mirror of
https://github.com/hwchase17/langchain.git
synced 2026-07-01 22:59:06 +00:00
a063ec26dd21678069d3b3d44770dffcff2b60f0
9235 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
a063ec26dd |
chore(core): fix some any generics (#34545)
Co-authored-by: Mason Daugherty <github@mdrxy.com> |
||
|
|
3eee4002d9 |
refactor(langchain): refactor test_create_agent_tool_validation (#34443)
Simplify test for `create_agent` errors. * Remove duplicate tests * Test sync and async with common logic --------- Co-authored-by: Mason Daugherty <github@mdrxy.com> |
||
|
|
3d3a4c27cc | release(langchain): 1.3.7 (#38024) | ||
|
|
7ffe092657 |
style(langchain): add ruff rules ARG (#34435)
In this order: * used `@override` when overriding a parent method. * prefixed param with `_` when the param could be renamed. * used `*_args, **_kwargs` when it was not possible to rename (eg: protocol) * used `_ = some_variable` when the variable name is inspected (in tools) --------- Co-authored-by: Mason Daugherty <github@mdrxy.com> Co-authored-by: Mason Daugherty <mason@langchain.dev> |
||
|
|
92ee772761 |
feat(langchain): add ProviderToolSearchMiddleware (#37969)
[Docs](https://github.com/langchain-ai/docs/pull/4355) Adds `ProviderToolSearchMiddleware` to let agents defer selected tools behind OpenAI/Anthropic provider-native tool search while preserving existing `extras={"defer_loading": True}` behavior. The middleware validates searchable tool names, injects the provider search tool only when a tool is deferred, and rejects unsupported providers up front. Made by [Open SWE](https://openswe.vercel.app) --------- Co-authored-by: Alexander Olsen <13665641+aolsenjazz@users.noreply.github.com> Co-authored-by: open-swe[bot] <open-swe@users.noreply.github.com> Co-authored-by: Mason Daugherty <github@mdrxy.com> Co-authored-by: Mason Daugherty <mason@langchain.dev> |
||
|
|
23ce677870 |
chore(langchain): activate mypy warn_return_any (#34249)
Co-authored-by: Mason Daugherty <github@mdrxy.com> |
||
|
|
2b4735712c |
chore(model-profiles): refresh model profile data (#38012)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the `refresh_model_profiles` workflow. Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
64ee4d8154 |
release(groq): 1.1.3 (#38009)
Closes #37996 |
||
|
|
8bc96308d0 |
fix(core): accept sequence tool error content (#38005)
`handle_tool_error` callables can now return structured message content as any valid sequence, not just a mutable `list`. Valid structured sequences are normalized to the `ToolMessage` content shape at the tool output boundary, while invalid content still falls back to stringification. ## Changes - Widened `ToolExceptionHandlerOutput` from `list[str | dict[str, Any]]` to `Sequence[MessageContentBlock]` so handlers returning `list[dict[str, Any]]` or tuple content blocks type-check cleanly. - Added `_normalize_message_content` to validate structured message content and convert valid non-string sequences to the `list` shape expected by `ToolMessage`. - Preserved existing stringification behavior for invalid structured content blocks instead of treating failed normalization as `None`. - Removed the now-unused `_is_message_content_type` helper; output formatting validates content directly through `_normalize_message_content`. |
||
|
|
0f1b291f42 |
fix(core): type structured tool error handler output (#38003)
`handle_tool_error` callables can already return structured message content at runtime, but the public typing only allowed strings. The tool error handling API now reflects the existing output formatting path, including clearer docs for how handled errors become `ToolMessage(status="error")` results. |
||
|
|
77bbf8ba39 |
test(langchain): mark legacy trigger view for 2.0 removal (#38002)
`SummarizationMiddleware._trigger_conditions` is now explicitly marked as a temporary compatibility view for private consumers. The regression test is tied to the package major version so the 2.0 release path fails loudly until the legacy attr and test are removed. |
||
|
|
e16386d3b2 | release(langchain): 1.3.6 (#38001) | ||
|
|
8c5b36c851 |
fix(langchain): preserve summarization trigger compatibility (#38000)
`SummarizationMiddleware` now uses `_trigger_clauses` as the canonical
internal representation for AND/OR trigger evaluation while keeping
`_trigger_conditions` as a tuple-shaped compatibility view. This keeps
the new dict-style `TriggerClause` behavior intact without breaking
private consumers that still inspect the old tuple-normalized trigger
state.
## Changes
- Added `_trigger_clauses` as the source of truth for summarization
trigger evaluation, profile requirement checks, and compound AND clause
handling.
- Restored `_trigger_conditions` as a legacy compatibility projection
for tuple-expressible triggers, so tuple and single-key dict triggers
remain visible in the previous private shape.
- Avoided misrepresenting compound `TriggerClause` inputs like
`{"tokens": 1000, "messages": 5}` as independent OR-style tuple
conditions.
|
||
|
|
90b2f94583 | release(langchain): 1.3.5 (#37998) | ||
|
|
05fe08201c |
feat(langchain): port AND-capable trigger conditions to SummarizationMiddleware (#34576)
Closes #34442 [Docs](https://github.com/langchain-ai/docs/pull/4377) --- Add parity with LangChain.js trigger semantics for Python `SummarizationMiddleware`. `trigger` can now express AND conditions within a single dict-style `TriggerClause` while preserving the existing tuple and list-of-tuples behavior. A simple user story: a support agent is helping debug an issue over a long conversation. One tool call may return a large log snippet, briefly pushing the token count over a limit, but the conversation is still only a few messages long and the recent context is valuable. Separately, the user may send many short follow-up messages that increase message count without using much context. With `trigger={"tokens": 4000, "messages": 10}`, both thresholds must be met at the same time: at least 4,000 tokens and at least 10 messages. This means 5,000 tokens across only 3 messages does not summarize, and 20 short messages totaling only 1,000 tokens does not summarize either. Summarization waits until the conversation is large enough by both measures, making it less likely to discard useful recent context too early. ## Changes - Add `TriggerClause` support so `trigger={"tokens": 4000, "messages": 10}` only summarizes when all configured thresholds are met - Export `TriggerClause` from `langchain.agents.middleware` so users can import and annotate dict-style trigger clauses from the public middleware entrypoint - Normalize tuple and mapping trigger inputs through `_normalize_trigger`, preserving existing `ContextSize` tuple semantics as single-condition clauses - Defensively copy mutable trigger list and dict inputs during initialization so caller-side mutations do not change the middleware's stored public configuration after construction - Keep list inputs as OR semantics across clauses, including mixed lists like `[{"tokens": 4000, "messages": 10}, ("messages", 50)]` - Update `_should_summarize` to evaluate AND within each clause and OR across clauses for `tokens`, `messages`, and `fraction` - Update the docs and API link map so `TriggerClause` resolves in the Python middleware docs - Preserve tuple-trigger compatibility while allowing message-based `keep` configurations to summarize at least one message when a trigger fires near the cutoff boundary AI assistance was used to help draft and refine this contribution. --------- Co-authored-by: Mason Daugherty <mason@langchain.dev> Co-authored-by: Mason Daugherty <github@mdrxy.com> |
||
|
|
ac18ef5871 |
docs(core): document multimodal handling in get_buffer_string (#37994)
Clarifies how `get_buffer_string` treats multimodal message content across output formats. The docs now make the default prefix format's text-only behavior explicit and point users to XML when they need structured multimodal block representations. This behavior may change in future iterations |
||
|
|
53f2ad18a0 | release(perplexity): 1.4.0 (#37993) | ||
|
|
de9502525a |
feat(perplexity): bind_tools and Responses-API tool round-trip (#37934)
## Summary Follow-up to #37911 (released in `langchain-perplexity` 1.3.2). That PR fixed the outbound `ToolMessage` / `AIMessage.tool_calls` serialization; this one implements **`ChatPerplexity.bind_tools`**, which flips `has_tool_calling` to `True` and lights up the full `langchain-tests` standard tool-calling suite — the suite that would have caught #37911 in the first place. Verified live against the Perplexity Agent API (`openai/gpt-5.5`, `use_responses_api=True`): a client-side function-tool round-trip (invoke + stream) works end-to-end. ## Core change (the `bind_tools` work + the Responses-API follow-up) - **`bind_tools`** mirrors `langchain-openai`: converts tools via `convert_to_openai_tool`, normalizes `tool_choice`, and passes Perplexity built-in tools (`web_search`, etc.) through unchanged. - **`_to_responses_payload`** now translates tool turns into the Responses (Agent) API's typed input items: `AIMessage.tool_calls` → `function_call`, `ToolMessage` → `function_call_output`, and flattens function tool specs. (The Responses API has no `tool` role, so this translation is required for round-trips.) ## Changes required to make standard-suite tests pass on the Responses route - Streaming: `_convert_responses_stream_event_to_chunk` emits a `tool_call_chunk` on `response.output_item.done` function calls — required by `test_tool_calling` (which streams and asserts tool calls). - `_content_to_text` reduces list-shaped assistant content to text in the tool-call branch — required by `test_agent_loop` and `test_tool_message_histories_list_content`. - `response_metadata["model_name"]` on the Responses route, mirroring Chat Completions — required by `test_usage_metadata` / `test_usage_metadata_streaming` (used by `langchain_core` usage callbacks). ## Tests - `sonar` standard class marked `has_tool_calling=False` (the family returns 400 "Tool calling is not supported for this model"). - New `TestPerplexityResponsesStandard` runs the full suite on `openai/gpt-5.5` + `use_responses_api` with `has_tool_choice=False`: **35 passed, 13 skipped, 2 xfailed**. - The 2 xfails (`test_unicode_tool_call_integration`, `test_structured_few_shot_examples`) hard-code `tool_choice="any"`. The Responses (Agent) API does not support `tool_choice` (verified: every form returns HTTP 200 without forcing a call), which `ChatPerplexity` surfaces as `ValueError` — **existing behavior, unchanged here.** Softening that to a warning can be a separate change. `make format lint` clean; unit + standard tests green. --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com> Co-authored-by: Mason Daugherty <mason@langchain.dev> Co-authored-by: Mason Daugherty <github@mdrxy.com> |
||
|
|
c0103c3d2c | hotfix(openai): min core dep (#37990) | ||
|
|
c15cfe21b6 | release(core): 1.4.3 (#37991) | ||
|
|
c7d01d5270 | release(openai): 1.3.0 (#37989) | ||
|
|
0f45b2c285 |
feat(openai): support apply_patch built-in tool (#37157)
[Docs](https://github.com/langchain-ai/docs/pull/4370) Fixes #37031 Adds support for OpenAI Responses API `apply_patch` built-in tool. This PR: - Adds `apply_patch` to the OpenAI well-known tools list so `bind_tools([{"type": "apply_patch"}])` works. - Preserves `apply_patch_call` and `apply_patch_call_output` items when converting OpenAI Responses API outputs into LangChain `AIMessage.content`. - Preserves the same item types in streaming `AIMessageChunk` conversion. - Supports round-trip input conversion for `apply_patch_call` and `apply_patch_call_output`. - Adds unit tests for core tool passthrough, non-streaming conversion, streaming conversion, and round-trip input conversion. ## Testing - `cd libs/core && uv run --group test pytest tests/unit_tests/utils/test_function_calling.py -k "apply_patch" -vv` - `cd libs/partners/openai && uv run --group test pytest tests/unit_tests/chat_models/test_base.py -k "apply_patch" -vv` - `cd libs/core && uv run --all-groups ruff check langchain_core/utils/function_calling.py tests/unit_tests/utils/test_function_calling.py` - `cd libs/partners/openai && uv run --all-groups ruff check langchain_openai/chat_models/base.py tests/unit_tests/chat_models/test_base.py` --------- Co-authored-by: Mason Daugherty <github@mdrxy.com> Co-authored-by: Mason Daugherty <mason@langchain.dev> |
||
|
|
7e9c916c7e |
chore(model-profiles): refresh model profile data (#37973)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the `refresh_model_profiles` workflow. Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
e096992984 | release(core): 1.4.2 (#37968) | ||
|
|
74c23741b0 |
feat(core): deprecate problematic dict() method (#31685)
`dict()` is a problematic method name as it clashes with the builtin `dict` used as a type annotation. This PR replaces it with an `asdict` method (inspired by dataclasses). It also fixes a few places where `dict` must be replaced by `builtins.dict` until the `dict()` method is removed. --------- Co-authored-by: Mason Daugherty <github@mdrxy.com> |
||
|
|
f9f11527f6 |
fix(standard-tests): serialize BytesIO bodies in VCR cassettes (#37963)
The custom VCR serializer pipes the cassette dict through `yaml.safe_dump`, which raises on stream objects — so any request with an `io.BytesIO` body (multipart/file-upload endpoints) couldn't be recorded. A new `_coerce_bytesio` helper walks the cassette and replaces each `BytesIO` with its raw bytes before dumping. |
||
|
|
4bd3b6ab64 |
chore(model-profiles): refresh model profile data (#37958)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the `refresh_model_profiles` workflow. Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
8fed1dd641 |
chore: bump pyarrow from 21.0.0 to 23.0.1 in /libs/langchain_v1 (#37930)
Bumps [pyarrow](https://github.com/apache/arrow) from 21.0.0 to 23.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/arrow/releases">pyarrow's releases</a>.</em></p> <blockquote> <h2>Apache Arrow 23.0.1</h2> <p>Release Notes URL: <a href="https://arrow.apache.org/release/23.0.1.html">https://arrow.apache.org/release/23.0.1.html</a></p> <h2>Apache Arrow 23.0.1 RC0</h2> <p>Release Notes: Release Candidate: 23.0.1 RC0</p> <h2>Apache Arrow 23.0.0</h2> <p>Release Notes URL: <a href="https://arrow.apache.org/release/23.0.0.html">https://arrow.apache.org/release/23.0.0.html</a></p> <h2>Apache Arrow 23.0.0 RC2</h2> <p>Release Notes: Release Candidate: 23.0.0 RC2</p> <h2>Apache Arrow 22.0.0</h2> <p>Release Notes URL: <a href="https://arrow.apache.org/release/22.0.0.html">https://arrow.apache.org/release/22.0.0.html</a></p> <h2>Apache Arrow 22.0.0 RC1</h2> <p>Release Notes: Release Candidate: 22.0.0 RC1</p> <h2>Apache Arrow 22.0.0 RC0</h2> <p>Release Notes: Release Candidate: 22.0.0 RC0</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
|
9fa4d7b6a1 |
chore(model-profiles): refresh model profile data (#37936)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the `refresh_model_profiles` workflow. Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
ad8c0fc4cc |
chore: bump pyarrow from 22.0.0 to 23.0.1 in /libs/partners/nomic (#37931)
Bumps [pyarrow](https://github.com/apache/arrow) from 22.0.0 to 23.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/arrow/releases">pyarrow's releases</a>.</em></p> <blockquote> <h2>Apache Arrow 23.0.1</h2> <p>Release Notes URL: <a href="https://arrow.apache.org/release/23.0.1.html">https://arrow.apache.org/release/23.0.1.html</a></p> <h2>Apache Arrow 23.0.1 RC0</h2> <p>Release Notes: Release Candidate: 23.0.1 RC0</p> <h2>Apache Arrow 23.0.0</h2> <p>Release Notes URL: <a href="https://arrow.apache.org/release/23.0.0.html">https://arrow.apache.org/release/23.0.0.html</a></p> <h2>Apache Arrow 23.0.0 RC2</h2> <p>Release Notes: Release Candidate: 23.0.0 RC2</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
|
2ef987bf7d |
chore: bump pyarrow from 21.0.0 to 23.0.1 in /libs/langchain (#37929)
Bumps [pyarrow](https://github.com/apache/arrow) from 21.0.0 to 23.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/arrow/releases">pyarrow's releases</a>.</em></p> <blockquote> <h2>Apache Arrow 23.0.1</h2> <p>Release Notes URL: <a href="https://arrow.apache.org/release/23.0.1.html">https://arrow.apache.org/release/23.0.1.html</a></p> <h2>Apache Arrow 23.0.1 RC0</h2> <p>Release Notes: Release Candidate: 23.0.1 RC0</p> <h2>Apache Arrow 23.0.0</h2> <p>Release Notes URL: <a href="https://arrow.apache.org/release/23.0.0.html">https://arrow.apache.org/release/23.0.0.html</a></p> <h2>Apache Arrow 23.0.0 RC2</h2> <p>Release Notes: Release Candidate: 23.0.0 RC2</p> <h2>Apache Arrow 22.0.0</h2> <p>Release Notes URL: <a href="https://arrow.apache.org/release/22.0.0.html">https://arrow.apache.org/release/22.0.0.html</a></p> <h2>Apache Arrow 22.0.0 RC1</h2> <p>Release Notes: Release Candidate: 22.0.0 RC1</p> <h2>Apache Arrow 22.0.0 RC0</h2> <p>Release Notes: Release Candidate: 22.0.0 RC0</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
|
cdafe607af | release(perplexity): 1.3.2 (#37925) | ||
|
|
1be54cc0e1 |
fix(perplexity): serialize ToolMessage and AIMessage.tool_calls (#37911)
Fixes #37912 `ChatPerplexity._convert_message_to_dict` raises `TypeError` on `ToolMessage` and drops `AIMessage.tool_calls`, which breaks tool-message round-trips through `ChatPerplexity` — a client-side tool-calling loop, or a shared message history across providers via `RunnableWithFallbacks`. Repro: ```python from langchain_perplexity import ChatPerplexity from langchain_core.messages import ToolMessage ChatPerplexity(model="sonar")._convert_message_to_dict( ToolMessage(content="result", tool_call_id="call_1") ) # TypeError: Got unknown type content='result' tool_call_id='call_1' ``` An `AIMessage` carrying `tool_calls` also serializes to `{"role": "assistant", "content": ...}` with the `tool_calls` silently dropped. This brings the converter to parity with `langchain-openai`: serialize `tool_calls` / `invalid_tool_calls`, send `content` as `null` when tool_calls are present, and add a `tool`-role branch for `ToolMessage`. How I verified: added unit tests for the `ToolMessage` and `AIMessage.tool_calls` / `invalid_tool_calls` cases; the perplexity package unit tests, lint, and format all pass. Scope: translating these to the Responses (Agent) API's `function_call` / `function_call_output` input items is a separate follow-up; this PR is the Chat Completions serialization parity fix. --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com> Co-authored-by: Mason Daugherty <mason@langchain.dev> Co-authored-by: Mason Daugherty <github@mdrxy.com> |
||
|
|
a401351e12 | release(core): 1.4.1 (#37922) | ||
|
|
053c368ba4 |
fix(core): remove Bedrock prevalidation from load (#37909)
Removes the built-in Bedrock class init validator from `load` so Bedrock kwargs such as `base_url` and `endpoint_url` are no longer specially rejected during deserialization. This keeps provider-specific SSRF policy out of core; callers should continue to avoid untrusted manifests or use restrictive `allowed_objects`. Verified with `make format`, `make lint`, and the focused serialization load unit tests. AI-assisted contribution by Open SWE. Made by [Open SWE](https://openswe.vercel.app) --------- Co-authored-by: open-swe[bot] <215916821+open-swe[bot]@users.noreply.github.com> |
||
|
|
0993edba86 |
chore(model-profiles): refresh model profile data (#37916)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the `refresh_model_profiles` workflow. Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
6f7c8f5445 |
chore: bump starlette from 0.49.1 to 1.0.1 in /libs/langchain (#37899)
Bumps [starlette](https://github.com/Kludex/starlette) from 0.49.1 to 1.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/starlette/releases">starlette's releases</a>.</em></p> <blockquote> <h2>Version 1.0.1</h2> <h2>What's Changed</h2> <ul> <li>Ignore malformed <code>Host</code> header when constructing <code>request.url</code> by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/starlette/pull/3279">Kludex/starlette#3279</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/starlette/compare/1.0.0...1.0.1">https://github.com/Kludex/starlette/compare/1.0.0...1.0.1</a></p> <h2>Version 1.0.0</h2> <p>Starlette 1.0 is here! 🎉</p> <p>After nearly eight years since its creation, Starlette has reached its first stable release.</p> <p>A special thank you to <a href="https://github.com/lovelydinosaur"><code>@lovelydinosaur</code></a>, the creator of Starlette, Uvicorn, HTTPX and MkDocs, whose work helped to lay the foundation for the modern async Python ecosystem. 🙏</p> <p>Thank you to <a href="https://github.com/adriangb"><code>@adriangb</code></a>, <a href="https://github.com/graingert"><code>@graingert</code></a>, <a href="https://github.com/agronholm"><code>@agronholm</code></a>, <a href="https://github.com/florimondmanca"><code>@florimondmanca</code></a>, <a href="https://github.com/aminalaee"><code>@aminalaee</code></a>, <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>, <a href="https://github.com/alex-oleshkevich"><code>@alex-oleshkevich</code></a>, <a href="https://github.com/abersheeran"><code>@abersheeran</code></a>, and <a href="https://github.com/uSpike"><code>@uSpike</code></a> for helping make Starlette what it is today. And to all my sponsors - especially <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>, <a href="https://github.com/huggingface"><code>@huggingface</code></a>, and <a href="https://github.com/elevenlabs"><code>@elevenlabs</code></a> - thank you for your support!</p> <p>Thank you to all <a href="https://github.com/encode/starlette/graphs/contributors">290+ contributors</a> who have shaped Starlette over the years! ❤️</p> <p>Read more on the <a href="https://marcelotryle.com/blog/2026/03/22/starlette-10-is-here/">blog post</a>.</p> <p>Check out the full release notes at <a href="https://www.starlette.io/release-notes/#100-march-22-2026">https://www.starlette.io/release-notes/#100-march-22-2026</a></p> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/encode/starlette/compare/1.0.0rc1...1.0.0">https://github.com/encode/starlette/compare/1.0.0rc1...1.0.0</a></p> <h2>Version 1.0.0rc1</h2> <p>We're ready! 🚀</p> <p>The first release candidate for Starlette 1.0 is here! After years on ZeroVer, we're finally making the jump.</p> <p>This release removes all deprecated features marked for 1.0.0, along with some last-minute bug fixes.</p> <p>A special thank you to <a href="https://github.com/lovelydinosaur"><code>@lovelydinosaur</code></a>, the creator of Starlette, Uvicorn, HTTPX and MkDocs, whose work helped to lay the foundation for the modern async Python ecosystem. 🙏</p> <p>Thank you to <a href="https://github.com/adriangb"><code>@adriangb</code></a>, <a href="https://github.com/graingert"><code>@graingert</code></a>, <a href="https://github.com/agronholm"><code>@agronholm</code></a>, <a href="https://github.com/florimondmanca"><code>@florimondmanca</code></a>, <a href="https://github.com/aminalaee"><code>@aminalaee</code></a>, <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>, <a href="https://github.com/alex-oleshkevich"><code>@alex-oleshkevich</code></a>, and <a href="https://github.com/abersheeran"><code>@abersheeran</code></a> for helping make Starlette what it is today. And to all my sponsors - especially <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>, <a href="https://github.com/huggingface"><code>@huggingface</code></a>, and <a href="https://github.com/elevenlabs"><code>@elevenlabs</code></a> - thank you for your support!</p> <p>Thank you to all <a href="https://github.com/encode/starlette/graphs/contributors">290+ contributors</a> who have shaped Starlette over the years!</p> <p>Check out the full release notes at <a href="https://www.starlette.io/release-notes/#100rc1-february-23-2026">https://www.starlette.io/release-notes/#100rc1-february-23-2026</a></p> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/starlette/compare/0.52.1...1.0.0rc1">https://github.com/Kludex/starlette/compare/0.52.1...1.0.0rc1</a></p> <h2>Version 0.52.1</h2> <h2>What's Changed</h2> <ul> <li>Only use <code>typing_extensions</code> in older Python versions by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/starlette/pull/3109">Kludex/starlette#3109</a></li> </ul> <hr /> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/starlette/blob/main/docs/release-notes.md">starlette's changelog</a>.</em></p> <blockquote> <h2>1.0.1 (May 21, 2026)</h2> <h4>Fixed</h4> <ul> <li>Ignore malformed <code>Host</code> header when constructing <code>request.url</code> <a href="https://redirect.github.com/encode/starlette/pull/3279">#3279</a>.</li> </ul> <h2>1.0.0 (March 22, 2026)</h2> <p>Starlette 1.0 is here!</p> <p>After nearly eight years since its creation, Starlette has reached its first stable release. Thank you to everyone who tested the release candidate and reported issues.</p> <p>You can read more on the <a href="https://marcelotryle.com/blog/2026/03/22/starlette-10-is-here/">blog post</a>.</p> <h4>Added</h4> <ul> <li>Track session access and modification in <code>SessionMiddleware</code> <a href="https://redirect.github.com/encode/starlette/pull/3166">#3166</a>.</li> </ul> <h4>Fixed</h4> <ul> <li>Handle websocket denial responses in <code>StreamingResponse</code> and <code>FileResponse</code> <a href="https://redirect.github.com/encode/starlette/pull/3189">#3189</a>.</li> <li>Use <code>bytearray</code> for field accumulation in <code>FormParser</code> <a href="https://redirect.github.com/encode/starlette/pull/3179">#3179</a>.</li> <li>Move <code>parser.finalize()</code> inside try/except in <code>MultiPartParser.parse()</code> <a href="https://redirect.github.com/encode/starlette/pull/3153">#3153</a>.</li> </ul> <h2>1.0.0rc1 (February 23, 2026)</h2> <p>We're ready! I'm thrilled to announce the first release candidate for Starlette 1.0.</p> <p>Starlette was created in June 2018 by Tom Christie, and has been on ZeroVer for years. Today, it's downloaded almost <a href="https://pypistats.org/packages/starlette">10 million times a day</a>, serves as the foundation for FastAPI, and has inspired many other frameworks. In the age of AI, Starlette continues to play an important role as a dependency of the Python MCP SDK.</p> <p>This release focuses on removing deprecated features that were marked for removal in 1.0.0, along with some last minute bug fixes. It's a release candidate, so we can gather feedback from the community before the final 1.0.0 release soon.</p> <p>A huge thank you to all the contributors who have helped make Starlette what it is today. In particular, I'd like to recognize:</p> <ul> <li><a href="https://github.com/lovelydinosaur">Kim Christie</a> - The original creator of Starlette, Uvicorn, and MkDocs, and the current maintainer of HTTPX. Kim's work helped lay the foundation for the modern async Python ecosystem.</li> <li><a href="https://github.com/adriangb">Adrian Garcia Badaracco</a> - One of the smartest people I know, whom I have the pleasure of working with at Pydantic.</li> <li><a href="https://github.com/graingert">Thomas Grainger</a> - My async teacher, always ready to help with questions.</li> <li><a href="https://github.com/agronholm">Alex Grönholm</a> - Another async mentor, always prompt to help with questions.</li> <li><a href="https://github.com/florimondmanca">Florimond Manca</a> - Always present in the early days of both Starlette and Uvicorn, and helped a lot in the ecosystem.</li> <li><a href="https://github.com/aminalaee">Amin Alaee</a> - Contributed a lot with file-related PRs.</li> <li><a href="https://github.com/tiangolo">Sebastián Ramírez</a> - Maintains FastAPI upstream, and always in contact to help with upstream issues.</li> <li><a href="https://github.com/alex-oleshkevich">Alex Oleshkevich</a> - Helped a lot on templates and many discussions.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
|
586bcd46a1 |
docs(core): expand and link ModelProfile docstrings (#37904)
Rewrote the `ModelProfile` docstrings to point readers at canonical docs. The class docstring now explains how profiles are accessed and where the data comes from, and several terse field docstrings gain a one-line clarification or a link to the relevant guide. |
||
|
|
9eab5237cc |
chore: bump requests from 2.34.0 to 2.34.2 in /libs/partners/xai (#37903)
Bumps [requests](https://github.com/psf/requests) from 2.34.0 to 2.34.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/releases">requests's releases</a>.</em></p> <blockquote> <h2>v2.34.2</h2> <h2>2.34.2 (2026-05-14)</h2> <ul> <li>Moved <code>headers</code> input type back to <code>Mapping</code> to avoid invariance issues with <code>MutableMapping</code> and inferred dict types. Users calling <code>Request.headers.update()</code> may need to narrow typing in their code. (<a href="https://redirect.github.com/psf/requests/issues/7441">#7441</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14">https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14</a></p> <h2>v2.34.1</h2> <h2>2.34.1 (2026-05-13)</h2> <p><strong>Bugfixes</strong></p> <ul> <li>Widened <code>json</code> input type from <code>dict</code> and <code>list</code> to <code>Mapping</code> and <code>Sequence</code>. (<a href="https://redirect.github.com/psf/requests/issues/7436">#7436</a>)</li> <li>Changed <code>headers</code> input type to MutableMapping and removed <code>None</code> from <code>Request.headers</code> typing to improve handling for users. (<a href="https://redirect.github.com/psf/requests/issues/7431">#7431</a>)</li> <li><code>Response.reason</code> moved from <code>str | None</code> to <code>str</code> to improve handling for users. (<a href="https://redirect.github.com/psf/requests/issues/7437">#7437</a>)</li> <li>Fixed a bug where some bodies with custom <code>__getattr__</code> implementations weren't being properly detected as Iterables. (<a href="https://redirect.github.com/psf/requests/issues/7433">#7433</a>)</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/k223kim"><code>@k223kim</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/7433">psf/requests#7433</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13">https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's changelog</a>.</em></p> <blockquote> <h2>2.34.2 (2026-05-14)</h2> <ul> <li>Moved <code>headers</code> input type back to <code>Mapping</code> to avoid invariance issues with <code>MutableMapping</code> and inferred dict types. Users calling <code>Request.headers.update()</code> may need to narrow typing in their code. (<a href="https://redirect.github.com/psf/requests/issues/7441">#7441</a>)</li> </ul> <h2>2.34.1 (2026-05-13)</h2> <p><strong>Bugfixes</strong></p> <ul> <li>Widened <code>json</code> input type from <code>dict</code> and <code>list</code> to <code>Mapping</code> and <code>Sequence</code>. (<a href="https://redirect.github.com/psf/requests/issues/7436">#7436</a>)</li> <li>Changed <code>headers</code> input type to MutableMapping and removed <code>None</code> from <code>Request.headers</code> typing to improve handling for users. (<a href="https://redirect.github.com/psf/requests/issues/7431">#7431</a>)</li> <li><code>Response.reason</code> moved from <code>str | None</code> to <code>str</code> to improve handling for users. (<a href="https://redirect.github.com/psf/requests/issues/7437">#7437</a>)</li> <li>Fixed a bug where some bodies with custom <code>__getattr__</code> implementations weren't being properly detected as Iterables. (<a href="https://redirect.github.com/psf/requests/issues/7433">#7433</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
|
3b999176c8 |
test(langchain,partners): disable pytest-benchmark under xdist to silence PytestBenchmarkWarning (#37901)
Test targets run with `-n auto`, which makes `pytest-benchmark` (present via `langchain-tests`) auto-disable itself and emit a `PytestBenchmarkWarning` once per xdist worker. Passing `--benchmark-disable` turns the plugin off explicitly so the warning never fires, matching what `core` and `langchain_v1` already do. ## Changes - Add `--benchmark-disable` to the `-n auto` test targets across `langchain` (unit) and 14 partner packages' integration targets: `anthropic`, `chroma`, `deepseek`, `exa`, `fireworks`, `groq`, `huggingface`, `mistralai`, `nomic`, `ollama`, `openai`, `openrouter`, `qdrant`, `xai`. - Deliberately excluded `text-splitters` and `model-profiles`: their `test` group doesn't install `pytest-benchmark`, so the flag would fail with `unrecognized arguments`. Verified by importing the plugin under each package's actual dependency group before editing. |
||
|
|
34af59c1a6 |
fix(partners): cap aiohttp below 3.14 for vcrpy compat (#37898)
aiohttp **3.14.0** (released 2026-06-01) removed `aiohttp.streams.AsyncStreamReaderMixin`. The current release of `vcrpy` (8.1.1) still subclasses it in its aiohttp stub: ```python class MockStream(asyncio.StreamReader, streams.AsyncStreamReaderMixin): ``` As a result, the VCR fixture fails to import during test setup, and the scheduled integration tests for the `fireworks` and `xai` partners error out at `test_stream_time`: ``` AttributeError: module 'aiohttp.streams' has no attribute 'AsyncStreamReaderMixin' ``` Only these two partners are affected because their SDKs use `aiohttp`, so VCR loads its aiohttp stub; partners on `httpx` (e.g. `anthropic`, `openai`) are unaffected. This is an upstream incompatibility tracked at kevin1024/vcrpy#995, with a fix in kevin1024/vcrpy#996 that has not yet been released. Until a fixed `vcrpy` ships, this caps `aiohttp<3.14.0` via `[tool.uv] constraint-dependencies` (the same mechanism already used for the `pygments` CVE pin) in both packages. Using a constraint rather than tightening the published `aiohttp>=3.9.1,<4.0.0` range means the change only affects local/CI resolution — the package metadata users install against is untouched. Both lockfiles re-resolve to `aiohttp` 3.13.5, which still provides the removed attribute. A code comment points back to the upstream fix so the pin can be removed once it lands. |
||
|
|
414d7b8e94 |
chore(model-profiles): refresh model profile data (#37895)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the `refresh_model_profiles` workflow. Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
bae485bd5e |
chore: bump dependencies (#37892)
## Summary - Bump `langsmith` in `libs/partners/huggingface/uv.lock` from 0.7.31 to 0.8.9 - Bump `langchain-classic` in `libs/langchain_v1/uv.lock` from 1.0.0 to 1.0.7 - Bump transitive `langsmith` in `libs/langchain_v1/uv.lock` from 0.8.0 to 0.8.9 ## Notes - The open Chroma alert currently has no patched version in GitHub Dependabot metadata. `chromadb` is already at 1.5.9 on `master`, and PyPI shows 1.5.9 as the latest available release. ## Testing - `uv lock --check` in `libs/partners/huggingface` - `uv lock --check` in `libs/langchain_v1` - `uv lock --check` in `libs/partners/chroma` - `git diff --check` |
||
|
|
1a2dcdeee9 |
chore: bump aiohttp from 3.13.4 to 3.14.0 in /libs/langchain_v1 (#37888)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: John Kennedy <65985482+jkennedyvz@users.noreply.github.com> |
||
|
|
dca3138e59 |
chore: bump aiohttp from 3.13.5 to 3.14.0 in /libs/partners/xai (#37887)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
e9f4182988 |
chore: bump aiohttp from 3.13.4 to 3.14.0 in /libs/langchain (#37889)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
a7b53c9b77 |
chore: bump langsmith from 0.8.5 to 0.8.9 in /libs/partners/xai (#37886)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from 0.8.5 to 0.8.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's releases</a>.</em></p> <blockquote> <h2>v0.8.9</h2> <h2>What's Changed</h2> <ul> <li>feat(sandbox): add JS Dockerfile snapshots by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2951">langchain-ai/langsmith-sdk#2951</a></li> <li>chore(deps-dev): bump the js-minor-and-patch group across 1 directory with 11 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2931">langchain-ai/langsmith-sdk#2931</a></li> <li>chore(deps): bump websockets from 15.0.1 to 16.0 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2811">langchain-ai/langsmith-sdk#2811</a></li> <li>chore(deps): update myst-parser requirement from >=3 to >=4.0.1 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2841">langchain-ai/langsmith-sdk#2841</a></li> <li>chore(deps): bump the py-minor-and-patch group across 1 directory with 19 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2934">langchain-ai/langsmith-sdk#2934</a></li> <li>chore(deps): bump typescript from 5.9.3 to 6.0.3 in /js by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2839">langchain-ai/langsmith-sdk#2839</a></li> <li>chore(deps-dev): bump google-adk from 1.10.0 to 2.1.0 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2960">langchain-ai/langsmith-sdk#2960</a></li> <li>chore(deps-dev): bump wrapt from 1.17.3 to 2.2.1 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2961">langchain-ai/langsmith-sdk#2961</a></li> <li>chore(deps-dev): bump the py-minor-and-patch group in /python with 6 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2958">langchain-ai/langsmith-sdk#2958</a></li> <li>chore(deps-dev): bump types-tqdm from 4.67.3.20260408 to 4.67.3.20260518 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2959">langchain-ai/langsmith-sdk#2959</a></li> <li>ci: add minimum workflow permissions by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2967">langchain-ai/langsmith-sdk#2967</a></li> <li>chore: update dependabot.yml to comply with posture checks by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2966">langchain-ai/langsmith-sdk#2966</a></li> <li>test(python): deflake test_tracing_queue_limit_drops_when_full by <a href="https://github.com/baskaryan"><code>@baskaryan</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2964">langchain-ai/langsmith-sdk#2964</a></li> <li>feat(sandbox): size the dockerfile-build sandbox via vcpus/mem_bytes (python) by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2979">langchain-ai/langsmith-sdk#2979</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.8...v0.8.9">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.8...v0.8.9</a></p> <h2>v0.8.8</h2> <h2>What's Changed</h2> <ul> <li>fix(python): retry sandbox pool timeouts by <a href="https://github.com/baskaryan"><code>@baskaryan</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2953">langchain-ai/langsmith-sdk#2953</a></li> <li>fix(sandbox): build Dockerfile snapshots off /tmp by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2956">langchain-ai/langsmith-sdk#2956</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.8">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.8</a></p> <h2>v0.8.7</h2> <h2>What's Changed</h2> <ul> <li>fix: reconnect sandbox command streams on EOF by <a href="https://github.com/ramon-langchain"><code>@ramon-langchain</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2941">langchain-ai/langsmith-sdk#2941</a></li> <li>feat(sandbox): build snapshots from Dockerfiles by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2950">langchain-ai/langsmith-sdk#2950</a></li> <li>fix(python): add organization id to context URLs by <a href="https://github.com/vishnu-ssuresh"><code>@vishnu-ssuresh</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2945">langchain-ai/langsmith-sdk#2945</a></li> <li>fix(js): add organization id to context URLs by <a href="https://github.com/vishnu-ssuresh"><code>@vishnu-ssuresh</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2946">langchain-ai/langsmith-sdk#2946</a></li> <li>release(py): 0.8.7 by <a href="https://github.com/ramon-langchain"><code>@ramon-langchain</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2947">langchain-ai/langsmith-sdk#2947</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.6...v0.8.7">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.6...v0.8.7</a></p> <h2>v0.8.6</h2> <h2>What's Changed</h2> <ul> <li>chore(deps-dev): bump <code>@google/genai</code> from 1.50.1 to 2.0.1 in /js by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2875">langchain-ai/langsmith-sdk#2875</a></li> <li>chore(deps): bump mako from 1.3.11 to 1.3.12 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2880">langchain-ai/langsmith-sdk#2880</a></li> <li>chore(deps): bump authlib from 1.6.11 to 1.6.12 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2888">langchain-ai/langsmith-sdk#2888</a></li> <li>chore(deps): bump hono from 4.12.15 to 4.12.18 in /js by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2894">langchain-ai/langsmith-sdk#2894</a></li> <li>chore(deps): bump fast-uri from 3.1.0 to 3.1.2 in /js by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2895">langchain-ai/langsmith-sdk#2895</a></li> <li>chore(deps-dev): bump <code>@anthropic-ai/sdk</code> from 0.94.0 to 0.95.0 in /js by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2881">langchain-ai/langsmith-sdk#2881</a></li> <li>chore(deps): bump postcss from 8.5.8 to 8.5.14 in /js by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2898">langchain-ai/langsmith-sdk#2898</a></li> <li>chore(deps): bump <code>@protobufjs/utf8</code> from 1.1.0 to 1.1.1 in /js/internal/environment_tests/test-exports-vite in the npm_and_yarn group across 1 directory by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2908">langchain-ai/langsmith-sdk#2908</a></li> <li>chore(deps): bump hono from 4.12.18 to 4.12.19 in /js by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2909">langchain-ai/langsmith-sdk#2909</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
|
efb0a4589b |
chore: bump aiohttp from 3.13.5 to 3.14.0 in /libs/partners/fireworks (#37882)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f717342a86 |
chore: bump langsmith from 0.8.7 to 0.8.9 in /libs/partners/fireworks (#37883)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from 0.8.7 to 0.8.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's releases</a>.</em></p> <blockquote> <h2>v0.8.9</h2> <h2>What's Changed</h2> <ul> <li>feat(sandbox): add JS Dockerfile snapshots by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2951">langchain-ai/langsmith-sdk#2951</a></li> <li>chore(deps-dev): bump the js-minor-and-patch group across 1 directory with 11 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2931">langchain-ai/langsmith-sdk#2931</a></li> <li>chore(deps): bump websockets from 15.0.1 to 16.0 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2811">langchain-ai/langsmith-sdk#2811</a></li> <li>chore(deps): update myst-parser requirement from >=3 to >=4.0.1 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2841">langchain-ai/langsmith-sdk#2841</a></li> <li>chore(deps): bump the py-minor-and-patch group across 1 directory with 19 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2934">langchain-ai/langsmith-sdk#2934</a></li> <li>chore(deps): bump typescript from 5.9.3 to 6.0.3 in /js by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2839">langchain-ai/langsmith-sdk#2839</a></li> <li>chore(deps-dev): bump google-adk from 1.10.0 to 2.1.0 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2960">langchain-ai/langsmith-sdk#2960</a></li> <li>chore(deps-dev): bump wrapt from 1.17.3 to 2.2.1 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2961">langchain-ai/langsmith-sdk#2961</a></li> <li>chore(deps-dev): bump the py-minor-and-patch group in /python with 6 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2958">langchain-ai/langsmith-sdk#2958</a></li> <li>chore(deps-dev): bump types-tqdm from 4.67.3.20260408 to 4.67.3.20260518 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2959">langchain-ai/langsmith-sdk#2959</a></li> <li>ci: add minimum workflow permissions by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2967">langchain-ai/langsmith-sdk#2967</a></li> <li>chore: update dependabot.yml to comply with posture checks by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2966">langchain-ai/langsmith-sdk#2966</a></li> <li>test(python): deflake test_tracing_queue_limit_drops_when_full by <a href="https://github.com/baskaryan"><code>@baskaryan</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2964">langchain-ai/langsmith-sdk#2964</a></li> <li>feat(sandbox): size the dockerfile-build sandbox via vcpus/mem_bytes (python) by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2979">langchain-ai/langsmith-sdk#2979</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.8...v0.8.9">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.8...v0.8.9</a></p> <h2>v0.8.8</h2> <h2>What's Changed</h2> <ul> <li>fix(python): retry sandbox pool timeouts by <a href="https://github.com/baskaryan"><code>@baskaryan</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2953">langchain-ai/langsmith-sdk#2953</a></li> <li>fix(sandbox): build Dockerfile snapshots off /tmp by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2956">langchain-ai/langsmith-sdk#2956</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.8">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.8</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
|
d55c08bc72 |
chore: bump langsmith from 0.8.7 to 0.8.9 in /libs/partners/chroma (#37884)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from 0.8.7 to 0.8.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's releases</a>.</em></p> <blockquote> <h2>v0.8.9</h2> <h2>What's Changed</h2> <ul> <li>feat(sandbox): add JS Dockerfile snapshots by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2951">langchain-ai/langsmith-sdk#2951</a></li> <li>chore(deps-dev): bump the js-minor-and-patch group across 1 directory with 11 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2931">langchain-ai/langsmith-sdk#2931</a></li> <li>chore(deps): bump websockets from 15.0.1 to 16.0 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2811">langchain-ai/langsmith-sdk#2811</a></li> <li>chore(deps): update myst-parser requirement from >=3 to >=4.0.1 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2841">langchain-ai/langsmith-sdk#2841</a></li> <li>chore(deps): bump the py-minor-and-patch group across 1 directory with 19 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2934">langchain-ai/langsmith-sdk#2934</a></li> <li>chore(deps): bump typescript from 5.9.3 to 6.0.3 in /js by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2839">langchain-ai/langsmith-sdk#2839</a></li> <li>chore(deps-dev): bump google-adk from 1.10.0 to 2.1.0 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2960">langchain-ai/langsmith-sdk#2960</a></li> <li>chore(deps-dev): bump wrapt from 1.17.3 to 2.2.1 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2961">langchain-ai/langsmith-sdk#2961</a></li> <li>chore(deps-dev): bump the py-minor-and-patch group in /python with 6 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2958">langchain-ai/langsmith-sdk#2958</a></li> <li>chore(deps-dev): bump types-tqdm from 4.67.3.20260408 to 4.67.3.20260518 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2959">langchain-ai/langsmith-sdk#2959</a></li> <li>ci: add minimum workflow permissions by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2967">langchain-ai/langsmith-sdk#2967</a></li> <li>chore: update dependabot.yml to comply with posture checks by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2966">langchain-ai/langsmith-sdk#2966</a></li> <li>test(python): deflake test_tracing_queue_limit_drops_when_full by <a href="https://github.com/baskaryan"><code>@baskaryan</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2964">langchain-ai/langsmith-sdk#2964</a></li> <li>feat(sandbox): size the dockerfile-build sandbox via vcpus/mem_bytes (python) by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2979">langchain-ai/langsmith-sdk#2979</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.8...v0.8.9">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.8...v0.8.9</a></p> <h2>v0.8.8</h2> <h2>What's Changed</h2> <ul> <li>fix(python): retry sandbox pool timeouts by <a href="https://github.com/baskaryan"><code>@baskaryan</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2953">langchain-ai/langsmith-sdk#2953</a></li> <li>fix(sandbox): build Dockerfile snapshots off /tmp by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2956">langchain-ai/langsmith-sdk#2956</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.8">https://github.com/langchain-ai/langsmith-sdk/compare/v0.8.7...v0.8.8</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |