02:43
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Feb 19, 2026
@github-actions github-actions bot enabled auto-merge February 19, 2026 02:43
github-actions[bot]
github-actions bot approved these changes Feb 19, 2026
View reviewed changes
Copy link
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm approving this pull request because it includes a patch or minor update

@github-actions github-actions bot merged commit 654769f into main Feb 19, 2026
14 checks passed
@dependabot dependabot bot deleted the dependabot/cargo/pyo3-0.28.2 branch February 19, 2026 02:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

@Diapolo10 Diapolo10 Awaiting requested review from Diapolo10 Diapolo10 is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants