mirror of
https://github.com/langchain-ai/langchain-milvus.git
synced 2026-07-01 19:54:58 -04:00
main
86 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
25279f788c |
Bump the pip group across 1 directory with 2 updates (#135)
Bumps the pip group with 2 updates in the /libs/milvus directory: [langsmith](https://github.com/langchain-ai/langsmith-sdk) and [python-dotenv](https://github.com/theskumar/python-dotenv). Updates `langsmith` from 0.7.7 to 0.7.31 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's releases</a>.</em></p> <blockquote> <h2>v0.7.31</h2> <h2>What's Changed</h2> <ul> <li>chore(deps-dev): bump langchain-core from 1.2.23 to 1.2.28 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2692">langchain-ai/langsmith-sdk#2692</a></li> <li>chore(deps-dev): bump <code>@anthropic-ai/sdk</code> from 0.82.0 to 0.84.0 in /js by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2684">langchain-ai/langsmith-sdk#2684</a></li> <li>chore(deps): bump cryptography from 46.0.6 to 46.0.7 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2693">langchain-ai/langsmith-sdk#2693</a></li> <li>chore(deps-dev): bump <code>@anthropic-ai/sdk</code> from 0.84.0 to 0.85.0 in /js by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2700">langchain-ai/langsmith-sdk#2700</a></li> <li>feat(py): Tag OpenAI Agent Python SDK runs with ls_agent_type by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2699">langchain-ai/langsmith-sdk#2699</a></li> <li>feat(js): Adds ls_agent_type metadata to AI SDK runs by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2701">langchain-ai/langsmith-sdk#2701</a></li> <li>chore(deps-dev): bump types-tqdm from 4.67.3.20260303 to 4.67.3.20260408 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2710">langchain-ai/langsmith-sdk#2710</a></li> <li>chore(deps): bump pnpm/action-setup from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2705">langchain-ai/langsmith-sdk#2705</a></li> <li>chore(deps): bump the py-minor-and-patch group across 1 directory with 10 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2711">langchain-ai/langsmith-sdk#2711</a></li> <li>chore(deps-dev): bump <code>@anthropic-ai/sdk</code> from 0.85.0 to 0.86.0 in /js by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2702">langchain-ai/langsmith-sdk#2702</a></li> <li>chore(deps): bump actions/github-script from 8 to 9 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2706">langchain-ai/langsmith-sdk#2706</a></li> <li>chore(deps-dev): bump the js-minor-and-patch group across 1 directory with 7 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2712">langchain-ai/langsmith-sdk#2712</a></li> <li>chore(deps-dev): bump types-psutil from 7.2.2.20260130 to 7.2.2.20260408 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2709">langchain-ai/langsmith-sdk#2709</a></li> <li>chore(deps-dev): bump rich from 14.3.3 to 15.0.0 in /python by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2708">langchain-ai/langsmith-sdk#2708</a></li> <li>feat: Filter kwargs from new token events by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2714">langchain-ai/langsmith-sdk#2714</a></li> <li>release(py): 0.7.31 by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2716">langchain-ai/langsmith-sdk#2716</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.30...v0.7.31">https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.30...v0.7.31</a></p> <h2>v0.7.30</h2> <h2>What's Changed</h2> <ul> <li>feat(python): add service feature to sandbox by <a href="https://github.com/DanielKneipp"><code>@DanielKneipp</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2665">langchain-ai/langsmith-sdk#2665</a></li> <li>fix(js): Fix prototype pollution bug in anonymizers by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2690">langchain-ai/langsmith-sdk#2690</a></li> <li>release(js): 0.5.18 by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2691">langchain-ai/langsmith-sdk#2691</a></li> <li>chore(js/sandbox): suppress warning log by <a href="https://github.com/hntrl"><code>@hntrl</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2694">langchain-ai/langsmith-sdk#2694</a></li> <li>feat(js): Add metadata to Claude Agent SDK JS tracing by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2695">langchain-ai/langsmith-sdk#2695</a></li> <li>fix(py): Fix run tree memory leak by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2696">langchain-ai/langsmith-sdk#2696</a></li> <li>release(py): 0.7.30 by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2698">langchain-ai/langsmith-sdk#2698</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.29...v0.7.30">https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.29...v0.7.30</a></p> <h2>v0.7.29</h2> <h2>What's Changed</h2> <ul> <li>release(js): 0.5.17 by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2681">langchain-ai/langsmith-sdk#2681</a></li> <li>feat(py): Fix race condition around Claude Agent SDK instrumentation by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2685">langchain-ai/langsmith-sdk#2685</a></li> <li>release(py): 0.7.29 by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2686">langchain-ai/langsmith-sdk#2686</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.28...v0.7.29">https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.28...v0.7.29</a></p> <h2>v0.7.28</h2> <h2>What's Changed</h2> <ul> <li>feat(py): Support subagent tracing in Claude Agents SDK, fix usage and duplicate messages by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2670">langchain-ai/langsmith-sdk#2670</a></li> <li>chore(deps-dev): bump the py-minor-and-patch group across 1 directory with 11 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2677">langchain-ai/langsmith-sdk#2677</a></li> <li>chore(deps-dev): bump the js-minor-and-patch group across 1 directory with 8 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2667">langchain-ai/langsmith-sdk#2667</a></li> <li>chore(deps): bump pnpm/action-setup from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2658">langchain-ai/langsmith-sdk#2658</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/c434999d05c00334efeba88b8bbd2de9f3afbef6"><code>c434999</code></a> release(py): 0.7.31 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2716">#2716</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/47d7c4a783333e716395d802e7632f1f1b4744d3"><code>47d7c4a</code></a> feat: Filter kwargs from new token events (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2714">#2714</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/3c57445b543c9a2f86db52024ea2c998bfc2ffab"><code>3c57445</code></a> chore(deps-dev): bump rich from 14.3.3 to 15.0.0 in /python (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2708">#2708</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/2be6cd01a2b6e35e811488d3561e7b0b57b06f63"><code>2be6cd0</code></a> chore(deps-dev): bump types-psutil from 7.2.2.20260130 to 7.2.2.20260408 in /...</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/b8b6ca32d43c919c07a4e13c99a83bcaab8accb0"><code>b8b6ca3</code></a> chore(deps-dev): bump the js-minor-and-patch group across 1 directory with 7 ...</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/9897cb33da7698291637f268edd833ca3e1adde6"><code>9897cb3</code></a> chore(deps): bump actions/github-script from 8 to 9 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2706">#2706</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/572c0184285747e027a796e03ea6c9ba171e09a6"><code>572c018</code></a> chore(deps-dev): bump <code>@anthropic-ai/sdk</code> from 0.85.0 to 0.86.0 in /js (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2702">#2702</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/57447524c88b6bba2775161aa449da32fb8e5c42"><code>5744752</code></a> chore(deps): bump the py-minor-and-patch group across 1 directory with 10 upd...</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/960cae7f490e9ccbe428e6b56c8047bdb7b942a5"><code>960cae7</code></a> chore(deps): bump pnpm/action-setup from 5 to 6 (<a href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2705">#2705</a>)</li> <li><a href="https://github.com/langchain-ai/langsmith-sdk/commit/9370e7670abf7f8f9a36fbb72250bcfd2f91e7c6"><code>9370e76</code></a> chore(deps-dev): bump types-tqdm from 4.67.3.20260303 to 4.67.3.20260408 in /...</li> <li>Additional commits viewable in <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.7...v0.7.31">compare view</a></li> </ul> </details> <br /> Updates `python-dotenv` from 1.2.1 to 1.2.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/theskumar/python-dotenv/releases">python-dotenv's releases</a>.</em></p> <blockquote> <h2>v1.2.2</h2> <h3>Added</h3> <ul> <li>Support for Python 3.14, including the free-threaded (3.14t) build. (#)</li> </ul> <h3>Changed</h3> <ul> <li>The <code>dotenv run</code> command now forwards flags directly to the specified command by <a href="https://github.com/bbc2"><code>@bbc2</code></a> in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/607">theskumar/python-dotenv#607</a></li> <li>Improved documentation clarity regarding override behavior and the reference page.</li> <li>Updated PyPy support to version 3.11.</li> <li>Documentation for FIFO file support.</li> <li>Support for Python 3.9.</li> </ul> <h3>Fixed</h3> <ul> <li>Improved <code>set_key</code> and <code>unset_key</code> behavior when interacting with symlinks by <a href="https://github.com/bbc2"><code>@bbc2</code></a> in <a href="https://github.com/theskumar/python-dotenv/commit/790c5c02991100aa1bf41ee5330aca75edc51311">#790c5</a></li> <li>Corrected the license specifier and added missing Python 3.14 classifiers in package metadata by <a href="https://github.com/JYOuyang"><code>@JYOuyang</code></a> in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/590">theskumar/python-dotenv#590</a></li> </ul> <h3>Breaking Changes</h3> <ul> <li> <p><code>dotenv.set_key</code> and <code>dotenv.unset_key</code> used to follow symlinks in some situations. This is no longer the case. For that behavior to be restored in all cases, <code>follow_symlinks=True</code> should be used.</p> </li> <li> <p>In the CLI, <code>set</code> and <code>unset</code> used to follow symlinks in some situations. This is no longer the case.</p> </li> <li> <p><code>dotenv.set_key</code>, <code>dotenv.unset_key</code> and the CLI commands <code>set</code> and <code>unset</code> used to reset the file mode of the modified .env file to <code>0o600</code> in some situations. This is no longer the case: The original mode of the file is now preserved. Is the file needed to be created or wasn't a regular file, mode <code>0o600</code> is used.</p> </li> </ul> <h3>Misc</h3> <ul> <li>skip 000 permission tests for root user by <a href="https://github.com/burnout-projects"><code>@burnout-projects</code></a> in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/561">theskumar/python-dotenv#561</a></li> <li>Bump actions/checkout from 5 to 6 in the github-actions group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/593">theskumar/python-dotenv#593</a></li> <li>Add Windows testing to CI by <a href="https://github.com/bbc2"><code>@bbc2</code></a> in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/604">theskumar/python-dotenv#604</a></li> <li>Improve workflow efficiency with best practices by <a href="https://github.com/theskumar"><code>@theskumar</code></a> in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/609">theskumar/python-dotenv#609</a></li> <li>Remove the use of <code>sh</code> in tests by <a href="https://github.com/bbc2"><code>@bbc2</code></a> in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/612">theskumar/python-dotenv#612</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/JYOuyang"><code>@JYOuyang</code></a> made their first contribution in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/590">theskumar/python-dotenv#590</a></li> <li><a href="https://github.com/burnout-projects"><code>@burnout-projects</code></a> made their first contribution in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/561">theskumar/python-dotenv#561</a></li> <li><a href="https://github.com/cpackham-atlnz"><code>@cpackham-atlnz</code></a> made their first contribution in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/597">theskumar/python-dotenv#597</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2">https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md">python-dotenv's changelog</a>.</em></p> <blockquote> <h2>[1.2.2] - 2026-03-01</h2> <h3>Added</h3> <ul> <li>Support for Python 3.14, including the free-threaded (3.14t) build. (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/588">#588</a>)</li> </ul> <h3>Changed</h3> <ul> <li>The <code>dotenv run</code> command now forwards flags directly to the specified command by [<a href="https://github.com/bbc2"><code>@bbc2</code></a>] in <a href="https://redirect.github.com/theskumar/python-dotenv/issues/607">#607</a></li> <li>Improved documentation clarity regarding override behavior and the reference page.</li> <li>Updated PyPy support to version 3.11.</li> <li>Documentation for FIFO file support.</li> <li>Dropped Support for Python 3.9.</li> </ul> <h3>Fixed</h3> <ul> <li>Improved <code>set_key</code> and <code>unset_key</code> behavior when interacting with symlinks by [<a href="https://github.com/bbc2"><code>@bbc2</code></a>] in [790c5c0]</li> <li>Corrected the license specifier and added missing Python 3.14 classifiers in package metadata by [<a href="https://github.com/JYOuyang"><code>@JYOuyang</code></a>] in <a href="https://redirect.github.com/theskumar/python-dotenv/issues/590">#590</a></li> </ul> <h3>Breaking Changes</h3> <ul> <li> <p><code>dotenv.set_key</code> and <code>dotenv.unset_key</code> used to follow symlinks in some situations. This is no longer the case. For that behavior to be restored in all cases, <code>follow_symlinks=True</code> should be used.</p> </li> <li> <p>In the CLI, <code>set</code> and <code>unset</code> used to follow symlinks in some situations. This is no longer the case.</p> </li> <li> <p><code>dotenv.set_key</code>, <code>dotenv.unset_key</code> and the CLI commands <code>set</code> and <code>unset</code> used to reset the file mode of the modified .env file to <code>0o600</code> in some situations. This is no longer the case: The original mode of the file is now preserved. Is the file needed to be created or wasn't a regular file, mode <code>0o600</code> is used.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/theskumar/python-dotenv/commit/36004e0e34be7665ff2b11a8a4005144f76f176d"><code>36004e0</code></a> Bump version: 1.2.1 → 1.2.2</li> <li><a href="https://github.com/theskumar/python-dotenv/commit/eb202520e5933c9daf42501e1e42fdb0144002c8"><code>eb20252</code></a> docs: update changelog for v1.2.2</li> <li><a href="https://github.com/theskumar/python-dotenv/commit/790c5c02991100aa1bf41ee5330aca75edc51311"><code>790c5c0</code></a> Merge commit from fork</li> <li><a href="https://github.com/theskumar/python-dotenv/commit/43340da220fb4ca4f95357bbe21a3c7f8f1278b1"><code>43340da</code></a> Remove the use of <code>sh</code> in tests (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/612">#612</a>)</li> <li><a href="https://github.com/theskumar/python-dotenv/commit/09d7cee32459e7abdcb5c9d8122a552589c06a9c"><code>09d7cee</code></a> docs: clarify override behavior and document FIFO support (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/610">#610</a>)</li> <li><a href="https://github.com/theskumar/python-dotenv/commit/c8de2887c00198c22842c5ae5e92d1747467363c"><code>c8de288</code></a> ci: improve workflow efficiency with best practices (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/609">#609</a>)</li> <li><a href="https://github.com/theskumar/python-dotenv/commit/7bd9e3dbfedc0983ad7d56d5570013035242bdf4"><code>7bd9e3d</code></a> Add Windows testing to CI (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/604">#604</a>)</li> <li><a href="https://github.com/theskumar/python-dotenv/commit/1baaf04f336072e0ee324d5df9563ec767f14f81"><code>1baaf04</code></a> Drop Python 3.9 support and update to PyPy 3.11 (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/608">#608</a>)</li> <li><a href="https://github.com/theskumar/python-dotenv/commit/4a22cf8993804aeede0c20b75bb1a29d3a99e9dc"><code>4a22cf8</code></a> ci: enable testing on Python 3.14t (free-threaded) (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/588">#588</a>)</li> <li><a href="https://github.com/theskumar/python-dotenv/commit/e2e8e776b42e382ae38b44d3982dd649e7507dd4"><code>e2e8e77</code></a> Fix license specifier (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/597">#597</a>)</li> <li>Additional commits viewable in <a href="https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain-milvus/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b7720c02c8 |
Bump transformers from 4.57.3 to 5.0.0rc3 in /libs/milvus in the pip group across 1 directory (#131)
Bumps the pip group with 1 update in the /libs/milvus directory: [transformers](https://github.com/huggingface/transformers). Updates `transformers` from 4.57.3 to 5.0.0rc3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/huggingface/transformers/releases">transformers's releases</a>.</em></p> <blockquote> <h1>Release candidate v5.0.0rc3</h1> <h2>New models:</h2> <ul> <li>[GLM-4.7] GLM-Lite Supoort by <a href="https://github.com/zRzRzRzRzRzRzR"><code>@zRzRzRzRzRzRzR</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43031">huggingface/transformers#43031</a></li> <li>[GLM-Image] AR Model Support for GLM-Image by <a href="https://github.com/zRzRzRzRzRzRzR"><code>@zRzRzRzRzRzRzR</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43100">huggingface/transformers#43100</a></li> <li>Add LWDetr model by <a href="https://github.com/sbucaille"><code>@sbucaille</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/40991">huggingface/transformers#40991</a></li> <li>Add LightOnOCR model implementation by <a href="https://github.com/baptiste-aubertin"><code>@baptiste-aubertin</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/41621">huggingface/transformers#41621</a></li> </ul> <h2>What's Changed</h2> <p>We are getting closer and closer to the official release! This RC is focused on removing more of the deprecated stuff, fixing some minors issues, doc updates.</p> <ul> <li>Update Japanese README to match English version by <a href="https://github.com/lilin-1"><code>@lilin-1</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43069">huggingface/transformers#43069</a></li> <li>[docs] Deploying by <a href="https://github.com/stevhliu"><code>@stevhliu</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/42263">huggingface/transformers#42263</a></li> <li>[docs] inference engines by <a href="https://github.com/stevhliu"><code>@stevhliu</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/42932">huggingface/transformers#42932</a></li> <li>Fix typos: Remove duplicate duplicate words words by <a href="https://github.com/efeecllk"><code>@efeecllk</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43040">huggingface/transformers#43040</a></li> <li>[style] Rework ruff rules and update all files by <a href="https://github.com/Cyrilvallez"><code>@Cyrilvallez</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43144">huggingface/transformers#43144</a></li> <li>[CB] Minor fix in kwargs by <a href="https://github.com/remi-or"><code>@remi-or</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43147">huggingface/transformers#43147</a></li> <li>[Bug] qwen2_5_omni: cap generation length to be less than the max_position_embedding in DiT by <a href="https://github.com/sniper35"><code>@sniper35</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43068">huggingface/transformers#43068</a></li> <li>Fix some deprecated practices in torch 2.9 by <a href="https://github.com/Cyrilvallez"><code>@Cyrilvallez</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43167">huggingface/transformers#43167</a></li> <li>Fix Fuyu processor width dimension bug in <code>_get_num_multimodal_tokens</code> by <a href="https://github.com/Abhinavexists"><code>@Abhinavexists</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43137">huggingface/transformers#43137</a></li> <li>Inherit from PreTrainedTokenizerBase by <a href="https://github.com/juliendenize"><code>@juliendenize</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43143">huggingface/transformers#43143</a></li> <li>Generation config boolean defaults by <a href="https://github.com/zucchini-nlp"><code>@zucchini-nlp</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43000">huggingface/transformers#43000</a></li> <li>Fix failing <code>BartModelIntegrationTest</code> by <a href="https://github.com/Sai-Suraj-27"><code>@Sai-Suraj-27</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43160">huggingface/transformers#43160</a></li> <li>fix failure of llava/pixtral by <a href="https://github.com/sywangyi"><code>@sywangyi</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/42985">huggingface/transformers#42985</a></li> <li>GemmaTokenizer: remove redundant whitespace pre-tokenizer by <a href="https://github.com/vaibhav-research"><code>@vaibhav-research</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43106">huggingface/transformers#43106</a></li> <li>Support <code>auto_doctring</code> in Processors by <a href="https://github.com/yonigozlan"><code>@yonigozlan</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/42101">huggingface/transformers#42101</a></li> <li>Fix failing <code>BitModelIntegrationTest</code> by <a href="https://github.com/Sai-Suraj-27"><code>@Sai-Suraj-27</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43164">huggingface/transformers#43164</a></li> <li>[<code>Fp8</code>] Fix experts by <a href="https://github.com/vasqu"><code>@vasqu</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43154">huggingface/transformers#43154</a></li> <li>Docs: improve wording for documentation build instructions by <a href="https://github.com/Sailnagale"><code>@Sailnagale</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43007">huggingface/transformers#43007</a></li> <li>[makefile] Cleanup and improve the rules by <a href="https://github.com/Cyrilvallez"><code>@Cyrilvallez</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43171">huggingface/transformers#43171</a></li> <li>Some new models added stuff that was already removed by <a href="https://github.com/Cyrilvallez"><code>@Cyrilvallez</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43179">huggingface/transformers#43179</a></li> <li>Fixes and compilation warning in torchao docs by <a href="https://github.com/merveenoyan"><code>@merveenoyan</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/42909">huggingface/transformers#42909</a></li> <li>[cache] Remove all deprecated classes by <a href="https://github.com/Cyrilvallez"><code>@Cyrilvallez</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43168">huggingface/transformers#43168</a></li> <li>Bump huggingface_hub minimal version by <a href="https://github.com/Wauplin"><code>@Wauplin</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43188">huggingface/transformers#43188</a></li> <li>Rework check_config_attributes.py by <a href="https://github.com/Cyrilvallez"><code>@Cyrilvallez</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43191">huggingface/transformers#43191</a></li> <li>Fix generation config validation by <a href="https://github.com/zucchini-nlp"><code>@zucchini-nlp</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43175">huggingface/transformers#43175</a></li> <li>[style] Use 'x | y' syntax for processors as well by <a href="https://github.com/Wauplin"><code>@Wauplin</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43189">huggingface/transformers#43189</a></li> <li>Remove deprecated objects by <a href="https://github.com/Cyrilvallez"><code>@Cyrilvallez</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43170">huggingface/transformers#43170</a></li> <li>fix chunked prefill implementation issue-43082 by <a href="https://github.com/marcndo"><code>@marcndo</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43132">huggingface/transformers#43132</a></li> <li>Reduce add_dates verbosity by <a href="https://github.com/yonigozlan"><code>@yonigozlan</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43184">huggingface/transformers#43184</a></li> <li>Add support for MiniMax-M2 by <a href="https://github.com/rogeryoungh"><code>@rogeryoungh</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/42028">huggingface/transformers#42028</a></li> <li>Fix failing <code>salesforce-ctrl</code>, <code>xlm</code> & <code>gpt-neo</code> model generation tests by <a href="https://github.com/Sai-Suraj-27"><code>@Sai-Suraj-27</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43180">huggingface/transformers#43180</a></li> <li>Less verbose library helpers by <a href="https://github.com/Cyrilvallez"><code>@Cyrilvallez</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43197">huggingface/transformers#43197</a></li> <li>run all test files on CircleCI by <a href="https://github.com/ydshieh"><code>@ydshieh</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43146">huggingface/transformers#43146</a></li> <li>Clamp temperature to >=1.0 for Dia generation by <a href="https://github.com/Haseebasif7"><code>@Haseebasif7</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43029">huggingface/transformers#43029</a></li> <li>Fix spelling typos in comments and code by <a href="https://github.com/raimbekovm"><code>@raimbekovm</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43046">huggingface/transformers#43046</a></li> <li>[docs] llama.cpp by <a href="https://github.com/stevhliu"><code>@stevhliu</code></a> in <a href="https://redirect.github.com/huggingface/transformers/pull/43185">huggingface/transformers#43185</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/huggingface/transformers/commit/cb5079fa72456d8ce27fc2041389beb5e1357f48"><code>cb5079f</code></a> v5.0.0rc3</li> <li><a href="https://github.com/huggingface/transformers/commit/d1808f2c36c02faad537f9737a76165e49b041f9"><code>d1808f2</code></a> [ci] Fixing some failing tests for important models (<a href="https://redirect.github.com/huggingface/transformers/issues/43231">#43231</a>)</li> <li><a href="https://github.com/huggingface/transformers/commit/3d276453a2b7c74f3259b1c136db3dd79c51756b"><code>3d27645</code></a> Add LightOnOCR model implementation (<a href="https://redirect.github.com/huggingface/transformers/issues/41621">#41621</a>)</li> <li><a href="https://github.com/huggingface/transformers/commit/77146cc9088ec8fc1dd476b40b1c6cdb0792afe3"><code>77146cc</code></a> fix crash in when running FSDP2+TP (<a href="https://redirect.github.com/huggingface/transformers/issues/43226">#43226</a>)</li> <li><a href="https://github.com/huggingface/transformers/commit/61317f5ac78511a1c02b08c0e73012d9542183ed"><code>61317f5</code></a> [CB] Ensure parallel decoding test passes using FA (<a href="https://redirect.github.com/huggingface/transformers/issues/43277">#43277</a>)</li> <li><a href="https://github.com/huggingface/transformers/commit/1efe1a633a47628134a2ba6376512af99cc3c9df"><code>1efe1a6</code></a> Fix failing <code>PegasusX</code>, <code>Mvp</code> & <code>LED</code> model integration tests (<a href="https://redirect.github.com/huggingface/transformers/issues/43245">#43245</a>)</li> <li><a href="https://github.com/huggingface/transformers/commit/e8ae373133be1eff2254c5dd71fcd628445cb4a4"><code>e8ae373</code></a> [consistency] Ensure models are added to the <code>_toctree.yml</code> (<a href="https://redirect.github.com/huggingface/transformers/issues/43264">#43264</a>)</li> <li><a href="https://github.com/huggingface/transformers/commit/c85be9899355c72771b3237f2434c7c84748427a"><code>c85be98</code></a> [docs] tensorrt-llm (<a href="https://redirect.github.com/huggingface/transformers/issues/43176">#43176</a>)</li> <li><a href="https://github.com/huggingface/transformers/commit/38022fd891209fa1e386b9afb971a9d2d35ec175"><code>38022fd</code></a> [style] Fix init isort and align makefile and CI (<a href="https://redirect.github.com/huggingface/transformers/issues/43260">#43260</a>)</li> <li><a href="https://github.com/huggingface/transformers/commit/e977446e632670f9972fc4ff1432b414c8b813cb"><code>e977446</code></a> Fix failing <code>Hiera</code>, <code>SwiftFormer</code> & <code>LED</code> Model integration tests (<a href="https://redirect.github.com/huggingface/transformers/issues/43225">#43225</a>)</li> <li>Additional commits viewable in <a href="https://github.com/huggingface/transformers/compare/v4.57.3...v5.0.0rc3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain-milvus/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
fe9d63e6dc |
Bump requests from 2.32.5 to 2.33.0 in /libs/milvus in the pip group across 1 directory (#129)
Bumps the pip group with 1 update in the /libs/milvus directory: [requests](https://github.com/psf/requests). Updates `requests` from 2.32.5 to 2.33.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/releases">requests's releases</a>.</em></p> <blockquote> <h2>v2.33.0</h2> <h2>2.33.0 (2026-03-25)</h2> <p><strong>Announcements</strong></p> <ul> <li>📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at <a href="https://redirect.github.com/psf/requests/issues/7271">#7271</a>. Give it a try, and report any gaps or feedback you may have in the issue. 📣</li> </ul> <p><strong>Security</strong></p> <ul> <li>CVE-2026-25645 <code>requests.utils.extract_zipped_paths</code> now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.</li> </ul> <p><strong>Improvements</strong></p> <ul> <li>Migrated to a PEP 517 build system using setuptools. (<a href="https://redirect.github.com/psf/requests/issues/7012">#7012</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (<a href="https://redirect.github.com/psf/requests/issues/7205">#7205</a>)</li> </ul> <p><strong>Deprecations</strong></p> <ul> <li>Dropped support for Python 3.9 following its end of support. (<a href="https://redirect.github.com/psf/requests/issues/7196">#7196</a>)</li> </ul> <p><strong>Documentation</strong></p> <ul> <li>Various typo fixes and doc improvements.</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/M0d3v1"><code>@M0d3v1</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/6865">psf/requests#6865</a></li> <li><a href="https://github.com/aminvakil"><code>@aminvakil</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/7220">psf/requests#7220</a></li> <li><a href="https://github.com/E8Price"><code>@E8Price</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/6960">psf/requests#6960</a></li> <li><a href="https://github.com/mitre88"><code>@mitre88</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/7244">psf/requests#7244</a></li> <li><a href="https://github.com/magsen"><code>@magsen</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/6553">psf/requests#6553</a></li> <li><a href="https://github.com/Rohan5commit"><code>@Rohan5commit</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/7227">psf/requests#7227</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25">https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's changelog</a>.</em></p> <blockquote> <h2>2.33.0 (2026-03-25)</h2> <p><strong>Announcements</strong></p> <ul> <li>📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at <a href="https://redirect.github.com/psf/requests/issues/7271">#7271</a>. Give it a try, and report any gaps or feedback you may have in the issue. 📣</li> </ul> <p><strong>Security</strong></p> <ul> <li>CVE-2026-25645 <code>requests.utils.extract_zipped_paths</code> now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.</li> </ul> <p><strong>Improvements</strong></p> <ul> <li>Migrated to a PEP 517 build system using setuptools. (<a href="https://redirect.github.com/psf/requests/issues/7012">#7012</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (<a href="https://redirect.github.com/psf/requests/issues/7205">#7205</a>)</li> </ul> <p><strong>Deprecations</strong></p> <ul> <li>Dropped support for Python 3.9 following its end of support. (<a href="https://redirect.github.com/psf/requests/issues/7196">#7196</a>)</li> </ul> <p><strong>Documentation</strong></p> <ul> <li>Various typo fixes and doc improvements.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761"><code>bc04dfd</code></a> v2.33.0</li> <li><a href="https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7"><code>66d21cb</code></a> Merge commit from fork</li> <li><a href="https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028"><code>8b9bc8f</code></a> Move badges to top of README (<a href="https://redirect.github.com/psf/requests/issues/7293">#7293</a>)</li> <li><a href="https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286"><code>e331a28</code></a> Remove unused extraction call (<a href="https://redirect.github.com/psf/requests/issues/7292">#7292</a>)</li> <li><a href="https://github.com/psf/requests/commit/753fd08c5eacce0aa0df73fe47e49525c67e0a29"><code>753fd08</code></a> docs: fix FAQ grammar in httplib2 example</li> <li><a href="https://github.com/psf/requests/commit/774a0b837a194ee885d4fdd9ca947900cc3daf71"><code>774a0b8</code></a> docs(socks): same block as other sections</li> <li><a href="https://github.com/psf/requests/commit/9c72a41bec8597f948c9d8caa5dc3f12273b3303"><code>9c72a41</code></a> Bump github/codeql-action from 4.33.0 to 4.34.1</li> <li><a href="https://github.com/psf/requests/commit/ebf71906798ec82f34e07d3168f8b8aecaf8a3be"><code>ebf7190</code></a> Bump github/codeql-action from 4.32.0 to 4.33.0</li> <li><a href="https://github.com/psf/requests/commit/0e4ae38f0c93d4f92a96c774bd52c069d12a4798"><code>0e4ae38</code></a> docs: exclude Response.is_permanent_redirect from API docs (<a href="https://redirect.github.com/psf/requests/issues/7244">#7244</a>)</li> <li><a href="https://github.com/psf/requests/commit/d568f47278492e630cc990a259047c67991d007a"><code>d568f47</code></a> docs: clarify Quickstart POST example (<a href="https://redirect.github.com/psf/requests/issues/6960">#6960</a>)</li> <li>Additional commits viewable in <a href="https://github.com/psf/requests/compare/v2.32.5...v2.33.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain-milvus/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
dbdaaf24ae |
Bump the pip group across 1 directory with 4 updates (#127)
Bumps the pip group with 4 updates in the /libs/milvus directory: [filelock](https://github.com/tox-dev/py-filelock), [langsmith](https://github.com/langchain-ai/langsmith-sdk), [orjson](https://github.com/ijl/orjson) and [protobuf](https://github.com/protocolbuffers/protobuf). Updates `filelock` from 3.20.0 to 3.20.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tox-dev/py-filelock/releases">filelock's releases</a>.</em></p> <blockquote> <h2>3.20.3</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <ul> <li>Fix TOCTOU symlink vulnerability in SoftFileLock by <a href="https://github.com/gaborbernat"><code>@gaborbernat</code></a> in <a href="https://redirect.github.com/tox-dev/filelock/pull/465">tox-dev/filelock#465</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tox-dev/filelock/compare/3.20.2...3.20.3">https://github.com/tox-dev/filelock/compare/3.20.2...3.20.3</a></p> <h2>3.20.2</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <ul> <li>Support Unix systems without O_NOFOLLOW by <a href="https://github.com/mwilliamson"><code>@mwilliamson</code></a> in <a href="https://redirect.github.com/tox-dev/filelock/pull/463">tox-dev/filelock#463</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a>[bot] in <a href="https://redirect.github.com/tox-dev/filelock/pull/464">tox-dev/filelock#464</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/mwilliamson"><code>@mwilliamson</code></a> made their first contribution in <a href="https://redirect.github.com/tox-dev/filelock/pull/463">tox-dev/filelock#463</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tox-dev/filelock/compare/3.20.1...3.20.2">https://github.com/tox-dev/filelock/compare/3.20.1...3.20.2</a></p> <h2>3.20.1</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <ul> <li>CVE-2025-68146: Fix TOCTOU symlink vulnerability in lock file creation by <a href="https://github.com/gaborbernat"><code>@gaborbernat</code></a> in <a href="https://redirect.github.com/tox-dev/filelock/pull/461">tox-dev/filelock#461</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tox-dev/filelock/compare/3.20.0...3.20.1">https://github.com/tox-dev/filelock/compare/3.20.0...3.20.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst">filelock's changelog</a>.</em></p> <blockquote> <p>########### Changelog ###########</p> <hr /> <p>3.24.3 (2026-02-19)</p> <hr /> <ul> <li>🐛 fix(unix): handle ENOENT race on FUSE/NFS during acquire :pr:<code>495</code></li> <li>🐛 fix(ci): add trailing blank line after changelog entries :pr:<code>492</code></li> </ul> <hr /> <p>3.24.2 (2026-02-16)</p> <hr /> <ul> <li>🐛 fix(rw): close sqlite3 cursors and skip SoftFileLock Windows race :pr:<code>491</code></li> <li>🐛 fix(test): resolve flaky write non-starvation test :pr:<code>490</code></li> <li>📝 docs: restructure using Diataxis framework :pr:<code>489</code></li> </ul> <hr /> <p>3.24.1 (2026-02-15)</p> <hr /> <ul> <li>🐛 fix(soft): resolve Windows deadlock and test race condition :pr:<code>488</code></li> </ul> <hr /> <p>3.24.0 (2026-02-14)</p> <hr /> <ul> <li>✨ feat(lock): add lifetime parameter for lock expiration (<a href="https://redirect.github.com/tox-dev/py-filelock/issues/68">#68</a>) :pr:<code>486</code></li> <li>✨ feat(lock): add cancel_check to acquire (<a href="https://redirect.github.com/tox-dev/py-filelock/issues/309">#309</a>) :pr:<code>487</code></li> <li>🐛 fix(api): detect same-thread self-deadlock :pr:<code>481</code></li> <li>✨ feat(mode): respect POSIX default ACLs (<a href="https://redirect.github.com/tox-dev/py-filelock/issues/378">#378</a>) :pr:<code>483</code></li> <li>🐛 fix(win): eliminate lock file race in threaded usage :pr:<code>484</code></li> <li>✨ feat(lock): add poll_interval to constructor :pr:<code>482</code></li> <li>🐛 fix(unix): auto-fallback to SoftFileLock on ENOSYS :pr:<code>480</code></li> </ul> <hr /> <p>3.23.0 (2026-02-14)</p> <hr /> <ul> <li>📝 docs: move from Unlicense to MIT :pr:<code>479</code></li> <li>📝 docs: add fasteners to similar libraries :pr:<code>478</code></li> </ul> <hr /> <p>3.22.0 (2026-02-14)</p> <hr /> <ul> <li>🐛 fix(soft): skip stale detection on Windows :pr:<code>477</code></li> <li>✨ feat(soft): detect and break stale locks :pr:<code>476</code></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tox-dev/filelock/commit/41b42dd2c72aecf7da83dbda5903b8087dddc4d5"><code>41b42dd</code></a> Fix TOCTOU symlink vulnerability in SoftFileLock (<a href="https://redirect.github.com/tox-dev/py-filelock/issues/465">#465</a>)</li> <li><a href="https://github.com/tox-dev/filelock/commit/f2e7d4046b6a2b375a573bcfbad21827b99f8939"><code>f2e7d40</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/tox-dev/py-filelock/issues/464">#464</a>)</li> <li><a href="https://github.com/tox-dev/filelock/commit/50888548eb2f008d372e71f2835a47851ab83836"><code>5088854</code></a> Support Unix systems without O_NOFOLLOW (<a href="https://redirect.github.com/tox-dev/py-filelock/issues/463">#463</a>)</li> <li><a href="https://github.com/tox-dev/filelock/commit/377f62251d7cdf30768cc9ee1eb31cea1551c71b"><code>377f622</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/tox-dev/py-filelock/issues/460">#460</a>)</li> <li><a href="https://github.com/tox-dev/filelock/commit/4724d7f8c3393ec1f048c93933e6e3e6ec321f0e"><code>4724d7f</code></a> Fix TOCTOU symlink vulnerability in lock file creation (<a href="https://redirect.github.com/tox-dev/py-filelock/issues/461">#461</a>)</li> <li><a href="https://github.com/tox-dev/filelock/commit/cb69414a2327cf0a9887e12054d1dc112ee700af"><code>cb69414</code></a> Bump actions/upload-artifact from 5 to 6 (<a href="https://redirect.github.com/tox-dev/py-filelock/issues/459">#459</a>)</li> <li><a href="https://github.com/tox-dev/filelock/commit/0769294f14a6c62eea64741722f7acef5386b4cd"><code>0769294</code></a> Bump actions/download-artifact from 6 to 7 (<a href="https://redirect.github.com/tox-dev/py-filelock/issues/458">#458</a>)</li> <li><a href="https://github.com/tox-dev/filelock/commit/414193a188892bd376eb5c56eb45a9cf8ecc9284"><code>414193a</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/tox-dev/py-filelock/issues/457">#457</a>)</li> <li><a href="https://github.com/tox-dev/filelock/commit/1456797beb94ad59e5627462ad29f7ed3a966626"><code>1456797</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/tox-dev/py-filelock/issues/456">#456</a>)</li> <li><a href="https://github.com/tox-dev/filelock/commit/8d6bf90af313ac7fd6e41ef2b715d91dd6858f5c"><code>8d6bf90</code></a> Bump actions/checkout from 5 to 6 (<a href="https://redirect.github.com/tox-dev/py-filelock/issues/455">#455</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tox-dev/py-filelock/compare/3.20.0...3.20.3">compare view</a></li> </ul> </details> <br /> Updates `langsmith` from 0.4.47 to 0.6.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's releases</a>.</em></p> <blockquote> <h2>v0.6.1</h2> <h2>What's Changed</h2> <ul> <li>ci: test more bundlers by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2263">langchain-ai/langsmith-sdk#2263</a></li> <li>feat(python sdk): Add support for setting commit tags when pushing a prompt by <a href="https://github.com/bees"><code>@bees</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2265">langchain-ai/langsmith-sdk#2265</a></li> <li>feat: Pass in Cache, rename by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2264">langchain-ai/langsmith-sdk#2264</a></li> <li>chore: bump sdk by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2268">langchain-ai/langsmith-sdk#2268</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.6.0...v0.6.1">https://github.com/langchain-ai/langsmith-sdk/compare/v0.6.0...v0.6.1</a></p> <h2>v0.6.0</h2> <h2>What's Changed</h2> <ul> <li>chore(js): bump JS to 0.4.3 by <a href="https://github.com/dqbd"><code>@dqbd</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2253">langchain-ai/langsmith-sdk#2253</a></li> <li>Revert "feat: add js prompt caching" by <a href="https://github.com/angus-langchain"><code>@angus-langchain</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2258">langchain-ai/langsmith-sdk#2258</a></li> <li>Revert "feat: Replace UUID5 with deterministic UUID7 for replicas" by <a href="https://github.com/angus-langchain"><code>@angus-langchain</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2257">langchain-ai/langsmith-sdk#2257</a></li> <li>release(js): bump to 0.4.4 by <a href="https://github.com/dqbd"><code>@dqbd</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2259">langchain-ai/langsmith-sdk#2259</a></li> <li>feat: add prompt cache back and setup environment tests by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2260">langchain-ai/langsmith-sdk#2260</a></li> <li>feat(python): Bump pydantic to v2 by <a href="https://github.com/angus-langchain"><code>@angus-langchain</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2248">langchain-ai/langsmith-sdk#2248</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0">https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.2...v0.6.0</a></p> <h2>v0.6.0rc0</h2> <h2>What's Changed</h2> <ul> <li>feat(js): Add support for tracing AI SDK 6 by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237">langchain-ai/langsmith-sdk#2237</a></li> <li>fix(js): Remove default Jestlike timeout by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243">langchain-ai/langsmith-sdk#2243</a></li> <li>feat(js): Add support for tracing tool loop agent by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244">langchain-ai/langsmith-sdk#2244</a></li> <li>feat: Replace UUID5 with deterministic UUID7 for replicas by <a href="https://github.com/angus-langchain"><code>@angus-langchain</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249">langchain-ai/langsmith-sdk#2249</a></li> <li>feat: add prompt caching to python sdk by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246">langchain-ai/langsmith-sdk#2246</a></li> <li>feat: add js prompt caching by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251">langchain-ai/langsmith-sdk#2251</a></li> <li>fix(claude): correctly parse llm and tool inputs in claude agent sdk by <a href="https://github.com/angus-langchain"><code>@angus-langchain</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255">langchain-ai/langsmith-sdk#2255</a></li> <li>bump(python): 0.5.2 by <a href="https://github.com/angus-langchain"><code>@angus-langchain</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256">langchain-ai/langsmith-sdk#2256</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0">https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.6.0rc0</a></p> <h2>v0.5.2</h2> <h2>What's Changed</h2> <ul> <li>feat(js): Add support for tracing AI SDK 6 by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2237">langchain-ai/langsmith-sdk#2237</a></li> <li>fix(js): Remove default Jestlike timeout by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2243">langchain-ai/langsmith-sdk#2243</a></li> <li>feat(js): Add support for tracing tool loop agent by <a href="https://github.com/jacoblee93"><code>@jacoblee93</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2244">langchain-ai/langsmith-sdk#2244</a></li> <li>feat: Replace UUID5 with deterministic UUID7 for replicas by <a href="https://github.com/angus-langchain"><code>@angus-langchain</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2249">langchain-ai/langsmith-sdk#2249</a></li> <li>feat: add prompt caching to python sdk by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2246">langchain-ai/langsmith-sdk#2246</a></li> <li>feat: add js prompt caching by <a href="https://github.com/langchain-infra"><code>@langchain-infra</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2251">langchain-ai/langsmith-sdk#2251</a></li> <li>fix(claude): correctly parse llm and tool inputs in claude agent sdk by <a href="https://github.com/angus-langchain"><code>@angus-langchain</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2255">langchain-ai/langsmith-sdk#2255</a></li> <li>bump(python): 0.5.2 by <a href="https://github.com/angus-langchain"><code>@angus-langchain</code></a> in <a href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2256">langchain-ai/langsmith-sdk#2256</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2">https://github.com/langchain-ai/langsmith-sdk/compare/v0.5.1...v0.5.2</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/langchain-ai/langsmith-sdk/commits">compare view</a></li> </ul> </details> <br /> Updates `orjson` from 3.11.4 to 3.11.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ijl/orjson/releases">orjson's releases</a>.</em></p> <blockquote> <h2>3.11.5</h2> <h3>Changed</h3> <ul> <li>Show simple error message instead of traceback when attempting to build on unsupported Python versions.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ijl/orjson/blob/master/CHANGELOG.md">orjson's changelog</a>.</em></p> <blockquote> <h2>3.11.5 - 2025-12-06</h2> <h3>Changed</h3> <ul> <li>Show simple error message instead of traceback when attempting to build on unsupported Python versions.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ijl/orjson/commit/fb3eb1f729c7e7b019f780af5695722c99c7c695"><code>fb3eb1f</code></a> 3.11.5</li> <li><a href="https://github.com/ijl/orjson/commit/52688e02c51c845cde24a46cd1011a6010d10eb8"><code>52688e0</code></a> Record contributors in headers</li> <li><a href="https://github.com/ijl/orjson/commit/dc083e87d5262e7dde3ba4b1d2a377b5b065a27c"><code>dc083e8</code></a> Further compatibility and build misc</li> <li><a href="https://github.com/ijl/orjson/commit/18f0186d47fbadd53c9db4e39a442d5b04225418"><code>18f0186</code></a> Compatibility and build misc</li> <li>See full diff in <a href="https://github.com/ijl/orjson/compare/3.11.4...3.11.5">compare view</a></li> </ul> </details> <br /> Updates `protobuf` from 6.33.1 to 6.33.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/protocolbuffers/protobuf/releases">protobuf's releases</a>.</em></p> <blockquote> <h2>Protocol Buffers v34.0-rc1</h2> <h1>Announcements</h1> <ul> <li><strong>This version includes breaking changes to: C++, Objective-C, PHP, Python.</strong></li> <li>[Bazel] Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (<a href="https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb">https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb</a>)</li> <li>[C++] Make generator headers private (<a href="https://github.com/protocolbuffers/protobuf/commit/3a2af3510f0d454dbe3e4dc281674b61c4d20b9e">https://github.com/protocolbuffers/protobuf/commit/3a2af3510f0d454dbe3e4dc281674b61c4d20b9e</a>)</li> <li>[C++] Add a debug check that the target of CopyFrom is not a descendant of the source. (<a href="https://github.com/protocolbuffers/protobuf/commit/7a7589823d2cfaaf7994b050e98d5d553bc9b1c1">https://github.com/protocolbuffers/protobuf/commit/7a7589823d2cfaaf7994b050e98d5d553bc9b1c1</a>)</li> <li>[C++] Add [[nodiscard]] to many APIs. (<a href="https://github.com/protocolbuffers/protobuf/commit/a70115f33f9af2c4b2202c800b84837e7fe0d738">https://github.com/protocolbuffers/protobuf/commit/a70115f33f9af2c4b2202c800b84837e7fe0d738</a>)</li> <li>[C++] Make the arena-enabled constructors of <code>RepeatedField</code>, <code>RepeatedPtrField</code>, and <code>Map</code> private. (<a href="https://github.com/protocolbuffers/protobuf/commit/ef890c3d0c79398c70e047fe5dd893f460ba2336">https://github.com/protocolbuffers/protobuf/commit/ef890c3d0c79398c70e047fe5dd893f460ba2336</a>)</li> <li>[C++] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (<a href="https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292">https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292</a>)</li> <li>[C++] Removes proto2::util::MessageDifferencer::AddIgnoreCriteria that takes a raw pointer as an argument in favor of the overload that takes a unique_ptr. Remove macro PROTOBUF_FUTURE_REMOVE_ADD_IGNORE_CRITERIA (<a href="https://github.com/protocolbuffers/protobuf/commit/b115358c64127896fed88b8b5ef5d91d86d8cbae">https://github.com/protocolbuffers/protobuf/commit/b115358c64127896fed88b8b5ef5d91d86d8cbae</a>)</li> <li>[C++] Remove deprecated FieldDescriptor::has_optional_keyword() in OSS. Use is_repeated() or has_presence() instead (<a href="https://github.com/protocolbuffers/protobuf/commit/68346ec9348e932664e58c3ecdcd1478f95233a8">https://github.com/protocolbuffers/protobuf/commit/68346ec9348e932664e58c3ecdcd1478f95233a8</a>)</li> <li>[C++] Remove AddUnusedImportTrackFile() and ClearUnusedImportTrackFiles(). Remove PROTOBUF_FUTURE_RENAME_ADD_UNUSED_IMPORT (<a href="https://github.com/protocolbuffers/protobuf/commit/837a2cd1d6c75402b2503ffe7cd8aeaf25868536">https://github.com/protocolbuffers/protobuf/commit/837a2cd1d6c75402b2503ffe7cd8aeaf25868536</a>)</li> <li>[C++] Remove deprecated FieldDescriptor::is_optional() in OSS. Use (!is_required() && !is_repeated()) instead (<a href="https://github.com/protocolbuffers/protobuf/commit/9dbc5d479a8e453921485d8d3de47fb3c005f1af">https://github.com/protocolbuffers/protobuf/commit/9dbc5d479a8e453921485d8d3de47fb3c005f1af</a>)</li> <li>[C++] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (<a href="https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00">https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00</a>)</li> <li>[C++] All entity names have length limit (2afb0dc)</li> <li>[ObjC] Remove <code>generate_minimal_imports</code> generation option warning (<a href="https://github.com/protocolbuffers/protobuf/commit/45b1297fdaad5a9436d0e207422168c38dc45ac4">https://github.com/protocolbuffers/protobuf/commit/45b1297fdaad5a9436d0e207422168c38dc45ac4</a>)</li> <li>[ObjC] Fix nullability annotations on some <code>GPB*Dictionary</code> types. (<a href="https://github.com/protocolbuffers/protobuf/commit/ea67d6d26a48478a567c404679e3bb99cf230d50">https://github.com/protocolbuffers/protobuf/commit/ea67d6d26a48478a567c404679e3bb99cf230d50</a>)</li> <li>[ObjC] Remove <code>-[GPBFieldDescriptor optional]</code> (<a href="https://github.com/protocolbuffers/protobuf/commit/3414dc151eb4dcbdb2ca952e2589993bf7af75c4">https://github.com/protocolbuffers/protobuf/commit/3414dc151eb4dcbdb2ca952e2589993bf7af75c4</a>)</li> <li>[Other] Remove deprecated flag for enabling MSVC support (<a href="https://github.com/protocolbuffers/protobuf/commit/97c979be6e0907e1051bee62584dac4594e73fa7">https://github.com/protocolbuffers/protobuf/commit/97c979be6e0907e1051bee62584dac4594e73fa7</a>)</li> <li>[PHP] Remove deprecated PHP APIs (<a href="https://github.com/protocolbuffers/protobuf/commit/9c45014099a4f7004fab6dd1278de2f4f2a393c5">https://github.com/protocolbuffers/protobuf/commit/9c45014099a4f7004fab6dd1278de2f4f2a393c5</a>)</li> <li>[PHP] Remove deprecated PHP APIs FieldDescriptor getLabel, use IsRepeated or isRequired instead. (<a href="https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345">https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345</a>, <a href="https://github.com/protocolbuffers/protobuf/commit/cd76e675b14d00dda5623b30835d2bc7105fccc6">https://github.com/protocolbuffers/protobuf/commit/cd76e675b14d00dda5623b30835d2bc7105fccc6</a>, <a href="https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345">https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345</a>)</li> <li>[PHP] Add PHP typehints for setters and remove redundant GPBUtil checks (<a href="https://redirect.github.com/protocolbuffers/protobuf/pull/25296">protocolbuffers/protobuf#25296</a>) (<a href="https://github.com/protocolbuffers/protobuf/commit/aee03b78929c02461a5f9d8e136a2a016359b0cd">https://github.com/protocolbuffers/protobuf/commit/aee03b78929c02461a5f9d8e136a2a016359b0cd</a>)</li> <li>[PHP] support default values for editions/proto2 (<a href="https://redirect.github.com/protocolbuffers/protobuf/pull/25161">protocolbuffers/protobuf#25161</a>) (<a href="https://github.com/protocolbuffers/protobuf/commit/b01099d56350551bae3da88b97bf3027274c9f17">https://github.com/protocolbuffers/protobuf/commit/b01099d56350551bae3da88b97bf3027274c9f17</a>)</li> <li>[Python] Raise errors in OSS when assign bool to int/enum field in Python Proto. (<a href="https://github.com/protocolbuffers/protobuf/commit/5b116fe2f14f49dd0cc3b76089983717f211025c">https://github.com/protocolbuffers/protobuf/commit/5b116fe2f14f49dd0cc3b76089983717f211025c</a>)</li> <li>[Python] Remove float_format/double_format from python proto text_format (<a href="https://github.com/protocolbuffers/protobuf/commit/e4854a186e0bfa867d5bfa5cd850608a948fd488">https://github.com/protocolbuffers/protobuf/commit/e4854a186e0bfa867d5bfa5cd850608a948fd488</a>)</li> <li>[Python] Raise TypeError when convert non-timedelta to Duration, or convert non-datetime to Timestamp in python proto. (Original code may raise ArributeError) (<a href="https://github.com/protocolbuffers/protobuf/commit/00aaca1b4d98954bc2933d7c8a5379ba6088124c">https://github.com/protocolbuffers/protobuf/commit/00aaca1b4d98954bc2933d7c8a5379ba6088124c</a>)</li> <li>[Python] Remove float_precision from python proto json_format (<a href="https://github.com/protocolbuffers/protobuf/commit/f027f1fcd52b9d080b7ee79f4024f53cf54e0dc5">https://github.com/protocolbuffers/protobuf/commit/f027f1fcd52b9d080b7ee79f4024f53cf54e0dc5</a>)</li> <li>[Python] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (<a href="https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292">https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292</a>)</li> <li>[Python] Remove deprecated FieldDescriptor.label (<a href="https://github.com/protocolbuffers/protobuf/commit/0a8ff55518ea5874478ad5b26515b31d186045a9">https://github.com/protocolbuffers/protobuf/commit/0a8ff55518ea5874478ad5b26515b31d186045a9</a>)</li> <li>[Python] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (<a href="https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00">https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00</a>)</li> <li><a href="https://protobuf.dev/news/">Protobuf News</a> may include additional announcements or pre-announcements for upcoming changes.</li> <li><a href="https://protobuf.dev/support/migration/">Migration Guide</a> may include additional guidance for breaking changes.</li> </ul> <h1>Bazel</h1> <ul> <li>Fix: cc_toolchain should prefer protoc when prebuilt flag is flipped. (<a href="https://redirect.github.com/protocolbuffers/protobuf/issues/25168">#25168</a>) (<a href="https://github.com/protocolbuffers/protobuf/commit/8c857c3a1c6a106b0a096f1c9fa504bfaca035a9">https://github.com/protocolbuffers/protobuf/commit/8c857c3a1c6a106b0a096f1c9fa504bfaca035a9</a>)</li> <li>Breaking change: Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (<a href="https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb">https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb</a>)</li> <li>Feat(bazel): wire up prebuilt protoc toolchain (<a href="https://redirect.github.com/protocolbuffers/protobuf/issues/24115">#24115</a>) (<a href="https://github.com/protocolbuffers/protobuf/commit/cc23698b486e690ea2eb873cc7596a87c74a3ba6">https://github.com/protocolbuffers/protobuf/commit/cc23698b486e690ea2eb873cc7596a87c74a3ba6</a>)</li> <li>Migrate <code>proto_descriptor_set</code> (<a href="https://redirect.github.com/protocolbuffers/protobuf/issues/23369">#23369</a>) (<a href="https://github.com/protocolbuffers/protobuf/commit/8d4dfdd39a7a242a9ed631a6ab2192c57dd9b9c8">https://github.com/protocolbuffers/protobuf/commit/8d4dfdd39a7a242a9ed631a6ab2192c57dd9b9c8</a>)</li> </ul> <h1>Compiler</h1> <ul> <li>Ruby codegen: support generation of rbs files (<a href="https://redirect.github.com/protocolbuffers/protobuf/issues/15633">#15633</a>) (<a href="https://github.com/protocolbuffers/protobuf/commit/6ebdf851ba78728f0aa145d38454ed9a316fb08d">https://github.com/protocolbuffers/protobuf/commit/6ebdf851ba78728f0aa145d38454ed9a316fb08d</a>)</li> <li>Avoid collision name problems between a message named <code>Xyz</code> and a direct sibling enum named <code>XyzView</code> (<a href="https://github.com/protocolbuffers/protobuf/commit/eba53e8f172b273d679759a72ce4250131ee3df1">https://github.com/protocolbuffers/protobuf/commit/eba53e8f172b273d679759a72ce4250131ee3df1</a>)</li> <li>Generalizing and implementing ValidateFeatureSupport for both Options and Features during proto parsing (<a href="https://github.com/protocolbuffers/protobuf/commit/ed3c57114d8e2b47cca7697ddaa50c1b3762a6b0">https://github.com/protocolbuffers/protobuf/commit/ed3c57114d8e2b47cca7697ddaa50c1b3762a6b0</a>)</li> <li>Fix a bug with custom features outside of the <code>pb</code> package. (<a href="https://github.com/protocolbuffers/protobuf/commit/872d3ce7a4da00d7dcec33ced20cfe45235935e8">https://github.com/protocolbuffers/protobuf/commit/872d3ce7a4da00d7dcec33ced20cfe45235935e8</a>)</li> <li>Fix import option handling when include_imports isn't set. (<a href="https://github.com/protocolbuffers/protobuf/commit/9ef9e80afd9bc8379d578fe67e5ab0738728c04e">https://github.com/protocolbuffers/protobuf/commit/9ef9e80afd9bc8379d578fe67e5ab0738728c04e</a>)</li> <li>Fix a bug in STRICT check of namespaced enums to properly check for 'reserved 1 to max' (<a href="https://github.com/protocolbuffers/protobuf/commit/1229d4adba24c0952ab85ce96bc7b7f8a1fe6d0f">https://github.com/protocolbuffers/protobuf/commit/1229d4adba24c0952ab85ce96bc7b7f8a1fe6d0f</a>)</li> <li>Prevent accidental stripping of <code>debug_redact</code> options via import option. (<a href="https://github.com/protocolbuffers/protobuf/commit/f58b098bffa7ca4045ef7773b09151a6af5d0c28">https://github.com/protocolbuffers/protobuf/commit/f58b098bffa7ca4045ef7773b09151a6af5d0c28</a>)</li> </ul> <h1>C++</h1> <ul> <li>Add EnumerateEnumValues function. (<a href="https://github.com/protocolbuffers/protobuf/commit/397d5d99db274b379d1384814074bf7df39d32f7">https://github.com/protocolbuffers/protobuf/commit/397d5d99db274b379d1384814074bf7df39d32f7</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/protocolbuffers/protobuf/commits">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain-milvus/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
8a05638338 |
fix: enforce least-privilege permissions on all workflows (#126)
## Summary - Add top-level `permissions: contents: read` to 6 workflows that were missing explicit permission declarations (defaulting to overly broad token scopes) - Narrow the `permissions: write-all` on the `test-pypi-publish` job in `_release.yml` to `id-token: write`, which is all trusted PyPI publishing requires - `_codespell.yml` already had correct permissions and was left unchanged ## Test plan - [ ] Verify CI passes on this PR (lint, test, compile-integration-test workflows all only need read access) - [ ] Verify release workflow still works on next release (job-level `id-token: write` and `contents: write` are preserved where needed) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> |
||
|
|
2204c7ec84 |
Bump urllib3 from 2.5.0 to 2.6.3 in /libs/milvus in the pip group across 1 directory (#125)
Bumps the pip group with 1 update in the /libs/milvus directory: [urllib3](https://github.com/urllib3/urllib3). Updates `urllib3` from 2.5.0 to 2.6.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.6.3</h2> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Changes</h2> <ul> <li>Fixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by <a href="https://github.com/D47A"><code>@D47A</code></a>, 8.9 High, GHSA-38jv-5279-wg99)</li> <li>Started treating <code>Retry-After</code> times greater than 6 hours as 6 hours by default. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3743">urllib3/urllib3#3743</a>)</li> <li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on Emscripten. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3752">urllib3/urllib3#3752</a>)</li> </ul> <h2>2.6.2</h2> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Changes</h2> <ul> <li>Fixed <code>HTTPResponse.read_chunked()</code> to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3734">urllib3/urllib3#3734</a>)</li> </ul> <h2>2.6.1</h2> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Changes</h2> <ul> <li>Restore previously removed <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3731">#3731</a>)</li> </ul> <h2>2.6.0</h2> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Security</h2> <ul> <li>Fixed a security issue where streaming API could improperly handle highly compressed HTTP content ("decompression bombs") leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by <a href="https://github.com/Cycloctane"><code>@Cycloctane</code></a>, 8.9 High, GHSA-2xpw-w6gg-jr37)</li> <li>Fixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the <code>Content-Encoding</code> header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by <a href="https://github.com/illia-v"><code>@illia-v</code></a>, 8.9 High, GHSA-gm62-xv2j-4w53)</li> </ul> <blockquote> <p>[!IMPORTANT]</p> <ul> <li>If urllib3 is not installed with the optional <code>urllib3[brotli]</code> extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to benefit from the security fixes and avoid warnings. Prefer using <code>urllib3[brotli]</code> to install a compatible Brotli package automatically.</li> </ul> </blockquote> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.6.3 (2026-01-07)</h1> <ul> <li>Fixed a high-severity security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (<code>GHSA-38jv-5279-wg99 <https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99></code>__)</li> <li>Started treating <code>Retry-After</code> times greater than 6 hours as 6 hours by default. (<code>[#3743](https://github.com/urllib3/urllib3/issues/3743) <https://github.com/urllib3/urllib3/issues/3743></code>__)</li> <li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on Emscripten. (<code>[#3752](https://github.com/urllib3/urllib3/issues/3752) <https://github.com/urllib3/urllib3/issues/3752></code>__)</li> </ul> <h1>2.6.2 (2025-12-11)</h1> <ul> <li>Fixed <code>HTTPResponse.read_chunked()</code> to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (<code>[#3734](https://github.com/urllib3/urllib3/issues/3734) <https://github.com/urllib3/urllib3/issues/3734></code>__)</li> </ul> <h1>2.6.1 (2025-12-08)</h1> <ul> <li>Restore previously removed <code>HTTPResponse.getheaders()</code> and <code>HTTPResponse.getheader()</code> methods. (<code>[#3731](https://github.com/urllib3/urllib3/issues/3731) <https://github.com/urllib3/urllib3/issues/3731></code>__)</li> </ul> <h1>2.6.0 (2025-12-05)</h1> <h2>Security</h2> <ul> <li>Fixed a security issue where streaming API could improperly handle highly compressed HTTP content ("decompression bombs") leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (<code>GHSA-2xpw-w6gg-jr37 <https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37></code>__)</li> <li>Fixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the <code>Content-Encoding</code> header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (<code>GHSA-gm62-xv2j-4w53 <https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53></code>__)</li> </ul> <p>.. caution::</p> <ul> <li>If urllib3 is not installed with the optional <code>urllib3[brotli]</code> extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to benefit from the security fixes and avoid warnings. Prefer using</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc"><code>0248277</code></a> Release 2.6.3</li> <li><a href="https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"><code>8864ac4</code></a> Merge commit from fork</li> <li><a href="https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c"><code>70cecb2</code></a> Fix Scorecard issues related to vulnerable dev dependencies (<a href="https://redirect.github.com/urllib3/urllib3/issues/3755">#3755</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359"><code>41f249a</code></a> Move "v2.0 Migration Guide" to the end of the table of contents (<a href="https://redirect.github.com/urllib3/urllib3/issues/3747">#3747</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c"><code>fd4dffd</code></a> Patch <code>VerifiedHTTPSConnection</code> for Emscripten (<a href="https://redirect.github.com/urllib3/urllib3/issues/3752">#3752</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab"><code>13f0bfd</code></a> Handle massive values in Retry-After when calculating time to sleep for (<a href="https://redirect.github.com/urllib3/urllib3/issues/3743">#3743</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b"><code>8c480bf</code></a> Bump actions/upload-artifact from 5.0.0 to 6.0.0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3748">#3748</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1"><code>4b40616</code></a> Bump actions/cache from 4.3.0 to 5.0.1 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3750">#3750</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b"><code>82b8479</code></a> Bump actions/download-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3749">#3749</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2"><code>34284cb</code></a> Mention experimental features in the security policy (<a href="https://redirect.github.com/urllib3/urllib3/issues/3746">#3746</a>)</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/2.5.0...2.6.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain-milvus/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
2fcfd3a160 |
bump version to 0.3.3 (#121)
Signed-off-by: cheney <chen.zhang@zilliz.com>libs/milvus/v0.3.3 |
||
|
|
2f9d6afb73 |
refactor reranker to new Function to adapt milvus 2.6 (#120)
Signed-off-by: cheney <chen.zhang@zilliz.com> |
||
|
|
171598fc56 |
bump version to 0.3.2 (#119)
Signed-off-by: cheney <chen.zhang@zilliz.com>libs/milvus/v0.3.2 |
||
|
|
b396713671 |
add multi-language analyzer support (#118)
related PR: https://github.com/langchain-ai/langchain-milvus/pull/95 Signed-off-by: cheney <chen.zhang@zilliz.com> |
||
|
|
01a4c6903d |
bump version to 0.3.1 (#117)
Signed-off-by: ChengZi <chen.zhang@zilliz.com>libs/milvus/v0.3.1 |
||
|
|
43bc8f1317 |
add apikey setup script for release workflow (#116)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
89f3dda9c2 |
add Data In Data Out for TextEmbedding function (#108)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
5c98e7217c | chore: remove erroneous release title prefix (#115) | ||
|
|
dc35686ed6 | chore(infra): standardize release naming (#113) | ||
|
|
0c78f37ead | fix: bump lock and lint (#114) | ||
|
|
69d9b3cb02 |
chore: fix async version (from #111) (#112)
fix #111 |
||
|
|
5a48b9680e | chore: fix a multiline docstring griffe issue (#111) | ||
|
|
5de90dad86 | fix: more griffe warnings (#110) | ||
|
|
75a4e2557c | fix: resolve griffe warnings in deprecated Zilliz (#109) | ||
|
|
8ea22e1c65 |
bump version to 0.3.0 (#105)
Signed-off-by: ChengZi <chen.zhang@zilliz.com>libs/milvus/v0.3.0 |
||
|
|
00d6e05e38 |
replace orm to milvus client (#104)
# Migration to MilvusClient API with Collection Caching Optimization
## Why This Change?
This commit migrates from ORM-style Collection usage to the
**MilvusClient API style**, which is the recommended approach going
forward. Additionally, it implements a Collection object caching
mechanism to optimize performance for scenarios where ORM access is
still needed.
## Core Idea
**Use MilvusClient API as the primary interface**, only falling back to
the ORM `Collection` object when absolutely necessary (e.g., for legacy
compatibility or specific ORM-only features). When the ORM object is
needed, cache it to avoid repeated expensive construction.
## Key Insights
1. **MilvusClient API is the future**: Recommended by Milvus team for
better performance and simpler usage patterns
2. **ORM overhead is high**: `Collection()` constructor calls
`describe_collection()`, adding network + server overhead
3. **Selective ORM usage**: Keep ORM Collection as a lazy-loaded, cached
property for backward compatibility and specific use cases
4. **Caching minimizes ORM cost**: When ORM access is needed, cache it
with `{collection_name}:{alias}` validation
## What Changed
### Primary Change: MilvusClient API Migration
- **Core operations**: Use `MilvusClient` methods (`create_collection`,
`insert`, `search`, `query`, etc.) throughout the codebase
- **Simpler patterns**: Direct API calls replace complex ORM patterns
- **Better alignment**: Follows Milvus team's recommended practices
### Secondary Optimization: Collection Caching
- **Lazy loading**: The `col` property caches the ORM `Collection`
object only when accessed
- **Smart caching**: Validated by collection name and alias to ensure
correctness
- **Minimal ORM usage**: ORM object now used primarily for legacy
compatibility and `Collection.schema`/`Collection.indexes` access
## Impact
- **Future-proof**: Aligned with Milvus recommended API usage patterns
- **Better performance**: MilvusClient API is more lightweight than ORM
- **Backward compatible**: Legacy code using `self.col` still works
through caching
- **Reduced overhead**: Cached Collection object eliminates repeated
construction costs
Signed-off-by: ChengZi <chen.zhang@zilliz.com>
|
||
|
|
afc519102b | bump version 0.2.2 (#102) libs/milvus/v0.2.2 | ||
|
|
879634e372 |
update docstr to support new langchain doc settings (#101)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
2c8fae887f |
update dependencies to support langchain-core 1.0.0 (#100)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
09035340a3 |
Add drop all option & bug fix (#89)
Hi! First, thanks for maintaining this useful wrapper for Milvus :) Using it, I encountered a small issue, and a feature that I had to implement externally; so I thought I'd add them here. - `search_by_metadata()`: The function assumes the text field is requested by the function caller, although they might require metadata alone. Such requests currently result in an exception. Thus, to ensure text field is always returned on the database query, I suggest simply adding it, when missing. - `drop()`: Resetting the vectorstore by dropping all rows is very useful, and in fact currently enabled only on initialization (as part of `__init__()`). I suggest to decouple it into a method (`drop()`; feel free to offer other names), exposing it for external use. |
||
|
|
86b114b861 |
bump the version of 0.2.1 (#86)
Signed-off-by: ChengZi <chen.zhang@zilliz.com>libs/milvus/v0.2.1 |
||
|
|
17ce877be6 |
fix: fix the issue of asyncio event loop in multithreading environment (#85)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
cffc65a8a5 |
update README.md (#83)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
bd278089e5 |
Support num_partitions to decide no of partition other then default (#51)
Give an option to select no of partition while creating collection. |
||
|
|
e29ff1bff5 |
fix: fix get_min_versions.py (#82)
Signed-off-by: ChengZi <chen.zhang@zilliz.com>libs/milvus/v0.2.0 |
||
|
|
a2edb95719 |
fix: fix get_min_versions.py (#81)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
1d20fd6b06 |
0.2.0 (#80)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
9bf1667724 |
use milvus naive upsert function (#79)
as mentioned here https://github.com/langchain-ai/langchain-milvus/issues/71 Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
f178166d87 |
update poetry version (#78)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
687b0742ab |
fix and align when user do not provide ids (#76)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
4902fffec9 |
0.2.0rc1 (#73)
Signed-off-by: ChengZi <chen.zhang@zilliz.com>libs/milvus/v0.2.0rc1 |
||
|
|
6acf4648a2 |
[feat] support async (#72)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
d80d9c5d5d |
refactor the major methods from orm to milvus client (#70)
In pymilvus SDK, the [ORM](https://milvus.io/api-reference/pymilvus/v2.5.x/ORM/Collection/Collection.md), and [milvus client](https://milvus.io/api-reference/pymilvus/v2.5.x/MilvusClient/Client/MilvusClient.md) are two different layer/approach SDKs. In the future, we recommend using milvus client SDK to get access and operate Mivus service instead of ORM SDK, so we have to refactor the usage of ORM in langchain-milvus. This PR changed the major CRUD public methods in langchain-milvus class. BTW, the SearchResult will be removed in the future version of pymilvus, and it will be replaced by the List[List[dict]] --------- Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
fa642cac65 |
Temporarily hide integartion test runs (#69)
Signed-off-by: ChengZi <chen.zhang@zilliz.com>libs/milvus/v0.1.10 |
||
|
|
8d16a67613 |
fix readme issue (#68)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
29c12100e0 |
release 0.1.10 (#66)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
43e4b4efe5 |
fix SearchResult import issue (#65)
fix: https://github.com/langchain-ai/langchain-milvus/issues/63 Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
a5137da8d8 |
refactor test (#61)
This test refactoring is mainly to separate the tests of milvus-lite and milvus docker server. The same test code has been implemented to cover the tests in both situation. Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
acc5512a98 |
Remove the nested README in libs and replace with the repo level README (#62)
Signed-off-by: codingjaguar <jiang.chen@zilliz.com> |
||
|
|
7d548dc259 |
fix test metadata issue (#60)
Signed-off-by: ChengZi <chen.zhang@zilliz.com>libs/milvus/v0.1.9 |
||
|
|
a16660e913 |
release 0.1.9 (#59)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
2ae520844a |
add BM25SparseEmbedding compatibility for scipy>=1.15.0 (#57)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
9b5a7f793f |
add more warnings and update CONTRIBUTING.md (#56)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |
||
|
|
2439b4ebca |
fix Makefile issue (#55)
Signed-off-by: ChengZi <chen.zhang@zilliz.com> |