Deps/update pymongo

[gmorales96]

• closes: Actualizar versión de pymongo #96 (comment)

Se creo 1 registro con la versión 1.2.1 y otro con esta nueva versión, ambos pueden ser leídos tanto con la versión 1.2.1 como con esta nueva:

Summary by CodeRabbit

• Dependencies

  • Upgraded runtime and test dependencies (PyMongo/pymongocrypt, dnspython, boto3) and relaxed testing/lint tool versions.

• Improvements

  • Added and clarified type annotations across models and encrypted types; bumped package version to 1.3.0. No behavioral changes.

• Tests / CI

  • Adjusted encryption-related tests and CI matrix to drop Python 3.9 (now 3.10–3.13).

[coderabbitai]

Walkthrough

Updated typing annotations and small API adjustments across the codebase, encryption module, tests, and packaging/CI. Specific changes include: added explicit type parameters for class and local variables; switched some imports from pymongo.encryption to pymongo.synchronous.encryption; altered get_data_key_binary to return the raw data key _id instead of a bson.Binary; added explicit typing for CODEC_OPTION; bumped production and test dependency versions and Python requirement to >=3.10; removed Python 3.9 from the CI matrix; and updated package version to 1.3.0.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

• Files likely requiring focused review:
  • mongoengine_plus/types/encrypted_string/init.py — import path change to pymongo.synchronous.encryption.
  • mongoengine_plus/types/encrypted_string/base.py — get_data_key_binary returns raw _id (behavioral impact).
  • mongoengine_plus/types/encrypted_string/fields.py — explicit typing for CODEC_OPTION and local variables.
  • tests/types/test_encrypted_string.py — import changes and added assertion.
  • mongoengine_plus/models/base.py — class variable type annotations (_excluded, _hidden).
  • setup.py, requirements.txt, requirements-test.txt, .github/workflows/test.yml — dependency and CI Python-version updates.

Possibly related PRs

• Update boto3 dependency range #90 — modifies the same version constant (__version__) in mongoengine_plus/version.py; likely related to the version bump.

Suggested reviewers

• felipao-mx

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 14.29% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly relates to the primary objective of updating the pymongo dependency, though it is brief and could be more descriptive about the specific version update.
Linked Issues check	✅ Passed	The PR successfully updates pymongo from 3.13.0 to 4.15.4 and updates Python requirements from 3.9+ to 3.10+, addressing the issue #96 requirement to resolve Python 3.12/3.13 deployment failures.
Out of Scope Changes check	✅ Passed	All changes are within scope; the PR includes necessary updates to type annotations, encryption imports, test dependencies, and version bumps required to support the pymongo upgrade and Python 3.10+ compatibility.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch deps/update-pymongo

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 459d97b and 5392240.

📒 Files selected for processing (1)

• mongoengine_plus/version.py (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**/*.py

⚙️ CodeRabbit configuration file

**/*.py: Enforce Relative Imports for Internal Modules

Ensure that any imports referencing internal modules use relative paths. However, if modules reside in the main module directories (for example /src or /library_or_app_name) —and relative imports are not feasible—absolute imports are acceptable. Additionally, if a module is located outside the main module structure (for example, in /tests or /scripts at a similar level), absolute imports are also valid.

Examples and Guidelines:

1. If a module is in the same folder or a subfolder of the current file, use relative imports. For instance: from .some_module import SomeClass
2. If the module is located under /src or /library_or_app_name and cannot be imported relatively, absolute imports are allowed (e.g., from library_or_app_name.utilities import helper_method).
3. If a module is outside the main module directories (for example, in /tests, /scripts, or any similarly placed directory), absolute imports are valid.
4. External (third-party) libraries should be imported absolutely (e.g., import requests).

**/*.py:
Rule: Enforce Snake Case in Python Backend

1. New or Modified Code: Use snake_case for all variables, functions, methods, and class attributes.
2. Exceptions (Pydantic models for API responses):
   • Primary fields must be snake_case.
   • If older clients expect camelCase, create a computed or alias field that references the snake_case field.
   • Mark any camelCase fields as deprecated or transitional.

Examples

Invalid:

class CardConfiguration(BaseModel):
    title: str
    subTitle: str  # ❌ Modified or new field in camelCase

Valid:

class CardConfiguration(BaseModel):
    title: str
    subtitle: str  # ✅ snake_case for new/modified field

    @computed_field
    def subTitle(self) -> str:  # camelCase allowed only for compatibility
        return self.subtitle

Any direct use of camelCase in new or updated code outside of these exceptions should be flagged.

`*...

Files:

• mongoengine_plus/version.py

🔇 Additional comments (1)

mongoengine_plus/version.py (1)

1-1: Version bump is appropriate.

The version bump from 1.2.1 to 1.3.0 correctly follows semantic versioning. get_data_key_binary is an internal utility function (not exported in the public API per __all__), so its return type change is not a breaking change. Dropping Python 3.9 support with a minor version bump is standard practice. The code change is correct as-is.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

mongoengine_plus/types/encrypted_string/base.py (1)

24-35: Critical: Update return type annotation.

The return type annotation states Binary, but Line 35 now returns uuid_data_key directly (the raw _id from the data key document) instead of wrapping it in Binary with UUID_SUBTYPE. This is correct for pymongo 4.x, but the type annotation is now inaccurate.

Apply this diff to fix the return type:

-def get_data_key_binary(key_namespace: str, key_name: str) -> Binary:
+def get_data_key_binary(key_namespace: str, key_name: str):

Or, if you prefer explicit typing:

+from typing import Union
+from uuid import UUID
+
-def get_data_key_binary(key_namespace: str, key_name: str) -> Binary:
+def get_data_key_binary(key_namespace: str, key_name: str) -> Union[Binary, UUID]:

🧹 Nitpick comments (5)

mongoengine_plus/types/encrypted_string/base.py (1)

55-55: Optional: Redundant type annotation.

The type annotation client_encryption: ClientEncryption is redundant since the context manager on line 56 already provides strong type information. While not harmful, it adds visual noise.

Consider removing the annotation:

-    client_encryption: ClientEncryption
     with ClientEncryption(

tests/types/test_encrypted_string.py (2)

92-92: Optional: Redundant assertion.

The assertion assert data_key is not None is redundant because Line 93 immediately accesses data_key['keyAltNames'], which would raise an exception if data_key were None.

Consider removing this assertion:

-    assert data_key is not None
     assert data_key['keyAltNames'] == [key_name]

---

121-121: Optional: Redundant type annotation.

The type annotation client_encryption: ClientEncryption is redundant since the context manager on line 122 already provides strong type information.

Consider removing the annotation:

-    client_encryption: ClientEncryption
     with ClientEncryption(

mongoengine_plus/types/encrypted_string/fields.py (2)

60-60: Optional: Redundant type annotation.

The type annotation client_encryption: ClientEncryption is redundant since the context manager on line 61 already provides strong type information.

Consider removing the annotation:

-        client_encryption: ClientEncryption
         with ClientEncryption(

---

70-70: Optional: Redundant type annotation.

The type annotation client_encryption: ClientEncryption is redundant since the context manager on line 71 already provides strong type information.

Consider removing the annotation:

-        client_encryption: ClientEncryption
         with ClientEncryption(

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8a57a6e and 46bd726.

📒 Files selected for processing (8)

• mongoengine_plus/models/base.py (1 hunks)
• mongoengine_plus/types/encrypted_string/__init__.py (1 hunks)
• mongoengine_plus/types/encrypted_string/base.py (3 hunks)
• mongoengine_plus/types/encrypted_string/fields.py (3 hunks)
• requirements-test.txt (1 hunks)
• requirements.txt (1 hunks)
• setup.py (1 hunks)
• tests/types/test_encrypted_string.py (3 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**/*.py

⚙️ CodeRabbit configuration file

**/*.py: Enforce Relative Imports for Internal Modules

Ensure that any imports referencing internal modules use relative paths. However, if modules reside in the main module directories (for example /src or /library_or_app_name) —and relative imports are not feasible—absolute imports are acceptable. Additionally, if a module is located outside the main module structure (for example, in /tests or /scripts at a similar level), absolute imports are also valid.

Examples and Guidelines:

1. If a module is in the same folder or a subfolder of the current file, use relative imports. For instance: from .some_module import SomeClass
2. If the module is located under /src or /library_or_app_name and cannot be imported relatively, absolute imports are allowed (e.g., from library_or_app_name.utilities import helper_method).
3. If a module is outside the main module directories (for example, in /tests, /scripts, or any similarly placed directory), absolute imports are valid.
4. External (third-party) libraries should be imported absolutely (e.g., import requests).

**/*.py:
Rule: Enforce Snake Case in Python Backend

1. New or Modified Code: Use snake_case for all variables, functions, methods, and class attributes.
2. Exceptions (Pydantic models for API responses):
   • Primary fields must be snake_case.
   • If older clients expect camelCase, create a computed or alias field that references the snake_case field.
   • Mark any camelCase fields as deprecated or transitional.

Examples

Invalid:

class CardConfiguration(BaseModel):
    title: str
    subTitle: str  # ❌ Modified or new field in camelCase

Valid:

class CardConfiguration(BaseModel):
    title: str
    subtitle: str  # ✅ snake_case for new/modified field

    @computed_field
    def subTitle(self) -> str:  # camelCase allowed only for compatibility
        return self.subtitle

Any direct use of camelCase in new or updated code outside of these exceptions should be flagged.

`*...

Files:

• mongoengine_plus/models/base.py
• mongoengine_plus/types/encrypted_string/__init__.py
• mongoengine_plus/types/encrypted_string/base.py
• mongoengine_plus/types/encrypted_string/fields.py
• tests/types/test_encrypted_string.py
• setup.py

🪛 GitHub Actions: test

requirements.txt

[error] 1-1: pip install -qU -r requirements.txt failed: No matching distribution found for dnspython==2.8.0 (requires Python >=3.10); Ignored versions that require a different Python version. Command failed: 'pip install -qU -r requirements.txt'. Makefile exit: 2.

🔇 Additional comments (6)

mongoengine_plus/types/encrypted_string/__init__.py (1)

6-6: LGTM! Correct migration to pymongo 4.x import path.

The import path update from pymongo.encryption to pymongo.synchronous.encryption aligns with pymongo 4.x's new synchronous API structure.

tests/types/test_encrypted_string.py (1)

9-13: LGTM! Correct migration to pymongo 4.x import paths.

The import statements correctly reference pymongo.synchronous.encryption for Algorithm, ClientEncryption, and _EncryptionIO, aligning with pymongo 4.x's synchronous API.

mongoengine_plus/types/encrypted_string/fields.py (1)

11-11: LGTM! Improved type annotation for module constant.

Explicitly typing CODEC_OPTION as CodecOptions improves code clarity and provides better IDE support.

mongoengine_plus/models/base.py (1)

7-8: No issues found with the behavioral change; the defaults are necessary for the current code to work.

Based on my verification:

1. TestModel uses _excluded without defining it: In tests/models/test_base.py, TestModel defines _hidden but not _excluded. When to_dict() is called (line 48), it accesses self._excluded (base.py line 15) for concatenation. This works only because the default empty list exists.

2. The test is not failing: TestModel's to_dict() test is not marked as skipped or xfail, indicating the code path is already active and working.

3. All subclasses that override these variables do so explicitly:

   • Address (line 18-19): Explicitly defines both _excluded and _hidden
   • TestModel (line 32): Explicitly defines _hidden

4. No code relies on AttributeError: There are no hasattr(), getattr(), or try/except patterns attempting to detect if these variables are undefined.

The defaults are necessary for the current to_dict() implementation to work correctly, particularly for subclasses that don't define all variables.

setup.py (1)

30-30: LGTM! Pymongo 4.x version constraint is correctly specified.

The version constraint properly allows pymongo 4.x versions while preventing automatic upgrades to 5.x, which is appropriate for this migration.

requirements-test.txt (1)

1-10: All specified package versions are available; verify compatibility by running the test suite.

The latest stable versions as of November 2025 are: black 25.11.0, isort 7.0.0, mypy 1.18.2, pytest 9.0.1, and pytest-asyncio 1.3.0. These versions match the pinned ranges in requirements-test.txt and are publicly available. However, ensure the test suite runs successfully with these major version updates before merging, as they may include breaking changes in linting, type checking, or testing behavior.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (8a57a6e) to head (5392240).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff            @@
##              main       #97   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           15        15           
  Lines          254       254           
  Branches        23        23           
=========================================
  Hits           254       254           

Flag	Coverage Δ
unittests	100.00% <100.00%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

tests/types/test_encrypted_string.py (1)

118-118: Type annotation may be redundant.

The explicit type annotation client_encryption: ClientEncryption before the context manager is valid but potentially unnecessary, as type checkers can typically infer the type from ClientEncryption's __enter__ method. However, if this improves type checking in your environment or aligns with your typing standards, it's acceptable.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d92de7c and 4fd5f33.

📒 Files selected for processing (1)

• tests/types/test_encrypted_string.py (3 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**/*.py

⚙️ CodeRabbit configuration file

**/*.py: Enforce Relative Imports for Internal Modules

Ensure that any imports referencing internal modules use relative paths. However, if modules reside in the main module directories (for example /src or /library_or_app_name) —and relative imports are not feasible—absolute imports are acceptable. Additionally, if a module is located outside the main module structure (for example, in /tests or /scripts at a similar level), absolute imports are also valid.

Examples and Guidelines:

1. If a module is in the same folder or a subfolder of the current file, use relative imports. For instance: from .some_module import SomeClass
2. If the module is located under /src or /library_or_app_name and cannot be imported relatively, absolute imports are allowed (e.g., from library_or_app_name.utilities import helper_method).
3. If a module is outside the main module directories (for example, in /tests, /scripts, or any similarly placed directory), absolute imports are valid.
4. External (third-party) libraries should be imported absolutely (e.g., import requests).

**/*.py:
Rule: Enforce Snake Case in Python Backend

1. New or Modified Code: Use snake_case for all variables, functions, methods, and class attributes.
2. Exceptions (Pydantic models for API responses):
   • Primary fields must be snake_case.
   • If older clients expect camelCase, create a computed or alias field that references the snake_case field.
   • Mark any camelCase fields as deprecated or transitional.

Examples

Invalid:

class CardConfiguration(BaseModel):
    title: str
    subTitle: str  # ❌ Modified or new field in camelCase

Valid:

class CardConfiguration(BaseModel):
    title: str
    subtitle: str  # ✅ snake_case for new/modified field

    @computed_field
    def subTitle(self) -> str:  # camelCase allowed only for compatibility
        return self.subtitle

Any direct use of camelCase in new or updated code outside of these exceptions should be flagged.

`*...

Files:

• tests/types/test_encrypted_string.py

🔇 Additional comments (2)

tests/types/test_encrypted_string.py (2)

89-89: Good addition for test clarity.

Adding the explicit assert data_key is not None improves test reliability and helps type checkers understand that subsequent attribute accesses on data_key are safe.

---

9-10: ****

The imports in lines 9-10 are correct for pymongo 4.x. According to PyMongo documentation, Algorithm and ClientEncryption should remain imported from pymongo.encryption, while synchronous-specific utilities like _EncryptionIO are correctly imported from pymongo.synchronous.encryption. The split is intentional per pymongo's API design.

Likely an incorrect or invalid review comment.

[gmorales96]

Acabo de notar que el PR #94 resuelve el mismo issue (#96) Realice las pruebas solicitadas, creo que podemos cerrar ambos si esto se aprueba

[felipao-mx]

es necesario esto?

[gmorales96]

Si, el lint ahora es más estricto, marca este error:
error: Need type annotation for "client_encryption" [var-annotated]