dependabot[bot]
8e519630d7
chore: bump langchain-core from 1.3.2 to 1.3.3 in /libs/partners/fireworks ( #37279 )
...
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps [langchain-core](https://github.com/langchain-ai/langchain ) from
1.3.2 to 1.3.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langchain/releases ">langchain-core's
releases</a>.</em></p>
<blockquote>
<h2>langchain-core==1.3.3</h2>
<p>Changes since langchain-core==1.3.2</p>
<p>release(core): 1.3.3 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37198 ">#37198</a>)
fix(core): set deprecation <code>since</code> to 1.3.3 to match release
(<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37200 ">#37200</a>)
fix(core, langchain): harden <code>load()</code> against untrusted
manifests (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37197 ">#37197</a>)
chore: bump notebook from 7.5.0 to 7.5.6 in /libs/core (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37109 ">#37109</a>)
chore: bump types-pyyaml from 6.0.12.20250915 to 6.0.12.20260408 in
/libs/core (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37129 ">#37129</a>)
fix(core): preserve structured <code>inputs</code> on tool runs in
tracers (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37108 ">#37108</a>)
release(perplexity): 1.2.0 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37091 ">#37091</a>)
chore(docs): update x handle references (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37081 ">#37081</a>)
fix(core): make <code>removal</code> optional in
<code>warn_deprecated</code> (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37056 ">#37056</a>)
fix(core): validate batch_size in _batch and _abatch to prevent infinite
loop (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36663 ">#36663</a>)
chore(core): mark stream_v2/astream_v2 as beta (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36992 ">#36992</a>)</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5039dfec1fhttps://redirect.github.com/langchain-ai/langchain/issues/37198 ">#37198</a>)</li>
<li><a
href="55a7707837https://redirect.github.com/langchain-ai/langchain/issues/37200 ">#37200</a>)</li>
<li><a
href="c979c6187bhttps://redirect.github.com/langchain-ai/langchain/issues/37197 ">#37197</a>)</li>
<li><a
href="d7031101dahttps://redirect.github.com/langchain-ai/langchain/issues/37190 ">#37190</a>)</li>
<li><a
href="4d50a2a68bhttps://redirect.github.com/langchain-ai/langchain/issues/37194 ">#37194</a>)</li>
<li><a
href="9bd730e199https://redirect.github.com/langchain-ai/langchain/issues/37193 ">#37193</a>)</li>
<li><a
href="f475f4191fhttps://redirect.github.com/langchain-ai/langchain/issues/37191 ">#37191</a>)</li>
<li><a
href="7dbff48affhttps://redirect.github.com/langchain-ai/langchain/issues/37188 ">#37188</a>)</li>
<li><a
href="913816c440https://redirect.github.com/langchain-ai/langchain/issues/37189 ">#37189</a>)</li>
<li><a
href="4498d3dc84https://github.com/langchain-ai/langchain/compare/langchain-core==1.3.2...langchain-core==1.3.3 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-09 12:21:56 -04:00
Mason Daugherty
913816c440
release(fireworks): 1.3.1 ( #37189 )
2026-05-05 11:18:18 -04:00
Mason Daugherty
4389b4c774
release(fireworks): 1.3.0 ( #37144 )
2026-05-01 16:43:33 -04:00
Mason Daugherty
cc5a5371a9
release(fireworks): 1.2.1 ( #37113 )
2026-04-30 17:49:16 -04:00
open-swe[bot]
ba897ffa7e
chore(docs): update x handle references ( #37081 )
...
## Description
Updates package metadata and README badges so LangChain social links
point to the new `@langchain_oss` X handle. This was completed with
AI-agent assistance.
## Test Plan
- [ ] Validate README badges and package metadata links point to
`https://x.com/langchain_oss `
_Opened collaboratively by Mason Daugherty and open-swe._
---------
Co-authored-by: open-swe[bot] <open-swe@users.noreply.github.com >
Co-authored-by: Mason Daugherty <61371264+mdrxy@users.noreply.github.com >
2026-04-29 13:56:09 -04:00
Mason Daugherty
56d6e89be0
hotfix: bump min core versions ( #36996 )
2026-04-24 15:23:28 -04:00
Mason Daugherty
3dd0ad958e
release(fireworks): 1.2.0 ( #36978 )
2026-04-23 16:49:40 -04:00
Mason Daugherty
7e81d09f2a
chore(deps): bump pytest to 9.0.3 ( #36801 )
...
CVE-2025-71176 (medium severity)
All are dev-only (test dependency group) — no impact on published
packages.
### Why syrupy was also bumped
syrupy 4.x (`<5.0.0`) constrains pytest to `<9.0.0`, blocking the CVE
fix. Widening to `<6.0.0` allows syrupy 5.x which supports pytest 9.x.
2026-04-15 21:46:40 -06:00
Mason Daugherty
555bdfbade
chore: add comment explaining pygments>=2.20.0 ( #36570 )
2026-04-06 15:07:07 -04:00
John Kennedy
0f4f3f74c8
chore: pygments>=2.20.0 across all packages (CVE-2026-4539) ( #36385 )
...
## Summary
Bumps `pygments` to `>=2.20.0` across all 21 affected packages to
address [CVE-2026-4539](https://github.com/advisories/GHSA-XXXX ) — ReDoS
via inefficient GUID regex in Pygments.
- **Severity:** Low
- **Fixed in:** 2.20.0 (was 2.19.2)
- **Change:** Added `pygments>=2.20.0` to `constraint-dependencies` in
`[tool.uv]` for each package, then ran `uv lock --upgrade-package
pygments` to regenerate lock files.
Closes Dependabot alerts #3435–#3455.
## Release Note
Patch deps
### Test Plan
- [x] CI Green 🙏
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-03-30 23:26:59 -04:00
Mason Daugherty
1778b082ec
chore(partners): bump langchain-core min to 1.2.21 ( #36183 )
...
Bump the minimum `langchain-core` dependency to `>=1.2.21` across all 14
partner packages in the monorepo. Aligns partner lower bounds with the
latest core release so consumers pick up recent fixes (notably the
`ModelProfile` schema drift fix from core 1.2.21).
2026-03-23 19:39:35 -04:00
Mason Daugherty
5c018f5cd1
chore: enrich pyproject.toml files ( #34980 )
2026-02-02 13:07:05 -05:00
Mason Daugherty
3d687ea8fb
chore: update twitter URLs ( #34736 )
2026-01-13 01:54:11 -05:00
Mason Daugherty
18c25e9f10
chore: ban relative imports on all packages ( #34691 )
2026-01-09 17:02:24 -05:00
ccurme
a2e389de9f
release(fireworks): 1.1 ( #34086 )
2025-11-24 09:05:43 -05:00
ccurme
0915682c12
chore(fireworks): update tested models ( #34070 )
2025-11-22 16:50:49 -05:00
Mason Daugherty
e023201d42
style: some cleanup ( #33857 )
2025-11-06 23:50:46 -05:00
Mason Daugherty
64e6798a39
chore: update pyproject.toml url entries ( #33587 )
2025-10-17 17:16:55 -04:00
Mason Daugherty
58f521ea4f
release(fireworks): 1.0.0 ( #33571 )
2025-10-17 11:32:57 -04:00
Mason Daugherty
31eeb50ce0
chore: drop UP045 ( #33362 )
...
Python 3.9 EOL
2025-10-08 21:17:53 -04:00
Mason Daugherty
cda336295f
chore: enrich pyproject.toml files with links to new references, others ( #33343 )
2025-10-07 16:17:14 -04:00
Mason Daugherty
8bcdfbb24e
chore: clean up pyproject.toml files, use core a7 ( #33334 )
2025-10-07 10:49:04 -04:00
Mason Daugherty
90e4d944ac
chore(infra): pdm -> hatchling ( #33289 )
2025-10-05 23:52:52 -04:00
Mason Daugherty
e85b03d5e4
release(fireworks): 1.0.0a1 ( #33230 )
2025-10-02 19:03:54 -04:00
Mason Daugherty
eaa6dcce9e
release: v1.0.0 ( #32567 )
...
Co-authored-by: Mohammad Mohtashim <45242107+keenborder786@users.noreply.github.com >
Co-authored-by: Caspar Broekhuizen <caspar@langchain.dev >
Co-authored-by: ccurme <chester.curme@gmail.com >
Co-authored-by: Christophe Bornet <cbornet@hotmail.com >
Co-authored-by: Eugene Yurtsev <eyurtsev@gmail.com >
Co-authored-by: Sadra Barikbin <sadraqazvin1@yahoo.com >
Co-authored-by: Vadym Barda <vadim.barda@gmail.com >
2025-10-02 10:49:42 -04:00
Mason Daugherty
986302322f
docs: more standardization ( #33124 )
2025-09-25 20:46:20 -04:00
Christophe Bornet
eaf8dce7c2
chore: bump ruff version to 0.13 ( #33043 )
...
Co-authored-by: Mason Daugherty <mason@langchain.dev >
2025-09-25 12:27:39 -04:00
Mason Daugherty
b92b394804
style: repo linting pass ( #33089 )
...
enable docstring-code-format
2025-09-24 15:25:55 -04:00
Mason Daugherty
2e9291cdd7
fix: lift openai version constraints across packages ( #33088 )
...
re: #33038 and https://github.com/openai/openai-python/issues/2644
2025-09-24 15:25:10 -04:00
Mason Daugherty
7ddc798f95
fix(openai): pin upper bound to prevent Pydantic 2.7.0 issues ( #33038 )
...
https://github.com/openai/openai-python/issues/2644
2025-09-21 00:27:03 -04:00
Mason Daugherty
781db9d892
chore: update pyproject.toml files, remove codespell ( #33028 )
...
- Removes Codespell from deps, docs, and `Makefile`s
- Python version requirements in all `pyproject.toml` files now use the
`~=` (compatible release) specifier
- All dependency groups and main dependencies now use explicit lower and
upper bounds, reducing potential for breaking changes
2025-09-20 22:09:33 -04:00
Mason Daugherty
7a158c7f1c
revert: "chore: remove ruff target-version" ( #32895 )
...
Reverts langchain-ai/langchain#32880
Not needed at the moment, will do when finishing v1
2025-09-10 20:56:48 -04:00
Christophe Bornet
b274416441
chore: remove ruff target-version ( #32880 )
...
This is not needed anymore since `requires-python` was added when moving
to `uv`.
2025-09-10 11:12:30 -04:00
Mason Daugherty
3d08b6bd11
chore: adress pytest-asyncio deprecation warnings + other nits ( #32696 )
...
amongst some linting imcompatible rules
2025-08-26 15:51:38 -04:00
Mason Daugherty
ee4c2510eb
feat: port various nit changes from wip-v0.4 ( #32506 )
...
Lots of work that wasn't directly related to core
improvements/messages/testing functionality
2025-08-11 15:09:08 -04:00
niceg
0d6f915442
fix: LLM mimicking Unicode responses due to forced Unicode conversion of non-ASCII characters. ( #32222 )
...
fix: Fix LLM mimicking Unicode responses due to forced Unicode
conversion of non-ASCII characters.
- **Description:** This PR fixes an issue where the LLM would mimic
Unicode responses due to forced Unicode conversion of non-ASCII
characters in tool calls. The fix involves disabling the `ensure_ascii`
flag in `json.dumps()` when converting tool calls to OpenAI format.
- **Issue:** Fixes ↓↓↓
input:
```json
{'role': 'assistant', 'tool_calls': [{'type': 'function', 'id': 'call_nv9trcehdpihr21zj9po19vq', 'function': {'name': 'create_customer', 'arguments': '{"customer_name": "你好啊集团"}'}}]}
```
output:
```json
{'role': 'assistant', 'tool_calls': [{'type': 'function', 'id': 'call_nv9trcehdpihr21zj9po19vq', 'function': {'name': 'create_customer', 'arguments': '{"customer_name": "\\u4f60\\u597d\\u554a\\u96c6\\u56e2"}'}}]}
```
then:
llm will mimic outputting unicode. Unicode's vast number of symbols can
lengthen LLM responses, leading to slower performance.
<img width="686" height="277" alt="image"
src="https://github.com/user-attachments/assets/28f3b007-3964-4455-bee2-68f86ac1906d "
/>
---------
Co-authored-by: Mason Daugherty <github@mdrxy.com >
Co-authored-by: Mason Daugherty <mason@langchain.dev >
2025-07-24 17:01:31 -04:00
Mason Daugherty
4d9eefecab
fix: bump lockfiles ( #31923 )
...
* bump lockfiles after upgrading ruff
* resolve resulting linting fixes
2025-07-08 13:27:55 -04:00
Mason Daugherty
71b361936d
ruff: restore stacklevels, disable autofixing ( #31919 )
2025-07-08 12:55:47 -04:00
Mason Daugherty
06ab2972e3
fireworks[patch]: ruff fixes and rules ( #31903 )
...
* bump ruff deps
* add more thorough ruff rules
* fix said rules
2025-07-08 02:14:59 +00:00
Mason Daugherty
e7eac27241
ruff: more rules across the board & fixes ( #31898 )
...
* standardizes ruff dep version across all `pyproject.toml` files
* cli: ruff rules and corrections
* langchain: rules and corrections
2025-07-07 17:48:01 -04:00
Mason Daugherty
479b6fd7c5
langchain-fireworks[patch]: Add ruff bandit rules to linter ( #31796 )
...
- Add ruff bandit rules
- Address a s113 error
2025-07-01 11:07:26 -04:00
Sydney Runkle
7e926520d5
packaging: remove Python upper bound for langchain and co libs ( #31025 )
...
Follow up to https://github.com/langchain-ai/langsmith-sdk/pull/1696 ,
I've bumped the `langsmith` version where applicable in `uv.lock`.
Type checking problems here because deps have been updated in
`pyproject.toml` and `uv lock` hasn't been run - we should enforce that
in the future - goes with the other dependabot todos :).
2025-04-28 14:44:28 -04:00
ccurme
e4877e5ef1
fireworks: release 0.3.0 ( #30977 )
2025-04-23 10:08:38 -04:00
Sydney Runkle
8c6734325b
partners[lint]: run pyupgrade to get code in line with 3.9 standards ( #30781 )
...
Using `pyupgrade` to get all `partners` code up to 3.9 standards
(mostly, fixing old `typing` imports).
2025-04-11 07:18:44 -04:00
ccurme
59908f04d4
fireworks: release 0.2.9 ( #30527 )
2025-03-27 16:04:20 +00:00
ccurme
db1e340387
fireworks: release 0.2.8 ( #30400 )
2025-03-20 16:15:51 -04:00
ccurme
b86cd8270c
multiple: support strict and method in with_structured_output ( #30385 )
2025-03-20 13:17:07 -04:00
Erick Friis
1a225fad03
multiple: fix uv path deps ( #29790 )
...
file:// format wasn't working with updates - it doesn't install as an
editable dep
move to tool.uv.sources with path= instead
2025-02-13 21:32:34 +00:00
ccurme
d172984c91
infra: migrate to uv ( #29566 )
2025-02-06 13:36:26 -05:00
Erick Friis
e074c26a6b
partners/fireworks: release 0.2.7 ( #29487 )
2025-01-29 22:22:18 +00:00
