Skip to content

Bump presidio-analyzer from 2.2.360 to 2.2.362#189

Merged
chopkinsmade merged 2 commits into
mainfrom
dependabot/uv/presidio-analyzer-2.2.362
Apr 7, 2026
Merged

Bump presidio-analyzer from 2.2.360 to 2.2.362#189
chopkinsmade merged 2 commits into
mainfrom
dependabot/uv/presidio-analyzer-2.2.362

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 6, 2026
edited
Loading

Bumps presidio-analyzer from 2.2.360 to 2.2.362.

Release notes

Sourced from presidio-analyzer's releases.

Release 2.2.362

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from presidio-analyzer's changelog.

[2.2.362] - 2026-03-15

General

Added

  • Published presidio as a PyPI meta-package that installs presidio-analyzer and presidio-anonymizer, making pip install presidio work as expected. Inspired by and thanks to Sakthi Santhosh Anumand and Harsha Vardhan for the original idea. (#1889) (Thanks @​Copilot)

Changed

  • Pinned all CI/CD GitHub Actions and Docker base images to commit SHAs to mitigate supply chain attacks (#1861) (Thanks @​Copilot)
  • Pinned ruff and build pip installs with SHA256 hashes for OSSF scorecard compliance (#1864) (Thanks @​Copilot)
  • Updated GitHub Actions dependencies (actions/checkout, actions/setup-python, actions/setup-dotnet, actions/cache, actions/github-script, actions/dependency-review-action, azure/login, docker/setup-buildx-action, github/codeql-action, microsoft/security-devops-action) and base Python Docker images (#1870, #1871, #1872, #1873, #1874, #1875, #1876, #1877, #1878, #1879, #1885, #1886, #1887, #1895, #1896, #1897, #1898) (Thanks @​dependabot)
  • Updated README to clarify Presidio's no-authentication-by-design stance with security guidance (#1903) (Thanks @​Copilot)

Fixed

Security

Analyzer

Added

  • HuggingFaceNerRecognizer for direct NER model inference using HuggingFace pipelines without requiring spaCy (#1834) (Thanks @​ultramancode)
  • Transformer-based MedicalNERRecognizer as a subclass of HuggingFaceNerRecognizer for clinical entity detection (#1853) (Thanks @​stevenelliottjr)
  • US NPI (National Provider Identifier) recognizer with Luhn checksum validation and context support (#1847) (Thanks @​stevenelliottjr)
  • UK Postcode (UK_POSTCODE) recognizer with pattern matching and context support (#1858) (Thanks @​tee-jagz)
  • UK Passport (UK_PASSPORT) and Vehicle Registration (UK_VEHICLE_REGISTRATION) recognizers (#1862) (Thanks @​tee-jagz)
  • Nigerian National Identification Number (NG_NIN) recognizer with Verhoeff checksum validation and Nigerian Vehicle Registration (NG_VEHICLE_REGISTRATION) recognizer (#1863) (Thanks @​tee-jagz)
  • ONNX Runtime backend support for GLiNERRecognizer via load_onnx_model=True parameter, resolving crashes on CPUs without AVX2 support (#1884) (Thanks @​Copilot)
  • Configurable regex execution timeout (default 60 seconds) via REGEX_TIMEOUT_SECONDS environment variable to prevent catastrophic backtracking (#1904) (Thanks @​Copilot)
  • GPU device control via environment variable for explicit GPU/CPU selection (#1844) (Thanks @​RonShakutai)
  • LLM-as-a-judge evaluation integration for assessing PII detection quality (#1900) (Thanks @​RonShakutai)
  • Sampling support for the evaluation framework (#1894) (Thanks @​RonShakutai)
  • Dataset interface for the evaluation framework (#1893) (Thanks @​RonShakutai)

Fixed

  • Erroneous anchor in Italian driver license regex that caused missed matches (#1899) (Thanks @​Br1an67)
  • validation_result type annotation in API docs and type hints (#1869) (Thanks @​akios-ai)
  • Bare except clauses replaced with except Exception for proper exception handling (#1881) (Thanks @​haosenwang1018)
  • Context enhancement substring matching bug where context words were incorrectly matched as substrings (#1827) (Thanks @​ravi-jindal)

Image Redactor

Fixed

  • _process_names unconditionally treating all DICOM metadata as PHI; now correctly filters using both is_patient and is_name checks (#1855) (Thanks @​Mr-Neutr0n)

[2.2.361] - 2026-02-12

Analyzer

Changed

  • Fixed context enhancement substring matching bug where context words were incorrectly matched as substrings (e.g., 'lic' matching 'duplicate'). Added configurable context_matching_mode parameter to LemmaContextAwareEnhancer with two options: "substring" (default, maintains backward compatibility for compound words like "creditcard"), and "whole_word" (prevents false positives like 'lic' matching 'duplicate') (#1061)

Added

  • US_MBI recognizer for Medicare Beneficiary Identifier with pattern matching and context support (#1821) (Thanks @​chrisvoncsefalvay)

... (truncated)

Commits
  • 2450561 Add clarity cookie consent to docs site (#1908)
  • 97ffb3a Release 2.2.362 / 0.0.58 (#1907)
  • 9ef83c3 Add configurable timeouts to regex execution (default 60 seconds) (#1904)
  • 6111d16 docs: clarify Presidio's no-auth-by-design stance in README (#1903)
  • 8d3d783 build(deps): bump github/codeql-action from 4.32.4 to 4.32.6 (#1895)
  • 501d575 build(deps): bump actions/setup-dotnet from 5.1.0 to 5.2.0 (#1896)
  • de54423 build(deps): bump docker/setup-buildx-action from 3.12.0 to 4.0.0 (#1897)
  • 289ff51 build(deps): bump actions/dependency-review-action from 4.8.3 to 4.9.0 (#1898)
  • 2e55ed1 fix(analyzer): remove erroneous anchor in Italian driver license regex (#1899)
  • 91b903a fix: replace 1 bare except clauses with except Exception (#1881)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Apr 6, 2026
@dependabot dependabot Bot requested a review from a team as a code owner April 6, 2026 05:36
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Apr 6, 2026
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 6, 2026
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 67912dd.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

PackageVersionScoreDetails
pip/presidio-analyzer 2.2.362 UnknownUnknown

Scanned Files

  • uv.lock

@chopkinsmade
Copy link
Copy Markdown
Contributor

chopkinsmade commented Apr 7, 2026

@dependabot rebase

@dependabot
Bump presidio-analyzer from 2.2.360 to 2.2.362
2e6eb16 
Bumps [presidio-analyzer](https://github.com/Microsoft/presidio) from 2.2.360 to 2.2.362.
- [Release notes](https://github.com/Microsoft/presidio/releases)
- [Changelog](https://github.com/microsoft/presidio/blob/main/CHANGELOG.md)
- [Commits](microsoft/presidio@2.2.360...2.2.362)

---
updated-dependencies:
- dependency-name: presidio-analyzer
  dependency-version: 2.2.362
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/uv/presidio-analyzer-2.2.362 branch from bb8a9f7 to 2e6eb16 Compare April 7, 2026 08:18
@chopkinsmade chopkinsmade merged commit 8b9342c into main Apr 7, 2026
14 checks passed
@dependabot dependabot Bot deleted the dependabot/uv/presidio-analyzer-2.2.362 branch April 7, 2026 08:58
chopkinsmade added a commit that referenced this pull request Apr 7, 2026
@chopkinsmade
Revert "Bump presidio-analyzer from 2.2.360 to 2.2.362 (#189)"
3f438fb 
This reverts commit 8b9342c.
@chopkinsmade chopkinsmade mentioned this pull request Apr 7, 2026
Merged
chopkinsmade added a commit that referenced this pull request Apr 7, 2026
@chopkinsmade
Revert "Bump presidio-analyzer from 2.2.360 to 2.2.362 (#189)" (#191)
97a3d83
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chopkinsmade chopkinsmade chopkinsmade approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chopkinsmade