Mason Daugherty
abd9d4ce31
ci(infra): harden Dependabot version-bound preservation ( #37510 )
...
Dependabot has been stripping upper/lower bounds from internal
`langchain-*` deps in partner `pyproject.toml` files (e.g. #37288
reduced `langchain-core>=1.3.2,<2.0.0` to bare `langchain-core`). Locks
down the config so bumps preserve existing specifiers, and restores the
bounds it already mangled across the monorepo.
## Changes
- Add `versioning-strategy: increase` to every `uv` ecosystem block in
`.github/dependabot.yml` so future bumps move the lower bound in place
instead of rewriting the constraint.
- Ignore workspace-internal packages (`langchain-core`, `langchain`,
`langchain-classic`, `langchain-text-splitters`, `langchain-tests`,
`langchain-model-profiles`) on every `uv` block — these are editable
installs from local paths and their published constraints are
hand-curated for release, not Dependabot's to bump.
- Restore stripped bounds across all `libs/` packages — runtime
`dependencies` and every dep group (`test`, `dev`, `test_integration`,
`typing`, `lint`) — to `>=1.4.0,<2.0.0` for `langchain-core` and
`>=1.0.0,<2.0.0` for the other internal packages.
2026-05-18 17:24:19 -05:00
dependabot[bot]
4544825f50
chore: bump langchain-core from 1.3.2 to 1.3.3 in /libs/partners/qdrant ( #37258 )
...
Bumps [langchain-core](https://github.com/langchain-ai/langchain ) from
1.3.2 to 1.3.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langchain/releases ">langchain-core's
releases</a>.</em></p>
<blockquote>
<h2>langchain-core==1.3.3</h2>
<p>Changes since langchain-core==1.3.2</p>
<p>release(core): 1.3.3 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37198 ">#37198</a>)
fix(core): set deprecation <code>since</code> to 1.3.3 to match release
(<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37200 ">#37200</a>)
fix(core, langchain): harden <code>load()</code> against untrusted
manifests (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37197 ">#37197</a>)
chore: bump notebook from 7.5.0 to 7.5.6 in /libs/core (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37109 ">#37109</a>)
chore: bump types-pyyaml from 6.0.12.20250915 to 6.0.12.20260408 in
/libs/core (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37129 ">#37129</a>)
fix(core): preserve structured <code>inputs</code> on tool runs in
tracers (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37108 ">#37108</a>)
release(perplexity): 1.2.0 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37091 ">#37091</a>)
chore(docs): update x handle references (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37081 ">#37081</a>)
fix(core): make <code>removal</code> optional in
<code>warn_deprecated</code> (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/37056 ">#37056</a>)
fix(core): validate batch_size in _batch and _abatch to prevent infinite
loop (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36663 ">#36663</a>)
chore(core): mark stream_v2/astream_v2 as beta (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36992 ">#36992</a>)</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5039dfec1fhttps://redirect.github.com/langchain-ai/langchain/issues/37198 ">#37198</a>)</li>
<li><a
href="55a7707837https://redirect.github.com/langchain-ai/langchain/issues/37200 ">#37200</a>)</li>
<li><a
href="c979c6187bhttps://redirect.github.com/langchain-ai/langchain/issues/37197 ">#37197</a>)</li>
<li><a
href="d7031101dahttps://redirect.github.com/langchain-ai/langchain/issues/37190 ">#37190</a>)</li>
<li><a
href="4d50a2a68bhttps://redirect.github.com/langchain-ai/langchain/issues/37194 ">#37194</a>)</li>
<li><a
href="9bd730e199https://redirect.github.com/langchain-ai/langchain/issues/37193 ">#37193</a>)</li>
<li><a
href="f475f4191fhttps://redirect.github.com/langchain-ai/langchain/issues/37191 ">#37191</a>)</li>
<li><a
href="7dbff48affhttps://redirect.github.com/langchain-ai/langchain/issues/37188 ">#37188</a>)</li>
<li><a
href="913816c440https://redirect.github.com/langchain-ai/langchain/issues/37189 ">#37189</a>)</li>
<li><a
href="4498d3dc84https://github.com/langchain-ai/langchain/compare/langchain-core==1.3.2...langchain-core==1.3.3 ">compare
view</a></li>
</ul>
</details>
<br />
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-09 16:23:52 +00:00
open-swe[bot]
ba897ffa7e
chore(docs): update x handle references ( #37081 )
...
## Description
Updates package metadata and README badges so LangChain social links
point to the new `@langchain_oss` X handle. This was completed with
AI-agent assistance.
## Test Plan
- [ ] Validate README badges and package metadata links point to
`https://x.com/langchain_oss `
_Opened collaboratively by Mason Daugherty and open-swe._
---------
Co-authored-by: open-swe[bot] <open-swe@users.noreply.github.com >
Co-authored-by: Mason Daugherty <61371264+mdrxy@users.noreply.github.com >
2026-04-29 13:56:09 -04:00
Mason Daugherty
56d6e89be0
hotfix: bump min core versions ( #36996 )
2026-04-24 15:23:28 -04:00
Nick Hollon
ffaac42bf9
ci(infra): add pytest-xdist to partner test groups ( #36988 )
2026-04-24 13:23:03 +00:00
Mason Daugherty
7e81d09f2a
chore(deps): bump pytest to 9.0.3 ( #36801 )
...
CVE-2025-71176 (medium severity)
All are dev-only (test dependency group) — no impact on published
packages.
### Why syrupy was also bumped
syrupy 4.x (`<5.0.0`) constrains pytest to `<9.0.0`, blocking the CVE
fix. Widening to `<6.0.0` allows syrupy 5.x which supports pytest 9.x.
2026-04-15 21:46:40 -06:00
Mason Daugherty
555bdfbade
chore: add comment explaining pygments>=2.20.0 ( #36570 )
2026-04-06 15:07:07 -04:00
John Kennedy
0f4f3f74c8
chore: pygments>=2.20.0 across all packages (CVE-2026-4539) ( #36385 )
...
## Summary
Bumps `pygments` to `>=2.20.0` across all 21 affected packages to
address [CVE-2026-4539](https://github.com/advisories/GHSA-XXXX ) — ReDoS
via inefficient GUID regex in Pygments.
- **Severity:** Low
- **Fixed in:** 2.20.0 (was 2.19.2)
- **Change:** Added `pygments>=2.20.0` to `constraint-dependencies` in
`[tool.uv]` for each package, then ran `uv lock --upgrade-package
pygments` to regenerate lock files.
Closes Dependabot alerts #3435–#3455.
## Release Note
Patch deps
### Test Plan
- [x] CI Green 🙏
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-03-30 23:26:59 -04:00
Mason Daugherty
1778b082ec
chore(partners): bump langchain-core min to 1.2.21 ( #36183 )
...
Bump the minimum `langchain-core` dependency to `>=1.2.21` across all 14
partner packages in the monorepo. Aligns partner lower bounds with the
latest core release so consumers pick up recent fixes (notably the
`ModelProfile` schema drift fix from core 1.2.21).
2026-03-23 19:39:35 -04:00
John Kennedy
abcc7d68c1
fix: bump pillow ( #36027 )
2026-03-17 18:27:50 +00:00
Mason Daugherty
5c018f5cd1
chore: enrich pyproject.toml files ( #34980 )
2026-02-02 13:07:05 -05:00
Mason Daugherty
3d687ea8fb
chore: update twitter URLs ( #34736 )
2026-01-13 01:54:11 -05:00
Mason Daugherty
18c25e9f10
chore: ban relative imports on all packages ( #34691 )
2026-01-09 17:02:24 -05:00
ccurme
079eb808f8
release(qdrant): 1.1.0 ( #33638 )
2025-10-22 13:24:36 -04:00
Anush
39fb2d1a3b
feat(qdrant): Use Qdrant's built-in MMR search ( #32302 )
2025-10-22 13:19:32 -04:00
Mason Daugherty
64e6798a39
chore: update pyproject.toml url entries ( #33587 )
2025-10-17 17:16:55 -04:00
Mason Daugherty
85567f1dc3
release(qdrant): 1.0.0 ( #33577 )
2025-10-17 11:17:01 -04:00
Mason Daugherty
31eeb50ce0
chore: drop UP045 ( #33362 )
...
Python 3.9 EOL
2025-10-08 21:17:53 -04:00
Mason Daugherty
cda336295f
chore: enrich pyproject.toml files with links to new references, others ( #33343 )
2025-10-07 16:17:14 -04:00
Mason Daugherty
8bcdfbb24e
chore: clean up pyproject.toml files, use core a7 ( #33334 )
2025-10-07 10:49:04 -04:00
Mason Daugherty
90e4d944ac
chore(infra): pdm -> hatchling ( #33289 )
2025-10-05 23:52:52 -04:00
Mason Daugherty
13812f0df8
release(qdrant): 1.0.0a1 ( #33236 )
2025-10-02 19:37:00 -04:00
Mason Daugherty
986302322f
docs: more standardization ( #33124 )
2025-09-25 20:46:20 -04:00
Christophe Bornet
eaf8dce7c2
chore: bump ruff version to 0.13 ( #33043 )
...
Co-authored-by: Mason Daugherty <mason@langchain.dev >
2025-09-25 12:27:39 -04:00
Mason Daugherty
b92b394804
style: repo linting pass ( #33089 )
...
enable docstring-code-format
2025-09-24 15:25:55 -04:00
Mason Daugherty
781db9d892
chore: update pyproject.toml files, remove codespell ( #33028 )
...
- Removes Codespell from deps, docs, and `Makefile`s
- Python version requirements in all `pyproject.toml` files now use the
`~=` (compatible release) specifier
- All dependency groups and main dependencies now use explicit lower and
upper bounds, reducing potential for breaking changes
2025-09-20 22:09:33 -04:00
Mason Daugherty
7a158c7f1c
revert: "chore: remove ruff target-version" ( #32895 )
...
Reverts langchain-ai/langchain#32880
Not needed at the moment, will do when finishing v1
2025-09-10 20:56:48 -04:00
ccurme
450870c9ac
release(qdrant): 0.2.1 ( #32889 )
2025-09-10 13:21:16 -04:00
Christophe Bornet
b274416441
chore: remove ruff target-version ( #32880 )
...
This is not needed anymore since `requires-python` was added when moving
to `uv`.
2025-09-10 11:12:30 -04:00
Mason Daugherty
3d08b6bd11
chore: adress pytest-asyncio deprecation warnings + other nits ( #32696 )
...
amongst some linting imcompatible rules
2025-08-26 15:51:38 -04:00
Mason Daugherty
374f414c91
feat(qdrant): ruff fixes and rules ( #32500 )
2025-08-11 12:43:41 -04:00
Mason Daugherty
e7eac27241
ruff: more rules across the board & fixes ( #31898 )
...
* standardizes ruff dep version across all `pyproject.toml` files
* cli: ruff rules and corrections
* langchain: rules and corrections
2025-07-07 17:48:01 -04:00
Mason Daugherty
86a698d1b6
langchain-qdrant[patch]: Add ruff bandit rules to linter ( #31815 )
...
- Add ruff bandit rules
- Address a few s101s
- Some formatting
2025-07-01 18:42:55 +00:00
Sydney Runkle
7e926520d5
packaging: remove Python upper bound for langchain and co libs ( #31025 )
...
Follow up to https://github.com/langchain-ai/langsmith-sdk/pull/1696 ,
I've bumped the `langsmith` version where applicable in `uv.lock`.
Type checking problems here because deps have been updated in
`pyproject.toml` and `uv lock` hasn't been run - we should enforce that
in the future - goes with the other dependabot todos :).
2025-04-28 14:44:28 -04:00
Sydney Runkle
8c6734325b
partners[lint]: run pyupgrade to get code in line with 3.9 standards ( #30781 )
...
Using `pyupgrade` to get all `partners` code up to 3.9 standards
(mostly, fixing old `typing` imports).
2025-04-11 07:18:44 -04:00
Erick Friis
1a225fad03
multiple: fix uv path deps ( #29790 )
...
file:// format wasn't working with updates - it doesn't install as an
editable dep
move to tool.uv.sources with path= instead
2025-02-13 21:32:34 +00:00
ccurme
d172984c91
infra: migrate to uv ( #29566 )
2025-02-06 13:36:26 -05:00
Erick Friis
fcc9cdd100
multiple: disable socket for unit tests ( #29080 )
2025-01-07 15:31:50 -08:00
ccurme
a8b21afc08
qdrant[patch]: run python 3.13 in CI ( #28394 )
2024-11-27 12:22:17 -05:00
Bagatur
dfa83531ad
qdrant,nomic[minor]: bump core deps ( #27849 )
2024-11-04 20:19:50 +00:00
Erick Friis
92ae61bcc8
multiple: rely on asyncio_mode auto in tests ( #27200 )
2024-10-15 16:26:38 +00:00
ccurme
0592c29e9b
qdrant[patch]: release 0.1.4 ( #26534 )
...
`langchain-qdrant` imports pydantic but was importing pydantic proper
before 0.3 release:
042e84170b/libs/partners/qdrant/langchain_qdrant/sparse_embeddings.py (L5-L8)
2024-09-16 13:04:12 -04:00
Erick Friis
c2a3021bb0
multiple: pydantic 2 compatibility, v0.3 ( #26443 )
...
Signed-off-by: ChengZi <chen.zhang@zilliz.com >
Co-authored-by: Eugene Yurtsev <eyurtsev@gmail.com >
Co-authored-by: Bagatur <22008038+baskaryan@users.noreply.github.com >
Co-authored-by: Dan O'Donovan <dan.odonovan@gmail.com >
Co-authored-by: Tom Daniel Grande <tomdgrande@gmail.com >
Co-authored-by: Grande <Tom.Daniel.Grande@statsbygg.no >
Co-authored-by: Bagatur <baskaryan@gmail.com >
Co-authored-by: ccurme <chester.curme@gmail.com >
Co-authored-by: Harrison Chase <hw.chase.17@gmail.com >
Co-authored-by: Tomaz Bratanic <bratanic.tomaz@gmail.com >
Co-authored-by: ZhangShenao <15201440436@163.com >
Co-authored-by: Friso H. Kingma <fhkingma@gmail.com >
Co-authored-by: ChengZi <chen.zhang@zilliz.com >
Co-authored-by: Nuno Campos <nuno@langchain.dev >
Co-authored-by: Morgante Pell <morgantep@google.com >
2024-09-13 14:38:45 -07:00
Christophe Bornet
7f1e444efa
partners: Use simsimd types ( #25299 )
...
The simsimd package [now has
types](https://github.com/ashvardanian/SimSIMD/releases/tag/v5.0.0 )
2024-08-23 10:41:39 -04:00
Anush
4585eaef1b
qdrant: Fix vectors_config access ( #24606 )
...
## Description
Fixes #24558 by accessing `vectors_config` after asserting it to be a
dict.
2024-07-24 10:54:33 -04:00
Erick Friis
3dce2e1d35
all: add release notes to pypi ( #24519 )
2024-07-22 13:59:13 -07:00
Anush
d09dda5a08
qdrant: Bump patch version ( #24168 )
...
# Description
To release a new version of `langchain-qdrant` after #24165 and #24166 .
2024-07-12 14:48:50 -07:00
Anush
7014d07cab
qdrant: new Qdrant implementation ( #24164 )
2024-07-12 04:52:02 +02:00
Anush
7790d67f94
qdrant: New sparse embeddings provider interface - PART 1 ( #24015 )
...
## Description
This PR introduces a new sparse embedding provider interface to work
with the new Qdrant implementation that will follow this PR.
Additionally, an implementation of this interface is provided with
https://github.com/qdrant/fastembed .
This PR will be followed by
https://github.com/Anush008/langchain/pull/3 .
2024-07-11 17:07:25 -07:00
Bagatur
a0c2281540
infra: update mypy 1.10, ruff 0.5 ( #23721 )
...
```python
"""python scripts/update_mypy_ruff.py"""
import glob
import tomllib
from pathlib import Path
import toml
import subprocess
import re
ROOT_DIR = Path(__file__).parents[1]
def main():
for path in glob.glob(str(ROOT_DIR / "libs/**/pyproject.toml"), recursive=True):
print(path)
with open(path, "rb") as f:
pyproject = tomllib.load(f)
try:
pyproject["tool"]["poetry"]["group"]["typing"]["dependencies"]["mypy"] = (
"^1.10"
)
pyproject["tool"]["poetry"]["group"]["lint"]["dependencies"]["ruff"] = (
"^0.5"
)
except KeyError:
continue
with open(path, "w") as f:
toml.dump(pyproject, f)
cwd = "/".join(path.split("/")[:-1])
completed = subprocess.run(
"poetry lock --no-update; poetry install --with typing; poetry run mypy . --no-color",
cwd=cwd,
shell=True,
capture_output=True,
text=True,
)
logs = completed.stdout.split("\n")
to_ignore = {}
for l in logs:
if re.match("^(.*)\:(\d+)\: error:.*\[(.*)\]", l):
path, line_no, error_type = re.match(
"^(.*)\:(\d+)\: error:.*\[(.*)\]", l
).groups()
if (path, line_no) in to_ignore:
to_ignore[(path, line_no)].append(error_type)
else:
to_ignore[(path, line_no)] = [error_type]
print(len(to_ignore))
for (error_path, line_no), error_types in to_ignore.items():
all_errors = ", ".join(error_types)
full_path = f"{cwd}/{error_path}"
try:
with open(full_path, "r") as f:
file_lines = f.readlines()
except FileNotFoundError:
continue
file_lines[int(line_no) - 1] = (
file_lines[int(line_no) - 1][:-1] + f" # type: ignore[{all_errors}]\n"
)
with open(full_path, "w") as f:
f.write("".join(file_lines))
subprocess.run(
"poetry run ruff format .; poetry run ruff --select I --fix .",
cwd=cwd,
shell=True,
capture_output=True,
text=True,
)
if __name__ == "__main__":
main()
```
2024-07-03 10:33:27 -07:00
