Bump pyo3 from 0.24.0 to 0.24.2

[dependabot]

Bumps pyo3 from 0.24.0 to 0.24.2.

Release notes

Sourced from pyo3's releases.

PyO3 0.24.2

This is a small patch release containing minor bugfixes and documentation improvements, including an unused imports lint warning raised from inside PyO3's proc macros.

Thank you to the following contributors for the improvements:

@​davidbrochart @​davidhewitt @​ddelange @​decathorpe @​hgmich @​Icxolu @​n-eq @​Tpt @​trim21

PyO3 0.24.1

This release is a security fix for the PyString::from_object method, which passed &str data to the Python C API without checking for a terminating nul byte. All historical PyO3 versions are affected, and we recommend you upgrade if you are using PyString::from_object. Thank you to @​vthib for the report and @​Dr-Emann for the fix. A RUSTSEC advisory will be published shortly.

Aside from the security fix, this release contains a number of other non-breaking additions:

• An abi3-py313 feature to support compiling with the Python 3.13 stable ABI.
• PyAnyMethods::getattr_opt to get optional attributes without paying the cost of a Python exception when the attribute in question does not exist.
• Constructor for PyInt::new.
• with_critical_section2 for locking two objects at the same time on the free-threaded build.
• Fix for a PyO3 0.24.0 regression with Option<&str> and Option<&T> (where T: PyClass) function arguments no longer being permitted

There are also a few other small bug fixes for edge cases, mostly related to compile errors from PyO3's macro code.

Thank you to the following contributors for the improvements:

@​bschoenmaeckers @​davidhewitt @​Dr-Emann @​emmagordon @​epontan @​Icxolu @​IvanIsCoding @​jelmer @​jonaspleyer @​ngoldbaum @​Owen-CH-Leung @​Tpt @​Trolldemorted @​XuehaiPan

Changelog

Sourced from pyo3's changelog.

[0.24.2] - 2025-04-21

Fixed

• Fix unused_imports lint of #[pyfunction] and #[pymethods] expanded in macro_rules context. #5030
• Fix size of PyCodeObject::_co_instrumentation_version ffi struct member on Python 3.13 for systems where uintptr_t is not 64 bits. #5048
• Fix struct-type complex enum variant fields incorrectly exposing raw identifiers as r#ident in Python bindings. #5050

[0.24.1] - 2025-03-31

Added

• Add abi3-py313 feature. #4969
• Add PyAnyMethods::getattr_opt. #4978
• Add PyInt::new constructor for all supported number types (i32, u32, i64, u64, isize, usize). #4984
• Add pyo3::sync::with_critical_section2. #4992
• Implement PyCallArgs for Borrowed<'_, 'py, PyTuple>, &Bound<'py, PyTuple>, and &Py<PyTuple>. #5013

Fixed

• Fix is_type_of for native types not using same specialized check as is_type_of_bound. #4981
• Fix Probe class naming issue with #[pymethods]. #4988
• Fix compile failure with required #[pyfunction] arguments taking Option<&str> and Option<&T> (for #[pyclass] types). #5002
• Fix PyString::from_object causing of bounds reads whith encoding and errors parameters which are not nul-terminated. #5008
• Fix compile error when additional options follow after crate for #[pyfunction]. #5015

Commits

• 3e6bdce release: 0.24.2
• bc26a06 Unraw complex struct enum field python names (#5050)
• 345735b docs: Update building-and-distribution.md (#5060)
• 5d852d9 ci: release cargo crate from git tag (#5027)
• 4197614 ci: do not require changelog for ci (#5058)
• e876f17 silence ffi-check for private _PyCoLineInstrumentationData on 3.13 (#5063)
• a177916 ci: change default Python version to 3.13 (#5048)
• 81008e1 fix clippy lint on 1.87 beta
• 4732b60 docs: add blake3-py to Examples in README.md (#5028)
• 7b64fa1 Makes Clippy beta happy (#5032)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #38.