chore(deps): update rust crate pyo3 to 0.24.0 - autoclosed

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
pyo3	workspace.dependencies	minor	0.23.4 -> 0.24.0

---

Release Notes

pyo3/pyo3 (pyo3)

v0.24.1

Compare Source

This release is a security fix for the PyString::from_object method, which passed &str data to the Python C API without checking for a terminating nul byte. All historical PyO3 versions are affected, and we recommend you upgrade if you are using PyString::from_object. Thank you to @​vthib for the report and @​Dr-Emann for the fix. A RUSTSEC advisory will be published shortly.

Aside from the security fix, this release contains a number of other non-breaking additions:

• An abi3-py313 feature to support compiling with the Python 3.13 stable ABI.
• PyAnyMethods::getattr_opt to get optional attributes without paying the cost of a Python exception when the attribute in question does not exist.
• Constructor for PyInt::new.
• with_critical_section2 for locking two objects at the same time on the free-threaded build.
• Fix for a PyO3 0.24.0 regression with Option<&str> and Option<&T> (where T: PyClass) function arguments no longer being permitted

There are also a few other small bug fixes for edge cases, mostly related to compile errors from PyO3's macro code.

Thank you to the following contributors for the improvements:

@​bschoenmaeckers
@​davidhewitt
@​Dr-Emann
@​emmagordon
@​epontan
@​Icxolu
@​IvanIsCoding
@​jelmer
@​jonaspleyer
@​ngoldbaum
@​Owen-CH-Leung
@​Tpt
@​Trolldemorted
@​XuehaiPan

v0.24.0

Compare Source

Packaging

• Add supported CPython/PyPy versions to cargo package metadata. #​4756
• Bump target-lexicon dependency to 0.13. #​4822
• Add optional jiff dependency to add conversions for jiff datetime types. #​4823
• Bump minimum supported inventory version to 0.3.5. #​4954

Added

• Add PyIterator::send method to allow sending values into a python generator. #​4746
• Add PyCallArgs trait for passing arguments into the Python calling protocol. This enabled using a faster calling convention for certain types, improving performance. #​4768
• Add #[pyo3(default = ...'] option for #[derive(FromPyObject)] to set a default value for extracted fields of named structs. #​4829
• Add #[pyo3(into_py_with = ...)] option for #[derive(IntoPyObject, IntoPyObjectRef)]. #​4850
• Add uuid to/from python conversions. #​4864
• Add FFI definitions PyThreadState_GetFrame and PyFrame_GetBack. #​4866
• Optimize last for BoundListIterator, BoundTupleIterator and BorrowedTupleIterator. #​4878
• Optimize Iterator::count() for PyDict, PyList, PyTuple & PySet. #​4878
• Optimize nth, nth_back, advance_by and advance_back_by for BoundTupleIterator #​4897
• Add support for types.GenericAlias as pyo3::types::PyGenericAlias. #​4917
• Add MutextExt trait to help avoid deadlocks with the GIL while locking a std::sync::Mutex. #​4934
• Add #[pyo3(rename_all = "...")] option for #[derive(FromPyObject)]. #​4941

Changed

• Optimize nth, nth_back, advance_by and advance_back_by for BoundListIterator. #​4810
• Use DerefToPyAny in blanket implementations of From<Py<T>> and From<Bound<'py, T>> for PyObject. #​4593
• Map io::ErrorKind::IsADirectory/NotADirectory to the corresponding Python exception on Rust 1.83+. #​4747
• PyAnyMethods::call and friends now require PyCallArgs for their positional arguments. #​4768
• Expose FFI definitions for PyObject_Vectorcall(Method) on the stable abi on 3.12+. #​4853
• #[pyo3(from_py_with = ...)] now take a path rather than a string literal #​4860
• Format Python traceback in impl Debug for PyErr. #​4900
• Convert PathBuf & Path into Python pathlib.Path instead of PyString. #​4925
• Relax parsing of exotic Python versions. #​4949
• PyO3 threads now hang instead of pthread_exit trying to acquire the GIL when the interpreter is shutting down. This mimics the Python 3.14 behavior and avoids undefined behavior and crashes. #​4874

Removed

• Remove implementations of Deref for PyAny and other "native" types. #​4593
• Remove implicit default of trailing optional arguments (see #​2935) #​4729
• Remove the deprecated implicit eq fallback for simple enums. #​4730

Fixed

• Correct FFI definition of PyIter_Send to return a PySendResult. #​4746
• Fix a thread safety issue in the runtime borrow checker used by mutable pyclass instances on the free-threaded build. #​4948

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: Cargo.lock

Command failed: cargo update --config net.git-fetch-with-cli=true --manifest-path Cargo.toml --workspace
    Updating crates.io index
error: failed to select a version for `pyo3`.
    ... required by package `arrow v54.3.1`
    ... which satisfies dependency `arrow = "^54.3.1"` of package `pyvortex v0.31.0 (/tmp/renovate/repos/github/spiraldb/vortex/pyvortex)`
versions that meet the requirements `^0.23` are: 0.23.5, 0.23.4, 0.23.3

the package `pyo3` links to the native library `python`, but it conflicts with a previous package which links to `python` as well:
package `pyo3 v0.24.0`
    ... which satisfies dependency `pyo3 = "^0.24.0"` of package `pyvortex v0.31.0 (/tmp/renovate/repos/github/spiraldb/vortex/pyvortex)`
Only one package in the dependency graph may specify the same links value. This helps ensure that only one copy of a native library is linked in the final binary. Try to adjust your dependencies so that only one package uses the `links = "python"` value. For more information, see https://doc.rust-lang.org/cargo/reference/resolver.html#links.

failed to select a version for `pyo3` which could resolve this conflict