Bump Pydantic to version 2

[ThomasLaPiana]

Closes #159

Description Of Changes

Pydantic 2 sees major changes that bring large performance advantages. Worth upgrading to stay up-to-date as well as enjoy downstream effects in increased performance

Pydantic 1 -> 2 Migration Guide: link

I fully expected we might need to tweak more things here based on testing against Fides directly, but we'll need to do more checks there to verify. Here is the corresponding Fides PR

As part of this migration, I adopted a very different general pattern for validation than we used before. Due to the major changes, I found it easier to use model_validator (formerly known as root_validator) and composed multiple validators together into a single, full-model validator instead of always using discrete validators by field.

Code Changes

• make updates required for Pydantic v2
• update the requirement bounds in requirements.txt
• remove Python 3.8 from supported versions

Steps to Confirm

• CI checks pass

Pre-Merge Checklist

• All CI Pipelines Succeeded
• Documentation Updated
• Issue Requirements are Met
• Relevant Follow-Up Issues Created
• Update CHANGELOG.md

[ThomasLaPiana]

@NevilleS a major question we need to answer is if we also want to strip out everything that is deprecated as part of 3.0

I think it makes sense to me from a versioning standpoint, but I also want to get more informed opinions from

@SteveDMurphy @pattisdr & @adamsachs

[ThomasLaPiana]

Python 3.8 wasn't playing nicely, so I axed it. It is almost EOL and we can only make the matrix so large

[pattisdr]

Understood, how do we generally communicate things like this to customers?

[ThomasLaPiana]

Other than changelog, it'll automatically fail to pip install if they have an older version.

Afaik most people are using Docker containers, this would be most disruptive to customers using the CLI

[ThomasLaPiana]

These are the most recent ones, but Pydantic moves fast so we'll need to keep an eye on this

[ThomasLaPiana]

not cross-supporting Pydantic 1.0!

[ThomasLaPiana]

CustomTypes are now handled very differently, as Annotated instead of Classes that inherit

[pattisdr]

Thanks for all these helpful review comments

[ThomasLaPiana]

I copied you! haha yours are always so helpful

[ThomasLaPiana]

I updated almost all of these functions to be pure functions, not set up as specific validators. They are then more transparently composed on the model itself

[ThomasLaPiana]

Pydantic is more picky now! It will not do these subtle conversions (int -> str in this case) but instead will throw an error

[pattisdr]

ah ok, feels like something that will cause potential issues with existing yaml files etc.

[ThomasLaPiana]

potentially for sure...I'm going to test this branch out in Fides and see what kind of damage it does 😬

[ThomasLaPiana]

it did, so I had to update everything in Fides....will need to think about how to handle this if we don't want to break things...

although coming from the db they should already be correct

[ThomasLaPiana]

I'm confused here, and I think this was a bug? Not sure why these were expected to fail before but aren't now. Especially given that they seem fine given how the model was written? This is really old code though so I'm not sure if just deleting it is right, but I'm not sure what it is solving either.

I would appreciate any possible insight here!

[pattisdr]

I think we need to put this back and fix the model-level validation.

It looks like privacy_declarations_reference_data_flows is not getting called now. This first test, the privacy declaration seems to reference a system but there are no system egresses?

[ThomasLaPiana]

another change, this time with how models are configured

[ThomasLaPiana]

I nitted myself here! As taught by @pattisdr it is safe to use [] as a default value in Pydantic

[pattisdr]

Starting review..a lot to catch up on here!

[ThomasLaPiana]

Starting review..a lot to catch up on here!

I apologize! I just wasn't sure how to break it up further

I added comments everywhere I thought made sense but of course feel free to dig in and ask other questions and I'll reply as best as I can!

[pattisdr]

Oh no this is exciting! Lots of great improvements here, I more meant big picture understanding what Pydantic 2 brings as well.

[pattisdr]

There's a whole new lingo to learn!

[pattisdr]

Huge effort here Thomas. Main thing I'd make sure these validators that are working on a list of items still work, in places they're not getting called, but only small things were noted here, quick to turn around.

Have you just pinned this latest fideslang commit in Fides and experimented with the level effort required here? I wonder if trying to integrate will cause more changes needed in Fideslang so it might be nice to verify before we do the big 3.0 release.

[pattisdr]

Nice, easier to follow too on the model!

[pattisdr]

What was behind pulling out the usage of name_field and description_field here, when you're still using them on other models? Just curious

[ThomasLaPiana]

this is kind of a messy/bad abstraction. Names can sometimes be optional, and sometimes are not (they're treated as keys) so in my opinion this was a premature optimization/abstraction on my part :)

[pattisdr]

Ah got it thanks!

[pattisdr]

It looks like DataProtectionImpactAssessment > progress/link files might need default=None too (although this is supposed to be deprecated anyway)

[pattisdr]

This doesn't seem to run if legitimate_interest is not an argument when instantiating a DataUse. Looks like you can add validate_default=True to the legitimate_interest Field above to get the same always=True behavior.

(Doesn't matter much in practice, this field is deprecated, an argument to remove these deprecated fields soon)

[pattisdr]

Understood, how do we generally communicate things like this to customers?

[pattisdr]

Thanks for all these helpful review comments

[pattisdr]

It looks like in FIdeslang the type is an integer, but the tests updated to registry_id="1"

The ctl_systems table has it as a string though, so should this be updated to a string? Come to think of it I think I've run into 500 errors before around this - the discrepancy between fideslang and the database here.

                                            Table "public.ctl_systems"
                Column                |           Type           | Collation | Nullable |          Default          
--------------------------------------+--------------------------+-----------+----------+---------------------------
registry_id                          | character varying        |           |          | 

[ThomasLaPiana]

uh oh...hmm ok I'll need to do more testing over in fides for this

[pattisdr]

This throws confusing Type errors if the fides key is not a string, should we add more validation to require FidesKeys to be a string upfront?

[ThomasLaPiana]

In which situations? We might need to pass in as str specifically

[pattisdr]

I think we need to put this back and fix the model-level validation.

It looks like privacy_declarations_reference_data_flows is not getting called now. This first test, the privacy declaration seems to reference a system but there are no system egresses?

[ThomasLaPiana]

There's a whole new lingo to learn!

no kidding! Soooo many major changes here, hopefully the performance improvements and new ergonomics are worth it!

[NevilleS]

Migrated this one to Ethyca's downstream fork: ethyca#9. Once we finish this update for the Python bindings it'll be useful to merge upstream 👍