mirror of
https://github.com/langchain-ai/langchain.git
synced 2026-07-16 23:41:55 +08:00
master
16427 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
cf2115a6cf |
chore(model-profiles): refresh model profile data (#38876)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the [`refresh_model_profiles` workflow](https://github.com/langchain-ai/langchain/blob/master/.github/workflows/refresh_model_profiles.yml). ## Summary of changes **0 added · 1 removed · 32 changed** across 1 provider(s). ### openrouter **➖ 1 removed** - `arcee-ai/coder-large` **✏️ 32 changed** - `deepseek/deepseek-chat-v3-0324`: max output tokens 16,384 → 65,536 - `deepseek/deepseek-v3.1-terminus`: max input tokens 163,840 → 131,072 - `deepseek/deepseek-v3.2`: max input tokens 131,072 → 163,840; max output tokens 64,000 → 65,536 - `google/gemini-2.5-flash-image`: max output tokens 32,768 → 8,192 - `google/gemma-3-27b-it`: max output tokens 16,384 → 131,072 - `google/gemma-4-26b-a4b-it`: max output tokens 262,144 → 256,000 - `google/gemma-4-31b-it`: max output tokens 8,192 → 262,144 - `meta-llama/llama-3.1-8b-instruct`: max output tokens 16,384 → 131,072 - `meta-llama/llama-3.3-70b-instruct`: max output tokens 16,384 → 128,000 - `minimax/minimax-m2.7`: max output tokens 196,608 → 131,072 - `minimax/minimax-m3`: max output tokens 131,072 → 512,000 - `mistralai/mistral-nemo`: max output tokens 131,072 → 16,384 - `mistralai/mistral-small-3.2-24b-instruct`: max input tokens 128,000 → 131,072 - `moonshotai/kimi-k2-thinking`: max output tokens 100,352 → 262,144 - `moonshotai/kimi-k2.5`: max output tokens 256,000 → 262,144 - `openai/gpt-5.1-chat`: max output tokens 32,000 → 16,384 - `qwen/qwen3-30b-a3b-instruct-2507`: max input tokens 131,072 → 262,144 - `qwen/qwen3-next-80b-a3b-instruct`: max output tokens 16,384 → 262,144 - `qwen/qwen3-vl-235b-a22b-instruct`: max input tokens 262,144 → 131,072; max output tokens 16,384 → 32,768 - `qwen/qwen3.5-122b-a10b`: max output tokens 262,144 → 65,536 - `qwen/qwen3.5-35b-a3b`: max output tokens 81,920 → 262,144 - `qwen/qwen3.5-397b-a17b`: max input tokens 256,000 → 262,144; max output tokens 64,000 → 65,536 - `qwen/qwen3.6-27b`: max output tokens 131,072 → 65,536 - `z-ai/glm-4.6`: max input tokens 200,000 → 202,752; max output tokens 16,384 → 131,072 - `z-ai/glm-4.7-flash`: max input tokens 202,752 → 200,000; max output tokens 16,384 → 131,072 - …and 7 more Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
a4538dbf07 |
docs(langchain): clarify ToolRetryMiddleware exception handling (#38884)
|
||
|
|
185119f98e | release(langchain): 1.3.14 (#38883) langchain==1.3.14 | ||
|
|
0a3bde6431 |
fix(langchain): only retry retryable exceptions in ToolRetryMiddleware (#38845)
|
||
|
|
7bf8fe2216 |
chore(model-profiles): refresh model profile data (#38856)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the [`refresh_model_profiles` workflow](https://github.com/langchain-ai/langchain/blob/master/.github/workflows/refresh_model_profiles.yml). ## Summary of changes **2 added · 4 removed · 5 changed** across 1 provider(s). ### openrouter **➕ 2 added** - `kwaipilot/kat-coder-air-v2.5` — 256,000 ctx, 80,000 out, tools - `kwaipilot/kat-coder-pro-v2.5` — 256,000 ctx, 80,000 out, tools **➖ 4 removed** - `liquid/lfm-2.5-1.2b-instruct:free` - `liquid/lfm-2.5-1.2b-thinking:free` - `openai/gpt-oss-120b:free` - `sao10k/l3.1-70b-hanami-x1` **✏️ 5 changed** - `deepseek/deepseek-v4-flash`: max output tokens 384,000 → 65,536 - `google/gemma-4-31b-it`: max output tokens 262,144 → 8,192 - `google/gemma-4-31b-it:free`: max output tokens 8,192 → 32,768 - `qwen/qwen3.6-27b`: max output tokens 262,140 → 131,072 - `z-ai/glm-5.2`: max output tokens 131,072 → 128,000 Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
22869321b2 |
fix: patch Dependabot dependency vulnerabilities (#38853)
## Summary - remove obsolete aiohttp <3.14.0 constraints and resolve the xAI and Fireworks locks to aiohttp 3.14.1 - set langchain-fireworks' runtime floor to aiohttp >=3.14.1 - constrain the langchain-classic lock to langchain 1.3.9, resolving CVE-2026-55443 ## Dependabot alerts Resolves the patchable aiohttp and langchain alerts in the current backlog. The critical ChromaDB CVE-2026-45829 remains open because no patched upstream version exists. It is tracked in [SEC-969](https://linear.app/langchain/issue/SEC-969/critical-mitigate-unpatched-chromadb-cve-2026-45829). ## Verification - for xAI, Fireworks, and langchain-classic - xAI unit tests: 38 passed - Fireworks unit tests: 129 passed (with local FIREWORKS_API_BASE removed to avoid snapshot pollution) - imported vcrpy's aiohttp stub under aiohttp 3.14.1 in both partner environments |
||
|
|
d260c52059 |
chore: bump soupsieve from 2.8 to 2.8.4 in /libs/core (#38750)
Bumps [soupsieve](https://github.com/facelessuser/soupsieve) from 2.8 to 2.8.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facelessuser/soupsieve/releases">soupsieve's releases</a>.</em></p> <blockquote> <h2>2.8.4</h2> <ul> <li><strong>FIX</strong>: Fix another inefficient attribute pattern (<a href="https://github.com/mauriceng98"><code>@mauriceng98</code></a>).</li> <li><strong>FIX</strong>: Limit total number of selectors processed in a pattern to prevent massive selector requests (<a href="https://github.com/mauriceng98"><code>@mauriceng98</code></a>).</li> </ul> <h2>2.8.3</h2> <ul> <li><strong>FIX</strong>: Fix inefficient attribute pattern.</li> </ul> <h2>2.8.2</h2> <ul> <li><strong>FIX</strong>: Ensure custom selectors or namespace dictionaries reject non-string keys (<a href="https://github.com/mundanevision20"><code>@mundanevision20</code></a>).</li> <li><strong>FIX</strong>: Fix handling of <code>:in-range</code> and <code>:out-of-range</code> with end of year weeks (<a href="https://github.com/mundanevision20"><code>@mundanevision20</code></a>).</li> <li><strong>FIX</strong>: Fix a potential infinite loop in the pretty printing debug function (<a href="https://github.com/mundanevision20"><code>@mundanevision20</code></a>).</li> </ul> <h2>2.8.1</h2> <ul> <li><strong>FIX</strong>: Changes in tests to accommodate latest Python HTML parser changes.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/facelessuser/soupsieve/commit/28108ab805818c832d9568142a99844fd95a0d39"><code>28108ab</code></a> Limit excessive selectors</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/ef188721d6cc95641e99297b3a26ac17b7dfcfa7"><code>ef18872</code></a> Fix test for Windows</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/eb4397618709186c109400448c6043b728217dc3"><code>eb43976</code></a> Merge commit from fork</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/3a661b23b20e92b49b4683f0227c26c9d765267f"><code>3a661b2</code></a> Fix typo in pseudo-classes.md (<a href="https://redirect.github.com/facelessuser/soupsieve/issues/294">#294</a>)</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/0cb533d83bfc445c7c6321742a21f612305fc8ba"><code>0cb533d</code></a> Update hatchling version requirement in pyproject.toml (<a href="https://redirect.github.com/facelessuser/soupsieve/issues/290">#290</a>)</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/5aedc4180468e724aff46ddb3f738d35a3a9f724"><code>5aedc41</code></a> Update doc theme</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/d7c47842a4f8d168243af96b62b9ad7fb84a2038"><code>d7c4784</code></a> Attribute pattern fix (<a href="https://redirect.github.com/facelessuser/soupsieve/issues/289">#289</a>)</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/09e106dc0fd6579c0327801fdcceb380ff60170e"><code>09e106d</code></a> Fix grammar</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/09b27696ada6f07523a077950ce73da45579d524"><code>09b2769</code></a> Update docs</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/c6e80fcab9ca4d3eaa61913778263e82bcecca1f"><code>c6e80fc</code></a> Various fixes by <a href="https://github.com/mundanevision20"><code>@mundanevision20</code></a> (<a href="https://redirect.github.com/facelessuser/soupsieve/issues/288">#288</a>)</li> <li>Additional commits viewable in <a href="https://github.com/facelessuser/soupsieve/compare/2.8...2.8.4">compare view</a></li> </ul> </details> <br /> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
ceb1e4e652 |
feat(langchain): ToolErrorMiddleware (#38781)
|
||
|
|
2f29107ed0 |
chore: bump soupsieve from 2.8 to 2.8.4 in /libs/langchain (#38749)
Bumps [soupsieve](https://github.com/facelessuser/soupsieve) from 2.8 to 2.8.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facelessuser/soupsieve/releases">soupsieve's releases</a>.</em></p> <blockquote> <h2>2.8.4</h2> <ul> <li><strong>FIX</strong>: Fix another inefficient attribute pattern (<a href="https://github.com/mauriceng98"><code>@mauriceng98</code></a>).</li> <li><strong>FIX</strong>: Limit total number of selectors processed in a pattern to prevent massive selector requests (<a href="https://github.com/mauriceng98"><code>@mauriceng98</code></a>).</li> </ul> <h2>2.8.3</h2> <ul> <li><strong>FIX</strong>: Fix inefficient attribute pattern.</li> </ul> <h2>2.8.2</h2> <ul> <li><strong>FIX</strong>: Ensure custom selectors or namespace dictionaries reject non-string keys (<a href="https://github.com/mundanevision20"><code>@mundanevision20</code></a>).</li> <li><strong>FIX</strong>: Fix handling of <code>:in-range</code> and <code>:out-of-range</code> with end of year weeks (<a href="https://github.com/mundanevision20"><code>@mundanevision20</code></a>).</li> <li><strong>FIX</strong>: Fix a potential infinite loop in the pretty printing debug function (<a href="https://github.com/mundanevision20"><code>@mundanevision20</code></a>).</li> </ul> <h2>2.8.1</h2> <ul> <li><strong>FIX</strong>: Changes in tests to accommodate latest Python HTML parser changes.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/facelessuser/soupsieve/commit/28108ab805818c832d9568142a99844fd95a0d39"><code>28108ab</code></a> Limit excessive selectors</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/ef188721d6cc95641e99297b3a26ac17b7dfcfa7"><code>ef18872</code></a> Fix test for Windows</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/eb4397618709186c109400448c6043b728217dc3"><code>eb43976</code></a> Merge commit from fork</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/3a661b23b20e92b49b4683f0227c26c9d765267f"><code>3a661b2</code></a> Fix typo in pseudo-classes.md (<a href="https://redirect.github.com/facelessuser/soupsieve/issues/294">#294</a>)</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/0cb533d83bfc445c7c6321742a21f612305fc8ba"><code>0cb533d</code></a> Update hatchling version requirement in pyproject.toml (<a href="https://redirect.github.com/facelessuser/soupsieve/issues/290">#290</a>)</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/5aedc4180468e724aff46ddb3f738d35a3a9f724"><code>5aedc41</code></a> Update doc theme</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/d7c47842a4f8d168243af96b62b9ad7fb84a2038"><code>d7c4784</code></a> Attribute pattern fix (<a href="https://redirect.github.com/facelessuser/soupsieve/issues/289">#289</a>)</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/09e106dc0fd6579c0327801fdcceb380ff60170e"><code>09e106d</code></a> Fix grammar</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/09b27696ada6f07523a077950ce73da45579d524"><code>09b2769</code></a> Update docs</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/c6e80fcab9ca4d3eaa61913778263e82bcecca1f"><code>c6e80fc</code></a> Various fixes by <a href="https://github.com/mundanevision20"><code>@mundanevision20</code></a> (<a href="https://redirect.github.com/facelessuser/soupsieve/issues/288">#288</a>)</li> <li>Additional commits viewable in <a href="https://github.com/facelessuser/soupsieve/compare/2.8...2.8.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
6cd44e0d43 |
chore: bump soupsieve from 2.8 to 2.8.4 in /libs/text-splitters (#38748)
Bumps [soupsieve](https://github.com/facelessuser/soupsieve) from 2.8 to 2.8.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facelessuser/soupsieve/releases">soupsieve's releases</a>.</em></p> <blockquote> <h2>2.8.4</h2> <ul> <li><strong>FIX</strong>: Fix another inefficient attribute pattern (<a href="https://github.com/mauriceng98"><code>@mauriceng98</code></a>).</li> <li><strong>FIX</strong>: Limit total number of selectors processed in a pattern to prevent massive selector requests (<a href="https://github.com/mauriceng98"><code>@mauriceng98</code></a>).</li> </ul> <h2>2.8.3</h2> <ul> <li><strong>FIX</strong>: Fix inefficient attribute pattern.</li> </ul> <h2>2.8.2</h2> <ul> <li><strong>FIX</strong>: Ensure custom selectors or namespace dictionaries reject non-string keys (<a href="https://github.com/mundanevision20"><code>@mundanevision20</code></a>).</li> <li><strong>FIX</strong>: Fix handling of <code>:in-range</code> and <code>:out-of-range</code> with end of year weeks (<a href="https://github.com/mundanevision20"><code>@mundanevision20</code></a>).</li> <li><strong>FIX</strong>: Fix a potential infinite loop in the pretty printing debug function (<a href="https://github.com/mundanevision20"><code>@mundanevision20</code></a>).</li> </ul> <h2>2.8.1</h2> <ul> <li><strong>FIX</strong>: Changes in tests to accommodate latest Python HTML parser changes.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/facelessuser/soupsieve/commit/28108ab805818c832d9568142a99844fd95a0d39"><code>28108ab</code></a> Limit excessive selectors</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/ef188721d6cc95641e99297b3a26ac17b7dfcfa7"><code>ef18872</code></a> Fix test for Windows</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/eb4397618709186c109400448c6043b728217dc3"><code>eb43976</code></a> Merge commit from fork</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/3a661b23b20e92b49b4683f0227c26c9d765267f"><code>3a661b2</code></a> Fix typo in pseudo-classes.md (<a href="https://redirect.github.com/facelessuser/soupsieve/issues/294">#294</a>)</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/0cb533d83bfc445c7c6321742a21f612305fc8ba"><code>0cb533d</code></a> Update hatchling version requirement in pyproject.toml (<a href="https://redirect.github.com/facelessuser/soupsieve/issues/290">#290</a>)</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/5aedc4180468e724aff46ddb3f738d35a3a9f724"><code>5aedc41</code></a> Update doc theme</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/d7c47842a4f8d168243af96b62b9ad7fb84a2038"><code>d7c4784</code></a> Attribute pattern fix (<a href="https://redirect.github.com/facelessuser/soupsieve/issues/289">#289</a>)</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/09e106dc0fd6579c0327801fdcceb380ff60170e"><code>09e106d</code></a> Fix grammar</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/09b27696ada6f07523a077950ce73da45579d524"><code>09b2769</code></a> Update docs</li> <li><a href="https://github.com/facelessuser/soupsieve/commit/c6e80fcab9ca4d3eaa61913778263e82bcecca1f"><code>c6e80fc</code></a> Various fixes by <a href="https://github.com/mundanevision20"><code>@mundanevision20</code></a> (<a href="https://redirect.github.com/facelessuser/soupsieve/issues/288">#288</a>)</li> <li>Additional commits viewable in <a href="https://github.com/facelessuser/soupsieve/compare/2.8...2.8.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
4e57abd4ce |
chore: bump nltk from 3.9.4 to 3.10.0 in /libs/text-splitters (#38747)
Bumps [nltk](https://github.com/nltk/nltk) from 3.9.4 to 3.10.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nltk/nltk/releases">nltk's releases</a>.</em></p> <blockquote> <h2>v3.10.0-rc1</h2> <h2>What's Changed</h2> <ul> <li>CHILDES corpus reader: lazy loading (fixes <a href="https://redirect.github.com/nltk/nltk/issues/1340">#1340</a>) by <a href="https://github.com/nschneid"><code>@nschneid</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1341">nltk/nltk#1341</a></li> <li>Stanseg by <a href="https://github.com/casperlehmann"><code>@casperlehmann</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1350">nltk/nltk#1350</a></li> <li>Add optional CCG semantics computation by <a href="https://github.com/tanin47"><code>@tanin47</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1321">nltk/nltk#1321</a></li> <li>address of free software foundation updated by <a href="https://github.com/Lightyagami1"><code>@Lightyagami1</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1347">nltk/nltk#1347</a></li> <li>Added a verification for empty tokens by <a href="https://github.com/gnardari"><code>@gnardari</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1353">nltk/nltk#1353</a></li> <li>use data.load for vader lexicon by <a href="https://github.com/afgiel"><code>@afgiel</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1303">nltk/nltk#1303</a></li> <li>Ensure that proper exceptions are caught correctly by <a href="https://github.com/pombredanne"><code>@pombredanne</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1343">nltk/nltk#1343</a></li> <li>Reset CCGVar everytime we invoke lexicon.fromstring() and skip the unicode test because it fails on python2.7 by <a href="https://github.com/tanin47"><code>@tanin47</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1354">nltk/nltk#1354</a></li> <li>Add tanin as an author :) by <a href="https://github.com/tanin47"><code>@tanin47</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1355">nltk/nltk#1355</a></li> <li>framenet.py: remove unnecessary str() call that causes problems for names with Unicode characters by <a href="https://github.com/nschneid"><code>@nschneid</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1360">nltk/nltk#1360</a></li> <li>remove <code>u</code> because it doesn't work in Python 3.0 to 3.2 by <a href="https://github.com/tanin47"><code>@tanin47</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1362">nltk/nltk#1362</a></li> <li>moved the import for dispersion_plot out of the else block by <a href="https://github.com/dennisobrien"><code>@dennisobrien</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1364">nltk/nltk#1364</a></li> <li>Raise warning for infinite recursion by <a href="https://github.com/alvations"><code>@alvations</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1365">nltk/nltk#1365</a></li> <li>Patch None TypeError in align_blocks() by <a href="https://github.com/alvations"><code>@alvations</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1366">nltk/nltk#1366</a></li> <li>Safer try-except for catching infinite recursion by <a href="https://github.com/alvations"><code>@alvations</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1368">nltk/nltk#1368</a></li> <li>Collections refactor by <a href="https://github.com/nschneid"><code>@nschneid</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1382">nltk/nltk#1382</a></li> <li>Handles fringe cases in BLEU by <a href="https://github.com/alvations"><code>@alvations</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1383">nltk/nltk#1383</a></li> <li>Allow specifying substitution cost in edit distance by <a href="https://github.com/dnc1994"><code>@dnc1994</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1386">nltk/nltk#1386</a></li> <li>Pl196x fixes by <a href="https://github.com/pkasprzyk"><code>@pkasprzyk</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1359">nltk/nltk#1359</a></li> <li>Docs/ngrams by <a href="https://github.com/ColCarroll"><code>@ColCarroll</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1403">nltk/nltk#1403</a></li> <li>Fix conll.py by <a href="https://github.com/germanferrero"><code>@germanferrero</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1402">nltk/nltk#1402</a></li> <li>Aline by <a href="https://github.com/geoffbacon"><code>@geoffbacon</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1407">nltk/nltk#1407</a></li> <li>Handle empty files in a corpus by <a href="https://github.com/alexisdimi"><code>@alexisdimi</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1411">nltk/nltk#1411</a></li> <li>fixed bug: StackDecoder would throw exception if it's unable to finish… by <a href="https://github.com/hikui"><code>@hikui</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1405">nltk/nltk#1405</a></li> <li>add hikui to authors by <a href="https://github.com/hikui"><code>@hikui</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1412">nltk/nltk#1412</a></li> <li>removes download-cache pip flag from tox config by <a href="https://github.com/fievelk"><code>@fievelk</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1415">nltk/nltk#1415</a></li> <li>Added three tokenizers, one detokenizer and two tokenizer-related word/char list corpora by <a href="https://github.com/alvations"><code>@alvations</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1282">nltk/nltk#1282</a></li> <li>Much faster Vader sentiment tagging by <a href="https://github.com/georgeberry"><code>@georgeberry</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1409">nltk/nltk#1409</a></li> <li>Fixes doctest in is_cjk() and REPP tokenizer wrapper by <a href="https://github.com/alvations"><code>@alvations</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1420">nltk/nltk#1420</a></li> <li>Fixed doctest for UnicharsCorpusReader and NonbreakingPrefixesCorpusReader by <a href="https://github.com/alvations"><code>@alvations</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1422">nltk/nltk#1422</a></li> <li>Updated senna version in docstring by <a href="https://github.com/alvations"><code>@alvations</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1431">nltk/nltk#1431</a></li> <li>Removes Python 2.6 and Python 3.1-3.3 code, Improves Python 3.5 syntax by <a href="https://github.com/adamn"><code>@adamn</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1429">nltk/nltk#1429</a></li> <li>Cleanup by <a href="https://github.com/dimazest"><code>@dimazest</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1432">nltk/nltk#1432</a></li> <li>Fix zero division & log(0) in PunktTrainer._col_log_likelihood by <a href="https://github.com/mrecachinas"><code>@mrecachinas</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1247">nltk/nltk#1247</a></li> <li>Update stanford_segmenter.py by <a href="https://github.com/janissl"><code>@janissl</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1444">nltk/nltk#1444</a></li> <li>explained data format for constructor by <a href="https://github.com/drevicko"><code>@drevicko</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1450">nltk/nltk#1450</a></li> <li>Use a more efficient idiom for flattening nested lists by <a href="https://github.com/rmalouf"><code>@rmalouf</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1447">nltk/nltk#1447</a></li> <li>improved documentation of load_array() by <a href="https://github.com/drevicko"><code>@drevicko</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1452">nltk/nltk#1452</a></li> <li>changed "list or iterator" to "sequence" by <a href="https://github.com/drevicko"><code>@drevicko</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1453">nltk/nltk#1453</a></li> <li>Deal gracefully with degenerate cases. by <a href="https://github.com/drevicko"><code>@drevicko</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1454">nltk/nltk#1454</a></li> <li>deal with (hopefully) all degenerate cases by <a href="https://github.com/drevicko"><code>@drevicko</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1455">nltk/nltk#1455</a></li> <li>Enable unordered comparison for gaac clustering by <a href="https://github.com/alvations"><code>@alvations</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1456">nltk/nltk#1456</a></li> <li>Rewrite porter.py by <a href="https://github.com/ExplodingCabbage"><code>@ExplodingCabbage</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1261">nltk/nltk#1261</a></li> <li>Update naivebayes.py by <a href="https://github.com/andyreagan"><code>@andyreagan</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1461">nltk/nltk#1461</a></li> <li>Fixes bug where download status not returned. by <a href="https://github.com/nsfabina"><code>@nsfabina</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1468">nltk/nltk#1468</a></li> <li>Use lcon and rcon variables in conllned() when trace is False - Issue <a href="https://redirect.github.com/nltk/nltk/issues/1474">#1474</a> by <a href="https://github.com/timleslie"><code>@timleslie</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1475">nltk/nltk#1475</a></li> <li>Use shutil.copyfileobj for unzipping by <a href="https://github.com/ikorolev93"><code>@ikorolev93</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1478">nltk/nltk#1478</a></li> <li>Fixing Chen&Cherry method 6 smoothing in BLEU score by <a href="https://github.com/alvations"><code>@alvations</code></a> in <a href="https://redirect.github.com/nltk/nltk/pull/1477">nltk/nltk#1477</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nltk/nltk/blob/develop/ChangeLog">nltk's changelog</a>.</em></p> <blockquote> <p>Version 3.10.0 2026-06-11</p> <ul> <li>Enforce the stricter <code>nltk.pathsec</code> security policy by default</li> <li>Document the new security model and migration guidance</li> <li>Harden resource loading against path traversal and SSRF/DNS-rebinding</li> <li>Harden downloader path handling and block XML entity expansion</li> <li>Close remaining corpus-reader security edge cases</li> <li>Replace unsafe <code>exec()</code> usage in the utility CLI</li> <li>Warn on unpickling user-provided pickles</li> <li>Add HuggingFace datasets integration (<code>nltk.huggingface</code>)</li> <li>Align TnT with Brants (2000) specifications</li> <li>Fix PorterStemmer irregular-form lowercasing in NLTK mode</li> <li>Fix TransitionParser sparse index dtype for scikit-learn 1.9</li> <li>Fix TextCat tie handling</li> <li>Fix WordNet object comparisons for incompatible types</li> <li>Cache WordNet max depth lazily for <code>lch_similarity()</code></li> <li>Fix CCG variable direction, substitution, and type-raising bugs</li> <li>Fix Jaro similarity for single-character and empty-string cases</li> <li>Improve CI and release-maintenance workflows</li> </ul> <p>Thanks to the following contributors to 3.10.0: 13rac1, alvations, bowiechen, devesh-2002, ekaf, elias-ba, haosenwang1018, HyperPS, ihitamandal, jancallewaert, jhnwnstd, JuanIMartinezB, Lemm1, LinZiyuu, Mr-Neutr0n, PastelStorm, scruge1, Syzygy2048, ylwango613, yzhaoinuw</p> <p>Version 3.9.4 2026-03-24</p> <ul> <li>Support Python 3.14</li> <li>Fix bug in Levenshtein distance when substitution_cost > 2</li> <li>Fix bug in Treebank detokeniser re quote ordering</li> <li>Fix bug in Jaro similarity for empty strings</li> <li>Several security enhancements</li> <li>Fix GHSA-rf74-v2fm-23pw: unbounded recursion in JSONTaggedDecoder</li> <li>Implement TextTiling vocabulary introduction method (Hearst 1997)</li> <li>Fix ALINE feature matrix errors and add comprehensive tests</li> <li>Support multiple VerbNet versions, fix longid/shortid regex for VerbNet ids</li> <li>Let downloader fallback to md5 when sha256 is unavailable</li> <li>Several other minor bugfixes and code cleanups</li> </ul> <p>Thanks to the following contributors to 3.9.4: Min-Yen Kan, Eric Kafe, Emily Voss, bowiechen, Hrudhai01, jancallewaert, Mr-Neutr0n, pollak.peter89, ylwango613,</p> <p>Version 3.9.3 2026-02-21</p> <ul> <li>Fix CVE-2025-14009: secure ZIP extraction in nltk.downloader (<a href="https://redirect.github.com/nltk/nltk/issues/3468">#3468</a>)</li> <li>Block path traversal/arbitrary reads in nltk.data for protocol-less refs (<a href="https://redirect.github.com/nltk/nltk/issues/3467">#3467</a>)</li> <li>Block path traversal/abs paths in corpus readers and FS pointers (<a href="https://redirect.github.com/nltk/nltk/issues/3479">#3479</a>, <a href="https://redirect.github.com/nltk/nltk/issues/3480">#3480</a>)</li> <li>Validate external StanfordSegmenter JARs using SHA256 (<a href="https://redirect.github.com/nltk/nltk/issues/3477">#3477</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nltk/nltk/commit/bd49f9011d7dc8c6a36b3c4ae71f04060c9b3fb9"><code>bd49f90</code></a> allow escaped brackets in Tree.fromstring (<a href="https://redirect.github.com/nltk/nltk/issues/3694">#3694</a>)</li> <li><a href="https://github.com/nltk/nltk/commit/27b8ad6cd50a484590cb9409e5d2a891ab56e16c"><code>27b8ad6</code></a> don't crash chomsky_normal_form on terminals with siblings (<a href="https://redirect.github.com/nltk/nltk/issues/3693">#3693</a>)</li> <li><a href="https://github.com/nltk/nltk/commit/52227d2afe764648864e59c851e991cf1d6cb77e"><code>52227d2</code></a> Use os.name for Windows path handling (<a href="https://redirect.github.com/nltk/nltk/issues/3605">#3605</a>)</li> <li><a href="https://github.com/nltk/nltk/commit/06c0e2cc94f763d43320812ee9d2a7b6bff68f9b"><code>06c0e2c</code></a> Avoid RIBES zero division on empty inputs (<a href="https://redirect.github.com/nltk/nltk/issues/3604">#3604</a>)</li> <li><a href="https://github.com/nltk/nltk/commit/a167389c027a02a9d1f019630ed827f4069b3353"><code>a167389</code></a> Treat missing unzip output as stale (<a href="https://redirect.github.com/nltk/nltk/issues/3607">#3607</a>)</li> <li><a href="https://github.com/nltk/nltk/commit/c94c967a332e19af0a022db51467ee2baf6ccfeb"><code>c94c967</code></a> Fix EOF empty document bug in IEER corpus reader (<a href="https://redirect.github.com/nltk/nltk/issues/3648">#3648</a>)</li> <li><a href="https://github.com/nltk/nltk/commit/94a259c815370df66f98460f22478030e2954913"><code>94a259c</code></a> Enforce restrictive primitive type checking in pathsec wrappers (<a href="https://redirect.github.com/nltk/nltk/issues/3692">#3692</a>)</li> <li><a href="https://github.com/nltk/nltk/commit/5ac475d2ab95ea95d2890c745a05e5275137fb98"><code>5ac475d</code></a> fix(security): isolate Stanford Java options and clean temp files (<a href="https://redirect.github.com/nltk/nltk/issues/3683">#3683</a>)</li> <li><a href="https://github.com/nltk/nltk/commit/986f26e71bf22ee392a5e87285ee8398284aef2b"><code>986f26e</code></a> ci(deps): bump the github-actions group with 3 updates (<a href="https://redirect.github.com/nltk/nltk/issues/3691">#3691</a>)</li> <li><a href="https://github.com/nltk/nltk/commit/f26b3753038d937b68145daf15e9636f8451053c"><code>f26b375</code></a> fix(security): prevent pickle RCE in TransitionParser model loading (CWE-502)...</li> <li>Additional commits viewable in <a href="https://github.com/nltk/nltk/compare/3.9.4...v3.10.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
3e983cb8f9 |
chore: bump mistune from 3.2.1 to 3.3.0 in /libs/text-splitters (#38826)
Bumps [mistune](https://github.com/lepture/mistune) from 3.2.1 to 3.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lepture/mistune/releases">mistune's releases</a>.</em></p> <blockquote> <h2>v3.3.0</h2> <h3> 🐞 Bug Fixes</h3> <ul> <li>Resolve O(n^2) DoS in parse_link_text (CWE-400) - by <strong>bhanugoudm041</strong> <a href="https://github.com/lepture/mistune/commit/b6b499d"><!-- raw HTML omitted -->(b6b49)<!-- raw HTML omitted --></a></li> <li>Resolve O(n^2) DoS in parse_link_text (CWE-400)-Type handling/testing done - by <strong>bhanugoudm041</strong> <a href="https://github.com/lepture/mistune/commit/b3af85d"><!-- raw HTML omitted -->(b3af8)<!-- raw HTML omitted --></a></li> <li><strong>block</strong>: Avoid quadratic ref link scans - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/2b04d7b"><!-- raw HTML omitted -->(2b04d)<!-- raw HTML omitted --></a></li> <li><strong>cli</strong>: Add entrypoint and utf-8 output - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/2f2449d"><!-- raw HTML omitted -->(2f244)<!-- raw HTML omitted --></a></li> <li><strong>directives</strong>: Constrain include targets - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/1bef343"><!-- raw HTML omitted -->(1bef3)<!-- raw HTML omitted --></a></li> <li><strong>formatting</strong>: Avoid quadratic marker scans - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/96d0f57"><!-- raw HTML omitted -->(96d0f)<!-- raw HTML omitted --></a></li> <li><strong>image</strong>: Validate figure width option - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/e3e51de"><!-- raw HTML omitted -->(e3e51)<!-- raw HTML omitted --></a></li> <li><strong>inline</strong>: Avoid bracket parsing DoS - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/25f2503"><!-- raw HTML omitted -->(25f25)<!-- raw HTML omitted --></a></li> <li><strong>math</strong>: Reject currency patterns and cross-line matches in inline math - by <a href="https://github.com/geopanther"><code>@geopanther</code></a> <a href="https://github.com/lepture/mistune/commit/566e173"><!-- raw HTML omitted -->(566e1)<!-- raw HTML omitted --></a></li> <li><strong>math</strong>: Support display and backtick math - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/1141eec"><!-- raw HTML omitted -->(1141e)<!-- raw HTML omitted --></a></li> <li><strong>renderer</strong>: Render plugin list and table nodes - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/614b019"><!-- raw HTML omitted -->(614b0)<!-- raw HTML omitted --></a></li> <li><strong>renderer</strong>: Block encoded unsafe URL schemes - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/c7101fc"><!-- raw HTML omitted -->(c7101)<!-- raw HTML omitted --></a></li> <li><strong>toc</strong>: Avoid generated id collisions - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/c4093c4"><!-- raw HTML omitted -->(c4093)<!-- raw HTML omitted --></a></li> </ul> <h3> 🏎 Performance</h3> <ul> <li>Improve performance - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/bf95c32"><!-- raw HTML omitted -->(bf95c)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/lepture/mistune/compare/v3.2.1...v3.3.0">View changes on GitHub</a></h5> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/lepture/mistune/blob/main/docs/changes.rst">mistune's changelog</a>.</em></p> <blockquote> <h2>Version 3.3.0</h2> <p><strong>Released on Jun 21, 2026</strong></p> <ul> <li>Improve CommonMark compatibility and parser performance.</li> <li>Add command line entrypoint with UTF-8 output.</li> <li>Support display and backtick math.</li> <li>Render plugin list and table nodes in Markdown renderer.</li> <li>Escape leading block markers in Markdown renderer.</li> <li>Fix RST renderer for block quotes nested in lists.</li> <li>Avoid generated heading ID collisions in TOC.</li> <li>Harden URL, image, figure, and include directive handling.</li> <li>Fix quadratic scans in inline links, reference links, and formatting markers.</li> <li>Fix math escaping, currency pattern matching, and cross-line matching.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lepture/mistune/commit/15c3b79325125272263d7d42492ec8f757447191"><code>15c3b79</code></a> chore: release 3.3.0</li> <li><a href="https://github.com/lepture/mistune/commit/bdc01ade171c7c2cd1099e2531ddf8c275a2f64c"><code>bdc01ad</code></a> tests: increase run time on pypy</li> <li><a href="https://github.com/lepture/mistune/commit/7cf181483e6201184bcecdbae13225d45ebab4c4"><code>7cf1814</code></a> tests: increase run time for pypy</li> <li><a href="https://github.com/lepture/mistune/commit/6dfdc3dae490c7a21499ff1063f4dd9b7357d4c5"><code>6dfdc3d</code></a> tests: add more tests</li> <li><a href="https://github.com/lepture/mistune/commit/17c50f6c0572027c1dad2c2501e7c97cea0b0b43"><code>17c50f6</code></a> chore: fix mypy issues</li> <li><a href="https://github.com/lepture/mistune/commit/63abe4b8e9adccc711c953e6727400ee7ba1084c"><code>63abe4b</code></a> chore: use ruff check and format</li> <li><a href="https://github.com/lepture/mistune/commit/e6c1b184461beab8887c7375621c64dffaf652c5"><code>e6c1b18</code></a> chore: resolve mypy issues</li> <li><a href="https://github.com/lepture/mistune/commit/dcf89020c1ee697b2267387064b3e4580e0b83c5"><code>dcf8902</code></a> test(math): cover escaped math output</li> <li><a href="https://github.com/lepture/mistune/commit/c4093c4742ed0d10d9332fb8edb455869b7b581b"><code>c4093c4</code></a> fix(toc): avoid generated id collisions</li> <li><a href="https://github.com/lepture/mistune/commit/e3e51de9cf0a72dc30191248dccf22087c57f046"><code>e3e51de</code></a> fix(image): validate figure width option</li> <li>Additional commits viewable in <a href="https://github.com/lepture/mistune/compare/v3.2.1...v3.3.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
0076f37716 |
chore: bump vcrpy from 8.2.1 to 8.3.0 in /libs/standard-tests (#38827)
Bumps [vcrpy](https://github.com/kevin1024/vcrpy) from 8.2.1 to 8.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kevin1024/vcrpy/releases">vcrpy's releases</a>.</em></p> <blockquote> <h2>v8.3.0</h2> <h2>What's Changed</h2> <ul> <li>Add support for niquests (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/980">#980</a>) — thanks <a href="https://github.com/ionelmc"><code>@ionelmc</code></a></li> <li>Recording now fails fast if a request or response contains a Python object the safe YAML loader (introduced in 8.2.1) couldn't read back, instead of writing a cassette that breaks on replay. The error shows exactly how to register the object if you need it (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/1007">#1007</a>, <a href="https://redirect.github.com/kevin1024/vcrpy/issues/1009">#1009</a>) — thanks <a href="https://github.com/Polandia94"><code>@Polandia94</code></a></li> <li>New <code>vcr.serializers.yamlserializer.with_custom_tags(...)</code> builds a YAML serializer supporting custom Python object tags on both record and replay, registered per VCR instance via <code>register_serializer</code> (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/1007">#1007</a>, <a href="https://redirect.github.com/kevin1024/vcrpy/issues/1009">#1009</a>) — thanks <a href="https://github.com/Polandia94"><code>@Polandia94</code></a></li> <li>Clearer error when a cassette contains an unsupported YAML tag, and the stale git.io migration link is gone (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/1007">#1007</a>, <a href="https://redirect.github.com/kevin1024/vcrpy/issues/1008">#1008</a>) — thanks <a href="https://github.com/gaoflow"><code>@gaoflow</code></a></li> <li>Fix stale keep-alive connection reuse across cassettes; unpin werkzeug (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/1001">#1001</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/kevin1024/vcrpy/compare/v8.2.1...v8.3.0">https://github.com/kevin1024/vcrpy/compare/v8.2.1...v8.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kevin1024/vcrpy/blob/master/docs/changelog.rst">vcrpy's changelog</a>.</em></p> <blockquote> <h2>Changelog</h2> <p>All help in providing PRs to close out bug issues is appreciated. Even if that is providing a repo that fully replicates issues. We have very generous contributors that have added these to bug issues which meant another contributor picked up the bug and closed it out.</p> <ul> <li> <p>8.3.0</p> <ul> <li>Add support for niquests (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/980">#980</a>) - thanks <a href="https://github.com/ionelmc"><code>@ionelmc</code></a></li> <li>Refuse to record a cassette containing a Python object the safe YAML loader could not read back, so recording fails fast instead of producing a cassette that breaks on replay (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/1007">#1007</a>, <a href="https://redirect.github.com/kevin1024/vcrpy/issues/1009">#1009</a>) - thanks <a href="https://github.com/Polandia94"><code>@Polandia94</code></a></li> <li>Add <code>vcr.serializers.yamlserializer.with_custom_tags</code> to build a YAML serializer supporting custom Python object tags on both record and replay, registered per VCR instance via <code>register_serializer</code> (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/1007">#1007</a>, <a href="https://redirect.github.com/kevin1024/vcrpy/issues/1009">#1009</a>) - thanks <a href="https://github.com/Polandia94"><code>@Polandia94</code></a></li> <li>Clearer error when a cassette contains an unsupported YAML tag, and remove the stale git.io migration link (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/1007">#1007</a>, <a href="https://redirect.github.com/kevin1024/vcrpy/issues/1008">#1008</a>) - thanks <a href="https://github.com/gaoflow"><code>@gaoflow</code></a></li> <li>Fix stale keep-alive connection reuse across cassettes; unpin werkzeug (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/1001">#1001</a>)</li> </ul> </li> <li> <p>8.2.1</p> <ul> <li>SECURITY: Load cassettes with a safe YAML loader, preventing arbitrary code execution when a cassette from an untrusted source is loaded (GHSA-rpj2-4hq8-938g) - thanks <a href="https://github.com/RamiAltai"><code>@RamiAltai</code></a> and <a href="https://github.com/EQSTLab"><code>@EQSTLab</code></a></li> <li>Validate <code>record_mode</code> and raise a clear error on an invalid value (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/208">#208</a>)</li> <li>Recommend pytest-recording over the unmaintained pytest-vcr in the docs (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/986">#986</a>)</li> </ul> </li> <li> <p>8.2.0</p> <ul> <li>Add support for httpx 2.x (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/993">#993</a>) - thanks <a href="https://github.com/dsfaccini"><code>@dsfaccini</code></a></li> <li>Patch httpx transports instead of httpcore (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/972">#972</a>) - thanks <a href="https://github.com/seowalex"><code>@seowalex</code></a></li> <li>Fix aiohttp 3.14 compatibility: <code>AsyncStreamReaderMixin</code> removed and <code>ClientResponse</code> now requires <code>stream_writer</code> (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/995">#995</a>) - thanks <a href="https://github.com/dsfaccini"><code>@dsfaccini</code></a></li> <li>Account for modified requests when storing played cassettes, so <code>drop_unused_requests</code> honours <code>before_record_request</code> filtering (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/962">#962</a>) - thanks <a href="https://github.com/jamesbraza"><code>@jamesbraza</code></a></li> <li>Make the request URL available on <code>VCRHTTPResponse</code> (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/976">#976</a>) - thanks <a href="https://github.com/dAnjou"><code>@dAnjou</code></a></li> <li>Improve error message when a matching request has already been consumed (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/985">#985</a>) - thanks <a href="https://github.com/Polandia94"><code>@Polandia94</code></a></li> <li>Fix body check in <code>convert_body_to_unicode</code> to use an explicit type check (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/982">#982</a>) - thanks <a href="https://github.com/Polandia94"><code>@Polandia94</code></a></li> <li>Add env proxy cassette regression test (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/994">#994</a>) - thanks <a href="https://github.com/tine1117"><code>@tine1117</code></a></li> <li>Remove milestone references from docs (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/984">#984</a>) - thanks <a href="https://github.com/Polandia94"><code>@Polandia94</code></a></li> <li>CI: bump sphinx-rtd-theme from 3.0.2 to 3.1.0 (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/973">#973</a>)</li> </ul> </li> <li> <p>8.1.1</p> <ul> <li>Fix sync requests in async contexts for HTTPX (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/965">#965</a>) - thanks <a href="https://github.com/seowalex"><code>@seowalex</code></a></li> <li>CI: bump peter-evans/create-pull-request from 7 to 8 (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/969">#969</a>)</li> </ul> </li> <li> <p>8.1.0</p> <ul> <li>Enable brotli decompression if available (via <code>brotli</code>, <code>brotlipy</code> or <code>brotlicffi</code>) (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/620">#620</a>) - thanks <a href="https://github.com/immerrr"><code>@immerrr</code></a></li> <li>Fix aiohttp allowing both <code>data</code> and <code>json</code> arguments when one is None (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/624">#624</a>) - thanks <a href="https://github.com/leorochael"><code>@leorochael</code></a></li> <li>Fix usage of io-like interface with VCR.py (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/906">#906</a>) - thanks <a href="https://github.com/tito"><code>@tito</code></a> and <a href="https://github.com/kevdevg"><code>@kevdevg</code></a></li> <li>Migrate to declarative Python package config (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/767">#767</a>) - thanks <a href="https://github.com/deronnax"><code>@deronnax</code></a></li> <li>Various linting fixes - thanks <a href="https://github.com/jairhenrique"><code>@jairhenrique</code></a></li> <li>CI: bump actions/checkout from 5 to 6 (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/955">#955</a>)</li> </ul> </li> <li> <p>8.0.0</p> <ul> <li>BREAKING: Drop support for Python 3.9 (major version bump) - thanks <a href="https://github.com/jairhenrique"><code>@jairhenrique</code></a></li> <li>BREAKING: Drop support for urllib3 < 2 - fixes CVE warnings from urllib3 1.x (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/926">#926</a>, <a href="https://redirect.github.com/kevin1024/vcrpy/issues/880">#880</a>) - thanks <a href="https://github.com/jairhenrique"><code>@jairhenrique</code></a></li> <li>New feature: <code>drop_unused_requests</code> option to remove unused interactions from cassettes (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/763">#763</a>) - thanks <a href="https://github.com/danielnsilva"><code>@danielnsilva</code></a></li> <li>Rewrite httpx support to patch httpcore instead of httpx (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/943">#943</a>) - thanks <a href="https://github.com/seowalex"><code>@seowalex</code></a> <ul> <li>Fixes <code>httpx.ResponseNotRead</code> exceptions (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/832">#832</a>, <a href="https://redirect.github.com/kevin1024/vcrpy/issues/834">#834</a>)</li> <li>Fixes <code>KeyError: 'follow_redirects'</code> (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/945">#945</a>)</li> <li>Adds support for custom httpx transports</li> </ul> </li> <li>Fix HTTPS proxy handling - proxy address no longer ends up in cassette URIs (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/809">#809</a>, <a href="https://redirect.github.com/kevin1024/vcrpy/issues/914">#914</a>) - thanks <a href="https://github.com/alga"><code>@alga</code></a></li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kevin1024/vcrpy/commit/c599974b31f3e510df9b98e61513fe6889a50db0"><code>c599974</code></a> Release v8.3.0</li> <li><a href="https://github.com/kevin1024/vcrpy/commit/68cbe595bacfc75fe5cc4ac620a04e4333b1f167"><code>68cbe59</code></a> Show how to register a custom object in the cassette-not-saved error</li> <li><a href="https://github.com/kevin1024/vcrpy/commit/7a898b54c9b9e47a689987e7b4fffe334d986675"><code>7a898b5</code></a> Refuse to record cassettes the safe YAML loader can't read back (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/1012">#1012</a>)</li> <li><a href="https://github.com/kevin1024/vcrpy/commit/1421b3636226a0774c2b4766fe848289e6b45c23"><code>1421b36</code></a> fix: show descriptive error when cassette contains unsupported YAML tags (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/1008">#1008</a>)</li> <li><a href="https://github.com/kevin1024/vcrpy/commit/b1fb62bf474d27be3ccafdc6bc1b8a7a1c5c4b8d"><code>b1fb62b</code></a> Merge pull request <a href="https://redirect.github.com/kevin1024/vcrpy/issues/1000">#1000</a> from kevin1024/dependabot/pre_commit/https-/github.c...</li> <li><a href="https://github.com/kevin1024/vcrpy/commit/9e741174c7a8e306f882001e0e7f8b1f7c3bd288"><code>9e74117</code></a> Fix stale keep-alive connection reuse; unpin werkzeug (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/1001">#1001</a>)</li> <li><a href="https://github.com/kevin1024/vcrpy/commit/30a721d400b55ced25f5d8a612b8a1ae01240160"><code>30a721d</code></a> Loosen up some things to allow vcrpy to work with niquests (<a href="https://redirect.github.com/kevin1024/vcrpy/issues/980">#980</a>)</li> <li><a href="https://github.com/kevin1024/vcrpy/commit/393e349ad56e2de2b558cf92782c10ca14b024ec"><code>393e349</code></a> build(deps): bump <a href="https://github.com/astral-sh/ruff-pre-commit">https://github.com/astral-sh/ruff-pre-commit</a></li> <li>See full diff in <a href="https://github.com/kevin1024/vcrpy/compare/v8.2.1...v8.3.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b255847eb4 |
chore: bump langsmith from 0.9.5 to 0.10.2 in /libs/partners/fireworks (#38830)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from 0.9.5 to 0.10.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's releases</a>.</em></p> <blockquote> <h2>v0.10.2</h2> <h2>What's Changed</h2> <ul> <li>release(js): 0.8.1 by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3185">langchain-ai/langsmith-sdk#3185</a></li> <li>refactor(voice): move span attribute setters onto TranslatedSpan by <a href="https://github.com/carolinedivittorio"><code>@carolinedivittorio</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3179">langchain-ai/langsmith-sdk#3179</a></li> <li>feat: add SmithDB by-key path to add_runs_to_annotation_queue (runs= param) [LSDK-287] by <a href="https://github.com/ayoung19"><code>@ayoung19</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3077">langchain-ai/langsmith-sdk#3077</a></li> <li>refactor(livekit + pipecat): Refactor for clarity by <a href="https://github.com/carolinedivittorio"><code>@carolinedivittorio</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3187">langchain-ai/langsmith-sdk#3187</a></li> <li>feat(py): re-export OpenAPI client exceptions from langsmith package by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3188">langchain-ai/langsmith-sdk#3188</a></li> <li>release(python): bump py version to 0.10.2 by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3189">langchain-ai/langsmith-sdk#3189</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ayoung19"><code>@ayoung19</code></a> made their first contribution in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3077">langchain-ai/langsmith-sdk#3077</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.1...v0.10.2">https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.1...v0.10.2</a></p> <h2>v0.10.1</h2> <h2>What's Changed</h2> <ul> <li>fix: bound voice streaming audio buffers by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3169">langchain-ai/langsmith-sdk#3169</a></li> <li>fix: escape insights report html repr by <a href="https://github.com/corridor-security"><code>@corridor-security</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3176">langchain-ai/langsmith-sdk#3176</a></li> <li>chore: bump _MIN_BACKEND_VERSION to 0.16.12rc1 by <a href="https://github.com/langtions-bot"><code>@langtions-bot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3178">langchain-ai/langsmith-sdk#3178</a></li> <li>Fix URL Path Injection via Unencoded Resource Names in Python Sandbox Client (Sync) by <a href="https://github.com/corridor-security"><code>@corridor-security</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3177">langchain-ai/langsmith-sdk#3177</a></li> <li>feat(js): expose openapi client error classes by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3181">langchain-ai/langsmith-sdk#3181</a></li> <li>release(py): 0.10.1 by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3184">langchain-ai/langsmith-sdk#3184</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/corridor-security"><code>@corridor-security</code></a>[bot] made their first contribution in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3176">langchain-ai/langsmith-sdk#3176</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.0...v0.10.1">https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.0...v0.10.1</a></p> <h2>v0.10.0</h2> <h2>What's Changed</h2> <ul> <li>chore: sync langsmith_api by <a href="https://github.com/langtions-bot"><code>@langtions-bot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3152">langchain-ai/langsmith-sdk#3152</a></li> <li>release(js): bump JS SDK to 0.7.16 by <a href="https://github.com/sineha-mani"><code>@sineha-mani</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3160">langchain-ai/langsmith-sdk#3160</a></li> <li>feat: expose OTel-safe metadata helpers [closes LSDK-262] by <a href="https://github.com/open-swe"><code>@open-swe</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3091">langchain-ai/langsmith-sdk#3091</a></li> <li>feat(integrations): helpers to build LangSmith run URLs from OTel spans [LSDK-273] by <a href="https://github.com/harisaiharish"><code>@harisaiharish</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3142">langchain-ai/langsmith-sdk#3142</a></li> <li>fix(python): remove projects accessor from AsyncClient by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3163">langchain-ai/langsmith-sdk#3163</a></li> <li>chore: sync langsmith_api by <a href="https://github.com/langtions-bot"><code>@langtions-bot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3162">langchain-ai/langsmith-sdk#3162</a></li> <li>feat(js): Extends wrapAnthropic JS wrapper to support Claude Managed Agents methods by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3155">langchain-ai/langsmith-sdk#3155</a></li> <li>release(js): 0.7.17 by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3166">langchain-ai/langsmith-sdk#3166</a></li> <li>feat(client): expose threads and traces resource accessors on Python and JS clients by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3164">langchain-ai/langsmith-sdk#3164</a></li> <li>ci: freeze pnpm environment test installs by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3168">langchain-ai/langsmith-sdk#3168</a></li> <li>Quote sandbox client URL path segments by <a href="https://github.com/langsmith-fleet"><code>@langsmith-fleet</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3167">langchain-ai/langsmith-sdk#3167</a></li> <li>release(js): 0.8.0 by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3171">langchain-ai/langsmith-sdk#3171</a></li> <li>release(py): 0.10.0 by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3170">langchain-ai/langsmith-sdk#3170</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/langsmith-fleet"><code>@langsmith-fleet</code></a>[bot] made their first contribution in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3167">langchain-ai/langsmith-sdk#3167</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.9.8...v0.10.0">https://github.com/langchain-ai/langsmith-sdk/compare/v0.9.8...v0.10.0</a></p> <h2>v0.9.8</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/687fc8d527a28504432f52bd08c75f2894c209fe"><code>687fc8d</code></a> release(python): bump py version to 0.10.2 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3189">#3189</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/08cbc910be1b91f4a2714a158b32fa3a56bf7040"><code>08cbc91</code></a> feat(py): re-export OpenAPI client exceptions from langsmith package (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3188">#3188</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/d309be59b951dc3b3796753b25908c029bead7d8"><code>d309be5</code></a> refactor(livekit + pipecat): Refactor for clarity (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3187">#3187</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/2e61f5418458fa559943da2ce274dfcd231cf074"><code>2e61f54</code></a> feat: add SmithDB by-key path to add_runs_to_annotation_queue (runs= param) [...</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/fab828a2b074aab98bc22d73c569ece2435e17ae"><code>fab828a</code></a> refactor(voice): move span attribute setters onto TranslatedSpan (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3179">#3179</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/2f7709cdaaf6626a22daefa9fecef712abf3e39c"><code>2f7709c</code></a> release(js): 0.8.1 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3185">#3185</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/6388e488ba28f8b18e18e34a3452f4a7e0c755aa"><code>6388e48</code></a> release(py): 0.10.1 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3184">#3184</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/de74fb8f42bb632257de19f22d18a41c7d5a59b0"><code>de74fb8</code></a> feat(js): expose openapi client error classes (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3181">#3181</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/6c0729a9bc00ab49a804b57731a423714b879a0e"><code>6c0729a</code></a> Fix URL Path Injection via Unencoded Resource Names in Python Sandbox Client ...</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/996073e478d6960b189d5a12d1f4f5adda9d7272"><code>996073e</code></a> chore: bump _MIN_BACKEND_VERSION to 0.16.12rc1 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3178">#3178</a>)</li> <li>Additional commits viewable in <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.9.5...v0.10.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
dde88cdb49 |
chore: bump langsmith from 0.9.5 to 0.10.2 in /libs/partners/huggingface (#38829)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from 0.9.5 to 0.10.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's releases</a>.</em></p> <blockquote> <h2>v0.10.2</h2> <h2>What's Changed</h2> <ul> <li>release(js): 0.8.1 by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3185">langchain-ai/langsmith-sdk#3185</a></li> <li>refactor(voice): move span attribute setters onto TranslatedSpan by <a href="https://github.com/carolinedivittorio"><code>@carolinedivittorio</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3179">langchain-ai/langsmith-sdk#3179</a></li> <li>feat: add SmithDB by-key path to add_runs_to_annotation_queue (runs= param) [LSDK-287] by <a href="https://github.com/ayoung19"><code>@ayoung19</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3077">langchain-ai/langsmith-sdk#3077</a></li> <li>refactor(livekit + pipecat): Refactor for clarity by <a href="https://github.com/carolinedivittorio"><code>@carolinedivittorio</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3187">langchain-ai/langsmith-sdk#3187</a></li> <li>feat(py): re-export OpenAPI client exceptions from langsmith package by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3188">langchain-ai/langsmith-sdk#3188</a></li> <li>release(python): bump py version to 0.10.2 by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3189">langchain-ai/langsmith-sdk#3189</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ayoung19"><code>@ayoung19</code></a> made their first contribution in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3077">langchain-ai/langsmith-sdk#3077</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.1...v0.10.2">https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.1...v0.10.2</a></p> <h2>v0.10.1</h2> <h2>What's Changed</h2> <ul> <li>fix: bound voice streaming audio buffers by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3169">langchain-ai/langsmith-sdk#3169</a></li> <li>fix: escape insights report html repr by <a href="https://github.com/corridor-security"><code>@corridor-security</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3176">langchain-ai/langsmith-sdk#3176</a></li> <li>chore: bump _MIN_BACKEND_VERSION to 0.16.12rc1 by <a href="https://github.com/langtions-bot"><code>@langtions-bot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3178">langchain-ai/langsmith-sdk#3178</a></li> <li>Fix URL Path Injection via Unencoded Resource Names in Python Sandbox Client (Sync) by <a href="https://github.com/corridor-security"><code>@corridor-security</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3177">langchain-ai/langsmith-sdk#3177</a></li> <li>feat(js): expose openapi client error classes by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3181">langchain-ai/langsmith-sdk#3181</a></li> <li>release(py): 0.10.1 by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3184">langchain-ai/langsmith-sdk#3184</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/corridor-security"><code>@corridor-security</code></a>[bot] made their first contribution in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3176">langchain-ai/langsmith-sdk#3176</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.0...v0.10.1">https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.0...v0.10.1</a></p> <h2>v0.10.0</h2> <h2>What's Changed</h2> <ul> <li>chore: sync langsmith_api by <a href="https://github.com/langtions-bot"><code>@langtions-bot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3152">langchain-ai/langsmith-sdk#3152</a></li> <li>release(js): bump JS SDK to 0.7.16 by <a href="https://github.com/sineha-mani"><code>@sineha-mani</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3160">langchain-ai/langsmith-sdk#3160</a></li> <li>feat: expose OTel-safe metadata helpers [closes LSDK-262] by <a href="https://github.com/open-swe"><code>@open-swe</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3091">langchain-ai/langsmith-sdk#3091</a></li> <li>feat(integrations): helpers to build LangSmith run URLs from OTel spans [LSDK-273] by <a href="https://github.com/harisaiharish"><code>@harisaiharish</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3142">langchain-ai/langsmith-sdk#3142</a></li> <li>fix(python): remove projects accessor from AsyncClient by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3163">langchain-ai/langsmith-sdk#3163</a></li> <li>chore: sync langsmith_api by <a href="https://github.com/langtions-bot"><code>@langtions-bot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3162">langchain-ai/langsmith-sdk#3162</a></li> <li>feat(js): Extends wrapAnthropic JS wrapper to support Claude Managed Agents methods by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3155">langchain-ai/langsmith-sdk#3155</a></li> <li>release(js): 0.7.17 by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3166">langchain-ai/langsmith-sdk#3166</a></li> <li>feat(client): expose threads and traces resource accessors on Python and JS clients by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3164">langchain-ai/langsmith-sdk#3164</a></li> <li>ci: freeze pnpm environment test installs by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3168">langchain-ai/langsmith-sdk#3168</a></li> <li>Quote sandbox client URL path segments by <a href="https://github.com/langsmith-fleet"><code>@langsmith-fleet</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3167">langchain-ai/langsmith-sdk#3167</a></li> <li>release(js): 0.8.0 by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3171">langchain-ai/langsmith-sdk#3171</a></li> <li>release(py): 0.10.0 by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3170">langchain-ai/langsmith-sdk#3170</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/langsmith-fleet"><code>@langsmith-fleet</code></a>[bot] made their first contribution in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3167">langchain-ai/langsmith-sdk#3167</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.9.8...v0.10.0">https://github.com/langchain-ai/langsmith-sdk/compare/v0.9.8...v0.10.0</a></p> <h2>v0.9.8</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/687fc8d527a28504432f52bd08c75f2894c209fe"><code>687fc8d</code></a> release(python): bump py version to 0.10.2 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3189">#3189</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/08cbc910be1b91f4a2714a158b32fa3a56bf7040"><code>08cbc91</code></a> feat(py): re-export OpenAPI client exceptions from langsmith package (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3188">#3188</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/d309be59b951dc3b3796753b25908c029bead7d8"><code>d309be5</code></a> refactor(livekit + pipecat): Refactor for clarity (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3187">#3187</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/2e61f5418458fa559943da2ce274dfcd231cf074"><code>2e61f54</code></a> feat: add SmithDB by-key path to add_runs_to_annotation_queue (runs= param) [...</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/fab828a2b074aab98bc22d73c569ece2435e17ae"><code>fab828a</code></a> refactor(voice): move span attribute setters onto TranslatedSpan (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3179">#3179</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/2f7709cdaaf6626a22daefa9fecef712abf3e39c"><code>2f7709c</code></a> release(js): 0.8.1 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3185">#3185</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/6388e488ba28f8b18e18e34a3452f4a7e0c755aa"><code>6388e48</code></a> release(py): 0.10.1 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3184">#3184</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/de74fb8f42bb632257de19f22d18a41c7d5a59b0"><code>de74fb8</code></a> feat(js): expose openapi client error classes (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3181">#3181</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/6c0729a9bc00ab49a804b57731a423714b879a0e"><code>6c0729a</code></a> Fix URL Path Injection via Unencoded Resource Names in Python Sandbox Client ...</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/996073e478d6960b189d5a12d1f4f5adda9d7272"><code>996073e</code></a> chore: bump _MIN_BACKEND_VERSION to 0.16.12rc1 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3178">#3178</a>)</li> <li>Additional commits viewable in <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.9.5...v0.10.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b27f55498f |
chore: bump transformers from 5.3.0 to 5.5.0 in /libs/partners/huggingface (#38828)
Bumps [transformers](https://github.com/huggingface/transformers) from 5.3.0 to 5.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/huggingface/transformers/releases">transformers's releases</a>.</em></p> <blockquote> <h1>Release v5.5.0</h1> <!-- raw HTML omitted --> <h2>New Model additions</h2> <h3>Gemma4</h3> <p><a href="https://github.com/huggingface/transformers/blob/HEAD/INSET_PAPER_LINK">Gemma 4</a> is a multimodal model with pretrained and instruction-tuned variants, available in 1B, 13B, and 27B parameters. The architecture is mostly the same as the previous Gemma versions. The key differences are a vision processor that can output images of fixed token budget and a spatial 2D RoPE to encode vision-specific information across height and width axis.</p> <!-- raw HTML omitted --> <p>You can find all the original Gemma 4 checkpoints under the <a href="https://huggingface.co/collections/google/gemma-4-release-67c6c6f89c4f76621268bb6d">Gemma 4</a> release.</p> <p>The key difference from previous Gemma releases is the new design to process <strong>images of different sizes</strong> using a <strong>fixed-budget number of tokens</strong>. Unlike many models that squash every image into a fixed square (like 224×224), Gemma 4 keeps the image's natural aspect ratio while making it the right size. There a a couple constraints to follow:</p> <ul> <li>The total number of pixels must fit within a patch budget</li> <li>Both height and width must be divisible by <strong>48</strong> (= patch size 16 × pooling kernel 3)</li> </ul> <blockquote> <p>[!IMPORTANT] Gemma 4 does <strong>not</strong> apply the standard ImageNet mean/std normalization that many other vision models use. The model's own patch embedding layer handles the final scaling internally (shifting values to the [-1, 1] range).</p> </blockquote> <p>The number of "soft tokens" (aka vision tokens) an image processor can produce is configurable. The supported options are outlined below and the default is <strong>280 soft tokens</strong> per image.</p> <table> <thead> <tr> <th align="center">Soft Tokens</th> <th align="center">Patches (before pooling)</th> <th align="center">Approx. Image Area</th> </tr> </thead> <tbody> <tr> <td align="center">70</td> <td align="center">630</td> <td align="center">~161K pixels</td> </tr> <tr> <td align="center">140</td> <td align="center">1,260</td> <td align="center">~323K pixels</td> </tr> <tr> <td align="center"><strong>280</strong></td> <td align="center"><strong>2,520</strong></td> <td align="center"><strong>~645K pixels</strong></td> </tr> <tr> <td align="center">560</td> <td align="center">5,040</td> <td align="center">~1.3M pixels</td> </tr> <tr> <td align="center">1,120</td> <td align="center">10,080</td> <td align="center">~2.6M pixels</td> </tr> </tbody> </table> <p>To encode positional information for each patch in the image, Gemma 4 uses a learned 2D position embedding table. The position table stores up to 10,240 positions per axis, which allows the model to handle very large images. Each position is a learned vector of the same dimensions as the patch embedding. The 2D RoPE which Gemma 4 uses independently rotate half the attention head dimensions for the x-axis and the other half for the y-axis. This allows the model to understand spatial relationships like "above," "below," "left of," and "right of."</p> <h3>NomicBERT</h3> <p>NomicBERT is a BERT-inspired encoder model that applies Rotary Position Embeddings (RoPE) to create reproducible long context text embeddings. It is the first fully reproducible, open-source text embedding model with 8192 context length that outperforms both OpenAI Ada-002 and OpenAI text-embedding-3-small on short-context MTEB and long context LoCo benchmarks. The model generates dense vector embeddings for various tasks including search, clustering, and classification using specific instruction prefixes.</p> <p><strong>Links:</strong> <a href="https://huggingface.co/docs/transformers/main/en/model_doc/nomic_bert">Documentation</a> | <a href="https://arxiv.org/abs/2402.01613">Paper</a></p> <ul> <li>Internalise the NomicBERT model (<a href="https://redirect.github.com/huggingface/transformers/issues/43067">#43067</a>) by <a href="https://github.com/ed22699"><code>@ed22699</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43067">#43067</a></li> </ul> <h3>MusicFlamingo</h3> <p>Music Flamingo is a fully open large audio–language model designed for robust understanding and reasoning over music. It builds upon the Audio Flamingo 3 architecture by including Rotary Time Embeddings (RoTE), which injects temporal position information to enable the model to handle audio sequences up to 20 minutes. The model features a unified audio encoder across speech, sound, and music with special sound boundary tokens for improved audio sequence modeling.</p> <p><strong>Links:</strong> <a href="https://huggingface.co/docs/transformers/main/en/model_doc/musicflamingo">Documentation</a> | <a href="https://huggingface.co/papers/2511.10289">Paper</a></p> <ul> <li>Add Music Flamingo (<a href="https://redirect.github.com/huggingface/transformers/issues/43538">#43538</a>) by <a href="https://github.com/lashahub"><code>@lashahub</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43538">#43538</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/huggingface/transformers/commit/c1c34249fa27deefbd4a377dfbf883a39baf5c6d"><code>c1c3424</code></a> update</li> <li><a href="https://github.com/huggingface/transformers/commit/20bff6865a756a074f5b893b57f0ae438b25ec46"><code>20bff68</code></a> update release workflow</li> <li><a href="https://github.com/huggingface/transformers/commit/89564412a56ae6581f8aa48a533a835860dc9f43"><code>8956441</code></a> v5.5.0</li> <li><a href="https://github.com/huggingface/transformers/commit/5135e5efa7203cd23aac0866de12dfeef038422d"><code>5135e5e</code></a> casually dropping the most capable open weights on the planet (<a href="https://redirect.github.com/huggingface/transformers/issues/45192">#45192</a>)</li> <li><a href="https://github.com/huggingface/transformers/commit/a594e09e3924120f1f5508e7d81946bf3504df2b"><code>a594e09</code></a> Internalise the NomicBERT model (<a href="https://redirect.github.com/huggingface/transformers/issues/43067">#43067</a>)</li> <li><a href="https://github.com/huggingface/transformers/commit/4932e9721e230bea915341e7f04db32885b6c6af"><code>4932e97</code></a> Fix resized LM head weights being overwritten by post_init (<a href="https://redirect.github.com/huggingface/transformers/issues/45079">#45079</a>)</li> <li><a href="https://github.com/huggingface/transformers/commit/57e84139542c8c297873f35fcd25f66ffcf132ae"><code>57e8413</code></a> [Qwen3.5 MoE] Add _tp_plan to ForConditionalGeneration (<a href="https://redirect.github.com/huggingface/transformers/issues/45124">#45124</a>)</li> <li><a href="https://github.com/huggingface/transformers/commit/b10552e99dc4974b30126995baea455df43f8476"><code>b10552e</code></a> Fix TypeError: 'NoneType' object is not iterable in GenerationMixin.generate ...</li> <li><a href="https://github.com/huggingface/transformers/commit/423f2a31d2bd05bdc1dc30dd938389edaa998fde"><code>423f2a3</code></a> fix(models): Fix dtype mismatch in SwitchTransformers and TimmWrapperModel (#...</li> <li><a href="https://github.com/huggingface/transformers/commit/ade7a05a42bf53b183bb78c181743be063c5ff14"><code>ade7a05</code></a> Generalize gemma vision mask to videos (<a href="https://redirect.github.com/huggingface/transformers/issues/45185">#45185</a>)</li> <li>Additional commits viewable in <a href="https://github.com/huggingface/transformers/compare/v5.3.0...v5.5.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
3d4426d427 |
chore: bump langsmith from 0.9.5 to 0.10.2 in /libs/partners/chroma (#38831)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from 0.9.5 to 0.10.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's releases</a>.</em></p> <blockquote> <h2>v0.10.2</h2> <h2>What's Changed</h2> <ul> <li>release(js): 0.8.1 by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3185">langchain-ai/langsmith-sdk#3185</a></li> <li>refactor(voice): move span attribute setters onto TranslatedSpan by <a href="https://github.com/carolinedivittorio"><code>@carolinedivittorio</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3179">langchain-ai/langsmith-sdk#3179</a></li> <li>feat: add SmithDB by-key path to add_runs_to_annotation_queue (runs= param) [LSDK-287] by <a href="https://github.com/ayoung19"><code>@ayoung19</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3077">langchain-ai/langsmith-sdk#3077</a></li> <li>refactor(livekit + pipecat): Refactor for clarity by <a href="https://github.com/carolinedivittorio"><code>@carolinedivittorio</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3187">langchain-ai/langsmith-sdk#3187</a></li> <li>feat(py): re-export OpenAPI client exceptions from langsmith package by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3188">langchain-ai/langsmith-sdk#3188</a></li> <li>release(python): bump py version to 0.10.2 by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3189">langchain-ai/langsmith-sdk#3189</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ayoung19"><code>@ayoung19</code></a> made their first contribution in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3077">langchain-ai/langsmith-sdk#3077</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.1...v0.10.2">https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.1...v0.10.2</a></p> <h2>v0.10.1</h2> <h2>What's Changed</h2> <ul> <li>fix: bound voice streaming audio buffers by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3169">langchain-ai/langsmith-sdk#3169</a></li> <li>fix: escape insights report html repr by <a href="https://github.com/corridor-security"><code>@corridor-security</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3176">langchain-ai/langsmith-sdk#3176</a></li> <li>chore: bump _MIN_BACKEND_VERSION to 0.16.12rc1 by <a href="https://github.com/langtions-bot"><code>@langtions-bot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3178">langchain-ai/langsmith-sdk#3178</a></li> <li>Fix URL Path Injection via Unencoded Resource Names in Python Sandbox Client (Sync) by <a href="https://github.com/corridor-security"><code>@corridor-security</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3177">langchain-ai/langsmith-sdk#3177</a></li> <li>feat(js): expose openapi client error classes by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3181">langchain-ai/langsmith-sdk#3181</a></li> <li>release(py): 0.10.1 by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3184">langchain-ai/langsmith-sdk#3184</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/corridor-security"><code>@corridor-security</code></a>[bot] made their first contribution in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3176">langchain-ai/langsmith-sdk#3176</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.0...v0.10.1">https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.0...v0.10.1</a></p> <h2>v0.10.0</h2> <h2>What's Changed</h2> <ul> <li>chore: sync langsmith_api by <a href="https://github.com/langtions-bot"><code>@langtions-bot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3152">langchain-ai/langsmith-sdk#3152</a></li> <li>release(js): bump JS SDK to 0.7.16 by <a href="https://github.com/sineha-mani"><code>@sineha-mani</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3160">langchain-ai/langsmith-sdk#3160</a></li> <li>feat: expose OTel-safe metadata helpers [closes LSDK-262] by <a href="https://github.com/open-swe"><code>@open-swe</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3091">langchain-ai/langsmith-sdk#3091</a></li> <li>feat(integrations): helpers to build LangSmith run URLs from OTel spans [LSDK-273] by <a href="https://github.com/harisaiharish"><code>@harisaiharish</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3142">langchain-ai/langsmith-sdk#3142</a></li> <li>fix(python): remove projects accessor from AsyncClient by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3163">langchain-ai/langsmith-sdk#3163</a></li> <li>chore: sync langsmith_api by <a href="https://github.com/langtions-bot"><code>@langtions-bot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3162">langchain-ai/langsmith-sdk#3162</a></li> <li>feat(js): Extends wrapAnthropic JS wrapper to support Claude Managed Agents methods by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3155">langchain-ai/langsmith-sdk#3155</a></li> <li>release(js): 0.7.17 by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3166">langchain-ai/langsmith-sdk#3166</a></li> <li>feat(client): expose threads and traces resource accessors on Python and JS clients by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3164">langchain-ai/langsmith-sdk#3164</a></li> <li>ci: freeze pnpm environment test installs by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3168">langchain-ai/langsmith-sdk#3168</a></li> <li>Quote sandbox client URL path segments by <a href="https://github.com/langsmith-fleet"><code>@langsmith-fleet</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3167">langchain-ai/langsmith-sdk#3167</a></li> <li>release(js): 0.8.0 by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3171">langchain-ai/langsmith-sdk#3171</a></li> <li>release(py): 0.10.0 by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3170">langchain-ai/langsmith-sdk#3170</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/langsmith-fleet"><code>@langsmith-fleet</code></a>[bot] made their first contribution in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3167">langchain-ai/langsmith-sdk#3167</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.9.8...v0.10.0">https://github.com/langchain-ai/langsmith-sdk/compare/v0.9.8...v0.10.0</a></p> <h2>v0.9.8</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/687fc8d527a28504432f52bd08c75f2894c209fe"><code>687fc8d</code></a> release(python): bump py version to 0.10.2 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3189">#3189</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/08cbc910be1b91f4a2714a158b32fa3a56bf7040"><code>08cbc91</code></a> feat(py): re-export OpenAPI client exceptions from langsmith package (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3188">#3188</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/d309be59b951dc3b3796753b25908c029bead7d8"><code>d309be5</code></a> refactor(livekit + pipecat): Refactor for clarity (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3187">#3187</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/2e61f5418458fa559943da2ce274dfcd231cf074"><code>2e61f54</code></a> feat: add SmithDB by-key path to add_runs_to_annotation_queue (runs= param) [...</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/fab828a2b074aab98bc22d73c569ece2435e17ae"><code>fab828a</code></a> refactor(voice): move span attribute setters onto TranslatedSpan (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3179">#3179</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/2f7709cdaaf6626a22daefa9fecef712abf3e39c"><code>2f7709c</code></a> release(js): 0.8.1 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3185">#3185</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/6388e488ba28f8b18e18e34a3452f4a7e0c755aa"><code>6388e48</code></a> release(py): 0.10.1 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3184">#3184</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/de74fb8f42bb632257de19f22d18a41c7d5a59b0"><code>de74fb8</code></a> feat(js): expose openapi client error classes (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3181">#3181</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/6c0729a9bc00ab49a804b57731a423714b879a0e"><code>6c0729a</code></a> Fix URL Path Injection via Unencoded Resource Names in Python Sandbox Client ...</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/996073e478d6960b189d5a12d1f4f5adda9d7272"><code>996073e</code></a> chore: bump _MIN_BACKEND_VERSION to 0.16.12rc1 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3178">#3178</a>)</li> <li>Additional commits viewable in <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.9.5...v0.10.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
0f27cf9dac |
chore: bump langsmith from 0.9.5 to 0.10.2 in /libs/partners/xai (#38832)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from 0.9.5 to 0.10.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's releases</a>.</em></p> <blockquote> <h2>v0.10.2</h2> <h2>What's Changed</h2> <ul> <li>release(js): 0.8.1 by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3185">langchain-ai/langsmith-sdk#3185</a></li> <li>refactor(voice): move span attribute setters onto TranslatedSpan by <a href="https://github.com/carolinedivittorio"><code>@carolinedivittorio</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3179">langchain-ai/langsmith-sdk#3179</a></li> <li>feat: add SmithDB by-key path to add_runs_to_annotation_queue (runs= param) [LSDK-287] by <a href="https://github.com/ayoung19"><code>@ayoung19</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3077">langchain-ai/langsmith-sdk#3077</a></li> <li>refactor(livekit + pipecat): Refactor for clarity by <a href="https://github.com/carolinedivittorio"><code>@carolinedivittorio</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3187">langchain-ai/langsmith-sdk#3187</a></li> <li>feat(py): re-export OpenAPI client exceptions from langsmith package by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3188">langchain-ai/langsmith-sdk#3188</a></li> <li>release(python): bump py version to 0.10.2 by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3189">langchain-ai/langsmith-sdk#3189</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ayoung19"><code>@ayoung19</code></a> made their first contribution in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3077">langchain-ai/langsmith-sdk#3077</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.1...v0.10.2">https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.1...v0.10.2</a></p> <h2>v0.10.1</h2> <h2>What's Changed</h2> <ul> <li>fix: bound voice streaming audio buffers by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3169">langchain-ai/langsmith-sdk#3169</a></li> <li>fix: escape insights report html repr by <a href="https://github.com/corridor-security"><code>@corridor-security</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3176">langchain-ai/langsmith-sdk#3176</a></li> <li>chore: bump _MIN_BACKEND_VERSION to 0.16.12rc1 by <a href="https://github.com/langtions-bot"><code>@langtions-bot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3178">langchain-ai/langsmith-sdk#3178</a></li> <li>Fix URL Path Injection via Unencoded Resource Names in Python Sandbox Client (Sync) by <a href="https://github.com/corridor-security"><code>@corridor-security</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3177">langchain-ai/langsmith-sdk#3177</a></li> <li>feat(js): expose openapi client error classes by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3181">langchain-ai/langsmith-sdk#3181</a></li> <li>release(py): 0.10.1 by <a href="https://github.com/KiewanVillatel"><code>@KiewanVillatel</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3184">langchain-ai/langsmith-sdk#3184</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/corridor-security"><code>@corridor-security</code></a>[bot] made their first contribution in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3176">langchain-ai/langsmith-sdk#3176</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.0...v0.10.1">https://github.com/langchain-ai/langsmith-sdk/compare/v0.10.0...v0.10.1</a></p> <h2>v0.10.0</h2> <h2>What's Changed</h2> <ul> <li>chore: sync langsmith_api by <a href="https://github.com/langtions-bot"><code>@langtions-bot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3152">langchain-ai/langsmith-sdk#3152</a></li> <li>release(js): bump JS SDK to 0.7.16 by <a href="https://github.com/sineha-mani"><code>@sineha-mani</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3160">langchain-ai/langsmith-sdk#3160</a></li> <li>feat: expose OTel-safe metadata helpers [closes LSDK-262] by <a href="https://github.com/open-swe"><code>@open-swe</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3091">langchain-ai/langsmith-sdk#3091</a></li> <li>feat(integrations): helpers to build LangSmith run URLs from OTel spans [LSDK-273] by <a href="https://github.com/harisaiharish"><code>@harisaiharish</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3142">langchain-ai/langsmith-sdk#3142</a></li> <li>fix(python): remove projects accessor from AsyncClient by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3163">langchain-ai/langsmith-sdk#3163</a></li> <li>chore: sync langsmith_api by <a href="https://github.com/langtions-bot"><code>@langtions-bot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3162">langchain-ai/langsmith-sdk#3162</a></li> <li>feat(js): Extends wrapAnthropic JS wrapper to support Claude Managed Agents methods by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3155">langchain-ai/langsmith-sdk#3155</a></li> <li>release(js): 0.7.17 by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3166">langchain-ai/langsmith-sdk#3166</a></li> <li>feat(client): expose threads and traces resource accessors on Python and JS clients by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3164">langchain-ai/langsmith-sdk#3164</a></li> <li>ci: freeze pnpm environment test installs by <a href="https://github.com/jkennedyvz"><code>@jkennedyvz</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3168">langchain-ai/langsmith-sdk#3168</a></li> <li>Quote sandbox client URL path segments by <a href="https://github.com/langsmith-fleet"><code>@langsmith-fleet</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3167">langchain-ai/langsmith-sdk#3167</a></li> <li>release(js): 0.8.0 by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3171">langchain-ai/langsmith-sdk#3171</a></li> <li>release(py): 0.10.0 by <a href="https://github.com/QuentinBrosse"><code>@QuentinBrosse</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3170">langchain-ai/langsmith-sdk#3170</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/langsmith-fleet"><code>@langsmith-fleet</code></a>[bot] made their first contribution in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/3167">langchain-ai/langsmith-sdk#3167</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.9.8...v0.10.0">https://github.com/langchain-ai/langsmith-sdk/compare/v0.9.8...v0.10.0</a></p> <h2>v0.9.8</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/687fc8d527a28504432f52bd08c75f2894c209fe"><code>687fc8d</code></a> release(python): bump py version to 0.10.2 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3189">#3189</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/08cbc910be1b91f4a2714a158b32fa3a56bf7040"><code>08cbc91</code></a> feat(py): re-export OpenAPI client exceptions from langsmith package (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3188">#3188</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/d309be59b951dc3b3796753b25908c029bead7d8"><code>d309be5</code></a> refactor(livekit + pipecat): Refactor for clarity (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3187">#3187</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/2e61f5418458fa559943da2ce274dfcd231cf074"><code>2e61f54</code></a> feat: add SmithDB by-key path to add_runs_to_annotation_queue (runs= param) [...</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/fab828a2b074aab98bc22d73c569ece2435e17ae"><code>fab828a</code></a> refactor(voice): move span attribute setters onto TranslatedSpan (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3179">#3179</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/2f7709cdaaf6626a22daefa9fecef712abf3e39c"><code>2f7709c</code></a> release(js): 0.8.1 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3185">#3185</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/6388e488ba28f8b18e18e34a3452f4a7e0c755aa"><code>6388e48</code></a> release(py): 0.10.1 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3184">#3184</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/de74fb8f42bb632257de19f22d18a41c7d5a59b0"><code>de74fb8</code></a> feat(js): expose openapi client error classes (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3181">#3181</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/6c0729a9bc00ab49a804b57731a423714b879a0e"><code>6c0729a</code></a> Fix URL Path Injection via Unencoded Resource Names in Python Sandbox Client ...</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/996073e478d6960b189d5a12d1f4f5adda9d7272"><code>996073e</code></a> chore: bump _MIN_BACKEND_VERSION to 0.16.12rc1 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/3178">#3178</a>)</li> <li>Additional commits viewable in <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.9.5...v0.10.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
00c0f69dc0 |
chore: bump mistune from 3.2.1 to 3.3.0 in /libs/langchain (#38782)
Bumps [mistune](https://github.com/lepture/mistune) from 3.2.1 to 3.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lepture/mistune/releases">mistune's releases</a>.</em></p> <blockquote> <h2>v3.3.0</h2> <h3> 🐞 Bug Fixes</h3> <ul> <li>Resolve O(n^2) DoS in parse_link_text (CWE-400) - by <strong>bhanugoudm041</strong> <a href="https://github.com/lepture/mistune/commit/b6b499d"><!-- raw HTML omitted -->(b6b49)<!-- raw HTML omitted --></a></li> <li>Resolve O(n^2) DoS in parse_link_text (CWE-400)-Type handling/testing done - by <strong>bhanugoudm041</strong> <a href="https://github.com/lepture/mistune/commit/b3af85d"><!-- raw HTML omitted -->(b3af8)<!-- raw HTML omitted --></a></li> <li><strong>block</strong>: Avoid quadratic ref link scans - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/2b04d7b"><!-- raw HTML omitted -->(2b04d)<!-- raw HTML omitted --></a></li> <li><strong>cli</strong>: Add entrypoint and utf-8 output - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/2f2449d"><!-- raw HTML omitted -->(2f244)<!-- raw HTML omitted --></a></li> <li><strong>directives</strong>: Constrain include targets - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/1bef343"><!-- raw HTML omitted -->(1bef3)<!-- raw HTML omitted --></a></li> <li><strong>formatting</strong>: Avoid quadratic marker scans - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/96d0f57"><!-- raw HTML omitted -->(96d0f)<!-- raw HTML omitted --></a></li> <li><strong>image</strong>: Validate figure width option - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/e3e51de"><!-- raw HTML omitted -->(e3e51)<!-- raw HTML omitted --></a></li> <li><strong>inline</strong>: Avoid bracket parsing DoS - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/25f2503"><!-- raw HTML omitted -->(25f25)<!-- raw HTML omitted --></a></li> <li><strong>math</strong>: Reject currency patterns and cross-line matches in inline math - by <a href="https://github.com/geopanther"><code>@geopanther</code></a> <a href="https://github.com/lepture/mistune/commit/566e173"><!-- raw HTML omitted -->(566e1)<!-- raw HTML omitted --></a></li> <li><strong>math</strong>: Support display and backtick math - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/1141eec"><!-- raw HTML omitted -->(1141e)<!-- raw HTML omitted --></a></li> <li><strong>renderer</strong>: Render plugin list and table nodes - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/614b019"><!-- raw HTML omitted -->(614b0)<!-- raw HTML omitted --></a></li> <li><strong>renderer</strong>: Block encoded unsafe URL schemes - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/c7101fc"><!-- raw HTML omitted -->(c7101)<!-- raw HTML omitted --></a></li> <li><strong>toc</strong>: Avoid generated id collisions - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/c4093c4"><!-- raw HTML omitted -->(c4093)<!-- raw HTML omitted --></a></li> </ul> <h3> 🏎 Performance</h3> <ul> <li>Improve performance - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/bf95c32"><!-- raw HTML omitted -->(bf95c)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/lepture/mistune/compare/v3.2.1...v3.3.0">View changes on GitHub</a></h5> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/lepture/mistune/blob/main/docs/changes.rst">mistune's changelog</a>.</em></p> <blockquote> <h2>Version 3.3.0</h2> <p><strong>Released on Jun 21, 2026</strong></p> <ul> <li>Improve CommonMark compatibility and parser performance.</li> <li>Add command line entrypoint with UTF-8 output.</li> <li>Support display and backtick math.</li> <li>Render plugin list and table nodes in Markdown renderer.</li> <li>Escape leading block markers in Markdown renderer.</li> <li>Fix RST renderer for block quotes nested in lists.</li> <li>Avoid generated heading ID collisions in TOC.</li> <li>Harden URL, image, figure, and include directive handling.</li> <li>Fix quadratic scans in inline links, reference links, and formatting markers.</li> <li>Fix math escaping, currency pattern matching, and cross-line matching.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lepture/mistune/commit/15c3b79325125272263d7d42492ec8f757447191"><code>15c3b79</code></a> chore: release 3.3.0</li> <li><a href="https://github.com/lepture/mistune/commit/bdc01ade171c7c2cd1099e2531ddf8c275a2f64c"><code>bdc01ad</code></a> tests: increase run time on pypy</li> <li><a href="https://github.com/lepture/mistune/commit/7cf181483e6201184bcecdbae13225d45ebab4c4"><code>7cf1814</code></a> tests: increase run time for pypy</li> <li><a href="https://github.com/lepture/mistune/commit/6dfdc3dae490c7a21499ff1063f4dd9b7357d4c5"><code>6dfdc3d</code></a> tests: add more tests</li> <li><a href="https://github.com/lepture/mistune/commit/17c50f6c0572027c1dad2c2501e7c97cea0b0b43"><code>17c50f6</code></a> chore: fix mypy issues</li> <li><a href="https://github.com/lepture/mistune/commit/63abe4b8e9adccc711c953e6727400ee7ba1084c"><code>63abe4b</code></a> chore: use ruff check and format</li> <li><a href="https://github.com/lepture/mistune/commit/e6c1b184461beab8887c7375621c64dffaf652c5"><code>e6c1b18</code></a> chore: resolve mypy issues</li> <li><a href="https://github.com/lepture/mistune/commit/dcf89020c1ee697b2267387064b3e4580e0b83c5"><code>dcf8902</code></a> test(math): cover escaped math output</li> <li><a href="https://github.com/lepture/mistune/commit/c4093c4742ed0d10d9332fb8edb455869b7b581b"><code>c4093c4</code></a> fix(toc): avoid generated id collisions</li> <li><a href="https://github.com/lepture/mistune/commit/e3e51de9cf0a72dc30191248dccf22087c57f046"><code>e3e51de</code></a> fix(image): validate figure width option</li> <li>Additional commits viewable in <a href="https://github.com/lepture/mistune/compare/v3.2.1...v3.3.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b2dede4f3e |
chore: bump mistune from 3.2.1 to 3.3.0 in /libs/core (#38783)
Bumps [mistune](https://github.com/lepture/mistune) from 3.2.1 to 3.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lepture/mistune/releases">mistune's releases</a>.</em></p> <blockquote> <h2>v3.3.0</h2> <h3> 🐞 Bug Fixes</h3> <ul> <li>Resolve O(n^2) DoS in parse_link_text (CWE-400) - by <strong>bhanugoudm041</strong> <a href="https://github.com/lepture/mistune/commit/b6b499d"><!-- raw HTML omitted -->(b6b49)<!-- raw HTML omitted --></a></li> <li>Resolve O(n^2) DoS in parse_link_text (CWE-400)-Type handling/testing done - by <strong>bhanugoudm041</strong> <a href="https://github.com/lepture/mistune/commit/b3af85d"><!-- raw HTML omitted -->(b3af8)<!-- raw HTML omitted --></a></li> <li><strong>block</strong>: Avoid quadratic ref link scans - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/2b04d7b"><!-- raw HTML omitted -->(2b04d)<!-- raw HTML omitted --></a></li> <li><strong>cli</strong>: Add entrypoint and utf-8 output - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/2f2449d"><!-- raw HTML omitted -->(2f244)<!-- raw HTML omitted --></a></li> <li><strong>directives</strong>: Constrain include targets - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/1bef343"><!-- raw HTML omitted -->(1bef3)<!-- raw HTML omitted --></a></li> <li><strong>formatting</strong>: Avoid quadratic marker scans - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/96d0f57"><!-- raw HTML omitted -->(96d0f)<!-- raw HTML omitted --></a></li> <li><strong>image</strong>: Validate figure width option - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/e3e51de"><!-- raw HTML omitted -->(e3e51)<!-- raw HTML omitted --></a></li> <li><strong>inline</strong>: Avoid bracket parsing DoS - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/25f2503"><!-- raw HTML omitted -->(25f25)<!-- raw HTML omitted --></a></li> <li><strong>math</strong>: Reject currency patterns and cross-line matches in inline math - by <a href="https://github.com/geopanther"><code>@geopanther</code></a> <a href="https://github.com/lepture/mistune/commit/566e173"><!-- raw HTML omitted -->(566e1)<!-- raw HTML omitted --></a></li> <li><strong>math</strong>: Support display and backtick math - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/1141eec"><!-- raw HTML omitted -->(1141e)<!-- raw HTML omitted --></a></li> <li><strong>renderer</strong>: Render plugin list and table nodes - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/614b019"><!-- raw HTML omitted -->(614b0)<!-- raw HTML omitted --></a></li> <li><strong>renderer</strong>: Block encoded unsafe URL schemes - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/c7101fc"><!-- raw HTML omitted -->(c7101)<!-- raw HTML omitted --></a></li> <li><strong>toc</strong>: Avoid generated id collisions - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/c4093c4"><!-- raw HTML omitted -->(c4093)<!-- raw HTML omitted --></a></li> </ul> <h3> 🏎 Performance</h3> <ul> <li>Improve performance - by <a href="https://github.com/lepture"><code>@lepture</code></a> <a href="https://github.com/lepture/mistune/commit/bf95c32"><!-- raw HTML omitted -->(bf95c)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/lepture/mistune/compare/v3.2.1...v3.3.0">View changes on GitHub</a></h5> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/lepture/mistune/blob/main/docs/changes.rst">mistune's changelog</a>.</em></p> <blockquote> <h2>Version 3.3.0</h2> <p><strong>Released on Jun 21, 2026</strong></p> <ul> <li>Improve CommonMark compatibility and parser performance.</li> <li>Add command line entrypoint with UTF-8 output.</li> <li>Support display and backtick math.</li> <li>Render plugin list and table nodes in Markdown renderer.</li> <li>Escape leading block markers in Markdown renderer.</li> <li>Fix RST renderer for block quotes nested in lists.</li> <li>Avoid generated heading ID collisions in TOC.</li> <li>Harden URL, image, figure, and include directive handling.</li> <li>Fix quadratic scans in inline links, reference links, and formatting markers.</li> <li>Fix math escaping, currency pattern matching, and cross-line matching.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lepture/mistune/commit/15c3b79325125272263d7d42492ec8f757447191"><code>15c3b79</code></a> chore: release 3.3.0</li> <li><a href="https://github.com/lepture/mistune/commit/bdc01ade171c7c2cd1099e2531ddf8c275a2f64c"><code>bdc01ad</code></a> tests: increase run time on pypy</li> <li><a href="https://github.com/lepture/mistune/commit/7cf181483e6201184bcecdbae13225d45ebab4c4"><code>7cf1814</code></a> tests: increase run time for pypy</li> <li><a href="https://github.com/lepture/mistune/commit/6dfdc3dae490c7a21499ff1063f4dd9b7357d4c5"><code>6dfdc3d</code></a> tests: add more tests</li> <li><a href="https://github.com/lepture/mistune/commit/17c50f6c0572027c1dad2c2501e7c97cea0b0b43"><code>17c50f6</code></a> chore: fix mypy issues</li> <li><a href="https://github.com/lepture/mistune/commit/63abe4b8e9adccc711c953e6727400ee7ba1084c"><code>63abe4b</code></a> chore: use ruff check and format</li> <li><a href="https://github.com/lepture/mistune/commit/e6c1b184461beab8887c7375621c64dffaf652c5"><code>e6c1b18</code></a> chore: resolve mypy issues</li> <li><a href="https://github.com/lepture/mistune/commit/dcf89020c1ee697b2267387064b3e4580e0b83c5"><code>dcf8902</code></a> test(math): cover escaped math output</li> <li><a href="https://github.com/lepture/mistune/commit/c4093c4742ed0d10d9332fb8edb455869b7b581b"><code>c4093c4</code></a> fix(toc): avoid generated id collisions</li> <li><a href="https://github.com/lepture/mistune/commit/e3e51de9cf0a72dc30191248dccf22087c57f046"><code>e3e51de</code></a> fix(image): validate figure width option</li> <li>Additional commits viewable in <a href="https://github.com/lepture/mistune/compare/v3.2.1...v3.3.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
fb274a9ab4 |
chore(model-profiles): refresh model profile data (#38821)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the [`refresh_model_profiles` workflow](https://github.com/langchain-ai/langchain/blob/master/.github/workflows/refresh_model_profiles.yml). ## Summary of changes **0 added · 0 removed · 5 changed** across 2 provider(s). <details> <summary>huggingface</summary> **✏️ 1 changed** - `stepfun-ai/Step-3.7-Flash`: added video input </details> <details> <summary>openrouter</summary> **✏️ 4 changed** - `google/gemini-3-pro-image`: last updated `2026-06-18` → `2026-05-28`; display name `Nano Banana Pro (Gemini 3 Pro Image)` → `Nano Banana Pro`; release date `2026-06-18` → `2026-05-28` - `google/gemini-3.1-flash-image`: last updated `2026-06-18` → `2026-05-28`; display name `Nano Banana 2 (Gemini 3.1 Flash Image)` → `Nano Banana 2`; release date `2026-06-18` → `2026-05-28` - `z-ai/glm-4.6`: max input tokens 202,752 → 200,000; max output tokens 131,072 → 16,384 - `z-ai/glm-5.2`: max output tokens 128,000 → 131,072 </details> Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
233e02a822 |
chore(model-profiles): refresh model profile data (#38810)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the [`refresh_model_profiles` workflow](https://github.com/langchain-ai/langchain/blob/master/.github/workflows/refresh_model_profiles.yml). ## Summary of changes **0 added · 1 removed · 1 changed** across 1 provider(s). ### openrouter **➖ 1 removed** - `meta-llama/llama-3-8b-instruct` **✏️ 1 changed** - `z-ai/glm-5.2`: max output tokens 131,072 → 128,000 Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
a8fd0da2b7 |
chore(model-profiles): refresh model profile data (#38797)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the [`refresh_model_profiles` workflow](https://github.com/langchain-ai/langchain/blob/master/.github/workflows/refresh_model_profiles.yml). ## Summary of changes **1 added · 1 removed · 2 changed** across 2 provider(s). <details> <summary>openai</summary> **➕ 1 added** - `gpt-realtime-2.1` — 128,000 ctx, 32,000 out, text+image+audio+pdf in, reasoning, tools </details> <details> <summary>openrouter</summary> **➖ 1 removed** - `arcee-ai/trinity-mini` **✏️ 2 changed** - `deepseek/deepseek-v4-flash`: max output tokens 65,536 → 384,000 - `z-ai/glm-5.2`: max output tokens 101,376 → 131,072 </details> Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
42f8f79293 | release(langchain): 1.3.13 (#38787) langchain==1.3.13 | ||
|
|
7327e84d6f |
feat(langchain): add meta extra and support langchain-meta in init_chat_model (#38786)
|
||
|
|
1c6bfc8f60 |
release(openai): 1.3.5 (#38785)
Prepared with AI-agent assistance.langchain-openai==1.3.5 |
||
|
|
4717cfc83b |
feat(openai): support explicit prompt caching (#38762)
`ChatOpenAI` now supports OpenAI explicit prompt-cache options and content-block breakpoints, and exposes cache-write token counts through `input_token_details["cache_creation"]`. [(Docs)](https://developers.openai.com/api/docs/guides/prompt-caching?prompt-cache-api=responses#prompt-cache-breakpoints) --- OpenAI users can now configure explicit prompt caching through `ChatOpenAI` without cache controls being dropped when messages are converted for the Responses API. The change preserves `prompt_cache_breakpoint` on text, image, and file content blocks; forwards request-level cache options and legacy retention settings; and reports `cache_write_tokens` as `cache_creation` usage metadata, including priority and flex service-tier variants. It also raises the minimum OpenAI SDK version to 2.45.0 so the integration can rely on the SDK's current prompt-caching schemas instead of compatibility normalization. --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> |
||
|
|
2f527debdd |
chore(model-profiles): refresh model profile data (#38774)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the [`refresh_model_profiles` workflow](https://github.com/langchain-ai/langchain/blob/master/.github/workflows/refresh_model_profiles.yml). ## Summary of changes **11 added · 4 removed · 44 changed** across 2 provider(s). <details> <summary>openai</summary> **➕ 4 added** - `gpt-5.6` — 1,050,000 ctx, 128,000 out, text+image+pdf in, reasoning, tools - `gpt-5.6-luna` — 1,050,000 ctx, 128,000 out, text+image+pdf in, reasoning, tools - `gpt-5.6-sol` — 1,050,000 ctx, 128,000 out, text+image+pdf in, reasoning, tools - `gpt-5.6-terra` — 1,050,000 ctx, 128,000 out, text+image+pdf in, reasoning, tools </details> <details> <summary>openrouter</summary> **➕ 7 added** - `cognitivecomputations/dolphin-mistral-24b-venice-edition` — 128,000 ctx, 8,192 out - `openai/gpt-5.6-luna` — 1,050,000 ctx, 128,000 out, text+image+pdf in, reasoning, tools - `openai/gpt-5.6-luna-pro` — 1,050,000 ctx, 128,000 out, text+image+pdf in, reasoning, tools - `openai/gpt-5.6-sol` — 1,050,000 ctx, 128,000 out, text+image+pdf in, reasoning, tools - `openai/gpt-5.6-sol-pro` — 1,050,000 ctx, 128,000 out, text+image+pdf in, reasoning, tools - `openai/gpt-5.6-terra` — 1,050,000 ctx, 128,000 out, text+image+pdf in, reasoning, tools - `openai/gpt-5.6-terra-pro` — 1,050,000 ctx, 128,000 out, text+image+pdf in, reasoning, tools **➖ 4 removed** - `google/gemini-2.5-flash-lite-preview-09-2025` - `liquid/lfm-2-24b-a2b` - `poolside/laguna-xs.2` - `poolside/laguna-xs.2:free` **✏️ 44 changed** - `anthracite-org/magnum-v4-72b`: max input tokens 16,384 → 32,768 - `baidu/ernie-4.5-vl-424b-a47b`: max input tokens 123,000 → 131,072 - `deepseek/deepseek-chat`: max input tokens 128,000 → 131,072 - `deepseek/deepseek-r1`: max input tokens 64,000 → 163,840 - `deepseek/deepseek-r1-distill-llama-70b`: max input tokens 8,192 → 128,000 - `deepseek/deepseek-v3.2`: max input tokens 128,000 → 131,072 - `google/gemini-3.1-pro-preview-customtools`: max input tokens 1,048,576 → 1,048,756 - `google/gemma-4-26b-a4b-it:free`: max input tokens 131,072 → 262,144 - `meta-llama/llama-3.2-1b-instruct`: max input tokens 60,000 → 131,072 - `meta-llama/llama-3.3-70b-instruct:free`: max input tokens 65,536 → 131,072 - `meta-llama/llama-4-scout`: max input tokens 327,680 → 10,000,000 - `microsoft/wizardlm-2-8x22b`: max input tokens 65,535 → 65,536 - `minimax/minimax-m2.5`: max input tokens 196,608 → 204,800 - `minimax/minimax-m2.7`: max input tokens 196,608 → 204,800 - `minimax/minimax-m3`: max input tokens 524,288 → 1,048,576; max output tokens 512,000 → 131,072 - `moonshotai/kimi-k2.5`: max input tokens 256,000 → 262,144 - `moonshotai/kimi-k2.7-code`: max output tokens 16,384 → 262,144 - `nvidia/nemotron-3-super-120b-a12b`: max input tokens 262,144 → 1,000,000 - `nvidia/nemotron-3-super-120b-a12b:free`: max input tokens 262,144 → 1,000,000 - `nvidia/nemotron-3-ultra-550b-a55b`: max input tokens 262,144 → 1,000,000 - `poolside/laguna-m.1`: last updated `2026-04-28` → `2026-06-13` - `poolside/laguna-m.1:free`: last updated `2026-04-28` → `2026-06-13` - `qwen/qwen-2.5-72b-instruct`: max input tokens 32,768 → 131,072 - `qwen/qwen-2.5-7b-instruct`: max input tokens 32,768 → 131,072 - `qwen/qwen-2.5-coder-32b-instruct`: max input tokens 32,768 → 128,000 - …and 19 more </details> Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
a07356f839 | fix(anthropic): add advisor_ prefix to builtin tool recognition (#38686) | ||
|
|
8107ff4065 | release(fireworks): 1.4.4 (#38753) langchain-fireworks==1.4.4 | ||
|
|
ea24fb1e13 |
fix(fireworks): report cached prompt token usage (#38751)
Closes #38648 `langchain-fireworks` now reports Fireworks cached prompt tokens in `AIMessage.usage_metadata.input_token_details.cache_read` and no longer crashes when combining nested token usage from batched `generate()` calls. --- Fireworks can return nested token usage details when prompt caching is involved, including cached prompt token counts. Batched `generate()` calls were crashing when those nested dictionaries were combined, and regular chat results did not expose the cached-token breakdown in the standard LangChain usage metadata shape. This updates `ChatFireworks` so nested token usage is merged safely and cached prompt tokens are reported as `input_token_details.cache_read`. Users and downstream tracing systems can now distinguish cached Fireworks input tokens from regular input tokens instead of treating the full prompt as uncached input. Thanks to @abcgco for the original report and recursive merge fix in #38646, and to @abhi-0203 for independently identifying the same nested `token_usage` failure in #38735. This PR builds on that work by using the recursive merge approach and extending the fix to normalize cached prompt tokens into standard usage metadata for tracing and cost reporting. Co-authored-by: Andrei Boldyrev <abcgco@gmail.com> |
||
|
|
a4294f9a39 | chore(deps): refresh lockfiles (#38746) | ||
|
|
d73ba5b70b |
chore(model-profiles): refresh model profile data (#38739)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the [`refresh_model_profiles` workflow](https://github.com/langchain-ai/langchain/blob/master/.github/workflows/refresh_model_profiles.yml). ## Summary of changes **3 added · 1 removed · 4 changed** across 2 provider(s). <details> <summary>openrouter</summary> **➕ 2 added** - `x-ai/grok-4.5` — 500,000 ctx, 500,000 out, text+image+pdf in, reasoning, tools - `~x-ai/grok-latest` — 500,000 ctx, 1,000,000 out, text+image+pdf in, reasoning, tools **➖ 1 removed** - `switchpoint/router` **✏️ 4 changed** - `deepseek/deepseek-v4-flash`: max output tokens 16,384 → 65,536 - `tencent/hy3`: max input tokens 202,752 → 262,144 - `x-ai/grok-build-0.1`: added PDF input - `z-ai/glm-5.2`: max output tokens 32,768 → 1,048,576 </details> <details> <summary>xai</summary> **➕ 1 added** - `grok-4.5` — 500,000 ctx, 500,000 out, text+image+pdf in, reasoning, tools </details> Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
bc1540084b | release(openai): 1.3.4 (#38731) langchain-openai==1.3.4 | ||
|
|
123d83282a | release(langchain): 1.3.12 (#38730) langchain==1.3.12 | ||
|
|
fa0114511b | fix(openai): suppress Pydantic serializer warning on structured output parsed field (#37727) | ||
|
|
af3de98c4a |
docs(infra): clarify uv.lock step in release process guide (#38729)
## What
The release process guide in `AGENTS.md` and `CLAUDE.md` instructs the
reader to "keep only the package-version line if `uv lock` touches
unrelated entries." This is vague — it doesn't explain *why* unrelated
entries appear or *what* the offending lines look like.
## Why
When you bump a package's version in `pyproject.toml` and run `uv lock`
from the package directory, the lockfile diff can include unrelated
changes such as environment-dependent marker lines (e.g.
`typing-extensions` losing a `python_full_version < '3.11'` marker)
caused by a different local Python version resolving the environment.
These are artifacts of the machine running the lock, not intentional
dependency changes, and should not be committed.
## Change
Replaced the vague instruction with a precise one:
> `uv.lock` — run `uv lock` from the package directory. If the diff
includes unrelated changes (e.g. environment-dependent marker lines from
a different local Python version), revert them and keep only the
`version = "..."` line for the package being released
This came up during the langchain-core/langchain release on July 8,
where the original instruction was flagged as questionable and traced
back via git blame to commit
|
||
|
|
1c3a4186cf | release(core): 1.4.9 (#38728) langchain-core==1.4.9 | ||
|
|
1619f3d3d0 | chore(standard-tests): fix some typings detected by ty (#38707) | ||
|
|
a6f0369eca |
chore(qdrant): bump fastembed to latest (#38726)
This PR updates the optional `fastembed` dependency in `langchain-qdrant` to the latest version (`0.8.0`). This also removes the temporary Pillow override that was needed for `fastembed@0.7.x`, since the new release no longer caps Pillow below the patched version. |
||
|
|
fca0a977a6 | fix(langchain): propagate interrupts through ToolRetryMiddleware (#38722) | ||
|
|
874bada42f |
chore(model-profiles): refresh model profile data (#38712)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the [`refresh_model_profiles` workflow](https://github.com/langchain-ai/langchain/blob/master/.github/workflows/refresh_model_profiles.yml). ## Summary of changes **2 added · 2 removed · 6 changed** across 1 provider(s). ### openrouter **➕ 2 added** - `aion-labs/aion-3.0` — 131,072 ctx, 32,768 out, reasoning, tools - `aion-labs/aion-3.0-mini` — 131,072 ctx, 32,768 out, reasoning, tools **➖ 2 removed** - `aion-labs/aion-1.0` - `aion-labs/aion-1.0-mini` **✏️ 6 changed** - `aion-labs/aion-2.0`: added tool calling - `anthropic/claude-opus-4.8`: added temperature control - `nex-agi/nex-n2-pro`: added tool calling - `thedrummer/rocinante-12b`: max input tokens 32,768 → 65,536; max output tokens 32,768 → 65,536; added structured output - `z-ai/glm-5.2`: max output tokens 131,072 → 32,768 - `~anthropic/claude-opus-latest`: added temperature control Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
6e51a7e48b |
chore(model-profiles): refresh model profile data (#38699)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the [`refresh_model_profiles` workflow](https://github.com/langchain-ai/langchain/blob/master/.github/workflows/refresh_model_profiles.yml). ## Summary of changes **4 added · 0 removed · 1 changed** across 2 provider(s). <details> <summary>huggingface</summary> **➕ 1 added** - `openai/gpt-oss-20b` — 131,072 ctx, 32,768 out, reasoning, tools </details> <details> <summary>openrouter</summary> **➕ 3 added** - `nex-agi/nex-n2-mini` — 262,144 ctx, 262,144 out, text+image in, reasoning, tools - `tencent/hy3` — 202,752 ctx, 131,072 out, reasoning, tools - `tencent/hy3:free` — 262,144 ctx, 262,144 out, reasoning, tools **✏️ 1 changed** - `meta-llama/llama-3.2-3b-instruct`: max input tokens 80,000 → 131,072; max output tokens 80,000 → 131,072; added structured output </details> Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> |
||
|
|
2d8100c4fa |
fix(langchain-classic): fix Chain.save() regression from dict-to-model_dump migration (#35667)
Fixes #35665 --- Fixes a regression introduced in #33035 where `Chain.save()` stopped working for chain types that support saving, including `LLMChain`. `Chain.save()` now calls `self.model_dump()`, but the `_type` injection still lived in the deprecated `dict()` override. As a result, serialized chains no longer included `_type`, and `save()` always raised the "does not support saving" error. This moves the override to `model_dump()` so saved chain output includes `_type` again. Pydantic v2's `dict()` method delegates to `model_dump()`, so existing `dict()` callers continue to get the same serialized shape. |
||
|
|
b08c3913fb |
test(openai): skip Codex VCR tests before cassette setup (#38690)
Codex integration tests need to be skipped in CI whenever VCR is not in playback mode, but the setup-time skip ran too late: `pytest-recording` could already try to open a cassette and hit the missing on-disk OAuth token first. Moving the skip to collection time marks the matching Codex tests before cassette setup while keeping the existing VCR-token fake for playback runs. ## Changes - Add a `pytest_collection_modifyitems` hook that marks Codex chat-model integration tests as skipped in CI unless VCR is replaying existing cassettes. - Scope collection-time matching to the local chat-model integration-test directory so same-named modules collected elsewhere are not skipped accidentally. - Keep the OAuth-token fake path active for VCR playback by preserving `_fake_codex_oauth_token` behavior when `record_mode` is `none`. |
||
|
|
83386b56e1 |
chore(model-profiles): refresh model profile data (#38689)
Automated refresh of model profile data for all in-monorepo partner integrations via `langchain-profiles refresh`. 🤖 Generated by the [`refresh_model_profiles` workflow](https://github.com/langchain-ai/langchain/blob/master/.github/workflows/refresh_model_profiles.yml). ## Summary of changes **0 added · 10 removed · 12 changed** across 2 provider(s). <details> <summary>anthropic</summary> **➖ 10 removed** - `claude-3-5-sonnet-20240620` - `claude-3-5-sonnet-20241022` - `claude-3-7-sonnet-20250219` - `claude-3-haiku-20240307` - `claude-3-opus-20240229` - `claude-3-sonnet-20240229` - `claude-opus-4-0` - `claude-opus-4-20250514` - `claude-sonnet-4-0` - `claude-sonnet-4-20250514` **✏️ 10 changed** - `claude-fable-5`: release date `2026-06-09` → `2026-06-07` - `claude-opus-4-1`: status unset → `deprecated` - `claude-opus-4-1-20250805`: status unset → `deprecated` - `claude-opus-4-5-20251101`: release date `2025-11-01` → `2025-11-24` - `claude-opus-4-6`: release date `2026-02-05` → `2026-02-04` - `claude-opus-4-7`: release date `2026-04-16` → `2026-04-14` - `claude-sonnet-4-5`: max input tokens 200,000 → 1,000,000 - `claude-sonnet-4-5-20250929`: max input tokens 200,000 → 1,000,000 - `claude-sonnet-4-6`: max output tokens 64,000 → 128,000 - `claude-sonnet-5`: release date `2026-06-30` → `2026-06-29` </details> <details> <summary>openrouter</summary> **✏️ 2 changed** - `openai/gpt-oss-20b`: display name `gpt-oss-20b` → `GPT OSS 20B` - `z-ai/glm-5.2`: max input tokens 1,024,000 → 1,048,576; max output tokens 128,000 → 131,072 </details> --------- Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com> Co-authored-by: Mason Daugherty <github@mdrxy.com> |
||
|
|
701cc0e6bb |
test(deps): Include Python 3.14 in integration test matrix (#34993)
Relates to #34441 Adds Python 3.14 to integration test matrix, hoping to contribute to the official support of Python 3.14 --------- Co-authored-by: Mason Daugherty <github@mdrxy.com> |
||
|
|
a586e9044c |
fix(langchain): avoid shared process-group kill in shell middleware (#36359)
Fixes #36358 --- **Summary** This PR fixes a process termination safety bug in ShellToolMiddleware where cleanup could kill the caller process group when create_process_group is False. **Why this change** When the shell child is started without a dedicated process group, it can share the parent group. The existing cleanup path used group kill unconditionally, which could terminate unrelated processes including the caller. This is a high-impact availability risk. **What changed** Updated shell session kill logic to use group kill only when the child is in a different process group than the caller. Added safe fallback to child-only kill when both share the same process group. Added regression tests for both scenarios: Shared process group: no group kill, child-only kill. Dedicated process group: existing group kill behavior is preserved. **Validation** Targeted new tests passed. Full shell tool unit test file passed. AI assistance disclosure This contribution was prepared with assistance from an AI coding agent. I reviewed, validated, and finalized the proposed changes and test coverage before submission. **Areas for careful review** Process-group detection behavior on Linux and other POSIX environments. Any implications for existing timeout and shutdown flows in shell middleware. Whether additional integration-level coverage is desirable for process cleanup behavior. --------- Co-authored-by: Mason Daugherty <github@mdrxy.com> |
||
|
|
fd822b07c0 |
fix(text-splitters): restore lazy imports for heavy optional dependencies (#35469)
## Summary - Moves `nltk`, `spacy`, `sentence-transformers`, and `konlpy` imports back inside class constructors/functions so they are only loaded when the respective splitter is actually instantiated - Adds a subprocess-based regression test to verify no heavy packages are imported at `langchain_text_splitters` load time ## Why PR #32325 moved these optional dependency imports to module-level `try/except` blocks (to satisfy ruff's `PLC0415` rule). Since `__init__.py` imports all four splitter modules, this caused `import langchain_text_splitters` to eagerly load all optional heavy packages, resulting in: - A PyTorch NVML warning (`UserWarning: Can't initialize NVML`) on non-GPU machines - A ~650MB memory spike on import (74MB → 736MB), vs ~50MB in 0.3.x The fix restores the lazy import pattern with `# noqa: PLC0415` to suppress the linter rule, which is the correct trade-off when a dependency has high instantiation cost. ## Review notes - The `PLC0415` suppressions are intentional — these are optional heavy dependencies that should never be loaded unless the user explicitly instantiates the splitter class - The regression test uses a subprocess for proper isolation (the test file itself imports `langchain_text_splitters` at the top, so `sys.modules` checks within the same process would not reflect a clean import state) Fixes #35437. > **AI disclaimer:** This PR was developed with assistance from Claude Code (Anthropic AI). --------- Co-authored-by: AshwathB-debug <ashwathbalaji04@gmail.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Mason Daugherty <github@mdrxy.com> |
||
|
|
1840b73209 |
fix(core): improve langsmith loader error messages (#35648)
`LangSmithLoader.lazy_load()` now raises a `ValueError` with a descriptive message when a configured `content_key` cannot be resolved against an example's inputs — whether a key along the path is missing or the path runs into a non-mapping value. Previously the missing-key case raised a bare `KeyError` and the non-mapping case raised a `TypeError`, depending on the payload. Callers that caught `KeyError` or `TypeError` around `lazy_load()` to detect a misconfigured `content_key` should now catch `ValueError`. --- Improve `LangSmithLoader` error handling by surfacing clearer exceptions for conflicting client configuration and invalid nested `content_key` paths. Valid loader behavior is unchanged; this only improves invalid-input diagnostics. When a `content_key` cannot be resolved against an example's inputs, `lazy_load()` now raises a `ValueError` whose message names the full path, the offending key, and where traversal stopped — instead of a bare `KeyError` (missing key) or an opaque `TypeError` (path running into a non-mapping value, e.g. a leaf string). --------- Co-authored-by: Divy Yadav <yadavdipu296@gmai.com> Co-authored-by: Mason Daugherty <github@mdrxy.com> Co-authored-by: Mason Daugherty <mason@langchain.dev> |