Introducing breaking Pydantic dependency in 0.11.1 and 0.12.1

[MHHukiewitz]

What happened?

One of my projects uses Pydantic < 2.0.0. I'd like to use the latest version of eth-account in my project too, but this is now not easily possible, due to the latest addition of Pydantic 2.6 in the versions 0.11.1 and 0.12.1.

While it would be not advisable to revert these releases, I'd like to ask for caution when introducing new, well-known dependencies that could break downstream projects, that require different versions of the requirement. These new dependencies should at least trigger a minor upgrade and should not be introduced as a patch version.

Ideally, I would be able to use 0.12.0, but now have to use <0.11.0, without fixing the required eth-account version to 0.12.0.

Code that produced the error

No response

Full error output

No response

Fill this section in if you know how this could or should be fixed

Don't add dependencies in patch (x.x.Y) versions.

eth-account Version

0.11.1, 0.12.1

Python Version

3.11

Operating System

No response

Output from pip freeze

No response

[kclowes]

Hey @MHHukiewitz, thanks for reaching out. We understand your frustration, and will definitely be more careful about adding well-known dependencies in the future. We do follow semver, so when libraries are in 0.x, the patch takes on the meaning that minor would if the library were stable. There are plans to move the library to its first major (stable) version upon on a full audit, which will hopefully happen at some point in the next few months.

To give some background, Cancun blob transaction support was released in 0.12.0 (not 0.12.1) but this also introduced breaking changes to HexBytes and places a lower pin on the HexBytes library at that breaking change version. What that meant is there was no Cancun support for the library where there wasn’t this breaking HexBytes change, in 0.11.0. With 0.11.x likely not getting much more attention after the released 0.12.0, the choice to have the back port of the Cancun network upgrade via support of blob (type=3) transactions seemed like a better alternative than not having it. This is in the case that the Pydantic introduction does not break anything, of course. Your library is unfortunately in that latter category. In this case, pinning the library to 0.11.0 should help you. We understand this is not an ideal scenario for users and as stated above this won't be the case moving forward.

We hear you loud and clear and hopefully there weren't too many bumps in the road for you with this change.

[kclowes]

@MHHukiewitz We just released v0.11.2 without the Pydantic dependency. Hopefully that fixes your issue. eth-account will have Pydantic going forward from 0.12.x.