Commit Graph

2242 Commits

Author SHA1 Message Date
Nick Hollon
f7d7e0b756 feat(anthropic): native content-block streaming events 2026-06-11 11:19:14 -04:00
Mason Daugherty
05cc55f1bc release(core): 1.4.6 (#38061) 2026-06-11 02:58:40 -04:00
Mason Daugherty
447663fd8b feat(partners): expose package versions for remaining partners (#38060)
Chroma, Exa, Nomic, and Qdrant now expose package `__version__` values
through package-local `_version.py` modules, matching the version-file
pattern used by the other partner packages. Each package also gets a
`check_version` target so release version drift between `pyproject.toml`
and runtime exports is caught consistently.
2026-06-11 02:37:04 -04:00
Mason Daugherty
948f6cc58c feat(core,partners): add package version tracking to tracing metadata (#35295)
Following on the heels of #35293

TODO:
- Packages outside of this repo (e.g. LiteLLM, Nvidia, Google, AWS)

---

## Summary

Surface partner package versions in `metadata.versions` on LangSmith
traces. Mirrors the JS SDK's `_addVersion()` pattern
([langchainjs#10106](https://github.com/langchain-ai/langchainjs/pull/10106)).

Each model constructor records its package version via `_add_version()`
on `BaseLanguageModel`. The version dict accumulates through the class
hierarchy — `langchain-core` is added in
`BaseLanguageModel.model_post_init`, `langchain-openai` in
`BaseChatOpenAI._set_openai_chat_version`, and each leaf partner in its
uniquely-named `model_validator`. Traces end up with:

```json
{
  "metadata": {
    "versions": {
      "langchain-core": "1.4.5",
      "langchain-openai": "1.3.0",
      "langchain-xai": "1.2.2"
    }
  }
}
```

### Changes

- `BaseLanguageModel._add_version(pkg, version)` — appends to
`self.metadata["versions"]`; accepts any `Mapping` type; emits a warning
if a non-mapping value is found and replaced
- `BaseLanguageModel.model_post_init` — adds `langchain-core` version;
calls `super()` for MRO safety
- `_merge_metadata_dicts` — one-level-deep (non-recursive) merge for
nested dict metadata keys
- `CallbackManager.add_metadata` — uses `_merge_metadata_dicts` instead
of flat `dict.update()` so nested metadata dicts (like `versions`)
coexist rather than clobber
- `merge_configs` — uses `_merge_metadata_dicts` for config merging

**Partners:**
- Each now calls `self._add_version("langchain-<pkg>", __version__)`

### Design decisions

- **Constructor-based, not `_get_ls_params`-based** — versions flow
through `self.metadata` (local metadata on traces), not through
`LangSmithParams`. This matches JS and makes child-class version
inheritance automatic (no merge/clobber issues).
- **`versions` is local (non-inheritable) metadata** — `self.metadata`
is passed to `CallbackManager.configure` as `local_metadata`
(`add_metadata(..., inherit=False)`), so `versions` is attached **once
per chat-model run** and is **not** propagated to child runs or
duplicated onto every streaming chunk. This is intentionally the
opposite of the inheritable-per-chunk metadata that #36588 was reducing
for performance — `versions` does not regress that path.
- **`add_metadata` deep-merge is a correctness fix, not just for
versions** — previously `add_metadata`/`merge_configs` did a flat
top-level `dict.update`/spread, so any nested metadata dict baked into a
config (e.g. via `.with_config({"metadata": {...}})`) would be wholly
replaced when a caller also passed `metadata`. `_merge_metadata_dicts`
merges one level deep so user-provided `config.metadata.versions` and
model-set `versions` coexist instead of clobbering. The merge runs once
per `configure` (not per chunk), so it is off the streaming hot path.
- **One level deep only** — `_merge_metadata_dicts` is deliberately
*not* a recursive deep merge; values nested more than one level are
last-writer-wins. This covers the `versions` case without the
ambiguity/cost of arbitrary-depth merging.
- **Warn on non-dict `metadata["versions"]`** — if a user sets
`metadata={"versions": "some-string"}`, `_add_version` emits a warning
and replaces the value with the version dict rather than silently
discarding user data or crashing. This is a soft breaking change for
anyone who previously stored non-dict values at this key.

### Follow-ups (tracked separately, out of scope here)

- JS `mergeConfigs` still flat-spreads nested metadata, so
`metadata.versions` can still clobber on the JS side until an equivalent
deep-merge lands.

---

Made by [Open SWE](https://openswe.vercel.app)

---------

Co-authored-by: open-swe[bot] <open-swe@users.noreply.github.com>
2026-06-11 02:23:19 -04:00
Mason Daugherty
86428c63ac fix(core,openai): normalize v1 streamed tool calls (#35983)
OpenAI Chat Completions streaming has a v1 normalization gap when tool
calls are streamed.

When users opt into `output_version="v1"`, `.content_blocks` is expected
to be the normalized cross-provider view of the message. For OpenAI Chat
Completions streams, though, chunks still carry raw string `content`
plus side-channel `tool_call_chunks` / `tool_calls`.

Practically, an OpenAI stream chunk can look like this internally:

```python
AIMessageChunk(
    content="",
    tool_call_chunks=[
        {
            "name": "get_weather",
            "args": '{"location": "SF"}',
            "id": "call_123",
            "index": 0,
            "type": "tool_call_chunk",
        }
    ],
    response_metadata={"model_provider": "openai", "output_version": "v1"},
)
```

That is not already-normalized v1 content like this:

```python
AIMessageChunk(
    content=[
        {
            "type": "tool_call_chunk",
            "name": "get_weather",
            "args": '{"location": "SF"}',
            "id": "call_123",
            "index": 0,
        }
    ],
)
```

Because `.content_blocks` currently short-circuits solely on
`output_version="v1"`, it can return the raw string/empty list directly
instead of running the OpenAI translator that incorporates
`tool_call_chunks` / `tool_calls` into normalized v1 blocks.

In practice, a streamed OpenAI tool call can be parsed successfully into
`tool_calls`, but still be missing from the final aggregated
`.content_blocks`. Downstream code that consumes the v1 block interface
then sees no `tool_call` block and must know to inspect OpenAI-specific
chunk fields instead.

User story:

> As a LangChain user streaming OpenAI Chat Completions with bound tools
and `output_version="v1"`, I need the final aggregated message's
`.content_blocks` to include normalized `tool_call` blocks, so that code
written against the v1 content-block interface handles streamed tool
calls consistently across providers.

Expected final aggregated view:

```python
message.content_blocks == [
    {
        "type": "tool_call",
        "name": "get_weather",
        "args": {"location": "SF"},
        "id": "call_123",
    }
]
```

Root causes:

1. The usage-only Chat Completions chunk uses `content=[]` in v1 mode
while normal streaming chunks use `content=""`, creating inconsistent
content types during chunk aggregation.
2. `AIMessage.content_blocks` and `AIMessageChunk.content_blocks` treat
any `output_version="v1"` message as already-normalized, even when
`content` is still raw string content from Chat Completions.
3. Content-bearing OpenAI stream chunks do not carry
`output_version="v1"`, so the final merged chunk may not reliably take
the v1 normalization path.

Changes:

- Keep usage-only Chat Completions chunks as `content=""` instead of
overriding to `[]`, so streaming chunks merge consistently.
- Propagate `output_version="v1"` to content-bearing chunks.
- Only short-circuit v1 `.content_blocks` when `content` is already a
list of blocks; otherwise fall through to the provider translator.
- Add regression tests covering string-content v1 fallback, usage-only
chunk content consistency, and streamed tool calls appearing as
normalized final v1 blocks.
2026-06-11 00:51:50 -04:00
Christophe Bornet
1de100f278 chore(infra): bump mypy to 2.1 and unify type-check config across the monorepo (#36470)
Originally a narrow bump of mypy to `1.20` in four packages. Expanded to
get the whole monorepo onto a single, current mypy and a consistent
type-check configuration, so contributors no longer hit different mypy
versions and divergent behavior depending on which package they touch.

### What changed

- **Unified the mypy pin to `>=2.1.0,<2.2.0`** in every mypy-using
package (6 libs + 14 partners), replacing the previously scattered pins
(`1.10`/`1.17`/`1.18`/`1.19`/`1.20`, with assorted upper bounds).
- **Unified the `[tool.mypy]` base per tier:**
- libs: `plugins = ["pydantic.mypy"]`, `strict = true`,
`enable_error_code = "deprecated"`, `warn_unreachable = true`
  - partners: `disallow_untyped_defs = true`
- Normalized style (`disallow_untyped_defs = "True"` string → bool,
quote/key consistency).
- **Fixed the 20 real errors** mypy 2.1 surfaces: `redundant-cast` from
improved narrowing (`core`, `langchain-classic`), a `var-annotated` for
`_LOGGED`, a return-type widening in `langchain-groq`'s
`_convert_from_v1_to_groq` (it can legitimately return a bare `str`),
and stale `type-arg`/`unused-ignore` in `langchain-model-profiles`
tests.

### Deliberate non-uniformity (documented inline in the relevant
`pyproject.toml`s)

Going fully byte-identical would surface ~196 additional errors that are
*not* real bugs, so two settings are kept package-appropriate:

- **`warn_unreachable`** is enabled on every strict lib **except
`core`**, where it false-flags intentional defensive code — including
the SSRF / IP-policy guards in `_security/` — as unreachable.
- **`pydantic.mypy` plugin** is used only on `anthropic` and
`perplexity` (their code is authored against it and reports ~99/~132
errors without it). It is *not* added to the other partners, where it
only flags the public alias constructor API (e.g. `ChatGroq(model=...)`)
in tests rather than finding bugs.
- **`ollama`** is left on its `ty` type checker; it does not use mypy.

---------

Co-authored-by: Mason Daugherty <github@mdrxy.com>
2026-06-11 00:24:59 -04:00
Mason Daugherty
43880362d8 feat(standard-tests): validate tool call chunks during streaming (#34707)
As a LangChain user streaming a tool-calling model, I expect each
streamed chunk to expose structured `tool_call_chunk` content blocks so
I can render or process tool calls live, instead of waiting for the
final aggregated message.

This adds `tool_call_streaming` to `ModelProfile` and uses it in the
standard chat-model tool-calling tests. When a model profile opts in,
`test_tool_calling` and `test_tool_calling_async` now validate that at
least one streamed chunk includes a `tool_call_chunk` block via
`content_blocks`, while preserving the existing final-message
validation.

This keeps the contract profile-gated so providers can opt in once their
streaming chunk shape is verified. This PR opts in the providers
verified by smoke testing with straightforward profile coverage: OpenAI,
Anthropic, Fireworks, HuggingFace, OpenRouter, DeepSeek, and xAI. The
generated profile artifacts are refreshed so runtime profiles expose the
new capability flag.

Perplexity Responses also passed the smoke test, but its current profile
data is for the `sonar` family while the Responses smoke path used a
routed model string. That profile strategy is left as follow-up.
MistralAI currently streams `.tool_call_chunks`, but its content-block
translator exposes a complete `tool_call` block instead of
`tool_call_chunk`, so it also stays out of this flag until that
integration is fixed.
2026-06-10 22:29:02 -04:00
Mason Daugherty
c16499c339 chore(partners): bump locks (#38052) 2026-06-10 21:41:52 -04:00
Mason Daugherty
6b9e22dbbc fix(langchain): tighten structured output model fallbacks (#38042)
Provider-native structured output fallback detection now uses bounded
model-name patterns instead of broad substring checks, reducing false
positives for unrelated model IDs. The model examples and test fixtures
across OpenAI/OpenRouter-facing code were refreshed around current
OpenAI model families while preserving shipped defaults.

## Changes
- Tightened `FALLBACK_MODELS_WITH_STRUCTURED_OUTPUT` from loose string
fragments to regex patterns, with `_supports_provider_strategy` matching
full model-name segments instead of arbitrary substrings.
- Expanded structured-output fallback coverage for newer OpenAI,
Anthropic, and xAI/Grok model families, including `gpt-5.x`, newer
Claude 4/5-style names, and `grok-build`.
- Reused `_attempt_infer_model_provider` in provider tool search routing
so `_provider_from_model_name` follows the same provider inference
behavior as `init_chat_model`.
- Suppressed irrelevant provider-inference deprecation warnings during
provider tool search registry lookup.
- Refreshed OpenAI, Azure OpenAI, OpenRouter, core metadata, and example
model references from older fixtures like `gpt-4`, `gpt-4o`, `o1`, and
`o4-mini` to current test/profile models such as `gpt-5.5`,
`gpt-5-nano`, and `gpt-4.1-mini`.
- Removed outdated OpenAI test assumptions around legacy `o1` behavior
and narrowed legacy structured-output checks to explicitly legacy model
names.
2026-06-10 21:18:14 -04:00
Mason Daugherty
fcaa61636e feat(mistralai): support stop sequences (#38047)
`ChatMistralAI` now supports `stop` sequences.

Previously, a `stop` value passed to the model was silently discarded:
the code carried a stale "not yet supported" note, dropped the parameter
before the request, and logged a warning. Mistral's chat completions API
does accept `stop` (a string or list of strings, up to 4 sequences), so
anyone setting `stop` and expecting generation to halt was getting no
effect.

Now `stop` is a first-class parameter. It can be set on the constructor
(`ChatMistralAI(stop=[...])`) or per call (`model.invoke(prompt,
stop=[...])`) and is forwarded to the API. A per-call value overrides
the instance default, and an empty list is treated as "no stop
sequences" — omitted from the request rather than sent as an empty array
(which the API rejects).

Verified against the live Mistral API: with `stop=["5"]`, "Count from 1
to 10" returns `1 2 3 4 ` instead of the full sequence. The 422
`extra_forbidden` response the API returns for genuinely unknown fields
confirms `stop` is a real schema field, not silently ignored.

This PR also folds in some test hygiene: the base-URL env test uses
`monkeypatch.setenv` so `MISTRAL_BASE_URL=boo` no longer leaks into
later serialization tests, and `test_extra_kwargs` asserts the
intentional unknown-kwarg warning with `pytest.warns`.

## Review notes
- Behavior change worth a careful look: `stop` now reaches the API
instead of being dropped. This changes request payloads for anyone
previously passing `stop`. It is the intended fix, but flagging it
explicitly.
- Coverage: `test_stop_sequence` (integration) exercises the end-to-end
behavior; unit tests cover parameter wiring, per-call-vs-instance
precedence, and the empty-list case.
2026-06-10 20:42:16 -04:00
Mason Daugherty
21eeadf274 test(partners): account for warning behavior in partner tests (#38046)
Partner unit tests now reflect the warning behavior emitted by updated
`langchain-core` serialization and model initialization paths.
Warning-strict runs can stay focused on the behavior under test rather
than expected framework warnings.
2026-06-10 19:50:52 -04:00
Mason Daugherty
007ae66405 test(anthropic): make expected warnings explicit (#38044)
Warning-producing test paths now either exercise the intended Anthropic
model branch or explicitly assert expected warnings. That keeps `make
test` output clean while preserving coverage for backwards-compatible
parameters, deprecated `AnthropicLLM`, and standard structured-output
behavior.
2026-06-10 19:45:37 -04:00
Mason Daugherty
f0a78bf0d7 test(anthropic): make tests robust to gateway base URL (#38043)
Anthropic unit tests now pin the expected API base URL where
serialization and initialization assertions depend on it. That keeps
local gateway settings like `ANTHROPIC_BASE_URL` from changing snapshot
output or default URL assertions during development.
2026-06-10 19:39:50 -04:00
Mason Daugherty
2a11a824ef release(mistralai): 1.1.5 (#38038) 2026-06-10 17:48:09 -04:00
Mason Daugherty
e989c869a4 release(anthropic): 1.4.5 (#38036) 2026-06-10 17:38:01 -04:00
Mason Daugherty
f89f4c5afe fix(core): support content block tokens in callbacks (#34739)
Supersedes #34727
Closes #30703

Related:
* langchain-ai/langchain-google#1460
* langchain-ai/langchain-google#1501

Fixing this at the `langchain-core` callback layer instead of
normalizing inside individual provider integrations, so structured
streaming content is preserved consistently.

---

Models are increasingly streaming structured content blocks instead of
plain text tokens. For example, Gemini 3 can stream text as
content-block lists, and Anthropic/tool-use flows can also produce
non-text message content. Today those values already reach
`on_llm_new_token`, but the callback API still advertises `token: str`,
which makes custom callbacks, tracers, and streaming helpers assume
every streamed value is text.

User story: as a LangChain user building a streaming callback for chat
models with tool calls, reasoning/thinking blocks, or provider-specific
structured content, I need `on_llm_new_token` to accept the same content
shape that chat model chunks can actually emit, so my callback can
observe the stream without providers flattening or dropping non-text
data.

Fixing this in `langchain-core` makes the existing runtime behavior
explicit at the shared callback boundary. Normalizing content blocks
inside each provider would duplicate logic, produce inconsistent
behavior across integrations, and in some cases lose required provider
metadata such as Gemini thought signatures.

## Changes

- Update the callback contract so streamed tokens can be either plain
text or structured content blocks
- Carry structured streamed content through tracing and event/log
streaming paths without forcing provider data into text too early
- Keep built-in text-oriented streaming callbacks working by converting
structured tokens only at the display/queue boundary
- Drop the now-incorrect `cast("str", ...)` on streamed content in
`BaseChatModel` so the producer side matches the widened callback
signature instead of asserting a string it doesn't always have (no
runtime change — `cast` is erased)
- Align Anthropic and Mistral content typing with the structured content
shapes already used by chat model messages
- Update callback tests to reflect that not every streamed value is text

## Compatibility

No runtime behavior change: no producer emits anything it wasn't already
emitting, and widening a parameter type is safe for existing callers and
handlers that pass or receive `str`. The one caveat is downstream code
that subclasses a callback handler or tracer and overrides
`on_llm_new_token` with a `token: str` annotation — under strict type
checking that override is now narrower than the base and will be flagged
as incompatible with the supertype. Such code still runs unchanged; the
fix is to widen the annotation to match.
2026-06-10 16:59:08 -04:00
langchain-model-profile-bot[bot]
2b4735712c chore(model-profiles): refresh model profile data (#38012)
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.

🤖 Generated by the `refresh_model_profiles` workflow.

Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com>
2026-06-10 10:57:23 -04:00
Mason Daugherty
64ee4d8154 release(groq): 1.1.3 (#38009)
Closes #37996
2026-06-10 04:12:05 +00:00
Mason Daugherty
53f2ad18a0 release(perplexity): 1.4.0 (#37993) 2026-06-09 17:18:28 -04:00
rbuchmayer-pplx
de9502525a feat(perplexity): bind_tools and Responses-API tool round-trip (#37934)
## Summary

Follow-up to #37911 (released in `langchain-perplexity` 1.3.2). That PR
fixed the outbound `ToolMessage` / `AIMessage.tool_calls` serialization;
this one implements **`ChatPerplexity.bind_tools`**, which flips
`has_tool_calling` to `True` and lights up the full `langchain-tests`
standard tool-calling suite — the suite that would have caught #37911 in
the first place.

Verified live against the Perplexity Agent API (`openai/gpt-5.5`,
`use_responses_api=True`): a client-side function-tool round-trip
(invoke + stream) works end-to-end.

## Core change (the `bind_tools` work + the Responses-API follow-up)

- **`bind_tools`** mirrors `langchain-openai`: converts tools via
`convert_to_openai_tool`, normalizes `tool_choice`, and passes
Perplexity built-in tools (`web_search`, etc.) through unchanged.
- **`_to_responses_payload`** now translates tool turns into the
Responses (Agent) API's typed input items: `AIMessage.tool_calls` →
`function_call`, `ToolMessage` → `function_call_output`, and flattens
function tool specs. (The Responses API has no `tool` role, so this
translation is required for round-trips.)

## Changes required to make standard-suite tests pass on the Responses
route

- Streaming: `_convert_responses_stream_event_to_chunk` emits a
`tool_call_chunk` on `response.output_item.done` function calls —
required by `test_tool_calling` (which streams and asserts tool calls).
- `_content_to_text` reduces list-shaped assistant content to text in
the tool-call branch — required by `test_agent_loop` and
`test_tool_message_histories_list_content`.
- `response_metadata["model_name"]` on the Responses route, mirroring
Chat Completions — required by `test_usage_metadata` /
`test_usage_metadata_streaming` (used by `langchain_core` usage
callbacks).

## Tests

- `sonar` standard class marked `has_tool_calling=False` (the family
returns 400 "Tool calling is not supported for this model").
- New `TestPerplexityResponsesStandard` runs the full suite on
`openai/gpt-5.5` + `use_responses_api` with `has_tool_choice=False`:
**35 passed, 13 skipped, 2 xfailed**.
- The 2 xfails (`test_unicode_tool_call_integration`,
`test_structured_few_shot_examples`) hard-code `tool_choice="any"`. The
Responses (Agent) API does not support `tool_choice` (verified: every
form returns HTTP 200 without forcing a call), which `ChatPerplexity`
surfaces as `ValueError` — **existing behavior, unchanged here.**
Softening that to a warning can be a separate change.

`make format lint` clean; unit + standard tests green.

---------

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Mason Daugherty <mason@langchain.dev>
Co-authored-by: Mason Daugherty <github@mdrxy.com>
2026-06-09 17:14:50 -04:00
Mason Daugherty
c0103c3d2c hotfix(openai): min core dep (#37990) 2026-06-09 16:32:08 -04:00
Mason Daugherty
c7d01d5270 release(openai): 1.3.0 (#37989) 2026-06-09 16:15:29 -04:00
Nidhi Rajani
0f45b2c285 feat(openai): support apply_patch built-in tool (#37157)
[Docs](https://github.com/langchain-ai/docs/pull/4370)

Fixes #37031

Adds support for OpenAI Responses API `apply_patch` built-in tool.

This PR:
- Adds `apply_patch` to the OpenAI well-known tools list so
`bind_tools([{"type": "apply_patch"}])` works.
- Preserves `apply_patch_call` and `apply_patch_call_output` items when
converting OpenAI Responses API outputs into LangChain
`AIMessage.content`.
- Preserves the same item types in streaming `AIMessageChunk`
conversion.
- Supports round-trip input conversion for `apply_patch_call` and
`apply_patch_call_output`.
- Adds unit tests for core tool passthrough, non-streaming conversion,
streaming conversion, and round-trip input conversion.

## Testing

- `cd libs/core && uv run --group test pytest
tests/unit_tests/utils/test_function_calling.py -k "apply_patch" -vv`
- `cd libs/partners/openai && uv run --group test pytest
tests/unit_tests/chat_models/test_base.py -k "apply_patch" -vv`
- `cd libs/core && uv run --all-groups ruff check
langchain_core/utils/function_calling.py
tests/unit_tests/utils/test_function_calling.py`
- `cd libs/partners/openai && uv run --all-groups ruff check
langchain_openai/chat_models/base.py
tests/unit_tests/chat_models/test_base.py`

---------

Co-authored-by: Mason Daugherty <github@mdrxy.com>
Co-authored-by: Mason Daugherty <mason@langchain.dev>
2026-06-09 16:13:37 -04:00
langchain-model-profile-bot[bot]
7e9c916c7e chore(model-profiles): refresh model profile data (#37973)
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.

🤖 Generated by the `refresh_model_profiles` workflow.

Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com>
2026-06-09 09:59:24 -04:00
langchain-model-profile-bot[bot]
4bd3b6ab64 chore(model-profiles): refresh model profile data (#37958)
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.

🤖 Generated by the `refresh_model_profiles` workflow.

Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com>
2026-06-08 10:09:26 -04:00
langchain-model-profile-bot[bot]
9fa4d7b6a1 chore(model-profiles): refresh model profile data (#37936)
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.

🤖 Generated by the `refresh_model_profiles` workflow.

Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com>
2026-06-07 16:16:29 -04:00
dependabot[bot]
ad8c0fc4cc chore: bump pyarrow from 22.0.0 to 23.0.1 in /libs/partners/nomic (#37931)
Bumps [pyarrow](https://github.com/apache/arrow) from 22.0.0 to 23.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/apache/arrow/releases">pyarrow's
releases</a>.</em></p>
<blockquote>
<h2>Apache Arrow 23.0.1</h2>
<p>Release Notes URL: <a
href="https://arrow.apache.org/release/23.0.1.html">https://arrow.apache.org/release/23.0.1.html</a></p>
<h2>Apache Arrow 23.0.1 RC0</h2>
<p>Release Notes: Release Candidate: 23.0.1 RC0</p>
<h2>Apache Arrow 23.0.0</h2>
<p>Release Notes URL: <a
href="https://arrow.apache.org/release/23.0.0.html">https://arrow.apache.org/release/23.0.0.html</a></p>
<h2>Apache Arrow 23.0.0 RC2</h2>
<p>Release Notes: Release Candidate: 23.0.0 RC2</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="82a374e5f3"><code>82a374e</code></a>
MINOR: [Release] Update versions for 23.0.1</li>
<li><a
href="c1ae37c4a5"><code>c1ae37c</code></a>
MINOR: [Release] Update .deb/.rpm changelogs for 23.0.1</li>
<li><a
href="8f6e55736f"><code>8f6e557</code></a>
MINOR: [Release] Update CHANGELOG.md for 23.0.1</li>
<li><a
href="4e16a1aeed"><code>4e16a1a</code></a>
<a
href="https://redirect.github.com/apache/arrow/issues/49159">GH-49159</a>:
[C++][Gandiva] Detect overflow in repeat() (<a
href="https://redirect.github.com/apache/arrow/issues/49160">#49160</a>)</li>
<li><a
href="985621dbfc"><code>985621d</code></a>
<a
href="https://redirect.github.com/apache/arrow/issues/48817">GH-48817</a>
[R][C++] Bump C++20 in R build infrastructure (<a
href="https://redirect.github.com/apache/arrow/issues/48819">#48819</a>)</li>
<li><a
href="1bea06ad4e"><code>1bea06a</code></a>
<a
href="https://redirect.github.com/apache/arrow/issues/49024">GH-49024</a>:
[CI] Update Debian version in <code>.env</code> (<a
href="https://redirect.github.com/apache/arrow/issues/49032">#49032</a>)</li>
<li><a
href="147bcd6d8f"><code>147bcd6</code></a>
<a
href="https://redirect.github.com/apache/arrow/issues/49156">GH-49156</a>:
[Python] Require GIL for string comparison (<a
href="https://redirect.github.com/apache/arrow/issues/49161">#49161</a>)</li>
<li><a
href="e4f922b162"><code>e4f922b</code></a>
<a
href="https://redirect.github.com/apache/arrow/issues/49138">GH-49138</a>:
[Packaging][Python] Remove nightly cython install from manylinux
wh...</li>
<li><a
href="f9376e4721"><code>f9376e4</code></a>
<a
href="https://redirect.github.com/apache/arrow/issues/49003">GH-49003</a>:
[C++] Don't consider <code>out_of_range</code> an error in float parsing
(<a
href="https://redirect.github.com/apache/arrow/issues/49095">#49095</a>)</li>
<li><a
href="ab2c0ad6b2"><code>ab2c0ad</code></a>
<a
href="https://redirect.github.com/apache/arrow/issues/49044">GH-49044</a>:
[CI][Python] Fix test_download_tzdata_on_windows by adding
required...</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/arrow/compare/apache-arrow-22.0.0...apache-arrow-23.0.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyarrow&package-manager=uv&previous-version=22.0.0&new-version=23.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-07 13:15:04 -07:00
Mason Daugherty
cdafe607af release(perplexity): 1.3.2 (#37925) 2026-06-05 15:18:01 -04:00
rbuchmayer-pplx
1be54cc0e1 fix(perplexity): serialize ToolMessage and AIMessage.tool_calls (#37911)
Fixes #37912

`ChatPerplexity._convert_message_to_dict` raises `TypeError` on
`ToolMessage` and drops `AIMessage.tool_calls`, which breaks
tool-message round-trips through `ChatPerplexity` — a client-side
tool-calling loop, or a shared message history across providers via
`RunnableWithFallbacks`.

Repro:

```python
from langchain_perplexity import ChatPerplexity
from langchain_core.messages import ToolMessage

ChatPerplexity(model="sonar")._convert_message_to_dict(
    ToolMessage(content="result", tool_call_id="call_1")
)
# TypeError: Got unknown type content='result' tool_call_id='call_1'
```

An `AIMessage` carrying `tool_calls` also serializes to `{"role":
"assistant", "content": ...}` with the `tool_calls` silently dropped.

This brings the converter to parity with `langchain-openai`: serialize
`tool_calls` / `invalid_tool_calls`, send `content` as `null` when
tool_calls are present, and add a `tool`-role branch for `ToolMessage`.

How I verified: added unit tests for the `ToolMessage` and
`AIMessage.tool_calls` / `invalid_tool_calls` cases; the perplexity
package unit tests, lint, and format all pass.

Scope: translating these to the Responses (Agent) API's `function_call`
/ `function_call_output` input items is a separate follow-up; this PR is
the Chat Completions serialization parity fix.

---------

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Mason Daugherty <mason@langchain.dev>
Co-authored-by: Mason Daugherty <github@mdrxy.com>
2026-06-05 15:14:42 -04:00
langchain-model-profile-bot[bot]
0993edba86 chore(model-profiles): refresh model profile data (#37916)
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.

🤖 Generated by the `refresh_model_profiles` workflow.

Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com>
2026-06-05 10:37:10 -04:00
dependabot[bot]
9eab5237cc chore: bump requests from 2.34.0 to 2.34.2 in /libs/partners/xai (#37903)
Bumps [requests](https://github.com/psf/requests) from 2.34.0 to 2.34.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/releases">requests's
releases</a>.</em></p>
<blockquote>
<h2>v2.34.2</h2>
<h2>2.34.2 (2026-05-14)</h2>
<ul>
<li>Moved <code>headers</code> input type back to <code>Mapping</code>
to avoid invariance issues with <code>MutableMapping</code> and inferred
dict types. Users calling <code>Request.headers.update()</code> may need
to narrow typing in their code. (<a
href="https://redirect.github.com/psf/requests/issues/7441">#7441</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14">https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14</a></p>
<h2>v2.34.1</h2>
<h2>2.34.1 (2026-05-13)</h2>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Widened <code>json</code> input type from <code>dict</code> and
<code>list</code> to <code>Mapping</code>
and <code>Sequence</code>. (<a
href="https://redirect.github.com/psf/requests/issues/7436">#7436</a>)</li>
<li>Changed <code>headers</code> input type to MutableMapping and
removed <code>None</code> from
<code>Request.headers</code> typing to improve handling for users. (<a
href="https://redirect.github.com/psf/requests/issues/7431">#7431</a>)</li>
<li><code>Response.reason</code> moved from <code>str | None</code> to
<code>str</code> to improve handling
for users. (<a
href="https://redirect.github.com/psf/requests/issues/7437">#7437</a>)</li>
<li>Fixed a bug where some bodies with custom <code>__getattr__</code>
implementations
weren't being properly detected as Iterables. (<a
href="https://redirect.github.com/psf/requests/issues/7433">#7433</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/k223kim"><code>@​k223kim</code></a> made
their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/7433">psf/requests#7433</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13">https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's
changelog</a>.</em></p>
<blockquote>
<h2>2.34.2 (2026-05-14)</h2>
<ul>
<li>Moved <code>headers</code> input type back to <code>Mapping</code>
to avoid invariance issues
with <code>MutableMapping</code> and inferred dict types. Users calling
<code>Request.headers.update()</code> may need to narrow typing in their
code. (<a
href="https://redirect.github.com/psf/requests/issues/7441">#7441</a>)</li>
</ul>
<h2>2.34.1 (2026-05-13)</h2>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Widened <code>json</code> input type from <code>dict</code> and
<code>list</code> to <code>Mapping</code>
and <code>Sequence</code>. (<a
href="https://redirect.github.com/psf/requests/issues/7436">#7436</a>)</li>
<li>Changed <code>headers</code> input type to MutableMapping and
removed <code>None</code> from
<code>Request.headers</code> typing to improve handling for users. (<a
href="https://redirect.github.com/psf/requests/issues/7431">#7431</a>)</li>
<li><code>Response.reason</code> moved from <code>str | None</code> to
<code>str</code> to improve handling
for users. (<a
href="https://redirect.github.com/psf/requests/issues/7437">#7437</a>)</li>
<li>Fixed a bug where some bodies with custom <code>__getattr__</code>
implementations
weren't being properly detected as Iterables. (<a
href="https://redirect.github.com/psf/requests/issues/7433">#7433</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6e83187b8f"><code>6e83187</code></a>
v2.34.2</li>
<li><a
href="84d10f0be8"><code>84d10f0</code></a>
Move Request.headers back to Mapping (<a
href="https://redirect.github.com/psf/requests/issues/7441">#7441</a>)</li>
<li><a
href="b7b549b545"><code>b7b549b</code></a>
v2.34.1</li>
<li><a
href="e511bc7277"><code>e511bc7</code></a>
Fix mutability issues with headers input types (<a
href="https://redirect.github.com/psf/requests/issues/7431">#7431</a>)</li>
<li><a
href="5691f59613"><code>5691f59</code></a>
Update JsonType containers to read-based collections (<a
href="https://redirect.github.com/psf/requests/issues/7436">#7436</a>)</li>
<li><a
href="2144213c30"><code>2144213</code></a>
Constrain Response.reason to str (<a
href="https://redirect.github.com/psf/requests/issues/7437">#7437</a>)</li>
<li><a
href="6404f345e5"><code>6404f34</code></a>
Fix <code>prepare_body</code> stream detection for
<code>__getattr__</code>-based file wrappers (<a
href="https://redirect.github.com/psf/requests/issues/7">#7</a>...</li>
<li>See full diff in <a
href="https://github.com/psf/requests/compare/v2.34.0...v2.34.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=uv&previous-version=2.34.0&new-version=2.34.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-04 14:30:03 -04:00
Mason Daugherty
3b999176c8 test(langchain,partners): disable pytest-benchmark under xdist to silence PytestBenchmarkWarning (#37901)
Test targets run with `-n auto`, which makes `pytest-benchmark` (present
via `langchain-tests`) auto-disable itself and emit a
`PytestBenchmarkWarning` once per xdist worker. Passing
`--benchmark-disable` turns the plugin off explicitly so the warning
never fires, matching what `core` and `langchain_v1` already do.

## Changes
- Add `--benchmark-disable` to the `-n auto` test targets across
`langchain` (unit) and 14 partner packages' integration targets:
`anthropic`, `chroma`, `deepseek`, `exa`, `fireworks`, `groq`,
`huggingface`, `mistralai`, `nomic`, `ollama`, `openai`, `openrouter`,
`qdrant`, `xai`.
- Deliberately excluded `text-splitters` and `model-profiles`: their
`test` group doesn't install `pytest-benchmark`, so the flag would fail
with `unrecognized arguments`. Verified by importing the plugin under
each package's actual dependency group before editing.
2026-06-04 13:25:26 -04:00
Mason Daugherty
34af59c1a6 fix(partners): cap aiohttp below 3.14 for vcrpy compat (#37898)
aiohttp **3.14.0** (released 2026-06-01) removed
`aiohttp.streams.AsyncStreamReaderMixin`. The current release of `vcrpy`
(8.1.1) still subclasses it in its aiohttp stub:

```python
class MockStream(asyncio.StreamReader, streams.AsyncStreamReaderMixin):
```

As a result, the VCR fixture fails to import during test setup, and the
scheduled integration tests for the `fireworks` and `xai` partners error
out at `test_stream_time`:

```
AttributeError: module 'aiohttp.streams' has no attribute 'AsyncStreamReaderMixin'
```

Only these two partners are affected because their SDKs use `aiohttp`,
so VCR loads its aiohttp stub; partners on `httpx` (e.g. `anthropic`,
`openai`) are unaffected.

This is an upstream incompatibility tracked at kevin1024/vcrpy#995, with
a fix in kevin1024/vcrpy#996 that has not yet been released.

Until a fixed `vcrpy` ships, this caps `aiohttp<3.14.0` via `[tool.uv]
constraint-dependencies` (the same mechanism already used for the
`pygments` CVE pin) in both packages. Using a constraint rather than
tightening the published `aiohttp>=3.9.1,<4.0.0` range means the change
only affects local/CI resolution — the package metadata users install
against is untouched. Both lockfiles re-resolve to `aiohttp` 3.13.5,
which still provides the removed attribute. A code comment points back
to the upstream fix so the pin can be removed once it lands.
2026-06-04 10:44:21 -04:00
langchain-model-profile-bot[bot]
414d7b8e94 chore(model-profiles): refresh model profile data (#37895)
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.

🤖 Generated by the `refresh_model_profiles` workflow.

Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com>
2026-06-04 10:31:52 -04:00
John Kennedy
bae485bd5e chore: bump dependencies (#37892)
## Summary
- Bump `langsmith` in `libs/partners/huggingface/uv.lock` from 0.7.31 to
0.8.9
- Bump `langchain-classic` in `libs/langchain_v1/uv.lock` from 1.0.0 to
1.0.7
- Bump transitive `langsmith` in `libs/langchain_v1/uv.lock` from 0.8.0
to 0.8.9

## Notes
- The open Chroma alert currently has no patched version in GitHub
Dependabot metadata. `chromadb` is already at 1.5.9 on `master`, and
PyPI shows 1.5.9 as the latest available release.

## Testing
- `uv lock --check` in `libs/partners/huggingface`
- `uv lock --check` in `libs/langchain_v1`
- `uv lock --check` in `libs/partners/chroma`
- `git diff --check`
2026-06-03 20:29:57 -07:00
dependabot[bot]
dca3138e59 chore: bump aiohttp from 3.13.5 to 3.14.0 in /libs/partners/xai (#37887)
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=uv&previous-version=3.13.5&new-version=3.14.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-03 20:00:02 -07:00
dependabot[bot]
a7b53c9b77 chore: bump langsmith from 0.8.5 to 0.8.9 in /libs/partners/xai (#37886)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from
0.8.5 to 0.8.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's
releases</a>.</em></p>
<blockquote>
<h2>v0.8.9</h2>
<h2>What's Changed</h2>
<ul>
<li>feat(sandbox): add JS Dockerfile snapshots by <a
href="https://github.com/langchain-infra"><code>@​langchain-infra</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2951">langchain-ai/langsmith-sdk#2951</a></li>
<li>chore(deps-dev): bump the js-minor-and-patch group across 1
directory with 11 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2931">langchain-ai/langsmith-sdk#2931</a></li>
<li>chore(deps): bump websockets from 15.0.1 to 16.0 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2811">langchain-ai/langsmith-sdk#2811</a></li>
<li>chore(deps): update myst-parser requirement from &gt;=3 to
&gt;=4.0.1 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2841">langchain-ai/langsmith-sdk#2841</a></li>
<li>chore(deps): bump the py-minor-and-patch group across 1 directory
with 19 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2934">langchain-ai/langsmith-sdk#2934</a></li>
<li>chore(deps): bump typescript from 5.9.3 to 6.0.3 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2839">langchain-ai/langsmith-sdk#2839</a></li>
<li>chore(deps-dev): bump google-adk from 1.10.0 to 2.1.0 in /python by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2960">langchain-ai/langsmith-sdk#2960</a></li>
<li>chore(deps-dev): bump wrapt from 1.17.3 to 2.2.1 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2961">langchain-ai/langsmith-sdk#2961</a></li>
<li>chore(deps-dev): bump the py-minor-and-patch group in /python with 6
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2958">langchain-ai/langsmith-sdk#2958</a></li>
<li>chore(deps-dev): bump types-tqdm from 4.67.3.20260408 to
4.67.3.20260518 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2959">langchain-ai/langsmith-sdk#2959</a></li>
<li>ci: add minimum workflow permissions by <a
href="https://github.com/jkennedyvz"><code>@​jkennedyvz</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2967">langchain-ai/langsmith-sdk#2967</a></li>
<li>chore: update dependabot.yml to comply with posture checks by <a
href="https://github.com/jkennedyvz"><code>@​jkennedyvz</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2966">langchain-ai/langsmith-sdk#2966</a></li>
<li>test(python): deflake test_tracing_queue_limit_drops_when_full by <a
href="https://github.com/baskaryan"><code>@​baskaryan</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2964">langchain-ai/langsmith-sdk#2964</a></li>
<li>feat(sandbox): size the dockerfile-build sandbox via vcpus/mem_bytes
(python) by <a
href="https://github.com/langchain-infra"><code>@​langchain-infra</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2979">langchain-ai/langsmith-sdk#2979</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.8...v0.8.9">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.8...v0.8.9</a></p>
<h2>v0.8.8</h2>
<h2>What's Changed</h2>
<ul>
<li>fix(python): retry sandbox pool timeouts by <a
href="https://github.com/baskaryan"><code>@​baskaryan</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2953">langchain-ai/langsmith-sdk#2953</a></li>
<li>fix(sandbox): build Dockerfile snapshots off /tmp by <a
href="https://github.com/langchain-infra"><code>@​langchain-infra</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2956">langchain-ai/langsmith-sdk#2956</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.8">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.8</a></p>
<h2>v0.8.7</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: reconnect sandbox command streams on EOF by <a
href="https://github.com/ramon-langchain"><code>@​ramon-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2941">langchain-ai/langsmith-sdk#2941</a></li>
<li>feat(sandbox): build snapshots from Dockerfiles by <a
href="https://github.com/langchain-infra"><code>@​langchain-infra</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2950">langchain-ai/langsmith-sdk#2950</a></li>
<li>fix(python): add organization id to context URLs by <a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2945">langchain-ai/langsmith-sdk#2945</a></li>
<li>fix(js): add organization id to context URLs by <a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2946">langchain-ai/langsmith-sdk#2946</a></li>
<li>release(py): 0.8.7 by <a
href="https://github.com/ramon-langchain"><code>@​ramon-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2947">langchain-ai/langsmith-sdk#2947</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.6...v0.8.7">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.6...v0.8.7</a></p>
<h2>v0.8.6</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps-dev): bump <code>@​google/genai</code> from 1.50.1 to
2.0.1 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2875">langchain-ai/langsmith-sdk#2875</a></li>
<li>chore(deps): bump mako from 1.3.11 to 1.3.12 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2880">langchain-ai/langsmith-sdk#2880</a></li>
<li>chore(deps): bump authlib from 1.6.11 to 1.6.12 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2888">langchain-ai/langsmith-sdk#2888</a></li>
<li>chore(deps): bump hono from 4.12.15 to 4.12.18 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2894">langchain-ai/langsmith-sdk#2894</a></li>
<li>chore(deps): bump fast-uri from 3.1.0 to 3.1.2 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2895">langchain-ai/langsmith-sdk#2895</a></li>
<li>chore(deps-dev): bump <code>@​anthropic-ai/sdk</code> from 0.94.0 to
0.95.0 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2881">langchain-ai/langsmith-sdk#2881</a></li>
<li>chore(deps): bump postcss from 8.5.8 to 8.5.14 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2898">langchain-ai/langsmith-sdk#2898</a></li>
<li>chore(deps): bump <code>@​protobufjs/utf8</code> from 1.1.0 to 1.1.1
in /js/internal/environment_tests/test-exports-vite in the npm_and_yarn
group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2908">langchain-ai/langsmith-sdk#2908</a></li>
<li>chore(deps): bump hono from 4.12.18 to 4.12.19 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2909">langchain-ai/langsmith-sdk#2909</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1eda04b4e8"><code>1eda04b</code></a>
feat(sandbox): size the dockerfile-build sandbox via vcpus/mem_bytes
(python)...</li>
<li><a
href="5960910cbe"><code>5960910</code></a>
test(python): deflake test_tracing_queue_limit_drops_when_full (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2964">#2964</a>)</li>
<li><a
href="846d4c5b17"><code>846d4c5</code></a>
chore: update dependabot.yml to comply with posture checks (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2966">#2966</a>)</li>
<li><a
href="48b66b3cca"><code>48b66b3</code></a>
ci: add minimum workflow permissions (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2967">#2967</a>)</li>
<li><a
href="d0a93ac8a2"><code>d0a93ac</code></a>
chore(deps-dev): bump types-tqdm from 4.67.3.20260408 to 4.67.3.20260518
in /...</li>
<li><a
href="fc9ba745e3"><code>fc9ba74</code></a>
chore(deps-dev): bump the py-minor-and-patch group in /python with 6
updates ...</li>
<li><a
href="d54e69b689"><code>d54e69b</code></a>
chore(deps-dev): bump wrapt from 1.17.3 to 2.2.1 in /python (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2961">#2961</a>)</li>
<li><a
href="1d212585b8"><code>1d21258</code></a>
chore(deps-dev): bump google-adk from 1.10.0 to 2.1.0 in /python (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2960">#2960</a>)</li>
<li><a
href="b66d791bfe"><code>b66d791</code></a>
chore(deps-dev): bump typescript from 5.9.3 to 6.0.3 in /js (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2839">#2839</a>)</li>
<li><a
href="a0f9eff836"><code>a0f9eff</code></a>
chore(deps): bump the py-minor-and-patch group across 1 directory with
19 upd...</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.5...v0.8.9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langsmith&package-manager=uv&previous-version=0.8.5&new-version=0.8.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-03 19:59:51 -07:00
dependabot[bot]
efb0a4589b chore: bump aiohttp from 3.13.5 to 3.14.0 in /libs/partners/fireworks (#37882)
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=uv&previous-version=3.13.5&new-version=3.14.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-03 19:11:09 -04:00
dependabot[bot]
f717342a86 chore: bump langsmith from 0.8.7 to 0.8.9 in /libs/partners/fireworks (#37883)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from
0.8.7 to 0.8.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's
releases</a>.</em></p>
<blockquote>
<h2>v0.8.9</h2>
<h2>What's Changed</h2>
<ul>
<li>feat(sandbox): add JS Dockerfile snapshots by <a
href="https://github.com/langchain-infra"><code>@​langchain-infra</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2951">langchain-ai/langsmith-sdk#2951</a></li>
<li>chore(deps-dev): bump the js-minor-and-patch group across 1
directory with 11 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2931">langchain-ai/langsmith-sdk#2931</a></li>
<li>chore(deps): bump websockets from 15.0.1 to 16.0 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2811">langchain-ai/langsmith-sdk#2811</a></li>
<li>chore(deps): update myst-parser requirement from &gt;=3 to
&gt;=4.0.1 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2841">langchain-ai/langsmith-sdk#2841</a></li>
<li>chore(deps): bump the py-minor-and-patch group across 1 directory
with 19 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2934">langchain-ai/langsmith-sdk#2934</a></li>
<li>chore(deps): bump typescript from 5.9.3 to 6.0.3 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2839">langchain-ai/langsmith-sdk#2839</a></li>
<li>chore(deps-dev): bump google-adk from 1.10.0 to 2.1.0 in /python by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2960">langchain-ai/langsmith-sdk#2960</a></li>
<li>chore(deps-dev): bump wrapt from 1.17.3 to 2.2.1 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2961">langchain-ai/langsmith-sdk#2961</a></li>
<li>chore(deps-dev): bump the py-minor-and-patch group in /python with 6
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2958">langchain-ai/langsmith-sdk#2958</a></li>
<li>chore(deps-dev): bump types-tqdm from 4.67.3.20260408 to
4.67.3.20260518 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2959">langchain-ai/langsmith-sdk#2959</a></li>
<li>ci: add minimum workflow permissions by <a
href="https://github.com/jkennedyvz"><code>@​jkennedyvz</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2967">langchain-ai/langsmith-sdk#2967</a></li>
<li>chore: update dependabot.yml to comply with posture checks by <a
href="https://github.com/jkennedyvz"><code>@​jkennedyvz</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2966">langchain-ai/langsmith-sdk#2966</a></li>
<li>test(python): deflake test_tracing_queue_limit_drops_when_full by <a
href="https://github.com/baskaryan"><code>@​baskaryan</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2964">langchain-ai/langsmith-sdk#2964</a></li>
<li>feat(sandbox): size the dockerfile-build sandbox via vcpus/mem_bytes
(python) by <a
href="https://github.com/langchain-infra"><code>@​langchain-infra</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2979">langchain-ai/langsmith-sdk#2979</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.8...v0.8.9">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.8...v0.8.9</a></p>
<h2>v0.8.8</h2>
<h2>What's Changed</h2>
<ul>
<li>fix(python): retry sandbox pool timeouts by <a
href="https://github.com/baskaryan"><code>@​baskaryan</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2953">langchain-ai/langsmith-sdk#2953</a></li>
<li>fix(sandbox): build Dockerfile snapshots off /tmp by <a
href="https://github.com/langchain-infra"><code>@​langchain-infra</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2956">langchain-ai/langsmith-sdk#2956</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.8">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.8</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1eda04b4e8"><code>1eda04b</code></a>
feat(sandbox): size the dockerfile-build sandbox via vcpus/mem_bytes
(python)...</li>
<li><a
href="5960910cbe"><code>5960910</code></a>
test(python): deflake test_tracing_queue_limit_drops_when_full (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2964">#2964</a>)</li>
<li><a
href="846d4c5b17"><code>846d4c5</code></a>
chore: update dependabot.yml to comply with posture checks (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2966">#2966</a>)</li>
<li><a
href="48b66b3cca"><code>48b66b3</code></a>
ci: add minimum workflow permissions (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2967">#2967</a>)</li>
<li><a
href="d0a93ac8a2"><code>d0a93ac</code></a>
chore(deps-dev): bump types-tqdm from 4.67.3.20260408 to 4.67.3.20260518
in /...</li>
<li><a
href="fc9ba745e3"><code>fc9ba74</code></a>
chore(deps-dev): bump the py-minor-and-patch group in /python with 6
updates ...</li>
<li><a
href="d54e69b689"><code>d54e69b</code></a>
chore(deps-dev): bump wrapt from 1.17.3 to 2.2.1 in /python (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2961">#2961</a>)</li>
<li><a
href="1d212585b8"><code>1d21258</code></a>
chore(deps-dev): bump google-adk from 1.10.0 to 2.1.0 in /python (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2960">#2960</a>)</li>
<li><a
href="b66d791bfe"><code>b66d791</code></a>
chore(deps-dev): bump typescript from 5.9.3 to 6.0.3 in /js (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2839">#2839</a>)</li>
<li><a
href="a0f9eff836"><code>a0f9eff</code></a>
chore(deps): bump the py-minor-and-patch group across 1 directory with
19 upd...</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langsmith&package-manager=uv&previous-version=0.8.7&new-version=0.8.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-03 19:11:03 -04:00
dependabot[bot]
d55c08bc72 chore: bump langsmith from 0.8.7 to 0.8.9 in /libs/partners/chroma (#37884)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from
0.8.7 to 0.8.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's
releases</a>.</em></p>
<blockquote>
<h2>v0.8.9</h2>
<h2>What's Changed</h2>
<ul>
<li>feat(sandbox): add JS Dockerfile snapshots by <a
href="https://github.com/langchain-infra"><code>@​langchain-infra</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2951">langchain-ai/langsmith-sdk#2951</a></li>
<li>chore(deps-dev): bump the js-minor-and-patch group across 1
directory with 11 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2931">langchain-ai/langsmith-sdk#2931</a></li>
<li>chore(deps): bump websockets from 15.0.1 to 16.0 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2811">langchain-ai/langsmith-sdk#2811</a></li>
<li>chore(deps): update myst-parser requirement from &gt;=3 to
&gt;=4.0.1 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2841">langchain-ai/langsmith-sdk#2841</a></li>
<li>chore(deps): bump the py-minor-and-patch group across 1 directory
with 19 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2934">langchain-ai/langsmith-sdk#2934</a></li>
<li>chore(deps): bump typescript from 5.9.3 to 6.0.3 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2839">langchain-ai/langsmith-sdk#2839</a></li>
<li>chore(deps-dev): bump google-adk from 1.10.0 to 2.1.0 in /python by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2960">langchain-ai/langsmith-sdk#2960</a></li>
<li>chore(deps-dev): bump wrapt from 1.17.3 to 2.2.1 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2961">langchain-ai/langsmith-sdk#2961</a></li>
<li>chore(deps-dev): bump the py-minor-and-patch group in /python with 6
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2958">langchain-ai/langsmith-sdk#2958</a></li>
<li>chore(deps-dev): bump types-tqdm from 4.67.3.20260408 to
4.67.3.20260518 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2959">langchain-ai/langsmith-sdk#2959</a></li>
<li>ci: add minimum workflow permissions by <a
href="https://github.com/jkennedyvz"><code>@​jkennedyvz</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2967">langchain-ai/langsmith-sdk#2967</a></li>
<li>chore: update dependabot.yml to comply with posture checks by <a
href="https://github.com/jkennedyvz"><code>@​jkennedyvz</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2966">langchain-ai/langsmith-sdk#2966</a></li>
<li>test(python): deflake test_tracing_queue_limit_drops_when_full by <a
href="https://github.com/baskaryan"><code>@​baskaryan</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2964">langchain-ai/langsmith-sdk#2964</a></li>
<li>feat(sandbox): size the dockerfile-build sandbox via vcpus/mem_bytes
(python) by <a
href="https://github.com/langchain-infra"><code>@​langchain-infra</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2979">langchain-ai/langsmith-sdk#2979</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.8...v0.8.9">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.8...v0.8.9</a></p>
<h2>v0.8.8</h2>
<h2>What's Changed</h2>
<ul>
<li>fix(python): retry sandbox pool timeouts by <a
href="https://github.com/baskaryan"><code>@​baskaryan</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2953">langchain-ai/langsmith-sdk#2953</a></li>
<li>fix(sandbox): build Dockerfile snapshots off /tmp by <a
href="https://github.com/langchain-infra"><code>@​langchain-infra</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2956">langchain-ai/langsmith-sdk#2956</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.8">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.8</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1eda04b4e8"><code>1eda04b</code></a>
feat(sandbox): size the dockerfile-build sandbox via vcpus/mem_bytes
(python)...</li>
<li><a
href="5960910cbe"><code>5960910</code></a>
test(python): deflake test_tracing_queue_limit_drops_when_full (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2964">#2964</a>)</li>
<li><a
href="846d4c5b17"><code>846d4c5</code></a>
chore: update dependabot.yml to comply with posture checks (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2966">#2966</a>)</li>
<li><a
href="48b66b3cca"><code>48b66b3</code></a>
ci: add minimum workflow permissions (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2967">#2967</a>)</li>
<li><a
href="d0a93ac8a2"><code>d0a93ac</code></a>
chore(deps-dev): bump types-tqdm from 4.67.3.20260408 to 4.67.3.20260518
in /...</li>
<li><a
href="fc9ba745e3"><code>fc9ba74</code></a>
chore(deps-dev): bump the py-minor-and-patch group in /python with 6
updates ...</li>
<li><a
href="d54e69b689"><code>d54e69b</code></a>
chore(deps-dev): bump wrapt from 1.17.3 to 2.2.1 in /python (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2961">#2961</a>)</li>
<li><a
href="1d212585b8"><code>1d21258</code></a>
chore(deps-dev): bump google-adk from 1.10.0 to 2.1.0 in /python (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2960">#2960</a>)</li>
<li><a
href="b66d791bfe"><code>b66d791</code></a>
chore(deps-dev): bump typescript from 5.9.3 to 6.0.3 in /js (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2839">#2839</a>)</li>
<li><a
href="a0f9eff836"><code>a0f9eff</code></a>
chore(deps): bump the py-minor-and-patch group across 1 directory with
19 upd...</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langsmith&package-manager=uv&previous-version=0.8.7&new-version=0.8.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-03 19:11:00 -04:00
dependabot[bot]
8fc277a4f4 chore: bump aiohttp from 3.13.4 to 3.14.0 in /libs/partners/huggingface (#37885)
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=uv&previous-version=3.13.4&new-version=3.14.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-03 19:10:54 -04:00
langchain-model-profile-bot[bot]
06ab861ace chore(model-profiles): refresh model profile data (#37870)
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.

🤖 Generated by the `refresh_model_profiles` workflow.

Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com>
2026-06-03 10:41:16 -04:00
langchain-model-profile-bot[bot]
7a74eeb33c chore(model-profiles): refresh model profile data (#37852)
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.

🤖 Generated by the `refresh_model_profiles` workflow.

Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com>
2026-06-02 11:21:05 -04:00
langchain-model-profile-bot[bot]
bc5f1517cf chore(model-profiles): refresh model profile data (#37802)
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.

🤖 Generated by the `refresh_model_profiles` workflow.

Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com>
2026-06-01 09:19:06 -04:00
langchain-model-profile-bot[bot]
a79298a791 chore(model-profiles): refresh model profile data (#37791)
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.

🤖 Generated by the `refresh_model_profiles` workflow.

Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com>
2026-05-30 20:17:09 -04:00
dependabot[bot]
4a7476093d chore: bump chromadb from 1.5.5 to 1.5.9 in /libs/partners/chroma (#37779)
Bumps [chromadb](https://github.com/chroma-core/chroma) from 1.5.5 to
1.5.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/chroma-core/chroma/releases">chromadb's
releases</a>.</em></p>
<blockquote>
<h2>1.5.9</h2>
<p>Version: <code>1.5.9</code>
Git ref: <code>refs/tags/1.5.9</code>
Build Date: <code>2026-05-05T05:55</code>
PIP Package: <code>chroma-1.5.9.tar.gz</code>
Github Container Registry Image: <code>:1.5.9</code>
DockerHub Image: <code>:1.5.9</code></p>
<h2>What's Changed</h2>
<ul>
<li><a
href="https://github.com/chroma-core/chroma/blob/HEAD/frontend">ENH</a>:
block functions on topology dbs by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6836">chroma-core/chroma#6836</a></li>
<li><a
href="https://github.com/chroma-core/chroma/blob/HEAD/faults">ENH</a>:
Add Tilt fault injection CLI by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6881">chroma-core/chroma#6881</a></li>
<li>[CHORE] Debug TimeoutError in test_add.py by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6905">chroma-core/chroma#6905</a></li>
<li>[ENH]: Enable rebuilds for sharded collections by <a
href="https://github.com/tanujnay112"><code>@​tanujnay112</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6916">chroma-core/chroma#6916</a></li>
<li>[ENH]: Group by support with sharding by <a
href="https://github.com/sanketkedia"><code>@​sanketkedia</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6909">chroma-core/chroma#6909</a></li>
<li>[CHORE]: Denormalize tenant and database into
collection_compaction_cursors table by <a
href="https://github.com/tanujnay112"><code>@​tanujnay112</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6940">chroma-core/chroma#6940</a></li>
<li>[CHORE] Use normalized record sets for test add by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6935">chroma-core/chroma#6935</a></li>
<li>[ENH]: Add workflow to build and publish service container images by
<a href="https://github.com/jasonvigil"><code>@​jasonvigil</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6944">chroma-core/chroma#6944</a></li>
<li>[ENH] - Updates language around Chroma Cloud to be more
representative. by <a
href="https://github.com/tjkrusinskichroma"><code>@​tjkrusinskichroma</code></a>
in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6952">chroma-core/chroma#6952</a></li>
<li>[ENH]: Add change stream to collection compaction cursors by <a
href="https://github.com/tanujnay112"><code>@​tanujnay112</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6955">chroma-core/chroma#6955</a></li>
<li>[BUG] Switch to storing DOCKERHUB_USERNAME as var by <a
href="https://github.com/jasonvigil"><code>@​jasonvigil</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6962">chroma-core/chroma#6962</a></li>
<li>[CHORE]: Standardize Tilt CI image build on root docker-bake.hcl by
<a href="https://github.com/jasonvigil"><code>@​jasonvigil</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6958">chroma-core/chroma#6958</a></li>
<li>[BUG]: Rename database on soft delete by <a
href="https://github.com/tanujnay112"><code>@​tanujnay112</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6943">chroma-core/chroma#6943</a></li>
<li>Revert &quot;[CHORE]: Standardize Tilt CI image build on root
docker-bake.hcl&quot; by <a
href="https://github.com/jasonvigil"><code>@​jasonvigil</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6965">chroma-core/chroma#6965</a></li>
<li><a
href="https://github.com/chroma-core/chroma/blob/HEAD/system">ENH</a>:
name and size all worker threads by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6936">chroma-core/chroma#6936</a></li>
<li><a
href="https://github.com/chroma-core/chroma/blob/HEAD/test">BUG</a>:
simplify flaky indexing progress test by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6968">chroma-core/chroma#6968</a></li>
<li>[CHORE] stabilize Tilt dev environment configs by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6937">chroma-core/chroma#6937</a></li>
<li><a
href="https://github.com/chroma-core/chroma/blob/HEAD/garbage_collector">BUG</a>:
use correct version file per collection in ancestor walk by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6970">chroma-core/chroma#6970</a></li>
<li>[ENH] Add SparsePostingBlock by <a
href="https://github.com/HammadB"><code>@​HammadB</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6823">chroma-core/chroma#6823</a></li>
<li>[ENH] Add basic maxscore writer/reader by <a
href="https://github.com/HammadB"><code>@​HammadB</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6825">chroma-core/chroma#6825</a></li>
<li>[ENH] Add maxscore lazy cursor by <a
href="https://github.com/HammadB"><code>@​HammadB</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6829">chroma-core/chroma#6829</a></li>
<li>[ENH] Add SIMD for maxscore by <a
href="https://github.com/Sicheng-Pan"><code>@​Sicheng-Pan</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6865">chroma-core/chroma#6865</a></li>
<li>[ENH] Benchmark maxscore by <a
href="https://github.com/Sicheng-Pan"><code>@​Sicheng-Pan</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6866">chroma-core/chroma#6866</a></li>
<li>[ENH] Add maxscore option in schema by <a
href="https://github.com/Sicheng-Pan"><code>@​Sicheng-Pan</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6878">chroma-core/chroma#6878</a></li>
<li>[ENH] Add maxscore index to metadata segment by <a
href="https://github.com/Sicheng-Pan"><code>@​Sicheng-Pan</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6880">chroma-core/chroma#6880</a></li>
<li>[ENH] Wire maxscore reader in search by <a
href="https://github.com/Sicheng-Pan"><code>@​Sicheng-Pan</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6899">chroma-core/chroma#6899</a></li>
<li>[PERF] Batch load lazy cursor by <a
href="https://github.com/Sicheng-Pan"><code>@​Sicheng-Pan</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6974">chroma-core/chroma#6974</a></li>
<li><a
href="https://github.com/chroma-core/chroma/blob/HEAD/garbage_collector">ENH</a>:
add MCMR support for log GC by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6946">chroma-core/chroma#6946</a></li>
<li><a
href="https://github.com/chroma-core/chroma/blob/HEAD/test">ENH</a>:
parameterize multi-region config by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6951">chroma-core/chroma#6951</a></li>
<li>[CHORE] fix merge conflict in main by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6986">chroma-core/chroma#6986</a></li>
<li>[ENH]: Refactor offset_id to be a mutable AtomicU32 in record by <a
href="https://github.com/tanujnay112"><code>@​tanujnay112</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6922">chroma-core/chroma#6922</a></li>
<li><a
href="https://github.com/chroma-core/chroma/blob/HEAD/spanner">ENH</a>:
add spanner-cli wrapper binary by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6959">chroma-core/chroma#6959</a></li>
<li><a
href="https://github.com/chroma-core/chroma/blob/HEAD/sysdb">BUG</a>:
preserve legacy hnsw: metadata keys by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6953">chroma-core/chroma#6953</a></li>
<li>[TST] refactor repair collection log offset test by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6954">chroma-core/chroma#6954</a></li>
<li><a
href="https://github.com/chroma-core/chroma/blob/HEAD/garbage_collector">TST</a>:
add MCMR hard delete test by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6947">chroma-core/chroma#6947</a></li>
<li><a
href="https://github.com/chroma-core/chroma/blob/HEAD/log-service">ENH</a>:
defer Spanner init to first use by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6915">chroma-core/chroma#6915</a></li>
<li>[CHORE]: Denormalize is_deleted in mcmr by <a
href="https://github.com/tanujnay112"><code>@​tanujnay112</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6989">chroma-core/chroma#6989</a></li>
<li>[BUG] Reject NaN/Infinity in base64-encoded embeddings by <a
href="https://github.com/philipithomas"><code>@​philipithomas</code></a>
in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6664">chroma-core/chroma#6664</a></li>
<li>Revert &quot;<a
href="https://github.com/chroma-core/chroma/blob/HEAD/garbage_collector">TST</a>:
add MCMR hard delete test&quot; by <a
href="https://github.com/rescrv"><code>@​rescrv</code></a> in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6992">chroma-core/chroma#6992</a></li>
<li>[ENH] Verify file path for compaction by <a
href="https://github.com/Sicheng-Pan"><code>@​Sicheng-Pan</code></a> in
<a
href="https://redirect.github.com/chroma-core/chroma/pull/6991">chroma-core/chroma#6991</a></li>
<li>[DOC]: Document file-upload sync API, AWS credential reuse, and EU
region by <a
href="https://github.com/philipithomas"><code>@​philipithomas</code></a>
in <a
href="https://redirect.github.com/chroma-core/chroma/pull/6988">chroma-core/chroma#6988</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="11f3c7435e"><code>11f3c74</code></a>
[RELEASE] CLI 1.4.4 Python 1.5.9 JS 3.4.5 (<a
href="https://redirect.github.com/chroma-core/chroma/issues/7018">#7018</a>)</li>
<li><a
href="f16d06a3b9"><code>f16d06a</code></a>
[ENH]: add client header to Gemini embedding functions (<a
href="https://redirect.github.com/chroma-core/chroma/issues/6990">#6990</a>)</li>
<li><a
href="b7cb6acb3f"><code>b7cb6ac</code></a>
[CHORE]: Remove foundation/ from chroma (<a
href="https://redirect.github.com/chroma-core/chroma/issues/7017">#7017</a>)</li>
<li><a
href="bec3105aa0"><code>bec3105</code></a>
<a href="foundation-cli">ENH</a>: Add login, logout, and whoami commands
(<a
href="https://redirect.github.com/chroma-core/chroma/issues/7007">#7007</a>)</li>
<li><a
href="1251ff7659"><code>1251ff7</code></a>
[DOC] Add CLAUDE.md, AGENTS.md, scoped Rust rule (<a
href="https://redirect.github.com/chroma-core/chroma/issues/7010">#7010</a>)</li>
<li><a
href="f4bbbf2e33"><code>f4bbbf2</code></a>
[BLD] Add foundation CLI install script (<a
href="https://redirect.github.com/chroma-core/chroma/issues/7005">#7005</a>)</li>
<li><a
href="2c8f49f0d0"><code>2c8f49f</code></a>
<a href="ci">ENH</a>: move foundation/ to top-level so rust/** filters
skip it (<a
href="https://redirect.github.com/chroma-core/chroma/issues/7008">#7008</a>)</li>
<li><a
href="51eebdb588"><code>51eebdb</code></a>
[ENH] scaffold foundation CLI project (<a
href="https://redirect.github.com/chroma-core/chroma/issues/6999">#6999</a>)</li>
<li><a
href="874b700beb"><code>874b700</code></a>
<a href="gc">ENH</a>: GC empty MCMR collections (<a
href="https://redirect.github.com/chroma-core/chroma/issues/6961">#6961</a>)</li>
<li><a
href="aedf9a668d"><code>aedf9a6</code></a>
<a href="rust-client">ENH</a>: Add read-only backend failover (<a
href="https://redirect.github.com/chroma-core/chroma/issues/6985">#6985</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/chroma-core/chroma/compare/1.5.5...1.5.9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=chromadb&package-manager=uv&previous-version=1.5.5&new-version=1.5.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-29 18:20:43 -04:00
dependabot[bot]
7336690902 chore: bump langsmith from 0.8.3 to 0.8.7 in /libs/partners/chroma (#37780)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from
0.8.3 to 0.8.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's
releases</a>.</em></p>
<blockquote>
<h2>v0.8.7</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: reconnect sandbox command streams on EOF by <a
href="https://github.com/ramon-langchain"><code>@​ramon-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2941">langchain-ai/langsmith-sdk#2941</a></li>
<li>feat(sandbox): build snapshots from Dockerfiles by <a
href="https://github.com/langchain-infra"><code>@​langchain-infra</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2950">langchain-ai/langsmith-sdk#2950</a></li>
<li>fix(python): add organization id to context URLs by <a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2945">langchain-ai/langsmith-sdk#2945</a></li>
<li>fix(js): add organization id to context URLs by <a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2946">langchain-ai/langsmith-sdk#2946</a></li>
<li>release(py): 0.8.7 by <a
href="https://github.com/ramon-langchain"><code>@​ramon-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2947">langchain-ai/langsmith-sdk#2947</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.6...v0.8.7">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.6...v0.8.7</a></p>
<h2>v0.8.6</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps-dev): bump <code>@​google/genai</code> from 1.50.1 to
2.0.1 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2875">langchain-ai/langsmith-sdk#2875</a></li>
<li>chore(deps): bump mako from 1.3.11 to 1.3.12 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2880">langchain-ai/langsmith-sdk#2880</a></li>
<li>chore(deps): bump authlib from 1.6.11 to 1.6.12 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2888">langchain-ai/langsmith-sdk#2888</a></li>
<li>chore(deps): bump hono from 4.12.15 to 4.12.18 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2894">langchain-ai/langsmith-sdk#2894</a></li>
<li>chore(deps): bump fast-uri from 3.1.0 to 3.1.2 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2895">langchain-ai/langsmith-sdk#2895</a></li>
<li>chore(deps-dev): bump <code>@​anthropic-ai/sdk</code> from 0.94.0 to
0.95.0 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2881">langchain-ai/langsmith-sdk#2881</a></li>
<li>chore(deps): bump postcss from 8.5.8 to 8.5.14 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2898">langchain-ai/langsmith-sdk#2898</a></li>
<li>chore(deps): bump <code>@​protobufjs/utf8</code> from 1.1.0 to 1.1.1
in /js/internal/environment_tests/test-exports-vite in the npm_and_yarn
group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2908">langchain-ai/langsmith-sdk#2908</a></li>
<li>chore(deps): bump hono from 4.12.18 to 4.12.19 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2909">langchain-ai/langsmith-sdk#2909</a></li>
<li>chore(deps): bump protobufjs from 7.5.7 to 8.0.1 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2896">langchain-ai/langsmith-sdk#2896</a></li>
<li>chore(deps): bump idna from 3.11 to 3.15 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2913">langchain-ai/langsmith-sdk#2913</a></li>
<li>chore(deps-dev): bump <code>@​anthropic-ai/sdk</code> from 0.95.0 to
0.95.1 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2912">langchain-ai/langsmith-sdk#2912</a></li>
<li>AI SDK telemetry and AI SDK v7 support by <a
href="https://github.com/dqbd"><code>@​dqbd</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2901">langchain-ai/langsmith-sdk#2901</a></li>
<li>feat: install websockets by default for sandbox by <a
href="https://github.com/open-swe"><code>@​open-swe</code></a>[bot] in
<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2916">langchain-ai/langsmith-sdk#2916</a></li>
<li>release(js): 0.7.2 by <a
href="https://github.com/dqbd"><code>@​dqbd</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2922">langchain-ai/langsmith-sdk#2922</a></li>
<li>feat: add list_runs_from_annotation_queue method [closes LSDK-193]
by <a
href="https://github.com/open-swe"><code>@​open-swe</code></a>[bot] in
<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2892">langchain-ai/langsmith-sdk#2892</a></li>
<li>chore(deps-dev): bump <code>@​anthropic-ai/sdk</code> from 0.95.1 to
0.95.2 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2917">langchain-ai/langsmith-sdk#2917</a></li>
<li>chore(deps-dev): bump types-pyyaml from 6.0.12.20250915 to
6.0.12.20260518 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2927">langchain-ai/langsmith-sdk#2927</a></li>
<li>chore(deps): update pydata-sphinx-theme requirement from &gt;=0.15
to &gt;=0.18.0 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2928">langchain-ai/langsmith-sdk#2928</a></li>
<li>chore: exclude langsmith_api from ruff linter by <a
href="https://github.com/KiewanVillatel"><code>@​KiewanVillatel</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2933">langchain-ai/langsmith-sdk#2933</a></li>
<li>fix(python): retry sandbox connect timeouts by <a
href="https://github.com/ramon-langchain"><code>@​ramon-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2940">langchain-ai/langsmith-sdk#2940</a></li>
<li>fix(js): [LSDK-202] return context hub URLs for pushed contexts by
<a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2939">langchain-ai/langsmith-sdk#2939</a></li>
<li>fix(python): RunTree.create_child appends to self.child_runs
LSE-2221 by <a
href="https://github.com/catherine-langchain"><code>@​catherine-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2942">langchain-ai/langsmith-sdk#2942</a></li>
<li>release(js): 0.7.3 by <a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2943">langchain-ai/langsmith-sdk#2943</a></li>
<li>fix(python): [LSDK-202] return context hub URLs for pushed contexts
by <a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2938">langchain-ai/langsmith-sdk#2938</a></li>
<li>release(py): 0.8.6 by <a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2944">langchain-ai/langsmith-sdk#2944</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/KiewanVillatel"><code>@​KiewanVillatel</code></a>
made their first contribution in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2933">langchain-ai/langsmith-sdk#2933</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.5...v0.8.6">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.5...v0.8.6</a></p>
<h2>v0.8.5</h2>
<h2>What's Changed</h2>
<ul>
<li>release(js): 0.7.0 by <a
href="https://github.com/ramon-langchain"><code>@​ramon-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2890">langchain-ai/langsmith-sdk#2890</a></li>
<li>fix(js): add alias for <code>experimental/sandbox</code> to appease
broad peer dep range within <code>deepagents</code> by <a
href="https://github.com/dqbd"><code>@​dqbd</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2893">langchain-ai/langsmith-sdk#2893</a></li>
<li>feat(js): allow disabling multipart streaming via env variable by <a
href="https://github.com/dqbd"><code>@​dqbd</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2900">langchain-ai/langsmith-sdk#2900</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1b3bfc44ef"><code>1b3bfc4</code></a>
release(py): 0.8.7 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2947">#2947</a>)</li>
<li><a
href="9303f0b918"><code>9303f0b</code></a>
fix(js): add organization id to context URLs (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2946">#2946</a>)</li>
<li><a
href="cf028ed6f4"><code>cf028ed</code></a>
fix(python): add organization id to context URLs (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2945">#2945</a>)</li>
<li><a
href="52305b2815"><code>52305b2</code></a>
feat(sandbox): build snapshots from Dockerfiles (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2950">#2950</a>)</li>
<li><a
href="cb9e116bed"><code>cb9e116</code></a>
fix: reconnect sandbox command streams on EOF (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2941">#2941</a>)</li>
<li><a
href="29f6e07681"><code>29f6e07</code></a>
release(py): 0.8.6 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2944">#2944</a>)</li>
<li><a
href="33f89aaf19"><code>33f89aa</code></a>
fix(python): [LSDK-202] return context hub URLs for pushed contexts (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2938">#2938</a>)</li>
<li><a
href="4e1a29b8ec"><code>4e1a29b</code></a>
release(js): 0.7.3 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2943">#2943</a>)</li>
<li><a
href="6bd9365baf"><code>6bd9365</code></a>
fix(python): RunTree.create_child appends to self.child_runs LSE-2221
(<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2942">#2942</a>)</li>
<li><a
href="df9735d0ba"><code>df9735d</code></a>
fix(js): [LSDK-202] return context hub URLs for pushed contexts (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2939">#2939</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.3...v0.8.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langsmith&package-manager=uv&previous-version=0.8.3&new-version=0.8.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-29 18:20:35 -04:00
dependabot[bot]
66ba4b7592 chore: bump langsmith from 0.8.0 to 0.8.7 in /libs/partners/fireworks (#37781)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from
0.8.0 to 0.8.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's
releases</a>.</em></p>
<blockquote>
<h2>v0.8.7</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: reconnect sandbox command streams on EOF by <a
href="https://github.com/ramon-langchain"><code>@​ramon-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2941">langchain-ai/langsmith-sdk#2941</a></li>
<li>feat(sandbox): build snapshots from Dockerfiles by <a
href="https://github.com/langchain-infra"><code>@​langchain-infra</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2950">langchain-ai/langsmith-sdk#2950</a></li>
<li>fix(python): add organization id to context URLs by <a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2945">langchain-ai/langsmith-sdk#2945</a></li>
<li>fix(js): add organization id to context URLs by <a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2946">langchain-ai/langsmith-sdk#2946</a></li>
<li>release(py): 0.8.7 by <a
href="https://github.com/ramon-langchain"><code>@​ramon-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2947">langchain-ai/langsmith-sdk#2947</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.6...v0.8.7">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.6...v0.8.7</a></p>
<h2>v0.8.6</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps-dev): bump <code>@​google/genai</code> from 1.50.1 to
2.0.1 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2875">langchain-ai/langsmith-sdk#2875</a></li>
<li>chore(deps): bump mako from 1.3.11 to 1.3.12 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2880">langchain-ai/langsmith-sdk#2880</a></li>
<li>chore(deps): bump authlib from 1.6.11 to 1.6.12 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2888">langchain-ai/langsmith-sdk#2888</a></li>
<li>chore(deps): bump hono from 4.12.15 to 4.12.18 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2894">langchain-ai/langsmith-sdk#2894</a></li>
<li>chore(deps): bump fast-uri from 3.1.0 to 3.1.2 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2895">langchain-ai/langsmith-sdk#2895</a></li>
<li>chore(deps-dev): bump <code>@​anthropic-ai/sdk</code> from 0.94.0 to
0.95.0 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2881">langchain-ai/langsmith-sdk#2881</a></li>
<li>chore(deps): bump postcss from 8.5.8 to 8.5.14 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2898">langchain-ai/langsmith-sdk#2898</a></li>
<li>chore(deps): bump <code>@​protobufjs/utf8</code> from 1.1.0 to 1.1.1
in /js/internal/environment_tests/test-exports-vite in the npm_and_yarn
group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2908">langchain-ai/langsmith-sdk#2908</a></li>
<li>chore(deps): bump hono from 4.12.18 to 4.12.19 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2909">langchain-ai/langsmith-sdk#2909</a></li>
<li>chore(deps): bump protobufjs from 7.5.7 to 8.0.1 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2896">langchain-ai/langsmith-sdk#2896</a></li>
<li>chore(deps): bump idna from 3.11 to 3.15 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2913">langchain-ai/langsmith-sdk#2913</a></li>
<li>chore(deps-dev): bump <code>@​anthropic-ai/sdk</code> from 0.95.0 to
0.95.1 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2912">langchain-ai/langsmith-sdk#2912</a></li>
<li>AI SDK telemetry and AI SDK v7 support by <a
href="https://github.com/dqbd"><code>@​dqbd</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2901">langchain-ai/langsmith-sdk#2901</a></li>
<li>feat: install websockets by default for sandbox by <a
href="https://github.com/open-swe"><code>@​open-swe</code></a>[bot] in
<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2916">langchain-ai/langsmith-sdk#2916</a></li>
<li>release(js): 0.7.2 by <a
href="https://github.com/dqbd"><code>@​dqbd</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2922">langchain-ai/langsmith-sdk#2922</a></li>
<li>feat: add list_runs_from_annotation_queue method [closes LSDK-193]
by <a
href="https://github.com/open-swe"><code>@​open-swe</code></a>[bot] in
<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2892">langchain-ai/langsmith-sdk#2892</a></li>
<li>chore(deps-dev): bump <code>@​anthropic-ai/sdk</code> from 0.95.1 to
0.95.2 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2917">langchain-ai/langsmith-sdk#2917</a></li>
<li>chore(deps-dev): bump types-pyyaml from 6.0.12.20250915 to
6.0.12.20260518 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2927">langchain-ai/langsmith-sdk#2927</a></li>
<li>chore(deps): update pydata-sphinx-theme requirement from &gt;=0.15
to &gt;=0.18.0 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2928">langchain-ai/langsmith-sdk#2928</a></li>
<li>chore: exclude langsmith_api from ruff linter by <a
href="https://github.com/KiewanVillatel"><code>@​KiewanVillatel</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2933">langchain-ai/langsmith-sdk#2933</a></li>
<li>fix(python): retry sandbox connect timeouts by <a
href="https://github.com/ramon-langchain"><code>@​ramon-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2940">langchain-ai/langsmith-sdk#2940</a></li>
<li>fix(js): [LSDK-202] return context hub URLs for pushed contexts by
<a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2939">langchain-ai/langsmith-sdk#2939</a></li>
<li>fix(python): RunTree.create_child appends to self.child_runs
LSE-2221 by <a
href="https://github.com/catherine-langchain"><code>@​catherine-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2942">langchain-ai/langsmith-sdk#2942</a></li>
<li>release(js): 0.7.3 by <a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2943">langchain-ai/langsmith-sdk#2943</a></li>
<li>fix(python): [LSDK-202] return context hub URLs for pushed contexts
by <a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2938">langchain-ai/langsmith-sdk#2938</a></li>
<li>release(py): 0.8.6 by <a
href="https://github.com/vishnu-ssuresh"><code>@​vishnu-ssuresh</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2944">langchain-ai/langsmith-sdk#2944</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/KiewanVillatel"><code>@​KiewanVillatel</code></a>
made their first contribution in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2933">langchain-ai/langsmith-sdk#2933</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.5...v0.8.6">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.5...v0.8.6</a></p>
<h2>v0.8.5</h2>
<h2>What's Changed</h2>
<ul>
<li>release(js): 0.7.0 by <a
href="https://github.com/ramon-langchain"><code>@​ramon-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2890">langchain-ai/langsmith-sdk#2890</a></li>
<li>fix(js): add alias for <code>experimental/sandbox</code> to appease
broad peer dep range within <code>deepagents</code> by <a
href="https://github.com/dqbd"><code>@​dqbd</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2893">langchain-ai/langsmith-sdk#2893</a></li>
<li>feat(js): allow disabling multipart streaming via env variable by <a
href="https://github.com/dqbd"><code>@​dqbd</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2900">langchain-ai/langsmith-sdk#2900</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1b3bfc44ef"><code>1b3bfc4</code></a>
release(py): 0.8.7 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2947">#2947</a>)</li>
<li><a
href="9303f0b918"><code>9303f0b</code></a>
fix(js): add organization id to context URLs (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2946">#2946</a>)</li>
<li><a
href="cf028ed6f4"><code>cf028ed</code></a>
fix(python): add organization id to context URLs (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2945">#2945</a>)</li>
<li><a
href="52305b2815"><code>52305b2</code></a>
feat(sandbox): build snapshots from Dockerfiles (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2950">#2950</a>)</li>
<li><a
href="cb9e116bed"><code>cb9e116</code></a>
fix: reconnect sandbox command streams on EOF (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2941">#2941</a>)</li>
<li><a
href="29f6e07681"><code>29f6e07</code></a>
release(py): 0.8.6 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2944">#2944</a>)</li>
<li><a
href="33f89aaf19"><code>33f89aa</code></a>
fix(python): [LSDK-202] return context hub URLs for pushed contexts (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2938">#2938</a>)</li>
<li><a
href="4e1a29b8ec"><code>4e1a29b</code></a>
release(js): 0.7.3 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2943">#2943</a>)</li>
<li><a
href="6bd9365baf"><code>6bd9365</code></a>
fix(python): RunTree.create_child appends to self.child_runs LSE-2221
(<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2942">#2942</a>)</li>
<li><a
href="df9735d0ba"><code>df9735d</code></a>
fix(js): [LSDK-202] return context hub URLs for pushed contexts (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2939">#2939</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.0...v0.8.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langsmith&package-manager=uv&previous-version=0.8.0&new-version=0.8.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-29 18:20:26 -04:00
dependabot[bot]
7d6a78a036 chore: bump requests from 2.34.0 to 2.34.2 in /libs/partners/fireworks (#37782)
Bumps [requests](https://github.com/psf/requests) from 2.34.0 to 2.34.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/releases">requests's
releases</a>.</em></p>
<blockquote>
<h2>v2.34.2</h2>
<h2>2.34.2 (2026-05-14)</h2>
<ul>
<li>Moved <code>headers</code> input type back to <code>Mapping</code>
to avoid invariance issues with <code>MutableMapping</code> and inferred
dict types. Users calling <code>Request.headers.update()</code> may need
to narrow typing in their code. (<a
href="https://redirect.github.com/psf/requests/issues/7441">#7441</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14">https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14</a></p>
<h2>v2.34.1</h2>
<h2>2.34.1 (2026-05-13)</h2>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Widened <code>json</code> input type from <code>dict</code> and
<code>list</code> to <code>Mapping</code>
and <code>Sequence</code>. (<a
href="https://redirect.github.com/psf/requests/issues/7436">#7436</a>)</li>
<li>Changed <code>headers</code> input type to MutableMapping and
removed <code>None</code> from
<code>Request.headers</code> typing to improve handling for users. (<a
href="https://redirect.github.com/psf/requests/issues/7431">#7431</a>)</li>
<li><code>Response.reason</code> moved from <code>str | None</code> to
<code>str</code> to improve handling
for users. (<a
href="https://redirect.github.com/psf/requests/issues/7437">#7437</a>)</li>
<li>Fixed a bug where some bodies with custom <code>__getattr__</code>
implementations
weren't being properly detected as Iterables. (<a
href="https://redirect.github.com/psf/requests/issues/7433">#7433</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/k223kim"><code>@​k223kim</code></a> made
their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/7433">psf/requests#7433</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13">https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's
changelog</a>.</em></p>
<blockquote>
<h2>2.34.2 (2026-05-14)</h2>
<ul>
<li>Moved <code>headers</code> input type back to <code>Mapping</code>
to avoid invariance issues
with <code>MutableMapping</code> and inferred dict types. Users calling
<code>Request.headers.update()</code> may need to narrow typing in their
code. (<a
href="https://redirect.github.com/psf/requests/issues/7441">#7441</a>)</li>
</ul>
<h2>2.34.1 (2026-05-13)</h2>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Widened <code>json</code> input type from <code>dict</code> and
<code>list</code> to <code>Mapping</code>
and <code>Sequence</code>. (<a
href="https://redirect.github.com/psf/requests/issues/7436">#7436</a>)</li>
<li>Changed <code>headers</code> input type to MutableMapping and
removed <code>None</code> from
<code>Request.headers</code> typing to improve handling for users. (<a
href="https://redirect.github.com/psf/requests/issues/7431">#7431</a>)</li>
<li><code>Response.reason</code> moved from <code>str | None</code> to
<code>str</code> to improve handling
for users. (<a
href="https://redirect.github.com/psf/requests/issues/7437">#7437</a>)</li>
<li>Fixed a bug where some bodies with custom <code>__getattr__</code>
implementations
weren't being properly detected as Iterables. (<a
href="https://redirect.github.com/psf/requests/issues/7433">#7433</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6e83187b8f"><code>6e83187</code></a>
v2.34.2</li>
<li><a
href="84d10f0be8"><code>84d10f0</code></a>
Move Request.headers back to Mapping (<a
href="https://redirect.github.com/psf/requests/issues/7441">#7441</a>)</li>
<li><a
href="b7b549b545"><code>b7b549b</code></a>
v2.34.1</li>
<li><a
href="e511bc7277"><code>e511bc7</code></a>
Fix mutability issues with headers input types (<a
href="https://redirect.github.com/psf/requests/issues/7431">#7431</a>)</li>
<li><a
href="5691f59613"><code>5691f59</code></a>
Update JsonType containers to read-based collections (<a
href="https://redirect.github.com/psf/requests/issues/7436">#7436</a>)</li>
<li><a
href="2144213c30"><code>2144213</code></a>
Constrain Response.reason to str (<a
href="https://redirect.github.com/psf/requests/issues/7437">#7437</a>)</li>
<li><a
href="6404f345e5"><code>6404f34</code></a>
Fix <code>prepare_body</code> stream detection for
<code>__getattr__</code>-based file wrappers (<a
href="https://redirect.github.com/psf/requests/issues/7">#7</a>...</li>
<li>See full diff in <a
href="https://github.com/psf/requests/compare/v2.34.0...v2.34.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=uv&previous-version=2.34.0&new-version=2.34.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-29 18:20:17 -04:00
langchain-model-profile-bot[bot]
3893b9e344 chore(model-profiles): refresh model profile data (#37771)
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.

🤖 Generated by the `refresh_model_profiles` workflow.

Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com>
2026-05-29 12:50:26 -04:00