Files
langchain/.github/workflows/check_diffs.yml
dependabot[bot] 96bbb34fb7 chore: bump the minor-and-patch group with 2 updates (#38584)
Bumps the minor-and-patch group with 2 updates:
[actions/setup-python](https://github.com/actions/setup-python) and
[aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials).

Updates `actions/setup-python` from 6.2.0 to 6.3.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-python/releases">actions/setup-python's
releases</a>.</em></p>
<blockquote>
<h2>v6.3.0</h2>
<h2>What's Changed</h2>
<h3>Enhancement</h3>
<ul>
<li>Add RHEL support and include Linux distro in cache keys by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1323">actions/setup-python#1323</a></li>
<li>Fix pip cache error handling on Windows by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1040">actions/setup-python#1040</a></li>
</ul>
<h3>Dependency update</h3>
<ul>
<li>Upgrade minimatch from 3.1.2 to 3.1.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1281">actions/setup-python#1281</a></li>
<li>Upgrade actions dependencies by <a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a>
with <a href="https://github.com/Copilot"><code>@​Copilot</code></a> in
<a
href="https://redirect.github.com/actions/setup-python/pull/1303">actions/setup-python#1303</a></li>
<li>Upgrade <code>@​actions/cache</code> to 5.1.0, log cache write
denied by <a
href="https://github.com/jasongin"><code>@​jasongin</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1324">actions/setup-python#1324</a></li>
<li>Upgrade dependency versions and test workflow configuration by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1322">actions/setup-python#1322</a></li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Update advanced-usage.md by <a
href="https://github.com/Dunky-Z"><code>@​Dunky-Z</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/811">actions/setup-python#811</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a>
with <a href="https://github.com/Copilot"><code>@​Copilot</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/1303">actions/setup-python#1303</a></li>
<li><a href="https://github.com/jasongin"><code>@​jasongin</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/1324">actions/setup-python#1324</a></li>
<li><a href="https://github.com/Dunky-Z"><code>@​Dunky-Z</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/811">actions/setup-python#811</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-python/compare/v6...v6.3.0">https://github.com/actions/setup-python/compare/v6...v6.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ece7cb06ca"><code>ece7cb0</code></a>
Fix pip cache error handling on Windows. (<a
href="https://redirect.github.com/actions/setup-python/issues/1040">#1040</a>)</li>
<li><a
href="1d18d7af5f"><code>1d18d7a</code></a>
Update advanced-usage.md (<a
href="https://redirect.github.com/actions/setup-python/issues/811">#811</a>)</li>
<li><a
href="d2b357a6a3"><code>d2b357a</code></a>
Update dependency versions and test workflow configuration (<a
href="https://redirect.github.com/actions/setup-python/issues/1322">#1322</a>)</li>
<li><a
href="8f639b1e75"><code>8f639b1</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-python/issues/1324">#1324</a>
from jasongin/update-actions-cache-5.1.0</li>
<li><a
href="6731c2ba87"><code>6731c2b</code></a>
Resolve high-severity audit issues</li>
<li><a
href="0cb1a84326"><code>0cb1a84</code></a>
Add RHEL support and include Linux distro in cache keys (<a
href="https://redirect.github.com/actions/setup-python/issues/1323">#1323</a>)</li>
<li><a
href="dc6eab6194"><code>dc6eab6</code></a>
Update dist</li>
<li><a
href="6f4b74bfa2"><code>6f4b74b</code></a>
Strict equality</li>
<li><a
href="fa8bde1a9c"><code>fa8bde1</code></a>
Bump <code>@​actions/cache</code> to 5.1.0, log cache write denied</li>
<li><a
href="c8813ba1bc"><code>c8813ba</code></a>
Upgrade <a href="https://github.com/actions"><code>@​actions</code></a>
dependencies and update licenses (<a
href="https://redirect.github.com/actions/setup-python/issues/1303">#1303</a>)</li>
<li>Additional commits viewable in <a
href="a309ff8b42...ece7cb06ca">compare
view</a></li>
</ul>
</details>
<br />

Updates `aws-actions/configure-aws-credentials` from 6.2.0 to 6.2.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/configure-aws-credentials/releases">aws-actions/configure-aws-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.1</h2>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.2.0...v6.2.1">6.2.1</a>
(2026-06-26)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>enforce allowed-account-ids on all auth paths (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1847">#1847</a>)
(<a
href="4d281fbc56">4d281fb</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md">aws-actions/configure-aws-credentials's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this file.
See <a
href="https://github.com/conventional-changelog/standard-version">standard-version</a>
for commit guidelines.</p>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.2.0...v6.2.1">6.2.1</a>
(2026-06-26)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>enforce allowed-account-ids on all auth paths (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1847">#1847</a>)
(<a
href="4d281fbc56">4d281fb</a>)</li>
</ul>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.1.3...v6.2.0">6.2.0</a>
(2026-06-01)</h2>
<h3>Features</h3>
<ul>
<li>add additional session tags by default (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1775">#1775</a>)
(<a
href="e0ba768507">e0ba768</a>)</li>
<li>add more retry logic and better logging (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1764">#1764</a>)
(<a
href="540d0c13ae">540d0c1</a>)</li>
<li>add regex validation to role-session-name (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1765">#1765</a>)
(<a
href="e35449909c">e354499</a>)</li>
<li>Allow custom session tags to be passed when assuming a role (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1759">#1759</a>)
(<a
href="61f50f630f">61f50f6</a>)</li>
<li>expose run id in STS client user-agent (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1774">#1774</a>)
(<a
href="29d1be3027">29d1be3</a>)</li>
<li>support custom STS endpoints (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1762">#1762</a>)
(<a
href="8d52d05d7a">8d52d05</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>skip credential check on output-env-credentials: false (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1778">#1778</a>)
(<a
href="58e7c47adf">58e7c47</a>)</li>
<li>assumeRole failing from session tag size too large (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1808">#1808</a>)
(<a
href="d6f5dc331b">d6f5dc3</a>)</li>
</ul>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.1.2...v6.1.3">6.1.3</a>
(2026-05-28)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>fix: allow kubelet token symlink in <a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1805">#1805</a></li>
</ul>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.1.1...v6.1.2">6.1.2</a>
(2026-05-26)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>additional filesystem checks (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1799">#1799</a>)
(<a
href="c39f282697">c39f282</a>)</li>
</ul>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.1.0...v6.1.1">6.1.1</a>
(2026-05-05)</h2>
<h3>Miscellaneous Chores</h3>
<ul>
<li>various dependency updates</li>
</ul>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.0.0...v6.1.0">6.1.0</a>
(2026-04-06)</h2>
<h3>Features</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="254c19bd24"><code>254c19b</code></a>
chore(main): release 6.2.1 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1849">#1849</a>)</li>
<li><a
href="a20cf827fe"><code>a20cf82</code></a>
chore: Update dist</li>
<li><a
href="4d281fbc56"><code>4d281fb</code></a>
fix: enforce allowed-account-ids on all auth paths (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1847">#1847</a>)</li>
<li><a
href="e004cdcd28"><code>e004cdc</code></a>
chore(deps-dev): bump <code>@​smithy/property-provider</code> from 4.4.0
to 4.4.2 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1845">#1845</a>)</li>
<li><a
href="88aa3695d3"><code>88aa369</code></a>
chore: Update dist</li>
<li><a
href="687331b272"><code>687331b</code></a>
chore(deps): bump <code>@​aws-sdk/client-sts</code> from 3.1069.0 to
3.1075.0 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1841">#1841</a>)</li>
<li><a
href="ea607be060"><code>ea607be</code></a>
chore: Update dist</li>
<li><a
href="6d136066d8"><code>6d13606</code></a>
chore(deps): bump <code>@​smithy/node-http-handler</code> from 4.8.0 to
4.8.2 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1842">#1842</a>)</li>
<li><a
href="71a32ae408"><code>71a32ae</code></a>
chore: Update dist</li>
<li><a
href="b290f2ca79"><code>b290f2c</code></a>
chore(deps-dev): bump <code>@​aws-sdk/credential-provider-env</code> (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1844">#1844</a>)</li>
<li>Additional commits viewable in <a
href="e7f100cf4c...254c19bd24">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-01 03:42:09 -04:00

235 lines
8.1 KiB
YAML

# Primary CI workflow.
#
# Only runs against packages that have changed files.
#
# Runs:
# - Linting (_lint.yml)
# - Unit Tests (_test.yml)
# - Pydantic compatibility tests (_test_pydantic.yml)
# - Integration test compilation checks (_compile_integration_test.yml)
# - Extended test suites that require additional dependencies
#
# Reports status to GitHub checks and PR status.
name: "🔧 CI"
on:
push:
branches: [master]
pull_request:
merge_group:
# Optimizes CI performance by canceling redundant workflow runs
# If another push to the same PR or branch happens while this workflow is still running,
# cancel the earlier run in favor of the next run.
#
# There's no point in testing an outdated version of the code. GitHub only allows
# a limited number of job runners to be active at the same time, so it's better to
# cancel pointless jobs early so that more useful jobs can run sooner.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
env:
UV_FROZEN: "true"
UV_NO_SYNC: "true"
jobs:
# This job analyzes which files changed and creates a dynamic test matrix
# to only run tests/lints for the affected packages, improving CI efficiency
build:
name: "Detect Changes & Set Matrix"
runs-on: ubuntu-latest
if: ${{ !contains(github.event.pull_request.labels.*.name, 'ci-ignore') }}
steps:
- name: "📋 Checkout Code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: "🐍 Setup Python 3.11"
uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6
with:
python-version: "3.11"
- name: "📂 Get Changed Files"
id: files
uses: Ana06/get-changed-files@25f79e676e7ea1868813e21465014798211fad8c # v2.3.0
with:
format: json
- name: "🔍 Analyze Changed Files & Generate Build Matrix"
id: set-matrix
env:
ALL_CHANGED_FILES: ${{ steps.files.outputs.all }}
run: |
python -m pip install packaging requests
python .github/scripts/check_diff.py "$ALL_CHANGED_FILES" >> $GITHUB_OUTPUT
outputs:
lint: ${{ steps.set-matrix.outputs.lint }}
test: ${{ steps.set-matrix.outputs.test }}
extended-tests: ${{ steps.set-matrix.outputs.extended-tests }}
compile-integration-tests: ${{ steps.set-matrix.outputs.compile-integration-tests }}
dependencies: ${{ steps.set-matrix.outputs.dependencies }}
test-pydantic: ${{ steps.set-matrix.outputs.test-pydantic }}
vcr-tests: ${{ steps.set-matrix.outputs.vcr-tests }}
# Run linting only on packages that have changed files
lint:
needs: [build]
if: ${{ needs.build.outputs.lint != '[]' }}
strategy:
matrix:
job-configs: ${{ fromJson(needs.build.outputs.lint) }}
fail-fast: false
uses: ./.github/workflows/_lint.yml
with:
working-directory: ${{ matrix.job-configs.working-directory }}
python-version: ${{ matrix.job-configs.python-version }}
secrets: inherit
# Run unit tests only on packages that have changed files
test:
needs: [build]
if: ${{ needs.build.outputs.test != '[]' }}
strategy:
matrix:
job-configs: ${{ fromJson(needs.build.outputs.test) }}
fail-fast: false
uses: ./.github/workflows/_test.yml
with:
working-directory: ${{ matrix.job-configs.working-directory }}
python-version: ${{ matrix.job-configs.python-version }}
secrets: inherit
# Test compatibility with different Pydantic versions for affected packages
test-pydantic:
needs: [build]
if: ${{ needs.build.outputs.test-pydantic != '[]' }}
strategy:
matrix:
job-configs: ${{ fromJson(needs.build.outputs.test-pydantic) }}
fail-fast: false
uses: ./.github/workflows/_test_pydantic.yml
with:
working-directory: ${{ matrix.job-configs.working-directory }}
pydantic-version: ${{ matrix.job-configs.pydantic-version }}
secrets: inherit
# Verify integration tests compile without actually running them (faster feedback)
compile-integration-tests:
name: "Compile Integration Tests"
needs: [build]
if: ${{ needs.build.outputs.compile-integration-tests != '[]' }}
strategy:
matrix:
job-configs: ${{ fromJson(needs.build.outputs.compile-integration-tests) }}
fail-fast: false
uses: ./.github/workflows/_compile_integration_test.yml
with:
working-directory: ${{ matrix.job-configs.working-directory }}
python-version: ${{ matrix.job-configs.python-version }}
secrets: inherit
# Run VCR cassette-backed integration tests in playback-only mode (no API keys)
vcr-tests:
name: "VCR Cassette Tests"
needs: [build]
if: ${{ needs.build.outputs.vcr-tests != '[]' }}
strategy:
matrix:
job-configs: ${{ fromJson(needs.build.outputs.vcr-tests) }}
fail-fast: false
uses: ./.github/workflows/_test_vcr.yml
with:
working-directory: ${{ matrix.job-configs.working-directory }}
python-version: ${{ matrix.job-configs.python-version }}
secrets: inherit
# Run extended test suites that require additional dependencies
extended-tests:
name: "Extended Tests"
needs: [build]
if: ${{ needs.build.outputs.extended-tests != '[]' }}
strategy:
matrix:
# note different variable for extended test dirs
job-configs: ${{ fromJson(needs.build.outputs.extended-tests) }}
fail-fast: false
runs-on: ubuntu-latest
timeout-minutes: 20
defaults:
run:
working-directory: ${{ matrix.job-configs.working-directory }}
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: "🐍 Set up Python ${{ matrix.job-configs.python-version }} + UV"
uses: "./.github/actions/uv_setup"
with:
python-version: ${{ matrix.job-configs.python-version }}
cache-suffix: extended-tests-${{ matrix.job-configs.working-directory }}
working-directory: ${{ matrix.job-configs.working-directory }}
- name: "📦 Install Dependencies & Run Extended Tests"
shell: bash
run: |
echo "Running extended tests, installing dependencies with uv..."
uv venv
uv sync --group test
VIRTUAL_ENV=.venv uv pip install -r extended_testing_deps.txt
VIRTUAL_ENV=.venv make extended_tests
- name: "🧹 Verify Clean Working Directory"
shell: bash
run: |
set -eu
STATUS="$(git status)"
echo "$STATUS"
# grep will exit non-zero if the target message isn't found,
# and `set -e` above will cause the step to fail.
echo "$STATUS" | grep 'nothing to commit, working tree clean'
# Verify _release.yml dropdown options stay in sync with package directories
check-release-options:
name: "Validate Release Options"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: "🐍 Setup Python 3.11"
uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6
with:
python-version: "3.11"
- name: "📦 Install Dependencies"
run: python -m pip install pyyaml pytest
- name: "🔍 Check release dropdown matches packages"
run: python -m pytest .github/scripts/test_release_options.py -v
# Final status check - ensures all required jobs passed before allowing merge
ci_success:
name: "✅ CI Success"
needs:
[
build,
lint,
test,
compile-integration-tests,
vcr-tests,
extended-tests,
test-pydantic,
check-release-options,
]
if: |
always()
runs-on: ubuntu-latest
env:
JOBS_JSON: ${{ toJSON(needs) }}
RESULTS_JSON: ${{ toJSON(needs.*.result) }}
EXIT_CODE: ${{!contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled') && '0' || '1'}}
steps:
- name: "🎉 All Checks Passed"
run: |
echo $JOBS_JSON
echo $RESULTS_JSON
echo "Exiting with $EXIT_CODE"
exit $EXIT_CODE