From 42ecf83d9abb285e5eed9df535eefeb513e09a5c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 26 Mar 2026 22:32:38 -0700
Subject: [PATCH] chore: bump requests from 2.32.5 to 2.33.0 in
/libs/standard-tests (#36239)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [requests](https://github.com/psf/requests) from 2.32.5 to 2.33.0.
Release notes
Sourced from requests's
releases.
v2.33.0
2.33.0 (2026-03-25)
Announcements
- 📣 Requests is adding inline types. If you have a typed code base
that uses Requests, please take a look at #7271.
Give it a try, and report any gaps or feedback you may have in the
issue. 📣
Security
- CVE-2026-25645
requests.utils.extract_zipped_paths now
extracts contents to a non-deterministic location to prevent malicious
file replacement. This does not affect default usage of Requests, only
applications calling the utility function directly.
Improvements
- Migrated to a PEP 517 build system using setuptools. (#7012)
Bugfixes
- Fixed an issue where an empty netrc entry could cause malformed
authentication to be applied to Requests on Python 3.11+. (#7205)
Deprecations
- Dropped support for Python 3.9 following its end of support. (#7196)
Documentation
- Various typo fixes and doc improvements.
New Contributors
Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25
Changelog
Sourced from requests's
changelog.
2.33.0 (2026-03-25)
Announcements
- 📣 Requests is adding inline types. If you have a typed code base
that
uses Requests, please take a look at #7271.
Give it a try, and report
any gaps or feedback you may have in the issue. 📣
Security
- CVE-2026-25645
requests.utils.extract_zipped_paths now
extracts
contents to a non-deterministic location to prevent malicious file
replacement. This does not affect default usage of Requests, only
applications calling the utility function directly.
Improvements
- Migrated to a PEP 517 build system using setuptools. (#7012)
Bugfixes
- Fixed an issue where an empty netrc entry could cause
malformed authentication to be applied to Requests on
Python 3.11+. (#7205)
Deprecations
- Dropped support for Python 3.9 following its end of support. (#7196)
Documentation
- Various typo fixes and doc improvements.
Commits
bc04dfd
v2.33.066d21cb
Merge commit from fork8b9bc8f
Move badges to top of README (#7293)e331a28
Remove unused extraction call (#7292)753fd08
docs: fix FAQ grammar in httplib2 example774a0b8
docs(socks): same block as other sections9c72a41
Bump github/codeql-action from 4.33.0 to 4.34.1ebf7190
Bump github/codeql-action from 4.32.0 to 4.33.00e4ae38
docs: exclude Response.is_permanent_redirect from API docs (#7244)d568f47
docs: clarify Quickstart POST example (#6960)- Additional commits viewable in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
libs/standard-tests/uv.lock | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/libs/standard-tests/uv.lock b/libs/standard-tests/uv.lock
index 08ee01ec72c..664865ed864 100644
--- a/libs/standard-tests/uv.lock
+++ b/libs/standard-tests/uv.lock
@@ -321,7 +321,7 @@ wheels = [
[[package]]
name = "langchain-core"
-version = "1.2.18"
+version = "1.2.22"
source = { editable = "../core" }
dependencies = [
{ name = "jsonpatch" },
@@ -1185,7 +1185,7 @@ wheels = [
[[package]]
name = "requests"
-version = "2.32.5"
+version = "2.33.0"
source = { registry = "https://pypi.org/simple" }
dependencies = [
{ name = "certifi" },
@@ -1193,9 +1193,9 @@ dependencies = [
{ name = "idna" },
{ name = "urllib3" },
]
-sdist = { url = "https://files.pythonhosted.org/packages/c9/74/b3ff8e6c8446842c3f5c837e9c3dfcfe2018ea6ecef224c710c85ef728f4/requests-2.32.5.tar.gz", hash = "sha256:dbba0bac56e100853db0ea71b82b4dfd5fe2bf6d3754a8893c3af500cec7d7cf", size = 134517, upload-time = "2025-08-18T20:46:02.573Z" }
+sdist = { url = "https://files.pythonhosted.org/packages/34/64/8860370b167a9721e8956ae116825caff829224fbca0ca6e7bf8ddef8430/requests-2.33.0.tar.gz", hash = "sha256:c7ebc5e8b0f21837386ad0e1c8fe8b829fa5f544d8df3b2253bff14ef29d7652", size = 134232, upload-time = "2026-03-25T15:10:41.586Z" }
wheels = [
- { url = "https://files.pythonhosted.org/packages/1e/db/4254e3eabe8020b458f1a747140d32277ec7a271daf1d235b70dc0b4e6e3/requests-2.32.5-py3-none-any.whl", hash = "sha256:2462f94637a34fd532264295e186976db0f5d453d1cdd31473c85a6a161affb6", size = 64738, upload-time = "2025-08-18T20:46:00.542Z" },
+ { url = "https://files.pythonhosted.org/packages/56/5d/c814546c2333ceea4ba42262d8c4d55763003e767fa169adc693bd524478/requests-2.33.0-py3-none-any.whl", hash = "sha256:3324635456fa185245e24865e810cecec7b4caf933d7eb133dcde67d48cee69b", size = 65017, upload-time = "2026-03-25T15:10:40.382Z" },
]
[[package]]