16352 Commits

Author SHA1 Message Date
dependabot[bot]
fa021df592 chore: bump actions/checkout from 6.0.2 to 7.0.0 in the major group across 1 directory (#38585)
Bumps the major group with 1 update in the / directory:
[actions/checkout](https://github.com/actions/checkout).

Updates `actions/checkout` from 6.0.2 to 7.0.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>block checking out fork pr for pull_request_target and workflow_run
by <a href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2454">actions/checkout#2454</a></li>
<li>Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the
minor-actions-dependencies group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2458">actions/checkout#2458</a></li>
<li>Bump flatted from 3.3.1 to 3.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2460">actions/checkout#2460</a></li>
<li>Bump js-yaml from 4.1.0 to 4.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2461">actions/checkout#2461</a></li>
<li>Bump <code>@​actions/core</code> and
<code>@​actions/tool-cache</code> and Remove uuid by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2459">actions/checkout#2459</a></li>
<li>upgrade module to esm and update dependencies by <a
href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2463">actions/checkout#2463</a></li>
<li>Bump the minor-npm-dependencies group across 1 directory with 3
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2462">actions/checkout#2462</a></li>
<li>getting ready for checkout v7 release by <a
href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2464">actions/checkout#2464</a></li>
<li>update error wording by <a
href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2467">actions/checkout#2467</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2454">actions/checkout#2454</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6.0.3...v7.0.0">https://github.com/actions/checkout/compare/v6.0.3...v7.0.0</a></p>
<h2>v6.0.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update changelog by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2357">actions/checkout#2357</a></li>
<li>fix: expand merge commit SHA regex and add SHA-256 test cases by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2414">actions/checkout#2414</a></li>
<li>Fix checkout init for SHA-256 repositories by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2439">actions/checkout#2439</a></li>
<li>Update changelog for v6.0.3 by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2446">actions/checkout#2446</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/yaananth"><code>@​yaananth</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2414">actions/checkout#2414</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6...v6.0.3">https://github.com/actions/checkout/compare/v6...v6.0.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v7.0.0</h2>
<ul>
<li>Block checking out fork PR for pull_request_target and workflow_run
by <a href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2454">actions/checkout#2454</a></li>
<li>Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the
minor-actions-dependencies group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2458">actions/checkout#2458</a></li>
<li>Bump flatted from 3.3.1 to 3.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2460">actions/checkout#2460</a></li>
<li>Bump js-yaml from 4.1.0 to 4.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2461">actions/checkout#2461</a></li>
<li>Bump <code>@​actions/core</code> and
<code>@​actions/tool-cache</code> and Remove uuid by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2459">actions/checkout#2459</a></li>
<li>upgrade module to esm and update dependencies by <a
href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2463">actions/checkout#2463</a></li>
<li>Bump the minor-npm-dependencies group across 1 directory with 3
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2462">actions/checkout#2462</a></li>
</ul>
<h2>v6.0.3</h2>
<ul>
<li>Fix checkout init for SHA-256 repositories by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2439">actions/checkout#2439</a></li>
<li>fix: expand merge commit SHA regex and add SHA-256 test cases by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2414">actions/checkout#2414</a></li>
</ul>
<h2>v6.0.2</h2>
<ul>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li>
</ul>
<h2>v6.0.1</h2>
<ul>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li>
</ul>
<h2>v6.0.0</h2>
<ul>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
</ul>
<h2>v5.0.1</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<h2>v5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>v4.3.1</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li>
</ul>
<h2>v4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9c091bb21b"><code>9c091bb</code></a>
update error wording (<a
href="https://redirect.github.com/actions/checkout/issues/2467">#2467</a>)</li>
<li><a
href="1044a6dea9"><code>1044a6d</code></a>
getting ready for checkout v7 release (<a
href="https://redirect.github.com/actions/checkout/issues/2464">#2464</a>)</li>
<li><a
href="f0282184c7"><code>f028218</code></a>
Bump the minor-npm-dependencies group across 1 directory with 3 updates
(<a
href="https://redirect.github.com/actions/checkout/issues/2462">#2462</a>)</li>
<li><a
href="d914b262ff"><code>d914b26</code></a>
upgrade module to esm and update dependencies (<a
href="https://redirect.github.com/actions/checkout/issues/2463">#2463</a>)</li>
<li><a
href="537c7ef99c"><code>537c7ef</code></a>
Bump <code>@​actions/core</code> and <code>@​actions/tool-cache</code>
and Remove uuid (<a
href="https://redirect.github.com/actions/checkout/issues/2459">#2459</a>)</li>
<li><a
href="130a169078"><code>130a169</code></a>
Bump js-yaml from 4.1.0 to 4.2.0 (<a
href="https://redirect.github.com/actions/checkout/issues/2461">#2461</a>)</li>
<li><a
href="7d09575332"><code>7d09575</code></a>
Bump flatted from 3.3.1 to 3.4.2 (<a
href="https://redirect.github.com/actions/checkout/issues/2460">#2460</a>)</li>
<li><a
href="0f9f3aa320"><code>0f9f3aa</code></a>
Bump actions/publish-immutable-action (<a
href="https://redirect.github.com/actions/checkout/issues/2458">#2458</a>)</li>
<li><a
href="f9e715a95f"><code>f9e715a</code></a>
block checking out fork pr for pull_request_target and workflow_run (<a
href="https://redirect.github.com/actions/checkout/issues/2454">#2454</a>)</li>
<li><a
href="df4cb1c069"><code>df4cb1c</code></a>
Update changelog for v6.0.3 (<a
href="https://redirect.github.com/actions/checkout/issues/2446">#2446</a>)</li>
<li>Additional commits viewable in <a
href="de0fac2e45...9c091bb21b">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-01 03:53:45 -04:00
dependabot[bot]
de40ced8e5 chore: bump mikefarah/yq from 8f3291d3165497b360b8ffee3c887624bb6fa1cf to e2f1d5ccf73239195bf92280cd47596751492449 (#38586)
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from
8f3291d3165497b360b8ffee3c887624bb6fa1cf to
e2f1d5ccf73239195bf92280cd47596751492449.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mikefarah/yq/blob/master/release_notes.txt">mikefarah/yq's
changelog</a>.</em></p>
<blockquote>
<p>4.53.3:</p>
<ul>
<li>Add <code>--ini-preserve-quotes</code> flag for INI round-trip quote
preservation (<a
href="https://redirect.github.com/mikefarah/yq/issues/2728">#2728</a>)
Thanks <a
href="https://github.com/toller892"><code>@​toller892</code></a>!</li>
<li>Fix: reset INI decoder state on init (<a
href="https://redirect.github.com/mikefarah/yq/issues/2719">#2719</a>)
Thanks <a
href="https://github.com/xieby1"><code>@​xieby1</code></a>!</li>
<li>Fix: decode properties array bracket paths (<a
href="https://redirect.github.com/mikefarah/yq/issues/2693">#2693</a>)
Thanks <a
href="https://github.com/cyphercodes"><code>@​cyphercodes</code></a>!</li>
<li>Fix: preserve floats with trailing zero when encoding YAML to JSON
(<a
href="https://redirect.github.com/mikefarah/yq/issues/2701">#2701</a>)
Thanks <a
href="https://github.com/ChrisJr404"><code>@​ChrisJr404</code></a>!</li>
<li>Fix: JSON to TOML root scope and null handling (<a
href="https://redirect.github.com/mikefarah/yq/issues/2689">#2689</a>)
Thanks <a
href="https://github.com/LovesAsuna"><code>@​LovesAsuna</code></a>!</li>
<li>Fix: reset TOML decoder finished flag on Init for multi-doc
evaluation (<a
href="https://redirect.github.com/mikefarah/yq/issues/2704">#2704</a>)
Thanks <a
href="https://github.com/terminalchai"><code>@​terminalchai</code></a>!</li>
<li>Fix: reset TOML decoder between files when evaluating all at once
(<a
href="https://redirect.github.com/mikefarah/yq/issues/2685">#2685</a>)
Thanks <a
href="https://github.com/terminalchai"><code>@​terminalchai</code></a>!</li>
<li>Fix: preserve TOML inline table array scope (<a
href="https://redirect.github.com/mikefarah/yq/issues/2694">#2694</a>)
Thanks <a
href="https://github.com/cyphercodes"><code>@​cyphercodes</code></a>!</li>
<li>Fix: preserve empty TOML arrays in tables (<a
href="https://redirect.github.com/mikefarah/yq/issues/2686">#2686</a>)
Thanks <a
href="https://github.com/cyphercodes"><code>@​cyphercodes</code></a>!</li>
<li>Fix: TOML encoder uses inline tables for YAML FlowStyle mappings (<a
href="https://redirect.github.com/mikefarah/yq/issues/2687">#2687</a>)</li>
<li>Fix nested inline YAML merge explode (<a
href="https://redirect.github.com/mikefarah/yq/issues/2699">#2699</a>)
Thanks <a
href="https://github.com/cyphercodes"><code>@​cyphercodes</code></a>!</li>
<li>Fix repeatString overflow test on 32-bit platforms (<a
href="https://redirect.github.com/mikefarah/yq/issues/2680">#2680</a>)
Thanks <a
href="https://github.com/jandubois"><code>@​jandubois</code></a>!</li>
<li>Bumped dependencies</li>
</ul>
<p>4.53.2:</p>
<ul>
<li>Fixing release process</li>
</ul>
<p>4.53.1:</p>
<ul>
<li>Releases and tags now signed and immutable!</li>
<li>Add system(command; args) operator (disabled by default) (<a
href="https://redirect.github.com/mikefarah/yq/issues/2640">#2640</a>)</li>
<li>TOML encoder: prefer readable table sections over inline tables (<a
href="https://redirect.github.com/mikefarah/yq/issues/2649">#2649</a>)</li>
<li>Fix TOML encoder to quote keys containing special characters (<a
href="https://redirect.github.com/mikefarah/yq/issues/2648">#2648</a>)</li>
<li>Add string slicing support (<a
href="https://redirect.github.com/mikefarah/yq/issues/2639">#2639</a>)</li>
<li>Fix findInArray misuse on MappingNodes in equality and contains (<a
href="https://redirect.github.com/mikefarah/yq/issues/2645">#2645</a>)
Thanks <a
href="https://github.com/jandubois"><code>@​jandubois</code></a>!</li>
<li>Fix panic on negative slice indices that underflow after adjustment
(<a
href="https://redirect.github.com/mikefarah/yq/issues/2646">#2646</a>)
Thanks <a
href="https://github.com/jandubois"><code>@​jandubois</code></a>!</li>
<li>Fix stack overflow from circular alias in traverse (<a
href="https://redirect.github.com/mikefarah/yq/issues/2647">#2647</a>)
Thanks <a
href="https://github.com/jandubois"><code>@​jandubois</code></a>!</li>
<li>Fix panic and OOM in repeatString for large repeat counts (<a
href="https://redirect.github.com/mikefarah/yq/issues/2644">#2644</a>)
Thanks <a
href="https://github.com/jandubois"><code>@​jandubois</code></a>!</li>
<li>Bumped dependencies</li>
</ul>
<p>4.52.5:</p>
<ul>
<li>Fix: reset TOML decoder state between files (<a
href="https://redirect.github.com/mikefarah/yq/issues/2634">#2634</a>)
thanks <a
href="https://github.com/terminalchai"><code>@​terminalchai</code></a></li>
<li>Fix: preserve original filename when using --front-matter (<a
href="https://redirect.github.com/mikefarah/yq/issues/2613">#2613</a>)
thanks <a
href="https://github.com/cobyfrombrooklyn-bot"><code>@​cobyfrombrooklyn-bot</code></a></li>
<li>Fix typo in filename (<a
href="https://redirect.github.com/mikefarah/yq/issues/2611">#2611</a>)
thanks <a
href="https://github.com/alexandear"><code>@​alexandear</code></a></li>
<li>Bumped dependencies</li>
</ul>
<p>4.52.4:</p>
<ul>
<li>Dropping windows/arm - no longer supported in cross-compile</li>
</ul>
<p>4.52.3:</p>
<ul>
<li>Fixing comments in TOML arrays (<a
href="https://redirect.github.com/mikefarah/yq/issues/2592">#2592</a>)</li>
<li>Bumped dependencies</li>
</ul>
<p>4.52.2:</p>
<ul>
<li>Fixed bad instructions file breaking go-install (<a
href="https://redirect.github.com/mikefarah/yq/issues/2587">#2587</a>)
Thanks <a
href="https://github.com/theyoprst"><code>@​theyoprst</code></a></li>
<li>Fixed TOML table scope after comments (<a
href="https://redirect.github.com/mikefarah/yq/issues/2588">#2588</a>)
Thanks <a
href="https://github.com/tomers"><code>@​tomers</code></a></li>
<li>Multiply uses a readonly context (<a
href="https://redirect.github.com/mikefarah/yq/issues/2558">#2558</a>)</li>
<li>Fixed merge globbing wildcards in keys (<a
href="https://redirect.github.com/mikefarah/yq/issues/2564">#2564</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e2f1d5ccf7"><code>e2f1d5c</code></a>
Bump go.yaml.in/yaml/v4 from 4.0.0-rc.5 to 4.0.0-rc.6 (<a
href="https://redirect.github.com/mikefarah/yq/issues/2759">#2759</a>)</li>
<li><a
href="16f149b351"><code>16f149b</code></a>
Bump github.com/pelletier/go-toml/v2 from 2.4.0 to 2.4.2 (<a
href="https://redirect.github.com/mikefarah/yq/issues/2762">#2762</a>)</li>
<li><a
href="5da9215306"><code>5da9215</code></a>
Bump actions/setup-go from 6.4.0 to 6.5.0 (<a
href="https://redirect.github.com/mikefarah/yq/issues/2763">#2763</a>)</li>
<li><a
href="e95bb7e472"><code>e95bb7e</code></a>
Bump golang.org/x/net from 0.55.0 to 0.56.0 (<a
href="https://redirect.github.com/mikefarah/yq/issues/2740">#2740</a>)</li>
<li><a
href="2074319595"><code>2074319</code></a>
Bump golang.org/x/mod from 0.36.0 to 0.37.0 (<a
href="https://redirect.github.com/mikefarah/yq/issues/2741">#2741</a>)</li>
<li><a
href="be992d8add"><code>be992d8</code></a>
Bump alpine from <code>a2d49ea</code> to <code>28bd5fe</code> (<a
href="https://redirect.github.com/mikefarah/yq/issues/2752">#2752</a>)</li>
<li><a
href="637bb1fecd"><code>637bb1f</code></a>
Bump golang from <code>11fd8f7</code> to <code>792443b</code> (<a
href="https://redirect.github.com/mikefarah/yq/issues/2753">#2753</a>)</li>
<li><a
href="bc23b42789"><code>bc23b42</code></a>
Bump github.com/pelletier/go-toml/v2 from 2.3.1 to 2.4.0 (<a
href="https://redirect.github.com/mikefarah/yq/issues/2754">#2754</a>)</li>
<li><a
href="8e2c9b612d"><code>8e2c9b6</code></a>
Bump golang from <code>68cb6d6</code> to <code>11fd8f7</code> (<a
href="https://redirect.github.com/mikefarah/yq/issues/2738">#2738</a>)</li>
<li><a
href="0970cd4b05"><code>0970cd4</code></a>
Bump alpine from <code>5b10f43</code> to <code>a2d49ea</code> (<a
href="https://redirect.github.com/mikefarah/yq/issues/2739">#2739</a>)</li>
<li>Additional commits viewable in <a
href="8f3291d316...e2f1d5ccf7">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-01 03:43:32 -04:00
dependabot[bot]
96bbb34fb7 chore: bump the minor-and-patch group with 2 updates (#38584)
Bumps the minor-and-patch group with 2 updates:
[actions/setup-python](https://github.com/actions/setup-python) and
[aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials).

Updates `actions/setup-python` from 6.2.0 to 6.3.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-python/releases">actions/setup-python's
releases</a>.</em></p>
<blockquote>
<h2>v6.3.0</h2>
<h2>What's Changed</h2>
<h3>Enhancement</h3>
<ul>
<li>Add RHEL support and include Linux distro in cache keys by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1323">actions/setup-python#1323</a></li>
<li>Fix pip cache error handling on Windows by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1040">actions/setup-python#1040</a></li>
</ul>
<h3>Dependency update</h3>
<ul>
<li>Upgrade minimatch from 3.1.2 to 3.1.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1281">actions/setup-python#1281</a></li>
<li>Upgrade actions dependencies by <a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a>
with <a href="https://github.com/Copilot"><code>@​Copilot</code></a> in
<a
href="https://redirect.github.com/actions/setup-python/pull/1303">actions/setup-python#1303</a></li>
<li>Upgrade <code>@​actions/cache</code> to 5.1.0, log cache write
denied by <a
href="https://github.com/jasongin"><code>@​jasongin</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1324">actions/setup-python#1324</a></li>
<li>Upgrade dependency versions and test workflow configuration by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1322">actions/setup-python#1322</a></li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Update advanced-usage.md by <a
href="https://github.com/Dunky-Z"><code>@​Dunky-Z</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/811">actions/setup-python#811</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a>
with <a href="https://github.com/Copilot"><code>@​Copilot</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/1303">actions/setup-python#1303</a></li>
<li><a href="https://github.com/jasongin"><code>@​jasongin</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/1324">actions/setup-python#1324</a></li>
<li><a href="https://github.com/Dunky-Z"><code>@​Dunky-Z</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/811">actions/setup-python#811</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-python/compare/v6...v6.3.0">https://github.com/actions/setup-python/compare/v6...v6.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ece7cb06ca"><code>ece7cb0</code></a>
Fix pip cache error handling on Windows. (<a
href="https://redirect.github.com/actions/setup-python/issues/1040">#1040</a>)</li>
<li><a
href="1d18d7af5f"><code>1d18d7a</code></a>
Update advanced-usage.md (<a
href="https://redirect.github.com/actions/setup-python/issues/811">#811</a>)</li>
<li><a
href="d2b357a6a3"><code>d2b357a</code></a>
Update dependency versions and test workflow configuration (<a
href="https://redirect.github.com/actions/setup-python/issues/1322">#1322</a>)</li>
<li><a
href="8f639b1e75"><code>8f639b1</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-python/issues/1324">#1324</a>
from jasongin/update-actions-cache-5.1.0</li>
<li><a
href="6731c2ba87"><code>6731c2b</code></a>
Resolve high-severity audit issues</li>
<li><a
href="0cb1a84326"><code>0cb1a84</code></a>
Add RHEL support and include Linux distro in cache keys (<a
href="https://redirect.github.com/actions/setup-python/issues/1323">#1323</a>)</li>
<li><a
href="dc6eab6194"><code>dc6eab6</code></a>
Update dist</li>
<li><a
href="6f4b74bfa2"><code>6f4b74b</code></a>
Strict equality</li>
<li><a
href="fa8bde1a9c"><code>fa8bde1</code></a>
Bump <code>@​actions/cache</code> to 5.1.0, log cache write denied</li>
<li><a
href="c8813ba1bc"><code>c8813ba</code></a>
Upgrade <a href="https://github.com/actions"><code>@​actions</code></a>
dependencies and update licenses (<a
href="https://redirect.github.com/actions/setup-python/issues/1303">#1303</a>)</li>
<li>Additional commits viewable in <a
href="a309ff8b42...ece7cb06ca">compare
view</a></li>
</ul>
</details>
<br />

Updates `aws-actions/configure-aws-credentials` from 6.2.0 to 6.2.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/configure-aws-credentials/releases">aws-actions/configure-aws-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.1</h2>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.2.0...v6.2.1">6.2.1</a>
(2026-06-26)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>enforce allowed-account-ids on all auth paths (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1847">#1847</a>)
(<a
href="4d281fbc56">4d281fb</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md">aws-actions/configure-aws-credentials's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this file.
See <a
href="https://github.com/conventional-changelog/standard-version">standard-version</a>
for commit guidelines.</p>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.2.0...v6.2.1">6.2.1</a>
(2026-06-26)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>enforce allowed-account-ids on all auth paths (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1847">#1847</a>)
(<a
href="4d281fbc56">4d281fb</a>)</li>
</ul>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.1.3...v6.2.0">6.2.0</a>
(2026-06-01)</h2>
<h3>Features</h3>
<ul>
<li>add additional session tags by default (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1775">#1775</a>)
(<a
href="e0ba768507">e0ba768</a>)</li>
<li>add more retry logic and better logging (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1764">#1764</a>)
(<a
href="540d0c13ae">540d0c1</a>)</li>
<li>add regex validation to role-session-name (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1765">#1765</a>)
(<a
href="e35449909c">e354499</a>)</li>
<li>Allow custom session tags to be passed when assuming a role (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1759">#1759</a>)
(<a
href="61f50f630f">61f50f6</a>)</li>
<li>expose run id in STS client user-agent (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1774">#1774</a>)
(<a
href="29d1be3027">29d1be3</a>)</li>
<li>support custom STS endpoints (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1762">#1762</a>)
(<a
href="8d52d05d7a">8d52d05</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>skip credential check on output-env-credentials: false (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1778">#1778</a>)
(<a
href="58e7c47adf">58e7c47</a>)</li>
<li>assumeRole failing from session tag size too large (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1808">#1808</a>)
(<a
href="d6f5dc331b">d6f5dc3</a>)</li>
</ul>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.1.2...v6.1.3">6.1.3</a>
(2026-05-28)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>fix: allow kubelet token symlink in <a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1805">#1805</a></li>
</ul>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.1.1...v6.1.2">6.1.2</a>
(2026-05-26)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>additional filesystem checks (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1799">#1799</a>)
(<a
href="c39f282697">c39f282</a>)</li>
</ul>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.1.0...v6.1.1">6.1.1</a>
(2026-05-05)</h2>
<h3>Miscellaneous Chores</h3>
<ul>
<li>various dependency updates</li>
</ul>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.0.0...v6.1.0">6.1.0</a>
(2026-04-06)</h2>
<h3>Features</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="254c19bd24"><code>254c19b</code></a>
chore(main): release 6.2.1 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1849">#1849</a>)</li>
<li><a
href="a20cf827fe"><code>a20cf82</code></a>
chore: Update dist</li>
<li><a
href="4d281fbc56"><code>4d281fb</code></a>
fix: enforce allowed-account-ids on all auth paths (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1847">#1847</a>)</li>
<li><a
href="e004cdcd28"><code>e004cdc</code></a>
chore(deps-dev): bump <code>@​smithy/property-provider</code> from 4.4.0
to 4.4.2 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1845">#1845</a>)</li>
<li><a
href="88aa3695d3"><code>88aa369</code></a>
chore: Update dist</li>
<li><a
href="687331b272"><code>687331b</code></a>
chore(deps): bump <code>@​aws-sdk/client-sts</code> from 3.1069.0 to
3.1075.0 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1841">#1841</a>)</li>
<li><a
href="ea607be060"><code>ea607be</code></a>
chore: Update dist</li>
<li><a
href="6d136066d8"><code>6d13606</code></a>
chore(deps): bump <code>@​smithy/node-http-handler</code> from 4.8.0 to
4.8.2 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1842">#1842</a>)</li>
<li><a
href="71a32ae408"><code>71a32ae</code></a>
chore: Update dist</li>
<li><a
href="b290f2ca79"><code>b290f2c</code></a>
chore(deps-dev): bump <code>@​aws-sdk/credential-provider-env</code> (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1844">#1844</a>)</li>
<li>Additional commits viewable in <a
href="e7f100cf4c...254c19bd24">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-01 03:42:09 -04:00
ccurme
8a2f1a9445 chore(anthropic): update docstring following sonnet-5 release (#38577) 2026-06-30 14:35:03 -04:00
Mason Daugherty
fa34b22343 docs(docs): add release note guidance to PR docs (#38574)
Adds release note expectations to the contribution guidance so
behavior-changing PRs have a clear place for user-visible release notes.
The agent-facing repository instructions now match the PR template
guidance.
2026-06-30 13:56:26 -04:00
Mason Daugherty
a6612179da release(openrouter): 0.2.5 (#38553) langchain-openrouter==0.2.5 2026-06-29 15:44:05 -04:00
Mason Daugherty
7725ccec03 fix(openrouter): deduplicate repeated finish metadata (#38552)
Closes #38226

---

OpenRouter can emit more than one terminal streaming chunk for a single
response. Before this change, LangChain treated each terminal chunk as
independent final metadata, so repeated string fields could be merged
into corrupted values like `stopstop`.

This updates `ChatOpenRouter` streaming so repeated terminal chunks are
interpreted as parts of the same response ending. Usage metadata is
still captured, later chunks can fill in terminal details that were
missing from earlier chunks, and already-seen terminal fields are not
duplicated.

The regression coverage exercises sync and async generation with
duplicate finish chunks, including the case where usage and additional
terminal metadata arrive on the later chunk.
2026-06-29 15:39:57 -04:00
Mason Daugherty
e7a9a9a728 fix(anthropic): ignore LangSmith requests in VCR cassettes (#38547)
Anthropic integration tests can run with LangSmith tracing enabled in
scheduled CI, which sends LangSmith API requests while VCR cassettes are
active. Ignore LangSmith ingest endpoints in the Anthropic VCR config so
cassette playback only matches Anthropic traffic.

## Changes
- Add `api.smith.langchain.com` to the Anthropic VCR `ignore_hosts`
configuration while preserving any hosts from the shared base config.
- Keep existing Anthropic cassette serialization, request redaction, and
response redaction behavior unchanged.
2026-06-29 11:15:48 -04:00
ccurme
1e35d8f7a9 chore(standard-tests): add sandbox integration test for offloading large execute results (#38537) 2026-06-29 08:40:50 -04:00
Mason Daugherty
c863b92b9e docs(fireworks): clarify prompt-cache session affinity guidance (#38522)
Clarifies the Fireworks chat model documentation around prompt-cache
session affinity. The example now focuses on the supported
`x-session-affinity` header and presents `prompt_cache_key` as the typed
SDK alternative without mixing in multi-turn trajectory guidance.

## Changes
- Tightened the `extra_headers` example so prompt-cache reuse is
explained through `x-session-affinity` only.
- Clarified that `prompt_cache_key` is the preferred typed alternative
to passing the raw session-affinity header.

AI-agent assistance was used in preparing this contribution.
2026-06-29 01:21:12 -04:00
Mason Daugherty
933adb0c95 test(fireworks): cover request-level extra headers (#38518)
Fireworks chat users can pass request-specific headers to the SDK, but
the integration did not have targeted coverage or examples for
session-affinity and multi-turn headers. This adds explicit coverage for
sync, async, and streaming calls, and documents the supported invocation
patterns.

## Changes

- Documented `ChatFireworks` request-level `extra_headers` examples for
session affinity and multi-turn sessions, plus the SDK-level
`prompt_cache_key` alternative.
- Added `TestExtraHeaders` coverage showing `extra_headers` reach
top-level SDK kwargs for sync and streaming calls rather than being
folded into `extra_body`.
- Covered the async `ainvoke` path so request-specific headers are
verified across the main call modes.
2026-06-29 00:13:48 -04:00
Mason Daugherty
e495651fef release(anthropic): 1.4.8 (#38490) langchain-anthropic==1.4.8 2026-06-26 17:25:39 -04:00
Christian Bromann
bfc65cc04f fix(anthropic): keep initial text on content_block_start (#38442)
## Summary
- Fix `ChatAnthropic._make_message_chunk_from_anthropic_event` dropping
the first text chunk of an assistant turn when Anthropic carries the
opening text on the `content_block_start` event rather than a following
`text_delta`. This most often hits the assistant turn right after a tool
result.
- The dropped content streams to clients but never reaches the
aggregated `AIMessage`, so anything reading message history back (e.g. a
checkpointer) sees a truncated message (`Here's the answer.` → `'s the
answer.`). Reported via Pylon 25478 (Zip), whose `<canvaspreview>`
parser broke because the dropped chunk was the opening `<can` tag.
- Add a `content_block_start` branch for `text` and `thinking` blocks:
emit non-empty start-event content on both the string
(`coerce_content_to_string=True`) and structured content paths; empty
starts still emit no chunk (preserving prior behavior) and update
`block_start_event` so following deltas resolve against the current
block.

---------

Co-authored-by: Mason Daugherty <mason@langchain.dev>
Co-authored-by: Mason Daugherty <github@mdrxy.com>
2026-06-26 17:17:00 -04:00
dependabot[bot]
00ad96ce85 chore: bump langgraph-checkpoint from 4.1.0 to 4.1.1 in /libs/partners/huggingface (#38478)
Bumps [langgraph-checkpoint](https://github.com/langchain-ai/langgraph)
from 4.1.0 to 4.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langgraph/releases">langgraph-checkpoint's
releases</a>.</em></p>
<blockquote>
<h2>langgraph-checkpoint==4.1.1</h2>
<p>Changes since checkpoint==4.1.0</p>
<ul>
<li>release(checkpoint): 4.1.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7890">#7890</a>)</li>
<li>fix(checkpoint): restrict lc:2 envelope revival to default
constructor (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7892">#7892</a>)</li>
<li>chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7860">#7860</a>)</li>
<li>chore(deps): bump langsmith from 0.7.31 to 0.8.0 in /libs/checkpoint
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7784">#7784</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d1e2ff0561"><code>d1e2ff0</code></a>
release(checkpoint): 4.1.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7890">#7890</a>)</li>
<li><a
href="e787af200e"><code>e787af2</code></a>
release(sdk-py): 0.3.15 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7891">#7891</a>)</li>
<li><a
href="604534e1b7"><code>604534e</code></a>
fix(sdk-py): percent-encode caller-supplied identifiers in URL paths (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7893">#7893</a>)</li>
<li><a
href="346aa97425"><code>346aa97</code></a>
fix(checkpoint): restrict lc:2 envelope revival to default constructor
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7892">#7892</a>)</li>
<li><a
href="82b3872820"><code>82b3872</code></a>
chore(deps): bump the uv group across 2 directories with 1 update (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7853">#7853</a>)</li>
<li><a
href="fcc4ab8dd8"><code>fcc4ab8</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7860">#7860</a>)</li>
<li><a
href="701d34494c"><code>701d344</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint-postgres
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7861">#7861</a>)</li>
<li><a
href="2c7967ca96"><code>2c7967c</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/cli (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7865">#7865</a>)</li>
<li><a
href="bf7fec0bd1"><code>bf7fec0</code></a>
release(langgraph): 1.2.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7883">#7883</a>)</li>
<li><a
href="8215a9d024"><code>8215a9d</code></a>
feat(langgraph): add <code>before_builtins</code> opt-in for stream
transformers (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7882">#7882</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langgraph/compare/checkpoint==4.1.0...checkpoint==4.1.1">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-26 01:17:24 -07:00
dependabot[bot]
e7c3834e40 chore: bump langgraph-checkpoint from 4.0.3 to 4.1.1 in /libs/langchain (#38477)
Bumps [langgraph-checkpoint](https://github.com/langchain-ai/langgraph)
from 4.0.3 to 4.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langgraph/releases">langgraph-checkpoint's
releases</a>.</em></p>
<blockquote>
<h2>langgraph-checkpoint==4.1.1</h2>
<p>Changes since checkpoint==4.1.0</p>
<ul>
<li>release(checkpoint): 4.1.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7890">#7890</a>)</li>
<li>fix(checkpoint): restrict lc:2 envelope revival to default
constructor (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7892">#7892</a>)</li>
<li>chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7860">#7860</a>)</li>
<li>chore(deps): bump langsmith from 0.7.31 to 0.8.0 in /libs/checkpoint
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7784">#7784</a>)</li>
</ul>
<h2>langgraph-checkpoint==4.1.0</h2>
<p>Changes since checkpoint==4.1.0a4</p>
<ul>
<li>release: bump alpha packages to official versions (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7775">#7775</a>)</li>
<li>chore(deps): bump urllib3 from 2.6.3 to 2.7.0 in /libs/checkpoint
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7762">#7762</a>)</li>
<li>chore(deps): bump langchain-core from 1.3.2 to 1.3.3 in
/libs/checkpoint (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7752">#7752</a>)</li>
<li>feat(checkpoint): force delta channel snapshot after max supersteps
since last snapshot (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7746">#7746</a>)</li>
<li>fix(checkpoint): specify allowed_objects in Reviver (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7743">#7743</a>)</li>
<li>chore: remove keepset helper (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7745">#7745</a>)</li>
<li>chore(langgraph): add guide/conformance for delta channel
checkpointer (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7736">#7736</a>)</li>
<li>docs(checkpoint): mark DeltaChannel and delta-history APIs as beta
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7732">#7732</a>)</li>
<li>chore(deps): bump the minor-and-patch group across 1 directory with
3 updates (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7670">#7670</a>)</li>
<li>chore: &quot;chore: minor clean up around checkpoint and delta
channel&quot; (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7706">#7706</a>)</li>
<li>chore: minor clean up around checkpoint and delta channel (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7705">#7705</a>)</li>
</ul>
<h2>langgraph-checkpoint==4.1.0a4</h2>
<p>Changes since checkpoint==4.1.0a3</p>
<ul>
<li>release: alpha bump (a4) for langgraph, checkpoint,
checkpoint-postgres (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7701">#7701</a>)</li>
<li>feat: public get_writes_history saver API + delta cadence rework (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7699">#7699</a>)</li>
</ul>
<h2>langgraph-checkpoint==4.1.0a3</h2>
<p>Changes since checkpoint==4.1.0a2</p>
<ul>
<li>release: alpha bump (a3) for langgraph, checkpoint,
checkpoint-postgres (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7678">#7678</a>)</li>
<li>chore(langgraph): use two phase read to avoid unnecessary data
transport (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7660">#7660</a>)</li>
<li>release: alpha for timers (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7647">#7647</a>)</li>
<li>feat(langgraph): <code>DeltaChannel</code>: store sentinel in blobs,
reconstruct from checkpoint_writes (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7586">#7586</a>)</li>
<li>chore: dynamic push-task timeouts (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7646">#7646</a>)</li>
<li>chore: update x links to langchain_oss (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7645">#7645</a>)</li>
<li>release(checkpoint): 4.0.3 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7625">#7625</a>)</li>
<li>fix(checkpoint): revive lc=2 JSON blobs for safe types without
allowlist (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7582">#7582</a>)</li>
</ul>
<h2>langgraph-checkpoint==4.1.0a2</h2>
<p>Changes since checkpoint==4.1.0a1</p>
<h2>langgraph-checkpoint==4.1.0a1</h2>
<p>Changes since checkpoint==4.0.3</p>
<ul>
<li>release: alpha for timers (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7647">#7647</a>)</li>
<li>feat(langgraph): <code>DeltaChannel</code>: store sentinel in blobs,
reconstruct from checkpoint_writes (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7586">#7586</a>)</li>
<li>chore: dynamic push-task timeouts (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7646">#7646</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d1e2ff0561"><code>d1e2ff0</code></a>
release(checkpoint): 4.1.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7890">#7890</a>)</li>
<li><a
href="e787af200e"><code>e787af2</code></a>
release(sdk-py): 0.3.15 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7891">#7891</a>)</li>
<li><a
href="604534e1b7"><code>604534e</code></a>
fix(sdk-py): percent-encode caller-supplied identifiers in URL paths (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7893">#7893</a>)</li>
<li><a
href="346aa97425"><code>346aa97</code></a>
fix(checkpoint): restrict lc:2 envelope revival to default constructor
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7892">#7892</a>)</li>
<li><a
href="82b3872820"><code>82b3872</code></a>
chore(deps): bump the uv group across 2 directories with 1 update (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7853">#7853</a>)</li>
<li><a
href="fcc4ab8dd8"><code>fcc4ab8</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7860">#7860</a>)</li>
<li><a
href="701d34494c"><code>701d344</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint-postgres
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7861">#7861</a>)</li>
<li><a
href="2c7967ca96"><code>2c7967c</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/cli (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7865">#7865</a>)</li>
<li><a
href="bf7fec0bd1"><code>bf7fec0</code></a>
release(langgraph): 1.2.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7883">#7883</a>)</li>
<li><a
href="8215a9d024"><code>8215a9d</code></a>
feat(langgraph): add <code>before_builtins</code> opt-in for stream
transformers (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7882">#7882</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langgraph/compare/checkpoint==4.0.3...checkpoint==4.1.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langgraph-checkpoint&package-manager=uv&previous-version=4.0.3&new-version=4.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-26 01:17:06 -07:00
dependabot[bot]
9b245de32e chore: bump langgraph-checkpoint from 4.1.0 to 4.1.1 in /libs/partners/openai (#38476)
Bumps [langgraph-checkpoint](https://github.com/langchain-ai/langgraph)
from 4.1.0 to 4.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langgraph/releases">langgraph-checkpoint's
releases</a>.</em></p>
<blockquote>
<h2>langgraph-checkpoint==4.1.1</h2>
<p>Changes since checkpoint==4.1.0</p>
<ul>
<li>release(checkpoint): 4.1.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7890">#7890</a>)</li>
<li>fix(checkpoint): restrict lc:2 envelope revival to default
constructor (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7892">#7892</a>)</li>
<li>chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7860">#7860</a>)</li>
<li>chore(deps): bump langsmith from 0.7.31 to 0.8.0 in /libs/checkpoint
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7784">#7784</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d1e2ff0561"><code>d1e2ff0</code></a>
release(checkpoint): 4.1.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7890">#7890</a>)</li>
<li><a
href="e787af200e"><code>e787af2</code></a>
release(sdk-py): 0.3.15 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7891">#7891</a>)</li>
<li><a
href="604534e1b7"><code>604534e</code></a>
fix(sdk-py): percent-encode caller-supplied identifiers in URL paths (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7893">#7893</a>)</li>
<li><a
href="346aa97425"><code>346aa97</code></a>
fix(checkpoint): restrict lc:2 envelope revival to default constructor
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7892">#7892</a>)</li>
<li><a
href="82b3872820"><code>82b3872</code></a>
chore(deps): bump the uv group across 2 directories with 1 update (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7853">#7853</a>)</li>
<li><a
href="fcc4ab8dd8"><code>fcc4ab8</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7860">#7860</a>)</li>
<li><a
href="701d34494c"><code>701d344</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint-postgres
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7861">#7861</a>)</li>
<li><a
href="2c7967ca96"><code>2c7967c</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/cli (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7865">#7865</a>)</li>
<li><a
href="bf7fec0bd1"><code>bf7fec0</code></a>
release(langgraph): 1.2.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7883">#7883</a>)</li>
<li><a
href="8215a9d024"><code>8215a9d</code></a>
feat(langgraph): add <code>before_builtins</code> opt-in for stream
transformers (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7882">#7882</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langgraph/compare/checkpoint==4.1.0...checkpoint==4.1.1">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-26 01:17:03 -07:00
dependabot[bot]
0a71a1d40e chore: bump langgraph-sdk from 0.3.13 to 0.3.15 in /libs/langchain (#38475)
Bumps [langgraph-sdk](https://github.com/langchain-ai/langgraph) from
0.3.13 to 0.3.15.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langgraph/releases">langgraph-sdk's
releases</a>.</em></p>
<blockquote>
<h2>langgraph-sdk==0.3.15</h2>
<p>Changes since sdk==0.3.14</p>
<ul>
<li>release(checkpoint): 4.1.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7890">#7890</a>)</li>
<li>release(sdk-py): 0.3.15 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7891">#7891</a>)</li>
<li>fix(sdk-py): percent-encode caller-supplied identifiers in URL paths
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7893">#7893</a>)</li>
<li>release(langgraph): 1.2.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7883">#7883</a>)</li>
<li>chore(deps): bump idna from 3.11 to 3.15 in /libs/sdk-py (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7863">#7863</a>)</li>
<li>chore(deps): bump urllib3 from 2.6.3 to 2.7.0 in /libs/sdk-py (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7764">#7764</a>)</li>
<li>chore(deps): bump langsmith from 0.7.31 to 0.8.0 in /libs/sdk-py (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7789">#7789</a>)</li>
<li>release: bump alpha packages to official versions (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7775">#7775</a>)</li>
<li>chore(langgraph): bump langchain-core to 1.4.0 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7767">#7767</a>)</li>
<li>feat(sdk-py): support metadata filter for crons search/count (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7737">#7737</a>)</li>
<li>chore(deps): bump ty from 0.0.23 to 0.0.33 in /libs/sdk-py (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7666">#7666</a>)</li>
</ul>
<h2>langgraph-sdk==0.3.14</h2>
<p>Changes since sdk==0.3.13</p>
<ul>
<li>release(sdk-py): 0.3.14 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7712">#7712</a>)</li>
<li>feat(sdk-py): add return_minimal to threads update (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7704">#7704</a>)</li>
<li>release: alpha bump (a4) for langgraph, checkpoint,
checkpoint-postgres (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7701">#7701</a>)</li>
<li>release: alpha bump langgraph 1.2.0a6 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7697">#7697</a>)</li>
<li>release: alpha bump prebuilt 1.1.0a2, langgraph 1.2.0a5 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7682">#7682</a>)</li>
<li>release: alpha bump prebuilt 1.1.0a1, langgraph 1.2.0a4 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7679">#7679</a>)</li>
<li>feat(langgraph): dispatch stream_events(version='v3') on Pregel (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7677">#7677</a>)</li>
<li>release: alpha bump (a3) for langgraph, checkpoint,
checkpoint-postgres (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7678">#7678</a>)</li>
<li>release: alpha for timers (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7647">#7647</a>)</li>
<li>chore: update x links to langchain_oss (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7645">#7645</a>)</li>
<li>feat(langgraph): add streaming transformer infrastructure and tests
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7519">#7519</a>)</li>
<li>chore(deps): bump the minor-and-patch group across 1 directory with
4 updates (ty held back) (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7635">#7635</a>)</li>
<li>release(prebuilt): 1.0.12, langgraph 1.1.10 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7623">#7623</a>)</li>
<li>release(checkpoint): 4.0.3 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7625">#7625</a>)</li>
<li>release(prebuilt): 1.0.11 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7610">#7610</a>)</li>
<li>feat(prebuilt): allow ToolNode tools to return list[Command |
ToolMessage] (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7596">#7596</a>)</li>
<li>chore(langgraph): bump version 1.1.8 -&gt; 1.1.9 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7563">#7563</a>)</li>
<li>release(langgraph): 1.1.8 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7545">#7545</a>)</li>
<li>release(prebuilt): 1.0.10 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7541">#7541</a>)</li>
<li>release(langgraph): 1.1.7 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7540">#7540</a>)</li>
<li>chore(deps): bump langsmith from 0.7.20 to 0.7.31 in /libs/sdk-py
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7528">#7528</a>)</li>
<li>release(checkpoint): 4.0.2 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7518">#7518</a>)</li>
<li>chore(deps-dev): bump pytest from 9.0.2 to 9.0.3 in /libs/sdk-py (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7504">#7504</a>)</li>
<li>release(langgraph): 1.1.7a2 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7511">#7511</a>)</li>
<li>chore: allow passing some metadata only for tracing purposes (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7383">#7383</a>)</li>
<li>release(langgraph): 1.1.7a1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7476">#7476</a>)</li>
<li>chore(deps): bump langchain-core from 1.2.22 to 1.2.28 in
/libs/sdk-py (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7449">#7449</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e1aa1a4510"><code>e1aa1a4</code></a>
0.3.15</li>
<li><a
href="7a959f62cc"><code>7a959f6</code></a>
Fix assertion</li>
<li><a
href="9b5549f759"><code>9b5549f</code></a>
Fix flaky assertion</li>
<li><a
href="fa96c0ac76"><code>fa96c0a</code></a>
One more</li>
<li><a
href="98b8ff904c"><code>98b8ff9</code></a>
Update test assertions for triggers</li>
<li><a
href="951131c8ec"><code>951131c</code></a>
Lint</li>
<li><a
href="8bcdba822e"><code>8bcdba8</code></a>
Reduce to 4.1s</li>
<li><a
href="60fc49b448"><code>60fc49b</code></a>
Speed up prepare_single_task</li>
<li><a
href="1d21b4ba08"><code>1d21b4b</code></a>
Improve prepare_single_task trigger checks to linear complexity (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/3891">#3891</a>)</li>
<li><a
href="55ec0d3d2a"><code>55ec0d3</code></a>
Speed up task triggers check (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/3890">#3890</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langgraph/compare/0.3.13...0.3.15">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langgraph-sdk&package-manager=uv&previous-version=0.3.13&new-version=0.3.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-26 01:16:57 -07:00
dependabot[bot]
5f99048308 chore: bump langgraph-checkpoint from 4.1.0 to 4.1.1 in /libs/model-profiles (#38474)
Bumps [langgraph-checkpoint](https://github.com/langchain-ai/langgraph)
from 4.1.0 to 4.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langgraph/releases">langgraph-checkpoint's
releases</a>.</em></p>
<blockquote>
<h2>langgraph-checkpoint==4.1.1</h2>
<p>Changes since checkpoint==4.1.0</p>
<ul>
<li>release(checkpoint): 4.1.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7890">#7890</a>)</li>
<li>fix(checkpoint): restrict lc:2 envelope revival to default
constructor (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7892">#7892</a>)</li>
<li>chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7860">#7860</a>)</li>
<li>chore(deps): bump langsmith from 0.7.31 to 0.8.0 in /libs/checkpoint
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7784">#7784</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d1e2ff0561"><code>d1e2ff0</code></a>
release(checkpoint): 4.1.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7890">#7890</a>)</li>
<li><a
href="e787af200e"><code>e787af2</code></a>
release(sdk-py): 0.3.15 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7891">#7891</a>)</li>
<li><a
href="604534e1b7"><code>604534e</code></a>
fix(sdk-py): percent-encode caller-supplied identifiers in URL paths (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7893">#7893</a>)</li>
<li><a
href="346aa97425"><code>346aa97</code></a>
fix(checkpoint): restrict lc:2 envelope revival to default constructor
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7892">#7892</a>)</li>
<li><a
href="82b3872820"><code>82b3872</code></a>
chore(deps): bump the uv group across 2 directories with 1 update (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7853">#7853</a>)</li>
<li><a
href="fcc4ab8dd8"><code>fcc4ab8</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7860">#7860</a>)</li>
<li><a
href="701d34494c"><code>701d344</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint-postgres
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7861">#7861</a>)</li>
<li><a
href="2c7967ca96"><code>2c7967c</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/cli (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7865">#7865</a>)</li>
<li><a
href="bf7fec0bd1"><code>bf7fec0</code></a>
release(langgraph): 1.2.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7883">#7883</a>)</li>
<li><a
href="8215a9d024"><code>8215a9d</code></a>
feat(langgraph): add <code>before_builtins</code> opt-in for stream
transformers (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7882">#7882</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langgraph/compare/checkpoint==4.1.0...checkpoint==4.1.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langgraph-checkpoint&package-manager=uv&previous-version=4.1.0&new-version=4.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-26 01:16:50 -07:00
dependabot[bot]
3e6f1e30b1 chore: bump langgraph-checkpoint from 4.1.0 to 4.1.1 in /libs/partners/anthropic (#38479)
Bumps [langgraph-checkpoint](https://github.com/langchain-ai/langgraph)
from 4.1.0 to 4.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langgraph/releases">langgraph-checkpoint's
releases</a>.</em></p>
<blockquote>
<h2>langgraph-checkpoint==4.1.1</h2>
<p>Changes since checkpoint==4.1.0</p>
<ul>
<li>release(checkpoint): 4.1.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7890">#7890</a>)</li>
<li>fix(checkpoint): restrict lc:2 envelope revival to default
constructor (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7892">#7892</a>)</li>
<li>chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7860">#7860</a>)</li>
<li>chore(deps): bump langsmith from 0.7.31 to 0.8.0 in /libs/checkpoint
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7784">#7784</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d1e2ff0561"><code>d1e2ff0</code></a>
release(checkpoint): 4.1.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7890">#7890</a>)</li>
<li><a
href="e787af200e"><code>e787af2</code></a>
release(sdk-py): 0.3.15 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7891">#7891</a>)</li>
<li><a
href="604534e1b7"><code>604534e</code></a>
fix(sdk-py): percent-encode caller-supplied identifiers in URL paths (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7893">#7893</a>)</li>
<li><a
href="346aa97425"><code>346aa97</code></a>
fix(checkpoint): restrict lc:2 envelope revival to default constructor
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7892">#7892</a>)</li>
<li><a
href="82b3872820"><code>82b3872</code></a>
chore(deps): bump the uv group across 2 directories with 1 update (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7853">#7853</a>)</li>
<li><a
href="fcc4ab8dd8"><code>fcc4ab8</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7860">#7860</a>)</li>
<li><a
href="701d34494c"><code>701d344</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint-postgres
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7861">#7861</a>)</li>
<li><a
href="2c7967ca96"><code>2c7967c</code></a>
chore(deps): bump idna from 3.11 to 3.15 in /libs/cli (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7865">#7865</a>)</li>
<li><a
href="bf7fec0bd1"><code>bf7fec0</code></a>
release(langgraph): 1.2.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7883">#7883</a>)</li>
<li><a
href="8215a9d024"><code>8215a9d</code></a>
feat(langgraph): add <code>before_builtins</code> opt-in for stream
transformers (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/7882">#7882</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langgraph/compare/checkpoint==4.1.0...checkpoint==4.1.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langgraph-checkpoint&package-manager=uv&previous-version=4.1.0&new-version=4.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-26 01:08:15 -07:00
Mason Daugherty
d3eb2296e7 fix(core): avoid dict shadowing in language models (#38480)
Fixes #37835

---

When Pydantic collects fields for a `BaseLanguageModel` subclass that
defines a `dict()` method, inherited annotations can resolve `dict`
against the subclass namespace instead of the builtin. With Pydantic
2.14.0a1 this caused `BaseLanguageModel.metadata: dict[str, Any] | None`
to fail during rebuild/import with `'function' object is not
subscriptable`.

This qualifies the inherited `metadata` field annotation as
`builtins.dict[...]`, matching the existing pattern in chat models, and
documents why the runtime import cannot move behind `TYPE_CHECKING`. It
also adds a regression test that rebuilds a `BaseLanguageModel` subclass
with a `dict()` method so core catches this failure before partner
packages hit it at import time.

Related to #37924, which hardens `_create_subset_model_v2`; this PR
fixes the `BaseLanguageModel` class-construction failure directly.
2026-06-26 03:14:47 -04:00
Mason Daugherty
20ba43df9c release(fireworks): 1.4.3 langchain-fireworks==1.4.3 2026-06-26 02:46:31 -04:00
Mason Daugherty
57c83d44bc fix(openrouter): strip Responses reasoning IDs (#38383)
Closes #37777

---

OpenRouter can return OpenAI Responses reasoning item IDs such as `rs_*`
in assistant reasoning details. Those IDs are not reliably resolvable on
a later OpenRouter turn, so replaying them can make otherwise-valid
multi-turn conversations fail with a provider 404.

This keeps the useful reasoning payload while removing only the
ephemeral Responses item IDs before serializing `reasoning_details` back
into request history. Non-Responses IDs and reasoning text are left
intact.
2026-06-23 12:26:24 -04:00
Alvin Tang
95fe150ad2 fix(core): _parse_google_docstring mishandling continuation lines with colons (#35680)
## Description

`_parse_google_docstring` incorrectly parses multi-line argument
descriptions when a continuation line contains a colon. The continuation
line is treated as a new argument definition instead of being appended
to the current argument's description.

### Example

```python
def search(query: str, top_k: int = 5) -> str:
    """Search the knowledge base.

    Args:
        query: The search query to use
            for finding things: important ones
        top_k: Number of results to return
    """
```

**Before (broken):** The parser creates 3 args: `query`, `for finding
things`, `top_k`
**After (fixed):** The parser correctly creates 2 args: `query` (with
full description including "for finding things: important ones"),
`top_k`

### Root Cause

The parser used `if ":" in line` to detect new argument lines without
considering indentation. In Google-style docstrings, continuation lines
have deeper indentation than argument definition lines.

### Fix

Detect the base indentation level from the first argument line and treat
any line with deeper indentation as a continuation of the current
argument's description, regardless of whether it contains a colon.

## Issue

Fixes #35679

## Dependencies

None.

## Testing

Added 4 unit tests in
`test_function_calling.py::TestParseGoogleDocstring`:
- `test_continuation_line_with_colon` — the core bug scenario
- `test_simple_args_still_work` — regression check for basic args
- `test_continuation_line_without_colon` — multi-line descriptions
without colons
- `test_multiple_continuation_lines_with_colons` — multiple continuation
lines each containing colons

All tests pass locally with Python 3.12.

---------

Co-authored-by: gambletan <ethanchang32@gmail.com>
Co-authored-by: Mason Daugherty <github@mdrxy.com>
2026-06-23 00:34:02 -04:00
Christophe Bornet
64177b6fc5 chore(langchain): add types in agent middleware tests (#38188)
Co-authored-by: Mason Daugherty <github@mdrxy.com>
Co-authored-by: Mason Daugherty <mason@langchain.dev>
2026-06-23 00:18:11 -04:00
Mason Daugherty
18fe3473a5 release(openrouter): 0.2.4 (#38381) langchain-openrouter==0.2.4 2026-06-22 23:42:48 -04:00
Mason Daugherty
6188e9270e chore(openrouter): bump openrouter floor to 0.9.2, drop file workaround (#38216)
`ChatOpenRouter` users sending PDF/file content blocks previously relied
on a workaround: the OpenRouter Python SDK's `ChatContentItems`
discriminated union didn't include a `file` tag, so file parts failed
Pydantic validation. To work around it, `langchain-openrouter` wrapped
message dicts with `model_construct()` to bypass SDK validation while
still producing correct JSON.

The SDK fixed this in `openrouter` 0.9.2 by adding `file` to the
`ChatContentItems` union (verified against
OpenRouterTeam/python-sdk#38). This PR raises the dependency floor to
`openrouter>=0.9.2` and removes the now-unnecessary
`_wrap_messages_for_sdk` / `_has_file_content_blocks` helpers, passing
plain message dicts straight to the SDK so file parts go through the
normal validated path.

The old workaround's unit tests are replaced with a test asserting the
SDK now validates a `file` content part natively, guarding against a
regression if the floor is ever lowered. The existing `file`-block
conversion helpers and their tests are unchanged.

_This change was authored with the help of an AI agent._

Made by [Open
SWE](https://openswe.vercel.app/agents/9f95ffe6-2298-1045-9316-935f55d00fa7)

Co-authored-by: open-swe[bot] <open-swe@users.noreply.github.com>
2026-06-22 23:38:28 -04:00
Mason Daugherty
237bb61692 test(openrouter): cover cache_control passthrough on tool defs (#38215)
The OpenRouter SDK preserves `cache_control` on tool definitions, and
`ChatOpenRouter` forwards full tool dicts unchanged. This adds a
regression test confirming a top-level `cache_control` on a tool dict
passed to `bind_tools` survives into the SDK request payload.

Made by [Open
SWE](https://openswe.vercel.app/agents/5059cee2-c2de-1ca4-200d-c3fdb8c5814e)

---------

Co-authored-by: open-swe[bot] <open-swe@users.noreply.github.com>
2026-06-22 23:09:00 -04:00
Mason Daugherty
a5a8f8db78 fix(core): add messages to bare raise ValueError calls (#38158)
Closes #35727

---

Several internal code paths raised a bare `ValueError` with no message,
so when one of these conditions tripped, users saw a traceback with no
explanation of what actually went wrong.

This adds descriptive messages to each of those `raise ValueError`
calls:

- `FewShotPromptWithTemplates._get_examples` / `_aget_examples` — when
neither `examples` nor `example_selector` is set.
- Prompt `loading` — when a referenced template file uses an unsupported
(non-`.txt`) format.
- The LangSmith document loader — when both `client` and `client_kwargs`
are supplied.
- The Anthropic file-search middleware brace expansion — for unbalanced
or empty brace patterns.

Made by [Open SWE](https://openswe.vercel.app)

---------

Co-authored-by: open-swe[bot] <open-swe@users.noreply.github.com>
2026-06-22 23:02:05 -04:00
Mason Daugherty
dae4e5de9d feat(openrouter): surface parallel_tool_calls on bind_tools (#38214)
`ChatOpenRouter.bind_tools()` now accepts a `parallel_tool_calls`
argument to disable parallel tool use.

---

Users binding tools to `ChatOpenRouter` previously had to know that
arbitrary kwargs were forwarded to the OpenRouter SDK in order to
disable parallel tool use (e.g.
`model.bind(parallel_tool_calls=False)`). This made the option hard to
discover.

This exposes `parallel_tool_calls` as an explicit keyword-only argument
on `ChatOpenRouter.bind_tools()`, matching the ergonomics of
`langchain-openai`. When set, it is forwarded to the request exactly as
before; when left as `None` it is omitted, preserving existing behavior.
No change to the underlying request payload or SDK floor — purely an
API/discoverability improvement.

Made by [Open
SWE](https://openswe.vercel.app/agents/053b59c8-baf4-84e1-c003-425e349e014d)

Co-authored-by: open-swe[bot] <open-swe@users.noreply.github.com>
2026-06-22 23:01:15 -04:00
Mason Daugherty
3b48f48458 fix(core): use asyncio.get_running_loop() in async contexts (#38157)
Closes #35726

---

Several async functions called `asyncio.get_event_loop()`, which has
been deprecated since Python 3.10. Inside `async def` bodies the loop is
always running, so `asyncio.get_running_loop()` is the correct,
warning-free replacement with no behavior change.

This updates the call in `_ahandle_event_for_handler` (core callbacks),
`_render_mermaid_using_pyppeteer` (core runnables graph), and
`async_api_key_wrapper` (`langchain-openai` client utils). Users running
on modern Python no longer see `DeprecationWarning`s from these paths.

Made by [Open SWE](https://openswe.vercel.app)

Co-authored-by: open-swe[bot] <open-swe@users.noreply.github.com>
2026-06-22 22:26:16 -04:00
Mason Daugherty
f7e87f7ab8 feat(model-profiles): plain-English summary for profile refresh PRs (#38218)
Automated model-profile refresh PRs (e.g. #38210) ship a static template
body, so a reviewer has to open *Files changed* and read large blocks of
generated data to learn what actually moved. Because the underlying
profile data is fully structured, we can describe the changes
deterministically — no LLM, no hallucination risk.

This adds a `langchain-profiles summarize` subcommand that compares the
working-tree `_profiles.py` files against a git ref and renders a
skimmable Markdown summary: models added (with a short capability
descriptor), models removed, and per-field capability changes
(context/output tokens, modalities, tool calling, reasoning, etc.),
grouped by provider and capped so huge refreshes stay readable. Profiles
are read with `ast.literal_eval` rather than imported, so the generated
data file is never executed.

Example output for a refresh that adds a model and bumps an output
limit:

```
## Summary of changes

**1 added · 0 removed · 1 changed** across 1 provider(s).

### openai

** 1 added**
- `gpt-6-preview` — 1,000,000 ctx, 128,000 out, text+image+audio in, reasoning, tools

**✏️ 1 changed**
- `gpt-3.5-turbo`: max output tokens 4,096 → 16,384
```

Made by [Open
SWE](https://openswe.vercel.app/agents/9bcbf182-effc-ba9b-0df3-afac620ad152)

---------

Co-authored-by: open-swe[bot] <open-swe@users.noreply.github.com>
2026-06-22 22:15:29 -04:00
Mason Daugherty
c669da7662 fix(groq): use qwen for tool choice integration tests (#38380)
Groq's `openai/gpt-oss-20b` can return reasoning content instead of
honoring forced tool choice in live integration tests. The forced
tool-choice coverage now uses Groq's recommended `qwen/qwen3.6-27b`
replacement with reasoning disabled, while leaving gpt-oss coverage in
place for reasoning-specific tests.

## Changes
- Add a dedicated tool-calling model constant for forced tool-choice
integration coverage.
- Update sync and async tool-choice tests to use `qwen/qwen3.6-27b` with
`reasoning_effort="none"`.
- Remove stale xfail markers from streaming tool-call tests and assert
the normalized aggregated stream output, including preserved tool-call
IDs.
2026-06-22 21:10:25 -04:00
Mason Daugherty
844cef444b test(openai): clarify async API key sync failure trace (#38379)
Clarifies why the async callable API-key integration test intentionally
creates a failed `ChatOpenAI` run in scheduled LangSmith traces. The
sync invocation is expected to fail because async API-key callables are
only valid for async model methods.
2026-06-22 20:16:56 -04:00
Mason Daugherty
83e824922a release(langchain): 1.3.11 (#38377) langchain==1.3.11 2026-06-22 18:57:51 -04:00
Mason Daugherty
6dd45c90f6 hotfix(anthropic): regenerate cassette (#38376) langchain-anthropic==1.4.7 2026-06-22 18:52:53 -04:00
Mason Daugherty
4a837567c8 release(openai): 1.3.3 (#38375) langchain-openai==1.3.3 2026-06-22 18:42:29 -04:00
Mason Daugherty
792c1a743e fix(openai): drop response item ids when store is false (#38372)
Some Responses API conversations can safely replay prior response item
IDs because the server stored those items. That assumption breaks when
`store=False`: prior `rs_*` reasoning items and `msg_*` assistant
message IDs are not available on the server for the next turn, so
replaying them can crash with `Item with id 'rs_...' not found` or
similar item lookup errors.

This updates the Responses API payload builder to treat `store=False` as
a stateless replay mode. The visible assistant text is still preserved
in history, but server-side response item IDs are not sent back unless
they are usable without server persistence.

In practical terms:

- Bare `rs_*` reasoning items are dropped for `store=False` because they
only reference server-side state that was not stored.
- Reasoning items with `encrypted_content` are preserved because OpenAI
uses them as the stateless/ZDR way to carry reasoning context forward.
- Prior assistant `msg_*` IDs are omitted for `store=False`; the
assistant message is replayed as ordinary assistant text instead of as a
reference to a stored server item.

Dropping `msg_*` IDs in this case should not remove useful user-visible
context: the text content remains in the request. It only removes an
item identity that the server cannot reliably resolve when
`store=False`. Persisted `store=True` Responses flows continue to replay
item IDs as before.

The regression test mirrors the minimal user story: make one
Responses/Codex call, reuse the returned `AIMessage` in a follow-up
request, and verify the next payload keeps the visible assistant message
and encrypted reasoning context while omitting unresolvable bare item
references.
2026-06-22 18:27:26 -04:00
Mason Daugherty
9f7e46fd70 release(anthropic): 1.4.7 (#38373) 2026-06-22 18:13:01 -04:00
ccurme
9ef324c9ab fix(langchain,openai): only set strict=True on tools for OpenAI-compatible models in ProviderStrategy (#38370)
When using `ProviderStrategy`, `create_agent` unnecessarily sets
`strict=True` on tools for all providers. This is only needed for OpenAI
/ chat completions. Here we unset `strict`. For OpenAI:
1. We set it in `BaseChatOpenAI.bind_tools` (as a convenience to users
calling `model.bind_tools` directly)
2. We (redundantly) special-case OpenAI in the `create_agent` factory
logic so that things will not break for users who upgrade `langchain`
but not `langchain-openai`.

Note: payloads for OpenAI are tested here and appear unchanged:
https://github.com/langchain-ai/langchain/blob/master/libs/langchain_v1/tests/unit_tests/agents/test_response_format_integration.py

Quick test:
```python
from langchain.agents import create_agent
from langchain.agents.structured_output import ProviderStrategy
from pydantic import BaseModel

class Weather(BaseModel):
    temperature: float
    condition: str

def weather_tool(location: str) -> str:
    """Get the weather at a location."""
    return "Sunny and 75 degrees F."

for model in [
    "anthropic:claude-sonnet-4-6",
    "openai:gpt-5.4",
    "google_genai:gemini-3.5-flash",
]:

    agent = create_agent(
        model=model,
        tools=[weather_tool],
        response_format=ProviderStrategy(Weather),
    )
    
    result = agent.invoke({
        "messages": [{"role": "user", "content": "What's the weather in SF?"}]
    })
    
    print(result["structured_response"])
```
2026-06-22 18:11:55 -04:00
Mason Daugherty
05b5af17dc chore(infra): update workflow key name (#38367) 2026-06-22 14:03:56 -04:00
Mason Daugherty
8e81774870 test(groq): xfail flaky tool choice test (#38365)
Groq's standard integration suite already treats several tool-calling
checks as flaky because provider behavior is inconsistent. The forced
`tool_choice` check now hits the same provider-side `tool_use_failed`
400 on generic prompts, so the Groq-specific suite marks that case as
expected flaky instead of failing scheduled integration runs.

## Changes
- Add a Groq-specific `test_tool_choice` override that retries and
xfails the shared standard test.
- Keep the rest of the Groq tool-calling coverage unchanged, including
the existing xfail/retry behavior for related standard tests.
2026-06-22 12:00:17 -04:00
Mason Daugherty
946fbbbead fix(groq): replace deprecated Groq llama models (#38363)
Groq is deprecating `llama-3.1-8b-instant` and `llama-3.3-70b-versatile`
(shutdown 08/16/26, per [Groq's deprecation
notice](https://console.groq.com/docs/deprecations#august-16-2026-llama318binstant-and-llama3370bversatile)).
This migrates the `langchain-groq` docstring examples and tests to the
recommended replacements: `openai/gpt-oss-20b` (for 8b-instant) and
`openai/gpt-oss-120b` (for 70b-versatile). The strict-output unit test
uses `qwen/qwen3.6-27b` since it requires a model that does not support
strict JSON schema. The auto-generated `data/_profiles.py` is left
untouched (reference data, not usage).

Made by [Open
SWE](https://openswe.vercel.app/agents/22845b4e-674d-346e-c594-612a8cbcedbd)

---------

Co-authored-by: open-swe[bot] <open-swe@users.noreply.github.com>
2026-06-22 10:25:20 -04:00
langchain-model-profile-bot[bot]
d11b1fc863 chore(model-profiles): refresh model profile data (#38341)
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.

🤖 Generated by the `refresh_model_profiles` workflow.

Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com>
2026-06-22 09:34:11 -04:00
Mason Daugherty
9d14a5e06d feat(groq): add performance service tier (#38339)
Groq's API now exposes a fourth service tier, `performance` — their
highest tier, providing reliable low latency for the most critical
production applications. `ChatGroq.service_tier` only accepted
`on_demand`, `flex`, and `auto`, so users who wanted to route requests
to the performance tier had no type-safe way to do so.

This widens the `service_tier` `Literal` to include `performance` and
documents it alongside the existing tiers. The value is passed straight
through to the Groq SDK as a constrained enum, so no validation or
mapping logic changes were needed.

Reference: [Groq service tiers
documentation](https://console.groq.com/docs/service-tiers).

An integration test case was added to `test_setting_service_tier_class`
mirroring the existing per-tier assertions; it exercises a live request
and so runs only with a Groq API key.
2026-06-21 01:40:38 -04:00
Mason Daugherty
cc6b125f02 test(openai): clarify expected strict schema error (#38338)
This clarifies that the strict Responses API schema in
`test_parsed_strict` is intentionally made invalid before asserting
OpenAI raises `BadRequestError`.

The scheduled integration traces for this test can otherwise look like
real product regressions because OpenAI reports that `punchline` is
missing from `required`. The comment now makes the test intent explicit
for future readers and issue triage tooling.
2026-06-20 19:57:11 -04:00
Mason Daugherty
7d1a38379d fix(openai): drop stop from Responses API payload (#38336)
Responses API requests now strip the Chat Completions-only `stop`
parameter before sending the payload. This avoids request rejection
while preserving `stop` for the Chat Completions API path.
2026-06-20 19:37:55 -04:00
Mason Daugherty
7680875f87 fix(perplexity): use supported Responses API model (#38337)
Perplexity's Responses API integration tests were pinned to
`openai/gpt-5.5`, which now fails against the live Agent API for this
test path. Use the stable `openai/gpt-5` Agent API model instead so
scheduled coverage continues exercising the Responses API and
tool-calling surface.
2026-06-20 19:36:42 -04:00
Mason Daugherty
673ce8c091 fix(xai): drop unsupported stop parameter (#38335)
`ChatXAI` currently forwards `stop` to xAI reasoning models, which xAI
rejects. This causes calls such as `ChatXAI(model="grok-3", stop=[...])`
and unprofiled reasoning aliases such as
`ChatXAI(model="grok-4-fast-reasoning", stop=[...])` to fail before the
model can respond.

This updates the xAI payload construction so unsupported `stop` values
are removed for reasoning models. The check uses generated model
profiles when available and keeps an explicit alias fallback for known
reasoning model names that may not be present in profile data, including
older Grok 3 aliases and Grok 4 reasoning aliases. Explicit
non-reasoning aliases continue to preserve `stop`.

The regression tests cover the reported Grok 3 path, a current profiled
reasoning model, the `grok-4-fast-reasoning` alias used by integration
tests, and a non-reasoning model that should continue to preserve
`stop`.

AI-assisted contribution: this PR includes changes authored with
AI-agent assistance.
2026-06-20 19:01:29 -04:00
langchain-model-profile-bot[bot]
cebf5a8b72 chore(model-profiles): refresh model profile data (#38331)
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.

🤖 Generated by the `refresh_model_profiles` workflow.

Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com>
2026-06-20 17:48:28 -04:00
dependabot[bot]
0588136904 chore: bump langsmith from 0.8.16 to 0.8.18 in /libs/partners/xai (#38283)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from
0.8.16 to 0.8.18.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's
releases</a>.</em></p>
<blockquote>
<h2>v0.8.18</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps-dev): bump vitest from 3.2.4 to 3.2.6 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3002">langchain-ai/langsmith-sdk#3002</a></li>
<li>chore(deps): bump pyjwt from 2.12.1 to 2.13.0 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3030">langchain-ai/langsmith-sdk#3030</a></li>
<li>chore(deps): bump python-multipart from 0.0.27 to 0.0.31 in /python
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3036">langchain-ai/langsmith-sdk#3036</a></li>
<li>chore(deps): bump aiohttp from 3.14.0 to 3.14.1 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3037">langchain-ai/langsmith-sdk#3037</a></li>
<li>chore(deps): bump cryptography from 46.0.7 to 48.0.1 in /python by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3038">langchain-ai/langsmith-sdk#3038</a></li>
<li>chore(deps): bump starlette from 1.0.1 to 1.3.1 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3039">langchain-ai/langsmith-sdk#3039</a></li>
<li>chore(deps-dev): bump langchain-anthropic from 1.4.4 to 1.4.6 in
/python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3044">langchain-ai/langsmith-sdk#3044</a></li>
<li>chore(deps): bump the npm_and_yarn group across 4 directories with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3046">langchain-ai/langsmith-sdk#3046</a></li>
<li>chore(deps): bump the npm_and_yarn group across 2 directories with 2
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3060">langchain-ai/langsmith-sdk#3060</a></li>
<li>test(python): fix integration assertions for updated attachment
error message by <a
href="https://github.com/QuentinBrosse"><code>@​QuentinBrosse</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3061">langchain-ai/langsmith-sdk#3061</a></li>
<li>chore: reconcile bumpversion config and mandate release process for
agents by <a
href="https://github.com/QuentinBrosse"><code>@​QuentinBrosse</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3062">langchain-ai/langsmith-sdk#3062</a></li>
<li>release(py): 0.8.18 by <a
href="https://github.com/QuentinBrosse"><code>@​QuentinBrosse</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3063">langchain-ai/langsmith-sdk#3063</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.17...v0.8.18">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.17...v0.8.18</a></p>
<h2>v0.8.17</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: expose the resources from the generated openapi client in the
langsmith client by <a
href="https://github.com/sineha-mani"><code>@​sineha-mani</code></a> in
<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3018">langchain-ai/langsmith-sdk#3018</a></li>
<li>feat(js): port <code>isTracingEnabled</code> utility from Python by
<a href="https://github.com/dqbd"><code>@​dqbd</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3032">langchain-ai/langsmith-sdk#3032</a></li>
<li>Add sandbox mount support to JS SDK by <a
href="https://github.com/DanielKneipp"><code>@​DanielKneipp</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3010">langchain-ai/langsmith-sdk#3010</a></li>
<li>release(js): bump to 0.7.9 by <a
href="https://github.com/dqbd"><code>@​dqbd</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3035">langchain-ai/langsmith-sdk#3035</a></li>
<li>Add sandbox mount support to Python SDK by <a
href="https://github.com/DanielKneipp"><code>@​DanielKneipp</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3009">langchain-ai/langsmith-sdk#3009</a></li>
<li>docs: note that _openapi_client directories are auto-generated by <a
href="https://github.com/KiewanVillatel"><code>@​KiewanVillatel</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3034">langchain-ai/langsmith-sdk#3034</a></li>
<li>fix: update JS SDK type declarations with skipLibCheck disabled by
<a href="https://github.com/sineha-mani"><code>@​sineha-mani</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3043">langchain-ai/langsmith-sdk#3043</a></li>
<li>release(js): 0.7.10 by <a
href="https://github.com/dqbd"><code>@​dqbd</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3045">langchain-ai/langsmith-sdk#3045</a></li>
<li>feat: adding python async for online evals by <a
href="https://github.com/sineha-mani"><code>@​sineha-mani</code></a> in
<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3048">langchain-ai/langsmith-sdk#3048</a></li>
<li>Add sandbox Git mount SDK helpers by <a
href="https://github.com/DanielKneipp"><code>@​DanielKneipp</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3040">langchain-ai/langsmith-sdk#3040</a></li>
<li>fix: use insights tab in sdk report links [closes LSO-2936] by <a
href="https://github.com/eric-langchain"><code>@​eric-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3050">langchain-ai/langsmith-sdk#3050</a></li>
<li>feat(client): warn when backend version is below minimum required by
<a
href="https://github.com/KiewanVillatel"><code>@​KiewanVillatel</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3041">langchain-ai/langsmith-sdk#3041</a></li>
<li>chore: bump _MIN_BACKEND_VERSION to 0.16.5rc1 by <a
href="https://github.com/langtions-bot"><code>@​langtions-bot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3053">langchain-ai/langsmith-sdk#3053</a></li>
<li>fix(sandbox): use built-in gcp auth host matching by <a
href="https://github.com/DanielKneipp"><code>@​DanielKneipp</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3055">langchain-ai/langsmith-sdk#3055</a></li>
<li>chore(python): py to 0.8.17 by <a
href="https://github.com/sineha-mani"><code>@​sineha-mani</code></a> in
<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3056">langchain-ai/langsmith-sdk#3056</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/sineha-mani"><code>@​sineha-mani</code></a>
made their first contribution in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3018">langchain-ai/langsmith-sdk#3018</a></li>
<li><a
href="https://github.com/eric-langchain"><code>@​eric-langchain</code></a>
made their first contribution in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3050">langchain-ai/langsmith-sdk#3050</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.16...v0.8.17">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.16...v0.8.17</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="31c2bf650b"><code>31c2bf6</code></a>
release(py): 0.8.18 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3063">#3063</a>)</li>
<li><a
href="8955b68868"><code>8955b68</code></a>
chore: reconcile bumpversion config and mandate release process for
agents (#...</li>
<li><a
href="411401f6ca"><code>411401f</code></a>
test(python): fix integration assertions for updated attachment error
message...</li>
<li><a
href="9c5515620f"><code>9c55156</code></a>
Merge commit from fork</li>
<li><a
href="5b2bd8db3c"><code>5b2bd8d</code></a>
chore(deps): bump the npm_and_yarn group across 2 directories with 2
updates ...</li>
<li><a
href="d8642f9099"><code>d8642f9</code></a>
chore(deps): bump the npm_and_yarn group across 4 directories with 4
updates ...</li>
<li><a
href="953c2e5e25"><code>953c2e5</code></a>
chore(deps-dev): bump langchain-anthropic from 1.4.4 to 1.4.6 in /python
(<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3044">#3044</a>)</li>
<li><a
href="5513699e2d"><code>5513699</code></a>
chore(deps): bump starlette from 1.0.1 to 1.3.1 in /python (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3039">#3039</a>)</li>
<li><a
href="8becdefdf4"><code>8becdef</code></a>
chore(deps): bump cryptography from 46.0.7 to 48.0.1 in /python (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3038">#3038</a>)</li>
<li><a
href="1a9c522feb"><code>1a9c522</code></a>
chore(deps): bump aiohttp from 3.14.0 to 3.14.1 in /python (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3037">#3037</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.16...v0.8.18">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-19 22:14:04 -04:00