mirror of
https://github.com/hwchase17/langchain.git
synced 2026-06-09 10:17:00 +00:00
abd9d4ce31
Dependabot has been stripping upper/lower bounds from internal `langchain-*` deps in partner `pyproject.toml` files (e.g. #37288 reduced `langchain-core>=1.3.2,<2.0.0` to bare `langchain-core`). Locks down the config so bumps preserve existing specifiers, and restores the bounds it already mangled across the monorepo. ## Changes - Add `versioning-strategy: increase` to every `uv` ecosystem block in `.github/dependabot.yml` so future bumps move the lower bound in place instead of rewriting the constraint. - Ignore workspace-internal packages (`langchain-core`, `langchain`, `langchain-classic`, `langchain-text-splitters`, `langchain-tests`, `langchain-model-profiles`) on every `uv` block — these are editable installs from local paths and their published constraints are hand-curated for release, not Dependabot's to bump. - Restore stripped bounds across all `libs/` packages — runtime `dependencies` and every dep group (`test`, `dev`, `test_integration`, `typing`, `lint`) — to `>=1.4.0,<2.0.0` for `langchain-core` and `>=1.0.0,<2.0.0` for the other internal packages.
141 lines
4.1 KiB
TOML
141 lines
4.1 KiB
TOML
[build-system]
|
|
requires = ["hatchling"]
|
|
build-backend = "hatchling.build"
|
|
|
|
[project]
|
|
name = "langchain-qdrant"
|
|
version = "1.1.0"
|
|
description = "An integration package connecting Qdrant and LangChain"
|
|
license = { text = "MIT" }
|
|
readme = "README.md"
|
|
classifiers = [
|
|
"Development Status :: 5 - Production/Stable",
|
|
"Intended Audience :: Developers",
|
|
"License :: OSI Approved :: MIT License",
|
|
"Programming Language :: Python :: 3",
|
|
"Programming Language :: Python :: 3.10",
|
|
"Programming Language :: Python :: 3.11",
|
|
"Programming Language :: Python :: 3.12",
|
|
"Programming Language :: Python :: 3.13",
|
|
"Programming Language :: Python :: 3.14",
|
|
"Topic :: Scientific/Engineering :: Artificial Intelligence",
|
|
]
|
|
requires-python = ">=3.10.0,<4.0.0"
|
|
dependencies = [
|
|
"qdrant-client>=1.15.1,<2.0.0",
|
|
"pydantic>=2.7.4,<3.0.0",
|
|
"langchain-core>=1.4.0,<2.0.0",
|
|
]
|
|
|
|
[project.urls]
|
|
Homepage = "https://docs.langchain.com/oss/python/integrations/providers/qdrant"
|
|
Documentation = "https://reference.langchain.com/python/integrations/langchain_qdrant/"
|
|
Repository = "https://github.com/langchain-ai/langchain"
|
|
Issues = "https://github.com/langchain-ai/langchain/issues"
|
|
Changelog = "https://github.com/langchain-ai/langchain/releases?q=%22langchain-qdrant%22"
|
|
Twitter = "https://x.com/langchain_oss"
|
|
Slack = "https://www.langchain.com/join-community"
|
|
Reddit = "https://www.reddit.com/r/LangChain/"
|
|
|
|
[project.optional-dependencies]
|
|
fastembed = [
|
|
"fastembed>=0.3.3,<1.0.0; python_version < \"3.13\" and python_version >= \"3.9\"",
|
|
]
|
|
|
|
[dependency-groups]
|
|
test = [
|
|
"pytest>=9.0.3,<10.0.0",
|
|
"pytest-mock>=3.10.0,<4.0.0",
|
|
"pytest-watcher>=0.3.4,<1.0.0",
|
|
"pytest-asyncio>=1.3.0,<2.0.0",
|
|
"pytest-socket>=0.7.0,<1.0.0",
|
|
"pytest-benchmark",
|
|
"pytest-xdist>=3.6.1,<4.0.0",
|
|
"freezegun>=1.2.2,<2.0.0",
|
|
"syrupy>=5.0.0,<6.0.0",
|
|
"requests>=2.31.0,<3.0.0",
|
|
"langchain-core>=1.4.0,<2.0.0",
|
|
"langchain-tests>=1.0.0,<2.0.0",
|
|
]
|
|
test_integration = []
|
|
lint = ["ruff>=0.13.1,<0.14.0"]
|
|
dev = ["langchain-core>=1.4.0,<2.0.0"]
|
|
typing = [
|
|
"mypy>=1.10.0,<2.0.0",
|
|
"simsimd>=6.0.0,<7.0.0",
|
|
"langchain-core>=1.4.0,<2.0.0"
|
|
]
|
|
|
|
# CVE-2026-25990: pillow < 12.1.1 is vulnerable to out-of-bounds write when loading PSD images.
|
|
# fastembed 0.7.x caps pillow<12.0. Override to pull in the fix for the lockfile.
|
|
# Remove this override once fastembed releases a version that allows pillow>=12.1.1.
|
|
[tool.uv]
|
|
override-dependencies = ["pillow>=12.1.1"]
|
|
constraint-dependencies = ["pygments>=2.20.0"] # CVE-2026-4539
|
|
|
|
[tool.uv.sources]
|
|
langchain-core = { path = "../../core", editable = true }
|
|
langchain-tests = { path = "../../standard-tests", editable = true }
|
|
|
|
[tool.ruff.format]
|
|
docstring-code-format = true
|
|
|
|
[tool.ruff.lint]
|
|
select = ["ALL"]
|
|
ignore = [
|
|
"COM812", # Messes with the formatter
|
|
"ISC001", # Messes with the formatter
|
|
"PERF203", # Rarely useful
|
|
"S112", # Rarely useful
|
|
"RUF012", # Doesn't play well with Pydantic
|
|
"SLF001", # Private member access
|
|
"PLR0913", # Function has too many arguments
|
|
"C901", # Complex functions
|
|
"TC003",
|
|
|
|
# TODO"
|
|
"ANN401",
|
|
"ARG002",
|
|
"D100",
|
|
"D102",
|
|
"D104",
|
|
]
|
|
unfixable = ["B028"] # People should intentionally tune the stacklevel
|
|
|
|
[tool.ruff.lint.pydocstyle]
|
|
convention = "google"
|
|
ignore-var-parameters = true # ignore missing documentation for *args and **kwargs parameters
|
|
|
|
[tool.ruff.lint.flake8-tidy-imports]
|
|
ban-relative-imports = "all"
|
|
|
|
[tool.mypy]
|
|
disallow_untyped_defs = true
|
|
|
|
[tool.coverage.run]
|
|
omit = ["tests/*"]
|
|
|
|
[tool.pytest.ini_options]
|
|
addopts = "--snapshot-warn-unused --strict-markers --strict-config --durations=5"
|
|
markers = [
|
|
"requires: mark tests as requiring a specific library",
|
|
"compile: mark placeholder test used to compile integration tests without running them",
|
|
]
|
|
asyncio_mode = "auto"
|
|
|
|
[tool.ruff.lint.extend-per-file-ignores]
|
|
"tests/**/*.py" = [
|
|
"S101", # Tests need assertions
|
|
"S311", # Standard pseudo-random generators are not suitable for cryptographic purposes
|
|
"PT011",
|
|
"PLR2004",
|
|
|
|
# TODO
|
|
"PLC0415",
|
|
"PT012",
|
|
"D",
|
|
]
|
|
"scripts/*.py" = [
|
|
"INP001", # Not a package
|
|
]
|