Compare commits

...

140 Commits

Author SHA1 Message Date
Eugene Yurtsev 27e57afeda Add deprecation notice for LangServe project
Added deprecation notice and migration recommendation.
2026-05-05 15:49:06 -04:00
dependabot[bot] 12e5d8e23f Bump langsmith from 0.7.9 to 0.7.31 in the pip group across 1 directory (#902)
Bumps the pip group with 1 update in the / directory:
[langsmith](https://github.com/langchain-ai/langsmith-sdk).

Updates `langsmith` from 0.7.9 to 0.7.31
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's
releases</a>.</em></p>
<blockquote>
<h2>v0.7.31</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps-dev): bump langchain-core from 1.2.23 to 1.2.28 in
/python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2692">langchain-ai/langsmith-sdk#2692</a></li>
<li>chore(deps-dev): bump <code>@​anthropic-ai/sdk</code> from 0.82.0 to
0.84.0 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2684">langchain-ai/langsmith-sdk#2684</a></li>
<li>chore(deps): bump cryptography from 46.0.6 to 46.0.7 in /python by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2693">langchain-ai/langsmith-sdk#2693</a></li>
<li>chore(deps-dev): bump <code>@​anthropic-ai/sdk</code> from 0.84.0 to
0.85.0 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2700">langchain-ai/langsmith-sdk#2700</a></li>
<li>feat(py): Tag OpenAI Agent Python SDK runs with ls_agent_type by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2699">langchain-ai/langsmith-sdk#2699</a></li>
<li>feat(js): Adds ls_agent_type metadata to AI SDK runs by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2701">langchain-ai/langsmith-sdk#2701</a></li>
<li>chore(deps-dev): bump types-tqdm from 4.67.3.20260303 to
4.67.3.20260408 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2710">langchain-ai/langsmith-sdk#2710</a></li>
<li>chore(deps): bump pnpm/action-setup from 5 to 6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2705">langchain-ai/langsmith-sdk#2705</a></li>
<li>chore(deps): bump the py-minor-and-patch group across 1 directory
with 10 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2711">langchain-ai/langsmith-sdk#2711</a></li>
<li>chore(deps-dev): bump <code>@​anthropic-ai/sdk</code> from 0.85.0 to
0.86.0 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2702">langchain-ai/langsmith-sdk#2702</a></li>
<li>chore(deps): bump actions/github-script from 8 to 9 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2706">langchain-ai/langsmith-sdk#2706</a></li>
<li>chore(deps-dev): bump the js-minor-and-patch group across 1
directory with 7 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2712">langchain-ai/langsmith-sdk#2712</a></li>
<li>chore(deps-dev): bump types-psutil from 7.2.2.20260130 to
7.2.2.20260408 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2709">langchain-ai/langsmith-sdk#2709</a></li>
<li>chore(deps-dev): bump rich from 14.3.3 to 15.0.0 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2708">langchain-ai/langsmith-sdk#2708</a></li>
<li>feat: Filter kwargs from new token events by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2714">langchain-ai/langsmith-sdk#2714</a></li>
<li>release(py): 0.7.31 by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2716">langchain-ai/langsmith-sdk#2716</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.30...v0.7.31">https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.30...v0.7.31</a></p>
<h2>v0.7.30</h2>
<h2>What's Changed</h2>
<ul>
<li>feat(python): add service feature to sandbox by <a
href="https://github.com/DanielKneipp"><code>@​DanielKneipp</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2665">langchain-ai/langsmith-sdk#2665</a></li>
<li>fix(js): Fix prototype pollution bug in anonymizers by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2690">langchain-ai/langsmith-sdk#2690</a></li>
<li>release(js): 0.5.18 by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2691">langchain-ai/langsmith-sdk#2691</a></li>
<li>chore(js/sandbox): suppress warning log by <a
href="https://github.com/hntrl"><code>@​hntrl</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2694">langchain-ai/langsmith-sdk#2694</a></li>
<li>feat(js): Add metadata to Claude Agent SDK JS tracing by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2695">langchain-ai/langsmith-sdk#2695</a></li>
<li>fix(py): Fix run tree memory leak by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2696">langchain-ai/langsmith-sdk#2696</a></li>
<li>release(py): 0.7.30 by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2698">langchain-ai/langsmith-sdk#2698</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.29...v0.7.30">https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.29...v0.7.30</a></p>
<h2>v0.7.29</h2>
<h2>What's Changed</h2>
<ul>
<li>release(js): 0.5.17 by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2681">langchain-ai/langsmith-sdk#2681</a></li>
<li>feat(py): Fix race condition around Claude Agent SDK instrumentation
by <a href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2685">langchain-ai/langsmith-sdk#2685</a></li>
<li>release(py): 0.7.29 by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2686">langchain-ai/langsmith-sdk#2686</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.28...v0.7.29">https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.28...v0.7.29</a></p>
<h2>v0.7.28</h2>
<h2>What's Changed</h2>
<ul>
<li>feat(py): Support subagent tracing in Claude Agents SDK, fix usage
and duplicate messages by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2670">langchain-ai/langsmith-sdk#2670</a></li>
<li>chore(deps-dev): bump the py-minor-and-patch group across 1
directory with 11 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2677">langchain-ai/langsmith-sdk#2677</a></li>
<li>chore(deps-dev): bump the js-minor-and-patch group across 1
directory with 8 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2667">langchain-ai/langsmith-sdk#2667</a></li>
<li>chore(deps): bump pnpm/action-setup from 4 to 5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2658">langchain-ai/langsmith-sdk#2658</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/langchain-ai/langsmith-sdk/commit/c434999d05c00334efeba88b8bbd2de9f3afbef6"><code>c434999</code></a>
release(py): 0.7.31 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2716">#2716</a>)</li>
<li><a
href="https://github.com/langchain-ai/langsmith-sdk/commit/47d7c4a783333e716395d802e7632f1f1b4744d3"><code>47d7c4a</code></a>
feat: Filter kwargs from new token events (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2714">#2714</a>)</li>
<li><a
href="https://github.com/langchain-ai/langsmith-sdk/commit/3c57445b543c9a2f86db52024ea2c998bfc2ffab"><code>3c57445</code></a>
chore(deps-dev): bump rich from 14.3.3 to 15.0.0 in /python (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2708">#2708</a>)</li>
<li><a
href="https://github.com/langchain-ai/langsmith-sdk/commit/2be6cd01a2b6e35e811488d3561e7b0b57b06f63"><code>2be6cd0</code></a>
chore(deps-dev): bump types-psutil from 7.2.2.20260130 to 7.2.2.20260408
in /...</li>
<li><a
href="https://github.com/langchain-ai/langsmith-sdk/commit/b8b6ca32d43c919c07a4e13c99a83bcaab8accb0"><code>b8b6ca3</code></a>
chore(deps-dev): bump the js-minor-and-patch group across 1 directory
with 7 ...</li>
<li><a
href="https://github.com/langchain-ai/langsmith-sdk/commit/9897cb33da7698291637f268edd833ca3e1adde6"><code>9897cb3</code></a>
chore(deps): bump actions/github-script from 8 to 9 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2706">#2706</a>)</li>
<li><a
href="https://github.com/langchain-ai/langsmith-sdk/commit/572c0184285747e027a796e03ea6c9ba171e09a6"><code>572c018</code></a>
chore(deps-dev): bump <code>@​anthropic-ai/sdk</code> from 0.85.0 to
0.86.0 in /js (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2702">#2702</a>)</li>
<li><a
href="https://github.com/langchain-ai/langsmith-sdk/commit/57447524c88b6bba2775161aa449da32fb8e5c42"><code>5744752</code></a>
chore(deps): bump the py-minor-and-patch group across 1 directory with
10 upd...</li>
<li><a
href="https://github.com/langchain-ai/langsmith-sdk/commit/960cae7f490e9ccbe428e6b56c8047bdb7b942a5"><code>960cae7</code></a>
chore(deps): bump pnpm/action-setup from 5 to 6 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2705">#2705</a>)</li>
<li><a
href="https://github.com/langchain-ai/langsmith-sdk/commit/9370e7670abf7f8f9a36fbb72250bcfd2f91e7c6"><code>9370e76</code></a>
chore(deps-dev): bump types-tqdm from 4.67.3.20260303 to 4.67.3.20260408
in /...</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.9...v0.7.31">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langsmith&package-manager=pip&previous-version=0.7.9&new-version=0.7.31)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-15 21:11:40 -07:00
dependabot[bot] 970cbc7342 Bump pydantic from 2.12.5 to 2.13.0 (#900)
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.12.5 to
2.13.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/releases">pydantic's
releases</a>.</em></p>
<blockquote>
<h2>v2.13.0 2026-04-13</h2>
<h2>v2.13.0 (2026-04-13)</h2>
<p>The highlights of the v2.13 release are available in the <a
href="https://pydantic.dev/articles/pydantic-v2-13-release">blog
post</a>.
Several minor changes (considered non-breaking changes according to our
<a
href="https://pydantic.dev/docs/validation/2.13/get-started/version-policy/#pydantic-v2">versioning
policy</a>) are also included in this release. Make sure to look into
them before upgrading.</p>
<p>This release contains the updated <code>pydantic.v1</code> namespace,
matching version 1.10.26 which includes support for Python 3.14.</p>
<h3>What's Changed</h3>
<p>See the beta releases for all changes sinces 2.12.</p>
<h4>Packaging</h4>
<ul>
<li>Add zizmor for GitHub Actions workflow linting by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13039">#13039</a></li>
<li>Update jiter to v0.14.0 to fix a segmentation fault on musl Linux by
<a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13064">#13064</a></li>
</ul>
<h4>New Features</h4>
<ul>
<li>Allow default factories of private attributes to take validated
model data by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13013">#13013</a></li>
</ul>
<h4>Changes</h4>
<ul>
<li>Warn when serializing fixed length tuples with too few items by <a
href="https://github.com/arvindsaripalli"><code>@​arvindsaripalli</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13016">#13016</a></li>
</ul>
<h4>Fixes</h4>
<ul>
<li>Change type of <code>Any</code> when synthesizing
<code>_build_sources</code> for <code>BaseSettings.__init__()</code>
signature in the mypy plugin by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13049">#13049</a></li>
<li>Fix model equality when using runtime <code>extra</code>
configuration by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13062">#13062</a></li>
</ul>
<h3>New Contributors</h3>
<ul>
<li><a
href="https://github.com/arvindsaripalli"><code>@​arvindsaripalli</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13016">#13016</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic/compare/v2.12.0...v2.13.0">https://github.com/pydantic/pydantic/compare/v2.12.0...v2.13.0</a></p>
<h2>v2.13.0b3 2026-03-31</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<h3>Packaging</h3>
<ul>
<li>Add riscv64 build target for manylinux by <a
href="https://github.com/boosterl"><code>@​boosterl</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12723">#12723</a></li>
</ul>
<h3>New Features</h3>
<ul>
<li>Add <code>ascii_only</code> option to <code>StringConstraints</code>
by <a
href="https://github.com/ai-man-codes"><code>@​ai-man-codes</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12907">#12907</a></li>
<li>Support <code>exclude_if</code> in computed fields by <a
href="https://github.com/andresliszt"><code>@​andresliszt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic/pull/12748">#12748</a></li>
<li>Push down constraints in unions involving <code>MISSING</code>
sentinel by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12908">#12908</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/blob/main/HISTORY.md">pydantic's
changelog</a>.</em></p>
<blockquote>
<h2>v2.13.0 (2026-04-13)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.13.0">GitHub
release</a></p>
<p>The highlights of the v2.13 release are available in the <a
href="https://pydantic.dev/articles/pydantic-v2-13-release">blog
post</a>.
Several minor changes (considered non-breaking changes according to our
<a
href="https://pydantic.dev/docs/validation/2.13/get-started/version-policy/#pydantic-v2">versioning
policy</a>)
are also included in this release. Make sure to look into them before
upgrading.</p>
<p>This release contains the updated <code>pydantic.v1</code> namespace,
matching version 1.10.26 which includes support for Python 3.14.</p>
<h3>What's Changed</h3>
<p>See the beta releases for all changes sinces 2.12.</p>
<h4>New Features</h4>
<ul>
<li>Allow default factories of private attributes to take validated
model data by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13013">#13013</a></li>
</ul>
<h4>Changes</h4>
<ul>
<li>Warn when serializing fixed length tuples with too few items by <a
href="https://github.com/arvindsaripalli"><code>@​arvindsaripalli</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13016">#13016</a></li>
</ul>
<h4>Fixes</h4>
<ul>
<li>Change type of <code>Any</code> when synthesizing
<code>_build_sources</code> for <code>BaseSettings.__init__()</code>
signature in the mypy plugin by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13049">#13049</a></li>
<li>Fix model equality when using runtime <code>extra</code>
configuration by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13062">#13062</a></li>
</ul>
<h4>Packaging</h4>
<ul>
<li>Add zizmor for GitHub Actions workflow linting by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13039">#13039</a></li>
<li>Update jiter to v0.14.0 to fix a segmentation fault on musl Linux by
<a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13064">#13064</a></li>
</ul>
<h3>New Contributors</h3>
<ul>
<li><a
href="https://github.com/arvindsaripalli"><code>@​arvindsaripalli</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/13016">#13016</a></li>
</ul>
<h2>v2.13.0b3 (2026-03-31)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.13.0b3">GitHub
release</a></p>
<h3>What's Changed</h3>
<h4>New Features</h4>
<ul>
<li>Add <code>ascii_only</code> option to <code>StringConstraints</code>
by <a
href="https://github.com/ai-man-codes"><code>@​ai-man-codes</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12907">#12907</a></li>
<li>Support <code>exclude_if</code> in computed fields by <a
href="https://github.com/andresliszt"><code>@​andresliszt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic/pull/12748">#12748</a></li>
<li>Push down constraints in unions involving <code>MISSING</code>
sentinel by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12908">#12908</a></li>
</ul>
<h4>Changes</h4>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pydantic/pydantic/commit/46bf4fa648af3a1fbf4603a37f210e9d9c618357"><code>46bf4fa</code></a>
Fix Pydantic release workflow (<a
href="https://redirect.github.com/pydantic/pydantic/issues/13067">#13067</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/1b359edab09c623464d23c6fd2503ae5ff276d43"><code>1b359ed</code></a>
Prepare release v2.13.0 (<a
href="https://redirect.github.com/pydantic/pydantic/issues/13065">#13065</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/b1bf19445d8ac144a7a0e82674d2d87eebab6c18"><code>b1bf194</code></a>
Fix model equality when using runtime <code>extra</code> configuration
(<a
href="https://redirect.github.com/pydantic/pydantic/issues/13062">#13062</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/17a35e371bdff348c0690651d324c91fc7c9ff9e"><code>17a35e3</code></a>
Update jiter to v0.14.0 (<a
href="https://redirect.github.com/pydantic/pydantic/issues/13064">#13064</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/feea402b23fa23774669908c4e08a61ba1e4238e"><code>feea402</code></a>
Use <code>simulation</code> mode in Codspeed CI (<a
href="https://redirect.github.com/pydantic/pydantic/issues/13063">#13063</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/671c9b0d4d3f9b2f1b95ca32ac85cb69e824e0bc"><code>671c9b0</code></a>
Add basic benchmarks for model equality (<a
href="https://redirect.github.com/pydantic/pydantic/issues/13061">#13061</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/d17d71e00a35f190b27321aa6f8f2a03139c00b8"><code>d17d71e</code></a>
Bump cryptography from 46.0.6 to 46.0.7 (<a
href="https://redirect.github.com/pydantic/pydantic/issues/13056">#13056</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/919d61ac419af5151b673a90b65c9a12631091cf"><code>919d61a</code></a>
👥 Update Pydantic People (<a
href="https://redirect.github.com/pydantic/pydantic/issues/13059">#13059</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/e7cf5dcb939ea98511e669b647c0273667a1b08a"><code>e7cf5dc</code></a>
Fix people workflow (<a
href="https://redirect.github.com/pydantic/pydantic/issues/13047">#13047</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/2a806ad09b984fcc43568191aba5d965350995a0"><code>2a806ad</code></a>
Add regression test for <code>MISSING</code> sentinel serialization with
subclasses (<a
href="https://redirect.github.com/pydantic/pydantic/issues/13">#13</a>...</li>
<li>Additional commits viewable in <a
href="https://github.com/pydantic/pydantic/compare/v2.12.5...v2.13.0">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-14 10:55:35 -07:00
dependabot[bot] 13cdfe0b7c Bump the npm_and_yarn group across 2 directories with 1 update (#901)
Bumps the npm_and_yarn group with 1 update in the
/langserve/chat_playground directory:
[lodash](https://github.com/lodash/lodash).
Bumps the npm_and_yarn group with 1 update in the /langserve/playground
directory: [lodash](https://github.com/lodash/lodash).

Updates `lodash` from 4.17.23 to 4.18.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/lodash/lodash/releases">lodash's
releases</a>.</em></p>
<blockquote>
<h2>4.18.1</h2>
<h2>Bugs</h2>
<p>Fixes a <code>ReferenceError</code> issue in <code>lodash</code>
<code>lodash-es</code> <code>lodash-amd</code> and
<code>lodash.template</code> when using the <code>template</code> and
<code>fromPairs</code> functions from the modular builds. See <a
href="https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769">lodash/lodash#6167</a></p>
<p>These defects were related to how lodash distributions are built from
the main branch using <a
href="https://github.com/lodash-archive/lodash-cli">https://github.com/lodash-archive/lodash-cli</a>.
When internal dependencies change inside lodash functions, equivalent
updates need to be made to a mapping in the lodash-cli. (hey, it was
ahead of its time once upon a time!). We know this, but we missed it in
the last release. It's the kind of thing that passes in CI, but fails bc
the build is not the same thing you tested.</p>
<p>There is no diff on main for this, but you can see the diffs for each
of the npm packages on their respective branches:</p>
<ul>
<li><code>lodash</code>: <a
href="https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm">https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm</a></li>
<li><code>lodash-es</code>: <a
href="https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es">https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es</a></li>
<li><code>lodash-amd</code>: <a
href="https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd">https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd</a></li>
<li><code>lodash.template</code><a
href="https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages">https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages</a></li>
</ul>
<h2>4.18.0</h2>
<h2>v4.18.0</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/lodash/lodash/compare/4.17.23...4.18.0">https://github.com/lodash/lodash/compare/4.17.23...4.18.0</a></p>
<h3>Security</h3>
<p><strong><code>_.unset</code> / <code>_.omit</code></strong>: Fixed
prototype pollution via <code>constructor</code>/<code>prototype</code>
path traversal (<a
href="https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh">GHSA-f23m-r3pf-42rh</a>,
<a
href="https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b">fe8d32e</a>).
Previously, array-wrapped path segments and primitive roots could bypass
the existing guards, allowing deletion of properties from built-in
prototypes. Now <code>constructor</code> and <code>prototype</code> are
blocked unconditionally as non-terminal path keys, matching
<code>baseSet</code>. Calls that previously returned <code>true</code>
and deleted the property now return <code>false</code> and leave the
target untouched.</p>
<p><strong><code>_.template</code></strong>: Fixed code injection via
<code>imports</code> keys (<a
href="https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc">GHSA-r5fr-rjxr-66jc</a>,
CVE-2026-4800, <a
href="https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6">879aaa9</a>).
Fixes an incomplete patch for CVE-2021-23337. The <code>variable</code>
option was validated against <code>reForbiddenIdentifierChars</code> but
<code>importsKeys</code> was left unguarded, allowing code injection via
the same <code>Function()</code> constructor sink. <code>imports</code>
keys containing forbidden identifier characters now throw
<code>&quot;Invalid imports option passed into
_.template&quot;</code>.</p>
<h3>Docs</h3>
<ul>
<li>Add security notice for <code>_.template</code> in threat model and
API docs (<a
href="https://redirect.github.com/lodash/lodash/pull/6099">#6099</a>)</li>
<li>Document <code>lower &gt; upper</code> behavior in
<code>_.random</code> (<a
href="https://redirect.github.com/lodash/lodash/pull/6115">#6115</a>)</li>
<li>Fix quotes in <code>_.compact</code> jsdoc (<a
href="https://redirect.github.com/lodash/lodash/pull/6090">#6090</a>)</li>
</ul>
<h3><code>lodash.*</code> modular packages</h3>
<p><a
href="https://redirect.github.com/lodash/lodash/pull/6157">Diff</a></p>
<p>We have also regenerated and published a select number of the
<code>lodash.*</code> modular packages.</p>
<p>These modular packages had fallen out of sync significantly from the
minor/patch updates to lodash. Specifically, we have brought the
following packages up to parity w/ the latest lodash release because
they have had CVEs on them in the past:</p>
<ul>
<li><a
href="https://www.npmjs.com/package/lodash.orderby">lodash.orderby</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.tonumber">lodash.tonumber</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.trim">lodash.trim</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.trimend">lodash.trimend</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.sortedindexby">lodash.sortedindexby</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.zipobjectdeep">lodash.zipobjectdeep</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.unset">lodash.unset</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.omit">lodash.omit</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.template">lodash.template</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e"><code>cb0b9b9</code></a>
release(patch): bump main to 4.18.1 (<a
href="https://redirect.github.com/lodash/lodash/issues/6177">#6177</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51"><code>75535f5</code></a>
chore: prune stale advisory refs (<a
href="https://redirect.github.com/lodash/lodash/issues/6170">#6170</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4"><code>62e91bc</code></a>
docs: remove n_ Node.js &lt; 6 REPL note from README (<a
href="https://redirect.github.com/lodash/lodash/issues/6165">#6165</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4"><code>59be2de</code></a>
release(minor): bump to 4.18.0 (<a
href="https://redirect.github.com/lodash/lodash/issues/6161">#6161</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d"><code>af63457</code></a>
fix: broken tests for _.template 879aaa9</li>
<li><a
href="https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0"><code>1073a76</code></a>
fix: linting issues</li>
<li><a
href="https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6"><code>879aaa9</code></a>
fix: validate imports keys in _.template</li>
<li><a
href="https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b"><code>fe8d32e</code></a>
fix: block prototype pollution in baseUnset via constructor/prototype
traversal</li>
<li><a
href="https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d"><code>18ba0a3</code></a>
refactor(fromPairs): use baseAssignValue for consistent assignment (<a
href="https://redirect.github.com/lodash/lodash/issues/6153">#6153</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2"><code>b819080</code></a>
ci: add dist sync validation workflow (<a
href="https://redirect.github.com/lodash/lodash/issues/6137">#6137</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/lodash/lodash/compare/4.17.23...4.18.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `lodash` from 4.17.23 to 4.18.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/lodash/lodash/releases">lodash's
releases</a>.</em></p>
<blockquote>
<h2>4.18.1</h2>
<h2>Bugs</h2>
<p>Fixes a <code>ReferenceError</code> issue in <code>lodash</code>
<code>lodash-es</code> <code>lodash-amd</code> and
<code>lodash.template</code> when using the <code>template</code> and
<code>fromPairs</code> functions from the modular builds. See <a
href="https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769">lodash/lodash#6167</a></p>
<p>These defects were related to how lodash distributions are built from
the main branch using <a
href="https://github.com/lodash-archive/lodash-cli">https://github.com/lodash-archive/lodash-cli</a>.
When internal dependencies change inside lodash functions, equivalent
updates need to be made to a mapping in the lodash-cli. (hey, it was
ahead of its time once upon a time!). We know this, but we missed it in
the last release. It's the kind of thing that passes in CI, but fails bc
the build is not the same thing you tested.</p>
<p>There is no diff on main for this, but you can see the diffs for each
of the npm packages on their respective branches:</p>
<ul>
<li><code>lodash</code>: <a
href="https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm">https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm</a></li>
<li><code>lodash-es</code>: <a
href="https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es">https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es</a></li>
<li><code>lodash-amd</code>: <a
href="https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd">https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd</a></li>
<li><code>lodash.template</code><a
href="https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages">https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages</a></li>
</ul>
<h2>4.18.0</h2>
<h2>v4.18.0</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/lodash/lodash/compare/4.17.23...4.18.0">https://github.com/lodash/lodash/compare/4.17.23...4.18.0</a></p>
<h3>Security</h3>
<p><strong><code>_.unset</code> / <code>_.omit</code></strong>: Fixed
prototype pollution via <code>constructor</code>/<code>prototype</code>
path traversal (<a
href="https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh">GHSA-f23m-r3pf-42rh</a>,
<a
href="https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b">fe8d32e</a>).
Previously, array-wrapped path segments and primitive roots could bypass
the existing guards, allowing deletion of properties from built-in
prototypes. Now <code>constructor</code> and <code>prototype</code> are
blocked unconditionally as non-terminal path keys, matching
<code>baseSet</code>. Calls that previously returned <code>true</code>
and deleted the property now return <code>false</code> and leave the
target untouched.</p>
<p><strong><code>_.template</code></strong>: Fixed code injection via
<code>imports</code> keys (<a
href="https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc">GHSA-r5fr-rjxr-66jc</a>,
CVE-2026-4800, <a
href="https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6">879aaa9</a>).
Fixes an incomplete patch for CVE-2021-23337. The <code>variable</code>
option was validated against <code>reForbiddenIdentifierChars</code> but
<code>importsKeys</code> was left unguarded, allowing code injection via
the same <code>Function()</code> constructor sink. <code>imports</code>
keys containing forbidden identifier characters now throw
<code>&quot;Invalid imports option passed into
_.template&quot;</code>.</p>
<h3>Docs</h3>
<ul>
<li>Add security notice for <code>_.template</code> in threat model and
API docs (<a
href="https://redirect.github.com/lodash/lodash/pull/6099">#6099</a>)</li>
<li>Document <code>lower &gt; upper</code> behavior in
<code>_.random</code> (<a
href="https://redirect.github.com/lodash/lodash/pull/6115">#6115</a>)</li>
<li>Fix quotes in <code>_.compact</code> jsdoc (<a
href="https://redirect.github.com/lodash/lodash/pull/6090">#6090</a>)</li>
</ul>
<h3><code>lodash.*</code> modular packages</h3>
<p><a
href="https://redirect.github.com/lodash/lodash/pull/6157">Diff</a></p>
<p>We have also regenerated and published a select number of the
<code>lodash.*</code> modular packages.</p>
<p>These modular packages had fallen out of sync significantly from the
minor/patch updates to lodash. Specifically, we have brought the
following packages up to parity w/ the latest lodash release because
they have had CVEs on them in the past:</p>
<ul>
<li><a
href="https://www.npmjs.com/package/lodash.orderby">lodash.orderby</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.tonumber">lodash.tonumber</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.trim">lodash.trim</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.trimend">lodash.trimend</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.sortedindexby">lodash.sortedindexby</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.zipobjectdeep">lodash.zipobjectdeep</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.unset">lodash.unset</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.omit">lodash.omit</a></li>
<li><a
href="https://www.npmjs.com/package/lodash.template">lodash.template</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e"><code>cb0b9b9</code></a>
release(patch): bump main to 4.18.1 (<a
href="https://redirect.github.com/lodash/lodash/issues/6177">#6177</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51"><code>75535f5</code></a>
chore: prune stale advisory refs (<a
href="https://redirect.github.com/lodash/lodash/issues/6170">#6170</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4"><code>62e91bc</code></a>
docs: remove n_ Node.js &lt; 6 REPL note from README (<a
href="https://redirect.github.com/lodash/lodash/issues/6165">#6165</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4"><code>59be2de</code></a>
release(minor): bump to 4.18.0 (<a
href="https://redirect.github.com/lodash/lodash/issues/6161">#6161</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d"><code>af63457</code></a>
fix: broken tests for _.template 879aaa9</li>
<li><a
href="https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0"><code>1073a76</code></a>
fix: linting issues</li>
<li><a
href="https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6"><code>879aaa9</code></a>
fix: validate imports keys in _.template</li>
<li><a
href="https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b"><code>fe8d32e</code></a>
fix: block prototype pollution in baseUnset via constructor/prototype
traversal</li>
<li><a
href="https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d"><code>18ba0a3</code></a>
refactor(fromPairs): use baseAssignValue for consistent assignment (<a
href="https://redirect.github.com/lodash/lodash/issues/6153">#6153</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2"><code>b819080</code></a>
ci: add dist sync validation workflow (<a
href="https://redirect.github.com/lodash/lodash/issues/6137">#6137</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/lodash/lodash/compare/4.17.23...4.18.1">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-14 10:45:00 -07:00
dependabot[bot] d442dbc712 Bump pytest from 9.0.2 to 9.0.3 in the pip group across 1 directory (#899)
Bumps the pip group with 1 update in the / directory:
[pytest](https://github.com/pytest-dev/pytest).

Updates `pytest` from 9.0.2 to 9.0.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pytest-dev/pytest/releases">pytest's
releases</a>.</em></p>
<blockquote>
<h2>9.0.3</h2>
<h1>pytest 9.0.3 (2026-04-07)</h1>
<h2>Bug fixes</h2>
<ul>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/12444">#12444</a>:
Fixed <code>pytest.approx</code> which now correctly takes into account
<code>~collections.abc.Mapping</code> keys order to compare them.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13634">#13634</a>:
Blocking a <code>conftest.py</code> file using the <code>-p no:</code>
option is now explicitly disallowed.</p>
<p>Previously this resulted in an internal assertion failure during
plugin loading.</p>
<p>Pytest now raises a clear <code>UsageError</code> explaining that
conftest files are not plugins and cannot be disabled via
<code>-p</code>.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13734">#13734</a>:
Fixed crash when a test raises an exceptiongroup with
<code>__tracebackhide__ = True</code>.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/14195">#14195</a>:
Fixed an issue where non-string messages passed to <!-- raw HTML omitted
-->unittest.TestCase.subTest()<!-- raw HTML omitted --> were not
printed.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/14343">#14343</a>:
Fixed use of insecure temporary directory (CVE-2025-71176).</p>
</li>
</ul>
<h2>Improved documentation</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13388">#13388</a>:
Clarified documentation for <code>-p</code> vs
<code>PYTEST_PLUGINS</code> plugin loading and fixed an incorrect
<code>-p</code> example.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13731">#13731</a>:
Clarified that capture fixtures (e.g. <code>capsys</code> and
<code>capfd</code>) take precedence over the <code>-s</code> /
<code>--capture=no</code> command-line options in <code>Accessing
captured output from a test function
&lt;accessing-captured-output&gt;</code>.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/14088">#14088</a>:
Clarified that the default <code>pytest_collection</code> hook sets
<code>session.items</code> before it calls
<code>pytest_collection_finish</code>, not after.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/14255">#14255</a>:
TOML integer log levels must be quoted: Updating reference
documentation.</li>
</ul>
<h2>Contributor-facing changes</h2>
<ul>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/12689">#12689</a>:
The test reports are now published to Codecov from GitHub Actions.
The test statistics is visible <a
href="https://app.codecov.io/gh/pytest-dev/pytest/tests">on the web
interface</a>.</p>
<p>-- by <code>aleguy02</code></p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pytest-dev/pytest/commit/a7d58d7a21b78581e636bbbdea13c66ad1657c1e"><code>a7d58d7</code></a>
Prepare release version 9.0.3</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/089d98199c253d8f89a040243bc4f2aa6cd5ab22"><code>089d981</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14366">#14366</a>
from bluetech/revert-14193-backport</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/8127eaf4ab7f6b2fdd0dc1b38343ec97aeef05ac"><code>8127eaf</code></a>
Revert &quot;Fix: assertrepr_compare respects dict insertion order (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14050">#14050</a>)
(<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14193">#14193</a>)&quot;</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/99a7e6029e7a6e8d53e5df114b1346e035370241"><code>99a7e60</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14363">#14363</a>
from pytest-dev/patchback/backports/9.0.x/95d8423bd...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/ddee02a578da30dd43aedc39c1c1f1aaadfcee95"><code>ddee02a</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14343">#14343</a>
from bluetech/cve-2025-71176-simple</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/74eac6916fee34726cb194f16c516e96fbd29619"><code>74eac69</code></a>
doc: Update training info (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14298">#14298</a>)
(<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14301">#14301</a>)</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/f92dee777cfdb77d1c43633d02766ddf1f07c869"><code>f92dee7</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14267">#14267</a>
from pytest-dev/patchback/backports/9.0.x/d6fa26c62...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/7ee58acc8777c31ac6cf388d01addf5a414a7439"><code>7ee58ac</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/12378">#12378</a>
from Pierre-Sassoulas/fix-implicit-str-concat-and-d...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/37da870d37e3a2f5177cae075c7b9ae279432bf8"><code>37da870</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14259">#14259</a>
from mitre88/patch-4 (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14268">#14268</a>)</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/c34bfa3b7acb65b594707c714f1d8461b0304eed"><code>c34bfa3</code></a>
Add explanation for string context diffs (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14257">#14257</a>)
(<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14266">#14266</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pytest-dev/pytest/compare/9.0.2...9.0.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pytest&package-manager=pip&previous-version=9.0.2&new-version=9.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-14 10:42:07 -07:00
dependabot[bot] 0a2a03cc83 Bump the npm_and_yarn group across 2 directories with 1 update (#898)
Bumps the npm_and_yarn group with 1 update in the
/langserve/chat_playground directory:
[vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).
Bumps the npm_and_yarn group with 1 update in the /langserve/playground
directory:
[vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).

Updates `vite` from 5.4.21 to 6.4.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v6.4.2</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v6.4.1</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.4.1/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v6.4.0</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.4.0/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v6.3.7</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.3.7/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v6.3.6</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.3.6/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->6.4.2 (2026-04-06)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: apply server.fs check to env transport (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159">#22159</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163">#22163</a>)
(<a
href="https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b">fe28e47</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/22159">#22159</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/22163">#22163</a></li>
<li>fix: avoid path traversal with optimize deps sourcemap handler (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161">#22161</a>)
(<a
href="https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b">ca4da5d</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/22161">#22161</a></li>
</ul>
<h2><!-- raw HTML omitted -->6.4.1 (2025-10-20)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix(dev): trim trailing slash before <code>server.fs.deny</code>
check (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968">#20968</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969">#20969</a>)
(<a
href="https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8">1114b5d</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20968">#20968</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/20969">#20969</a></li>
</ul>
<h2>6.4.0 (2025-10-15)</h2>
<ul>
<li>feat: allow passing down resolved config to vite's createServer (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932">#20932</a>)
(<a
href="https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a">ca6455e</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20932">#20932</a></li>
</ul>
<h2><!-- raw HTML omitted -->6.3.7 (2025-10-14)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940">#20940</a>)
(<a
href="https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff">c59a222</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20940">#20940</a></li>
</ul>
<h2><!-- raw HTML omitted -->6.3.6 (2025-09-08)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: apply <code>fs.strict</code> check to HTML files (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736">#20736</a>)
(<a
href="https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f">0ab19ea</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20736">#20736</a></li>
<li>fix: upgrade sirv to 3.0.2 (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20735">#20735</a>)
(<a
href="https://github.com/vitejs/vite/commit/e11d24008b97d4ca731ecc1a3b95260a6d12e7e0">e11d240</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20735">#20735</a></li>
<li>test: detect ts support via <code>process.features</code> (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20544">#20544</a>)
(<a
href="https://github.com/vitejs/vite/commit/7d9922972b62329d37a71d4da5a4a382d0bf8a79">7d99229</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20544">#20544</a></li>
</ul>
<h2><!-- raw HTML omitted -->6.3.5 (2025-05-05)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix(ssr): handle uninitialized export access as undefined (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19959">#19959</a>)
(<a
href="https://github.com/vitejs/vite/commit/fd38d076fe2455aac1e00a7b15cd51159bf12bb5">fd38d07</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19959">#19959</a></li>
</ul>
<h2><!-- raw HTML omitted -->6.3.4 (2025-04-30)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: check static serve file inside sirv (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965">#19965</a>)
(<a
href="https://github.com/vitejs/vite/commit/c22c43de612eebb6c182dd67850c24e4fab8cacb">c22c43d</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19965">#19965</a></li>
<li>fix(optimizer): return plain object when using <code>require</code>
to import externals in optimized dependenci (<a
href="https://github.com/vitejs/vite/commit/efc5eab253419fde0a6a48b8d2f233063d6a9643">efc5eab</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19940">#19940</a></li>
<li>refactor: remove duplicate plugin context type (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19935">#19935</a>)
(<a
href="https://github.com/vitejs/vite/commit/d6d01c2292fa4f9603e05b95d81c8724314c20e0">d6d01c2</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19935">#19935</a></li>
</ul>
<h2><!-- raw HTML omitted -->6.3.3 (2025-04-24)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: ignore malformed uris in tranform middleware (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19853">#19853</a>)
(<a
href="https://github.com/vitejs/vite/commit/e4d520141bcd83ad61f16767348b4a813bf9340a">e4d5201</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19853">#19853</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045"><code>6b3fad0</code></a>
release: v6.4.2</li>
<li><a
href="https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b"><code>ca4da5d</code></a>
fix: avoid path traversal with optimize deps sourcemap handler (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161">#22161</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b"><code>fe28e47</code></a>
fix: apply server.fs check to env transport (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159">#22159</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163">#22163</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3"><code>5487f4f</code></a>
release: v6.4.1</li>
<li><a
href="https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8"><code>1114b5d</code></a>
fix(dev): trim trailing slash before <code>server.fs.deny</code> check
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968">#20968</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969">#20969</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103"><code>f12697c</code></a>
release: v6.4.0</li>
<li><a
href="https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a"><code>ca6455e</code></a>
feat: allow passing down resolved config to vite's createServer (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932">#20932</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af"><code>0e173d8</code></a>
release: v6.3.7</li>
<li><a
href="https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff"><code>c59a222</code></a>
fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940">#20940</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/3f337c5e24504e51188d29c970de1416ee523dbb"><code>3f337c5</code></a>
release: v6.3.6</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite/commits/v6.4.2/packages/vite">compare
view</a></li>
</ul>
</details>
<br />

Updates `vite` from 5.4.21 to 6.4.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v6.4.2</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v6.4.1</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.4.1/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v6.4.0</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.4.0/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v6.3.7</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.3.7/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v6.3.6</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v6.3.6/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->6.4.2 (2026-04-06)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: apply server.fs check to env transport (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159">#22159</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163">#22163</a>)
(<a
href="https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b">fe28e47</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/22159">#22159</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/22163">#22163</a></li>
<li>fix: avoid path traversal with optimize deps sourcemap handler (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161">#22161</a>)
(<a
href="https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b">ca4da5d</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/22161">#22161</a></li>
</ul>
<h2><!-- raw HTML omitted -->6.4.1 (2025-10-20)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix(dev): trim trailing slash before <code>server.fs.deny</code>
check (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968">#20968</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969">#20969</a>)
(<a
href="https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8">1114b5d</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20968">#20968</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/20969">#20969</a></li>
</ul>
<h2>6.4.0 (2025-10-15)</h2>
<ul>
<li>feat: allow passing down resolved config to vite's createServer (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932">#20932</a>)
(<a
href="https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a">ca6455e</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20932">#20932</a></li>
</ul>
<h2><!-- raw HTML omitted -->6.3.7 (2025-10-14)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940">#20940</a>)
(<a
href="https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff">c59a222</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20940">#20940</a></li>
</ul>
<h2><!-- raw HTML omitted -->6.3.6 (2025-09-08)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: apply <code>fs.strict</code> check to HTML files (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736">#20736</a>)
(<a
href="https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f">0ab19ea</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20736">#20736</a></li>
<li>fix: upgrade sirv to 3.0.2 (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20735">#20735</a>)
(<a
href="https://github.com/vitejs/vite/commit/e11d24008b97d4ca731ecc1a3b95260a6d12e7e0">e11d240</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20735">#20735</a></li>
<li>test: detect ts support via <code>process.features</code> (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20544">#20544</a>)
(<a
href="https://github.com/vitejs/vite/commit/7d9922972b62329d37a71d4da5a4a382d0bf8a79">7d99229</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20544">#20544</a></li>
</ul>
<h2><!-- raw HTML omitted -->6.3.5 (2025-05-05)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix(ssr): handle uninitialized export access as undefined (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19959">#19959</a>)
(<a
href="https://github.com/vitejs/vite/commit/fd38d076fe2455aac1e00a7b15cd51159bf12bb5">fd38d07</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19959">#19959</a></li>
</ul>
<h2><!-- raw HTML omitted -->6.3.4 (2025-04-30)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: check static serve file inside sirv (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965">#19965</a>)
(<a
href="https://github.com/vitejs/vite/commit/c22c43de612eebb6c182dd67850c24e4fab8cacb">c22c43d</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19965">#19965</a></li>
<li>fix(optimizer): return plain object when using <code>require</code>
to import externals in optimized dependenci (<a
href="https://github.com/vitejs/vite/commit/efc5eab253419fde0a6a48b8d2f233063d6a9643">efc5eab</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19940">#19940</a></li>
<li>refactor: remove duplicate plugin context type (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19935">#19935</a>)
(<a
href="https://github.com/vitejs/vite/commit/d6d01c2292fa4f9603e05b95d81c8724314c20e0">d6d01c2</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19935">#19935</a></li>
</ul>
<h2><!-- raw HTML omitted -->6.3.3 (2025-04-24)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: ignore malformed uris in tranform middleware (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19853">#19853</a>)
(<a
href="https://github.com/vitejs/vite/commit/e4d520141bcd83ad61f16767348b4a813bf9340a">e4d5201</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19853">#19853</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045"><code>6b3fad0</code></a>
release: v6.4.2</li>
<li><a
href="https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b"><code>ca4da5d</code></a>
fix: avoid path traversal with optimize deps sourcemap handler (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161">#22161</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b"><code>fe28e47</code></a>
fix: apply server.fs check to env transport (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159">#22159</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163">#22163</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3"><code>5487f4f</code></a>
release: v6.4.1</li>
<li><a
href="https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8"><code>1114b5d</code></a>
fix(dev): trim trailing slash before <code>server.fs.deny</code> check
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968">#20968</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969">#20969</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103"><code>f12697c</code></a>
release: v6.4.0</li>
<li><a
href="https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a"><code>ca6455e</code></a>
feat: allow passing down resolved config to vite's createServer (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932">#20932</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af"><code>0e173d8</code></a>
release: v6.3.7</li>
<li><a
href="https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff"><code>c59a222</code></a>
fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940">#20940</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/3f337c5e24504e51188d29c970de1416ee523dbb"><code>3f337c5</code></a>
release: v6.3.6</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite/commits/v6.4.2/packages/vite">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 23:11:35 -07:00
dependabot[bot] 619e176fa4 Bump ruff from 0.15.6 to 0.15.9 (#894)
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.15.6 to 0.15.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/releases">ruff's
releases</a>.</em></p>
<blockquote>
<h2>0.15.9</h2>
<h2>Release Notes</h2>
<p>Released on 2026-04-02.</p>
<h3>Preview features</h3>
<ul>
<li>[<code>pyflakes</code>] Flag annotated variable redeclarations as
<code>F811</code> in preview mode (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24244">#24244</a>)</li>
<li>[<code>ruff</code>] Allow dunder-named assignments in non-strict
mode for <code>RUF067</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24089">#24089</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>[<code>flake8-errmsg</code>] Avoid shadowing existing
<code>msg</code> in fix for <code>EM101</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24363">#24363</a>)</li>
<li>[<code>flake8-simplify</code>] Ignore pre-initialization references
in <code>SIM113</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24235">#24235</a>)</li>
<li>[<code>pycodestyle</code>] Fix <code>W391</code> fixes for
consecutive empty notebook cells (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24236">#24236</a>)</li>
<li>[<code>pyupgrade</code>] Fix <code>UP008</code> nested class
matching (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24273">#24273</a>)</li>
<li>[<code>pyupgrade</code>] Ignore strings with string-only escapes
(<code>UP012</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/16058">#16058</a>)</li>
<li>[<code>ruff</code>] <code>RUF072</code>: skip formfeeds on dedent
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/24308">#24308</a>)</li>
<li>[<code>ruff</code>] Avoid re-using symbol in <code>RUF024</code> fix
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/24316">#24316</a>)</li>
<li>[<code>ruff</code>] Parenthesize expression in <code>RUF050</code>
fix (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24234">#24234</a>)</li>
<li>Disallow starred expressions as values of starred expressions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24280">#24280</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>[<code>flake8-simplify</code>] Suppress <code>SIM105</code> for
<code>except*</code> before Python 3.12 (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23869">#23869</a>)</li>
<li>[<code>pyflakes</code>] Extend <code>F507</code> to flag
<code>%</code>-format strings with zero placeholders (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24215">#24215</a>)</li>
<li>[<code>pyupgrade</code>] <code>UP018</code> should detect more
unnecessarily wrapped literals (UP018) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24093">#24093</a>)</li>
<li>[<code>pyupgrade</code>] Fix <code>UP008</code> callable scope
handling to support lambdas (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24274">#24274</a>)</li>
<li>[<code>ruff</code>] <code>RUF010</code>: Mark fix as unsafe when it
deletes a comment (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24270">#24270</a>)</li>
</ul>
<h3>Formatter</h3>
<ul>
<li>Add <code>nested-string-quote-style</code> formatting option (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24312">#24312</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>[<code>flake8-bugbear</code>] Clarify RUF071 fix safety for non-path
string comparisons (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24149">#24149</a>)</li>
<li>[<code>flake8-type-checking</code>] Clarify import cycle wording for
<code>TC001</code>/<code>TC002</code>/<code>TC003</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24322">#24322</a>)</li>
</ul>
<h3>Other changes</h3>
<ul>
<li>Avoid rendering fix lines with trailing whitespace after
<code>|</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24343">#24343</a>)</li>
</ul>
<h3>Contributors</h3>
<ul>
<li><a
href="https://github.com/charliermarsh"><code>@​charliermarsh</code></a></li>
<li><a
href="https://github.com/MichaReiser"><code>@​MichaReiser</code></a></li>
<li><a
href="https://github.com/tranhoangtu-it"><code>@​tranhoangtu-it</code></a></li>
<li><a href="https://github.com/dylwil3"><code>@​dylwil3</code></a></li>
<li><a href="https://github.com/zsol"><code>@​zsol</code></a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's
changelog</a>.</em></p>
<blockquote>
<h2>0.15.9</h2>
<p>Released on 2026-04-02.</p>
<h3>Preview features</h3>
<ul>
<li>[<code>pyflakes</code>] Flag annotated variable redeclarations as
<code>F811</code> in preview mode (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24244">#24244</a>)</li>
<li>[<code>ruff</code>] Allow dunder-named assignments in non-strict
mode for <code>RUF067</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24089">#24089</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>[<code>flake8-errmsg</code>] Avoid shadowing existing
<code>msg</code> in fix for <code>EM101</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24363">#24363</a>)</li>
<li>[<code>flake8-simplify</code>] Ignore pre-initialization references
in <code>SIM113</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24235">#24235</a>)</li>
<li>[<code>pycodestyle</code>] Fix <code>W391</code> fixes for
consecutive empty notebook cells (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24236">#24236</a>)</li>
<li>[<code>pyupgrade</code>] Fix <code>UP008</code> nested class
matching (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24273">#24273</a>)</li>
<li>[<code>pyupgrade</code>] Ignore strings with string-only escapes
(<code>UP012</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/16058">#16058</a>)</li>
<li>[<code>ruff</code>] <code>RUF072</code>: skip formfeeds on dedent
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/24308">#24308</a>)</li>
<li>[<code>ruff</code>] Avoid re-using symbol in <code>RUF024</code> fix
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/24316">#24316</a>)</li>
<li>[<code>ruff</code>] Parenthesize expression in <code>RUF050</code>
fix (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24234">#24234</a>)</li>
<li>Disallow starred expressions as values of starred expressions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24280">#24280</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>[<code>flake8-simplify</code>] Suppress <code>SIM105</code> for
<code>except*</code> before Python 3.12 (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23869">#23869</a>)</li>
<li>[<code>pyflakes</code>] Extend <code>F507</code> to flag
<code>%</code>-format strings with zero placeholders (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24215">#24215</a>)</li>
<li>[<code>pyupgrade</code>] <code>UP018</code> should detect more
unnecessarily wrapped literals (UP018) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24093">#24093</a>)</li>
<li>[<code>pyupgrade</code>] Fix <code>UP008</code> callable scope
handling to support lambdas (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24274">#24274</a>)</li>
<li>[<code>ruff</code>] <code>RUF010</code>: Mark fix as unsafe when it
deletes a comment (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24270">#24270</a>)</li>
</ul>
<h3>Formatter</h3>
<ul>
<li>Add <code>nested-string-quote-style</code> formatting option (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24312">#24312</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>[<code>flake8-bugbear</code>] Clarify RUF071 fix safety for non-path
string comparisons (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24149">#24149</a>)</li>
<li>[<code>flake8-type-checking</code>] Clarify import cycle wording for
<code>TC001</code>/<code>TC002</code>/<code>TC003</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24322">#24322</a>)</li>
</ul>
<h3>Other changes</h3>
<ul>
<li>Avoid rendering fix lines with trailing whitespace after
<code>|</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24343">#24343</a>)</li>
</ul>
<h3>Contributors</h3>
<ul>
<li><a
href="https://github.com/charliermarsh"><code>@​charliermarsh</code></a></li>
<li><a
href="https://github.com/MichaReiser"><code>@​MichaReiser</code></a></li>
<li><a
href="https://github.com/tranhoangtu-it"><code>@​tranhoangtu-it</code></a></li>
<li><a href="https://github.com/dylwil3"><code>@​dylwil3</code></a></li>
<li><a href="https://github.com/zsol"><code>@​zsol</code></a></li>
<li><a
href="https://github.com/renovate"><code>@​renovate</code></a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/astral-sh/ruff/commit/724ccc1ae8a61e872cf58435f2c073189dc248f2"><code>724ccc1</code></a>
Bump 0.15.9 (<a
href="https://redirect.github.com/astral-sh/ruff/issues/24369">#24369</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/96d9e0964cb87498ef15510ea7f896ba336659f9"><code>96d9e09</code></a>
[ty] Move the <code>deferred</code> submodule inside
<code>infer/builder</code> (<a
href="https://redirect.github.com/astral-sh/ruff/issues/24368">#24368</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/130da28d610a466721bb942e8a5e0ec47bbe3469"><code>130da28</code></a>
[ty] Infer the <code>extra_items</code> keyword argument to class-based
TypedDicts as an...</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/a617c54b0708a8c1eb850cc3b2a5caee21137a28"><code>a617c54</code></a>
[ty] Validate type qualifiers in functional TypedDict fields and the
`extra_i...</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/d8517087c6cd0aa4f33dcede605ff642941dd74b"><code>d851708</code></a>
[ty] Improve robustness of various type-qualifier-related checks (<a
href="https://redirect.github.com/astral-sh/ruff/issues/24251">#24251</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/aecb5877c6d6fe035c03aba994ec3a7b935b8f02"><code>aecb587</code></a>
Only run the release-gate on workflow dispatch (<a
href="https://redirect.github.com/astral-sh/ruff/issues/24366">#24366</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/b88957174311030927bf564da32d05dee0eb89d9"><code>b889571</code></a>
[ty] Use <code>infer_type_expression</code> for parsing parameter
annotations and return...</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/3286a62be986a8d6d04d95b3bc619f06e012fa2f"><code>3286a62</code></a>
Add a &quot;release-gate&quot; step to the release workflow (<a
href="https://redirect.github.com/astral-sh/ruff/issues/24365">#24365</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/5f88756ee10e3faf0e96c883c34c95fc78200536"><code>5f88756</code></a>
Disallow starred expressions as values of starred expressions (<a
href="https://redirect.github.com/astral-sh/ruff/issues/24280">#24280</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/5c59f8a46965cac3470f09972196c8620faa4626"><code>5c59f8a</code></a>
[<code>pyupgrade</code>] Ignore strings with string-only escapes
(<code>UP012</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/issues/16058">#16058</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/ruff/compare/0.15.6...0.15.9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ruff&package-manager=pip&previous-version=0.15.6&new-version=0.15.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 23:09:39 -07:00
dependabot[bot] d09daaaeb2 Bump fastapi from 0.135.2 to 0.135.3 (#895)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.135.2 to
0.135.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fastapi/fastapi/releases">fastapi's
releases</a>.</em></p>
<blockquote>
<h2>0.135.3</h2>
<h3>Features</h3>
<ul>
<li> Add support for <code>@app.vibe()</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15280">#15280</a>
by <a href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.
<ul>
<li>New docs: <a href="https://fastapi.tiangolo.com/advanced/vibe/">Vibe
Coding</a>.</li>
</ul>
</li>
</ul>
<h3>Docs</h3>
<ul>
<li>✏️ Fix typo for <code>client_secret</code> in OAuth2 form
docstrings. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14946">#14946</a>
by <a href="https://github.com/bysiber"><code>@​bysiber</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>👥 Update FastAPI People - Experts. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15279">#15279</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>⬆ Bump orjson from 3.11.7 to 3.11.8. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15276">#15276</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump ruff from 0.15.0 to 0.15.8. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15277">#15277</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>👥 Update FastAPI GitHub topic repositories. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15274">#15274</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>⬆ Bump fastmcp from 2.14.5 to 3.2.0. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15267">#15267</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>👥 Update FastAPI People - Contributors and Translators. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15270">#15270</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>⬆ Bump requests from 2.32.5 to 2.33.0. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15228">#15228</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>👷 Add ty check to <code>lint.sh</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15136">#15136</a>
by <a
href="https://github.com/svlandeg"><code>@​svlandeg</code></a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fastapi/fastapi/commit/1f442c454f2f74c7419f83c203e6333955399528"><code>1f442c4</code></a>
🔖 Release version 0.135.3</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/8f5d1577b471f389f6cdea878d40a1497fda7746"><code>8f5d157</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/428452a710338334ae11043a48b06d52d9b3edba"><code>428452a</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/70580da818722cce68b7a88928d67bd0f64f42c5"><code>70580da</code></a>
 Add support for <code>@app.vibe()</code> (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15280">#15280</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/6ee87478d821171139264cd9cd17cbd2232934ce"><code>6ee8747</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/3e72c09a2abfe9e1b55eede6a297cb1847126e49"><code>3e72c09</code></a>
👥 Update FastAPI People - Experts (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15279">#15279</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/96df35f7a4337d612811483d8ade74f91cce2d61"><code>96df35f</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/6c8112555bd86f21cfee8500140dca094ad26e20"><code>6c81125</code></a>
⬆ Bump orjson from 3.11.7 to 3.11.8 (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15276">#15276</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/428f82c93616b52aee2fcee03484a855135c07e5"><code>428f82c</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/5599c59b9e7112109f04b63a58034fb95833f514"><code>5599c59</code></a>
⬆ Bump ruff from 0.15.0 to 0.15.8 (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15277">#15277</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/fastapi/fastapi/compare/0.135.2...0.135.3">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 23:04:54 -07:00
dependabot[bot] ff94a9248f Bump uvicorn from 0.42.0 to 0.44.0 (#893)
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.42.0 to
0.44.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/releases">uvicorn's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.44.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Implement websocket keepalive pings for websockets-sansio by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2888">Kludex/uvicorn#2888</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.43.0...0.44.0">https://github.com/Kludex/uvicorn/compare/0.43.0...0.44.0</a></p>
<h2>Version 0.43.0</h2>
<h2>Changed</h2>
<ul>
<li>Emit <code>http.disconnect</code> ASGI <code>receive()</code> event
on server shutting down for streaming responses (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>)</li>
<li>Use native <code>context</code> parameter for
<code>create_task</code> on Python 3.11+ (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2859">#2859</a>)</li>
<li>Drop cast in ASGI types (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2875">#2875</a>)</li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.42.0...0.43.0">https://github.com/Kludex/uvicorn/compare/0.42.0...0.43.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's
changelog</a>.</em></p>
<blockquote>
<h2>0.44.0 (April 6, 2026)</h2>
<h3>Added</h3>
<ul>
<li>Implement websocket keepalive pings for websockets-sansio (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2888">#2888</a>)</li>
</ul>
<h2>0.43.0 (April 3, 2026)</h2>
<p>You can quit Uvicorn now. We heard you, <a
href="https://github.com/pamelafox"><code>@​pamelafox</code></a> - all
47 of your Ctrl+C's (thanks for flagging it, and thanks to <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a> for the
fix 🙏). <a href="https://x.com/pamelafox/status/2039097686155227623">See
the tweet</a>.</p>
<h3>Changed</h3>
<ul>
<li>Emit <code>http.disconnect</code> ASGI <code>receive()</code> event
on server shutting down for streaming responses (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>)</li>
<li>Use native <code>context</code> parameter for
<code>create_task</code> on Python 3.11+ (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2859">#2859</a>)</li>
<li>Drop cast in ASGI types (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2875">#2875</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Kludex/uvicorn/commit/edb54c43c0321c0b41eee1473f3f4cf145e8927f"><code>edb54c4</code></a>
Version 0.44.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2890">#2890</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/029be08867fe899cde6fd31a3ba75fffca7bd9ae"><code>029be08</code></a>
Implement websocket keepalive pings for websockets-sansio (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2888">#2888</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/8d397c73191b49c6d5280098d7c09dbe474e00bf"><code>8d397c7</code></a>
Version 0.43.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2885">#2885</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/587042d68ff6c813ec0d8cfafaa820ebe7229d23"><code>587042d</code></a>
🐛 Emit <code>http.disconnect</code> ASGI <code>receive()</code> event on
server shutting down for s...</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/c9a75fb67b2e969253a41ef4ad447e013eee879e"><code>c9a75fb</code></a>
chore(deps): bump the github-actions group with 3 updates (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2878">#2878</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/84fd578224e36766efb056585cb6cc5171270089"><code>84fd578</code></a>
chore(deps): bump pygments from 2.19.2 to 2.20.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2877">#2877</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/cd52d34b55d898180a65cfc01a6a88aac54c65c3"><code>cd52d34</code></a>
Use native <code>context</code> parameter for <code>create_task</code>
on Python 3.11+ (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2859">#2859</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/5211880320b2e99a532eb121808039404da234ab"><code>5211880</code></a>
Drop cast in ASGI types (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2875">#2875</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/1cb8e747e2817ee46a4c0d44139e46b3b1f8fab6"><code>1cb8e74</code></a>
Add websocket 500 fallback header test (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2874">#2874</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/28efbb24bd590f1f943cbc2bf84f197268a8c6d8"><code>28efbb2</code></a>
chore(deps-dev): bump cryptography from 46.0.5 to 46.0.6 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2873">#2873</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/uvicorn/compare/0.42.0...0.44.0">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 23:04:21 -07:00
dependabot[bot] 73b59980e6 Bump langchain-core from 1.2.23 to 1.2.28 in the pip group across 1 directory (#897)
Bumps the pip group with 1 update in the / directory:
[langchain-core](https://github.com/langchain-ai/langchain).

Updates `langchain-core` from 1.2.23 to 1.2.28
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langchain/releases">langchain-core's
releases</a>.</em></p>
<blockquote>
<h2>langchain-core==1.2.28</h2>
<p>Changes since langchain-core==1.2.27</p>
<p>release(core): release 1.2.28 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36614">#36614</a>)
fix(core): add more sanitization to templates (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36612">#36612</a>)</p>
<h2>langchain-core==1.2.27</h2>
<p>Changes since langchain-core==1.2.26</p>
<p>release(core): 1.2.27 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36586">#36586</a>)
fix(core): handle symlinks in deprecated prompt save path (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36585">#36585</a>)
chore: add comment explaining <code>pygments&gt;=2.20.0</code> (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36570">#36570</a>)</p>
<p>Credit to Jeff Ponte (<a
href="https://github.com/JDP-Security"><code>@​JDP-Security</code></a>)
for reporting the symlink resolution issue in <a
href="https://redirect.github.com/langchain-ai/langchain/issues/36585">#36585</a>.</p>
<h2>langchain-core==1.2.26</h2>
<p>Changes since langchain-core==1.2.25</p>
<p>release(core): 1.2.26 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36511">#36511</a>)
fix(core): add init validator and serialization mappings for Bedrock
models (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34510">#34510</a>)
feat(core): add <code>ChatBaseten</code> to serializable mapping (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36510">#36510</a>)
chore(core): drop <code>gpt-3.5-turbo</code> from docstrings (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36497">#36497</a>)
fix(core): correct parameter names in filter_messages docstring example
(<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36462">#36462</a>)</p>
<h2>langchain-core==1.2.25</h2>
<p>Changes since langchain-core==1.2.24</p>
<p>release(core): 1.2.25 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36473">#36473</a>)
fix(core): harden check for txt files in deprecated prompt loading
functions (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36471">#36471</a>)
fix(core): fixed typos in the documentation (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36459">#36459</a>)</p>
<p>Credit to Jeff Ponte (<a
href="https://github.com/JDP-Security"><code>@​JDP-Security</code></a>)
for reporting the symlink resolution issue resolved in <a
href="https://redirect.github.com/langchain-ai/langchain/issues/36471">#36471</a>.</p>
<h2>langchain-core==1.2.24</h2>
<p>Changes since langchain-core==1.2.23</p>
<p>release(core): 1.2.24 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36434">#36434</a>)
feat(core): impute placeholder filenames for OpenAI file inputs (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36433">#36433</a>)
chore: pygments&gt;=2.20.0 across all packages (CVE-2026-4539) (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36385">#36385</a>)
fix(core): add &quot;computer&quot; to _WellKnownOpenAITools (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36261">#36261</a>)</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/langchain-ai/langchain/commit/dd7c3eb3a4acfc834b038ec9dbde94478c66776e"><code>dd7c3eb</code></a>
release(core): release 1.2.28 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36614">#36614</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/af2ed47c6f008cdd551f3c0d87db3774c8dfe258"><code>af2ed47</code></a>
fix(core): add more sanitization to templates (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36612">#36612</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/7e5858d8078124f98f10102da21414689467c132"><code>7e5858d</code></a>
release(standard-tests): 1.1.6 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36610">#36610</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/fe99cb29123b704a90f5c8587a757def3b1471e0"><code>fe99cb2</code></a>
fix(standard-tests): update standard tests for sandbox backends (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36036">#36036</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/65bbd47cb2721c51ef8638f9e7da35247c4bfdde"><code>65bbd47</code></a>
chore(model-profiles): refresh model profile data (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36596">#36596</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/64864041168606535dfbd39055c0dca3dd61b5ba"><code>6486404</code></a>
release(core): 1.2.27 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36586">#36586</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/7629c747260cbaed7ca55466d5b9e1b520a7de77"><code>7629c74</code></a>
fix(core): handle symlinks in deprecated prompt save path (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36585">#36585</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/ce21bf469d7493f4716bc30feb15a5b3f16ebe1e"><code>ce21bf4</code></a>
ci: convert working-directory to validated dropdown (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36575">#36575</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/b8698eacbd2960c7e3195018f42992bf2c9d69c7"><code>b8698ea</code></a>
release(ollama): 1.1.0 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36574">#36574</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/3beba77e2e23d498fda07f9b8d6ba00aabfaf69f"><code>3beba77</code></a>
feat(ollama): support <code>response_format</code> (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34612">#34612</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langchain/compare/langchain-core==1.2.23...langchain-core==1.2.28">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langchain-core&package-manager=pip&previous-version=1.2.23&new-version=1.2.28)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-09 22:54:51 -07:00
John Kennedy 279630ca2c fix: patch 8 security alerts (all severities) (#891)
## Security Alert Patch

Resolves 8 Dependabot security alerts across all severity tiers.

### Packages Updated

| Package | Old Constraint | New Constraint | Strategy | Scope | CVEs
Resolved |

|---------|---------------|----------------|----------|-------|---------------|
| Pygments | 2.19.2 | 2.20.0 | A — lockfile update | runtime
(transitive) | CVE-2026-4539 |
| yaml | 1.10.2 | 1.10.3 | A — lockfile patch | runtime (transitive) |
CVE-2026-33532 |
| yaml | 2.3.3 | 2.8.3 | A — lockfile regen | dev (transitive) |
CVE-2026-33532 |
| esbuild | 0.21.5 / 0.24.2 | 0.25.0 | C — resolution override
(dev-only) | dev-only | GHSA-67mh-4wv8-2f99 |

Strategy = direct bump (A) / override (C, dev-only)
Scope = runtime (transitive) = transitive dep in runtime chain /
dev-only = local dev only

### CVE Details

- **CVE-2026-4539** (low) — Pygments ReDoS via inefficient regex for
GUID matching.
[GHSA-5239-wwwm-4pmq](https://github.com/advisories/GHSA-5239-wwwm-4pmq)
- **CVE-2026-33532** (medium) — yaml stack overflow via deeply nested
YAML collections.
[GHSA-48c2-rrv3-qjmp](https://github.com/advisories/GHSA-48c2-rrv3-qjmp)
- **GHSA-67mh-4wv8-2f99** (medium) — esbuild dev server allows any
website to send requests and read responses.
[GHSA-67mh-4wv8-2f99](https://github.com/advisories/GHSA-67mh-4wv8-2f99)

### Linear Tickets

No matching Linear tickets found for the resolved CVEs.

### Verification

- [x] All lockfiles regenerated
- [x] Linters pass (`ruff check`, `ruff format --check`)
- [x] Tests pass (123 passed)

🤖 Submitted by langster-patch
2026-04-01 00:19:21 -07:00
dependabot[bot] ad0c8a8ce1 Bump pytest-socket from 0.6.0 to 0.7.0 (#890)
Bumps [pytest-socket](https://github.com/miketheman/pytest-socket) from
0.6.0 to 0.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/miketheman/pytest-socket/releases">pytest-socket's
releases</a>.</em></p>
<blockquote>
<h2>0.7.0</h2>
<h2>What's Changed</h2>
<ul>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/191">miketheman/pytest-socket#191</a></li>
<li>chore(deps-dev): update starlette requirement from ^0.23.0 to
^0.24.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/192">miketheman/pytest-socket#192</a></li>
<li>feat: force enable socket CLI flag by <a
href="https://github.com/mgaitan"><code>@​mgaitan</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/186">miketheman/pytest-socket#186</a></li>
<li>chore(deps-dev): update starlette requirement from ^0.24.0 to
^0.25.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/193">miketheman/pytest-socket#193</a></li>
<li>chore(deps): update actions/checkout action to v3.4.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/198">miketheman/pytest-socket#198</a></li>
<li>chore(deps): bump actions/stale from 7 to 8 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/200">miketheman/pytest-socket#200</a></li>
<li>chore(deps): bump actions/checkout from 3.4.0 to 3.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/202">miketheman/pytest-socket#202</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/204">miketheman/pytest-socket#204</a></li>
<li>chore(deps-dev): update starlette requirement from ^0.25.0 to
^0.26.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/197">miketheman/pytest-socket#197</a></li>
<li>chore(deps): update actions/checkout action to v3.5.2 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/207">miketheman/pytest-socket#207</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/213">miketheman/pytest-socket#213</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/214">miketheman/pytest-socket#214</a></li>
<li>chore(deps): update dependency pytest-httpbin to v2 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/215">miketheman/pytest-socket#215</a></li>
<li>chore(deps): update dependency starlette to ^0.27.0 [security] by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/219">miketheman/pytest-socket#219</a></li>
<li>chore(deps): update actions/checkout action to v3.5.3 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/222">miketheman/pytest-socket#222</a></li>
<li>chore(deps): update dependency starlette to ^0.28.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/225">miketheman/pytest-socket#225</a></li>
<li>chore(deps): update dependency httpx to ^0.24.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/206">miketheman/pytest-socket#206</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/224">miketheman/pytest-socket#224</a></li>
<li>test: remove deprecated asynctest by <a
href="https://github.com/miketheman"><code>@​miketheman</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/226">miketheman/pytest-socket#226</a></li>
<li>test: test against Python 3.11 by <a
href="https://github.com/miketheman"><code>@​miketheman</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/175">miketheman/pytest-socket#175</a></li>
<li>test: extract common function for reuse by <a
href="https://github.com/miketheman"><code>@​miketheman</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/227">miketheman/pytest-socket#227</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/228">miketheman/pytest-socket#228</a></li>
<li>test: update test remote with stable service by <a
href="https://github.com/miketheman"><code>@​miketheman</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/231">miketheman/pytest-socket#231</a></li>
<li>test: speed up with dependency caching by <a
href="https://github.com/miketheman"><code>@​miketheman</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/232">miketheman/pytest-socket#232</a></li>
<li>fix: only emit license and readme for sdist by <a
href="https://github.com/miketheman"><code>@​miketheman</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/233">miketheman/pytest-socket#233</a></li>
<li>test: don't fail silently by <a
href="https://github.com/miketheman"><code>@​miketheman</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/234">miketheman/pytest-socket#234</a></li>
<li>chore(allow_hosts): Use getaddrinfo instead of gethostbyname by <a
href="https://github.com/hasier"><code>@​hasier</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/209">miketheman/pytest-socket#209</a></li>
<li>chore(deps): update dependency pytest to v7.4.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/235">miketheman/pytest-socket#235</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/236">miketheman/pytest-socket#236</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/237">miketheman/pytest-socket#237</a></li>
<li>chore(deps-dev): bump starlette from 0.28.0 to 0.29.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/239">miketheman/pytest-socket#239</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/240">miketheman/pytest-socket#240</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/241">miketheman/pytest-socket#241</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/242">miketheman/pytest-socket#242</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/243">miketheman/pytest-socket#243</a></li>
<li>chore(deps): update actions/checkout action to v3.6.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/244">miketheman/pytest-socket#244</a></li>
<li>chore(deps): update dependency coverage to v7.3.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/247">miketheman/pytest-socket#247</a></li>
<li>chore(deps-dev): bump certifi from 2023.5.7 to 2023.7.22 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/249">miketheman/pytest-socket#249</a></li>
<li>chore(deps): update dependency pytest to v7.4.1 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/250">miketheman/pytest-socket#250</a></li>
<li>chore(deps): update actions/checkout action to v4 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/251">miketheman/pytest-socket#251</a></li>
<li>chore(deps): update dependency pytest-randomly to v3.15.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/248">miketheman/pytest-socket#248</a></li>
<li>chore(deps): update dependency coverage to v7.3.1 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/252">miketheman/pytest-socket#252</a></li>
<li>chore(deps): update dependency pytest to v7.4.2 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/253">miketheman/pytest-socket#253</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/254">miketheman/pytest-socket#254</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/256">miketheman/pytest-socket#256</a></li>
<li>chore(deps): update actions/checkout action to v4.1.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/257">miketheman/pytest-socket#257</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/258">miketheman/pytest-socket#258</a></li>
<li>chore(deps): update minimum required pytest version by <a
href="https://github.com/miketheman"><code>@​miketheman</code></a> in <a
href="https://redirect.github.com/miketheman/pytest-socket/pull/269">miketheman/pytest-socket#269</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/miketheman/pytest-socket/blob/main/CHANGELOG.md">pytest-socket's
changelog</a>.</em></p>
<blockquote>
<h2>[0.7.0][] (2024-01-28)</h2>
<p>Enhancements:</p>
<ul>
<li>Force enable socket CLI flag <a
href="https://redirect.github.com/miketheman/pytest-socket/issues/186">#186</a></li>
<li>Use <code>getaddrinfo()</code> instead of
<code>gethostbyname()</code> <a
href="https://redirect.github.com/miketheman/pytest-socket/issues/209">#209</a></li>
<li>Allow both Hosts via IP and Name <a
href="https://redirect.github.com/miketheman/pytest-socket/issues/275">#275</a></li>
</ul>
<p>Changes:</p>
<ul>
<li><strong>Removed support for Python 3.7 and older.</strong></li>
<li>Dependency updates</li>
<li>Development updates</li>
<li>Testing updates</li>
<li>Emit license and readme for source distribution <a
href="https://redirect.github.com/miketheman/pytest-socket/issues/233">#233</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/miketheman/pytest-socket/commit/93f704bc7989cee1df10024e0344c08e16055300"><code>93f704b</code></a>
pytest-socket, v0.7.0</li>
<li><a
href="https://github.com/miketheman/pytest-socket/commit/f8c904d66a4e53e72328407118ed6095cf7fe7e7"><code>f8c904d</code></a>
docs: update readme for clarity</li>
<li><a
href="https://github.com/miketheman/pytest-socket/commit/e9899eb11531e0905c5da799246c0d943353d72f"><code>e9899eb</code></a>
chore: remove custom condeql config</li>
<li><a
href="https://github.com/miketheman/pytest-socket/commit/0621810d5edaf0d44b6f7eb802a83ec089b24612"><code>0621810</code></a>
chore(dependencies): update custom httpbin pin (<a
href="https://redirect.github.com/miketheman/pytest-socket/issues/302">#302</a>)</li>
<li><a
href="https://github.com/miketheman/pytest-socket/commit/c78b94674965de1d4f536ad4934cf348c866cca5"><code>c78b946</code></a>
chore(deps-dev): bump starlette from 0.35.1 to 0.36.1 (<a
href="https://redirect.github.com/miketheman/pytest-socket/issues/301">#301</a>)</li>
<li><a
href="https://github.com/miketheman/pytest-socket/commit/7d7f2dffd0ec9fc0cc70e00e8e0c4e89286f3adf"><code>7d7f2df</code></a>
chore(deps-dev): bump jinja2 from 3.1.2 to 3.1.3 (<a
href="https://redirect.github.com/miketheman/pytest-socket/issues/299">#299</a>)</li>
<li><a
href="https://github.com/miketheman/pytest-socket/commit/182efc81512834f9da212733fa825ba994bc7c71"><code>182efc8</code></a>
chore(deps-dev): bump starlette from 0.34.0 to 0.35.1 (<a
href="https://redirect.github.com/miketheman/pytest-socket/issues/300">#300</a>)</li>
<li><a
href="https://github.com/miketheman/pytest-socket/commit/8cc5ec0c0f1ea6ddff46ada8450a347f0831c044"><code>8cc5ec0</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/miketheman/pytest-socket/issues/297">#297</a>)</li>
<li><a
href="https://github.com/miketheman/pytest-socket/commit/fbd9abf3205ecc5a62c019acd1bbc58ccab18d9c"><code>fbd9abf</code></a>
chore(deps): update dependency httpx to ^0.26.0 (<a
href="https://redirect.github.com/miketheman/pytest-socket/issues/292">#292</a>)</li>
<li><a
href="https://github.com/miketheman/pytest-socket/commit/16b74f83c38ca2855dfd9ee94d96b518471f6a3b"><code>16b74f8</code></a>
chore(deps): update dependency coverage to v7.4.0 (<a
href="https://redirect.github.com/miketheman/pytest-socket/issues/288">#288</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/miketheman/pytest-socket/compare/0.6.0...0.7.0">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-31 17:46:27 -07:00
dependabot[bot] 81fa67452f Bump fastapi from 0.135.1 to 0.135.2 (#889)
Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.135.1 to
0.135.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fastapi/fastapi/releases">fastapi's
releases</a>.</em></p>
<blockquote>
<h2>0.135.2</h2>
<h3>Upgrades</h3>
<ul>
<li>⬆️ Increase lower bound to <code>pydantic &gt;=2.9.0.</code> and fix
the test suite. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15139">#15139</a>
by <a
href="https://github.com/svlandeg"><code>@​svlandeg</code></a>.</li>
</ul>
<h3>Docs</h3>
<ul>
<li>📝 Add missing last release notes dates. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15202">#15202</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>📝 Update docs for contributors and team members regarding
translation PRs. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15200">#15200</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>💄 Fix code blocks in reference docs overflowing table width. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15094">#15094</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>📝 Fix duplicated words in docstrings. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15116">#15116</a>
by <a
href="https://github.com/AhsanSheraz"><code>@​AhsanSheraz</code></a>.</li>
<li>📝 Add docs for <code>pyproject.toml</code> with
<code>entrypoint</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15075">#15075</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>📝 Update links in docs to no longer use the classes external-link
and internal-link. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15061">#15061</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🔨 Add JS and CSS handling for automatic <code>target=_blank</code>
for links in docs. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15063">#15063</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>💄 Update styles for internal and external links in new tab. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15058">#15058</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>📝 Add documentation for the FastAPI VS Code extension. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15008">#15008</a>
by <a
href="https://github.com/savannahostrowski"><code>@​savannahostrowski</code></a>.</li>
<li>📝 Fix doctrings for <code>max_digits</code> and
<code>decimal_places</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14944">#14944</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>📝 Add dates to release notes. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15001">#15001</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
</ul>
<h3>Translations</h3>
<ul>
<li>🌐 Update translations for zh (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15177">#15177</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for zh-hant (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15178">#15178</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for zh-hant (add-missing). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15176">#15176</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for zh (add-missing). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15175">#15175</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for ja (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15171">#15171</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for ko (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15170">#15170</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for tr (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15172">#15172</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for ko (add-missing). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15168">#15168</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for ja (add-missing). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15167">#15167</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for tr (add-missing). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15169">#15169</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for fr (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15165">#15165</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for fr (add-missing). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15163">#15163</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for uk (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15160">#15160</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for uk (add-missing). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15158">#15158</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for pt (add-missing). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15157">#15157</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for pt (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15159">#15159</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for es (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15155">#15155</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for es (add-missing). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15154">#15154</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for de (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15156">#15156</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for ru (update-and-add). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15152">#15152</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for de (add-missing). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15153">#15153</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>🔨 Exclude spam comments from statistics in
<code>scripts/people.py</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15088">#15088</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>⬆ Bump authlib from 1.6.7 to 1.6.9. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15128">#15128</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump pyasn1 from 0.6.2 to 0.6.3. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15143">#15143</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump ujson from 5.11.0 to 5.12.0. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15150">#15150</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>🔨 Tweak translation workflow and translation fixer tool. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15166">#15166</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fastapi/fastapi/commit/25a3697cedc6e7dfb84e93c8ff965801486f00f4"><code>25a3697</code></a>
🔖 Release version 0.135.2</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/ab125daa4034435777853a2c5a6c47451414f9aa"><code>ab125da</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/122b6d490f844b6f716855d55a3e11237b7fb61f"><code>122b6d4</code></a>
📝 Add missing last release notes dates (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15202">#15202</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/68ac0ab91e9b14c418013790fc0e420a827686b5"><code>68ac0ab</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/ea6e287eb398afe6a82c3ef71780e8451813f674"><code>ea6e287</code></a>
📝 Update docs for contributors and team members regarding translation
PRs (<a
href="https://redirect.github.com/fastapi/fastapi/issues/1">#1</a>...</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/d0a6f208c5cb5daaa1de5ea5187729e3789d1dce"><code>d0a6f20</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/fd9e192cf4fae399c0d51dd23e2a137052eb6087"><code>fd9e192</code></a>
💄 Fix code blocks in reference docs overflowing table width (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15094">#15094</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/fce9460f865928eb7d0393d8809bbc472e0c21cd"><code>fce9460</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/0227991a01e61bf5cdd93cc00e9e243f52b47a4a"><code>0227991</code></a>
🔨 Exclude spam comments from statistics in
<code>scripts/people.py</code> (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15088">#15088</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/cbd64b09a32681d3b0ea097608bc62eb0d1587e0"><code>cbd64b0</code></a>
📝 Update release notes</li>
<li>Additional commits viewable in <a
href="https://github.com/fastapi/fastapi/compare/0.135.1...0.135.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fastapi&package-manager=pip&previous-version=0.135.1&new-version=0.135.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-31 17:43:33 -07:00
dependabot[bot] 0cf1cdb692 Bump openai from 2.24.0 to 2.30.0 (#888)
Bumps [openai](https://github.com/openai/openai-python) from 2.24.0 to
2.30.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/openai/openai-python/releases">openai's
releases</a>.</em></p>
<blockquote>
<h2>v2.30.0</h2>
<h2>2.30.0 (2026-03-25)</h2>
<p>Full Changelog: <a
href="https://github.com/openai/openai-python/compare/v2.29.0...v2.30.0">v2.29.0...v2.30.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> add keys field to
Click/DoubleClick/Drag/Move/Scroll computer actions (<a
href="https://github.com/openai/openai-python/commit/ee1bbeddbb38dab817557412dc106354409bb950">ee1bbed</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>api:</strong> align SDK response types with expanded item
schemas (<a
href="https://github.com/openai/openai-python/commit/f3f258a9d4d19db3fb0c6c35e25ad3cedbe71254">f3f258a</a>)</li>
<li>sanitize endpoint path params (<a
href="https://github.com/openai/openai-python/commit/89f66988fde790c0c83ff8b876d1e1b10d616367">89f6698</a>)</li>
<li><strong>types:</strong> make type required in
ResponseInputMessageItem (<a
href="https://github.com/openai/openai-python/commit/cfdb1676ea0550840330a58f1a31a40a41a0a53f">cfdb167</a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><strong>ci:</strong> skip lint on metadata-only changes (<a
href="https://github.com/openai/openai-python/commit/faa93e19a1d5c30c7dd672a08dbbdbb3c0374714">faa93e1</a>)</li>
<li><strong>internal:</strong> update gitignore (<a
href="https://github.com/openai/openai-python/commit/c468477f1546579618865a726e35a685cffeacd9">c468477</a>)</li>
<li><strong>tests:</strong> bump steady to v0.19.4 (<a
href="https://github.com/openai/openai-python/commit/f350af86c13ade0237778010d264c55fda443354">f350af8</a>)</li>
<li><strong>tests:</strong> bump steady to v0.19.5 (<a
href="https://github.com/openai/openai-python/commit/5c0340128fc1a416e2dfdc6ab4b05f1e954e8482">5c03401</a>)</li>
<li><strong>tests:</strong> bump steady to v0.19.6 (<a
href="https://github.com/openai/openai-python/commit/b6353b8411d31dcc95875d801ce9e90a21e0fd52">b6353b8</a>)</li>
<li><strong>tests:</strong> bump steady to v0.19.7 (<a
href="https://github.com/openai/openai-python/commit/1d654bea74ac9c3d43302587f98f33cfff502e48">1d654be</a>)</li>
</ul>
<h3>Refactors</h3>
<ul>
<li><strong>tests:</strong> switch from prism to steady (<a
href="https://github.com/openai/openai-python/commit/4a82035669b739d16a0e85d4ded778d51e061948">4a82035</a>)</li>
</ul>
<h2>v2.29.0</h2>
<h2>2.29.0 (2026-03-17)</h2>
<p>Full Changelog: <a
href="https://github.com/openai/openai-python/compare/v2.28.0...v2.29.0">v2.28.0...v2.29.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> 5.4 nano and mini model slugs (<a
href="https://github.com/openai/openai-python/commit/3b456661f77ca3196aceb5ab3350664a63481114">3b45666</a>)</li>
<li><strong>api:</strong> add /v1/videos endpoint to batches create
method (<a
href="https://github.com/openai/openai-python/commit/c0e7a161a996854021e9eb69ea2a60ca0d08047f">c0e7a16</a>)</li>
<li><strong>api:</strong> add defer_loading field to ToolFunction (<a
href="https://github.com/openai/openai-python/commit/3167595432bdda2f90721901d30ad316db49323e">3167595</a>)</li>
<li><strong>api:</strong> add in and nin operators to ComparisonFilter
type (<a
href="https://github.com/openai/openai-python/commit/664f02b051af84e1ca3fa313981ec72fdea269b3">664f02b</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump minimum typing-extensions version (<a
href="https://github.com/openai/openai-python/commit/a2fb2ca55142c6658a18be7bd1392a01f5a83f35">a2fb2ca</a>)</li>
<li><strong>pydantic:</strong> do not pass <code>by_alias</code> unless
set (<a
href="https://github.com/openai/openai-python/commit/8ebe8fbcb011c6a005a715cae50c6400a8596ee0">8ebe8fb</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/openai/openai-python/blob/main/CHANGELOG.md">openai's
changelog</a>.</em></p>
<blockquote>
<h2>2.30.0 (2026-03-25)</h2>
<p>Full Changelog: <a
href="https://github.com/openai/openai-python/compare/v2.29.0...v2.30.0">v2.29.0...v2.30.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> add keys field to
Click/DoubleClick/Drag/Move/Scroll computer actions (<a
href="https://github.com/openai/openai-python/commit/ee1bbeddbb38dab817557412dc106354409bb950">ee1bbed</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>api:</strong> align SDK response types with expanded item
schemas (<a
href="https://github.com/openai/openai-python/commit/f3f258a9d4d19db3fb0c6c35e25ad3cedbe71254">f3f258a</a>)</li>
<li>sanitize endpoint path params (<a
href="https://github.com/openai/openai-python/commit/89f66988fde790c0c83ff8b876d1e1b10d616367">89f6698</a>)</li>
<li><strong>types:</strong> make type required in
ResponseInputMessageItem (<a
href="https://github.com/openai/openai-python/commit/cfdb1676ea0550840330a58f1a31a40a41a0a53f">cfdb167</a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><strong>ci:</strong> skip lint on metadata-only changes (<a
href="https://github.com/openai/openai-python/commit/faa93e19a1d5c30c7dd672a08dbbdbb3c0374714">faa93e1</a>)</li>
<li><strong>internal:</strong> update gitignore (<a
href="https://github.com/openai/openai-python/commit/c468477f1546579618865a726e35a685cffeacd9">c468477</a>)</li>
<li><strong>tests:</strong> bump steady to v0.19.4 (<a
href="https://github.com/openai/openai-python/commit/f350af86c13ade0237778010d264c55fda443354">f350af8</a>)</li>
<li><strong>tests:</strong> bump steady to v0.19.5 (<a
href="https://github.com/openai/openai-python/commit/5c0340128fc1a416e2dfdc6ab4b05f1e954e8482">5c03401</a>)</li>
<li><strong>tests:</strong> bump steady to v0.19.6 (<a
href="https://github.com/openai/openai-python/commit/b6353b8411d31dcc95875d801ce9e90a21e0fd52">b6353b8</a>)</li>
<li><strong>tests:</strong> bump steady to v0.19.7 (<a
href="https://github.com/openai/openai-python/commit/1d654bea74ac9c3d43302587f98f33cfff502e48">1d654be</a>)</li>
</ul>
<h3>Refactors</h3>
<ul>
<li><strong>tests:</strong> switch from prism to steady (<a
href="https://github.com/openai/openai-python/commit/4a82035669b739d16a0e85d4ded778d51e061948">4a82035</a>)</li>
</ul>
<h2>2.29.0 (2026-03-17)</h2>
<p>Full Changelog: <a
href="https://github.com/openai/openai-python/compare/v2.28.0...v2.29.0">v2.28.0...v2.29.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> 5.4 nano and mini model slugs (<a
href="https://github.com/openai/openai-python/commit/3b456661f77ca3196aceb5ab3350664a63481114">3b45666</a>)</li>
<li><strong>api:</strong> add /v1/videos endpoint to batches create
method (<a
href="https://github.com/openai/openai-python/commit/c0e7a161a996854021e9eb69ea2a60ca0d08047f">c0e7a16</a>)</li>
<li><strong>api:</strong> add defer_loading field to ToolFunction (<a
href="https://github.com/openai/openai-python/commit/3167595432bdda2f90721901d30ad316db49323e">3167595</a>)</li>
<li><strong>api:</strong> add in and nin operators to ComparisonFilter
type (<a
href="https://github.com/openai/openai-python/commit/664f02b051af84e1ca3fa313981ec72fdea269b3">664f02b</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump minimum typing-extensions version (<a
href="https://github.com/openai/openai-python/commit/a2fb2ca55142c6658a18be7bd1392a01f5a83f35">a2fb2ca</a>)</li>
<li><strong>pydantic:</strong> do not pass <code>by_alias</code> unless
set (<a
href="https://github.com/openai/openai-python/commit/8ebe8fbcb011c6a005a715cae50c6400a8596ee0">8ebe8fb</a>)</li>
</ul>
<h3>Chores</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/openai/openai-python/commit/5ae2cc10e4140d36aa236fa7c0bc5ce5ff190a01"><code>5ae2cc1</code></a>
release: 2.30.0</li>
<li><a
href="https://github.com/openai/openai-python/commit/6e772ae791759b25de83313614e0fb26eba895b7"><code>6e772ae</code></a>
fix(api): align SDK response types with expanded item schemas</li>
<li><a
href="https://github.com/openai/openai-python/commit/cd72fba37866bfdddd4a84420afe2ff397279582"><code>cd72fba</code></a>
feat(api): add keys field to Click/DoubleClick/Drag/Move/Scroll computer
actions</li>
<li><a
href="https://github.com/openai/openai-python/commit/4f43fe371037415ace13981a277917366b6fc24e"><code>4f43fe3</code></a>
chore(tests): bump steady to v0.19.7</li>
<li><a
href="https://github.com/openai/openai-python/commit/23bc02703bbb9497eadd5d56497d5d6954372a62"><code>23bc027</code></a>
chore(ci): skip lint on metadata-only changes</li>
<li><a
href="https://github.com/openai/openai-python/commit/e3c59bf1ac8533a1be831a6d166f9f7abeabf8e0"><code>e3c59bf</code></a>
chore(tests): bump steady to v0.19.6</li>
<li><a
href="https://github.com/openai/openai-python/commit/56ad9ca089394e535d7df52fe48d544e54086ddc"><code>56ad9ca</code></a>
fix(types): make type required in ResponseInputMessageItem</li>
<li><a
href="https://github.com/openai/openai-python/commit/78c764bdf483a0c48789bfdefe6299830d5abde0"><code>78c764b</code></a>
chore(internal): update gitignore</li>
<li><a
href="https://github.com/openai/openai-python/commit/634b74edd4aaa07a74f9ee30241410d61624264f"><code>634b74e</code></a>
chore(tests): bump steady to v0.19.5</li>
<li><a
href="https://github.com/openai/openai-python/commit/c8c9508899b2119cc69e006403d09cbad7f616e4"><code>c8c9508</code></a>
chore(tests): bump steady to v0.19.4</li>
<li>Additional commits viewable in <a
href="https://github.com/openai/openai-python/compare/v2.24.0...v2.30.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=openai&package-manager=pip&previous-version=2.24.0&new-version=2.30.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-31 17:43:18 -07:00
dependabot[bot] 1d40334f07 Bump langchain-core from 1.2.22 to 1.2.23 (#887)
Bumps [langchain-core](https://github.com/langchain-ai/langchain) from
1.2.22 to 1.2.23.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langchain/releases">langchain-core's
releases</a>.</em></p>
<blockquote>
<h2>langchain-core==1.2.23</h2>
<p>Changes since langchain-core==1.2.22</p>
<p>release(core): 1.2.23 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36323">#36323</a>)
revert: Revert &quot;fix(core): trace invocation params in
metadata&quot; (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36322">#36322</a>)
chore: bump requests from 2.32.5 to 2.33.0 in /libs/core (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36243">#36243</a>)</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/langchain-ai/langchain/commit/d48364130dfc4ef2e8a751453d2045243c22b388"><code>d483641</code></a>
release(core): 1.2.23 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36323">#36323</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/389f7ad1bc15123b8b901e61d0a1785b0a14815f"><code>389f7ad</code></a>
revert: Revert &quot;fix(core): trace invocation params in
metadata&quot; (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36322">#36322</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/475408fa620996e1958d18a0789ed5bf9fdee054"><code>475408f</code></a>
fix(langchain): recognize ChatAnthropicVertex in
_get_approximate_token_count...</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/1545dbfa174c4dcf1d9a8618da59df480b33e235"><code>1545dbf</code></a>
chore(langchain): remove unnecessary description for toods list as a
group (#...</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/494b760028dfedddc1b91ad79f80a05d393d277e"><code>494b760</code></a>
fix(chroma): fix Python 3.14 support in langchain-chroma (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36199">#36199</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/c7a677bba511d7f3f5c36f9384ae6ba150866e04"><code>c7a677b</code></a>
chore(langchain): add async implementation to todolist and test (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36313">#36313</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/03515881176fddba919e3592e0a41cbc9806fdb8"><code>0351588</code></a>
chore: harden language in ci (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36314">#36314</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/954a23094d15b91ae2137cbfabd3870cb8853a5e"><code>954a230</code></a>
chore(langchain): speed up todo list middleware init (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36311">#36311</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/89cd0caa54d541e33ae87224c8e277bcbb026020"><code>89cd0ca</code></a>
docs: fix grammatical error in development guidelines (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36225">#36225</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/2aeeb58ef11e74ab98f869d6ae5c2ae04721be06"><code>2aeeb58</code></a>
chore: bump requests from 2.32.5 to 2.33.0 in /libs/core (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36243">#36243</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langchain/compare/langchain-core==1.2.22...langchain-core==1.2.23">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langchain-core&package-manager=pip&previous-version=1.2.22&new-version=1.2.23)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-31 17:43:08 -07:00
dependabot[bot] ffd3ec1e4b Bump pytest-cov from 4.1.0 to 7.1.0 (#881)
Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 4.1.0
to 7.1.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst">pytest-cov's
changelog</a>.</em></p>
<blockquote>
<h2>7.1.0 (2026-03-21)</h2>
<ul>
<li>
<p>Fixed total coverage computation to always be consistent, regardless
of reporting settings.
Previously some reports could produce different total counts, and
consequently can make --cov-fail-under behave different depending on
reporting options.
See <code>[#641](https://github.com/pytest-dev/pytest-cov/issues/641)
&lt;https://github.com/pytest-dev/pytest-cov/issues/641&gt;</code>_.</p>
</li>
<li>
<p>Improve handling of ResourceWarning from sqlite3.</p>
<p>The plugin adds warning filter for sqlite3
<code>ResourceWarning</code> unclosed database (since 6.2.0).
It checks if there is already existing plugin for this message by
comparing filter regular expression.
When filter is specified on command line the message is escaped and does
not match an expected message.
A check for an escaped regular expression is added to handle this
case.</p>
<p>With this fix one can suppress <code>ResourceWarning</code> from
sqlite3 from command line::</p>
<p>pytest -W &quot;ignore:unclosed database in &lt;sqlite3.Connection
object at:ResourceWarning&quot; ...</p>
</li>
<li>
<p>Various improvements to documentation.
Contributed by Art Pelling in
<code>[#718](https://github.com/pytest-dev/pytest-cov/issues/718)
&lt;https://github.com/pytest-dev/pytest-cov/pull/718&gt;</code>_ and
&quot;vivodi&quot; in
<code>[#738](https://github.com/pytest-dev/pytest-cov/issues/738)
&lt;https://github.com/pytest-dev/pytest-cov/pull/738&gt;</code><em>.
Also closed
<code>[#736](https://github.com/pytest-dev/pytest-cov/issues/736)
&lt;https://github.com/pytest-dev/pytest-cov/issues/736&gt;</code></em>.</p>
</li>
<li>
<p>Fixed some assertions in tests.
Contributed by in Markéta Machová in
<code>[#722](https://github.com/pytest-dev/pytest-cov/issues/722)
&lt;https://github.com/pytest-dev/pytest-cov/pull/722&gt;</code>_.</p>
</li>
<li>
<p>Removed unnecessary coverage configuration copying (meant as a backup
because reporting commands had configuration side-effects before
coverage 5.0).</p>
</li>
</ul>
<h2>7.0.0 (2025-09-09)</h2>
<ul>
<li>
<p>Dropped support for subprocesses measurement.</p>
<p>It was a feature added long time ago when coverage lacked a nice way
to measure subprocesses created in tests.
It relied on a <code>.pth</code> file, there was no way to opt-out and
it created bad interations
with <code>coverage's new patch system
&lt;https://coverage.readthedocs.io/en/latest/config.html#run-patch&gt;</code>_
added
in <code>7.10
&lt;https://coverage.readthedocs.io/en/7.10.6/changes.html#version-7-10-0-2025-07-24&gt;</code>_.</p>
<p>To migrate to this release you might need to enable the suprocess
patch, example for <code>.coveragerc</code>:</p>
<p>.. code-block:: ini</p>
<p>[run]
patch = subprocess</p>
<p>This release also requires at least coverage 7.10.6.</p>
</li>
<li>
<p>Switched packaging to have metadata completely in
<code>pyproject.toml</code> and use <code>hatchling
&lt;https://pypi.org/project/hatchling/&gt;</code>_ for
building.
Contributed by Ofek Lev in
<code>[#551](https://github.com/pytest-dev/pytest-cov/issues/551)
&lt;https://github.com/pytest-dev/pytest-cov/pull/551&gt;</code>_
with some extras in
<code>[#716](https://github.com/pytest-dev/pytest-cov/issues/716)
&lt;https://github.com/pytest-dev/pytest-cov/pull/716&gt;</code>_.</p>
</li>
<li>
<p>Removed some not really necessary testing deps like
<code>six</code>.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pytest-dev/pytest-cov/commit/66c8a526b1246b5eb8fb1bc218878131bc628622"><code>66c8a52</code></a>
Bump version: 7.0.0 → 7.1.0</li>
<li><a
href="https://github.com/pytest-dev/pytest-cov/commit/f7076624784332594aa4cb3585d4757d295db15e"><code>f707662</code></a>
Make the examples use pypy 3.11.</li>
<li><a
href="https://github.com/pytest-dev/pytest-cov/commit/6049a7847872e3139e6c82e93787123df5dc8672"><code>6049a78</code></a>
Make context test use the old ctracer (seems the new sysmon tracer
behaves di...</li>
<li><a
href="https://github.com/pytest-dev/pytest-cov/commit/8ebf20bbbc73478b3f8fd36d30237d9ea083f06b"><code>8ebf20b</code></a>
Update changelog.</li>
<li><a
href="https://github.com/pytest-dev/pytest-cov/commit/861d30e60d571f97259c6b718b71c819d5dbc3b9"><code>861d30e</code></a>
Remove the backup context manager - shouldn't be needed since coverage
5.0, ...</li>
<li><a
href="https://github.com/pytest-dev/pytest-cov/commit/fd4c956014035527f0c3c8d7faef3f8cfdadac7f"><code>fd4c956</code></a>
Pass the precision on the nulled total (seems that there's some caching
goion...</li>
<li><a
href="https://github.com/pytest-dev/pytest-cov/commit/78c9c4ecb005faf4962fd86ff7bf9c9cce9554d6"><code>78c9c4e</code></a>
Only run the 3.9 on older deps.</li>
<li><a
href="https://github.com/pytest-dev/pytest-cov/commit/4849a922e8be725c662a3d9175da571ace6545dc"><code>4849a92</code></a>
Punctuation.</li>
<li><a
href="https://github.com/pytest-dev/pytest-cov/commit/197c35e2f37031fd1927715307ab6eed7cb3d2b7"><code>197c35e</code></a>
Update changelog and hopefully I don't forget to publish release again
:))</li>
<li><a
href="https://github.com/pytest-dev/pytest-cov/commit/14dc1c92d44108384e39803888635fdbfc578b7f"><code>14dc1c9</code></a>
Update examples to use 3.11 and make the adhoc layout example look a bit
more...</li>
<li>Additional commits viewable in <a
href="https://github.com/pytest-dev/pytest-cov/compare/v4.1.0...v7.1.0">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-30 20:15:41 -07:00
dependabot[bot] c7331426ad Bump langchain-core from 1.2.19 to 1.2.22 in the pip group across 1 directory (#886)
Bumps the pip group with 1 update in the / directory:
[langchain-core](https://github.com/langchain-ai/langchain).

Updates `langchain-core` from 1.2.19 to 1.2.22
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langchain/releases">langchain-core's
releases</a>.</em></p>
<blockquote>
<h2>langchain-core==1.2.22</h2>
<p>Changes since langchain-core==1.2.21</p>
<p>release(core): 1.2.22 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36201">#36201</a>)
fix(core): validate paths in <code>prompt.save</code> and
<code>load_prompt</code>, deprecate methods (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36200">#36200</a>)</p>
<h2>langchain-core==1.2.21</h2>
<p>Changes since langchain-core==1.2.20</p>
<p>release(core): 1.2.21 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36179">#36179</a>)
fix(core,model-profiles): add missing <code>ModelProfile</code> fields,
warn on schema drift (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36129">#36129</a>)
chore(core): remove stale blockbuster allowlist for deleted context
module (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36168">#36168</a>)
ci: suppress pytest streaming output in CI (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36092">#36092</a>)</p>
<h2>langchain-core==1.2.20</h2>
<p>Changes since langchain-core==1.2.19</p>
<p>release(core): 1.2.20 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36085">#36085</a>)
fix(core): trace invocation params in metadata (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36080">#36080</a>)
feat: Add LangSmith integration metadata to create_agent and
init_chat_model (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35810">#35810</a>)
feat(core): harden anti-ssrf (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35960">#35960</a>)
ci: avoid unnecessary dep installs in lint targets (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36046">#36046</a>)
docs(core): document <code>base_url</code> in mermaid api (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35961">#35961</a>)
chore: bump orjson from 3.11.5 to 3.11.6 in /libs/core (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35805">#35805</a>)
chore: housekeeping (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35850">#35850</a>)</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/langchain-ai/langchain/commit/d22df94537e4267f72dc1bbfc8e3849baf20d9f7"><code>d22df94</code></a>
release(core): 1.2.22 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36201">#36201</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/27add913474e01e33bededf4096151130ba0d47c"><code>27add91</code></a>
fix(core): validate paths in <code>prompt.save</code> and
<code>load_prompt</code>, deprecate metho...</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/7563fceb40ce31165524f3f57ec65e487c02b1a7"><code>7563fce</code></a>
chore(model-profiles): refresh model profile data (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36195">#36195</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/3e64c255b84b283b3a65216b19b9838734258c96"><code>3e64c25</code></a>
chore: use repo permissions instead of org membership for maintainer
override...</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/1778b082ecd64a9dedd48674d874ca1bfcbe4c7d"><code>1778b08</code></a>
chore(partners): bump <code>langchain-core</code> min to
<code>1.2.21</code> (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36183">#36183</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/ad574fce0d52740c249b0db7bde871d779ffb93d"><code>ad574fc</code></a>
fix(openai): bump min core version (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36180">#36180</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/19f81cf6f1d73f7adf156491ba0617497a526b8c"><code>19f81cf</code></a>
release(core): 1.2.21 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36179">#36179</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/6d07ef28a7023dc7b832fe52862f7a6fc0a187f3"><code>6d07ef2</code></a>
release(openai): 1.1.12 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/36178">#36178</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/2f64d80cc65091985873c339ca76a59af7baf739"><code>2f64d80</code></a>
fix(core,model-profiles): add missing <code>ModelProfile</code> fields,
warn on schema d...</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/5ffece5c033365baf4a3df52ffed5c6bfbed27ee"><code>5ffece5</code></a>
chore(core): remove stale blockbuster allowlist for deleted context
module (#...</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langchain/compare/langchain-core==1.2.19...langchain-core==1.2.22">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langchain-core&package-manager=pip&previous-version=1.2.19&new-version=1.2.22)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-30 18:46:17 -07:00
dependabot[bot] 1f35a9186a Bump the npm_and_yarn group across 2 directories with 1 update (#885)
Bumps the npm_and_yarn group with 1 update in the
/langserve/chat_playground directory:
[brace-expansion](https://github.com/juliangruber/brace-expansion).
Bumps the npm_and_yarn group with 1 update in the /langserve/playground
directory:
[brace-expansion](https://github.com/juliangruber/brace-expansion).

Updates `brace-expansion` from 1.1.12 to 1.1.13
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898"><code>6c353ca</code></a>
1.1.13</li>
<li><a
href="https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2"><code>7fd684f</code></a>
Backport fix for GHSA-f886-m6hf-6m8v (<a
href="https://redirect.github.com/juliangruber/brace-expansion/issues/95">#95</a>)</li>
<li>See full diff in <a
href="https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v1.1.13">compare
view</a></li>
</ul>
</details>
<br />

Updates `brace-expansion` from 1.1.12 to 1.1.13
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898"><code>6c353ca</code></a>
1.1.13</li>
<li><a
href="https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2"><code>7fd684f</code></a>
Backport fix for GHSA-f886-m6hf-6m8v (<a
href="https://redirect.github.com/juliangruber/brace-expansion/issues/95">#95</a>)</li>
<li>See full diff in <a
href="https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v1.1.13">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-30 18:46:07 -07:00
dependabot[bot] 3436a68908 Bump orjson from 3.11.6 to 3.11.7 (#880)
Bumps [orjson](https://github.com/ijl/orjson) from 3.11.6 to 3.11.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ijl/orjson/releases">orjson's
releases</a>.</em></p>
<blockquote>
<h2>3.11.7</h2>
<h3>Changed</h3>
<ul>
<li>Use a faster library to serialize <code>float</code>. Users with
byte-exact regression
tests should note positive exponents are now written using a
<code>+</code>, e.g.,
<code>1.2e+30</code> instead of <code>1.2e30</code>. Both formats are
spec-compliant.</li>
<li>ABI compatibility with CPython 3.15 alpha 5 free-threading.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ijl/orjson/blob/master/CHANGELOG.md">orjson's
changelog</a>.</em></p>
<blockquote>
<h2>3.11.7 - 2026-02-02</h2>
<h3>Changed</h3>
<ul>
<li>Use a faster library to serialize <code>float</code>. Users with
byte-exact regression
tests should note positive exponents are now written using a
<code>+</code>, e.g.,
<code>1.2e+30</code> instead of <code>1.2e30</code>. Both formats are
spec-compliant.</li>
<li>ABI compatibility with CPython 3.15 alpha 5 free-threading.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ijl/orjson/commit/ec2b066cae79ae4a90ed126ac5723335dd99e408"><code>ec2b066</code></a>
3.11.7</li>
<li><a
href="https://github.com/ijl/orjson/commit/1ca01f78cf4198ec37407d83713afa6e5c53dbf9"><code>1ca01f7</code></a>
zmij</li>
<li><a
href="https://github.com/ijl/orjson/commit/1716a226bd1f38db01503f30cd37b0efec48d88e"><code>1716a22</code></a>
cargo update</li>
<li>See full diff in <a
href="https://github.com/ijl/orjson/compare/3.11.6...3.11.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=orjson&package-manager=pip&previous-version=3.11.6&new-version=3.11.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-30 18:45:53 -07:00
dependabot[bot] 671371df0f Bump pytest from 8.4.2 to 9.0.2 (#879)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.4.2 to
9.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pytest-dev/pytest/releases">pytest's
releases</a>.</em></p>
<blockquote>
<h2>9.0.2</h2>
<h1>pytest 9.0.2 (2025-12-06)</h1>
<h2>Bug fixes</h2>
<ul>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13896">#13896</a>:
The terminal progress feature added in pytest 9.0.0 has been disabled by
default, except on Windows, due to compatibility issues with some
terminal emulators.</p>
<p>You may enable it again by passing <code>-p terminalprogress</code>.
We may enable it by default again once compatibility improves in the
future.</p>
<p>Additionally, when the environment variable <code>TERM</code> is
<code>dumb</code>, the escape codes are no longer emitted, even if the
plugin is enabled.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13904">#13904</a>:
Fixed the TOML type of the <code>tmp_path_retention_count</code>
settings in the API reference from number to string.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13946">#13946</a>:
The private <code>config.inicfg</code> attribute was changed in a
breaking manner in pytest 9.0.0.
Due to its usage in the ecosystem, it is now restored to working order
using a compatibility shim.
It will be deprecated in pytest 9.1 and removed in pytest 10.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13965">#13965</a>:
Fixed quadratic-time behavior when handling <code>unittest</code>
subtests in Python 3.10.</p>
</li>
</ul>
<h2>Improved documentation</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/4492">#4492</a>:
The API Reference now contains cross-reference-able documentation of
<code>pytest's command-line flags
&lt;command-line-flags&gt;</code>.</li>
</ul>
<h2>9.0.1</h2>
<h1>pytest 9.0.1 (2025-11-12)</h1>
<h2>Bug fixes</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13895">#13895</a>:
Restore support for skipping tests via <code>raise
unittest.SkipTest</code>.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13896">#13896</a>:
The terminal progress plugin added in pytest 9.0 is now automatically
disabled when iTerm2 is detected, it generated desktop notifications
instead of the desired functionality.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13904">#13904</a>:
Fixed the TOML type of the verbosity settings in the API reference from
number to string.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13910">#13910</a>:
Fixed <!-- raw HTML omitted -->UserWarning: Do not expect
file_or_dir<!-- raw HTML omitted --> on some earlier Python 3.12 and
3.13 point versions.</li>
</ul>
<h2>Packaging updates and notes for downstreams</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13933">#13933</a>:
The tox configuration has been adjusted to make sure the desired
version string can be passed into its <code>package_env</code> through
the <code>SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST</code> environment
variable as a part of the release process -- by
<code>webknjaz</code>.</li>
</ul>
<h2>Contributor-facing changes</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13891">#13891</a>,
<a
href="https://redirect.github.com/pytest-dev/pytest/issues/13942">#13942</a>:
The CI/CD part of the release automation is now capable of
creating GitHub Releases without having a Git checkout on
disk -- by <code>bluetech</code> and <code>webknjaz</code>.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13933">#13933</a>:
The tox configuration has been adjusted to make sure the desired
version string can be passed into its <code>package_env</code> through
the <code>SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST</code> environment
variable as a part of the release process -- by
<code>webknjaz</code>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pytest-dev/pytest/commit/3d10b5148e03eb82b3ee29181dbdc73cf82699e2"><code>3d10b51</code></a>
Prepare release version 9.0.2</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/188750b725add8c3400eee6fbb6b80559c296d69"><code>188750b</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14030">#14030</a>
from pytest-dev/patchback/backports/9.0.x/1e4b01d1f...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/b7d7bef90cb9a6db8ac1d3dd5b9ae0eb9abd6c58"><code>b7d7bef</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14014">#14014</a>
from bluetech/compat-note</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/bd08e85ac76614ff5ca9ae338aee8d8b06c8fae0"><code>bd08e85</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14013">#14013</a>
from pytest-dev/patchback/backports/9.0.x/922b60377...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/bc783862991241c442c9f9c068e51737ec15ea10"><code>bc78386</code></a>
Add CLI options reference documentation (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/13930">#13930</a>)</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/5a4e398ce89bc23d2cf3fd98c042fdffb6fa8afa"><code>5a4e398</code></a>
Fix docs typo (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14005">#14005</a>)
(<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14008">#14008</a>)</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/d7ae6df394398168bf9d926f803c26849c8f07ee"><code>d7ae6df</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14006">#14006</a>
from pytest-dev/maintenance/update-plugin-list-tmpl...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/556f6a22e12d13d1ffeceaf64424eb95d5e0fb87"><code>556f6a2</code></a>
pre-commit: fix rst-lint after new release (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/13999">#13999</a>)
(<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14001">#14001</a>)</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/c60fbe63a26f64a42738e3f3527a8f79024fdf50"><code>c60fbe6</code></a>
Fix quadratic-time behavior when handling <code>unittest</code> subtests
in Python 3.10 ...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/73d9b011183d9a1c4a7007c1119d97a6e627788e"><code>73d9b01</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/13995">#13995</a>
from nicoddemus/patchback/backports/9.0.x/1b5200c0f...</li>
<li>Additional commits viewable in <a
href="https://github.com/pytest-dev/pytest/compare/8.4.2...9.0.2">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-30 18:45:44 -07:00
dependabot[bot] 42696df0d2 Bump the npm_and_yarn group across 3 directories with 1 update (#883)
Bumps the npm_and_yarn group with 1 update in the
/langserve/chat_playground directory:
[picomatch](https://github.com/micromatch/picomatch).
Bumps the npm_and_yarn group with 1 update in the /langserve/playground
directory: [picomatch](https://github.com/micromatch/picomatch).
Bumps the npm_and_yarn group with 1 update in the
/libs/langserve-playground directory:
[picomatch](https://github.com/micromatch/picomatch).

Updates `picomatch` from 2.3.1 to 2.3.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/picomatch/releases">picomatch's
releases</a>.</em></p>
<blockquote>
<h2>2.3.2</h2>
<p>This is a security release fixing several security relevant
issues.</p>
<h2>What's Changed</h2>
<ul>
<li>fix: exception when glob pattern contains constructor by <a
href="https://github.com/Jason3S"><code>@​Jason3S</code></a> in <a
href="https://redirect.github.com/micromatch/picomatch/pull/144">micromatch/picomatch#144</a></li>
<li>Fix for <a
href="https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj">CVE-2026-33671</a></li>
<li>Fix for <a
href="https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p">CVE-2026-33672</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2">https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md">picomatch's
changelog</a>.</em></p>
<blockquote>
<h1>Release history</h1>
<p><strong>All notable changes to this project will be documented in
this file.</strong></p>
<p>The format is based on <a
href="http://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>
and this project adheres to <a
href="http://semver.org/spec/v2.0.0.html">Semantic Versioning</a>.</p>
<!-- raw HTML omitted -->
<ul>
<li>Changelogs are for humans, not machines.</li>
<li>There should be an entry for every single version.</li>
<li>The same types of changes should be grouped.</li>
<li>Versions and sections should be linkable.</li>
<li>The latest version comes first.</li>
<li>The release date of each versions is displayed.</li>
<li>Mention whether you follow Semantic Versioning.</li>
</ul>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<p>Changelog entries are classified using the following labels <em>(from
<a href="http://keepachangelog.com/">keep-a-changelog</a></em>):</p>
<ul>
<li><code>Added</code> for new features.</li>
<li><code>Changed</code> for changes in existing functionality.</li>
<li><code>Deprecated</code> for soon-to-be removed features.</li>
<li><code>Removed</code> for now removed features.</li>
<li><code>Fixed</code> for any bug fixes.</li>
<li><code>Security</code> in case of vulnerabilities.</li>
</ul>
<!-- raw HTML omitted -->
<h2>4.0.0 (2024-02-07)</h2>
<h3>Fixes</h3>
<ul>
<li>Fix bad text values in parse <a
href="https://redirect.github.com/micromatch/picomatch/issues/126">#126</a>,
thanks to <a
href="https://github.com/connor4312"><code>@​connor4312</code></a></li>
</ul>
<h3>Changed</h3>
<ul>
<li>Remove process global to work outside of node <a
href="https://redirect.github.com/micromatch/picomatch/issues/129">#129</a>,
thanks to <a
href="https://github.com/styfle"><code>@​styfle</code></a></li>
<li>Add sideEffects to package.json <a
href="https://redirect.github.com/micromatch/picomatch/issues/128">#128</a>,
thanks to <a
href="https://github.com/frandiox"><code>@​frandiox</code></a></li>
<li>Removed <code>os</code>, make compatible browser environment. See <a
href="https://redirect.github.com/micromatch/picomatch/issues/124">#124</a>,
thanks to <a
href="https://github.com/gwsbhqt"><code>@​gwsbhqt</code></a></li>
</ul>
<h2>3.0.1</h2>
<h3>Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2"><code>81cba8d</code></a>
Publish 2.3.2</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce"><code>fc1f6b6</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b"><code>eec17ae</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed"><code>78f8ca4</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/picomatch/issues/156">#156</a>
from micromatch/backport-144</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b"><code>3f4f10e</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/picomatch/issues/144">#144</a>
from Jason3S/jdent-object-properties</li>
<li>See full diff in <a
href="https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2">compare
view</a></li>
</ul>
</details>
<br />

Updates `picomatch` from 2.3.1 to 2.3.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/picomatch/releases">picomatch's
releases</a>.</em></p>
<blockquote>
<h2>2.3.2</h2>
<p>This is a security release fixing several security relevant
issues.</p>
<h2>What's Changed</h2>
<ul>
<li>fix: exception when glob pattern contains constructor by <a
href="https://github.com/Jason3S"><code>@​Jason3S</code></a> in <a
href="https://redirect.github.com/micromatch/picomatch/pull/144">micromatch/picomatch#144</a></li>
<li>Fix for <a
href="https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj">CVE-2026-33671</a></li>
<li>Fix for <a
href="https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p">CVE-2026-33672</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2">https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md">picomatch's
changelog</a>.</em></p>
<blockquote>
<h1>Release history</h1>
<p><strong>All notable changes to this project will be documented in
this file.</strong></p>
<p>The format is based on <a
href="http://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>
and this project adheres to <a
href="http://semver.org/spec/v2.0.0.html">Semantic Versioning</a>.</p>
<!-- raw HTML omitted -->
<ul>
<li>Changelogs are for humans, not machines.</li>
<li>There should be an entry for every single version.</li>
<li>The same types of changes should be grouped.</li>
<li>Versions and sections should be linkable.</li>
<li>The latest version comes first.</li>
<li>The release date of each versions is displayed.</li>
<li>Mention whether you follow Semantic Versioning.</li>
</ul>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<p>Changelog entries are classified using the following labels <em>(from
<a href="http://keepachangelog.com/">keep-a-changelog</a></em>):</p>
<ul>
<li><code>Added</code> for new features.</li>
<li><code>Changed</code> for changes in existing functionality.</li>
<li><code>Deprecated</code> for soon-to-be removed features.</li>
<li><code>Removed</code> for now removed features.</li>
<li><code>Fixed</code> for any bug fixes.</li>
<li><code>Security</code> in case of vulnerabilities.</li>
</ul>
<!-- raw HTML omitted -->
<h2>4.0.0 (2024-02-07)</h2>
<h3>Fixes</h3>
<ul>
<li>Fix bad text values in parse <a
href="https://redirect.github.com/micromatch/picomatch/issues/126">#126</a>,
thanks to <a
href="https://github.com/connor4312"><code>@​connor4312</code></a></li>
</ul>
<h3>Changed</h3>
<ul>
<li>Remove process global to work outside of node <a
href="https://redirect.github.com/micromatch/picomatch/issues/129">#129</a>,
thanks to <a
href="https://github.com/styfle"><code>@​styfle</code></a></li>
<li>Add sideEffects to package.json <a
href="https://redirect.github.com/micromatch/picomatch/issues/128">#128</a>,
thanks to <a
href="https://github.com/frandiox"><code>@​frandiox</code></a></li>
<li>Removed <code>os</code>, make compatible browser environment. See <a
href="https://redirect.github.com/micromatch/picomatch/issues/124">#124</a>,
thanks to <a
href="https://github.com/gwsbhqt"><code>@​gwsbhqt</code></a></li>
</ul>
<h2>3.0.1</h2>
<h3>Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2"><code>81cba8d</code></a>
Publish 2.3.2</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce"><code>fc1f6b6</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b"><code>eec17ae</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed"><code>78f8ca4</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/picomatch/issues/156">#156</a>
from micromatch/backport-144</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b"><code>3f4f10e</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/picomatch/issues/144">#144</a>
from Jason3S/jdent-object-properties</li>
<li>See full diff in <a
href="https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2">compare
view</a></li>
</ul>
</details>
<br />

Updates `picomatch` from 4.0.3 to 4.0.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/picomatch/releases">picomatch's
releases</a>.</em></p>
<blockquote>
<h2>2.3.2</h2>
<p>This is a security release fixing several security relevant
issues.</p>
<h2>What's Changed</h2>
<ul>
<li>fix: exception when glob pattern contains constructor by <a
href="https://github.com/Jason3S"><code>@​Jason3S</code></a> in <a
href="https://redirect.github.com/micromatch/picomatch/pull/144">micromatch/picomatch#144</a></li>
<li>Fix for <a
href="https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj">CVE-2026-33671</a></li>
<li>Fix for <a
href="https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p">CVE-2026-33672</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2">https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md">picomatch's
changelog</a>.</em></p>
<blockquote>
<h1>Release history</h1>
<p><strong>All notable changes to this project will be documented in
this file.</strong></p>
<p>The format is based on <a
href="http://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>
and this project adheres to <a
href="http://semver.org/spec/v2.0.0.html">Semantic Versioning</a>.</p>
<!-- raw HTML omitted -->
<ul>
<li>Changelogs are for humans, not machines.</li>
<li>There should be an entry for every single version.</li>
<li>The same types of changes should be grouped.</li>
<li>Versions and sections should be linkable.</li>
<li>The latest version comes first.</li>
<li>The release date of each versions is displayed.</li>
<li>Mention whether you follow Semantic Versioning.</li>
</ul>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<p>Changelog entries are classified using the following labels <em>(from
<a href="http://keepachangelog.com/">keep-a-changelog</a></em>):</p>
<ul>
<li><code>Added</code> for new features.</li>
<li><code>Changed</code> for changes in existing functionality.</li>
<li><code>Deprecated</code> for soon-to-be removed features.</li>
<li><code>Removed</code> for now removed features.</li>
<li><code>Fixed</code> for any bug fixes.</li>
<li><code>Security</code> in case of vulnerabilities.</li>
</ul>
<!-- raw HTML omitted -->
<h2>4.0.0 (2024-02-07)</h2>
<h3>Fixes</h3>
<ul>
<li>Fix bad text values in parse <a
href="https://redirect.github.com/micromatch/picomatch/issues/126">#126</a>,
thanks to <a
href="https://github.com/connor4312"><code>@​connor4312</code></a></li>
</ul>
<h3>Changed</h3>
<ul>
<li>Remove process global to work outside of node <a
href="https://redirect.github.com/micromatch/picomatch/issues/129">#129</a>,
thanks to <a
href="https://github.com/styfle"><code>@​styfle</code></a></li>
<li>Add sideEffects to package.json <a
href="https://redirect.github.com/micromatch/picomatch/issues/128">#128</a>,
thanks to <a
href="https://github.com/frandiox"><code>@​frandiox</code></a></li>
<li>Removed <code>os</code>, make compatible browser environment. See <a
href="https://redirect.github.com/micromatch/picomatch/issues/124">#124</a>,
thanks to <a
href="https://github.com/gwsbhqt"><code>@​gwsbhqt</code></a></li>
</ul>
<h2>3.0.1</h2>
<h3>Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2"><code>81cba8d</code></a>
Publish 2.3.2</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce"><code>fc1f6b6</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b"><code>eec17ae</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed"><code>78f8ca4</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/picomatch/issues/156">#156</a>
from micromatch/backport-144</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b"><code>3f4f10e</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/picomatch/issues/144">#144</a>
from Jason3S/jdent-object-properties</li>
<li>See full diff in <a
href="https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-30 18:42:13 -07:00
dependabot[bot] 57503807b7 Bump requests from 2.32.5 to 2.33.0 in the pip group across 1 directory (#882)
Bumps the pip group with 1 update in the / directory:
[requests](https://github.com/psf/requests).

Updates `requests` from 2.32.5 to 2.33.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/releases">requests's
releases</a>.</em></p>
<blockquote>
<h2>v2.33.0</h2>
<h2>2.33.0 (2026-03-25)</h2>
<p><strong>Announcements</strong></p>
<ul>
<li>📣 Requests is adding inline types. If you have a typed code base
that uses Requests, please take a look at <a
href="https://redirect.github.com/psf/requests/issues/7271">#7271</a>.
Give it a try, and report any gaps or feedback you may have in the
issue. 📣</li>
</ul>
<p><strong>Security</strong></p>
<ul>
<li>CVE-2026-25645 <code>requests.utils.extract_zipped_paths</code> now
extracts contents to a non-deterministic location to prevent malicious
file replacement. This does not affect default usage of Requests, only
applications calling the utility function directly.</li>
</ul>
<p><strong>Improvements</strong></p>
<ul>
<li>Migrated to a PEP 517 build system using setuptools. (<a
href="https://redirect.github.com/psf/requests/issues/7012">#7012</a>)</li>
</ul>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Fixed an issue where an empty netrc entry could cause malformed
authentication to be applied to Requests on Python 3.11+. (<a
href="https://redirect.github.com/psf/requests/issues/7205">#7205</a>)</li>
</ul>
<p><strong>Deprecations</strong></p>
<ul>
<li>Dropped support for Python 3.9 following its end of support. (<a
href="https://redirect.github.com/psf/requests/issues/7196">#7196</a>)</li>
</ul>
<p><strong>Documentation</strong></p>
<ul>
<li>Various typo fixes and doc improvements.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/M0d3v1"><code>@​M0d3v1</code></a> made
their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/6865">psf/requests#6865</a></li>
<li><a href="https://github.com/aminvakil"><code>@​aminvakil</code></a>
made their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/7220">psf/requests#7220</a></li>
<li><a href="https://github.com/E8Price"><code>@​E8Price</code></a> made
their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/6960">psf/requests#6960</a></li>
<li><a href="https://github.com/mitre88"><code>@​mitre88</code></a> made
their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/7244">psf/requests#7244</a></li>
<li><a href="https://github.com/magsen"><code>@​magsen</code></a> made
their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/6553">psf/requests#6553</a></li>
<li><a
href="https://github.com/Rohan5commit"><code>@​Rohan5commit</code></a>
made their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/7227">psf/requests#7227</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25">https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's
changelog</a>.</em></p>
<blockquote>
<h2>2.33.0 (2026-03-25)</h2>
<p><strong>Announcements</strong></p>
<ul>
<li>📣 Requests is adding inline types. If you have a typed code base
that
uses Requests, please take a look at <a
href="https://redirect.github.com/psf/requests/issues/7271">#7271</a>.
Give it a try, and report
any gaps or feedback you may have in the issue. 📣</li>
</ul>
<p><strong>Security</strong></p>
<ul>
<li>CVE-2026-25645 <code>requests.utils.extract_zipped_paths</code> now
extracts
contents to a non-deterministic location to prevent malicious file
replacement. This does not affect default usage of Requests, only
applications calling the utility function directly.</li>
</ul>
<p><strong>Improvements</strong></p>
<ul>
<li>Migrated to a PEP 517 build system using setuptools. (<a
href="https://redirect.github.com/psf/requests/issues/7012">#7012</a>)</li>
</ul>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Fixed an issue where an empty netrc entry could cause
malformed authentication to be applied to Requests on
Python 3.11+. (<a
href="https://redirect.github.com/psf/requests/issues/7205">#7205</a>)</li>
</ul>
<p><strong>Deprecations</strong></p>
<ul>
<li>Dropped support for Python 3.9 following its end of support. (<a
href="https://redirect.github.com/psf/requests/issues/7196">#7196</a>)</li>
</ul>
<p><strong>Documentation</strong></p>
<ul>
<li>Various typo fixes and doc improvements.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761"><code>bc04dfd</code></a>
v2.33.0</li>
<li><a
href="https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7"><code>66d21cb</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028"><code>8b9bc8f</code></a>
Move badges to top of README (<a
href="https://redirect.github.com/psf/requests/issues/7293">#7293</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286"><code>e331a28</code></a>
Remove unused extraction call (<a
href="https://redirect.github.com/psf/requests/issues/7292">#7292</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/753fd08c5eacce0aa0df73fe47e49525c67e0a29"><code>753fd08</code></a>
docs: fix FAQ grammar in httplib2 example</li>
<li><a
href="https://github.com/psf/requests/commit/774a0b837a194ee885d4fdd9ca947900cc3daf71"><code>774a0b8</code></a>
docs(socks): same block as other sections</li>
<li><a
href="https://github.com/psf/requests/commit/9c72a41bec8597f948c9d8caa5dc3f12273b3303"><code>9c72a41</code></a>
Bump github/codeql-action from 4.33.0 to 4.34.1</li>
<li><a
href="https://github.com/psf/requests/commit/ebf71906798ec82f34e07d3168f8b8aecaf8a3be"><code>ebf7190</code></a>
Bump github/codeql-action from 4.32.0 to 4.33.0</li>
<li><a
href="https://github.com/psf/requests/commit/0e4ae38f0c93d4f92a96c774bd52c069d12a4798"><code>0e4ae38</code></a>
docs: exclude Response.is_permanent_redirect from API docs (<a
href="https://redirect.github.com/psf/requests/issues/7244">#7244</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/d568f47278492e630cc990a259047c67991d007a"><code>d568f47</code></a>
docs: clarify Quickstart POST example (<a
href="https://redirect.github.com/psf/requests/issues/6960">#6960</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/psf/requests/compare/v2.32.5...v2.33.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=pip&previous-version=2.32.5&new-version=2.33.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-30 18:42:03 -07:00
dependabot[bot] b19fa6640a Bump uvicorn from 0.39.0 to 0.42.0 (#878)
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.39.0 to
0.42.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/releases">uvicorn's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.42.0</h2>
<h2>Changed</h2>
<ul>
<li>Use <code>bytearray</code> for request body accumulation to avoid
O(n^2) allocation on fragmented bodies (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2845">#2845</a>)</li>
</ul>
<h2>Fixed</h2>
<ul>
<li>Escape brackets and backslash in httptools <code>HEADER_RE</code>
regex (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2824">#2824</a>)</li>
<li>Fix multiple issues in websockets sans-io implementation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2825">#2825</a>)</li>
</ul>
<hr />
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/bysiber"><code>@​bysiber</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2825">Kludex/uvicorn#2825</a></li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.41.0...0.42.0">https://github.com/Kludex/uvicorn/compare/0.41.0...0.42.0</a></p>
<h2>Version 0.41.0</h2>
<h2>Added</h2>
<ul>
<li>Add <code>--limit-max-requests-jitter</code> to stagger worker
restarts (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li>
<li>Add socket path to <code>scope[&quot;server&quot;]</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li>
</ul>
<h2>Changed</h2>
<ul>
<li>Rename <code>LifespanOn.error_occured</code> to
<code>error_occurred</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li>
</ul>
<h2>Fixed</h2>
<ul>
<li>Ignore permission denied errors in watchfiles reloader (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li>
<li>Ensure lifespan shutdown runs when <code>should_exit</code> is set
during startup (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li>
<li>Reduce the log level of 'request limit exceeded' messages (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li>
</ul>
<hr />
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/t-kawasumi"><code>@​t-kawasumi</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2776">Kludex/uvicorn#2776</a></li>
<li><a href="https://github.com/fardyn"><code>@​fardyn</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2800">Kludex/uvicorn#2800</a></li>
<li><a href="https://github.com/ewie"><code>@​ewie</code></a> made their
first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2807">Kludex/uvicorn#2807</a></li>
<li><a href="https://github.com/shevron"><code>@​shevron</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2788">Kludex/uvicorn#2788</a></li>
<li><a href="https://github.com/jonashaag"><code>@​jonashaag</code></a>
made their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2707">Kludex/uvicorn#2707</a></li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0">https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0</a></p>
<h2>Version 0.40.0</h2>
<h2>What's Changed</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's
changelog</a>.</em></p>
<blockquote>
<h2>0.42.0 (March 16, 2026)</h2>
<h3>Changed</h3>
<ul>
<li>Use <code>bytearray</code> for request body accumulation to avoid
O(n^2) allocation on fragmented bodies (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2845">#2845</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Escape brackets and backslash in httptools <code>HEADER_RE</code>
regex (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2824">#2824</a>)</li>
<li>Fix multiple issues in websockets sans-io implementation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2825">#2825</a>)</li>
</ul>
<h2>0.41.0 (February 16, 2026)</h2>
<h3>Added</h3>
<ul>
<li>Add <code>--limit-max-requests-jitter</code> to stagger worker
restarts (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li>
<li>Add socket path to <code>scope[&quot;server&quot;]</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Rename <code>LifespanOn.error_occured</code> to
<code>error_occurred</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Ignore permission denied errors in watchfiles reloader (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li>
<li>Ensure lifespan shutdown runs when <code>should_exit</code> is set
during startup (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li>
<li>Reduce the log level of 'request limit exceeded' messages (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li>
</ul>
<h2>0.40.0 (December 21, 2025)</h2>
<h3>Remove</h3>
<ul>
<li>Drop support for Python 3.9 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2772">#2772</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Kludex/uvicorn/commit/02bed6f8c38e74f684bb0e572977a9bfdc1f6fea"><code>02bed6f</code></a>
Version 0.42.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2852">#2852</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/d8f25013161d8206e129e39bf48432d3a85e1744"><code>d8f2501</code></a>
chore: pre-create Config objects in benchmarks to measure protocol hot
paths ...</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/9dbb7836bb0fdb446d083ecd8dc5a2a95bb96b98"><code>9dbb783</code></a>
Add WebSocket protocol benchmarks for wsproto and websockets-sansio (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2849">#2849</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/b3c69da8c1a36e1834e614abe38243671e156077"><code>b3c69da</code></a>
Use bytearray for request body accumulation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2845">#2845</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/3f3ebee20f46504a3f7279dd72f9c24ce9070b11"><code>3f3ebee</code></a>
Disable <code>pytest-xdist</code> for CodSpeed benchmark runs (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2847">#2847</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/d072de754f825bee4710363dd49d41efd5285dcc"><code>d072de7</code></a>
Add fragmented body benchmark for chunked body accumulation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2846">#2846</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/e300c2c75d71bea6f8d1799ca6f182f1e5583aaa"><code>e300c2c</code></a>
Add CodSpeed benchmark suite for HTTP protocol hot paths (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2844">#2844</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/1fa697651bacf10d72f74de104ead814ce6fcdc0"><code>1fa6976</code></a>
Escape brackets and backslash in httptools HEADER_RE regex (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2824">#2824</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/59ec1de7a4f07afbd139812f033f3af8b784de74"><code>59ec1de</code></a>
Fix multiple issues in websockets sansio implementation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2825">#2825</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/2fc0efcdd958abd3adbe6ea19682408d6b2e1b18"><code>2fc0efc</code></a>
Clarify Windows asyncio event loop selection in docs (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2843">#2843</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/uvicorn/compare/0.39.0...0.42.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uvicorn&package-manager=pip&previous-version=0.39.0&new-version=0.42.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-25 10:49:56 -07:00
dependabot[bot] c4d5b8ad2a Bump the npm_and_yarn group across 2 directories with 1 update (#877)
Bumps the npm_and_yarn group with 1 update in the
/langserve/chat_playground directory:
[flatted](https://github.com/WebReflection/flatted).
Bumps the npm_and_yarn group with 1 update in the /langserve/playground
directory: [flatted](https://github.com/WebReflection/flatted).

Updates `flatted` from 3.4.1 to 3.4.2
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7"><code>3bf0909</code></a>
3.4.2</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802"><code>885ddcc</code></a>
fix CWE-1321</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3"><code>0bdba70</code></a>
added flatted-view to the benchmark</li>
<li>See full diff in <a
href="https://github.com/WebReflection/flatted/compare/v3.4.1...v3.4.2">compare
view</a></li>
</ul>
</details>
<br />

Updates `flatted` from 3.4.1 to 3.4.2
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7"><code>3bf0909</code></a>
3.4.2</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802"><code>885ddcc</code></a>
fix CWE-1321</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3"><code>0bdba70</code></a>
added flatted-view to the benchmark</li>
<li>See full diff in <a
href="https://github.com/WebReflection/flatted/compare/v3.4.1...v3.4.2">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-25 10:49:45 -07:00
dependabot[bot] b3cb77a649 Bump codespell from 2.4.1 to 2.4.2 (#876)
Bumps [codespell](https://github.com/codespell-project/codespell) from
2.4.1 to 2.4.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codespell-project/codespell/releases">codespell's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.2</h2>
<!-- raw HTML omitted -->
<h2>Highlights</h2>
<ul>
<li>Fixed compatibility with chardet 7+</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Fix and clarify cases in ignore patterns by <a
href="https://github.com/DanielYang59"><code>@​DanielYang59</code></a>
in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3583">codespell-project/codespell#3583</a></li>
<li>codespell-private.yml: Do not codespell digital signature files by
<a href="https://github.com/cclauss"><code>@​cclauss</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3623">codespell-project/codespell#3623</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3634">codespell-project/codespell#3634</a></li>
<li>numbes-&gt;numbers and numbesr-&gt;numbers by <a
href="https://github.com/skshetry"><code>@​skshetry</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3635">codespell-project/codespell#3635</a></li>
<li>Add spelling corrections for disclose and variables. by <a
href="https://github.com/cfi-gb"><code>@​cfi-gb</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3622">codespell-project/codespell#3622</a></li>
<li>Add spelling correction for Vulnererability and variants. by <a
href="https://github.com/cfi-gb"><code>@​cfi-gb</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3625">codespell-project/codespell#3625</a></li>
<li>Remove lets-&gt;let's by <a
href="https://github.com/Piedone"><code>@​Piedone</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3633">codespell-project/codespell#3633</a></li>
<li>Add corrections for &quot;dictate&quot; by <a
href="https://github.com/jdufresne"><code>@​jdufresne</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3636">codespell-project/codespell#3636</a></li>
<li>Add specicification (and pl) typo by <a
href="https://github.com/yarikoptic"><code>@​yarikoptic</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3639">codespell-project/codespell#3639</a></li>
<li>Remove &quot;blueish&quot; correction by <a
href="https://github.com/hadess"><code>@​hadess</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3510">codespell-project/codespell#3510</a></li>
<li>Add &quot;lighting&quot; as an option to fix &quot;lighning&quot; by
<a href="https://github.com/yarikoptic"><code>@​yarikoptic</code></a> in
<a
href="https://redirect.github.com/codespell-project/codespell/pull/3648">codespell-project/codespell#3648</a></li>
<li>Revert adding <code>lien</code> to the rare dictionary by <a
href="https://github.com/nikolaik"><code>@​nikolaik</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3631">codespell-project/codespell#3631</a></li>
<li>&quot;ane&quot; could have been &quot;one&quot; by <a
href="https://github.com/yarikoptic"><code>@​yarikoptic</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3645">codespell-project/codespell#3645</a></li>
<li>Add spelling correction for &quot;priort&quot; by <a
href="https://github.com/cfi-gb"><code>@​cfi-gb</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3647">codespell-project/codespell#3647</a></li>
<li>Remove &quot;fix&quot; of &quot;deques&quot; - it is quite legit by
<a href="https://github.com/yarikoptic"><code>@​yarikoptic</code></a> in
<a
href="https://redirect.github.com/codespell-project/codespell/pull/3649">codespell-project/codespell#3649</a></li>
<li>Several new suggestions by <a
href="https://github.com/mdeweerd"><code>@​mdeweerd</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3621">codespell-project/codespell#3621</a></li>
<li>Add proposal constraints to containts by <a
href="https://github.com/mdeweerd"><code>@​mdeweerd</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3652">codespell-project/codespell#3652</a></li>
<li>Additions dleay,infp,practive,utiliy by <a
href="https://github.com/mdeweerd"><code>@​mdeweerd</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3643">codespell-project/codespell#3643</a></li>
<li>Add calncelled and its variations by <a
href="https://github.com/mdeweerd"><code>@​mdeweerd</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3650">codespell-project/codespell#3650</a></li>
<li>Use raw strings for regex by <a
href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a>
in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3654">codespell-project/codespell#3654</a></li>
<li>Allow multiple spaces before codespell:ignore by <a
href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a>
in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3653">codespell-project/codespell#3653</a></li>
<li>Added correction from <code>timeour</code> to <code>timeout</code>
by <a href="https://github.com/jamesbraza"><code>@​jamesbraza</code></a>
in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3656">codespell-project/codespell#3656</a></li>
<li>Add typos found in various software projects by <a
href="https://github.com/luzpaz"><code>@​luzpaz</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3640">codespell-project/codespell#3640</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3659">codespell-project/codespell#3659</a></li>
<li>Add codespell suggestions for enabke and friends by <a
href="https://github.com/mdeweerd"><code>@​mdeweerd</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3657">codespell-project/codespell#3657</a></li>
<li>END: add &quot;queues&quot; (plural from queue) as possible fix for
ques by <a
href="https://github.com/yarikoptic"><code>@​yarikoptic</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3591">codespell-project/codespell#3591</a></li>
<li>agreegate, lesda, realod, colouer by <a
href="https://github.com/mdeweerd"><code>@​mdeweerd</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3665">codespell-project/codespell#3665</a></li>
<li>Update pre-commit version in documentation by <a
href="https://github.com/prchoward"><code>@​prchoward</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3666">codespell-project/codespell#3666</a></li>
<li>MAINT: Rename CI file and run name by <a
href="https://github.com/larsoner"><code>@​larsoner</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3667">codespell-project/codespell#3667</a></li>
<li>preoccuption-&gt;preoccupation; occuption-&gt;occupation by <a
href="https://github.com/TheGiraffe3"><code>@​TheGiraffe3</code></a> in
<a
href="https://redirect.github.com/codespell-project/codespell/pull/3668">codespell-project/codespell#3668</a></li>
<li>Suggestions for: checkto, diminsion, waitfor by <a
href="https://github.com/mdeweerd"><code>@​mdeweerd</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3670">codespell-project/codespell#3670</a></li>
<li>Typos found in sigstore-python by <a
href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a>
in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3664">codespell-project/codespell#3664</a></li>
<li>usgin-&gt;using by <a
href="https://github.com/ydah"><code>@​ydah</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3672">codespell-project/codespell#3672</a></li>
<li>Add typos found in various software projects by <a
href="https://github.com/luzpaz"><code>@​luzpaz</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3669">codespell-project/codespell#3669</a></li>
<li>Add coered -&gt; coerced by <a
href="https://github.com/effigies"><code>@​effigies</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3680">codespell-project/codespell#3680</a></li>
<li>backwward(s)-&gt;backward(s), onwward(s)-&gt;onward(s) by <a
href="https://github.com/cjwatson"><code>@​cjwatson</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3682">codespell-project/codespell#3682</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3685">codespell-project/codespell#3685</a></li>
<li>telemetery-&gt;telemetry by <a
href="https://github.com/august-soderberg"><code>@​august-soderberg</code></a>
in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3686">codespell-project/codespell#3686</a></li>
<li>Add hexedacimal and similar typos by <a
href="https://github.com/Akuli"><code>@​Akuli</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3692">codespell-project/codespell#3692</a></li>
<li>Add rounted-&gt;routed, rounded and friends by <a
href="https://github.com/peternewman"><code>@​peternewman</code></a> in
<a
href="https://redirect.github.com/codespell-project/codespell/pull/3693">codespell-project/codespell#3693</a></li>
<li>Add symmectric and similar typos by <a
href="https://github.com/Akuli"><code>@​Akuli</code></a> in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3694">codespell-project/codespell#3694</a></li>
<li>Fix CI on Windows: pip upgrade pip by <a
href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a>
in <a
href="https://redirect.github.com/codespell-project/codespell/pull/3698">codespell-project/codespell#3698</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/codespell-project/codespell/commit/2ccb47ff45ad361a21071a7eedda4c37e6ae8c5a"><code>2ccb47f</code></a>
Compat with chardet 7 (<a
href="https://redirect.github.com/codespell-project/codespell/issues/3886">#3886</a>)</li>
<li><a
href="https://github.com/codespell-project/codespell/commit/4ec53bf6a3e510c64900d5ee838abd99d49b2910"><code>4ec53bf</code></a>
[pre-commit.ci] pre-commit autoupdate</li>
<li><a
href="https://github.com/codespell-project/codespell/commit/2a4acba3f282f1b5ccb7ad8b57bc991810663a44"><code>2a4acba</code></a>
Bump actions/download-artifact from 7 to 8</li>
<li><a
href="https://github.com/codespell-project/codespell/commit/be17cacc96a5ee3f014e048f5962cfdb7145e096"><code>be17cac</code></a>
Bump actions/upload-artifact from 6 to 7</li>
<li><a
href="https://github.com/codespell-project/codespell/commit/04a071280d56148cab14249ccc8d4181c0066b3c"><code>04a0712</code></a>
Bump ruff (<a
href="https://redirect.github.com/codespell-project/codespell/issues/3879">#3879</a>)</li>
<li><a
href="https://github.com/codespell-project/codespell/commit/583d8796d92eb58e15072db03e5b756be45f638a"><code>583d879</code></a>
avoide-&gt;avoid, avoided, avoids,</li>
<li><a
href="https://github.com/codespell-project/codespell/commit/1f59f34d7c6d1642fdb325d9dfa49cf9eb5f692a"><code>1f59f34</code></a>
Add correction for 'foudation' to 'foundation'</li>
<li><a
href="https://github.com/codespell-project/codespell/commit/e047fdafb8620b08a86349014487886bcd9c2205"><code>e047fda</code></a>
Add spelling correction for gather and variants.</li>
<li><a
href="https://github.com/codespell-project/codespell/commit/b5cd66de14b8f65b0f45fabbe1c89bd69ea60939"><code>b5cd66d</code></a>
respondant-&gt;respondent</li>
<li><a
href="https://github.com/codespell-project/codespell/commit/92125a3814fa6e86cd2055385916ce5186d3e5df"><code>92125a3</code></a>
Add detection of ivoice and variants.</li>
<li>Additional commits viewable in <a
href="https://github.com/codespell-project/codespell/compare/v2.4.1...v2.4.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codespell&package-manager=pip&previous-version=2.4.1&new-version=2.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-20 13:02:31 -07:00
dependabot[bot] 58a7c24429 Bump ruff from 0.15.0 to 0.15.6 (#872)
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.15.0 to 0.15.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/releases">ruff's
releases</a>.</em></p>
<blockquote>
<h2>0.15.6</h2>
<h2>Release Notes</h2>
<p>Released on 2026-03-12.</p>
<h3>Preview features</h3>
<ul>
<li>Add support for <code>lazy</code> import parsing (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23755">#23755</a>)</li>
<li>Add support for star-unpacking of comprehensions (PEP 798) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23788">#23788</a>)</li>
<li>Reject semantic syntax errors for lazy imports (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23757">#23757</a>)</li>
<li>Drop a few rules from the preview default set (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23879">#23879</a>)</li>
<li>[<code>airflow</code>] Flag <code>Variable.get()</code> calls
outside of task execution context (<code>AIR003</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23584">#23584</a>)</li>
<li>[<code>airflow</code>] Flag runtime-varying values in DAG/task
constructor arguments (<code>AIR304</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23631">#23631</a>)</li>
<li>[<code>flake8-bugbear</code>] Implement
<code>delattr-with-constant</code> (<code>B043</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23737">#23737</a>)</li>
<li>[<code>flake8-tidy-imports</code>] Add <code>TID254</code> to
enforce lazy imports (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23777">#23777</a>)</li>
<li>[<code>flake8-tidy-imports</code>] Allow users to ban lazy imports
with <code>TID254</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23847">#23847</a>)</li>
<li>[<code>isort</code>] Retain <code>lazy</code> keyword when sorting
imports (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23762">#23762</a>)</li>
<li>[<code>pyupgrade</code>] Add <code>from __future__ import
annotations</code> automatically (<code>UP006</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23260">#23260</a>)</li>
<li>[<code>refurb</code>] Support <code>newline</code> parameter in
<code>FURB101</code> for Python 3.13+ (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23754">#23754</a>)</li>
<li>[<code>ruff</code>] Add <code>os-path-commonprefix</code>
(<code>RUF071</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23814">#23814</a>)</li>
<li>[<code>ruff</code>] Add unsafe fix for os-path-commonprefix
(<code>RUF071</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23852">#23852</a>)</li>
<li>[<code>ruff</code>] Limit <code>RUF036</code> to typing contexts;
make it unsafe for non-typing-only (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23765">#23765</a>)</li>
<li>[<code>ruff</code>] Use starred unpacking for <code>RUF017</code> in
Python 3.15+ (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23789">#23789</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix <code>--add-noqa</code> creating unwanted leading whitespace (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23773">#23773</a>)</li>
<li>Fix <code>--add-noqa</code> breaking shebangs (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23577">#23577</a>)</li>
<li>[formatter] Fix lambda body formatting for multiline calls and
subscripts (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23866">#23866</a>)</li>
<li>[formatter] Preserve required annotation parentheses in annotated
assignments (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23865">#23865</a>)</li>
<li>[formatter] Preserve type-expression parentheses in the formatter
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/23867">#23867</a>)</li>
<li>[<code>flake8-annotations</code>] Fix stack overflow in
<code>ANN401</code> on quoted annotations with escape sequences (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23912">#23912</a>)</li>
<li>[<code>pep8-naming</code>] Check naming conventions in
<code>match</code> pattern bindings (<code>N806</code>,
<code>N815</code>, <code>N816</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23899">#23899</a>)</li>
<li>[<code>perflint</code>] Fix comment duplication in fixes
(<code>PERF401</code>, <code>PERF403</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23729">#23729</a>)</li>
<li>[<code>pyupgrade</code>] Properly trigger <code>super</code> change
in nested class (<code>UP008</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/22677">#22677</a>)</li>
<li>[<code>ruff</code>] Avoid syntax errors in <code>RUF036</code> fixes
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/23764">#23764</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>[<code>flake8-bandit</code>] Flag <code>S501</code> with
<code>requests.request</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23873">#23873</a>)</li>
<li>[<code>flake8-executable</code>] Fix WSL detection in non-Docker
containers (<a
href="https://redirect.github.com/astral-sh/ruff/pull/22879">#22879</a>)</li>
<li>[<code>flake8-print</code>] Ignore <code>pprint</code> calls with
<code>stream=</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23787">#23787</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Update docs for Markdown code block formatting (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23871">#23871</a>)</li>
<li>[<code>flake8-bugbear</code>] Fix misleading description for
<code>B904</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23731">#23731</a>)</li>
</ul>
<h3>Contributors</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's
changelog</a>.</em></p>
<blockquote>
<h2>0.15.6</h2>
<p>Released on 2026-03-12.</p>
<h3>Preview features</h3>
<ul>
<li>Add support for <code>lazy</code> import parsing (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23755">#23755</a>)</li>
<li>Add support for star-unpacking of comprehensions (PEP 798) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23788">#23788</a>)</li>
<li>Reject semantic syntax errors for lazy imports (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23757">#23757</a>)</li>
<li>Drop a few rules from the preview default set (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23879">#23879</a>)</li>
<li>[<code>airflow</code>] Flag <code>Variable.get()</code> calls
outside of task execution context (<code>AIR003</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23584">#23584</a>)</li>
<li>[<code>airflow</code>] Flag runtime-varying values in DAG/task
constructor arguments (<code>AIR304</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23631">#23631</a>)</li>
<li>[<code>flake8-bugbear</code>] Implement
<code>delattr-with-constant</code> (<code>B043</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23737">#23737</a>)</li>
<li>[<code>flake8-tidy-imports</code>] Add <code>TID254</code> to
enforce lazy imports (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23777">#23777</a>)</li>
<li>[<code>flake8-tidy-imports</code>] Allow users to ban lazy imports
with <code>TID254</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23847">#23847</a>)</li>
<li>[<code>isort</code>] Retain <code>lazy</code> keyword when sorting
imports (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23762">#23762</a>)</li>
<li>[<code>pyupgrade</code>] Add <code>from __future__ import
annotations</code> automatically (<code>UP006</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23260">#23260</a>)</li>
<li>[<code>refurb</code>] Support <code>newline</code> parameter in
<code>FURB101</code> for Python 3.13+ (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23754">#23754</a>)</li>
<li>[<code>ruff</code>] Add <code>os-path-commonprefix</code>
(<code>RUF071</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23814">#23814</a>)</li>
<li>[<code>ruff</code>] Add unsafe fix for os-path-commonprefix
(<code>RUF071</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23852">#23852</a>)</li>
<li>[<code>ruff</code>] Limit <code>RUF036</code> to typing contexts;
make it unsafe for non-typing-only (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23765">#23765</a>)</li>
<li>[<code>ruff</code>] Use starred unpacking for <code>RUF017</code> in
Python 3.15+ (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23789">#23789</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix <code>--add-noqa</code> creating unwanted leading whitespace (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23773">#23773</a>)</li>
<li>Fix <code>--add-noqa</code> breaking shebangs (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23577">#23577</a>)</li>
<li>[formatter] Fix lambda body formatting for multiline calls and
subscripts (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23866">#23866</a>)</li>
<li>[formatter] Preserve required annotation parentheses in annotated
assignments (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23865">#23865</a>)</li>
<li>[formatter] Preserve type-expression parentheses in the formatter
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/23867">#23867</a>)</li>
<li>[<code>flake8-annotations</code>] Fix stack overflow in
<code>ANN401</code> on quoted annotations with escape sequences (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23912">#23912</a>)</li>
<li>[<code>pep8-naming</code>] Check naming conventions in
<code>match</code> pattern bindings (<code>N806</code>,
<code>N815</code>, <code>N816</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23899">#23899</a>)</li>
<li>[<code>perflint</code>] Fix comment duplication in fixes
(<code>PERF401</code>, <code>PERF403</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23729">#23729</a>)</li>
<li>[<code>pyupgrade</code>] Properly trigger <code>super</code> change
in nested class (<code>UP008</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/22677">#22677</a>)</li>
<li>[<code>ruff</code>] Avoid syntax errors in <code>RUF036</code> fixes
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/23764">#23764</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>[<code>flake8-bandit</code>] Flag <code>S501</code> with
<code>requests.request</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23873">#23873</a>)</li>
<li>[<code>flake8-executable</code>] Fix WSL detection in non-Docker
containers (<a
href="https://redirect.github.com/astral-sh/ruff/pull/22879">#22879</a>)</li>
<li>[<code>flake8-print</code>] Ignore <code>pprint</code> calls with
<code>stream=</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23787">#23787</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Update docs for Markdown code block formatting (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23871">#23871</a>)</li>
<li>[<code>flake8-bugbear</code>] Fix misleading description for
<code>B904</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23731">#23731</a>)</li>
</ul>
<h3>Contributors</h3>
<ul>
<li><a href="https://github.com/zsol"><code>@​zsol</code></a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/astral-sh/ruff/commit/e4c7f357777a2fdd34dbe6a98b1b7d3e7488f675"><code>e4c7f35</code></a>
Bump 0.15.6 (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23919">#23919</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/edfe6c17a493669227da45ce7edc786208d9d0b0"><code>edfe6c1</code></a>
[ty] Narrow type context during collection literal inference (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23844">#23844</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/dd16d689abd9d0fa1caf4316e70479fd422b6142"><code>dd16d68</code></a>
Exclude broken symlink in ecosystem check (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23921">#23921</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/3f94c6ac6397cdc3160459d9d6e3892e3f3242dd"><code>3f94c6a</code></a>
Fix stack overflow in ANN401 on quoted annotations with escape sequences
(<a
href="https://redirect.github.com/astral-sh/ruff/issues/23">#23</a>...</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/91fc7bd3f936974d7107ba8fd0668bc251a55c58"><code>91fc7bd</code></a>
[ty] Fix false-positive diagnostics for PEP-604 union annotations on
attribut...</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/04229cffb44dfe8c64a0879eb3cea472a08d1565"><code>04229cf</code></a>
[ty] Initial test suite for PEP-728 <code>TypedDict</code> features (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23832">#23832</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/728b9d6fd300d492fc2572bcfade170141296f97"><code>728b9d6</code></a>
[<code>pep8-naming</code>] Check naming conventions in
<code>match</code> pattern bindings (<code>N806</code>,...</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/88d1eecd261679fc9d1d10f30d814230a7f28513"><code>88d1eec</code></a>
[ty] Ensure a <code>type[]</code> type <code>T</code> is always
considered assignable to a union th...</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/37cdd61406ad4965847c9baa7c3f6ca633887d68"><code>37cdd61</code></a>
Fix lambda body formatting for multiline calls and subscripts (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23866">#23866</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/a25a4df54aca67d23b4867ddad634fe0768fd6a2"><code>a25a4df</code></a>
[ty] Disambiguate duplicate-looking overloaded callables in union
display (<a
href="https://redirect.github.com/astral-sh/ruff/issues/2">#2</a>...</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/ruff/compare/0.15.0...0.15.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ruff&package-manager=pip&previous-version=0.15.0&new-version=0.15.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-20 11:19:26 -07:00
dependabot[bot] c01d65ba3c Bump fastapi from 0.128.4 to 0.135.1 (#867)
Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.128.4 to
0.135.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fastapi/fastapi/releases">fastapi's
releases</a>.</em></p>
<blockquote>
<h2>0.135.1</h2>
<h3>Fixes</h3>
<ul>
<li>🐛 Fix, avoid yield from a TaskGroup, only as an async context
manager, closed in the request async exit stack. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15038">#15038</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Docs</h3>
<ul>
<li>✏️ Fix typo in <code>docs/en/docs/_llm-test.md</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15007">#15007</a>
by <a
href="https://github.com/adityagiri3600"><code>@​adityagiri3600</code></a>.</li>
<li>📝 Update Skill, optimize context, trim and refactor into references.
PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15031">#15031</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>👥 Update FastAPI People - Experts. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15037">#15037</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>👥 Update FastAPI People - Contributors and Translators. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15029">#15029</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>👥 Update FastAPI GitHub topic repositories. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15036">#15036</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h2>0.135.0</h2>
<h3>Features</h3>
<ul>
<li> Add support for Server Sent Events. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15030">#15030</a>
by <a href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.
<ul>
<li>New docs: <a
href="https://fastapi.tiangolo.com/tutorial/server-sent-events/">Server-Sent
Events (SSE)</a>.</li>
</ul>
</li>
</ul>
<h2>0.134.0</h2>
<h3>Features</h3>
<ul>
<li> Add support for streaming JSON Lines and binary data with
<code>yield</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15022">#15022</a>
by <a href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.
<ul>
<li>This also upgrades Starlette from <code>&gt;=0.40.0</code> to
<code>&gt;=0.46.0</code>, as it's needed to properly unrwap and re-raise
exceptions from exception groups.</li>
<li>New docs: <a
href="https://fastapi.tiangolo.com/tutorial/stream-json-lines/">Stream
JSON Lines</a>.</li>
<li>And new docs: <a
href="https://fastapi.tiangolo.com/advanced/stream-data/">Stream
Data</a>.</li>
</ul>
</li>
</ul>
<h3>Docs</h3>
<ul>
<li>📝 Update Library Agent Skill with streaming responses. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15024">#15024</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>📝 Update docs for responses and new stream with <code>yield</code>.
PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15023">#15023</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>📝 Add <code>await</code> in <code>StreamingResponse</code> code
example to allow cancellation. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14681">#14681</a>
by <a
href="https://github.com/casperdcl"><code>@​casperdcl</code></a>.</li>
<li>📝 Rename <code>docs_src/websockets</code> to
<code>docs_src/websockets_</code> to avoid import errors. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14979">#14979</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>🔨 Run tests with <code>pytest-xdist</code> and
<code>pytest-cov</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14992">#14992</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
</ul>
<h2>0.133.1</h2>
<h3>Features</h3>
<ul>
<li>🔧 Add FastAPI Agent Skill. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14982">#14982</a>
by <a href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.
<ul>
<li>Read more about it in <a
href="https://tiangolo.com/ideas/library-agent-skills/">Library Agent
Skills</a>.</li>
</ul>
</li>
</ul>
<h3>Internal</h3>
<ul>
<li> Fix all tests are skipped on Windows. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14994">#14994</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fastapi/fastapi/commit/ca5f60ee72f35fb2134d8b5d26bbb75965bcff66"><code>ca5f60e</code></a>
🔖 Release version 0.135.1</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/87f75aa62c1dde90f4dfbfa7fc2c33127d757d34"><code>87f75aa</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/8a9258b169dce3e321f614c14b1877c18750d6c7"><code>8a9258b</code></a>
🐛 Fix, avoid yield from a TaskGroup, only as an async context manager,
closed...</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/60385078233e00f9f13307ff038f12f88fc5c240"><code>6038507</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/c796ba4f46a6e81477ce44eabe13fd01d82f2c4a"><code>c796ba4</code></a>
👥 Update FastAPI People - Experts (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15037">#15037</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/b24aa03b888b78dd2ec6540d47c84a8676d6a7cb"><code>b24aa03</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/2c6104752a97273976c8a63e897de98a48f19ce0"><code>2c61047</code></a>
✏️ Fix typo in <code>docs/en/docs/_llm-test.md</code> (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15007">#15007</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/e3bbeef8a2687fdf34d4de2d304a59135a30e63c"><code>e3bbeef</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/d726c8cb2b8e00279487fa8661a5276d2ff2125f"><code>d726c8c</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/cf514e6d3839ca69ca45a55a6f862e74892339b9"><code>cf514e6</code></a>
👥 Update FastAPI People - Contributors and Translators (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15029">#15029</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/fastapi/fastapi/compare/0.128.4...0.135.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fastapi&package-manager=pip&previous-version=0.128.4&new-version=0.135.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-20 10:11:29 -07:00
dependabot[bot] 09fd6de4aa Bump the npm_and_yarn group across 2 directories with 1 update (#874)
Bumps the npm_and_yarn group with 1 update in the
/langserve/chat_playground directory:
[flatted](https://github.com/WebReflection/flatted).
Bumps the npm_and_yarn group with 1 update in the /langserve/playground
directory: [flatted](https://github.com/WebReflection/flatted).

Updates `flatted` from 3.2.9 to 3.4.1
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20"><code>2a02dce</code></a>
3.4.1</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416"><code>fba4e8f</code></a>
Merge pull request <a
href="https://redirect.github.com/WebReflection/flatted/issues/89">#89</a>
from WebReflection/python-fix</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7"><code>5fe8648</code></a>
added &quot;when in Rome&quot; also a test for PHP</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0"><code>53517ad</code></a>
some minor improvement</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f"><code>b3e2a0c</code></a>
Fixing recursion issue in Python too</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad"><code>c4b46db</code></a>
Add SECURITY.md for security policy and reporting</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988"><code>f86d071</code></a>
Create dependabot.yml for version updates</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/d3418c718160eae69dbc0405dce75f7849019e1e"><code>d3418c7</code></a>
3.4.0</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"><code>7eb65d8</code></a>
Merge pull request <a
href="https://redirect.github.com/WebReflection/flatted/issues/88">#88</a>
from WebReflection/avoid-recusrion</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/7774aae45d3775c842abe9d071fd009171a5fc0c"><code>7774aae</code></a>
Avoid recursion on parse due possible shenanigans</li>
<li>Additional commits viewable in <a
href="https://github.com/WebReflection/flatted/compare/v3.2.9...v3.4.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `flatted` from 3.2.9 to 3.4.1
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20"><code>2a02dce</code></a>
3.4.1</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416"><code>fba4e8f</code></a>
Merge pull request <a
href="https://redirect.github.com/WebReflection/flatted/issues/89">#89</a>
from WebReflection/python-fix</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7"><code>5fe8648</code></a>
added &quot;when in Rome&quot; also a test for PHP</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0"><code>53517ad</code></a>
some minor improvement</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f"><code>b3e2a0c</code></a>
Fixing recursion issue in Python too</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad"><code>c4b46db</code></a>
Add SECURITY.md for security policy and reporting</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988"><code>f86d071</code></a>
Create dependabot.yml for version updates</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/d3418c718160eae69dbc0405dce75f7849019e1e"><code>d3418c7</code></a>
3.4.0</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"><code>7eb65d8</code></a>
Merge pull request <a
href="https://redirect.github.com/WebReflection/flatted/issues/88">#88</a>
from WebReflection/avoid-recusrion</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/7774aae45d3775c842abe9d071fd009171a5fc0c"><code>7774aae</code></a>
Avoid recursion on parse due possible shenanigans</li>
<li>Additional commits viewable in <a
href="https://github.com/WebReflection/flatted/compare/v3.2.9...v3.4.1">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-16 10:14:47 -07:00
dependabot[bot] 81bffe199f Bump langchain-core from 1.2.16 to 1.2.19 (#873)
Bumps [langchain-core](https://github.com/langchain-ai/langchain) from
1.2.16 to 1.2.19.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langchain/releases">langchain-core's
releases</a>.</em></p>
<blockquote>
<h2>langchain-core==1.2.19</h2>
<p>Changes since langchain-core==1.2.18</p>
<p>release(core): 1.2.19 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35832">#35832</a>)
chore(core): move BaseCrossEncoder to langchain-core (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35809">#35809</a>)
chore: bump tornado from 6.5.2 to 6.5.5 in /libs/core (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35775">#35775</a>)</p>
<h2>langchain-core==1.2.18</h2>
<p>Changes since langchain-core==1.2.17</p>
<p>release(core): 1.2.18 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35704">#35704</a>)
fix(core): fix double backticks in deprecation docstring for
alternative_import (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35658">#35658</a>)
fix(core): preserve default_factory when generating tool call schema (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35550">#35550</a>)
feat(openai): support tool search (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35582">#35582</a>)
chore: bump the minor-and-patch group across 3 directories with 7
updates (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35605">#35605</a>)</p>
<h2>langchain-core==1.2.17</h2>
<p>Changes since langchain-core==1.2.16</p>
<p>release(core): 1.2.17 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35527">#35527</a>)
fix(core): extract usage metadata from serialized tracer message outputs
(<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35526">#35526</a>)
chore: bump the langchain-deps group across 3 directories with 7 updates
(<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35513">#35513</a>)
chore: bump the langchain-deps group across 3 directories with 14
updates (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35441">#35441</a>)</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/langchain-ai/langchain/commit/41cca203e633d8506b563f263b005cb52909300d"><code>41cca20</code></a>
release(core): 1.2.19 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35832">#35832</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/307cdcac9e4e3d7cdcc86eeb3a4688b486f8e1d8"><code>307cdca</code></a>
chore(core): move BaseCrossEncoder to langchain-core (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35809">#35809</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/cee6430b1cd2530cdebcdb8820ed4ebf700556a4"><code>cee6430</code></a>
refactor(xai): remove redundant <code>lc_attributes</code> override (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35791">#35791</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/6b9b4c6546332346b787f337b92879fc9b6b530c"><code>6b9b4c6</code></a>
feat(xai): support <code>base_url</code> alias and
<code>XAI_API_BASE</code> env var (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35790">#35790</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/b676167707b9c8e27feef7e58a11edb0fe011703"><code>b676167</code></a>
fix(deepseek): accept <code>base_url</code> as alias for
<code>api_base</code> (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35789">#35789</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/5d9568b5f5a94ef21bee094f38694415e099ed73"><code>5d9568b</code></a>
feat(model-profiles): new fields + <code>Makefile</code> target (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35788">#35788</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/1891d414beceeef8e23a05e9e8f6011ccbf4d8b2"><code>1891d41</code></a>
chore: bump tornado from 6.5.2 to 6.5.5 in /libs/text-splitters (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35774">#35774</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/1d954bccfad779097f63688b324f82fed48f4c5e"><code>1d954bc</code></a>
chore: bump tornado from 6.5.2 to 6.5.5 in /libs/langchain (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35773">#35773</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/261b1d57e40b8470673d923b925aeed58415bc59"><code>261b1d5</code></a>
chore: bump tornado from 6.5.2 to 6.5.5 in /libs/core (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/35775">#35775</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/9521c679db9641912b97297d434adc8d000b5a9c"><code>9521c67</code></a>
fix(openai): close PIL Image handles in token counting to prevent fd
leak (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/3">#3</a>...</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langchain/compare/langchain-core==1.2.16...langchain-core==1.2.19">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langchain-core&package-manager=pip&previous-version=1.2.16&new-version=1.2.19)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-16 10:11:40 -07:00
dependabot[bot] e2353612f8 Bump the pip group across 1 directory with 2 updates (#871)
Bumps the pip group with 2 updates in the / directory:
[orjson](https://github.com/ijl/orjson) and
[tornado](https://github.com/tornadoweb/tornado).

Updates `orjson` from 3.11.5 to 3.11.6
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ijl/orjson/releases">orjson's
releases</a>.</em></p>
<blockquote>
<h2>3.11.6</h2>
<h3>Changed</h3>
<ul>
<li>orjson now includes code licensed under the Mozilla Public License
2.0 (MPL-2.0).</li>
<li>Drop support for Python 3.9.</li>
<li>ABI compatibility with CPython 3.15 alpha 5.</li>
<li>Build now depends on Rust 1.89 or later instead of 1.85.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Fix sporadic crash serializing deeply nested <code>list</code> of
<code>dict</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ijl/orjson/blob/master/CHANGELOG.md">orjson's
changelog</a>.</em></p>
<blockquote>
<h2>3.11.6 - 2026-01-29</h2>
<h3>Changed</h3>
<ul>
<li>orjson now includes code licensed under the Mozilla Public License
2.0 (MPL-2.0).</li>
<li>Drop support for Python 3.9.</li>
<li>ABI compatibility with CPython 3.15 alpha 5.</li>
<li>Build now depends on Rust 1.89 or later instead of 1.85.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Fix sporadic crash serializing deeply nested <code>list</code> of
<code>dict</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ijl/orjson/commit/ec02024c3837255064f248c0d2d331319b75e9ad"><code>ec02024</code></a>
3.11.6</li>
<li><a
href="https://github.com/ijl/orjson/commit/d58168733189f82b3fd0c058dff73e05d09202e6"><code>d581687</code></a>
build, clippy misc</li>
<li><a
href="https://github.com/ijl/orjson/commit/4105b29b2275f200f6fae01349bef02ccf1bc2e2"><code>4105b29</code></a>
writer::num</li>
<li><a
href="https://github.com/ijl/orjson/commit/62bb185b70785ded49c79c26f8c9781f1e6fe370"><code>62bb185</code></a>
Fix sporadic crash on serializing object close</li>
<li><a
href="https://github.com/ijl/orjson/commit/d860078a973f44401265c5c4ad12a7dbe4f839ad"><code>d860078</code></a>
PyRef idiom refactors</li>
<li><a
href="https://github.com/ijl/orjson/commit/343ae2f148197918aba9f8562db42c364620e4b8"><code>343ae2f</code></a>
Deserializer, Utf8Buffer</li>
<li><a
href="https://github.com/ijl/orjson/commit/7835f58d1c56947d1cf7a18acdfc07a2bca9b0f2"><code>7835f58</code></a>
PyBytesRef and other input refactor</li>
<li><a
href="https://github.com/ijl/orjson/commit/71e0516424ce1e11613eb1780f18e8cde83989fd"><code>71e0516</code></a>
PyStrRef</li>
<li><a
href="https://github.com/ijl/orjson/commit/1096df42dc585fde837ed0c930a346f5ef7dbb94"><code>1096df4</code></a>
MSRV 1.89</li>
<li><a
href="https://github.com/ijl/orjson/commit/b718e75b8ba18a707c2b44b6de14d52547573771"><code>b718e75</code></a>
Drop support for python3.9</li>
<li>Additional commits viewable in <a
href="https://github.com/ijl/orjson/compare/3.11.5...3.11.6">compare
view</a></li>
</ul>
</details>
<br />

Updates `tornado` from 6.5.2 to 6.5.5
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst">tornado's
changelog</a>.</em></p>
<blockquote>
<h1>Release notes</h1>
<p>.. toctree::
:maxdepth: 2</p>
<p>releases/v6.5.5
releases/v6.5.4
releases/v6.5.3
releases/v6.5.2
releases/v6.5.1
releases/v6.5.0
releases/v6.4.2
releases/v6.4.1
releases/v6.4.0
releases/v6.3.3
releases/v6.3.2
releases/v6.3.1
releases/v6.3.0
releases/v6.2.0
releases/v6.1.0
releases/v6.0.4
releases/v6.0.3
releases/v6.0.2
releases/v6.0.1
releases/v6.0.0
releases/v5.1.1
releases/v5.1.0
releases/v5.0.2
releases/v5.0.1
releases/v5.0.0
releases/v4.5.3
releases/v4.5.2
releases/v4.5.1
releases/v4.5.0
releases/v4.4.3
releases/v4.4.2
releases/v4.4.1
releases/v4.4.0
releases/v4.3.0
releases/v4.2.1
releases/v4.2.0
releases/v4.1.0
releases/v4.0.2
releases/v4.0.1
releases/v4.0.0
releases/v3.2.2
releases/v3.2.1
releases/v3.2.0
releases/v3.1.1</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tornadoweb/tornado/commit/7d6465056ceb7a054b3f64cf1c18271753b10482"><code>7d64650</code></a>
Merge pull request <a
href="https://redirect.github.com/tornadoweb/tornado/issues/3586">#3586</a>
from bdarnell/update-cibw</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/d05d59b8080a0d5d6a260994c7aad7049209d345"><code>d05d59b</code></a>
build: Bump cibuildwheel to 3.4.0</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/c2f46732b0ad14bf0db4219c96a945f4b60205f5"><code>c2f4673</code></a>
Merge pull request <a
href="https://redirect.github.com/tornadoweb/tornado/issues/3585">#3585</a>
from bdarnell/release-655</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/e5f1aa4b6fa2c16b29024830227838fcb0c79b6f"><code>e5f1aa4</code></a>
Release notes and version bump for v6.5.5</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/78a046f99f89977dfc8ff5a1fe16d298afbeeaca"><code>78a046f</code></a>
httputil: Add CRLF to _FORBIDDEN_HEADER_CHARS_RE</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/24a2d96ea115f663b223887deb0060f13974c104"><code>24a2d96</code></a>
web: Validate characters in all cookie attributes.</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/119a195e290c43ad2d63a2cf012c29d43d6ed839"><code>119a195</code></a>
httputil: Add limits on multipart form data parsing</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/63d4df4eefa6750bb14efa1ebffe67b8c54fbad4"><code>63d4df4</code></a>
Merge pull request <a
href="https://redirect.github.com/tornadoweb/tornado/issues/3564">#3564</a>
from bdarnell/release-654</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/eadbf9adbe9db19e2686a32f48ddf9a25518c4f6"><code>eadbf9a</code></a>
Release notes and version bump for 6.5.4</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/bbc2b1429c6db80765a8a95c09ddddc7bb40e4e8"><code>bbc2b14</code></a>
Make sure that the in-operator on HTTPHeaders is case insensitive</li>
<li>Additional commits viewable in <a
href="https://github.com/tornadoweb/tornado/compare/v6.5.2...v6.5.5">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-16 10:11:27 -07:00
John Kennedy 9001867cc1 Fix all open Dependabot security vulnerabilities (#864)
## Summary

- **rollup** (high): Bump resolution `^3.29.5` → `^3.30.0` to fix
arbitrary file write via path traversal (CVE-2026-27606)
- **ajv** (medium): Add resolution `^8.18.0` to fix ReDoS when using
`$data` option (CVE-2025-69873) — resolves all 4 ajv alerts
- **langchain-core** (low): Upgrade `0.3.83` → `1.2.16` to fix SSRF via
image_url token counting (CVE-2026-26013)
- **langsmith** (medium): Upgrade `0.4.32` → `0.7.9` to fix SSRF via
tracing header injection (CVE-2026-25528)
- **Python 3.9**: Dropped (EOL since Oct 2025) — required to enable
langchain-core 1.x and langsmith 0.6.x+ which have the security fixes

Resolves Dependabot alerts #143, #144, #149, #150, #151, #152, #155,
#156.

## Test plan

- [ ] CI passes on Python 3.10 and 3.11
- [ ] Playground builds still succeed with updated yarn.lock
- [ ] Verify Dependabot alerts auto-close after merge

🤖 Generated with [Claude Code](https://claude.com/claude-code)

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-28 15:21:29 -08:00
dependabot[bot] 81152822bc Bump openai from 0.28.1 to 2.18.0 (#857)
Bumps [openai](https://github.com/openai/openai-python) from 0.28.1 to
2.18.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/openai/openai-python/releases">openai's
releases</a>.</em></p>
<blockquote>
<h2>v2.18.0</h2>
<h2>2.18.0 (2026-02-09)</h2>
<p>Full Changelog: <a
href="https://github.com/openai/openai-python/compare/v2.17.0...v2.18.0">v2.17.0...v2.18.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> add context_management to responses (<a
href="https://github.com/openai/openai-python/commit/137e992b80956401d1867274fa7a0969edfdba54">137e992</a>)</li>
<li><strong>api:</strong> responses context_management (<a
href="https://github.com/openai/openai-python/commit/c3bd017318347af0a0105a7e975c8d91e22f7941">c3bd017</a>)</li>
</ul>
<h2>v2.17.0</h2>
<h2>2.17.0 (2026-02-05)</h2>
<p>Full Changelog: <a
href="https://github.com/openai/openai-python/compare/v2.16.0...v2.17.0">v2.16.0...v2.17.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> add shell_call_output status field (<a
href="https://github.com/openai/openai-python/commit/1bbaf8865000b338c24c9fdd5e985183feaca10f">1bbaf88</a>)</li>
<li><strong>api:</strong> image generation actions for responses;
ResponseFunctionCallArgumentsDoneEvent.name (<a
href="https://github.com/openai/openai-python/commit/7d965135f93f41b0c3dbf3dc9f01796bd9645b6c">7d96513</a>)</li>
<li><strong>client:</strong> add custom JSON encoder for extended type
support (<a
href="https://github.com/openai/openai-python/commit/9f43c8b1a1641db2336cc6d0ec0c6dc470a89103">9f43c8b</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>client:</strong> undo change to web search Find action (<a
href="https://github.com/openai/openai-python/commit/8f14eb0a74363fdfc648c5cd5c6d34a85b938d3c">8f14eb0</a>)</li>
<li><strong>client:</strong> update type for <code>find_in_page</code>
action (<a
href="https://github.com/openai/openai-python/commit/ec54ddeb357e49edd81cc3fe53d549c297e59a07">ec54dde</a>)</li>
</ul>
<h2>v2.16.0</h2>
<h2>2.16.0 (2026-01-27)</h2>
<p>Full Changelog: <a
href="https://github.com/openai/openai-python/compare/v2.15.0...v2.16.0">v2.15.0...v2.16.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> api update (<a
href="https://github.com/openai/openai-python/commit/b97f9f26b9c46ca4519130e60a8bf12ad8d52bf3">b97f9f2</a>)</li>
<li><strong>api:</strong> api updates (<a
href="https://github.com/openai/openai-python/commit/9debcc02370f5b76a6a609ded18fbf8dea87b9cb">9debcc0</a>)</li>
<li><strong>client:</strong> add support for binary request streaming
(<a
href="https://github.com/openai/openai-python/commit/49561d88279628bc400d1b09aa98765b67018ef1">49561d8</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>api:</strong> mark assistants as deprecated (<a
href="https://github.com/openai/openai-python/commit/0419cbcbf1021131c7492321436ed01ca4337835">0419cbc</a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><strong>ci:</strong> upgrade <code>actions/github-script</code> (<a
href="https://github.com/openai/openai-python/commit/5139f13ef35e64dadc65f2ba2bab736977985769">5139f13</a>)</li>
<li><strong>internal:</strong> update <code>actions/checkout</code>
version (<a
href="https://github.com/openai/openai-python/commit/f2767144c11833070c0579063ed33918089b4617">f276714</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/openai/openai-python/blob/main/CHANGELOG.md">openai's
changelog</a>.</em></p>
<blockquote>
<h2>2.18.0 (2026-02-09)</h2>
<p>Full Changelog: <a
href="https://github.com/openai/openai-python/compare/v2.17.0...v2.18.0">v2.17.0...v2.18.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> add context_management to responses (<a
href="https://github.com/openai/openai-python/commit/137e992b80956401d1867274fa7a0969edfdba54">137e992</a>)</li>
<li><strong>api:</strong> responses context_management (<a
href="https://github.com/openai/openai-python/commit/c3bd017318347af0a0105a7e975c8d91e22f7941">c3bd017</a>)</li>
</ul>
<h2>2.17.0 (2026-02-05)</h2>
<p>Full Changelog: <a
href="https://github.com/openai/openai-python/compare/v2.16.0...v2.17.0">v2.16.0...v2.17.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> add shell_call_output status field (<a
href="https://github.com/openai/openai-python/commit/1bbaf8865000b338c24c9fdd5e985183feaca10f">1bbaf88</a>)</li>
<li><strong>api:</strong> image generation actions for responses;
ResponseFunctionCallArgumentsDoneEvent.name (<a
href="https://github.com/openai/openai-python/commit/7d965135f93f41b0c3dbf3dc9f01796bd9645b6c">7d96513</a>)</li>
<li><strong>client:</strong> add custom JSON encoder for extended type
support (<a
href="https://github.com/openai/openai-python/commit/9f43c8b1a1641db2336cc6d0ec0c6dc470a89103">9f43c8b</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>client:</strong> undo change to web search Find action (<a
href="https://github.com/openai/openai-python/commit/8f14eb0a74363fdfc648c5cd5c6d34a85b938d3c">8f14eb0</a>)</li>
<li><strong>client:</strong> update type for <code>find_in_page</code>
action (<a
href="https://github.com/openai/openai-python/commit/ec54ddeb357e49edd81cc3fe53d549c297e59a07">ec54dde</a>)</li>
</ul>
<h2>2.16.0 (2026-01-27)</h2>
<p>Full Changelog: <a
href="https://github.com/openai/openai-python/compare/v2.15.0...v2.16.0">v2.15.0...v2.16.0</a></p>
<h3>Features</h3>
<ul>
<li><strong>api:</strong> api update (<a
href="https://github.com/openai/openai-python/commit/b97f9f26b9c46ca4519130e60a8bf12ad8d52bf3">b97f9f2</a>)</li>
<li><strong>api:</strong> api updates (<a
href="https://github.com/openai/openai-python/commit/9debcc02370f5b76a6a609ded18fbf8dea87b9cb">9debcc0</a>)</li>
<li><strong>client:</strong> add support for binary request streaming
(<a
href="https://github.com/openai/openai-python/commit/49561d88279628bc400d1b09aa98765b67018ef1">49561d8</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>api:</strong> mark assistants as deprecated (<a
href="https://github.com/openai/openai-python/commit/0419cbcbf1021131c7492321436ed01ca4337835">0419cbc</a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><strong>ci:</strong> upgrade <code>actions/github-script</code> (<a
href="https://github.com/openai/openai-python/commit/5139f13ef35e64dadc65f2ba2bab736977985769">5139f13</a>)</li>
<li><strong>internal:</strong> update <code>actions/checkout</code>
version (<a
href="https://github.com/openai/openai-python/commit/f2767144c11833070c0579063ed33918089b4617">f276714</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li><strong>examples:</strong> update Azure Realtime sample to use v1
API (<a
href="https://redirect.github.com/openai/openai-python/issues/2829">#2829</a>)
(<a
href="https://github.com/openai/openai-python/commit/3b319819544d629c5b8c206b8b1f6ec6328c6136">3b31981</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/openai/openai-python/commit/a7a60166ad8f686f388719a147f815b053c9e885"><code>a7a6016</code></a>
release: 2.18.0 (<a
href="https://redirect.github.com/openai/openai-python/issues/2846">#2846</a>)</li>
<li><a
href="https://github.com/openai/openai-python/commit/e8888736c86bb1d5a27100867da22b11ab5bb1b7"><code>e888873</code></a>
release: 2.17.0</li>
<li><a
href="https://github.com/openai/openai-python/commit/b982088450a89409ae0eedc1f27f84f383b447af"><code>b982088</code></a>
fix(client): undo change to web search Find action</li>
<li><a
href="https://github.com/openai/openai-python/commit/b95c09d3f1b760378ee4137b83a8e9b87156bedd"><code>b95c09d</code></a>
codegen metadata</li>
<li><a
href="https://github.com/openai/openai-python/commit/31b4218b71025c9183eb8320629af5de74682adc"><code>31b4218</code></a>
codegen metadata</li>
<li><a
href="https://github.com/openai/openai-python/commit/a1fb97bb3580d58a4534a3b4278b5cd4a43ddbc6"><code>a1fb97b</code></a>
fix(client): update type for <code>find_in_page</code> action</li>
<li><a
href="https://github.com/openai/openai-python/commit/42cb178759bd2bac2274f4c7afd3c550e6cf9aa2"><code>42cb178</code></a>
feat(api): image generation actions for responses;
ResponseFunctionCallArgume...</li>
<li><a
href="https://github.com/openai/openai-python/commit/db4d87193089f60d8a2c2841ded3c7fdcd54a5bb"><code>db4d871</code></a>
feat(client): add custom JSON encoder for extended type support</li>
<li><a
href="https://github.com/openai/openai-python/commit/2360dfa7fd26a8f92211702c04752a10fe5fff27"><code>2360dfa</code></a>
codegen metadata</li>
<li><a
href="https://github.com/openai/openai-python/commit/7da396e2601ea1587c8798a9c60d9d3497146380"><code>7da396e</code></a>
codegen metadata</li>
<li>Additional commits viewable in <a
href="https://github.com/openai/openai-python/compare/v0.28.1...v2.18.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=openai&package-manager=pip&previous-version=0.28.1&new-version=2.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-27 16:50:44 -08:00
dependabot[bot] fa7f3b828b Bump uvicorn from 0.23.2 to 0.39.0 (#858)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.23.2 to
0.39.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/releases">uvicorn's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.39.0</h2>
<h2>What's Changed</h2>
<ul>
<li>explicitly start ASGI run with empty context by <a
href="https://github.com/pmeier"><code>@​pmeier</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2742">Kludex/uvicorn#2742</a></li>
<li>fix(websockets): Send close frame on ASGI return by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2769">Kludex/uvicorn#2769</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/pmeier"><code>@​pmeier</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2742">Kludex/uvicorn#2742</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.38.0...0.39.0">https://github.com/Kludex/uvicorn/compare/0.38.0...0.39.0</a></p>
<h2>Version 0.38.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Support Python 3.14 by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2723">Kludex/uvicorn#2723</a></li>
</ul>
<hr />
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/NGANAMODEIJunior"><code>@​NGANAMODEIJunior</code></a>
made their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2713">Kludex/uvicorn#2713</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.37.0...0.38.0">https://github.com/Kludex/uvicorn/compare/0.37.0...0.38.0</a></p>
<h2>Version 0.37.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add <code>--timeout-worker-healthcheck</code> setting by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2711">Kludex/uvicorn#2711</a></li>
<li>Add <code>os.PathLike[str]</code> type to <code>ssl_ca_certs</code>
by <a href="https://github.com/rnv812"><code>@​rnv812</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2676">Kludex/uvicorn#2676</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/LincolnPuzey"><code>@​LincolnPuzey</code></a>
made their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2669">Kludex/uvicorn#2669</a></li>
<li><a href="https://github.com/rnv812"><code>@​rnv812</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2676">Kludex/uvicorn#2676</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.36.1...0.37.0">https://github.com/Kludex/uvicorn/compare/0.36.1...0.37.0</a></p>
<h2>Version 0.36.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Raise an exception when calling removed
<code>Config.setup_event_loop()</code> by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2709">Kludex/uvicorn#2709</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.36.0...0.36.1">https://github.com/Kludex/uvicorn/compare/0.36.0...0.36.1</a></p>
<h2>Version 0.36.0</h2>
<h2>Added</h2>
<ul>
<li>Support custom IOLOOPs by <a
href="https://github.com/gnir-work"><code>@​gnir-work</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2435">Kludex/uvicorn#2435</a></li>
<li>Allow to provide importable string in <code>--http</code>,
<code>--ws</code> and <code>--loop</code> by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2658">Kludex/uvicorn#2658</a></li>
</ul>
<hr />
<h3>New Contributors</h3>
<ul>
<li><a href="https://github.com/gnir-work"><code>@​gnir-work</code></a>
made their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2435">Kludex/uvicorn#2435</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's
changelog</a>.</em></p>
<blockquote>
<h2>0.39.0 (December 21, 2025)</h2>
<h3>Fixed</h3>
<ul>
<li>Send close frame on ASGI return for WebSockets (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2769">#2769</a>)</li>
<li>Explicitly start ASGI run with empty context (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2742">#2742</a>)</li>
</ul>
<h2>0.38.0 (October 18, 2025)</h2>
<h3>Added</h3>
<ul>
<li>Support Python 3.14 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2723">#2723</a>)</li>
</ul>
<h2>0.37.0 (September 23, 2025)</h2>
<h3>Added</h3>
<ul>
<li>Add <code>--timeout-worker-healthcheck</code> option (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2711">#2711</a>)</li>
<li>Add <code>os.PathLike[str]</code> type to <code>ssl_ca_certs</code>
(<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2676">#2676</a>)</li>
</ul>
<h2>0.36.1 (September 23, 2025)</h2>
<h3>Fixed</h3>
<ul>
<li>Raise an exception when calling removed
<code>Config.setup_event_loop()</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2709">#2709</a>)</li>
</ul>
<h2>0.36.0 (September 20, 2025)</h2>
<h3>Added</h3>
<ul>
<li>Support custom IOLOOPs (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2435">#2435</a>)</li>
<li>Allow to provide importable string in <code>--http</code>,
<code>--ws</code> and <code>--loop</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2658">#2658</a>)</li>
</ul>
<h2>0.35.0 (June 28, 2025)</h2>
<h3>Added</h3>
<ul>
<li>Add <code>WebSocketsSansIOProtocol</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2540">#2540</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Refine help message for option <code>--proxy-headers</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2653">#2653</a>)</li>
</ul>
<h2>0.34.3 (June 1, 2025)</h2>
<h3>Fixed</h3>
<ul>
<li>Don't include <code>cwd()</code> when non-empty
<code>--reload-dirs</code> is passed (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2598">#2598</a>)</li>
<li>Apply <code>get_client_addr</code> formatting to WebSocket logging
(<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2636">#2636</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Kludex/uvicorn/commit/4f40b8495772eb3a1ab3613ffd7be5156f8e1389"><code>4f40b84</code></a>
Version 0.39.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2770">#2770</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/5692dfc416f9e65aee5028e55d119313d8d3ab0f"><code>5692dfc</code></a>
fix(websockets): Send close frame on ASGI return (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2769">#2769</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/4194764a26824e5d8ddd1fa673df78dff82966e0"><code>4194764</code></a>
chore(deps): bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2763">#2763</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/d94bf28743de545d2d4b150f022203a5178cb705"><code>d94bf28</code></a>
explicitly start ASGI run with empty context (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2742">#2742</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/8ae0bcbecb0a655789abf0c2dd4200848fc68a30"><code>8ae0bcb</code></a>
chore(deps): bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2748">#2748</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/4744ff9a1a4888c76ea160328cc9dcc2680c2c71"><code>4744ff9</code></a>
Add groups configuration for GitHub Actions (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2747">#2747</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/0391372376c264604a0475b0864bcbf3a8705352"><code>0391372</code></a>
chore(deps): bump astral-sh/setup-uv from 6.8.0 to 7.1.2 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2746">#2746</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/69a6ae319801a5866ec07afdeb2ff3d912f4d3a0"><code>69a6ae3</code></a>
Improve typing in <code>test_http.py</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2740">#2740</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/3850ad6520cafb290bd4174fa9c4ca5d33440c82"><code>3850ad6</code></a>
Version 0.38.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2733">#2733</a>)</li>
<li><a
href="https://github.com/Kludex/uvicorn/commit/9b3f17a549ec96f57bf4d975145fc58feefdd4e8"><code>9b3f17a</code></a>
Support Python 3.14 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2723">#2723</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/uvicorn/compare/0.23.2...0.39.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uvicorn&package-manager=pip&previous-version=0.23.2&new-version=0.39.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-26 00:08:16 -08:00
John Kennedy 6b53d46321 Potential fix for code scanning alert no. 1: Workflow does not contain permissions (#863)
Potential fix for
[https://github.com/langchain-ai/langserve/security/code-scanning/1](https://github.com/langchain-ai/langserve/security/code-scanning/1)

In general, to fix this class of issue, you explicitly declare a
`permissions:` block in the workflow (either at the top level or per
job) that grants only the scopes required. For linting and caching,
read-only `contents` access is sufficient; no write access or extra
scopes are needed.

For this specific workflow, the least-privilege, non-breaking fix is to
add a root-level `permissions:` block just under the `name: lint` line.
That will apply to all jobs (here only `build`) that don’t override
permissions. Based on the steps (checkout, cache, running local tools),
only repository contents need to be readable, so we can set:

```yaml
permissions:
  contents: read
```

No other parts of the file need to change, and no additional imports or
methods are required, since this is pure workflow configuration.


_Suggested fixes powered by Copilot Autofix. Review carefully before
merging._

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
2026-02-26 00:07:52 -08:00
dependabot[bot] 79bf88aa7a Bump pydantic from 2.11.10 to 2.12.5 (#856)
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.11.10 to
2.12.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/releases">pydantic's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.5 2025-11-26</h2>
<h2>v2.12.5 (2025-11-26)</h2>
<p>This is the fifth 2.12 patch release, addressing an issue with the
<code>MISSING</code> sentinel and providing several documentation
improvements.</p>
<p>The next 2.13 minor release will be published in a couple weeks, and
will include a new <em>polymorphic serialization</em> feature addressing
the remaining unexpected changes to the <em>serialize as any</em>
behavior.</p>
<ul>
<li>Fix pickle error when using <code>model_construct()</code> on a
model with <code>MISSING</code> as a default value by <a
href="https://github.com/ornariece"><code>@​ornariece</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12522">#12522</a>.</li>
<li>Several updates to the documentation by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a>.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic/compare/v2.12.4...v2.12.5">https://github.com/pydantic/pydantic/compare/v2.12.4...v2.12.5</a></p>
<h2>v2.12.4 2025-11-05</h2>
<h2>v2.12.4 (2025-11-05)</h2>
<p>This is the fourth 2.12 patch release, fixing more regressions, and
reverting a change in the <code>build()</code> method
of the <a
href="https://docs.pydantic.dev/latest/api/networks/"><code>AnyUrl</code>
and Dsn types</a>.</p>
<p>This patch release also fixes an issue with the serialization of IP
address types, when <code>serialize_as_any</code> is used. The next
patch release
will try to address the remaining issues with <em>serialize as any</em>
behavior by introducing a new <em>polymorphic serialization</em>
feature, that
should be used in most cases in place of <em>serialize as any</em>.</p>
<ul>
<li>
<p>Fix issue with forward references in parent <code>TypedDict</code>
classes by <a href="https://github.com/Viicos"><code>@​Viicos</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12427">#12427</a>.</p>
<p>This issue is only relevant on Python 3.14 and greater.</p>
</li>
<li>
<p>Exclude fields with <code>exclude_if</code> from JSON Schema required
fields by <a href="https://github.com/Viicos"><code>@​Viicos</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12430">#12430</a></p>
</li>
<li>
<p>Revert URL percent-encoding of credentials in the
<code>build()</code> method of the <a
href="https://docs.pydantic.dev/latest/api/networks/"><code>AnyUrl</code>
and Dsn types</a> by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1833">pydantic-core#1833</a>.</p>
<p>This was initially considered as a bugfix, but caused regressions and
as such was fully reverted. The next release will include
an opt-in option to percent-encode components of the URL.</p>
</li>
<li>
<p>Add type inference for IP address types by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1868">pydantic-core#1868</a>.</p>
<p>The 2.12 changes to the <code>serialize_as_any</code> behavior made
it so that IP address types could not properly serialize to JSON.</p>
</li>
<li>
<p>Avoid getting default values from defaultdict by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1853">pydantic-core#1853</a>.</p>
<p>This fixes a subtle regression in the validation behavior of the <a
href="https://docs.python.org/3/library/collections.html#collections.defaultdict"><code>collections.defaultdict</code></a>
type.</p>
</li>
<li>
<p>Fix issue with field serializers on nested typed dictionaries by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1879">pydantic-core#1879</a>.</p>
</li>
<li>
<p>Add more <code>pydantic-core</code> builds for the three-threaded
version of Python 3.14 by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1864">pydantic-core#1864</a>.</p>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic/compare/v2.12.3...v2.12.4">https://github.com/pydantic/pydantic/compare/v2.12.3...v2.12.4</a></p>
<h2>v2.12.3 2025-10-17</h2>
<h2>v2.12.3 (2025-10-17)</h2>
<h3>What's Changed</h3>
<p>This is the third 2.13 patch release, fixing issues related to the
<code>FieldInfo</code> class, and reverting a change to the supported <a
href="https://docs.pydantic.dev/latest/concepts/validators/#model-validators"><em>after</em>
model validator</a> function signatures.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/blob/main/HISTORY.md">pydantic's
changelog</a>.</em></p>
<blockquote>
<h2>v2.12.5 (2025-11-26)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.5">GitHub
release</a></p>
<p>This is the fifth 2.12 patch release, addressing an issue with the
<code>MISSING</code> sentinel and providing several documentation
improvements.</p>
<p>The next 2.13 minor release will be published in a couple weeks, and
will include a new <em>polymorphic serialization</em> feature addressing
the remaining unexpected changes to the <em>serialize as any</em>
behavior.</p>
<ul>
<li>Fix pickle error when using <code>model_construct()</code> on a
model with <code>MISSING</code> as a default value by <a
href="https://github.com/ornariece"><code>@​ornariece</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12522">#12522</a>.</li>
<li>Several updates to the documentation by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a>.</li>
</ul>
<h2>v2.12.4 (2025-11-05)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.4">GitHub
release</a></p>
<p>This is the fourth 2.12 patch release, fixing more regressions, and
reverting a change in the <code>build()</code> method
of the <a
href="https://docs.pydantic.dev/latest/api/networks/"><code>AnyUrl</code>
and Dsn types</a>.</p>
<p>This patch release also fixes an issue with the serialization of IP
address types, when <code>serialize_as_any</code> is used. The next
patch release
will try to address the remaining issues with <em>serialize as any</em>
behavior by introducing a new <em>polymorphic serialization</em>
feature, that
should be used in most cases in place of <em>serialize as any</em>.</p>
<ul>
<li>
<p>Fix issue with forward references in parent <code>TypedDict</code>
classes by <a href="https://github.com/Viicos"><code>@​Viicos</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12427">#12427</a>.</p>
<p>This issue is only relevant on Python 3.14 and greater.</p>
</li>
<li>
<p>Exclude fields with <code>exclude_if</code> from JSON Schema required
fields by <a href="https://github.com/Viicos"><code>@​Viicos</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12430">#12430</a></p>
</li>
<li>
<p>Revert URL percent-encoding of credentials in the
<code>build()</code> method
of the <a
href="https://docs.pydantic.dev/latest/api/networks/"><code>AnyUrl</code>
and Dsn types</a> by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1833">pydantic-core#1833</a>.</p>
<p>This was initially considered as a bugfix, but caused regressions and
as such was fully reverted. The next release will include
an opt-in option to percent-encode components of the URL.</p>
</li>
<li>
<p>Add type inference for IP address types by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1868">pydantic-core#1868</a>.</p>
<p>The 2.12 changes to the <code>serialize_as_any</code> behavior made
it so that IP address types could not properly serialize to JSON.</p>
</li>
<li>
<p>Avoid getting default values from defaultdict by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1853">pydantic-core#1853</a>.</p>
<p>This fixes a subtle regression in the validation behavior of the <a
href="https://docs.python.org/3/library/collections.html#collections.defaultdict"><code>collections.defaultdict</code></a>
type.</p>
</li>
<li>
<p>Fix issue with field serializers on nested typed dictionaries by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1879">pydantic-core#1879</a>.</p>
</li>
<li>
<p>Add more <code>pydantic-core</code> builds for the three-threaded
version of Python 3.14 by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1864">pydantic-core#1864</a>.</p>
</li>
</ul>
<h2>v2.12.3 (2025-10-17)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.3">GitHub
release</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pydantic/pydantic/commit/bd2d0dd0137dfa1a8fdff2529b9dfb1547980150"><code>bd2d0dd</code></a>
Prepare release v2.12.5</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/7d0302ec7ec2cf115de3450a615522875bdd8b56"><code>7d0302e</code></a>
Document security implications when using
<code>create_model()</code></li>
<li><a
href="https://github.com/pydantic/pydantic/commit/e9ef980def726b6f59b6c495ddc9dc259a0228db"><code>e9ef980</code></a>
Fix typo in Standard Library Types documentation</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/f2c20c00c265a31a13c48f9bae923a87c829952e"><code>f2c20c0</code></a>
Add <code>pydantic-docs</code> dev dependency, make use of versioning
blocks</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/a76c1aa26f2d64a3fd080ac515d80832689197e8"><code>a76c1aa</code></a>
Update documentation about JSON Schema</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/8cbc72ca489891e574fba45238ee8bd4f8e719a2"><code>8cbc72c</code></a>
Add documentation about custom <code>__init__()</code></li>
<li><a
href="https://github.com/pydantic/pydantic/commit/99eba599069da137b3f708ffa74627f2b456ba73"><code>99eba59</code></a>
Add additional test for <code>FieldInfo.get_default()</code></li>
<li><a
href="https://github.com/pydantic/pydantic/commit/c71076988e507ea93844c77c3bf0bbb85a5716af"><code>c710769</code></a>
Special case <code>MISSING</code> sentinel in
<code>smart_deepcopy()</code></li>
<li><a
href="https://github.com/pydantic/pydantic/commit/20a9d771c210fd77d52366ac923258c4c199727f"><code>20a9d77</code></a>
Do not delete mock validator/serializer in
<code>rebuild_dataclass()</code></li>
<li><a
href="https://github.com/pydantic/pydantic/commit/c86515a3a8f2120148fab2eaedd3bc45925779d0"><code>c86515a</code></a>
Update parts of the model and <code>revalidate_instances</code>
documentation</li>
<li>Additional commits viewable in <a
href="https://github.com/pydantic/pydantic/compare/v2.11.10...v2.12.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pydantic&package-manager=pip&previous-version=2.11.10&new-version=2.12.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-26 00:04:51 -08:00
dependabot[bot] 2007e07a83 Bump starlette from 0.48.0 to 0.49.1 in the pip group across 1 directory (#855)
Bumps the pip group with 1 update in the / directory:
[starlette](https://github.com/Kludex/starlette).

Updates `starlette` from 0.48.0 to 0.49.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/starlette/releases">starlette's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.49.1</h2>
<p>This release fixes a security vulnerability in the parsing logic of
the <code>Range</code> header in <code>FileResponse</code>.</p>
<p>You can view the full security advisory: <a
href="https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8">GHSA-7f5h-v6xp-fcq8</a></p>
<h2>Fixed</h2>
<ul>
<li>Optimize the HTTP ranges parsing logic <a
href="https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5">4ea6e22b489ec388d6004cfbca52dd5b147127c5</a></li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/starlette/compare/0.49.0...0.49.1">https://github.com/Kludex/starlette/compare/0.49.0...0.49.1</a></p>
<h2>Version 0.49.0</h2>
<h2>Added</h2>
<ul>
<li>Add <code>encoding</code> parameter to <code>Config</code> class <a
href="https://redirect.github.com/Kludex/starlette/pull/2996">#2996</a>.</li>
<li>Support multiple cookie headers in <code>Request.cookies</code> <a
href="https://redirect.github.com/Kludex/starlette/pull/3029">#3029</a>.</li>
<li>Use <code>Literal</code> type for <code>WebSocketEndpoint</code>
encoding values <a
href="https://redirect.github.com/Kludex/starlette/pull/3027">#3027</a>.</li>
</ul>
<h2>Changed</h2>
<ul>
<li>Do not pollute exception context in <code>Middleware</code> when
using <code>BaseHTTPMiddleware</code> <a
href="https://redirect.github.com/Kludex/starlette/pull/2976">#2976</a>.</li>
</ul>
<hr />
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/TheWesDias"><code>@​TheWesDias</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/starlette/pull/3017">Kludex/starlette#3017</a></li>
<li><a href="https://github.com/gmos2104"><code>@​gmos2104</code></a>
made their first contribution in <a
href="https://redirect.github.com/Kludex/starlette/pull/3027">Kludex/starlette#3027</a></li>
<li><a
href="https://github.com/secrett2633"><code>@​secrett2633</code></a>
made their first contribution in <a
href="https://redirect.github.com/Kludex/starlette/pull/2996">Kludex/starlette#2996</a></li>
<li><a
href="https://github.com/adam-sikora"><code>@​adam-sikora</code></a>
made their first contribution in <a
href="https://redirect.github.com/Kludex/starlette/pull/2976">Kludex/starlette#2976</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/starlette/compare/0.48.0...0.49.0">https://github.com/Kludex/starlette/compare/0.48.0...0.49.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/starlette/blob/main/docs/release-notes.md">starlette's
changelog</a>.</em></p>
<blockquote>
<h2>0.49.1 (October 28, 2025)</h2>
<p>This release fixes a security vulnerability in the parsing logic of
the <code>Range</code> header in <code>FileResponse</code>.</p>
<p>You can view the full security advisory: <a
href="https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8">GHSA-7f5h-v6xp-fcq8</a></p>
<h4>Fixed</h4>
<ul>
<li>Optimize the HTTP ranges parsing logic <a
href="https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5">4ea6e22b489ec388d6004cfbca52dd5b147127c5</a></li>
</ul>
<h2>0.49.0 (October 28, 2025)</h2>
<h4>Added</h4>
<ul>
<li>Add <code>encoding</code> parameter to <code>Config</code> class <a
href="https://redirect.github.com/Kludex/starlette/pull/2996">#2996</a>.</li>
<li>Support multiple cookie headers in <code>Request.cookies</code> <a
href="https://redirect.github.com/Kludex/starlette/pull/3029">#3029</a>.</li>
<li>Use <code>Literal</code> type for <code>WebSocketEndpoint</code>
encoding values <a
href="https://redirect.github.com/Kludex/starlette/pull/3027">#3027</a>.</li>
</ul>
<h4>Changed</h4>
<ul>
<li>Do not pollute exception context in <code>Middleware</code> when
using <code>BaseHTTPMiddleware</code> <a
href="https://redirect.github.com/Kludex/starlette/pull/2976">#2976</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Kludex/starlette/commit/7e4b7428f273dbdc875dcd036d20804bcfc7b2ee"><code>7e4b742</code></a>
Version 0.49.1 (<a
href="https://redirect.github.com/Kludex/starlette/issues/3047">#3047</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5"><code>4ea6e22</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/Kludex/starlette/commit/7d88ea6f8ec8aa99cdb5fc7a10b88db5aadfdfee"><code>7d88ea6</code></a>
Version 0.49.0 (<a
href="https://redirect.github.com/Kludex/starlette/issues/3046">#3046</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/26d66bbfb05c7bbecbbb57106c65f33682f8174e"><code>26d66bb</code></a>
Do not pollute exception context in Middleware (<a
href="https://redirect.github.com/Kludex/starlette/issues/2976">#2976</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/a59397db889e3a96c4f34b1406957a3b92e1e8b5"><code>a59397d</code></a>
Set encodings when reading config files (<a
href="https://redirect.github.com/Kludex/starlette/issues/2996">#2996</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/3b7f0cbf598be305528a498a35089ce723060372"><code>3b7f0cb</code></a>
test: add test for unknown status (<a
href="https://redirect.github.com/Kludex/starlette/issues/3035">#3035</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/b09ce1a99d352ee6f5b896597f03a1a57507afcd"><code>b09ce1a</code></a>
docs: fix legibility issues on sponsorship page (<a
href="https://redirect.github.com/Kludex/starlette/issues/3039">#3039</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/0f0edcf8007412d9536bf8714c5815ce8f5dba4b"><code>0f0edcf</code></a>
Revert &quot;Add Marcelo Trylesinski to the license (<a
href="https://redirect.github.com/Kludex/starlette/issues/3025">#3025</a>)&quot;
(<a
href="https://redirect.github.com/Kludex/starlette/issues/3044">#3044</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/3912d6313730cc6004dfb4436e37dbc1a81db7c8"><code>3912d63</code></a>
docs: add social icons (<a
href="https://redirect.github.com/Kludex/starlette/issues/3038">#3038</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/4915a9309fcad58ac08b9fa550563d3287b531ad"><code>4915a93</code></a>
Add discord to README/docs (<a
href="https://redirect.github.com/Kludex/starlette/issues/3034">#3034</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/starlette/compare/0.48.0...0.49.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=starlette&package-manager=pip&previous-version=0.48.0&new-version=0.49.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-26 00:04:34 -08:00
dependabot[bot] ad24198ad6 Bump the npm_and_yarn group across 3 directories with 2 updates (#862)
Bumps the npm_and_yarn group with 1 update in the
/langserve/chat_playground directory:
[minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 1 update in the /langserve/playground
directory: [minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 1 update in the
/libs/langserve-playground directory:
[rollup](https://github.com/rollup/rollup).

Updates `minimatch` from 3.1.2 to 3.1.5
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712"><code>7bba978</code></a>
3.1.5</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d"><code>bd25942</code></a>
docs: add warning about ReDoS</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d"><code>1a9c27c</code></a>
fix partial matching of globstar patterns</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23"><code>1a2e084</code></a>
3.1.4</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47"><code>ae24656</code></a>
update lockfile</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e"><code>b100374</code></a>
limit recursion for **, improve perf considerably</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13"><code>26ffeaa</code></a>
lockfile update</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb"><code>9eca892</code></a>
lock node version to 14</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a"><code>00c323b</code></a>
3.1.3</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b"><code>30486b2</code></a>
update CI matrix and actions</li>
<li>Additional commits viewable in <a
href="https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `minimatch` from 3.1.2 to 3.1.5
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712"><code>7bba978</code></a>
3.1.5</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d"><code>bd25942</code></a>
docs: add warning about ReDoS</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d"><code>1a9c27c</code></a>
fix partial matching of globstar patterns</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23"><code>1a2e084</code></a>
3.1.4</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47"><code>ae24656</code></a>
update lockfile</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e"><code>b100374</code></a>
limit recursion for **, improve perf considerably</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13"><code>26ffeaa</code></a>
lockfile update</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb"><code>9eca892</code></a>
lock node version to 14</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a"><code>00c323b</code></a>
3.1.3</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b"><code>30486b2</code></a>
update CI matrix and actions</li>
<li>Additional commits viewable in <a
href="https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `rollup` from 4.57.1 to 4.59.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rollup/rollup/releases">rollup's
releases</a>.</em></p>
<blockquote>
<h2>v4.59.0</h2>
<h2>4.59.0</h2>
<p><em>2026-02-22</em></p>
<h3>Features</h3>
<ul>
<li>Throw when the generated bundle contains paths that would leave the
output directory (<a
href="https://redirect.github.com/rollup/rollup/issues/6276">#6276</a>)</li>
</ul>
<h3>Pull Requests</h3>
<ul>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6275">#6275</a>:
Validate bundle stays within output dir (<a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
</ul>
<h2>v4.58.0</h2>
<h2>4.58.0</h2>
<p><em>2026-02-20</em></p>
<h3>Features</h3>
<ul>
<li>Also support <code>__NO_SIDE_EFFECTS__</code> annotation before
variable declarations declaring function expressions (<a
href="https://redirect.github.com/rollup/rollup/issues/6272">#6272</a>)</li>
</ul>
<h3>Pull Requests</h3>
<ul>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6256">#6256</a>:
docs: document PreRenderedChunk properties including isDynamicEntry and
isImplicitEntry (<a
href="https://github.com/njg7194"><code>@​njg7194</code></a>, <a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6259">#6259</a>:
docs: Correct typo and improve sentence structure in docs for
<code>output.experimentalMinChunkSize</code> (<a
href="https://github.com/millerick"><code>@​millerick</code></a>, <a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6260">#6260</a>:
fix(deps): update rust crate swc_compiler_base to v47 (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot], <a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6261">#6261</a>:
fix(deps): lock file maintenance minor/patch updates (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot], <a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6262">#6262</a>:
Avoid unnecessary cloning of the code string (<a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6263">#6263</a>:
fix(deps): update minor/patch updates (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot], <a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6265">#6265</a>:
chore(deps): lock file maintenance (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot])</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6267">#6267</a>:
fix(deps): update minor/patch updates (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot])</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6268">#6268</a>:
chore(deps): update dependency eslint-plugin-unicorn to v63 (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot], <a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6269">#6269</a>:
chore(deps): update dependency lru-cache to v11 (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot])</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6270">#6270</a>:
chore(deps): lock file maintenance (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot])</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6272">#6272</a>:
forward NO_SIDE_EFFECTS annotations to function expressions in variable
declarations (<a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rollup/rollup/blob/master/CHANGELOG.md">rollup's
changelog</a>.</em></p>
<blockquote>
<h2>4.59.0</h2>
<p><em>2026-02-22</em></p>
<h3>Features</h3>
<ul>
<li>Throw when the generated bundle contains paths that would leave the
output directory (<a
href="https://redirect.github.com/rollup/rollup/issues/6276">#6276</a>)</li>
</ul>
<h3>Pull Requests</h3>
<ul>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6275">#6275</a>:
Validate bundle stays within output dir (<a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
</ul>
<h2>4.58.0</h2>
<p><em>2026-02-20</em></p>
<h3>Features</h3>
<ul>
<li>Also support <code>__NO_SIDE_EFFECTS__</code> annotation before
variable declarations declaring function expressions (<a
href="https://redirect.github.com/rollup/rollup/issues/6272">#6272</a>)</li>
</ul>
<h3>Pull Requests</h3>
<ul>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6256">#6256</a>:
docs: document PreRenderedChunk properties including isDynamicEntry and
isImplicitEntry (<a
href="https://github.com/njg7194"><code>@​njg7194</code></a>, <a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6259">#6259</a>:
docs: Correct typo and improve sentence structure in docs for
<code>output.experimentalMinChunkSize</code> (<a
href="https://github.com/millerick"><code>@​millerick</code></a>, <a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6260">#6260</a>:
fix(deps): update rust crate swc_compiler_base to v47 (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot], <a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6261">#6261</a>:
fix(deps): lock file maintenance minor/patch updates (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot], <a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6262">#6262</a>:
Avoid unnecessary cloning of the code string (<a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6263">#6263</a>:
fix(deps): update minor/patch updates (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot], <a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6265">#6265</a>:
chore(deps): lock file maintenance (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot])</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6267">#6267</a>:
fix(deps): update minor/patch updates (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot])</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6268">#6268</a>:
chore(deps): update dependency eslint-plugin-unicorn to v63 (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot], <a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6269">#6269</a>:
chore(deps): update dependency lru-cache to v11 (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot])</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6270">#6270</a>:
chore(deps): lock file maintenance (<a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot])</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/6272">#6272</a>:
forward NO_SIDE_EFFECTS annotations to function expressions in variable
declarations (<a
href="https://github.com/lukastaegert"><code>@​lukastaegert</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/rollup/rollup/commit/ae846957f109690a866cc3e4c073613c338d3476"><code>ae84695</code></a>
4.59.0</li>
<li><a
href="https://github.com/rollup/rollup/commit/b39616e9175b3d9fc3977c99153174c490805a93"><code>b39616e</code></a>
Update audit-resolve</li>
<li><a
href="https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2"><code>c60770d</code></a>
Validate bundle stays within output dir (<a
href="https://redirect.github.com/rollup/rollup/issues/6275">#6275</a>)</li>
<li><a
href="https://github.com/rollup/rollup/commit/33f39c1f205ea2eadaf4b589e493453e2baa3662"><code>33f39c1</code></a>
4.58.0</li>
<li><a
href="https://github.com/rollup/rollup/commit/b61c40803b717854c1c28937e8098e5ad3c7b8ca"><code>b61c408</code></a>
forward NO_SIDE_EFFECTS annotations to function expressions in variable
decla...</li>
<li><a
href="https://github.com/rollup/rollup/commit/7f00689ec90e2cafb11c26eefbcac62343c936f6"><code>7f00689</code></a>
Extend agent instructions</li>
<li><a
href="https://github.com/rollup/rollup/commit/e7b2b85af0901244ecc141b9d792c6db6b527ea4"><code>e7b2b85</code></a>
chore(deps): lock file maintenance (<a
href="https://redirect.github.com/rollup/rollup/issues/6270">#6270</a>)</li>
<li><a
href="https://github.com/rollup/rollup/commit/2aa5da9baf82211b8207d268c8751630cb766970"><code>2aa5da9</code></a>
fix(deps): update minor/patch updates (<a
href="https://redirect.github.com/rollup/rollup/issues/6267">#6267</a>)</li>
<li><a
href="https://github.com/rollup/rollup/commit/4319837c5448d0c10d89e9ded118888deec2eeec"><code>4319837</code></a>
chore(deps): update dependency lru-cache to v11 (<a
href="https://redirect.github.com/rollup/rollup/issues/6269">#6269</a>)</li>
<li><a
href="https://github.com/rollup/rollup/commit/c3b6b4bdc4f2ed978fa233132a526957e6513233"><code>c3b6b4b</code></a>
chore(deps): update dependency eslint-plugin-unicorn to v63 (<a
href="https://redirect.github.com/rollup/rollup/issues/6268">#6268</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/rollup/rollup/compare/v4.57.1...v4.59.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-26 00:04:12 -08:00
dependabot[bot] 0b1e78db0b Bump the pip group across 1 directory with 2 updates (#854)
Bumps the pip group with 2 updates in the / directory:
[orjson](https://github.com/ijl/orjson) and
[nbconvert](https://github.com/jupyter/nbconvert).

Updates `orjson` from 3.11.3 to 3.11.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ijl/orjson/releases">orjson's
releases</a>.</em></p>
<blockquote>
<h2>3.11.5</h2>
<h3>Changed</h3>
<ul>
<li>Show simple error message instead of traceback when attempting to
build on unsupported Python versions.</li>
</ul>
<h2>3.11.4</h2>
<h3>Changed</h3>
<ul>
<li>ABI compatibility with CPython 3.15 alpha 1.</li>
<li>Publish PyPI wheels for 3.14 and manylinux i686, manylinux arm7,
manylinux ppc64le, manylinux s390x.</li>
<li>Build now requires a C compiler.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ijl/orjson/blob/master/CHANGELOG.md">orjson's
changelog</a>.</em></p>
<blockquote>
<h2>3.11.5 - 2025-12-06</h2>
<h3>Changed</h3>
<ul>
<li>Show simple error message instead of traceback when attempting to
build on unsupported Python versions.</li>
</ul>
<h2>3.11.4 - 2025-10-24</h2>
<h3>Changed</h3>
<ul>
<li>ABI compatibility with CPython 3.15 alpha 1.</li>
<li>Publish PyPI wheels for 3.14 and manylinux i686, manylinux arm7,
manylinux ppc64le, manylinux s390x.</li>
<li>Build now requires a C compiler.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ijl/orjson/commit/fb3eb1f729c7e7b019f780af5695722c99c7c695"><code>fb3eb1f</code></a>
3.11.5</li>
<li><a
href="https://github.com/ijl/orjson/commit/52688e02c51c845cde24a46cd1011a6010d10eb8"><code>52688e0</code></a>
Record contributors in headers</li>
<li><a
href="https://github.com/ijl/orjson/commit/dc083e87d5262e7dde3ba4b1d2a377b5b065a27c"><code>dc083e8</code></a>
Further compatibility and build misc</li>
<li><a
href="https://github.com/ijl/orjson/commit/18f0186d47fbadd53c9db4e39a442d5b04225418"><code>18f0186</code></a>
Compatibility and build misc</li>
<li><a
href="https://github.com/ijl/orjson/commit/a4fdeb3aff125d501ec0dd0577f9b38b2b977b4f"><code>a4fdeb3</code></a>
3.11.4</li>
<li><a
href="https://github.com/ijl/orjson/commit/2e80d68afacafca8751e6a64ca05d0d4087dbd15"><code>2e80d68</code></a>
unlikely to cold_path, remove intrinsics</li>
<li><a
href="https://github.com/ijl/orjson/commit/27edea92f8da2fdfc3f1342474e2f1686f1edf55"><code>27edea9</code></a>
FFI through crate::ffi, partial non-CPython compatibility</li>
<li><a
href="https://github.com/ijl/orjson/commit/416a8c9578da780d0d58b5e6b751793deafc610d"><code>416a8c9</code></a>
Unconditionally build yyjson</li>
<li><a
href="https://github.com/ijl/orjson/commit/c8c1a17dca8436a2fee05ca060febd096e653d98"><code>c8c1a17</code></a>
edition 2024</li>
<li><a
href="https://github.com/ijl/orjson/commit/af4179a1fa0aafffd0f867203b6c36e9a522f165"><code>af4179a</code></a>
build maintenance, panic_immediate_abort break, test 3.15</li>
<li>See full diff in <a
href="https://github.com/ijl/orjson/compare/3.11.3...3.11.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `nbconvert` from 7.16.6 to 7.17.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jupyter/nbconvert/releases">nbconvert's
releases</a>.</em></p>
<blockquote>
<h2>v7.17.0</h2>
<h2>7.17.0</h2>
<p>(<a
href="https://github.com/jupyter/nbconvert/compare/v7.16.6...c9ac1d1040459ed1ff9eb34e9918ce5a87cf9d71">Full
Changelog</a>)</p>
<h3>Enhancements made</h3>
<ul>
<li>Add support for arbitrary browser arguments <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2227">#2227</a>
(<a href="https://github.com/shreve"><code>@​shreve</code></a>, <a
href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
</ul>
<h3>Bugs fixed</h3>
<ul>
<li>Fix QtPNGExporter returning empty bytes on macOS <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2264">#2264</a>
(<a href="https://github.com/h3pdesign"><code>@​h3pdesign</code></a>, <a
href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/QuLogic"><code>@​QuLogic</code></a>)</li>
<li>Fix CVE-2025-53000: Secure Inkscape Windows path (registry first +
block CWD) <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2261">#2261</a>
(<a href="https://github.com/h3pdesign"><code>@​h3pdesign</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>, <a
href="https://github.com/mberlanda"><code>@​mberlanda</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>, <a
href="https://github.com/salmankadaya"><code>@​salmankadaya</code></a>,
<a
href="https://github.com/th3gowtham"><code>@​th3gowtham</code></a>)</li>
<li>Fix get_export_names and get_exporter default args <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2228">#2228</a>
(<a href="https://github.com/shreve"><code>@​shreve</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
<li>PyPA-Compliant Summary <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2226">#2226</a>
(<a
href="https://github.com/hackowitz-af"><code>@​hackowitz-af</code></a>,
<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
</ul>
<h3>Maintenance and upkeep improvements</h3>
<ul>
<li>avoid cov environment on free-threaded Pythons <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2267">#2267</a>
(<a href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>update pre-commit, and fix all issues. <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2238">#2238</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Drop test on 3.9, test on 3.13, 3.14, 3.14t <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2237">#2237</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Bump the actions group across 1 directory with 2 updates <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2231">#2231</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
<li>Replace <code>@flaky.flaky</code> decorate with pytest marker <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2229">#2229</a>
(<a href="https://github.com/mgorny"><code>@​mgorny</code></a>, <a
href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>update to mermaid 11.10.0 <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2224">#2224</a>
(<a href="https://github.com/bollwyvl"><code>@​bollwyvl</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
<li>Drop support for Python 3.8, fix the CI tests <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2221">#2221</a>
(<a href="https://github.com/shreve"><code>@​shreve</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
</ul>
<h3>Documentation improvements</h3>
<ul>
<li>Use <code>intersphinx_registry</code> <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2232">#2232</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
</ul>
<h3>Contributors to this release</h3>
<p>The following people contributed discussions, new ideas, code and
documentation contributions, and review.
See <a
href="https://github-activity.readthedocs.io/en/latest/use/#how-does-this-tool-define-contributions-in-the-reports">our
definition of contributors</a>.</p>
<p>(<a
href="https://github.com/jupyter/nbconvert/graphs/contributors?from=2025-01-28&amp;to=2026-01-29&amp;type=c">GitHub
contributors page for this release</a>)</p>
<p><a href="https://github.com/bollwyvl"><code>@​bollwyvl</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Abollwyvl+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/Carreau"><code>@​Carreau</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3ACarreau+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/h3pdesign"><code>@​h3pdesign</code></a>
(<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Ah3pdesign+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a
href="https://github.com/hackowitz-af"><code>@​hackowitz-af</code></a>
(<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Ahackowitz-af+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/krassowski"><code>@​krassowski</code></a>
(<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Akrassowski+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/mberlanda"><code>@​mberlanda</code></a>
(<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Amberlanda+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/mgorny"><code>@​mgorny</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Amgorny+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/minrk"><code>@​minrk</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Aminrk+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/MSeal"><code>@​MSeal</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3AMSeal+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/QuLogic"><code>@​QuLogic</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3AQuLogic+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a
href="https://github.com/salmankadaya"><code>@​salmankadaya</code></a>
(<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Asalmankadaya+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/shreve"><code>@​shreve</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Ashreve+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/th3gowtham"><code>@​th3gowtham</code></a>
(<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Ath3gowtham+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jupyter/nbconvert/blob/main/CHANGELOG.md">nbconvert's
changelog</a>.</em></p>
<blockquote>
<h2>7.17.0</h2>
<p>(<a
href="https://github.com/jupyter/nbconvert/compare/v7.16.6...c9ac1d1040459ed1ff9eb34e9918ce5a87cf9d71">Full
Changelog</a>)</p>
<h3>Enhancements made</h3>
<ul>
<li>Add support for arbitrary browser arguments <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2227">#2227</a>
(<a href="https://github.com/shreve"><code>@​shreve</code></a>, <a
href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
</ul>
<h3>Bugs fixed</h3>
<ul>
<li>Fix QtPNGExporter returning empty bytes on macOS <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2264">#2264</a>
(<a href="https://github.com/h3pdesign"><code>@​h3pdesign</code></a>, <a
href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/QuLogic"><code>@​QuLogic</code></a>)</li>
<li>Fix CVE-2025-53000: Secure Inkscape Windows path (registry first +
block CWD) <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2261">#2261</a>
(<a href="https://github.com/h3pdesign"><code>@​h3pdesign</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>, <a
href="https://github.com/mberlanda"><code>@​mberlanda</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>, <a
href="https://github.com/salmankadaya"><code>@​salmankadaya</code></a>,
<a
href="https://github.com/th3gowtham"><code>@​th3gowtham</code></a>)</li>
<li>Fix get_export_names and get_exporter default args <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2228">#2228</a>
(<a href="https://github.com/shreve"><code>@​shreve</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
<li>PyPA-Compliant Summary <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2226">#2226</a>
(<a
href="https://github.com/hackowitz-af"><code>@​hackowitz-af</code></a>,
<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
</ul>
<h3>Maintenance and upkeep improvements</h3>
<ul>
<li>avoid cov environment on free-threaded Pythons <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2267">#2267</a>
(<a href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>update pre-commit, and fix all issues. <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2238">#2238</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Drop test on 3.9, test on 3.13, 3.14, 3.14t <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2237">#2237</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Bump the actions group across 1 directory with 2 updates <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2231">#2231</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
<li>Replace <code>@flaky.flaky</code> decorate with pytest marker <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2229">#2229</a>
(<a href="https://github.com/mgorny"><code>@​mgorny</code></a>, <a
href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>update to mermaid 11.10.0 <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2224">#2224</a>
(<a href="https://github.com/bollwyvl"><code>@​bollwyvl</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
<li>Drop support for Python 3.8, fix the CI tests <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2221">#2221</a>
(<a href="https://github.com/shreve"><code>@​shreve</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
</ul>
<h3>Documentation improvements</h3>
<ul>
<li>Use <code>intersphinx_registry</code> <a
href="https://redirect.github.com/jupyter/nbconvert/pull/2232">#2232</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
</ul>
<h3>Contributors to this release</h3>
<p>The following people contributed discussions, new ideas, code and
documentation contributions, and review.
See <a
href="https://github-activity.readthedocs.io/en/latest/use/#how-does-this-tool-define-contributions-in-the-reports">our
definition of contributors</a>.</p>
<p>(<a
href="https://github.com/jupyter/nbconvert/graphs/contributors?from=2025-01-28&amp;to=2026-01-29&amp;type=c">GitHub
contributors page for this release</a>)</p>
<p><a href="https://github.com/bollwyvl"><code>@​bollwyvl</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Abollwyvl+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/Carreau"><code>@​Carreau</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3ACarreau+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/h3pdesign"><code>@​h3pdesign</code></a>
(<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Ah3pdesign+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a
href="https://github.com/hackowitz-af"><code>@​hackowitz-af</code></a>
(<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Ahackowitz-af+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/krassowski"><code>@​krassowski</code></a>
(<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Akrassowski+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/mberlanda"><code>@​mberlanda</code></a>
(<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Amberlanda+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/mgorny"><code>@​mgorny</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Amgorny+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/minrk"><code>@​minrk</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Aminrk+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/MSeal"><code>@​MSeal</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3AMSeal+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/QuLogic"><code>@​QuLogic</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3AQuLogic+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a
href="https://github.com/salmankadaya"><code>@​salmankadaya</code></a>
(<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Asalmankadaya+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/shreve"><code>@​shreve</code></a> (<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Ashreve+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)
| <a href="https://github.com/th3gowtham"><code>@​th3gowtham</code></a>
(<a
href="https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Ath3gowtham+updated%3A2025-01-28..2026-01-29&amp;type=Issues">activity</a>)</p>
<!-- raw HTML omitted -->
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jupyter/nbconvert/commit/21b35d85b46f5ff0956d3d088a52b9bef00e8196"><code>21b35d8</code></a>
Publish 7.17.0</li>
<li><a
href="https://github.com/jupyter/nbconvert/commit/c9ac1d1040459ed1ff9eb34e9918ce5a87cf9d71"><code>c9ac1d1</code></a>
Fix CVE-2025-53000: Secure Inkscape Windows path (registry first + block
CWD)...</li>
<li><a
href="https://github.com/jupyter/nbconvert/commit/b13276d80ae6fadbfda981304810e26f421c4ced"><code>b13276d</code></a>
avoid cov environment on free-threaded Pythons (<a
href="https://redirect.github.com/jupyter/nbconvert/issues/2267">#2267</a>)</li>
<li><a
href="https://github.com/jupyter/nbconvert/commit/7c7055fe833fe9832e6f9a64fa5f67d66692c8d6"><code>7c7055f</code></a>
[pre-commit.ci] auto fixes from pre-commit.com hooks</li>
<li><a
href="https://github.com/jupyter/nbconvert/commit/74f3ddd37ef4b7ffb5eee9acbf52062217c15852"><code>74f3ddd</code></a>
Fix QtPNGExporter returning empty bytes on macOS</li>
<li><a
href="https://github.com/jupyter/nbconvert/commit/216550b2aae4c329f4dab597a96ae7cac30de79a"><code>216550b</code></a>
fix links</li>
<li><a
href="https://github.com/jupyter/nbconvert/commit/39777ac5716350e994171d025a7369c58b0afc8c"><code>39777ac</code></a>
try to comment fialing test</li>
<li><a
href="https://github.com/jupyter/nbconvert/commit/7b591ca526f2598dbae3256a53765659c3edcf14"><code>7b591ca</code></a>
ruff-check</li>
<li><a
href="https://github.com/jupyter/nbconvert/commit/6ec7638a3dc7a0bc2c533c116202d7f9b07ce9d9"><code>6ec7638</code></a>
parent</li>
<li><a
href="https://github.com/jupyter/nbconvert/commit/59414b36f94e318d4207e8af863167047d936c19"><code>59414b3</code></a>
fix mypy</li>
<li>Additional commits viewable in <a
href="https://github.com/jupyter/nbconvert/compare/v7.16.6...v7.17.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-08 08:06:01 -08:00
dependabot[bot] 5eff20817d Bump ruff from 0.1.15 to 0.15.0 (#850)
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.1.15 to 0.15.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/releases">ruff's
releases</a>.</em></p>
<blockquote>
<h2>0.15.0</h2>
<h2>Release Notes</h2>
<p>Released on 2026-02-03.</p>
<p>Check out the <a href="https://astral.sh/blog/ruff-v0.15.0">blog
post</a> for a migration guide and overview of the changes!</p>
<h3>Breaking changes</h3>
<ul>
<li>
<p>Ruff now formats your code according to the 2026 style guide. See the
formatter section below or in the blog post for a detailed list of
changes.</p>
</li>
<li>
<p>The linter now supports block suppression comments. For example, to
suppress <code>N803</code> for all parameters in this function:</p>
<pre lang="python"><code># ruff: disable[N803]
def foo(
    legacyArg1,
    legacyArg2,
    legacyArg3,
    legacyArg4,
): ...
# ruff: enable[N803]
</code></pre>
<p>See the <a
href="https://docs.astral.sh/ruff/linter/#block-level">documentation</a>
for more details.</p>
</li>
<li>
<p>The <code>ruff:alpine</code> Docker image is now based on Alpine 3.23
(up from 3.21).</p>
</li>
<li>
<p>The <code>ruff:debian</code> and <code>ruff:debian-slim</code> Docker
images are now based on Debian 13 &quot;Trixie&quot; instead of Debian
12 &quot;Bookworm.&quot;</p>
</li>
<li>
<p>Binaries for the <code>ppc64</code> (64-bit big-endian PowerPC)
architecture are no longer included in our releases. It should still be
possible to build Ruff manually for this platform, if needed.</p>
</li>
<li>
<p>Ruff now resolves all <code>extend</code>ed configuration files
before falling back on a default Python version.</p>
</li>
</ul>
<h3>Stabilization</h3>
<p>The following rules have been stabilized and are no longer in
preview:</p>
<ul>
<li><a
href="https://docs.astral.sh/ruff/rules/blocking-http-call-httpx-in-async-function"><code>blocking-http-call-httpx-in-async-function</code></a>
(<code>ASYNC212</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/blocking-path-method-in-async-function"><code>blocking-path-method-in-async-function</code></a>
(<code>ASYNC240</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/blocking-input-in-async-function"><code>blocking-input-in-async-function</code></a>
(<code>ASYNC250</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/map-without-explicit-strict"><code>map-without-explicit-strict</code></a>
(<code>B912</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/if-exp-instead-of-or-operator"><code>if-exp-instead-of-or-operator</code></a>
(<code>FURB110</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/single-item-membership-test"><code>single-item-membership-test</code></a>
(<code>FURB171</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/missing-maxsplit-arg"><code>missing-maxsplit-arg</code></a>
(<code>PLC0207</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/unnecessary-lambda"><code>unnecessary-lambda</code></a>
(<code>PLW0108</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/unnecessary-empty-iterable-within-deque-call"><code>unnecessary-empty-iterable-within-deque-call</code></a>
(<code>RUF037</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/in-empty-collection"><code>in-empty-collection</code></a>
(<code>RUF060</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/legacy-form-pytest-raises"><code>legacy-form-pytest-raises</code></a>
(<code>RUF061</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/non-octal-permissions"><code>non-octal-permissions</code></a>
(<code>RUF064</code>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's
changelog</a>.</em></p>
<blockquote>
<h2>0.15.0</h2>
<p>Released on 2026-02-03.</p>
<p>Check out the <a href="https://astral.sh/blog/ruff-v0.15.0">blog
post</a> for a migration
guide and overview of the changes!</p>
<h3>Breaking changes</h3>
<ul>
<li>
<p>Ruff now formats your code according to the 2026 style guide. See the
formatter section below or in the blog post for a detailed list of
changes.</p>
</li>
<li>
<p>The linter now supports block suppression comments. For example, to
suppress <code>N803</code> for all parameters in this function:</p>
<pre lang="python"><code># ruff: disable[N803]
def foo(
    legacyArg1,
    legacyArg2,
    legacyArg3,
    legacyArg4,
): ...
# ruff: enable[N803]
</code></pre>
<p>See the <a
href="https://docs.astral.sh/ruff/linter/#block-level">documentation</a>
for more details.</p>
</li>
<li>
<p>The <code>ruff:alpine</code> Docker image is now based on Alpine 3.23
(up from 3.21).</p>
</li>
<li>
<p>The <code>ruff:debian</code> and <code>ruff:debian-slim</code> Docker
images are now based on Debian 13 &quot;Trixie&quot; instead of Debian
12 &quot;Bookworm.&quot;</p>
</li>
<li>
<p>Binaries for the <code>ppc64</code> (64-bit big-endian PowerPC)
architecture are no longer included in our releases. It should still be
possible to build Ruff manually for this platform, if needed.</p>
</li>
<li>
<p>Ruff now resolves all <code>extend</code>ed configuration files
before falling back on a default Python version.</p>
</li>
</ul>
<h3>Stabilization</h3>
<p>The following rules have been stabilized and are no longer in
preview:</p>
<ul>
<li><a
href="https://docs.astral.sh/ruff/rules/blocking-http-call-httpx-in-async-function"><code>blocking-http-call-httpx-in-async-function</code></a>
(<code>ASYNC212</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/blocking-path-method-in-async-function"><code>blocking-path-method-in-async-function</code></a>
(<code>ASYNC240</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/blocking-input-in-async-function"><code>blocking-input-in-async-function</code></a>
(<code>ASYNC250</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/map-without-explicit-strict"><code>map-without-explicit-strict</code></a>
(<code>B912</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/if-exp-instead-of-or-operator"><code>if-exp-instead-of-or-operator</code></a>
(<code>FURB110</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/single-item-membership-test"><code>single-item-membership-test</code></a>
(<code>FURB171</code>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/astral-sh/ruff/commit/ce5f7b6127a5d684e96fd0f8e387f73c41c7a1b0"><code>ce5f7b6</code></a>
Bump 0.15.0 (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23055">#23055</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/b4e40f539cdbafac8afd6e510994ca64c3b317b9"><code>b4e40f5</code></a>
[ty] Fix <code>__contains__</code> to respect descriptors (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23056">#23056</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/848cb72dc14b4c9409bf08e8323b4119d6b90005"><code>848cb72</code></a>
[ty] Fix narrowing of nonlocal variables with conditional assignments
(<a
href="https://redirect.github.com/astral-sh/ruff/issues/22966">#22966</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/da7f33af22c7da3f3cb9321f776dda4131dda3cb"><code>da7f33a</code></a>
[ty] Add a diagnostic for <code>Final</code> without assignment (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23001">#23001</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/e65f9a6b039fa411e5609a7bda9bb7ffd11e9b1a"><code>e65f9a6</code></a>
Document markdown formatting feature (<a
href="https://redirect.github.com/astral-sh/ruff/issues/22990">#22990</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/c0c1b985c9ec4b3570b0a28af69ad6776a3ec401"><code>c0c1b98</code></a>
Format markdown code blocks with line-by-line regex parse (<a
href="https://redirect.github.com/astral-sh/ruff/issues/22996">#22996</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/9f8f3e196bd6d4f2c572075536dd38b769c48087"><code>9f8f3e1</code></a>
Allow positional-only params with defaults in method overrides (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23037">#23037</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/ef83810e118e3e41aa6c63f87f8a8147363a3e56"><code>ef83810</code></a>
[ty] ecosystem-analyzer: Support bare git repositories (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23054">#23054</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/54dfee4cb800c0b0890b2b2c74c64cc45584194c"><code>54dfee4</code></a>
Customize where the <code>fix_title</code> sub-diagnostic appears (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23044">#23044</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/b53460799b592e5276e1d148d8a48469f396032e"><code>b534607</code></a>
2026 Ruff Formatter Style (<a
href="https://redirect.github.com/astral-sh/ruff/issues/22735">#22735</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/ruff/compare/v0.1.15...0.15.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ruff&package-manager=pip&previous-version=0.1.15&new-version=0.15.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: John Kennedy <65985482+jkennedyvz@users.noreply.github.com>
2026-02-07 18:09:10 -08:00
dependabot[bot] 5a6f73cdf6 Bump the npm_and_yarn group across 3 directories with 12 updates (#851)
Bumps the npm_and_yarn group with 6 updates in the
/langserve/chat_playground directory:

| Package | From | To |
| --- | --- | --- |
| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) |
`4.5.14` | `5.4.21` |
|
[@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers)
| `7.23.2` | `7.28.6` |
| [brace-expansion](https://github.com/juliangruber/brace-expansion) |
`1.1.11` | `1.1.12` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |
| [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` |
`4.0.8` |

Bumps the npm_and_yarn group with 6 updates in the /langserve/playground
directory:

| Package | From | To |
| --- | --- | --- |
| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) |
`4.5.14` | `5.4.21` |
|
[@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers)
| `7.23.2` | `7.28.6` |
| [brace-expansion](https://github.com/juliangruber/brace-expansion) |
`1.1.11` | `1.1.12` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |
| [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` |
`4.0.8` |

Bumps the npm_and_yarn group with 6 updates in the
/libs/langserve-playground directory:

| Package | From | To |
| --- | --- | --- |
| [brace-expansion](https://github.com/juliangruber/brace-expansion) |
`1.1.11` | `1.1.12` |
| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |
| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) |
`7.0.3` | `7.0.6` |
| [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` |
`4.0.8` |
| [rollup](https://github.com/rollup/rollup) | `3.29.4` | `3.29.5` |
| [tsup](https://github.com/egoist/tsup) | `7.2.0` | `8.3.5` |


Updates `lodash` from 4.17.21 to 4.17.23
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb"><code>dec55b7</code></a>
Bump main to v4.17.23 (<a
href="https://redirect.github.com/lodash/lodash/issues/6088">#6088</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117"><code>19c9251</code></a>
fix: setCacheHas JSDoc return type should be boolean (<a
href="https://redirect.github.com/lodash/lodash/issues/6071">#6071</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578"><code>b5e6729</code></a>
jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (<a
href="https://redirect.github.com/lodash/lodash/issues/6062">#6062</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81"><code>edadd45</code></a>
Prevent prototype pollution on baseUnset function</li>
<li><a
href="https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d"><code>4879a7a</code></a>
doc: fix autoLink function, conversion of source links (<a
href="https://redirect.github.com/lodash/lodash/issues/6056">#6056</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8"><code>9648f69</code></a>
chore: remove <code>yarn.lock</code> file (<a
href="https://redirect.github.com/lodash/lodash/issues/6053">#6053</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9"><code>dfa407d</code></a>
ci: remove legacy configuration files (<a
href="https://redirect.github.com/lodash/lodash/issues/6052">#6052</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64"><code>156e196</code></a>
feat: add renovate setup (<a
href="https://redirect.github.com/lodash/lodash/issues/6039">#6039</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce"><code>933e106</code></a>
ci: add pipeline for Bun (<a
href="https://redirect.github.com/lodash/lodash/issues/6023">#6023</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20"><code>072a807</code></a>
docs: update links related to Open JS Foundation (<a
href="https://redirect.github.com/lodash/lodash/issues/5968">#5968</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/lodash/lodash/compare/4.17.21...4.17.23">compare
view</a></li>
</ul>
</details>
<br />

Updates `vite` from 4.5.14 to 5.4.21
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v5.4.21</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v5.4.20</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v5.4.19</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v5.4.19/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.4.21 (2025-10-20)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix(dev): trim trailing slash before <code>server.fs.deny</code>
check (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968">#20968</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970">#20970</a>)
(<a
href="https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c">cad1d31</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20968">#20968</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/20970">#20970</a></li>
<li>chore: update CHANGELOG (<a
href="https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c">ca88ed7</a>)</li>
</ul>
<h2><!-- raw HTML omitted -->5.4.20 (2025-09-08)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: apply <code>fs.strict</code> check to HTML files (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736">#20736</a>)
(<a
href="https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea">482000f</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20736">#20736</a></li>
<li>fix: port sirv@3.0.2 changes to sirv@2.0.4 (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20737">#20737</a>)
(<a
href="https://github.com/vitejs/vite/commit/4f1c35bcbb5830290c694aa14b6789e07450f069">4f1c35b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20737">#20737</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.4.19 (2025-04-30)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965">#19965</a>,
check static serve file inside sirv (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966">#19966</a>)
(<a
href="https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0">766947e</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19965">#19965</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/19966">#19966</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.4.18 (2025-04-10)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830">#19830</a>,
reject requests with <code>#</code> in request-target (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831">#19831</a>)
(<a
href="https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f">823675b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19830">#19830</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/19831">#19831</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.4.17 (2025-04-03)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782">#19782</a>,
fs check with svg and relative paths (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19784">#19784</a>)
(<a
href="https://github.com/vitejs/vite/commit/84b2b46ed129be8215108e789a90adbb33a9c42c">84b2b46</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19782">#19782</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/19784">#19784</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.4.16 (2025-03-31)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761">#19761</a>,
fs check in transform middleware (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19762">#19762</a>)
(<a
href="https://github.com/vitejs/vite/commit/b627c50d359f3bd9b602408fbbf462cf4a2f019c">b627c50</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19761">#19761</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/19762">#19762</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.4.15 (2025-03-24)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19702">#19702</a>,
fs raw query with query separators (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19703">#19703</a>)
(<a
href="https://github.com/vitejs/vite/commit/807d7f06d33ab49c48a2a3501da3eea1906c0d41">807d7f0</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19702">#19702</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/19703">#19703</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.4.14 (2025-01-21)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: <code>preview.allowedHosts</code> with specific values was not
respected (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19246">#19246</a>)
(<a
href="https://github.com/vitejs/vite/commit/9df6e6beabf0d18988ec13b8b742d2aba29662f9">9df6e6b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19246">#19246</a></li>
<li>fix: allow CORS from loopback addresses by default (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19249">#19249</a>)
(<a
href="https://github.com/vitejs/vite/commit/7d1699ccf673e2790704756d89d2e1e4ee478fb4">7d1699c</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19249">#19249</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitejs/vite/commit/adce3c22c64cc9d44cc8f45cc92b543e3e4bf385"><code>adce3c2</code></a>
release: v5.4.21</li>
<li><a
href="https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c"><code>cad1d31</code></a>
fix(dev): trim trailing slash before <code>server.fs.deny</code> check
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968">#20968</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970">#20970</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c"><code>ca88ed7</code></a>
chore: update CHANGELOG</li>
<li><a
href="https://github.com/vitejs/vite/commit/997700f01c7199daf7330d33a7fd3a43b2e9e3ba"><code>997700f</code></a>
release: v5.4.20</li>
<li><a
href="https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea"><code>482000f</code></a>
fix: apply <code>fs.strict</code> check to HTML files (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736">#20736</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/80a333a23103ced0442d4463d1191433d90f5e19"><code>80a333a</code></a>
release: v5.4.19</li>
<li><a
href="https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0"><code>766947e</code></a>
fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965">#19965</a>,
check static serve file inside sirv (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966">#19966</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/731b77d19d36f5682a5441b49cb2f6473389ad99"><code>731b77d</code></a>
release: v5.4.18</li>
<li><a
href="https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f"><code>823675b</code></a>
fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830">#19830</a>,
reject requests with <code>#</code> in request-target (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831">#19831</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/0a2518a98d2354c61ee8ef51f7d00fa92aebb511"><code>0a2518a</code></a>
release: v5.4.17</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite/commits/v5.4.21/packages/vite">compare
view</a></li>
</ul>
</details>
<br />

Updates `@babel/helpers` from 7.23.2 to 7.28.6
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/babel/babel/releases"><code>@​babel/helpers</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v7.28.6 (2026-01-12)</h2>
<p>Thanks <a
href="https://github.com/kadhirash"><code>@​kadhirash</code></a> and <a
href="https://github.com/kolvian"><code>@​kolvian</code></a> for your
first PRs!</p>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-cli</code>, <code>babel-code-frame</code>,
<code>babel-core</code>,
<code>babel-helper-check-duplicate-nodes</code>,
<code>babel-helper-fixtures</code>,
<code>babel-helper-plugin-utils</code>, <code>babel-node</code>,
<code>babel-plugin-transform-flow-comments</code>,
<code>babel-plugin-transform-modules-commonjs</code>,
<code>babel-plugin-transform-property-mutators</code>,
<code>babel-preset-env</code>, <code>babel-traverse</code>,
<code>babel-types</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17589">#17589</a>
Improve Unicode handling in code-frame tokenizer (<a
href="https://github.com/JLHwung"><code>@​JLHwung</code></a>)</li>
</ul>
</li>
<li><code>babel-plugin-transform-regenerator</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17556">#17556</a>
fix: <code>transform-regenerator</code> correctly handles scope (<a
href="https://github.com/liuxingbaoyu"><code>@​liuxingbaoyu</code></a>)</li>
</ul>
</li>
<li><code>babel-plugin-transform-react-jsx</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17538">#17538</a>
fix: Keep jsx comments (<a
href="https://github.com/liuxingbaoyu"><code>@​liuxingbaoyu</code></a>)</li>
</ul>
</li>
</ul>
<h4>💅 Polish</h4>
<ul>
<li><code>babel-core</code>, <code>babel-standalone</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17606">#17606</a>
Polish(standalone): improve message on invalid preset/plugin (<a
href="https://github.com/JLHwung"><code>@​JLHwung</code></a>)</li>
</ul>
</li>
</ul>
<h4>🏠 Internal</h4>
<ul>

<li><code>babel-plugin-bugfix-v8-static-class-fields-redefine-readonly</code>,
<code>babel-plugin-proposal-decorators</code>,
<code>babel-plugin-proposal-import-attributes-to-assertions</code>,
<code>babel-plugin-proposal-import-wasm-source</code>,
<code>babel-plugin-syntax-async-do-expressions</code>,
<code>babel-plugin-syntax-decorators</code>,
<code>babel-plugin-syntax-destructuring-private</code>,
<code>babel-plugin-syntax-do-expressions</code>,
<code>babel-plugin-syntax-explicit-resource-management</code>,
<code>babel-plugin-syntax-export-default-from</code>,
<code>babel-plugin-syntax-flow</code>,
<code>babel-plugin-syntax-function-bind</code>,
<code>babel-plugin-syntax-function-sent</code>,
<code>babel-plugin-syntax-import-assertions</code>,
<code>babel-plugin-syntax-import-attributes</code>,
<code>babel-plugin-syntax-import-defer</code>,
<code>babel-plugin-syntax-import-source</code>,
<code>babel-plugin-syntax-jsx</code>,
<code>babel-plugin-syntax-module-blocks</code>,
<code>babel-plugin-syntax-optional-chaining-assign</code>,
<code>babel-plugin-syntax-partial-application</code>,
<code>babel-plugin-syntax-pipeline-operator</code>,
<code>babel-plugin-syntax-throw-expressions</code>,
<code>babel-plugin-syntax-typescript</code>,
<code>babel-plugin-transform-async-generator-functions</code>,
<code>babel-plugin-transform-async-to-generator</code>,
<code>babel-plugin-transform-class-properties</code>,
<code>babel-plugin-transform-class-static-block</code>,
<code>babel-plugin-transform-dotall-regex</code>,
<code>babel-plugin-transform-duplicate-named-capturing-groups-regex</code>,
<code>babel-plugin-transform-explicit-resource-management</code>,
<code>babel-plugin-transform-exponentiation-operator</code>,
<code>babel-plugin-transform-json-strings</code>,
<code>babel-plugin-transform-logical-assignment-operators</code>,
<code>babel-plugin-transform-nullish-coalescing-operator</code>,
<code>babel-plugin-transform-numeric-separator</code>,
<code>babel-plugin-transform-object-rest-spread</code>,
<code>babel-plugin-transform-optional-catch-binding</code>,
<code>babel-plugin-transform-optional-chaining</code>,
<code>babel-plugin-transform-private-methods</code>,
<code>babel-plugin-transform-private-property-in-object</code>,
<code>babel-plugin-transform-regexp-modifiers</code>,
<code>babel-plugin-transform-unicode-property-regex</code>,
<code>babel-plugin-transform-unicode-sets-regex</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17580">#17580</a>
Allow Babel 8 in compatible Babel 7 plugins (<a
href="https://github.com/nicolo-ribaudo"><code>@​nicolo-ribaudo</code></a>)</li>
</ul>
</li>
</ul>
<h4>🏃‍♀️ Performance</h4>
<ul>
<li><code>babel-plugin-transform-react-jsx</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17555">#17555</a>
perf: Use lighter traversal for jsx <code>__source,__self</code> (<a
href="https://github.com/liuxingbaoyu"><code>@​liuxingbaoyu</code></a>)</li>
</ul>
</li>
</ul>
<h4>Committers: 7</h4>
<ul>
<li>Babel Bot (<a
href="https://github.com/babel-bot"><code>@​babel-bot</code></a>)</li>
<li>Eliot Pontarelli (<a
href="https://github.com/kolvian"><code>@​kolvian</code></a>)</li>
<li>Huáng Jùnliàng (<a
href="https://github.com/JLHwung"><code>@​JLHwung</code></a>)</li>
<li>Kadhirash Sivakumar (<a
href="https://github.com/kadhirash"><code>@​kadhirash</code></a>)</li>
<li>Nicolò Ribaudo (<a
href="https://github.com/nicolo-ribaudo"><code>@​nicolo-ribaudo</code></a>)</li>
<li><a
href="https://github.com/liuxingbaoyu"><code>@​liuxingbaoyu</code></a></li>
<li>coderaiser (<a
href="https://github.com/coderaiser"><code>@​coderaiser</code></a>)</li>
</ul>
<h2>v7.28.5 (2025-10-23)</h2>
<p>Thank you <a
href="https://github.com/CO0Ki3"><code>@​CO0Ki3</code></a>, <a
href="https://github.com/Olexandr88"><code>@​Olexandr88</code></a>, and
<a href="https://github.com/youthfulhps"><code>@​youthfulhps</code></a>
for your first PRs!</p>
<h4>👓 Spec Compliance</h4>
<ul>
<li><code>babel-parser</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17446">#17446</a>
Allow <code>Runtime Errors for Function Call Assignment Targets</code>
(<a
href="https://github.com/liuxingbaoyu"><code>@​liuxingbaoyu</code></a>)</li>
</ul>
</li>
<li><code>babel-helper-validator-identifier</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17501">#17501</a>
fix: update identifier to unicode 17 (<a
href="https://github.com/fisker"><code>@​fisker</code></a>)</li>
</ul>
</li>
</ul>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-plugin-proposal-destructuring-private</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17534">#17534</a>
Allow mixing private destructuring and rest (<a
href="https://github.com/CO0Ki3"><code>@​CO0Ki3</code></a>)</li>
</ul>
</li>
<li><code>babel-parser</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17521">#17521</a>
Improve <code>@babel/parser</code> error typing (<a
href="https://github.com/JLHwung"><code>@​JLHwung</code></a>)</li>
<li><a
href="https://redirect.github.com/babel/babel/pull/17491">#17491</a>
fix: improve ts-only declaration parsing (<a
href="https://github.com/JLHwung"><code>@​JLHwung</code></a>)</li>
</ul>
</li>
<li><code>babel-plugin-proposal-discard-binding</code>,
<code>babel-plugin-transform-destructuring</code></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17"><code>d7f4008</code></a>
v7.28.6</li>
<li><a
href="https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177"><code>99dcba5</code></a>
chore: enable some ts-eslint rules (<a
href="https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592">#17592</a>)</li>
<li><a
href="https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23"><code>c1b55f6</code></a>
Use <code>eslint.config.mts</code> (<a
href="https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573">#17573</a>)</li>
<li><a
href="https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f"><code>35055e3</code></a>
v7.28.4</li>
<li><a
href="https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c"><code>18d88b8</code></a>
Improve <code>@​babel/core</code> typings (<a
href="https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471">#17471</a>)</li>
<li><a
href="https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2"><code>ef155f5</code></a>
v7.28.3</li>
<li><a
href="https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a"><code>741cbd2</code></a>
chore: fix various typos across codebase (<a
href="https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476">#17476</a>)</li>
<li><a
href="https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6"><code>cac0ff4</code></a>
v7.28.2</li>
<li><a
href="https://github.com/babel/babel/commit/f743094585b39bd9f7a9e3a3561215b2103e2474"><code>f743094</code></a>
fix: <code>regeneratorDefine</code> compatibility with es5 strict mode
(<a
href="https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17441">#17441</a>)</li>
<li><a
href="https://github.com/babel/babel/commit/baa4cb8b9f8a551d7dae9042b19ea2f74df6b110"><code>baa4cb8</code></a>
v7.27.6</li>
<li>Additional commits viewable in <a
href="https://github.com/babel/babel/commits/v7.28.6/packages/babel-helpers">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for <code>@​babel/helpers</code> since your
current version.</p>
</details>
<br />

Updates `brace-expansion` from 1.1.11 to 1.1.12
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/juliangruber/brace-expansion/releases">brace-expansion's
releases</a>.</em></p>
<blockquote>
<h2>v1.1.12</h2>
<ul>
<li>pkg: publish on tag 1.x  c460dbd</li>
<li>fmt  ccb8ac6</li>
<li>Fix potential ReDoS Vulnerability or Inefficient Regular Expression
(<a
href="https://redirect.github.com/juliangruber/brace-expansion/issues/65">#65</a>)
c3c73c8</li>
</ul>
<hr />
<p><a
href="https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12">https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711"><code>44f33b4</code></a>
1.1.12</li>
<li><a
href="https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570"><code>c460dbd</code></a>
pkg: publish on tag 1.x</li>
<li><a
href="https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f"><code>ccb8ac6</code></a>
fmt</li>
<li><a
href="https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217"><code>c3c73c8</code></a>
Fix potential ReDoS Vulnerability or Inefficient Regular Expression (<a
href="https://redirect.github.com/juliangruber/brace-expansion/issues/65">#65</a>)</li>
<li>See full diff in <a
href="https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12">compare
view</a></li>
</ul>
</details>
<br />

Updates `esbuild` from 0.18.20 to 0.21.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/releases">esbuild's
releases</a>.</em></p>
<blockquote>
<h2>v0.21.5</h2>
<ul>
<li>
<p>Fix <code>Symbol.metadata</code> on classes without a class decorator
(<a
href="https://redirect.github.com/evanw/esbuild/issues/3781">#3781</a>)</p>
<p>This release fixes a bug with esbuild's support for the <a
href="https://github.com/tc39/proposal-decorator-metadata">decorator
metadata proposal</a>. Previously esbuild only added the
<code>Symbol.metadata</code> property to decorated classes if there was
a decorator on the class element itself. However, the proposal says that
the <code>Symbol.metadata</code> property should be present on all
classes that have any decorators at all, not just those with a decorator
on the class element itself.</p>
</li>
<li>
<p>Allow unknown import attributes to be used with the <code>copy</code>
loader (<a
href="https://redirect.github.com/evanw/esbuild/issues/3792">#3792</a>)</p>
<p>Import attributes (the <code>with</code> keyword on
<code>import</code> statements) are allowed to alter how that path is
loaded. For example, esbuild cannot assume that it knows how to load
<code>./bagel.js</code> as type <code>bagel</code>:</p>
<pre lang="js"><code>// This is an error with &quot;--bundle&quot;
without also using &quot;--external:./bagel.js&quot;
import tasty from &quot;./bagel.js&quot; with { type: &quot;bagel&quot;
}
</code></pre>
<p>Because of that, bundling this code with esbuild is an error unless
the file <code>./bagel.js</code> is external to the bundle (such as with
<code>--bundle --external:./bagel.js</code>).</p>
<p>However, there is an additional case where it's ok for esbuild to
allow this: if the file is loaded using the <code>copy</code> loader.
That's because the <code>copy</code> loader behaves similarly to
<code>--external</code> in that the file is left external to the bundle.
The difference is that the <code>copy</code> loader copies the file into
the output folder and rewrites the import path while
<code>--external</code> doesn't. That means the following will now work
with the <code>copy</code> loader (such as with <code>--bundle
--loader:.bagel=copy</code>):</p>
<pre lang="js"><code>// This is no longer an error with
&quot;--bundle&quot; and &quot;--loader:.bagel=copy&quot;
import tasty from &quot;./tasty.bagel&quot; with { type:
&quot;bagel&quot; }
</code></pre>
</li>
<li>
<p>Support import attributes with glob-style imports (<a
href="https://redirect.github.com/evanw/esbuild/issues/3797">#3797</a>)</p>
<p>This release adds support for import attributes (the
<code>with</code> option) to glob-style imports (dynamic imports with
certain string literal patterns as paths). These imports previously
didn't support import attributes due to an oversight. So code like this
will now work correctly:</p>
<pre lang="ts"><code>async function loadLocale(locale: string): Locale {
const data = await import(`./locales/${locale}.data`, { with: { type:
'json' } })
  return unpackLocale(locale, data)
}
</code></pre>
<p>Previously this didn't work even though esbuild normally supports
forcing the JSON loader using an import attribute. Attempting to do this
used to result in the following error:</p>
<pre><code>✘ [ERROR] No loader is configured for &quot;.data&quot;
files: locales/en-US.data
<pre><code>example.ts:2:28:
2 │ const data = await import(`./locales/${locale}.data`, { with: {
type: 'json' } })
    ╵                             ~~~~~~~~~~~~~~~~~~~~~~~~~~
</code></pre>
<p></code></pre></p>
<p>In addition, this change means plugins can now access the contents of
<code>with</code> for glob-style imports.</p>
</li>
<li>
<p>Support <code>${configDir}</code> in <code>tsconfig.json</code> files
(<a
href="https://redirect.github.com/evanw/esbuild/issues/3782">#3782</a>)</p>
<p>This adds support for a new feature from the upcoming TypeScript 5.5
release. The character sequence <code>${configDir}</code> is now
respected at the start of <code>baseUrl</code> and <code>paths</code>
values, which are used by esbuild during bundling to correctly map
import paths to file system paths. This feature lets base
<code>tsconfig.json</code> files specified via <code>extends</code>
refer to the directory of the top-level <code>tsconfig.json</code> file.
Here is an example:</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/blob/main/CHANGELOG-2023.md">esbuild's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog: 2023</h1>
<p>This changelog documents all esbuild versions published in the year
2023 (versions 0.16.13 through 0.19.11).</p>
<h2>0.19.11</h2>
<ul>
<li>
<p>Fix TypeScript-specific class transform edge case (<a
href="https://redirect.github.com/evanw/esbuild/issues/3559">#3559</a>)</p>
<p>The previous release introduced an optimization that avoided
transforming <code>super()</code> in the class constructor for
TypeScript code compiled with <code>useDefineForClassFields</code> set
to <code>false</code> if all class instance fields have no initializers.
The rationale was that in this case, all class instance fields are
omitted in the output so no changes to the constructor are needed.
However, if all of this is the case <em>and</em> there are
<code>#private</code> instance fields with initializers, those private
instance field initializers were still being moved into the constructor.
This was problematic because they were being inserted before the call to
<code>super()</code> (since <code>super()</code> is now no longer
transformed in that case). This release introduces an additional
optimization that avoids moving the private instance field initializers
into the constructor in this edge case, which generates smaller code,
matches the TypeScript compiler's output more closely, and avoids this
bug:</p>
<pre lang="ts"><code>// Original code
class Foo extends Bar {
  #private = 1;
  public: any;
  constructor() {
    super();
  }
}
<p>// Old output (with esbuild v0.19.9)
class Foo extends Bar {
constructor() {
super();
this.#private = 1;
}
#private;
}</p>
<p>// Old output (with esbuild v0.19.10)
class Foo extends Bar {
constructor() {
this.#private = 1;
super();
}
#private;
}</p>
<p>// New output
class Foo extends Bar {
#private = 1;
constructor() {
super();
}
}
</code></pre></p>
</li>
<li>
<p>Minifier: allow reording a primitive past a side-effect (<a
href="https://redirect.github.com/evanw/esbuild/issues/3568">#3568</a>)</p>
<p>The minifier previously allowed reordering a side-effect past a
primitive, but didn't handle the case of reordering a primitive past a
side-effect. This additional case is now handled:</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/evanw/esbuild/commit/fc37c2fa9de2ad77476a6d4a8f1516196b90187e"><code>fc37c2f</code></a>
publish 0.21.5 to npm</li>
<li><a
href="https://github.com/evanw/esbuild/commit/cb119249a19603b12fdf8df1c5a81c21420a1cb0"><code>cb11924</code></a>
fix <code>Symbol.metadata</code> errors in decorator tests</li>
<li><a
href="https://github.com/evanw/esbuild/commit/b93a2a95ac697f4aa01471e0a383a25626f1998e"><code>b93a2a9</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3781">#3781</a>:
add metadata to all decorated classes</li>
<li><a
href="https://github.com/evanw/esbuild/commit/953dae945b265df7d9728dbd961f7a27dce941cd"><code>953dae9</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3797">#3797</a>:
import attributes and glob-style import</li>
<li><a
href="https://github.com/evanw/esbuild/commit/98cb2ed72cfc4187f45fe1a6abe5417ad613356b"><code>98cb2ed</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3782">#3782</a>:
support <code>${configDir}</code> in tsconfig.json</li>
<li><a
href="https://github.com/evanw/esbuild/commit/8e6603b83f6be8de8204a7c5af755874f8b8da68"><code>8e6603b</code></a>
run <code>make update-compat-table</code></li>
<li><a
href="https://github.com/evanw/esbuild/commit/db1b8ca20f26091fbaebd5b4a8ce950de984e750"><code>db1b8ca</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3792">#3792</a>:
import attributes and the <code>copy</code> loader</li>
<li><a
href="https://github.com/evanw/esbuild/commit/de572d0e5363fef5457d3581ec340e481b139152"><code>de572d0</code></a>
fix non-deterministic import attribute plugin test</li>
<li><a
href="https://github.com/evanw/esbuild/commit/ae8d1b4f307b290bde0f17aceb51dd6f62eac64c"><code>ae8d1b4</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3794">#3794</a>:
<code>--supported:object-accessors=false</code></li>
<li><a
href="https://github.com/evanw/esbuild/commit/67cbf87a4909d87a902ca8c3b69ab5330defab0a"><code>67cbf87</code></a>
publish 0.21.4 to npm</li>
<li>Additional commits viewable in <a
href="https://github.com/evanw/esbuild/compare/v0.18.20...v0.21.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `js-yaml` from 4.1.0 to 4.1.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md">js-yaml's
changelog</a>.</em></p>
<blockquote>
<h2>[4.1.1] - 2025-11-12</h2>
<h3>Security</h3>
<ul>
<li>Fix prototype pollution issue in yaml merge (&lt;&lt;)
operator.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a"><code>cc482e7</code></a>
4.1.1 released</li>
<li><a
href="https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f"><code>50968b8</code></a>
dist rebuild</li>
<li><a
href="https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b"><code>d092d86</code></a>
lint fix</li>
<li><a
href="https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879"><code>383665f</code></a>
fix prototype pollution in merge (&lt;&lt;)</li>
<li><a
href="https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976"><code>0d3ca7a</code></a>
README.md: HTTP =&gt; HTTPS (<a
href="https://redirect.github.com/nodeca/js-yaml/issues/678">#678</a>)</li>
<li><a
href="https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b"><code>49baadd</code></a>
doc: 'empty' style option for !!null</li>
<li><a
href="https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce"><code>ba3460e</code></a>
Fix demo link (<a
href="https://redirect.github.com/nodeca/js-yaml/issues/618">#618</a>)</li>
<li>See full diff in <a
href="https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `micromatch` from 4.0.5 to 4.0.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/micromatch/releases">micromatch's
releases</a>.</em></p>
<blockquote>
<h2>4.0.8</h2>
<p>Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We
consider the issues low-priority, so even if you see automated scanners
saying otherwise, don't be scared.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md">micromatch's
changelog</a>.</em></p>
<blockquote>
<h2>[4.0.8] - 2024-08-22</h2>
<ul>
<li>backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch</li>
</ul>
<h2>[4.0.7] - 2024-05-22</h2>
<ul>
<li>this is basically v4.0.5, with some README updates</li>
<li><strong>it is vulnerable to CVE-2024-4067</strong></li>
<li>Updated braces to v3.0.3 to avoid CVE-2024-4068</li>
<li>does NOT break API compatibility</li>
</ul>
<h2>[4.0.6] - 2024-05-21</h2>
<ul>
<li>Added <code>hasBraces</code> to check if a pattern contains
braces.</li>
<li>Fixes CVE-2024-4067</li>
<li><strong>BREAKS API COMPATIBILITY</strong></li>
<li>Should be labeled as a major release, but it's not.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micromatch/micromatch/commit/8bd704ec0d9894693d35da425d827819916be920"><code>8bd704e</code></a>
4.0.8</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/a0e68416a44da10f3e4e30845ab95af4fd286d5a"><code>a0e6841</code></a>
run verb to generate README documentation</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/4ec288484f6e8cccf597ad3d43529c31d0f7a02a"><code>4ec2884</code></a>
Merge branch 'v4' into hauserkristof-feature/v4.0.8</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/03aa8052171e878897eee5d7bb2ae0ae83ec2ade"><code>03aa805</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/micromatch/issues/266">#266</a>
from hauserkristof/feature/v4.0.8</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/814f5f70efcd100ca9d29198867812a3d6ab91a8"><code>814f5f7</code></a>
lint</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/67fcce6a1077c2faf5ad0c5f998fa70202cc5dae"><code>67fcce6</code></a>
fix: CHANGELOG about braces &amp; CVE-2024-4068, v4.0.5</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/113f2e3fa7cb30b429eda7c4c38475a8e8ba1b30"><code>113f2e3</code></a>
fix: CVE numbers in CHANGELOG</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/d9dbd9a266686f44afb38da26fe016f96d1ec04f"><code>d9dbd9a</code></a>
feat: updated CHANGELOG</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/2ab13157f416679f54e3a32b1425e184bd16749e"><code>2ab1315</code></a>
fix: use actions/setup-node@v4</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/1406ea38f3e24b29f4d4f46908d5cffcb3e6c4ce"><code>1406ea3</code></a>
feat: rework test to work on macos with node 10,12 and 14</li>
<li>Additional commits viewable in <a
href="https://github.com/micromatch/micromatch/compare/4.0.5...4.0.8">compare
view</a></li>
</ul>
</details>
<br />

Updates `nanoid` from 3.3.6 to 3.3.11
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ai/nanoid/releases">nanoid's
releases</a>.</em></p>
<blockquote>
<h2>3.3.11</h2>
<ul>
<li>Fixed React Native support.</li>
</ul>
<h2>3.3.10</h2>
<ul>
<li>Fixed React Native support (by <a
href="https://github.com/steida"><code>@​steida</code></a>).</li>
</ul>
<h2>3.3.9</h2>
<ul>
<li>Reduced npm package size.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ai/nanoid/blob/main/CHANGELOG.md">nanoid's
changelog</a>.</em></p>
<blockquote>
<h2>3.3.11</h2>
<ul>
<li>Fixed React Native support.</li>
</ul>
<h2>3.3.10</h2>
<ul>
<li>Fixed React Native support (by <a
href="https://github.com/steida"><code>@​steida</code></a>).</li>
</ul>
<h2>3.3.9</h2>
<ul>
<li>Reduced npm package size.</li>
</ul>
<h2>3.3.8</h2>
<ul>
<li>Fixed a way to break Nano ID by passing non-integer size (by <a
href="https://github.com/myndzi"><code>@​myndzi</code></a>).</li>
</ul>
<h2>3.3.7</h2>
<ul>
<li>Fixed <code>node16</code> TypeScript support (by Saadi
Myftija).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ai/nanoid/commit/37289ceee51a3194a1f121a1e5d2bbb864076b74"><code>37289ce</code></a>
Release 3.3.11 version</li>
<li><a
href="https://github.com/ai/nanoid/commit/23690b77719ec8043c2509d28c1d74b0e2295b75"><code>23690b7</code></a>
Fix CI</li>
<li><a
href="https://github.com/ai/nanoid/commit/c147962de7f5da3311a0e731030a28f49c5266a3"><code>c147962</code></a>
Fix RN support</li>
<li><a
href="https://github.com/ai/nanoid/commit/a83734e28fa071f51fe3614a5fb891f08a4b91b2"><code>a83734e</code></a>
Move to manually ESM/CJS dual package</li>
<li><a
href="https://github.com/ai/nanoid/commit/bb12e8a6f9c37ebe0b5ff2c697b8f9dcf34c8948"><code>bb12e8a</code></a>
Release 3.3.10 version</li>
<li><a
href="https://github.com/ai/nanoid/commit/8f44264cd724080447f40620974163f1daca4612"><code>8f44264</code></a>
Fix Expo support</li>
<li><a
href="https://github.com/ai/nanoid/commit/adf9b0c05eeeebbbf391c16bbd93da2fc275e235"><code>adf9b0c</code></a>
Release 3.3.9 version</li>
<li><a
href="https://github.com/ai/nanoid/commit/1c6f08825b4f17c4462bd1c19dbc3f1c5626b76f"><code>1c6f088</code></a>
Remove dev file from npm package</li>
<li><a
href="https://github.com/ai/nanoid/commit/3044cd5e73f4cf31795f61f6e6b961c8c0a5c744"><code>3044cd5</code></a>
Release 3.3.8 version</li>
<li><a
href="https://github.com/ai/nanoid/commit/4fe34959c34e5b3573889ed4f24fe91d1d3e7231"><code>4fe3495</code></a>
Update size limit</li>
<li>Additional commits viewable in <a
href="https://github.com/ai/nanoid/compare/3.3.6...3.3.11">compare
view</a></li>
</ul>
</details>
<br />

Updates `lodash` from 4.17.21 to 4.17.23
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb"><code>dec55b7</code></a>
Bump main to v4.17.23 (<a
href="https://redirect.github.com/lodash/lodash/issues/6088">#6088</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117"><code>19c9251</code></a>
fix: setCacheHas JSDoc return type should be boolean (<a
href="https://redirect.github.com/lodash/lodash/issues/6071">#6071</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578"><code>b5e6729</code></a>
jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (<a
href="https://redirect.github.com/lodash/lodash/issues/6062">#6062</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81"><code>edadd45</code></a>
Prevent prototype pollution on baseUnset function</li>
<li><a
href="https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d"><code>4879a7a</code></a>
doc: fix autoLink function, conversion of source links (<a
href="https://redirect.github.com/lodash/lodash/issues/6056">#6056</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8"><code>9648f69</code></a>
chore: remove <code>yarn.lock</code> file (<a
href="https://redirect.github.com/lodash/lodash/issues/6053">#6053</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9"><code>dfa407d</code></a>
ci: remove legacy configuration files (<a
href="https://redirect.github.com/lodash/lodash/issues/6052">#6052</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64"><code>156e196</code></a>
feat: add renovate setup (<a
href="https://redirect.github.com/lodash/lodash/issues/6039">#6039</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce"><code>933e106</code></a>
ci: add pipeline for Bun (<a
href="https://redirect.github.com/lodash/lodash/issues/6023">#6023</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20"><code>072a807</code></a>
docs: update links related to Open JS Foundation (<a
href="https://redirect.github.com/lodash/lodash/issues/5968">#5968</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/lodash/lodash/compare/4.17.21...4.17.23">compare
view</a></li>
</ul>
</details>
<br />

Updates `vite` from 4.5.14 to 5.4.21
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v5.4.21</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v5.4.20</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v5.4.19</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v5.4.19/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.4.21 (2025-10-20)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix(dev): trim trailing slash before <code>server.fs.deny</code>
check (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968">#20968</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970">#20970</a>)
(<a
href="https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c">cad1d31</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20968">#20968</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/20970">#20970</a></li>
<li>chore: update CHANGELOG (<a
href="https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c">ca88ed7</a>)</li>
</ul>
<h2><!-- raw HTML omitted -->5.4.20 (2025-09-08)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: apply <code>fs.strict</code> check to HTML files (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736">#20736</a>)
(<a
href="https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea">482000f</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20736">#20736</a></li>
<li>fix: port sirv@3.0.2 changes to sirv@2.0.4 (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20737">#20737</a>)
(<a
href="https://github.com/vitejs/vite/commit/4f1c35bcbb5830290c694aa14b6789e07450f069">4f1c35b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/20737">#20737</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.4.19 (2025-04-30)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965">#19965</a>,
check static serve file inside sirv (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966">#19966</a>)
(<a
href="https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0">766947e</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19965">#19965</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/19966">#19966</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.4.18 (2025-04-10)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830">#19830</a>,
reject requests with <code>#</code> in request-target (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831">#19831</a>)
(<a
href="https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f">823675b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19830">#19830</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/19831">#19831</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.4.17 (2025-04-03)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782">#19782</a>,
fs check with svg and relative paths (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19784">#19784</a>)
(<a
href="https://github.com/vitejs/vite/commit/84b2b46ed129be8215108e789a90adbb33a9c42c">84b2b46</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19782">#19782</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/19784">#19784</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.4.16 (2025-03-31)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761">#19761</a>,
fs check in transform middleware (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19762">#19762</a>)
(<a
href="https://github.com/vitejs/vite/commit/b627c50d359f3bd9b602408fbbf462cf4a2f019c">b627c50</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19761">#19761</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/19762">#19762</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.4.15 (2025-03-24)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19702">#19702</a>,
fs raw query with query separators (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19703">#19703</a>)
(<a
href="https://github.com/vitejs/vite/commit/807d7f06d33ab49c48a2a3501da3eea1906c0d41">807d7f0</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19702">#19702</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/19703">#19703</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.4.14 (2025-01-21)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: <code>preview.allowedHosts</code> with specific values was not
respected (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19246">#19246</a>)
(<a
href="https://github.com/vitejs/vite/commit/9df6e6beabf0d18988ec13b8b742d2aba29662f9">9df6e6b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19246">#19246</a></li>
<li>fix: allow CORS from loopback addresses by default (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19249">#19249</a>)
(<a
href="https://github.com/vitejs/vite/commit/7d1699ccf673e2790704756d89d2e1e4ee478fb4">7d1699c</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/19249">#19249</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitejs/vite/commit/adce3c22c64cc9d44cc8f45cc92b543e3e4bf385"><code>adce3c2</code></a>
release: v5.4.21</li>
<li><a
href="https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c"><code>cad1d31</code></a>
fix(dev): trim trailing slash before <code>server.fs.deny</code> check
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968">#20968</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970">#20970</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c"><code>ca88ed7</code></a>
chore: update CHANGELOG</li>
<li><a
href="https://github.com/vitejs/vite/commit/997700f01c7199daf7330d33a7fd3a43b2e9e3ba"><code>997700f</code></a>
release: v5.4.20</li>
<li><a
href="https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea"><code>482000f</code></a>
fix: apply <code>fs.strict</code> check to HTML files (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736">#20736</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/80a333a23103ced0442d4463d1191433d90f5e19"><code>80a333a</code></a>
release: v5.4.19</li>
<li><a
href="https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0"><code>766947e</code></a>
fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965">#19965</a>,
check static serve file inside sirv (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966">#19966</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/731b77d19d36f5682a5441b49cb2f6473389ad99"><code>731b77d</code></a>
release: v5.4.18</li>
<li><a
href="https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f"><code>823675b</code></a>
fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830">#19830</a>,
reject requests with <code>#</code> in request-target (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831">#19831</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/0a2518a98d2354c61ee8ef51f7d00fa92aebb511"><code>0a2518a</code></a>
release: v5.4.17</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite/commits/v5.4.21/packages/vite">compare
view</a></li>
</ul>
</details>
<br />

Updates `@babel/helpers` from 7.23.2 to 7.28.6
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/babel/babel/releases"><code>@​babel/helpers</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v7.28.6 (2026-01-12)</h2>
<p>Thanks <a
href="https://github.com/kadhirash"><code>@​kadhirash</code></a> and <a
href="https://github.com/kolvian"><code>@​kolvian</code></a> for your
first PRs!</p>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-cli</code>, <code>babel-code-frame</code>,
<code>babel-core</code>,
<code>babel-helper-check-duplicate-nodes</code>,
<code>babel-helper-fixtures</code>,
<code>babel-helper-plugin-utils</code>, <code>babel-node</code>,
<code>babel-plugin-transform-flow-comments</code>,
<code>babel-plugin-transform-modules-commonjs</code>,
<code>babel-plugin-transform-property-mutators</code>,
<code>babel-preset-env</code>, <code>babel-traverse</code>,
<code>babel-types</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17589">#17589</a>
Improve Unicode handling in code-frame tokenizer (<a
href="https://github.com/JLHwung"><code>@​JLHwung</code></a>)</li>
</ul>
</li>
<li><code>babel-plugin-transform-regenerator</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17556">#17556</a>
fix: <code>transform-regenerator</code> correctly handles scope (<a
href="https://github.com/liuxingbaoyu"><code>@​liuxingbaoyu</code></a>)</li>
</ul>
</li>
<li><code>babel-plugin-transform-react-jsx</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17538">#17538</a>
fix: Keep jsx comments (<a
href="https://github.com/liuxingbaoyu"><code>@​liuxingbaoyu</code></a>)</li>
</ul>
</li>
</ul>
<h4>💅 Polish</h4>
<ul>
<li><code>babel-core</code>, <code>babel-standalone</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17606">#17606</a>
Polish(standalone): improve message on invalid preset/plugin (<a
href="https://github.com/JLHwung"><code>@​JLHwung</code></a>)</li>
</ul>
</li>
</ul>
<h4>🏠 Internal</h4>
<ul>

<li><code>babel-plugin-bugfix-v8-static-class-fields-redefine-readonly</code>,
<code>babel-plugin-proposal-decorators</code>,
<code>babel-plugin-proposal-import-attributes-to-assertions</code>,
<code>babel-plugin-proposal-import-wasm-source</code>,
<code>babel-plugin-syntax-async-do-expressions</code>,
<code>babel-plugin-syntax-decorators</code>,
<code>babel-plugin-syntax-destructuring-private</code>,
<code>babel-plugin-syntax-do-expressions</code>,
<code>babel-plugin-syntax-explicit-resource-management</code>,
<code>babel-plugin-syntax-export-default-from</code>,
<code>babel-plugin-syntax-flow</code>,
<code>babel-plugin-syntax-function-bind</code>,
<code>babel-plugin-syntax-function-sent</code>,
<code>babel-plugin-syntax-import-assertions</code>,
<code>babel-plugin-syntax-import-attributes</code>,
<code>babel-plugin-syntax-import-defer</code>,
<code>babel-plugin-syntax-import-source</code>,
<code>babel-plugin-syntax-jsx</code>,
<code>babel-plugin-syntax-module-blocks</code>,
<code>babel-plugin-syntax-optional-chaining-assign</code>,
<code>babel-plugin-syntax-partial-application</code>,
<code>babel-plugin-syntax-pipeline-operator</code>,
<code>babel-plugin-syntax-throw-expressions</code>,
<code>babel-plugin-syntax-typescript</code>,
<code>babel-plugin-transform-async-generator-functions</code>,
<code>babel-plugin-transform-async-to-generator</code>,
<code>babel-plugin-transform-class-properties</code>,
<code>babel-plugin-transform-class-static-block</code>,
<code>babel-plugin-transform-dotall-regex</code>,
<code>babel-plugin-transform-duplicate-named-capturing-groups-regex</code>,
<code>babel-plugin-transform-explicit-resource-management</code>,
<code>babel-plugin-transform-exponentiation-operator</code>,
<code>babel-plugin-transform-json-strings</code>,
<code>babel-plugin-transform-logical-assignment-operators</code>,
<code>babel-plugin-transform-nullish-coalescing-operator</code>,
<code>babel-plugin-transform-numeric-separator</code>,
<code>babel-plugin-transform-object-rest-spread</code>,
<code>babel-plugin-transform-optional-catch-binding</code>,
<code>babel-plugin-transform-optional-chaining</code>,
<code>babel-plugin-transform-private-methods</code>,
<code>babel-plugin-transform-private-property-in-object</code>,
<code>babel-plugin-transform-regexp-modifiers</code>,
<code>babel-plugin-transform-unicode-property-regex</code>,
<code>babel-plugin-transform-unicode-sets-regex</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17580">#17580</a>
Allow Babel 8 in compatible Babel 7 plugins (<a
href="https://github.com/nicolo-ribaudo"><code>@​nicolo-ribaudo</code></a>)</li>
</ul>
</li>
</ul>
<h4>🏃‍♀️ Performance</h4>
<ul>
<li><code>babel-plugin-transform-react-jsx</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17555">#17555</a>
perf: Use lighter traversal for jsx <code>__source,__self</code> (<a
href="https://github.com/liuxingbaoyu"><code>@​liuxingbaoyu</code></a>)</li>
</ul>
</li>
</ul>
<h4>Committers: 7</h4>
<ul>
<li>Babel Bot (<a
href="https://github.com/babel-bot"><code>@​babel-bot</code></a>)</li>
<li>Eliot Pontarelli (<a
href="https://github.com/kolvian"><code>@​kolvian</code></a>)</li>
<li>Huáng Jùnliàng (<a
href="https://github.com/JLHwung"><code>@​JLHwung</code></a>)</li>
<li>Kadhirash Sivakumar (<a
href="https://github.com/kadhirash"><code>@​kadhirash</code></a>)</li>
<li>Nicolò Ribaudo (<a
href="https://github.com/nicolo-ribaudo"><code>@​nicolo-ribaudo</code></a>)</li>
<li><a
href="https://github.com/liuxingbaoyu"><code>@​liuxingbaoyu</code></a></li>
<li>coderaiser (<a
href="https://github.com/coderaiser"><code>@​coderaiser</code></a>)</li>
</ul>
<h2>v7.28.5 (2025-10-23)</h2>
<p>Thank you <a
href="https://github.com/CO0Ki3"><code>@​CO0Ki3</code></a>, <a
href="https://github.com/Olexandr88"><code>@​Olexandr88</code></a>, and
<a href="https://github.com/youthfulhps"><code>@​youthfulhps</code></a>
for your first PRs!</p>
<h4>👓 Spec Compliance</h4>
<ul>
<li><code>babel-parser</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17446">#17446</a>
Allow <code>Runtime Errors for Function Call Assignment Targets</code>
(<a
href="https://github.com/liuxingbaoyu"><code>@​liuxingbaoyu</code></a>)</li>
</ul>
</li>
<li><code>babel-helper-validator-identifier</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17501">#17501</a>
fix: update identifier to unicode 17 (<a
href="https://github.com/fisker"><code>@​fisker</code></a>)</li>
</ul>
</li>
</ul>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-plugin-proposal-destructuring-private</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17534">#17534</a>
Allow mixing private destructuring and rest (<a
href="https://github.com/CO0Ki3"><code>@​CO0Ki3</code></a>)</li>
</ul>
</li>
<li><code>babel-parser</code>
<ul>
<li><a
href="https://redirect.github.com/babel/babel/pull/17521">#17521</a>
Improve <code>@babel/parser</code> error typing (<a
href="https://github.com/JLHwung"><code>@​JLHwung</code></a>)</li>
<li><a
href="https://redirect.github.com/babel/babel/pull/17491">#17491</a>
fix: improve ts-only declaration parsing (<a
href="https://github.com/JLHwung"><code>@​JLHwung</code></a>)</li>
</ul>
</li>
<li><code>babel-plugin-proposal-discard-binding</code>,
<code>babel-plugin-transform-destructuring</code></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17"><code>d7f4008</code></a>
v7.28.6</li>
<li><a
href="https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177"><code>99dcba5</code></a>
chore: enable some ts-eslint rules (<a
href="https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592">#17592</a>)</li>
<li><a
href="https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23"><code>c1b55f6</code></a>
Use <code>eslint.config.mts</code> (<a
href="https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573">#17573</a>)</li>
<li><a
href="https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f"><code>35055e3</code></a>
v7.28.4</li>
<li><a
href="https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c"><code>18d88b8</code></a>
Improve <code>@​babel/core</code> typings (<a
href="https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471">#17471</a>)</li>
<li><a
href="https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2"><code>ef155f5</code></a>
v7.28.3</li>
<li><a
href="https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a"><code>741cbd2</code></a>
chore: fix various typos across codebase (<a
href="https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476">#17476</a>)</li>
<li><a
href="https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6"><code>cac0ff4</code></a>
v7.28.2</li>
<li><a
href="https://github.com/babel/babel/commit/f743094585b39bd9f7a9e3a3561215b2103e2474"><code>f743094</code></a>
fix: <code>regeneratorDefine</code> compatibility with es5 strict mode
(<a
href="https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17441">#17441</a>)</li>
<li><a
href="https://github.com/babel/babel/commit/baa4cb8b9f8a551d7dae9042b19ea2f74df6b110"><code>baa4cb8</code></a>
v7.27.6</li>
<li>Additional commits viewable in <a
href="https://github.com/babel/babel/commits/v7.28.6/packages/babel-helpers">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for <code>@​babel/helpers</code> since your
current version.</p>
</details>
<br />

Updates `brace-expansion` from 1.1.11 to 1.1.12
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/juliangruber/brace-expansion/releases">brace-expansion's
releases</a>.</em></p>
<blockquote>
<h2>v1.1.12</h2>
<ul>
<li>pkg: publish on tag 1.x  c460dbd</li>
<li>fmt  ccb8ac6</li>
<li>Fix potential ReDoS Vulnerability or Inefficient Regular Expression
(<a
href="https://redirect.github.com/juliangruber/brace-expansion/issues/65">#65</a>)
c3c73c8</li>
</ul>
<hr />
<p><a
href="https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12">https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711"><code>44f33b4</code></a>
1.1.12</li>
<li><a
href="https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570"><code>c460dbd</code></a>
pkg: publish on tag 1.x</li>
<li><a
href="https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f"><code>ccb8ac6</code></a>
fmt</li>
<li><a
href="https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217"><code>c3c73c8</code></a>
Fix potential ReDoS Vulnerability or Inefficient Regular Expression (<a
href="https://redirect.github.com/juliangruber/brace-expansion/issues/65">#65</a>)</li>
<li>See full diff in <a
href="https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12">compare
view</a></li>
</ul>
</details>
<br />

Updates `esbuild` from 0.18.20 to 0.21.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/releases">esbuild's
releases</a>.</em></p>
<blockquote>
<h2>v0.21.5</h2>
<ul>
<li>
<p>Fix <code>Symbol.metadata</code> on classes without a class decorator
(<a
href="https://redirect.github.com/evanw/esbuild/issues/3781">#3781</a>)</p>
<p>This release fixes a bug with esbuild's support for the <a
href="https://github.com/tc39/proposal-decorator-metadata">decorator
metadata proposal</a>. Previously esbuild only added the
<code>Symbol.metadata</code> property to decorated classes if there was
a decorator on the class element itself. However, the proposal says that
the <code>Symbol.metadata</code> property should be present on all
classes that have any decorators at all, not just those with a decorator
on the class element itself.</p>
</li>
<li>
<p>Allow unknown import attributes to be used with the <code>copy</code>
loader (<a href="https://redirect.github.com/ev...

_Description has been truncated_

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-07 17:59:34 -08:00
dependabot[bot] 243b9ed35e Bump langchain-core from 0.3.78 to 0.3.83 (#849)
Bumps [langchain-core](https://github.com/langchain-ai/langchain) from
0.3.78 to 0.3.83.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langchain/releases">langchain-core's
releases</a>.</em></p>
<blockquote>
<h2>langchain-core==0.3.83</h2>
<p>Changes since langchain-core==0.3.82</p>
<p>release(core): 0.3.83 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34733">#34733</a>)
feat(core,langchain,text-splitters): (v0.3) use uuid7 for run ids (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34732">#34732</a>)</p>
<h2>langchain-core==0.3.82</h2>
<p>Changes since langchain-core==0.3.81</p>
<p>release(core): 0.3.82 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34688">#34688</a>)
fix(core): defer persisting traces for iterator inputs (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34687">#34687</a>)
feat(core): add <code>usage_metadata</code> to metadata in
<code>LangChainTracer</code> (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34686">#34686</a>)</p>
<h2>langchain-core==0.3.81</h2>
<p>Changes since langchain-core==0.3.80</p>
<p>release(core): 0.3.81 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34459">#34459</a>)
fix(core): serialization patch (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34458">#34458</a>)</p>
<h2>langchain-core==0.3.80</h2>
<p>Changes since langchain-core==0.3.79</p>
<p>release(core): 0.3.80 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34039">#34039</a>)
fix(core): fix validation for input variables in f-string templates,
restrict functionality supported by jinja2, mustache templates
(GHSA-6qv9-48xg-fc7f) (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34038">#34038</a>)</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/langchain-ai/langchain/commit/c0e2f08f789feac9447325583fef0efbd85eb858"><code>c0e2f08</code></a>
release(core): 0.3.83 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34733">#34733</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/4dab5fafc01cfaddfeac6f5b139b4d58bacb1a40"><code>4dab5fa</code></a>
feat(core,langchain,text-splitters): (v0.3) use uuid7 for run ids (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34732">#34732</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/e6dde2b99c7aadd42d348288540954dded975bb3"><code>e6dde2b</code></a>
release(core): 0.3.82 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34688">#34688</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/126a337082bd019a39a9eee84264a2de556aca29"><code>126a337</code></a>
fix(core): defer persisting traces for iterator inputs (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34687">#34687</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/13c13c4bac6f94a08120b4c7cef58af9dfff105c"><code>13c13c4</code></a>
feat(core): add <code>usage_metadata</code> to metadata in
<code>LangChainTracer</code> (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34686">#34686</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/6dc06da1bb2f3781844895c259a67e40bc598f19"><code>6dc06da</code></a>
release(core): 0.3.81 (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34459">#34459</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/d9ec4c5cc78960abd37da79b0250f5642e6f0ce6"><code>d9ec4c5</code></a>
fix(core): serialization patch (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34458">#34458</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/d62d77925cce59a15bcb8287babe1ad10f1cbe18"><code>d62d779</code></a>
fix(docs): add redirects (<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34411">#34411</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/7ab4a7841a2fe77e3b305c876e3e1eb31d2a9fce"><code>7ab4a78</code></a>
chore(infra): properly disable testing for 0.3 against latest packages
(<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34041">#34041</a>)</li>
<li><a
href="https://github.com/langchain-ai/langchain/commit/6e968fd23c76e0676d29776ff48bd583ad1e1839"><code>6e968fd</code></a>
chore(infra): disable integration tests temporarily when releasing v0.3
(<a
href="https://redirect.github.com/langchain-ai/langchain/issues/34040">#34040</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langchain/compare/langchain-core==0.3.78...langchain-core==0.3.83">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langchain-core&package-manager=pip&previous-version=0.3.78&new-version=0.3.83)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-07 17:59:15 -08:00
dependabot[bot] 7a89867dd2 Bump fastapi from 0.118.0 to 0.128.4 (#847)
Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.118.0 to
0.128.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fastapi/fastapi/releases">fastapi's
releases</a>.</em></p>
<blockquote>
<h2>0.128.4</h2>
<h3>Refactors</h3>
<ul>
<li>♻️ Refactor internals, simplify Pydantic v2/v1 utils,
<code>create_model_field</code>, better types for
<code>lenient_issubclass</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14860">#14860</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>♻️ Simplify internals, remove Pydantic v1 only logic, no longer
needed. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14857">#14857</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>♻️ Refactor internals, cleanup unneeded Pydantic v1 specific logic.
PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14856">#14856</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Translations</h3>
<ul>
<li>🌐 Update translations for fr (outdated pages). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14839">#14839</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>🌐 Update translations for tr (outdated and missing). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14838">#14838</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>⬆️ Upgrade development dependencies. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14854">#14854</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h2>0.128.3</h2>
<h3>Refactors</h3>
<ul>
<li>♻️ Re-implement <code>on_event</code> in FastAPI for compatibility
with the next Starlette, while keeping backwards compatibility. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14851">#14851</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Upgrades</h3>
<ul>
<li>⬆️ Upgrade Starlette supported version range to
<code>starlette&gt;=0.40.0,&lt;1.0.0</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14853">#14853</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Translations</h3>
<ul>
<li>🌐 Update translations for ru (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14834">#14834</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>👷 Run tests with Starlette from git. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14849">#14849</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>👷 Run tests with lower bound uv sync, upgrade
<code>fastapi[all]</code> minimum dependencies: <code>ujson
&gt;=5.8.0</code>, <code>orjson &gt;=3.9.3</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14846">#14846</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h2>0.128.2</h2>
<h3>Features</h3>
<ul>
<li> Add support for PEP695 <code>TypeAliasType</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/13920">#13920</a>
by <a href="https://github.com/cstruct"><code>@​cstruct</code></a>.</li>
<li> Allow <code>Response</code> type hint as dependency annotation. PR
<a
href="https://redirect.github.com/fastapi/fastapi/pull/14794">#14794</a>
by <a
href="https://github.com/jonathan-fulton"><code>@​jonathan-fulton</code></a>.</li>
</ul>
<h3>Fixes</h3>
<ul>
<li>🐛 Fix using <code>Json[list[str]]</code> type (issue <a
href="https://redirect.github.com/fastapi/fastapi/issues/10997">#10997</a>).
PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14616">#14616</a>
by <a
href="https://github.com/mkanetsuna"><code>@​mkanetsuna</code></a>.</li>
</ul>
<h3>Docs</h3>
<ul>
<li>📝 Update docs for translations. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14830">#14830</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>📝 Fix duplicate word in <code>advanced-dependencies.md</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14815">#14815</a>
by <a
href="https://github.com/Rayyan-Oumlil"><code>@​Rayyan-Oumlil</code></a>.</li>
</ul>
<h3>Translations</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fastapi/fastapi/commit/8eac94bd91c212a2aab676acd7f8e94cd3097dd0"><code>8eac94b</code></a>
🔖 Release version 0.128.4</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/58cdfc7f4b1ad22a4e6450319affb42d185775d9"><code>58cdfc7</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/d59fbc3494940c9afe675cc89271bd0fa744574f"><code>d59fbc3</code></a>
♻️ Refactor internals, simplify Pydantic v2/v1 utils,
<code>create_model_field</code>, b...</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/cc6ced6345f6be18038437b73866294697294f3e"><code>cc6ced6</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/cf55bade7ea6e4bf85a167e8aed1c6167e7a4196"><code>cf55bad</code></a>
♻️ Simplify internals, remove Pydantic v1 only logic, no longer needed
(<a
href="https://redirect.github.com/fastapi/fastapi/issues/14857">#14857</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/ac8362c447b94247e9f7268c3d1e2807818647ae"><code>ac8362c</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/3c49346238643287780d9f0d673f88b0d02df109"><code>3c49346</code></a>
♻️ Refactor internals, cleanup unneeded Pydantic v1 specific logic (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14856">#14856</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/512c3ad88c8f03a03154df317c65aa0ca4f1f78d"><code>512c3ad</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/cba537ab717ff205857a0eb877c69e79cfd06a51"><code>cba537a</code></a>
🌐 Update translations for fr (outdated pages) (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14839">#14839</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/2eb454ab04e81325ed430a036103e4aede299d61"><code>2eb454a</code></a>
📝 Update release notes</li>
<li>Additional commits viewable in <a
href="https://github.com/fastapi/fastapi/compare/0.118.0...0.128.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fastapi&package-manager=pip&previous-version=0.118.0&new-version=0.128.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-07 17:58:59 -08:00
dependabot[bot] 56e0d5dc9c Bump jupyterlab from 3.6.8 to 4.5.3 (#845)
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jupyterlab&package-manager=pip&previous-version=3.6.8&new-version=4.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-07 17:51:15 -08:00
dependabot[bot] 6c255acd8f Bump actions/checkout from 3 to 6 (#842)
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to
6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>v6-beta by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2298">actions/checkout#2298</a></li>
<li>update readme/changelog for v6 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2311">actions/checkout#2311</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v5.0.0...v6.0.0">https://github.com/actions/checkout/compare/v5.0.0...v6.0.0</a></p>
<h2>v6-beta</h2>
<h2>What's Changed</h2>
<p>Updated persist-credentials to store the credentials under
<code>$RUNNER_TEMP</code> instead of directly in the local git
config.</p>
<p>This requires a minimum Actions Runner version of <a
href="https://github.com/actions/runner/releases/tag/v2.329.0">v2.329.0</a>
to access the persisted credentials for <a
href="https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action">Docker
container action</a> scenarios.</p>
<h2>v5.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v5...v5.0.1">https://github.com/actions/checkout/compare/v5...v5.0.1</a></p>
<h2>v5.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
<li>Prepare v5.0.0 release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li>
</ul>
<h2>⚠️ Minimum Compatible Runner Version</h2>
<p><strong>v2.327.1</strong><br />
<a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Release
Notes</a></p>
<p>Make sure your runner is updated to this version or newer to use this
release.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p>
<h2>v4.3.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4...v4.3.1">https://github.com/actions/checkout/compare/v4...v4.3.1</a></p>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v6.0.2</h2>
<ul>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li>
</ul>
<h2>v6.0.1</h2>
<ul>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li>
</ul>
<h2>v6.0.0</h2>
<ul>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
</ul>
<h2>v5.0.1</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<h2>v5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>v4.3.1</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li>
</ul>
<h2>v4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd"><code>de0fac2</code></a>
Fix tag handling: preserve annotations and explicit fetch-tags (<a
href="https://redirect.github.com/actions/checkout/issues/2356">#2356</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49"><code>064fe7f</code></a>
Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is
set (...</li>
<li><a
href="https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8"><code>8e8c483</code></a>
Clarify v6 README (<a
href="https://redirect.github.com/actions/checkout/issues/2328">#2328</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1"><code>033fa0d</code></a>
Add worktree support for persist-credentials includeIf (<a
href="https://redirect.github.com/actions/checkout/issues/2327">#2327</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5"><code>c2d88d3</code></a>
Update all references from v5 and v4 to v6 (<a
href="https://redirect.github.com/actions/checkout/issues/2314">#2314</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3"><code>1af3b93</code></a>
update readme/changelog for v6 (<a
href="https://redirect.github.com/actions/checkout/issues/2311">#2311</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e"><code>71cf226</code></a>
v6-beta (<a
href="https://redirect.github.com/actions/checkout/issues/2298">#2298</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e"><code>069c695</code></a>
Persist creds to a separate file (<a
href="https://redirect.github.com/actions/checkout/issues/2286">#2286</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493"><code>ff7abcd</code></a>
Update README to include Node.js 24 support details and requirements (<a
href="https://redirect.github.com/actions/checkout/issues/2248">#2248</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8"><code>08c6903</code></a>
Prepare v5.0.0 release (<a
href="https://redirect.github.com/actions/checkout/issues/2238">#2238</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/checkout/compare/v3...v6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3&new-version=6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-07 17:32:46 -08:00
dependabot[bot] 8aa1e86ab3 Bump pytest from 7.4.4 to 8.4.2 (#844)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.4 to
8.4.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pytest-dev/pytest/releases">pytest's
releases</a>.</em></p>
<blockquote>
<h2>8.4.2</h2>
<h1>pytest 8.4.2 (2025-09-03)</h1>
<h2>Bug fixes</h2>
<ul>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13478">#13478</a>:
Fixed a crash when using
<code>console_output_style</code>{.interpreted-text
role=&quot;confval&quot;} with <code>times</code> and a module is
skipped.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13530">#13530</a>:
Fixed a crash when using <code>pytest.approx</code>{.interpreted-text
role=&quot;func&quot;} and
<code>decimal.Decimal</code>{.interpreted-text role=&quot;class&quot;}
instances with the <code>decimal.FloatOperation</code>{.interpreted-text
role=&quot;class&quot;} trap set.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13549">#13549</a>:
No longer evaluate type annotations in Python <code>3.14</code> when
inspecting function signatures.</p>
<p>This prevents crashes during module collection when modules do not
explicitly use <code>from __future__ import annotations</code> and
import types for annotations within a <code>if TYPE_CHECKING:</code>
block.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13559">#13559</a>:
Added missing [int]{.title-ref} and [float]{.title-ref} variants to the
[Literal]{.title-ref} type annotation of the [type]{.title-ref}
parameter in <code>pytest.Parser.addini</code>{.interpreted-text
role=&quot;meth&quot;}.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13563">#13563</a>:
<code>pytest.approx</code>{.interpreted-text role=&quot;func&quot;} now
only imports <code>numpy</code> if NumPy is already in
<code>sys.modules</code>. This fixes unconditional import behavior
introduced in [8.4.0]{.title-ref}.</p>
</li>
</ul>
<h2>Improved documentation</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13577">#13577</a>:
Clarify that <code>pytest_generate_tests</code> is discovered in test
modules/classes; other hooks must be in <code>conftest.py</code> or
plugins.</li>
</ul>
<h2>Contributor-facing changes</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13480">#13480</a>:
Self-testing: fixed a few test failures when run with
<code>-Wdefault</code> or a similar override.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13547">#13547</a>:
Self-testing: corrected expected message for
<code>test_doctest_unexpected_exception</code> in Python
<code>3.14</code>.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13684">#13684</a>:
Make pytest's own testsuite insensitive to the presence of the
<code>CI</code> environment variable -- by
<code>ogrisel</code>{.interpreted-text role=&quot;user&quot;}.</li>
</ul>
<h2>8.4.1</h2>
<h1>pytest 8.4.1 (2025-06-17)</h1>
<h2>Bug fixes</h2>
<ul>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13461">#13461</a>:
Corrected <code>_pytest.terminal.TerminalReporter.isatty</code> to
support
being called as a method. Before it was just a boolean which could
break correct code when using <code>-o log_cli=true</code>).</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13477">#13477</a>:
Reintroduced
<code>pytest.PytestReturnNotNoneWarning</code>{.interpreted-text
role=&quot;class&quot;} which was removed by accident in pytest
[8.4]{.title-ref}.</p>
<p>This warning is raised when a test functions returns a value other
than <code>None</code>, which is often a mistake made by beginners.</p>
<p>See <code>return-not-none</code>{.interpreted-text
role=&quot;ref&quot;} for more information.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13497">#13497</a>:
Fixed compatibility with <code>Twisted 25+</code>.</p>
</li>
</ul>
<h2>Improved documentation</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13492">#13492</a>:
Fixed outdated warning about <code>faulthandler</code> not working on
Windows.</li>
</ul>
<h2>8.4.0</h2>
<h1>pytest 8.4.0 (2025-06-02)</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pytest-dev/pytest/commit/bfae4224fd554d3d7f2c277a4cc092b6ec6af3ae"><code>bfae422</code></a>
Prepare release version 8.4.2</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/89905381a163be30ae87d62e5f750e902d750c5f"><code>8990538</code></a>
Fix passenv CI in tox ini and make tests insensitive to the presence of
the C...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/ca676bfe005aebcb12f4146d1b0f1d2772e2cd5d"><code>ca676bf</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/13687">#13687</a>
from pytest-dev/patchback/backports/8.4.x/e63f6e51c...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/975a60a63ce385a44655596e254c1899feaa53e4"><code>975a60a</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/13686">#13686</a>
from pytest-dev/patchback/backports/8.4.x/12bde8af6...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/7723ce84b87ab08f86ddafcb342acc28ba5ec99d"><code>7723ce8</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/13683">#13683</a>
from even-even/fix_Exeption_to_Exception_in_errorMe...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/b7f05680d1301e0969b30bcb3c4b27433c9ee2b7"><code>b7f0568</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/13685">#13685</a>
from CoretexShadow/fix/docs-pytest-generate-tests</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/2c94c4a6948ba53440818389298157fa5d5f94cd"><code>2c94c4a</code></a>
add missing colon (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/13640">#13640</a>)
(<a
href="https://redirect.github.com/pytest-dev/pytest/issues/13641">#13641</a>)</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/c3d7684bc01c8c48d05145a30c5211ca8656c68c"><code>c3d7684</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/13606">#13606</a>
from pytest-dev/patchback/backports/8.4.x/5f9938563...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/dc6e3be2ddc75a149b6d102d9b7c82ee47a00cfa"><code>dc6e3be</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/13605">#13605</a>
from The-Compiler/training-update-2025-07</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/f87289c36c8dbe7740e3020f5546b6f8b0861ff0"><code>f87289c</code></a>
Fix crash with <code>times</code> output style and skipped module (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/13573">#13573</a>)
(<a
href="https://redirect.github.com/pytest-dev/pytest/issues/13579">#13579</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pytest-dev/pytest/compare/7.4.4...8.4.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pytest&package-manager=pip&previous-version=7.4.4&new-version=8.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-07 17:30:22 -08:00
dependabot[bot] 3fc780e472 Bump actions/cache from 3 to 5 (#843)
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<blockquote>
<p>[!IMPORTANT]
<strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime and
requires a minimum Actions Runner version of
<code>2.327.1</code>.</strong></p>
<p>If you are using self-hosted runners, ensure they are updated before
upgrading.</p>
</blockquote>
<hr />
<h2>What's Changed</h2>
<ul>
<li>Upgrade to use node24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1630">actions/cache#1630</a></li>
<li>Prepare v5.0.0 release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1684">actions/cache#1684</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.3.0...v5.0.0">https://github.com/actions/cache/compare/v4.3.0...v5.0.0</a></p>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add note on runner versions by <a
href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1642">actions/cache#1642</a></li>
<li>Prepare <code>v4.3.0</code> release by <a
href="https://github.com/Link"><code>@​Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1655">actions/cache#1655</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1642">actions/cache#1642</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4...v4.3.0">https://github.com/actions/cache/compare/v4...v4.3.0</a></p>
<h2>v4.2.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1620">actions/cache#1620</a></li>
<li>Upgrade <code>@actions/cache</code> to <code>4.0.5</code> and move
<code>@protobuf-ts/plugin</code> to dev depdencies by <a
href="https://github.com/Link"><code>@​Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1634">actions/cache#1634</a></li>
<li>Prepare release <code>4.2.4</code> by <a
href="https://github.com/Link"><code>@​Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1636">actions/cache#1636</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/nebuk89"><code>@​nebuk89</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1620">actions/cache#1620</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4...v4.2.4">https://github.com/actions/cache/compare/v4...v4.2.4</a></p>
<h2>v4.2.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use <code>@​actions/cache</code> 4.0.3 package &amp;
prepare for new release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1577">actions/cache#1577</a>
(SAS tokens for cache entries are now masked in debug logs)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1577">actions/cache#1577</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.2...v4.2.3">https://github.com/actions/cache/compare/v4.2.2...v4.2.3</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h2>How to prepare a release</h2>
<blockquote>
<p>[!NOTE]<br />
Relevant for maintainers with write access only.</p>
</blockquote>
<ol>
<li>Switch to a new branch from <code>main</code>.</li>
<li>Run <code>npm test</code> to ensure all tests are passing.</li>
<li>Update the version in <a
href="https://github.com/actions/cache/blob/main/package.json"><code>https://github.com/actions/cache/blob/main/package.json</code></a>.</li>
<li>Run <code>npm run build</code> to update the compiled files.</li>
<li>Update this <a
href="https://github.com/actions/cache/blob/main/RELEASES.md"><code>https://github.com/actions/cache/blob/main/RELEASES.md</code></a>
with the new version and changes in the <code>## Changelog</code>
section.</li>
<li>Run <code>licensed cache</code> to update the license report.</li>
<li>Run <code>licensed status</code> and resolve any warnings by
updating the <a
href="https://github.com/actions/cache/blob/main/.licensed.yml"><code>https://github.com/actions/cache/blob/main/.licensed.yml</code></a>
file with the exceptions.</li>
<li>Commit your changes and push your branch upstream.</li>
<li>Open a pull request against <code>main</code> and get it reviewed
and merged.</li>
<li>Draft a new release <a
href="https://github.com/actions/cache/releases">https://github.com/actions/cache/releases</a>
use the same version number used in <code>package.json</code>
<ol>
<li>Create a new tag with the version number.</li>
<li>Auto generate release notes and update them to match the changes you
made in <code>RELEASES.md</code>.</li>
<li>Toggle the set as the latest release option.</li>
<li>Publish the release.</li>
</ol>
</li>
<li>Navigate to <a
href="https://github.com/actions/cache/actions/workflows/release-new-action-version.yml">https://github.com/actions/cache/actions/workflows/release-new-action-version.yml</a>
<ol>
<li>There should be a workflow run queued with the same version
number.</li>
<li>Approve the run to publish the new version and update the major tags
for this action.</li>
</ol>
</li>
</ol>
<h2>Changelog</h2>
<h3>5.0.3</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a
href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li>
<li>Bump <code>@actions/core</code> to v2.0.3</li>
</ul>
<h3>5.0.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v5.0.3 <a
href="https://redirect.github.com/actions/cache/pull/1692">#1692</a></li>
</ul>
<h3>5.0.1</h3>
<ul>
<li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via
<code>@actions/cache@5.0.1</code> <a
href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li>
</ul>
<h3>5.0.0</h3>
<blockquote>
<p>[!IMPORTANT]
<code>actions/cache@v5</code> runs on the Node.js 24 runtime and
requires a minimum Actions Runner version of <code>2.327.1</code>.
If you are using self-hosted runners, ensure they are updated before
upgrading.</p>
</blockquote>
<h3>4.3.0</h3>
<ul>
<li>Bump <code>@actions/cache</code> to <a
href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/cdf6c1fa76f9f475f3d7449005a359c84ca0f306"><code>cdf6c1f</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1695">#1695</a>
from actions/Link-/prepare-5.0.3</li>
<li><a
href="https://github.com/actions/cache/commit/a1bee22673bee4afb9ce4e0a1dc3da1c44060b7d"><code>a1bee22</code></a>
Add review for the <code>@​actions/http-client</code> license</li>
<li><a
href="https://github.com/actions/cache/commit/46957638dc5c5ff0c34c0143f443c07d3a7c769f"><code>4695763</code></a>
Add licensed output</li>
<li><a
href="https://github.com/actions/cache/commit/dc73bb9f7bf74a733c05ccd2edfd1f2ac9e5f502"><code>dc73bb9</code></a>
Upgrade dependencies and address security warnings</li>
<li><a
href="https://github.com/actions/cache/commit/345d5c2f761565bace4b6da356737147e9041e3a"><code>345d5c2</code></a>
Add 5.0.3 builds</li>
<li><a
href="https://github.com/actions/cache/commit/8b402f58fbc84540c8b491a91e594a4576fec3d7"><code>8b402f5</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1692">#1692</a>
from GhadimiR/main</li>
<li><a
href="https://github.com/actions/cache/commit/304ab5a0701ee61908ccb4b5822347949a2e2002"><code>304ab5a</code></a>
license for httpclient</li>
<li><a
href="https://github.com/actions/cache/commit/609fc19e67cd310e97eb36af42355843ffcb35be"><code>609fc19</code></a>
Update licensed record for cache</li>
<li><a
href="https://github.com/actions/cache/commit/b22231e43df11a67538c05e88835f1fa097599c5"><code>b22231e</code></a>
Build</li>
<li><a
href="https://github.com/actions/cache/commit/93150cdfb36a9d84d4e8628c8870bec84aedcf8a"><code>93150cd</code></a>
Add PR link to releases</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/cache/compare/v3...v5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=3&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-07 17:30:00 -08:00
dependabot[bot] 404cab2506 Bump aiohttp from 3.12.15 to 3.13.3 in the pip group across 1 directory (#841)
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=pip&previous-version=3.12.15&new-version=3.13.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-07 17:27:51 -08:00
dependabot[bot] db4c41fcb3 Bump urllib3 from 2.5.0 to 2.6.3 in the pip group across 1 directory (#840)
Bumps the pip group with 1 update in the / directory:
[urllib3](https://github.com/urllib3/urllib3).

Updates `urllib3` from 2.5.0 to 2.6.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.6.3</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support. If your company or organization uses Python and
would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and
thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed a security issue where decompression-bomb safeguards of the
streaming API were bypassed when HTTP redirects were followed.
(CVE-2026-21441 reported by <a
href="https://github.com/D47A"><code>@​D47A</code></a>, 8.9 High,
GHSA-38jv-5279-wg99)</li>
<li>Started treating <code>Retry-After</code> times greater than 6 hours
as 6 hours by default. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3743">urllib3/urllib3#3743</a>)</li>
<li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on
Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3752">urllib3/urllib3#3752</a>)</li>
</ul>
<h2>2.6.2</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support. If your company or organization uses Python and
would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and
thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed <code>HTTPResponse.read_chunked()</code> to properly handle
leftover data in the decoder's buffer when reading compressed chunked
responses. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3734">urllib3/urllib3#3734</a>)</li>
</ul>
<h2>2.6.1</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support. If your company or organization uses Python and
would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and
thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Restore previously removed <code>HTTPResponse.getheaders()</code>
and <code>HTTPResponse.getheader()</code> methods. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3731">#3731</a>)</li>
</ul>
<h2>2.6.0</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support. If your company or organization uses Python and
would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and
thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Security</h2>
<ul>
<li>Fixed a security issue where streaming API could improperly handle
highly compressed HTTP content (&quot;decompression bombs&quot;) leading
to excessive resource consumption even when a small amount of data was
requested. Reading small chunks of compressed data is safer and much
more efficient now. (CVE-2025-66471 reported by <a
href="https://github.com/Cycloctane"><code>@​Cycloctane</code></a>, 8.9
High, GHSA-2xpw-w6gg-jr37)</li>
<li>Fixed a security issue where an attacker could compose an HTTP
response with virtually unlimited links in the
<code>Content-Encoding</code> header, potentially leading to a denial of
service (DoS) attack by exhausting system resources during decoding. The
number of allowed chained encodings is now limited to 5. (CVE-2025-66418
reported by <a
href="https://github.com/illia-v"><code>@​illia-v</code></a>, 8.9 High,
GHSA-gm62-xv2j-4w53)</li>
</ul>
<blockquote>
<p>[!IMPORTANT]</p>
<ul>
<li>If urllib3 is not installed with the optional
<code>urllib3[brotli]</code> extra, but your environment contains a
Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at
least Brotli 1.2.0 or brotlicffi 1.2.0.0 to benefit from the security
fixes and avoid warnings. Prefer using <code>urllib3[brotli]</code> to
install a compatible Brotli package automatically.</li>
</ul>
</blockquote>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.6.3 (2026-01-07)</h1>
<ul>
<li>Fixed a high-severity security issue where decompression-bomb
safeguards of
the streaming API were bypassed when HTTP redirects were followed.
(<code>GHSA-38jv-5279-wg99
&lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99&gt;</code>__)</li>
<li>Started treating <code>Retry-After</code> times greater than 6 hours
as 6 hours by
default. (<code>[#3743](https://github.com/urllib3/urllib3/issues/3743)
&lt;https://github.com/urllib3/urllib3/issues/3743&gt;</code>__)</li>
<li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on
Emscripten.
(<code>[#3752](https://github.com/urllib3/urllib3/issues/3752)
&lt;https://github.com/urllib3/urllib3/issues/3752&gt;</code>__)</li>
</ul>
<h1>2.6.2 (2025-12-11)</h1>
<ul>
<li>Fixed <code>HTTPResponse.read_chunked()</code> to properly handle
leftover data in
the decoder's buffer when reading compressed chunked responses.
(<code>[#3734](https://github.com/urllib3/urllib3/issues/3734)
&lt;https://github.com/urllib3/urllib3/issues/3734&gt;</code>__)</li>
</ul>
<h1>2.6.1 (2025-12-08)</h1>
<ul>
<li>Restore previously removed <code>HTTPResponse.getheaders()</code>
and
<code>HTTPResponse.getheader()</code> methods.
(<code>[#3731](https://github.com/urllib3/urllib3/issues/3731)
&lt;https://github.com/urllib3/urllib3/issues/3731&gt;</code>__)</li>
</ul>
<h1>2.6.0 (2025-12-05)</h1>
<h2>Security</h2>
<ul>
<li>Fixed a security issue where streaming API could improperly handle
highly
compressed HTTP content (&quot;decompression bombs&quot;) leading to
excessive resource
consumption even when a small amount of data was requested. Reading
small
chunks of compressed data is safer and much more efficient now.
(<code>GHSA-2xpw-w6gg-jr37
&lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37&gt;</code>__)</li>
<li>Fixed a security issue where an attacker could compose an HTTP
response with
virtually unlimited links in the <code>Content-Encoding</code> header,
potentially
leading to a denial of service (DoS) attack by exhausting system
resources
during decoding. The number of allowed chained encodings is now limited
to 5.
(<code>GHSA-gm62-xv2j-4w53
&lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53&gt;</code>__)</li>
</ul>
<p>.. caution::</p>
<ul>
<li>If urllib3 is not installed with the optional
<code>urllib3[brotli]</code> extra, but
your environment contains a Brotli/brotlicffi/brotlipy package anyway,
make
sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to
benefit from the security fixes and avoid warnings. Prefer using</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/0248277dd7ac0239204889ca991353ad3e3a1ddc"><code>0248277</code></a>
Release 2.6.3</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"><code>8864ac4</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/70cecb27ca99d56aaaeb63ac27ee270ef2b24c5c"><code>70cecb2</code></a>
Fix Scorecard issues related to vulnerable dev dependencies (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3755">#3755</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/41f249abe1ef3e20768588969c4035aba060a359"><code>41f249a</code></a>
Move &quot;v2.0 Migration Guide&quot; to the end of the table of
contents (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3747">#3747</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/fd4dffd2fc544166b76151a2fa3d7b7c0eab540c"><code>fd4dffd</code></a>
Patch <code>VerifiedHTTPSConnection</code> for Emscripten (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3752">#3752</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/13f0bfd55e4468fe1ea9c6f809d3a87b0f93ebab"><code>13f0bfd</code></a>
Handle massive values in Retry-After when calculating time to sleep for
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/3743">#3743</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/8c480bf87bcefd321b3a1ae47f04e908b6b2ed7b"><code>8c480bf</code></a>
Bump actions/upload-artifact from 5.0.0 to 6.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3748">#3748</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/4b40616e959c0a2c466e8075f2a785a9f99bb0c1"><code>4b40616</code></a>
Bump actions/cache from 4.3.0 to 5.0.1 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3750">#3750</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/82b8479663d037d220c883f1584dd01a43bb273b"><code>82b8479</code></a>
Bump actions/download-artifact from 6.0.0 to 7.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3749">#3749</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/34284cb01700bb7d4fdd472f909e22393e9174e2"><code>34284cb</code></a>
Mention experimental features in the security policy (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3746">#3746</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/2.5.0...2.6.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.5.0&new-version=2.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langserve/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-07 17:27:30 -08:00
John Kennedy d592a8abd9 chore: workflow perms (#846) 2026-02-07 17:25:35 -08:00
John Kennedy 8721a82087 chore: dependabot (#838) 2026-02-07 17:22:28 -08:00
Eugene Yurtsev 0c1cb7f800 release: 0.3.3 for compatibility with langchain-core 1 (#830)
Release for compatibility with langchain > 1
2025-10-17 11:07:22 -04:00
joaquin-borggio-lc f0d86287ab ci: drop python 3.8 (#825) 2025-09-17 15:38:01 -04:00
joaquin-borggio-lc 168c9ff90e chore: bump patch version (#823)
bump patched version so i can release
2025-09-17 15:31:09 -04:00
joaquin-borggio-lc a87125d0b8 chore: bump some package versions (#821)
Co-authored-by: Eugene Yurtsev <eyurtsev@gmail.com>
2025-09-17 15:03:09 -04:00
Eugene Yurtsev 1de17fa799 Add new contributor to .clabot configuration (#822) 2025-09-17 15:01:18 -04:00
ResearchAI 1a08f2740c Update Chroma import to avoid deprecation warning. (#741) 2025-07-09 17:19:18 -04:00
Yash Jivani 06c3c3691e Update README.md Grammatical Errors (#733) 2025-07-09 17:15:01 -04:00
Eugene Yurtsev d20eab45f2 ci: add workflow dispatch to _release (#805) 2024-12-26 21:37:14 -05:00
Eugene Yurtsev 321b7aa3b1 Release 0.3.1 (#801) 2024-12-19 10:33:17 -05:00
Eugene Yurtsev aa4aea4a81 lint (#803) 2024-12-19 10:19:16 -05:00
Eugene Yurtsev 1aaec1189c Update _lint.yml (#802) 2024-12-18 22:10:43 -05:00
アリス 0d7601781d update ssl verifying part to work with httpx 0.28.0 (#798)
As the new httpx 0.28.0 removes VerifyTypes, we should update to follow
their change
See [issue](https://github.com/langchain-ai/langserve/issues/796)

---------

Co-authored-by: Eugene Yurtsev <eyurtsev@gmail.com>
2024-12-18 22:08:58 -05:00
Eugene Yurtsev 0ad075fb67 Update .clabot (#800) 2024-12-18 22:04:39 -05:00
Mingqi Hu b007300b06 docs: Remove templates in readme (#792)
docs: Remove templates in readme

Issue: 404 when you click the [LangChain
Templates](https://github.com/langchain-ai/langchain/blob/master/templates/README.md)
in readme. As templates dir has been removed on latest langchain master.
<img width="368" alt="image"
src="https://github.com/user-attachments/assets/8dfa7e82-c6df-458c-ba42-2b9f0fd67d8d">


Fix: Just remove it to avoid 404 as example dirs is enough, look like
(my local vs code)
<img width="423" alt="image"
src="https://github.com/user-attachments/assets/b65fc053-ed62-47e4-8404-fbfbcb4b17d5">

Signed-off-by: Mingqi <mingqi.hu@intel.com>
Co-authored-by: Eugene Yurtsev <eyurtsev@gmail.com>
2024-11-22 10:21:02 -05:00
Eugene Yurtsev 9df7e88bb9 Update .clabot (#793) 2024-11-22 10:20:11 -05:00
Eugene Yurtsev c626cde08c Update MIGRATION.md (#789) 2024-11-18 11:06:37 -05:00
ccurme c4a8925b00 docs: update local link in readme (#788)
LangChain doc builds are currently
[broken](https://vercel.com/langchain/langchain/ExxE3a6SSZVa7RSRUDB3mzHDpsvV?filter=errors).

- LangChain docs page hosts LangServe readme:
https://python.langchain.com/docs/langserve/;
- The readme is [downloaded from
github](https://github.com/langchain-ai/langchain/blob/22a8652eccd9023cd41ea0f6924575ce87c28756/docs/Makefile#L49)
when docs are built;
- A
[script](https://github.com/langchain-ai/langchain/blob/master/docs/scripts/resolve_local_links.py)
resolves local links in the readme to point to the LangServe github.

This script assumes local links are prefixed with `./`
2024-11-18 11:05:19 -05:00
Eugene Yurtsev 80f949b62e migration guide (#787) 2024-11-16 22:36:31 -05:00
Eugene Yurtsev c27923a7d1 Update README.md (#773) 2024-09-18 13:33:52 -04:00
Eugene Yurtsev f3b9c43106 Update README.md (#771) 2024-09-16 13:22:26 -04:00
Eugene Yurtsev 6b1a0d97ef Update README (#769) 2024-09-16 11:56:41 -04:00
Eugene Yurtsev dc04672537 examples: update clients (#768) 2024-09-14 14:32:41 -04:00
Eugene Yurtsev 42b61a664b v0.3 release (#767) 2024-09-14 14:14:45 -04:00
Eugene Yurtsev 1e24edce08 Add ability to specify custom serializer (#764)
Allow users to define a custom serializer
2024-09-14 14:06:08 -04:00
Eugene Yurtsev c747e20c1e Fix issue with callback events sent from server (#765)
This properly propagates the name of the runs from the server to the client if one enables callbacks.
2024-09-14 13:46:10 -04:00
Eugene Yurtsev 8b4d8dff6c propagate astream events from add_route (#763)
Propagate the parameter to APIHandler
2024-09-12 17:02:35 -04:00
Eugene Yurtsev 2c957bdd78 mark include callback events as a beta api (#761) 2024-09-12 14:58:33 -04:00
Eugene Yurtsev 36f945e494 improve error messages when models fail to hash (#762) 2024-09-12 14:58:25 -04:00
Eugene Yurtsev 43683b3671 add ability to control version of astream events API (#760)
add ability to control version of astream events API server side
2024-09-12 14:33:21 -04:00
Eugene Yurtsev 59b3c81189 Release 0.30dev2 (#758) 2024-09-11 21:08:56 -04:00
Eugene Yurtsev 36e9919c17 serialization fix for defaults (#757)
Fix serialization issue when there are defaults
2024-09-11 21:07:30 -04:00
Eugene Yurtsev ff94f96dc8 update serialization to work with older pydantic versions (#756)
* Serialization to work with pydantic 2.7, 2.8
* Add constraint on min pydantic version for langserve to be 2.7 for now
2024-09-11 12:55:53 -04:00
Eugene Yurtsev 8c852935e5 Update doc-string, remove unused function (#754) 2024-09-10 14:05:51 -04:00
Eugene Yurtsev 04236b0cf2 more run time warnings (#753)
This PR resolves most of the remaining run time warnings
2024-09-10 11:41:03 -04:00
Eugene Yurtsev 54eee64faf update claude model in examples (#750) 2024-09-10 10:34:31 -04:00
Eugene Yurtsev 72c200ff81 first pass at removing deprecated usaged (#751)
Reduces a significant number of run time warnings when running unit
tests (down to ~350)
2024-09-10 10:34:16 -04:00
Eugene Yurtsev 21c2e3da2a resolve more warnings in unit tests (#752)
Migrated using gritql 

`AsyncClient(app=$y, $x)` => `AsyncClient($x, transport=
httpx.ASGITransport(app=$y))`
2024-09-09 18:40:04 -04:00
Eugene Yurtsev 6e7a9ee3f5 0.3.0.dev1 release (#748) 2024-09-09 16:09:34 -04:00
Eugene Yurtsev 81c0285af2 update default playground to handle oneOf type (#747)
Update the default playground to handle the oneOf type which appears as
the input into language models.

This change stems from the upgrade to pydantic 2.
2024-09-09 16:06:36 -04:00
Eugene Yurtsev b62b925825 chat-playground: update to handle oneOf (resulted from pydantic upgrade) (#746)
Update the chat playground to handle the oneOf type which appears as the
input into language models.

This change stems from the upgrade to pydantic 2.
2024-09-09 16:06:29 -04:00
Eugene Yurtsev b528955b60 migrate examples to pydantic 2 (#745)
Migrate examples to pydantic 2
2024-09-09 11:03:26 -04:00
Eugene Yurtsev 5aedbf7083 upgrade to pydantic 2 (#744)
This PR upgrades langserve to pydantic 2.

* Added a failing unit test that has 2 known failures (that need to be
fixed in langchain-core)
* Deprecation warnings will be resolved separately.
2024-09-09 10:23:16 -04:00
Eugene Yurtsev 41a9d798aa Update unit tests to catch up with langchain-core (#743)
Updating the unit tests to catch up with langchain-core. No adjustements
should be necessary to user code, the issues manifest themselves only with the
given test set up (e.g., snapshots). langchain-core changes were either
additive or self-consistent.
2024-09-06 13:55:23 -04:00
Erick Friis d4704c2b45 infra: release permissions (#738) 2024-09-01 22:09:28 -04:00
Eugene Yurtsev c259ec3e4d Release 0.2.3 (#737) 2024-09-01 21:55:23 -04:00
William FH 62e648a2bf Support correction when creating feedback with token (#736)
Closes https://github.com/langchain-ai/langserve/issues/735

---------

Co-authored-by: Eugene Yurtsev <eyurtsev@gmail.com>
2024-09-01 21:43:50 -04:00
Eugene Yurtsev a74e072486 Add langgraph compatibility section (#718) 2024-07-26 14:29:38 -04:00
Erick Friis 1487bf1ce5 Add instructions to address pydantic v2 incompatibility (#713) 2024-07-22 14:40:03 -04:00
ccurme 050a0cc674 update readme (#697) 2024-06-28 11:02:32 -04:00
Eugene Yurtsev 3fc76eca05 0.2.2 release (#675) 2024-06-10 14:41:50 -04:00
Dennis Rall df3aa45ef8 chore: add fastapi to client extra (#666)
Just a quickfix for #212.

It would be better not to have to install fastapi only for using the
client, but in my opinion this is still better then getting errors when
importing the `RemoteRunnable` after a `pip install
"langserve[client]"`.

Otherwise at least the readme should be updated.

---------

Co-authored-by: Eugene Yurtsev <eyurtsev@gmail.com>
2024-06-10 13:05:47 -04:00
Eugene Yurtsev 577dcc779f Update .clabot (#674) 2024-06-10 12:35:17 -04:00
jakerachleff 1b389f0751 Update hosted langserve waitlist form (#664) 2024-05-24 15:30:26 -07:00
Eugene Yurtsev 6ef3aca359 release 0.2.1 (#663) 2024-05-24 13:09:19 -04:00
Eugene Yurtsev 81a633e0f4 patch: Use correct attribute for token url (#662)
Use correct attribute
2024-05-24 13:09:06 -04:00
ccurme bb74431183 set default model for Anthropic (#655)
`ChatAnthropic()` raises ValidationError.

Also set model for ChatOpenAI where it appears alongside anthropic.

Best to be explicit about model, otherwise new defaults will cause
unexpected changes.

Co-authored-by: Eugene Yurtsev <eyurtsev@gmail.com>
2024-05-21 13:41:21 -04:00
Eugene Yurtsev 4be04bda6d Update .clabot (#656) 2024-05-21 13:40:49 -04:00
Eugene Yurtsev bba7122986 Release 0.2.0 (#651) 2024-05-17 16:39:34 -04:00
Eugene Yurtsev ee250d20f2 update poetry.lock file after version bump (#647)
Forgot to relock
2024-05-15 16:25:29 -04:00
Eugene Yurtsev 21bf92f80c fix upper version for core to 0.3 instead of 3 (#646) 2024-05-15 16:20:18 -04:00
Eugene Yurtsev 37f41e54ce 0.2.0rc1 (#645) 2024-05-15 16:18:52 -04:00
Eugene Yurtsev 075bdd0cfc Update to allow core 0.2.0 (#644)
Prepare for 0.2.x release for core
2024-05-15 16:17:43 -04:00
Eugene Yurtsev 08d4bdd61a Migrate to locations of imports (#625)
Migrate to new locations of imports
2024-04-29 11:14:52 -04:00
Eugene Yurtsev 5fe83e33b8 Release 0.1.1 (#621)
See release notes
2024-04-25 11:40:38 -04:00
Eugene Yurtsev 153616bb99 patch: fix feedback in astream log and astream events (#620)
Code was checking if feedback was enabled rather than token feedback.
2024-04-25 11:37:51 -04:00
Nuno Campos 109445b25e Changes to readme (#614)
- remove pulumi links which are 404
- fix stream_events mention
- run markdown formatter
2024-04-22 14:42:17 -07:00
Eugene Yurtsev ee9b4e78d6 Release 0.1.0 (#608) 2024-04-15 12:41:12 -04:00
Eugene Yurtsev fbdb5a4c20 0.1.0rc2 release (#594)
rc2 release to test API for feedback token integration
2024-04-03 16:20:12 -04:00
Eugene Yurtsev 8439937acb Fixes associated with feedback endpoint (#593)
- Fixes langsmith client not being enabled if token feedback was
specified
- Add unit test for token feedback endpoint
- Fix schema for token feedback to accept a str in addition to a UUID
- Add metadata even to astream log with token feedback information
2024-04-03 16:11:26 -04:00
Eugene Yurtsev 1765f632d3 0.1.0 RC1 (#584) 2024-04-01 13:54:11 -04:00
Eugene Yurtsev 014acfcfb7 LangServe: Raise invalid request exceptions (#581)
* This PR removes dependency on httpx sse
* After this PR invalid requests will be returned as having a status
code of 422 using a non streaming request
2024-04-01 12:52:51 -04:00
Eugene Yurtsev 2c7fceff02 Update .clabot (#582) 2024-04-01 12:51:53 -04:00
Eugene Yurtsev e591ccc1b5 Add tests to check playground is served with api router configurations (#579) 2024-04-01 09:46:24 -04:00
Eugene Yurtsev 00e637ad46 Improve error message if user isn't passing a Runnable to add_routes (#577)
After this PR a better error message will be surfaced to add_routes if a
user passes something that's not a runnable.

This currently occurs a lot when using the langchain cli as the lanchain
cli creates an empty app with a palceholder value of NotImplemented for
the runnable.
2024-03-30 21:21:44 -04:00
Eugene Yurtsev 7240d31671 Tests: add token_feedback endpoint to test that verifies enabled/disabled config (#573)
Add test to verify that token_feedback endpoint gets registered
correctly
2024-03-29 17:10:33 -04:00
Eugene Yurtsev daa312c071 Allow accepting run ids by the server (#576)
This PR allows to turn on a configuration that makes the server accept
client provided run ids.

The server needs to be started with

`add_routes(..., config_keys=['run_id'])`

And a client will then be able to make a request with `config={"run_id":
uuid4}`
2024-03-29 17:10:12 -04:00
Eugene Yurtsev e554f6c32b Expose Feedback Tokens as part of add_routes and APIHandler (#571)
This PR exposes the ability to configure feedback tokens for the APIHandler and add_routes
2024-03-29 15:37:06 -04:00
Eugene Yurtsev 5d7e119725 langserve: Create token feedback endpoint, update schema for feedback (#570)
* Create an endpoint to accept token based feedback
* Update the format of returned feedback (since it's scoped by key)
2024-03-29 14:47:18 -04:00
Eugene Yurtsev 04b9c95028 Scoped Feedback: Plumb through scoped feedback (#568)
After this PR most of the scaffolding code is in place to support scoped
feedback.

After this PR the remaining work to be done:

1. Expose configuration in APIHandler / add_routes
2. Determine how to support with the existing feedback endpoint (or
change to a new endpoint)
3. Surface in RemoteRunnable
2024-03-28 16:08:09 -04:00
Eugene Yurtsev f518776096 Only surface callback events in response schema if callbacks are enabled (#566)
This change cleans up the schema surfaced via openapi docs to not include callback event schema if the server does not respond with it.
2024-03-28 09:29:33 -04:00
Rahil Vora 5a629af7df [minor][doc] Updates setup instruction for LangServe app (#549)
Add `Setup` instruction to run `langserve` app locally.
2024-03-28 09:21:26 -04:00
Eugene Yurtsev d1863fdd8b Transition to langchain-core ^0.1 (#564)
Swap out to use only langchain_core
2024-03-28 09:07:46 -04:00
Eugene Yurtsev 31004e9d90 Update splashscreen (#563)
Update splash screen to take into account information about whether the
playground is enabled/disabled
2024-03-27 17:20:12 -04:00
Warren Markham 4e1993c945 doc: link server example to server.py instead of client.ipynb (#553)
Co-authored-by: Eugene Yurtsev <eyurtsev@gmail.com>
2024-03-26 17:07:36 -04:00
Eugene Yurtsev 3db9f6b98a Update .clabot (#558) 2024-03-26 17:07:11 -04:00
donbr 002902dfdd Refactor Anthropic import to langchain_anthropic and update model to v3 (#524)
- Transition Anthropic API import to the langchain_anthropic package for
enhanced compatibility.
- Upgrade the AI model to claude-3-sonnet-20240229 for improved
performance and features.

---------

Co-authored-by: Eugene Yurtsev <eyurtsev@gmail.com>
2024-03-15 15:11:24 -04:00
Eugene Yurtsev daa7e0c633 Update SECURITY.md (#541) 2024-03-15 14:56:42 -04:00
Eugene Yurtsev 3a5013b76b Update .clabot (#538) 2024-03-14 11:32:05 -04:00
Eugene Yurtsev a1dfd25b15 Document add_routes (#523)
Document add routes
2024-03-12 11:41:01 -04:00
jakerachleff 1aa93b4b1f Update README.md with correct form (#533) 2024-03-12 08:24:38 -07:00
75 changed files with 6849 additions and 5601 deletions
+1 -1
View File
@@ -1,4 +1,4 @@
{
"contributors": ["eyurtsev", "hwchase17", "nfcampos", "efriis", "jacoblee93", "dqbd", "kreneskyp", "adarsh-jha-dev", "harris", "baskaryan", "hinthornw", "bracesproul", "jakerachleff", "craigsdennis", "anhi", "169", "LarchLiu", "PaulLockett", "RCMatthias", "jwynia", "majiayu000", "mpskex", "shivachittamuru", "sinashaloudegi", "sowsan", "akira", "lucianotonet", "JGalego", "nat-n", "dirien"],
"contributors": ["eyurtsev", "hwchase17", "nfcampos", "efriis", "jacoblee93", "dqbd", "kreneskyp", "adarsh-jha-dev", "harris", "baskaryan", "hinthornw", "bracesproul", "jakerachleff", "craigsdennis", "anhi", "169", "LarchLiu", "PaulLockett", "RCMatthias", "jwynia", "majiayu000", "mpskex", "shivachittamuru", "sinashaloudegi", "sowsan", "akira", "lucianotonet", "JGalego", "nat-n", "dirien", "donbr", "rahilvora", "WarrenTheRabbit", "StreetLamb", "ccurme", "dennisrall", "Mingqi2", "xxsl", "joaquin-borggio-lc"],
"message": "Thank you for your pull request and welcome to our community. We require contributors to sign our Contributor License Agreement, and we don't seem to have the username {{usersWithoutCLA}} on file. In order for us to review and merge your code, please complete the Individual Contributor License Agreement here https://forms.gle/AQFbtkWRoHXUgipM6 .\n\nThis process is done manually on our side, so after signing the form one of the maintainers will add you to the contributors list.\n\nFor more details about why we have a CLA and other contribution guidelines please see: https://github.com/langchain-ai/langserve/blob/main/CONTRIBUTING.md."
}
+19
View File
@@ -0,0 +1,19 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
version: 2
updates:
- package-ecosystem: "pip" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "weekly"
- package-ecosystem: "github-actions" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "weekly"
- package-ecosystem: "npm" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "weekly"
+6 -4
View File
@@ -1,4 +1,6 @@
name: lint
permissions:
contents: read
on:
workflow_call:
@@ -31,10 +33,10 @@ jobs:
# Starting new jobs is also relatively slow,
# so linting on fewer versions makes CI faster.
python-version:
- "3.8"
- "3.10"
- "3.11"
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v6
with:
# Fetch the last FETCH_DEPTH commits, so the mtime-changing script
# can accurately set the mtimes of files modified in the last FETCH_DEPTH commits.
@@ -115,7 +117,7 @@ jobs:
poetry install --with dev,lint,test,typing
- name: Restore black cache
uses: actions/cache@v3
uses: actions/cache@v5
env:
CACHE_BASE: black-${{ runner.os }}-${{ runner.arch }}-py${{ matrix.python-version }}-${{ inputs.working-directory }}-${{ hashFiles(format('{0}/poetry.lock', env.WORKDIR)) }}
SEGMENT_DOWNLOAD_TIMEOUT_MIN: "1"
@@ -128,7 +130,7 @@ jobs:
${{ env.CACHE_BASE }}-
- name: Get .mypy_cache to speed up mypy
uses: actions/cache@v3
uses: actions/cache@v5
env:
SEGMENT_DOWNLOAD_TIMEOUT_MIN: "2"
with:
@@ -1,94 +0,0 @@
name: pydantic v1/v2 compatibility
on:
workflow_call:
inputs:
working-directory:
required: true
type: string
description: "From which folder this pipeline executes"
env:
POETRY_VERSION: "1.5.1"
jobs:
build:
timeout-minutes: 10
defaults:
run:
working-directory: ${{ inputs.working-directory }}
runs-on: ubuntu-latest
strategy:
matrix:
python-version:
- "3.8"
- "3.9"
- "3.10"
- "3.11"
name: Pydantic v1/v2 compatibility - Python ${{ matrix.python-version }}
steps:
- uses: actions/checkout@v3
- name: Set up Python ${{ matrix.python-version }} + Poetry ${{ env.POETRY_VERSION }}
uses: "./.github/actions/poetry_setup"
with:
python-version: ${{ matrix.python-version }}
poetry-version: ${{ env.POETRY_VERSION }}
working-directory: ${{ inputs.working-directory }}
cache-key: pydantic-cross-compat
- name: Install dependencies
shell: bash
run: poetry install
- name: Install the opposite major version of pydantic
# If normal tests use pydantic v1, here we'll use v2, and vice versa.
shell: bash
run: |
# Determine the major part of pydantic version
REGULAR_VERSION=$(poetry run python -c "import pydantic; print(pydantic.__version__)" | cut -d. -f1)
if [[ "$REGULAR_VERSION" == "1" ]]; then
PYDANTIC_DEP=">=2.1,<3"
TEST_WITH_VERSION="2"
elif [[ "$REGULAR_VERSION" == "2" ]]; then
PYDANTIC_DEP="<2"
TEST_WITH_VERSION="1"
else
echo "Unexpected pydantic major version '$REGULAR_VERSION', cannot determine which version to use for cross-compatibility test."
exit 1
fi
# Install via `pip` instead of `poetry add` to avoid changing lockfile,
# which would prevent caching from working: the cache would get saved
# to a different key than where it gets loaded from.
poetry run pip install "pydantic${PYDANTIC_DEP}"
# Ensure that the correct pydantic is installed now.
echo "Checking pydantic version... Expecting ${TEST_WITH_VERSION}"
# Determine the major part of pydantic version
CURRENT_VERSION=$(poetry run python -c "import pydantic; print(pydantic.__version__)" | cut -d. -f1)
# Check that the major part of pydantic version is as expected, if not
# raise an error
if [[ "$CURRENT_VERSION" != "$TEST_WITH_VERSION" ]]; then
echo "Error: expected pydantic version ${CURRENT_VERSION} to have been installed, but found: ${TEST_WITH_VERSION}"
exit 1
fi
echo "Found pydantic version ${CURRENT_VERSION}, as expected"
- name: Run pydantic compatibility tests
shell: bash
run: make test
- name: Ensure the tests did not create any additional files
shell: bash
run: |
set -eu
STATUS="$(git status)"
echo "$STATUS"
# grep will exit non-zero if the target message isn't found,
# and `set -e` above will cause the step to fail.
echo "$STATUS" | grep 'nothing to commit, working tree clean'
+7 -1
View File
@@ -7,6 +7,12 @@ on:
required: true
type: string
description: "From which folder this pipeline executes"
workflow_dispatch: # Allows to trigger the workflow manually in GitHub UI
inputs:
working-directory:
required: true
type: string
description: "From which folder this pipeline executes"
env:
POETRY_VERSION: "1.5.1"
@@ -30,7 +36,7 @@ jobs:
run:
working-directory: ${{ inputs.working-directory }}
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v6
- name: Set up Python + Poetry ${{ env.POETRY_VERSION }}
uses: "./.github/actions/poetry_setup"
+1 -3
View File
@@ -20,13 +20,11 @@ jobs:
strategy:
matrix:
python-version:
- "3.8"
- "3.9"
- "3.10"
- "3.11"
name: Python ${{ matrix.python-version }}
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v6
- name: Set up Python ${{ matrix.python-version }} + Poetry ${{ env.POETRY_VERSION }}
uses: "./.github/actions/poetry_setup"
+1 -1
View File
@@ -25,7 +25,7 @@ jobs:
run:
working-directory: ${{ inputs.working-directory }}
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v6
- name: Set up Python + Poetry ${{ env.POETRY_VERSION }}
uses: "./.github/actions/poetry_setup"
+5 -10
View File
@@ -18,6 +18,10 @@ on:
- 'Makefile'
workflow_dispatch: # Allows to trigger the workflow manually in GitHub UI
# This workflow only needs to read the repo contents.
permissions:
contents: read
# If another push to the same PR or branch happens while this workflow is still running,
# cancel the earlier run in favor of the next run.
#
@@ -39,13 +43,6 @@ jobs:
with:
working-directory: .
secrets: inherit
pydantic-compatibility:
uses:
./.github/workflows/_pydantic_compatibility.yml
with:
working-directory: .
secrets: inherit
test:
timeout-minutes: 10
runs-on: ubuntu-latest
@@ -55,13 +52,11 @@ jobs:
strategy:
matrix:
python-version:
- "3.8"
- "3.9"
- "3.10"
- "3.11"
name: Python ${{ matrix.python-version }} tests
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v6
- name: Set up Python ${{ matrix.python-version }} + Poetry ${{ env.POETRY_VERSION }}
uses: "./.github/actions/poetry_setup"
+8
View File
@@ -4,10 +4,18 @@ name: Release
on:
workflow_dispatch: # Allows to trigger the workflow manually in GitHub UI
permissions:
contents: read
jobs:
release:
uses:
./.github/workflows/_release.yml
with:
working-directory: .
permissions:
# Trusted publishing to PyPI
id-token: write
# Creating GitHub releases
contents: write
secrets: inherit
@@ -4,10 +4,16 @@ name: Test Release
on:
workflow_dispatch: # Allows to trigger the workflow manually in GitHub UI
permissions:
contents: read
jobs:
release:
uses:
./.github/workflows/_test_release.yml
with:
working-directory: .
permissions:
# Trusted publishing to TestPyPI
id-token: write
secrets: inherit
+222
View File
@@ -0,0 +1,222 @@
# LangGraph Platform Migration Guide
We have [recently announced](https://blog.langchain.dev/langgraph-platform-announce/) LangGraph Platform, a ***significantly*** enhanced solution for deploying agentic applications at scale.
LangGraph Platform incorporates [key design patterns and capabilities](https://langchain-ai.github.io/langgraph/concepts/langgraph_platform/#option-2-leveraging-langgraph-platform-for-complex-deployments) essential for production-level deployment of large language model (LLM) applications.
In contrast to LangServe, LangGraph Platform provides comprehensive, out-of-the-box support for [persistence](https://langchain-ai.github.io/langgraph/concepts/application_structure/), [memory](https://langchain-ai.github.io/langgraph/concepts/assistants/), [double-texting handling](https://langchain-ai.github.io/langgraph/concepts/double_texting/), [human-in-the-loop workflows](https://langchain-ai.github.io/langgraph/concepts/assistants/), [cron job scheduling](https://langchain-ai.github.io/langgraph/concepts/langgraph_server/#cron-jobs), [webhooks](https://langchain-ai.github.io/langgraph/concepts/langgraph_server/#webhooks), high-load management, advanced streaming, support for long-running tasks, background task processing, and much more.
The LangGraph Platform ecosystem includes the following components:
- [LangGraph Server](https://langchain-ai.github.io/langgraph/concepts/langgraph_server/): Provides an [Assistants API](https://langchain-ai.github.io/langgraph/cloud/reference/api/api_ref.html) for LLM applications (graphs) built with [LangGraph](https://langchain-ai.github.io/langgraph/). Available in both Python and JavaScript/TypeScript.
- [LangGraph Studio](https://langchain-ai.github.io/langgraph/concepts/langgraph_studio/): A specialized IDE for real-time visualization, debugging, and interaction via a graphical interface. Available as a web application or macOS desktop app, it's a substantial improvement over LangServe's playground.
- [SDK](https://langchain-ai.github.io/langgraph/concepts/sdk/): Enables programmatic interaction with the server, available in Python and JavaScript/TypeScript.
- [RemoteGraph](https://langchain-ai.github.io/langgraph/how-tos/use-remote-graph/): Allows interaction with a remote graph as if it were running locally, serving as LangGraph's equivalent to LangServe's RemoteRunnable. Available in both Python and JavaScript/TypeScript.
## Context
LangServe was built as a deployment solution for LangChain Runnables created using the [LangChain Expression Language (LCEL)](https://python.langchain.com/docs/concepts/lcel). In LangServe, the LCEL was the orchestration layer that managed the execution of the Runnable.
[LangGraph](https://langchain-ai.github.io/langgraph/) is an open source library created by the LangChain team that provides a more flexible orchestration layer that's better suited for creating more complex LLM applications. LangGraph Platform
is the deployment solution for LangGraph applications.
## LangServe Support
We recommend using LangGraph Platform rather than LangServe for new projects.
We will continue to accept bug fixes for LangServe from the community; however, we will not be accepting new feature contributions.
## Migration
If you would like to migrate an existing LangServe application to LangGraph Platform, you have two options:
1. You can wrap the existing `Runnable` that you expose in the LangServe application via `add_routes` in a `LangGraph` node. This is the quickest way to migrate your application to LangGraph Platform.
2. You can do a larger refactor to break up the existing LCEL into appropriate `LangGraph` nodes. This is recommended if you want to take advantage of more advanced features in LangGraph Platform.
### Option 1: Wrap Runnable in LangGraph Node
This option is the quickest way to migrate your application to LangGraph Platform. You can wrap the existing `Runnable` that you expose in the LangServe application via `add_routes` in a `LangGraph` node.
Original LangServe code:
```python
from langserve import add_routes
app = FastAPI()
# Some input schema
class Input(BaseModel):
input: str
foo: Optional[str]
# Some output schema
class Output(BaseModel):
output: Any
runnable = .... # Your existing Runnable
runnable_with_types = runnable.with_types(input_type=Input, output_type=Output)
# Adds routes to the app for using the chain under:
add_routes(
app,
runnable_with_types,
)
```
Migrated LangGraph Platform code:
```python
@dataclass
class InputState: # Equivalent to Input in the original code
"""Defines the input state, representing a narrower interface to the outside world.
This class is used to define the initial state and structure of incoming data.
See: https://langchain-ai.github.io/langgraph/concepts/low_level/#state
for more information.
"""
input: str
foo: Optional[str] = None
@dataclass
class OutputState: # Equivalent to Output in the original code
"""Defines the output state, representing a narrower interface to the outside world.
https://langchain-ai.github.io/langgraph/concepts/low_level/#state
"""
output: Any
@dataclass
class SharedState:
"""The full graph state.
https://langchain-ai.github.io/langgraph/concepts/low_level/#state
"""
input: str
foo: Optional[str] = None
output: Any
runnable = ... # Same code as before
async def my_node(state: InputState, config: RunnableConfig) -> OutputState:
"""Each node does work."""
return await runnable.ainvoke({"input": state.input, "foo": state.foo})
# Define a new graph
builder = StateGraph(
SharedState, config_schema=Configuration, input=InputState, output=OutputState
)
# Add the node to the graph
builder.add_node("my_node", my_node)
# Set the entrypoint as `call_model`
builder.add_edge("__start__", "my_node")
# Compile the workflow into an executable graph
graph = builder.compile()
graph.name = "New Graph" # This defines the custom name in LangSmith
```
### 2. Refactor LCEL into LangGraph Nodes
This option is recommended if you want to take advantage of more advanced features in LangGraph Platform.
#### Memory (alternative to `RunnableWithMessageHistory`)
For example, LangGraph comes with built-in persistence that is more general than LangChain's `RunnableWithMessageHistory`.
Please refer to the guide on [upgrading to LangGraph memory](https://python.langchain.com/docs/versions/migrating_memory/) for more details.
#### Agents
If you're relying on legacy LangChain agents, you can migrate them into the pre-built
LangGraph agents. Please refer to the guide on [migrating agents](https://python.langchain.com/docs/how_to/migrate_agent/) for more details.
#### Custom Chains
If you created a custom chain and used LCEL to orchestrate it, you will usually be able to refactor it into a LangGraph without too much difficulty.
There isn't a one-size-fits-all guide for this, but generally speaking, consider creating
a separate node for any long-running step in your LCEL chain or any step that you would
want to be able to monitor or debug separately.
For example, if you have a simple Retrieval Augmented Generation (RAG) pipeline, you might have a node for the retrieval step and a node for the generation step.
Original LCEL code:
```python
...
rag_chain = (
{"context": retriever | format_docs, "question": RunnablePassthrough()}
| prompt
| llm
| StrOutputParser()
)
rag_chain.with_types(input_type=Input, output_type=Output)
```
Using LangGraph for the same pipeline:
```python
@dataclass
class InputState: # Equivalent to Input in the original code
"""Input question from the user."""
question: str
@dataclass
class OutputState: # Equivalent to Output in the original code
"""The output from the graph."""
answer: str
@dataclass
class SharedState:
question: str
docs: List[str]
response: str
async def retriever_node(state: InputState) -> SharedState:
"""Rettrieve documents based on the user's question."""
documents = await retriever.ainvoke({"context": state.question})
return {
"docs": documents
}
async def generator_node(state: SharedState) -> OutputState:
"""Generate an answer using an LLM based on the retrieved documents and question."""
context = " -- DOCUMENT -- ".join(state.docs)
prompt = [
SystemMessage(
content=(
"Answer the user's question based on the list of documents "
"that were retrieved. Here are the documents: \n\n"
f"{context}"
)
),
HumanMessage(content=state.question),
]
ai_message = await llm.ainvoke(prompt)
return {"answer": ai_message.content}
# Define a new graph
builder = StateGraph(
SharedState, config_schema=Configuration, input=InputState, output=OutputState
)
builder.add_node("retriever", retriever_node)
builder.add_node("generator", generator_node)
builder.add_edge("__start__", "retriever")
builder.add_edge("retriever", "generator")
graph = builder.compile()
graph.name = "RAG Graph"
```
Please see the [LangGraph tutorials](https://langchain-ai.github.io/langgraph/tutorials/)
for tutorials and examples that will help you get started with LangGraph
and LangGraph Platform.
+2 -2
View File
@@ -32,12 +32,12 @@ lint format: PYTHON_FILES=.
lint_diff format_diff: PYTHON_FILES=$(shell git diff --relative=. --name-only --diff-filter=d master | grep -E '\.py$$|\.ipynb$$')
lint lint_diff:
poetry run ruff .
poetry run ruff check .
poetry run ruff format $(PYTHON_FILES) --check
format format_diff:
poetry run ruff format $(PYTHON_FILES)
poetry run ruff --select I --fix $(PYTHON_FILES)
poetry run ruff check --select I --fix $(PYTHON_FILES)
spell_check:
poetry run codespell --toml pyproject.toml
+108 -94
View File
@@ -5,9 +5,16 @@
[![Open Issues](https://img.shields.io/github/issues-raw/langchain-ai/langserve)](https://github.com/langchain-ai/langserve/issues)
[![](https://dcbadge.vercel.app/api/server/6adMQxSpJS?compact=true&style=flat)](https://discord.com/channels/1038097195422978059/1170024642245832774)
🚩 We will be releasing a hosted version of LangServe for one-click deployments of
LangChain applications. [Sign up here](https://airtable.com/app0hN6sd93QcKubv/shrAjst60xXa6quV2)
to get on the waitlist.
> [!WARNING]
> **DEPRECATED** This project has been deprecated since Nov 18, 2024 (https://github.com/langchain-ai/langserve/issues/791).
>
> We recommend using LangGraph Platform rather than LangServe for new projects.
>
> Please see the [LangGraph Platform Migration Guide](./MIGRATION.md) for more information.
>
> We will continue to accept bug fixes for LangServe from the community; however, we
> will not be accepting new feature contributions.
## Overview
@@ -28,11 +35,11 @@ in [LangChain.js](https://js.langchain.com/docs/ecosystem/langserve).
- Input and Output schemas automatically inferred from your LangChain object, and
enforced on every API call, with rich error messages
- API docs page with JSONSchema and Swagger (insert example link)
- Efficient `/invoke/`, `/batch/` and `/stream/` endpoints with support for many
- Efficient `/invoke`, `/batch` and `/stream` endpoints with support for many
concurrent requests on a single server
- `/stream_log/` endpoint for streaming all (or some) intermediate steps from your
- `/stream_log` endpoint for streaming all (or some) intermediate steps from your
chain/agent
- **new** as of 0.0.40, supports `astream_events` to make it easier to stream without needing to parse the output of `stream_log`.
- **new** as of 0.0.40, supports `/stream_events` to make it easier to stream without needing to parse the output of `/stream_log`.
- Playground page at `/playground/` with streaming output and intermediate steps
- Built-in (optional) tracing to [LangSmith](https://www.langchain.com/langsmith), just
add your API key (see [Instructions](https://docs.smith.langchain.com/))
@@ -42,23 +49,22 @@ in [LangChain.js](https://js.langchain.com/docs/ecosystem/langserve).
locally (or call the HTTP API directly)
- [LangServe Hub](https://github.com/langchain-ai/langchain/blob/master/templates/README.md)
## ⚠️ LangGraph Compatibility
LangServe is designed to primarily deploy simple Runnables and work with well-known primitives in langchain-core.
If you need a deployment option for LangGraph, you should instead be looking at [LangGraph Cloud (beta)](https://langchain-ai.github.io/langgraph/cloud/) which will
be better suited for deploying LangGraph applications.
## Limitations
- Client callbacks are not yet supported for events that originate on the server
- OpenAPI docs will not be generated when using Pydantic V2. Fast API does not
support [mixing pydantic v1 and v2 namespaces](https://github.com/tiangolo/fastapi/issues/10360).
See section below for more details.
## Hosted LangServe
We will be releasing a hosted version of LangServe for one-click deployments of
LangChain
applications. [Sign up here](https://airtable.com/apppQ9p5XuujRl3wJ/shrABpHWdxry8Bacm)
to get on the waitlist.
- Versions of LangServe <= 0.2.0, will not generate OpenAPI docs properly when using Pydantic V2 as Fast API does not support [mixing pydantic v1 and v2 namespaces](https://github.com/tiangolo/fastapi/issues/10360).
See section below for more details. Either upgrade to LangServe>=0.3.0 or downgrade Pydantic to pydantic 1.
## Security
* Vulnerability in Versions 0.0.13 - 0.0.15 -- playground endpoint allows accessing
- Vulnerability in Versions 0.0.13 - 0.0.15 -- playground endpoint allows accessing
arbitrary files on
server. [Resolved in 0.0.16](https://github.com/langchain-ai/langserve/pull/98).
@@ -80,39 +86,64 @@ Use the `LangChain` CLI to bootstrap a `LangServe` project quickly.
To use the langchain CLI make sure that you have a recent version of `langchain-cli`
installed. You can install it with `pip install -U langchain-cli`.
## Setup
**Note**: We use `poetry` for dependency management. Please follow poetry [doc](https://python-poetry.org/docs/) to learn more about it.
### 1. Create new app using langchain cli command
```sh
langchain app new ../path/to/directory
langchain app new my-app
```
### 2. Define the runnable in add_routes. Go to server.py and edit
```sh
add_routes(app. NotImplemented)
```
### 3. Use `poetry` to add 3rd party packages (e.g., langchain-openai, langchain-anthropic, langchain-mistral, etc).
```sh
poetry add [package-name] // e.g `poetry add langchain-openai`
```
### 4. Set up relevant env variables. For example,
```sh
export OPENAI_API_KEY="sk-..."
```
### 5. Serve your app
```sh
poetry run langchain serve --port=8100
```
## Examples
Get your LangServe instance started quickly with
[LangChain Templates](https://github.com/langchain-ai/langchain/blob/master/templates/README.md).
For more examples, see the templates
[index](https://github.com/langchain-ai/langchain/blob/master/templates/docs/INDEX.md)
or the [examples](https://github.com/langchain-ai/langserve/tree/main/examples)
Get your LangServe instances started quickly with the [examples](https://github.com/langchain-ai/langserve/tree/main/examples)
directory.
| Description | Links |
|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **LLMs** Minimal example that reserves OpenAI and Anthropic chat models. Uses async, supports batching and streaming. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/llm/server.py), [client](https://github.com/langchain-ai/langserve/blob/main/examples/llm/client.ipynb) |
| **Retriever** Simple server that exposes a retriever as a runnable. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/retrieval/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/retrieval/client.ipynb) |
| **Conversational Retriever** A [Conversational Retriever](https://python.langchain.com/docs/expression_language/cookbook/retrieval#conversational-retrieval-chain) exposed via LangServe | [server](https://github.com/langchain-ai/langserve/tree/main/examples/conversational_retrieval_chain/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/conversational_retrieval_chain/client.ipynb) |
| **Agent** without **conversation history** based on [OpenAI tools](https://python.langchain.com/docs/modules/agents/agent_types/openai_functions_agent) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/agent/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/agent/client.ipynb) |
| **Agent** with **conversation history** based on [OpenAI tools](https://python.langchain.com/docs/modules/agents/agent_types/openai_functions_agent) | [server](https://github.com/langchain-ai/langserve/blob/main/examples/agent_with_history/server.py), [client](https://github.com/langchain-ai/langserve/blob/main/examples/agent_with_history/client.ipynb) |
| :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **LLMs** Minimal example that reserves OpenAI and Anthropic chat models. Uses async, supports batching and streaming. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/llm/server.py), [client](https://github.com/langchain-ai/langserve/blob/main/examples/llm/client.ipynb) |
| **Retriever** Simple server that exposes a retriever as a runnable. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/retrieval/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/retrieval/client.ipynb) |
| **Conversational Retriever** A [Conversational Retriever](https://python.langchain.com/docs/expression_language/cookbook/retrieval#conversational-retrieval-chain) exposed via LangServe | [server](https://github.com/langchain-ai/langserve/tree/main/examples/conversational_retrieval_chain/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/conversational_retrieval_chain/client.ipynb) |
| **Agent** without **conversation history** based on [OpenAI tools](https://python.langchain.com/docs/modules/agents/agent_types/openai_functions_agent) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/agent/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/agent/client.ipynb) |
| **Agent** with **conversation history** based on [OpenAI tools](https://python.langchain.com/docs/modules/agents/agent_types/openai_functions_agent) | [server](https://github.com/langchain-ai/langserve/blob/main/examples/agent_with_history/server.py), [client](https://github.com/langchain-ai/langserve/blob/main/examples/agent_with_history/client.ipynb) |
| [RunnableWithMessageHistory](https://python.langchain.com/docs/expression_language/how_to/message_history) to implement chat persisted on backend, keyed off a `session_id` supplied by client. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/chat_with_persistence/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/chat_with_persistence/client.ipynb) |
| [RunnableWithMessageHistory](https://python.langchain.com/docs/expression_language/how_to/message_history) to implement chat persisted on backend, keyed off a `conversation_id` supplied by client, and `user_id` (see Auth for implementing `user_id` properly). | [server](https://github.com/langchain-ai/langserve/tree/main/examples/chat_with_persistence_and_user/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/chat_with_persistence_and_user/client.ipynb) |
| [Configurable Runnable](https://python.langchain.com/docs/expression_language/how_to/configure) to create a retriever that supports run time configuration of the index name. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/configurable_retrieval/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/configurable_retrieval/client.ipynb) |
| [Configurable Runnable](https://python.langchain.com/docs/expression_language/how_to/configure) that shows configurable fields and configurable alternatives. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/configurable_chain/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/configurable_chain/client.ipynb) |
| [RunnableWithMessageHistory](https://python.langchain.com/docs/expression_language/how_to/message_history) to implement chat persisted on backend, keyed off a `conversation_id` supplied by client, and `user_id` (see Auth for implementing `user_id` properly). | [server](https://github.com/langchain-ai/langserve/tree/main/examples/chat_with_persistence_and_user/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/chat_with_persistence_and_user/client.ipynb) |
| [Configurable Runnable](https://python.langchain.com/docs/expression_language/how_to/configure) to create a retriever that supports run time configuration of the index name. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/configurable_retrieval/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/configurable_retrieval/client.ipynb) |
| [Configurable Runnable](https://python.langchain.com/docs/expression_language/how_to/configure) that shows configurable fields and configurable alternatives. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/configurable_chain/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/configurable_chain/client.ipynb) |
| **APIHandler** Shows how to use `APIHandler` instead of `add_routes`. This provides more flexibility for developers to define endpoints. Works well with all FastAPI patterns, but takes a bit more effort. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/api_handler_examples/server.py) |
| **LCEL Example** Example that uses LCEL to manipulate a dictionary input. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/passthrough_dict/client.ipynb), [client](https://github.com/langchain-ai/langserve/tree/main/examples/passthrough_dict/client.ipynb) |
| **Auth** with `add_routes`: Simple authentication that can be applied across all endpoints associated with app. (Not useful on its own for implementing per user logic.) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/global_deps/server.py) |
| **Auth** with `add_routes`: Simple authentication mechanism based on path dependencies. (No useful on its own for implementing per user logic.) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/path_dependencies/server.py) |
| **Auth** with `add_routes`: Implement per user logic and auth for endpoints that use per request config modifier. (**Note**: At the moment, does not integrate with OpenAPI docs.) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/per_req_config_modifier/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/auth/per_req_config_modifier/client.ipynb) |
| **Auth** with `APIHandler`: Implement per user logic and auth that shows how to search only within user owned documents. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/api_handler/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/auth/api_handler/client.ipynb) |
| **Widgets** Different widgets that can be used with playground (file upload and chat) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/widgets/chat/tuples/server.py) |
| **Widgets** File upload widget used for LangServe playground. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/file_processing/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/file_processing/client.ipynb) |
| **LCEL Example** Example that uses LCEL to manipulate a dictionary input. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/passthrough_dict/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/passthrough_dict/client.ipynb) |
| **Auth** with `add_routes`: Simple authentication that can be applied across all endpoints associated with app. (Not useful on its own for implementing per user logic.) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/global_deps/server.py) |
| **Auth** with `add_routes`: Simple authentication mechanism based on path dependencies. (No useful on its own for implementing per user logic.) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/path_dependencies/server.py) |
| **Auth** with `add_routes`: Implement per user logic and auth for endpoints that use per request config modifier. (**Note**: At the moment, does not integrate with OpenAPI docs.) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/per_req_config_modifier/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/auth/per_req_config_modifier/client.ipynb) |
| **Auth** with `APIHandler`: Implement per user logic and auth that shows how to search only within user owned documents. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/api_handler/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/auth/api_handler/client.ipynb) |
| **Widgets** Different widgets that can be used with playground (file upload and chat) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/widgets/chat/tuples/server.py) |
| **Widgets** File upload widget used for LangServe playground. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/file_processing/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/file_processing/client.ipynb) |
## Sample Application
@@ -137,17 +168,17 @@ app = FastAPI(
add_routes(
app,
ChatOpenAI(),
ChatOpenAI(model="gpt-3.5-turbo-0125"),
path="/openai",
)
add_routes(
app,
ChatAnthropic(),
ChatAnthropic(model="claude-3-haiku-20240307"),
path="/anthropic",
)
model = ChatAnthropic()
model = ChatAnthropic(model="claude-3-haiku-20240307")
prompt = ChatPromptTemplate.from_template("tell me a joke about {topic}")
add_routes(
app,
@@ -182,8 +213,9 @@ app.add_middleware(
If you've deployed the server above, you can view the generated OpenAPI docs using:
> ⚠️ If using pydantic v2, docs will not be generated for *invoke*, *batch*, *stream*,
*stream_log*. See [Pydantic](#pydantic) section below for more details.
> ⚠️ If using LangServe <= 0.2.0 and pydantic v2, docs will not be generated for _invoke_, _batch_, _stream_,
> _stream_log_. See [Pydantic](#pydantic) section below for more details.
> To resolve please upgrade to LangServe 0.3.0.
```sh
curl localhost:8000/docs
@@ -243,10 +275,10 @@ In TypeScript (requires LangChain.js version 0.0.166 or later):
import { RemoteRunnable } from "@langchain/core/runnables/remote";
const chain = new RemoteRunnable({
url: `http://localhost:8000/joke/`,
url: `http://localhost:8000/joke/`,
});
const result = await chain.invoke({
topic: "cats",
topic: "cats",
});
```
@@ -295,7 +327,7 @@ adds of these endpoints to the server:
- `POST /my_runnable/stream_log` - invoke on a single input and stream the output,
including output of intermediate steps as it's generated
- `POST /my_runnable/astream_events` - invoke on a single input and stream events as they are generated,
including from intermediate steps.
including from intermediate steps.
- `GET /my_runnable/input_schema` - json schema for input to the runnable
- `GET /my_runnable/output_schema` - json schema for output of the runnable
- `GET /my_runnable/config_schema` - json schema for config of the runnable
@@ -354,7 +386,7 @@ prompt = ChatPromptTemplate.from_messages(
]
)
chain = prompt | ChatAnthropic(model="claude-2")
chain = prompt | ChatAnthropic(model="claude-2.1")
class InputChat(BaseModel):
@@ -436,27 +468,6 @@ You can deploy to GCP Cloud Run using the following command:
gcloud run deploy [your-service-name] --source . --port 8001 --allow-unauthenticated --region us-central1 --set-env-vars=OPENAI_API_KEY=your_key
```
### Deploy using Infrastructure as Code
#### Pulumi
You can deploy your LangServe server with [Pulumi](https://www.pulumi.com/) using your preferred general purpose language. Below are some quickstart
examples for deploying LangServe to different cloud providers.
These examples are a good starting point for your own infrastructure as code (IaC) projects. You can easily modify them to suit your needs.
| Cloud | Language | Repository | Quickstart |
|-------|------------|-----------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------|
| AWS | dotnet | https://github.com/pulumi/examples/aws-cs-langserve | [![Deploy](https://get.pulumi.com/new/button.svg)](https://app.pulumi.com/new?template=https://github.com/pulumi/examples/aws-cs-langserve) |
| AWS | golang | https://github.com/pulumi/examples/aws-go-langserve | [![Deploy](https://get.pulumi.com/new/button.svg)](https://app.pulumi.com/new?template=https://github.com/pulumi/examples/aws-go-langserve) |
| AWS | python | https://github.com/pulumi/examples/aws-py-langserve | [![Deploy](https://get.pulumi.com/new/button.svg)](https://app.pulumi.com/new?template=https://github.com/pulumi/examples/aws-py-langserve) |
| AWS | typescript | https://github.com/pulumi/examples/aws-ts-langserve | [![Deploy](https://get.pulumi.com/new/button.svg)](https://app.pulumi.com/new?template=https://github.com/pulumi/examples/aws-ts-langserve) |
| AWS | javascript | https://github.com/pulumi/examples/aws-js-langserve | [![Deploy](https://get.pulumi.com/new/button.svg)](https://app.pulumi.com/new?template=https://github.com/pulumi/examples/aws-js-langserve) |
### Community Contributed
#### Deploy to Railway
@@ -467,10 +478,12 @@ These examples are a good starting point for your own infrastructure as code (Ia
## Pydantic
LangServe provides support for Pydantic 2 with some limitations.
LangServe>=0.3 fully supports Pydantic 2.
If you're using an earlier version of LangServe (<= 0.2), then please note that support for Pydantic 2 has the following limitations:
1. OpenAPI docs will not be generated for invoke/batch/stream/stream_log when using
Pydantic V2. Fast API does not support [mixing pydantic v1 and v2 namespaces].
Pydantic V2. Fast API does not support [mixing pydantic v1 and v2 namespaces]. To fix this, use `pip install pydantic==1.10.17`.
2. LangChain uses the v1 namespace in Pydantic v2. Please read
the [following guidelines to ensure compatibility with LangChain](https://github.com/langchain-ai/langchain/discussions/9337)
@@ -487,7 +500,7 @@ and [security](https://fastapi.tiangolo.com/tutorial/security/).
The below examples show how to wire up authentication logic LangServe endpoints using FastAPI primitives.
You are responsible for providing the actual authentication logic, the users table etc.
You are responsible for providing the actual authentication logic, the users table etc.
If you're not sure what you're doing, you could try using an existing solution [Auth0](https://auth0.com/).
@@ -496,11 +509,11 @@ If you're not sure what you're doing, you could try using an existing solution [
If you're using `add_routes`, see
examples [here](https://github.com/langchain-ai/langserve/tree/main/examples/auth).
| Description | Links |
|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **Auth** with `add_routes`: Simple authentication that can be applied across all endpoints associated with app. (Not useful on its own for implementing per user logic.) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/global_deps/server.py) |
| **Auth** with `add_routes`: Simple authentication mechanism based on path dependencies. (No useful on its own for implementing per user logic.) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/path_dependencies/server.py) |
| **Auth** with `add_routes`: Implement per user logic and auth for endpoints that use per request config modifier. (**Note**: At the moment, does not integrate with OpenAPI docs.) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/per_req_config_modifier/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/auth/per_req_config_modifier/client.ipynb) |
| Description | Links |
| :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Auth** with `add_routes`: Simple authentication that can be applied across all endpoints associated with app. (Not useful on its own for implementing per user logic.) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/global_deps/server.py) |
| **Auth** with `add_routes`: Simple authentication mechanism based on path dependencies. (No useful on its own for implementing per user logic.) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/path_dependencies/server.py) |
| **Auth** with `add_routes`: Implement per user logic and auth for endpoints that use per request config modifier. (**Note**: At the moment, does not integrate with OpenAPI docs.) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/per_req_config_modifier/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/auth/per_req_config_modifier/client.ipynb) |
Alternatively, you can use FastAPI's [middleware](https://fastapi.tiangolo.com/tutorial/middleware/).
@@ -520,10 +533,10 @@ authorization purposes.
If you feel comfortable with FastAPI and python, you can use LangServe's [APIHandler](https://github.com/langchain-ai/langserve/blob/main/examples/api_handler_examples/server.py).
| Description | Links |
|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **Auth** with `APIHandler`: Implement per user logic and auth that shows how to search only within user owned documents. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/api_handler/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/auth/api_handler/client.ipynb) |
| **APIHandler** Shows how to use `APIHandler` instead of `add_routes`. This provides more flexibility for developers to define endpoints. Works well with all FastAPI patterns, but takes a bit more effort. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/api_handler_examples/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/api_handler_examples/client.ipynb) |
| Description | Links |
| :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Auth** with `APIHandler`: Implement per user logic and auth that shows how to search only within user owned documents. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/auth/api_handler/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/auth/api_handler/client.ipynb) |
| **APIHandler** Shows how to use `APIHandler` instead of `add_routes`. This provides more flexibility for developers to define endpoints. Works well with all FastAPI patterns, but takes a bit more effort. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/api_handler_examples/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/api_handler_examples/client.ipynb) |
It's a bit more work, but gives you complete control over the endpoint definitions, so
you can do whatever custom logic you need for auth.
@@ -592,8 +605,8 @@ add_routes(app, runnable)
Inherit from `CustomUserType` if you want the data to de-serialize into a
pydantic model rather than the equivalent dict representation.
At the moment, this type only works *server* side and is used
to specify desired *decoding* behavior. If inheriting from this type
At the moment, this type only works _server_ side and is used
to specify desired _decoding_ behavior. If inheriting from this type
the server will keep the decoded type as a pydantic model instead
of converting it into a dict.
@@ -632,10 +645,10 @@ The playground allows you to define custom widgets for your runnable from the ba
Here are a few examples:
| Description | Links |
|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **Widgets** Different widgets that can be used with playground (file upload and chat) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/widgets/chat/tuples/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/widgets/client.ipynb) |
| **Widgets** File upload widget used for LangServe playground. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/file_processing/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/file_processing/client.ipynb) |
| Description | Links |
| :------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Widgets** Different widgets that can be used with playground (file upload and chat) | [server](https://github.com/langchain-ai/langserve/tree/main/examples/widgets/chat/tuples/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/widgets/client.ipynb) |
| **Widgets** File upload widget used for LangServe playground. | [server](https://github.com/langchain-ai/langserve/tree/main/examples/file_processing/server.py), [client](https://github.com/langchain-ai/langserve/tree/main/examples/file_processing/client.ipynb) |
#### Schema
@@ -651,8 +664,8 @@ type NameSpacedPath = { title: string; path: JsonPath }; // Using title to mimic
type OneOfPath = { oneOf: JsonPath[] };
type Widget = {
type: string // Some well known type (e.g., base64file, chat etc.)
[key: string]: JsonPath | NameSpacedPath | OneOfPath;
type: string; // Some well known type (e.g., base64file, chat etc.)
[key: string]: JsonPath | NameSpacedPath | OneOfPath;
};
```
@@ -710,9 +723,9 @@ at the [widget example](https://github.com/langchain-ai/langserve/tree/main/exam
To define a chat widget, make sure that you pass "type": "chat".
* "input" is JSONPath to the field in the *Request* that has the new input message.
* "output" is JSONPath to the field in the *Response* that has new output message(s).
* Don't specify these fields if the entire input or output should be used as they are (
- "input" is JSONPath to the field in the _Request_ that has the new input message.
- "output" is JSONPath to the field in the _Response_ that has new output message(s).
- Don't specify these fields if the entire input or output should be used as they are (
e.g., if the output is a list of chat messages.)
Here's a snippet:
@@ -752,6 +765,7 @@ add_routes(
```
Example widget:
<p align="center">
<img src="https://github.com/langchain-ai/langserve/assets/3205522/a71ff37b-a6a9-4857-a376-cf27c41d3ca4" width="50%"/>
</p>
@@ -766,7 +780,7 @@ prompt = ChatPromptTemplate.from_messages(
]
)
chain = prompt | ChatAnthropic(model="claude-2")
chain = prompt | ChatAnthropic(model="claude-2.1")
class MessageListInput(BaseModel):
+58 -3
View File
@@ -1,6 +1,61 @@
# Security Policy
## Reporting a Vulnerability
## Reporting OSS Vulnerabilities
Please report security vulnerabilities by email to `security@langchain.dev`.
This email is an alias to a subset of our maintainers, and will ensure the issue is promptly triaged and acted upon as needed.
LangChain is partnered with [huntr by Protect AI](https://huntr.com/) to provide
a bounty program for our open source projects.
Please report security vulnerabilities associated with the LangChain
open source projects by visiting the following link:
[https://huntr.com/bounties/disclose/](https://huntr.com/bounties/disclose/?target=https%3A%2F%2Fgithub.com%2Flangchain-ai%2Flangchain&validSearch=true)
Before reporting a vulnerability, please review:
1) In-Scope Targets and Out-of-Scope Targets below.
2) The [langchain-ai/langchain](https://python.langchain.com/docs/contributing/repo_structure) monorepo structure.
3) LangChain [security guidelines](https://python.langchain.com/docs/security) to
understand what we consider to be a security vulnerability vs. developer
responsibility.
### In-Scope Targets
The following packages and repositories are eligible for bug bounties:
- langchain-core
- langchain (see exceptions)
- langchain-community (see exceptions)
- langgraph
- langserve
### Out of Scope Targets
All out of scope targets defined by huntr as well as:
- **langchain-experimental**: This repository is for experimental code and is not
eligible for bug bounties, bug reports to it will be marked as interesting or waste of
time and published with no bounty attached.
- **tools**: Tools in either langchain or langchain-community are not eligible for bug
bounties. This includes the following directories
- langchain/tools
- langchain-community/tools
- Please review our [security guidelines](https://python.langchain.com/docs/security)
for more details, but generally tools interact with the real world. Developers are
expected to understand the security implications of their code and are responsible
for the security of their tools.
- Code documented with security notices. This will be decided done on a case by
case basis, but likely will not be eligible for a bounty as the code is already
documented with guidelines for developers that should be followed for making their
application secure.
- Any LangSmith related repositories or APIs see below.
## Reporting LangSmith Vulnerabilities
Please report security vulnerabilities associated with LangSmith by email to `security@langchain.dev`.
- LangSmith site: https://smith.langchain.com
- SDK client: https://github.com/langchain-ai/langsmith-sdk
### Other Security Concerns
For any other security concerns, please contact us at `security@langchain.dev`.
+7 -7
View File
@@ -20,15 +20,15 @@ Relevant LangChain documentation:
from typing import Any
from fastapi import FastAPI
from langchain.agents import AgentExecutor, tool
from langchain.agents import AgentExecutor
from langchain.agents.format_scratchpad import format_to_openai_functions
from langchain.agents.output_parsers import OpenAIFunctionsAgentOutputParser
from langchain.chat_models import ChatOpenAI
from langchain.embeddings import OpenAIEmbeddings
from langchain.prompts import ChatPromptTemplate, MessagesPlaceholder
from langchain.pydantic_v1 import BaseModel
from langchain.tools.render import format_tool_to_openai_function
from langchain.vectorstores import FAISS
from langchain_community.vectorstores import FAISS
from langchain_core.prompts import ChatPromptTemplate, MessagesPlaceholder
from langchain_core.tools import tool
from langchain_core.utils.function_calling import format_tool_to_openai_function
from langchain_openai import ChatOpenAI, OpenAIEmbeddings
from pydantic import BaseModel
from langserve import add_routes
+5 -5
View File
@@ -47,19 +47,19 @@ Relevant LangChain documentation:
from typing import Any, AsyncIterator, List, Literal
from fastapi import FastAPI
from langchain.agents import AgentExecutor, tool
from langchain.agents import AgentExecutor
from langchain.agents.format_scratchpad.openai_tools import (
format_to_openai_tool_messages,
)
from langchain.agents.output_parsers.openai_tools import OpenAIToolsAgentOutputParser
from langchain.prompts import MessagesPlaceholder
from langchain_community.tools.convert_to_openai import format_tool_to_openai_tool
from langchain_core.prompts import ChatPromptTemplate
from langchain_core.prompts import ChatPromptTemplate, MessagesPlaceholder
from langchain_core.runnables import RunnableLambda
from langchain_core.tools import tool
from langchain_core.utils.function_calling import format_tool_to_openai_tool
from langchain_openai import ChatOpenAI
from pydantic import BaseModel
from langserve import add_routes
from langserve.pydantic_v1 import BaseModel
prompt = ChatPromptTemplate.from_messages(
[
+5 -5
View File
@@ -26,19 +26,19 @@ Relevant LangChain documentation:
from typing import Any, List, Union
from fastapi import FastAPI
from langchain.agents import AgentExecutor, tool
from langchain.agents import AgentExecutor
from langchain.agents.format_scratchpad.openai_tools import (
format_to_openai_tool_messages,
)
from langchain.agents.output_parsers.openai_tools import OpenAIToolsAgentOutputParser
from langchain.prompts import MessagesPlaceholder
from langchain_community.tools.convert_to_openai import format_tool_to_openai_tool
from langchain_core.messages import AIMessage, FunctionMessage, HumanMessage
from langchain_core.prompts import ChatPromptTemplate
from langchain_core.prompts import ChatPromptTemplate, MessagesPlaceholder
from langchain_core.tools import tool
from langchain_core.utils.function_calling import format_tool_to_openai_tool
from langchain_openai import ChatOpenAI
from pydantic import BaseModel, Field
from langserve import add_routes
from langserve.pydantic_v1 import BaseModel, Field
prompt = ChatPromptTemplate.from_messages(
[
+6 -7
View File
@@ -35,8 +35,7 @@ from typing import Any, List, Optional, Union
from fastapi import Depends, FastAPI, HTTPException, Request, Response, status
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from langchain_community.embeddings.openai import OpenAIEmbeddings
from langchain_community.vectorstores.chroma import Chroma
from langchain_chroma import Chroma
from langchain_core.documents import Document
from langchain_core.runnables import (
ConfigurableField,
@@ -44,10 +43,11 @@ from langchain_core.runnables import (
RunnableSerializable,
)
from langchain_core.vectorstores import VectorStore
from langchain_openai import OpenAIEmbeddings
from pydantic import BaseModel, ConfigDict
from typing_extensions import Annotated
from langserve import APIHandler
from langserve.pydantic_v1 import BaseModel
class User(BaseModel):
@@ -150,10 +150,9 @@ class PerUserVectorstore(RunnableSerializable):
user_id: Optional[str]
vectorstore: VectorStore
class Config:
# Allow arbitrary types since VectorStore is an abstract interface
# and not a pydantic model
arbitrary_types_allowed = True
model_config = ConfigDict(
arbitrary_types_allowed=True,
)
def _invoke(
self, input: str, config: Optional[RunnableConfig] = None, **kwargs: Any
@@ -36,8 +36,7 @@ from typing import Any, Dict, List, Optional, Union
from fastapi import Depends, FastAPI, HTTPException, Request, status
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from langchain_community.embeddings.openai import OpenAIEmbeddings
from langchain_community.vectorstores.chroma import Chroma
from langchain_chroma import Chroma
from langchain_core.documents import Document
from langchain_core.runnables import (
ConfigurableField,
@@ -45,10 +44,11 @@ from langchain_core.runnables import (
RunnableSerializable,
)
from langchain_core.vectorstores import VectorStore
from langchain_openai import OpenAIEmbeddings
from pydantic import BaseModel, ConfigDict
from typing_extensions import Annotated
from langserve import add_routes
from langserve.pydantic_v1 import BaseModel
class User(BaseModel):
@@ -147,10 +147,9 @@ class PerUserVectorstore(RunnableSerializable):
user_id: Optional[str]
vectorstore: VectorStore
class Config:
# Allow arbitrary types since VectorStore is an abstract interface
# and not a pydantic model
arbitrary_types_allowed = True
model_config = ConfigDict(
arbitrary_types_allowed=True,
)
def _invoke(
self, input: str, config: Optional[RunnableConfig] = None, **kwargs: Any
@@ -5,12 +5,12 @@ state back and forth between server and client.
from typing import List, Union
from fastapi import FastAPI
from langchain.chat_models import ChatAnthropic
from langchain_anthropic import ChatAnthropic
from langchain_core.messages import AIMessage, HumanMessage, SystemMessage
from langchain_core.prompts import ChatPromptTemplate, MessagesPlaceholder
from pydantic import BaseModel, Field
from langserve import add_routes
from langserve.pydantic_v1 import BaseModel, Field
app = FastAPI(
title="LangChain Server",
@@ -28,7 +28,7 @@ prompt = ChatPromptTemplate.from_messages(
]
)
chain = prompt | ChatAnthropic(model="claude-2")
chain = prompt | ChatAnthropic(model="claude-2.1")
class InputChat(BaseModel):
+3 -3
View File
@@ -5,12 +5,12 @@ state back and forth between server and client.
from typing import List, Union
from fastapi import FastAPI
from langchain.chat_models import ChatAnthropic
from langchain_anthropic.chat_models import ChatAnthropic
from langchain_core.messages import AIMessage, HumanMessage, SystemMessage
from langchain_core.prompts import ChatPromptTemplate, MessagesPlaceholder
from pydantic import BaseModel, Field
from langserve import add_routes
from langserve.pydantic_v1 import BaseModel, Field
app = FastAPI(
title="LangChain Server",
@@ -27,7 +27,7 @@ prompt = ChatPromptTemplate.from_messages(
]
)
chain = prompt | ChatAnthropic(model="claude-2")
chain = prompt | ChatAnthropic(model_name="claude-3-sonnet-20240229")
class InputChat(BaseModel):
+4 -4
View File
@@ -13,14 +13,14 @@ from pathlib import Path
from typing import Callable, Union
from fastapi import FastAPI, HTTPException
from langchain.chat_models import ChatAnthropic
from langchain.memory import FileChatMessageHistory
from langchain_anthropic import ChatAnthropic
from langchain_community.chat_message_histories import FileChatMessageHistory
from langchain_core.chat_history import BaseChatMessageHistory
from langchain_core.prompts import ChatPromptTemplate, MessagesPlaceholder
from langchain_core.runnables.history import RunnableWithMessageHistory
from pydantic import BaseModel, Field
from langserve import add_routes
from langserve.pydantic_v1 import BaseModel, Field
def _is_valid_identifier(value: str) -> bool:
@@ -76,7 +76,7 @@ prompt = ChatPromptTemplate.from_messages(
]
)
chain = prompt | ChatAnthropic(model="claude-2")
chain = prompt | ChatAnthropic(model="claude-2.1")
class InputChat(BaseModel):
@@ -13,13 +13,13 @@ from pathlib import Path
from typing import Any, Callable, Dict, Union
from fastapi import FastAPI, HTTPException, Request
from langchain.chat_models import ChatOpenAI
from langchain.memory import FileChatMessageHistory
from langchain.schema.runnable.utils import ConfigurableFieldSpec
from langchain_community.chat_message_histories import FileChatMessageHistory
from langchain_core import __version__
from langchain_core.chat_history import BaseChatMessageHistory
from langchain_core.prompts import ChatPromptTemplate, MessagesPlaceholder
from langchain_core.runnables import ConfigurableFieldSpec
from langchain_core.runnables.history import RunnableWithMessageHistory
from langchain_openai import ChatOpenAI
from typing_extensions import TypedDict
from langserve import add_routes
@@ -17,15 +17,11 @@ on the LLM and use the stream_log endpoint rather than stream endpoint.
from typing import Any, AsyncIterator, Dict, List, Optional, cast
from fastapi import FastAPI
from langchain.agents import AgentExecutor, tool
from langchain.agents import AgentExecutor
from langchain.agents.format_scratchpad import format_to_openai_functions
from langchain.agents.output_parsers import OpenAIFunctionsAgentOutputParser
from langchain.chat_models import ChatOpenAI
from langchain.embeddings import OpenAIEmbeddings
from langchain.prompts import ChatPromptTemplate, MessagesPlaceholder
from langchain.pydantic_v1 import BaseModel
from langchain.tools.render import format_tool_to_openai_function
from langchain.vectorstores import FAISS
from langchain_community.vectorstores import FAISS
from langchain_core.prompts import ChatPromptTemplate, MessagesPlaceholder
from langchain_core.runnables import (
ConfigurableField,
ConfigurableFieldSpec,
@@ -33,6 +29,10 @@ from langchain_core.runnables import (
RunnableConfig,
)
from langchain_core.runnables.utils import Input, Output
from langchain_core.tools import tool
from langchain_core.utils.function_calling import format_tool_to_openai_function
from langchain_openai import ChatOpenAI, OpenAIEmbeddings
from pydantic import BaseModel
from langserve import add_routes
+9 -53
View File
@@ -23,14 +23,7 @@
"tags": []
},
"outputs": [],
"source": [
"import requests\n",
"\n",
"inputs = {\"input\": {\"topic\": \"sports\"}}\n",
"response = requests.post(\"http://localhost:8000/configurable_temp/invoke\", json=inputs)\n",
"\n",
"response.json()"
]
"source": ["import requests\n\ninputs = {\"input\": {\"topic\": \"sports\"}}\nresponse = requests.post(\"http://localhost:8000/configurable_temp/invoke\", json=inputs)\n\nresponse.json()"]
},
{
"cell_type": "markdown",
@@ -46,11 +39,7 @@
"tags": []
},
"outputs": [],
"source": [
"from langserve import RemoteRunnable\n",
"\n",
"remote_runnable = RemoteRunnable(\"http://localhost:8000/configurable_temp\")"
]
"source": ["from langserve import RemoteRunnable\n\nremote_runnable = RemoteRunnable(\"http://localhost:8000/configurable_temp\")"]
},
{
"cell_type": "markdown",
@@ -66,9 +55,7 @@
"tags": []
},
"outputs": [],
"source": [
"response = await remote_runnable.ainvoke({\"topic\": \"sports\"})"
]
"source": ["response = await remote_runnable.ainvoke({\"topic\": \"sports\"})"]
},
{
"cell_type": "markdown",
@@ -84,11 +71,7 @@
"tags": []
},
"outputs": [],
"source": [
"from langchain.schema.runnable.config import RunnableConfig\n",
"\n",
"remote_runnable.batch([{\"topic\": \"sports\"}, {\"topic\": \"cars\"}])"
]
"source": ["from langchain_core.runnables import RunnableConfig\n\nremote_runnable.batch([{\"topic\": \"sports\"}, {\"topic\": \"cars\"}])"]
},
{
"cell_type": "markdown",
@@ -104,10 +87,7 @@
"tags": []
},
"outputs": [],
"source": [
"async for chunk in remote_runnable.astream({\"topic\": \"bears, but a bit verbose\"}):\n",
" print(chunk, end=\"\", flush=True)"
]
"source": ["async for chunk in remote_runnable.astream({\"topic\": \"bears, but a bit verbose\"}):\n print(chunk, end=\"\", flush=True)"]
},
{
"cell_type": "markdown",
@@ -157,14 +137,7 @@
"tags": []
},
"outputs": [],
"source": [
"await remote_runnable.ainvoke(\n",
" {\"topic\": \"sports\"},\n",
" config={\n",
" \"configurable\": {\"prompt\": \"how to say {topic} in french\", \"llm\": \"low_temp\"}\n",
" },\n",
")"
]
"source": ["await remote_runnable.ainvoke(\n {\"topic\": \"sports\"},\n config={\n \"configurable\": {\"prompt\": \"how to say {topic} in french\", \"llm\": \"low_temp\"}\n },\n)"]
},
{
"cell_type": "markdown",
@@ -221,13 +194,7 @@
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"# The model will fail with an auth error\n",
"unauthenticated_response = requests.post(\n",
" \"http://localhost:8000/auth_from_header/invoke\", json={\"input\": \"hello\"}\n",
")\n",
"unauthenticated_response.json()"
]
"source": ["# The model will fail with an auth error\nunauthenticated_response = requests.post(\n \"http://localhost:8000/auth_from_header/invoke\", json={\"input\": \"hello\"}\n)\nunauthenticated_response.json()"]
},
{
"cell_type": "markdown",
@@ -244,25 +211,14 @@
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"# The model will succeed as long as the above shell script is run previously\n",
"import os\n",
"\n",
"test_key = os.environ[\"TEST_API_KEY\"]\n",
"authenticated_response = requests.post(\n",
" \"http://localhost:8000/auth_from_header/invoke\",\n",
" json={\"input\": \"hello\"},\n",
" headers={\"x-api-key\": test_key},\n",
")\n",
"authenticated_response.json()"
]
"source": ["# The model will succeed as long as the above shell script is run previously\nimport os\n\ntest_key = os.environ[\"TEST_API_KEY\"]\nauthenticated_response = requests.post(\n \"http://localhost:8000/auth_from_header/invoke\",\n json={\"input\": \"hello\"},\n headers={\"x-api-key\": test_key},\n)\nauthenticated_response.json()"]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": []
"source": [""]
}
],
"metadata": {
+4 -4
View File
@@ -10,10 +10,10 @@ from typing import Any, Dict
from fastapi import FastAPI, HTTPException, Request
from fastapi.middleware.cors import CORSMiddleware
from langchain.chat_models import ChatOpenAI
from langchain.prompts import PromptTemplate
from langchain.schema.output_parser import StrOutputParser
from langchain.schema.runnable import ConfigurableField
from langchain_core.output_parsers import StrOutputParser
from langchain_core.prompts import PromptTemplate
from langchain_core.runnables import ConfigurableField
from langchain_openai import ChatOpenAI
from langserve import add_routes
+9 -8
View File
@@ -3,20 +3,21 @@
from typing import Any, Iterable, List, Optional, Type
from fastapi import FastAPI
from langchain.embeddings import OpenAIEmbeddings
from langchain.schema import Document
from langchain.schema.embeddings import Embeddings
from langchain.schema.retriever import BaseRetriever
from langchain.schema.runnable import (
from langchain.schema.vectorstore import VST
from langchain_community.vectorstores import FAISS
from langchain_core.documents import Document
from langchain_core.embeddings import Embeddings
from langchain_core.retrievers import BaseRetriever
from langchain_core.runnables import (
ConfigurableFieldSingleOption,
RunnableConfig,
RunnableSerializable,
)
from langchain.schema.vectorstore import VST
from langchain.vectorstores import FAISS, VectorStore
from langchain_core.vectorstores import VectorStore
from langchain_openai import OpenAIEmbeddings
from pydantic import BaseModel, Field
from langserve import add_routes
from langserve.pydantic_v1 import BaseModel, Field
vectorstore1 = FAISS.from_texts(
["cats like fish", "dogs like sticks"], embedding=OpenAIEmbeddings()
@@ -13,17 +13,14 @@ from operator import itemgetter
from typing import List, Tuple
from fastapi import FastAPI
from langchain.chat_models import ChatOpenAI
from langchain.embeddings import OpenAIEmbeddings
from langchain.prompts import ChatPromptTemplate
from langchain.prompts.prompt import PromptTemplate
from langchain.schema import format_document
from langchain.schema.output_parser import StrOutputParser
from langchain.schema.runnable import RunnableMap, RunnablePassthrough
from langchain.vectorstores import FAISS
from langchain_community.vectorstores import FAISS
from langchain_core.output_parsers import StrOutputParser
from langchain_core.prompts import ChatPromptTemplate, PromptTemplate, format_document
from langchain_core.runnables import RunnableMap, RunnablePassthrough
from langchain_openai import ChatOpenAI, OpenAIEmbeddings
from pydantic import BaseModel, Field
from langserve import add_routes
from langserve.pydantic_v1 import BaseModel, Field
_TEMPLATE = """Given the following conversation and a follow up question, rephrase the
follow up question to be a standalone question, in its original language.
+4 -4
View File
@@ -15,10 +15,10 @@ allowing one to upload a binary file using the langserve playground UI.
import base64
from fastapi import FastAPI
from langchain.document_loaders.blob_loaders import Blob
from langchain.document_loaders.parsers.pdf import PDFMinerParser
from langchain.pydantic_v1 import Field
from langchain.schema.runnable import RunnableLambda
from langchain_community.document_loaders.parsers.pdf import PDFMinerParser
from langchain_core.document_loaders import Blob
from langchain_core.runnables import RunnableLambda
from pydantic import Field
from langserve import CustomUserType, add_routes
+13 -81
View File
@@ -16,9 +16,7 @@
"tags": []
},
"outputs": [],
"source": [
"from langchain.prompts.chat import ChatPromptTemplate"
]
"source": ["from langchain_core.prompts import ChatPromptTemplate"]
},
{
"cell_type": "code",
@@ -27,12 +25,7 @@
"tags": []
},
"outputs": [],
"source": [
"from langserve import RemoteRunnable\n",
"\n",
"openai_llm = RemoteRunnable(\"http://localhost:8000/openai/\")\n",
"anthropic = RemoteRunnable(\"http://localhost:8000/anthropic/\")"
]
"source": ["from langserve import RemoteRunnable\n\nopenai_llm = RemoteRunnable(\"http://localhost:8000/openai/\")\nanthropic = RemoteRunnable(\"http://localhost:8000/anthropic/\")"]
},
{
"cell_type": "markdown",
@@ -48,18 +41,7 @@
"tags": []
},
"outputs": [],
"source": [
"prompt = ChatPromptTemplate.from_messages(\n",
" [\n",
" (\n",
" \"system\",\n",
" \"You are a highly educated person who loves to use big words. \"\n",
" + \"You are also concise. Never answer in more than three sentences.\",\n",
" ),\n",
" (\"human\", \"Tell me about your favorite novel\"),\n",
" ]\n",
").format_messages()"
]
"source": ["prompt = ChatPromptTemplate.from_messages(\n [\n (\n \"system\",\n \"You are a highly educated person who loves to use big words. \"\n + \"You are also concise. Never answer in more than three sentences.\",\n ),\n (\"human\", \"Tell me about your favorite novel\"),\n ]\n).format_messages()"]
},
{
"cell_type": "markdown",
@@ -86,9 +68,7 @@
"output_type": "execute_result"
}
],
"source": [
"anthropic.invoke(prompt)"
]
"source": ["anthropic.invoke(prompt)"]
},
{
"cell_type": "code",
@@ -97,9 +77,7 @@
"tags": []
},
"outputs": [],
"source": [
"openai_llm.invoke(prompt)"
]
"source": ["openai_llm.invoke(prompt)"]
},
{
"cell_type": "markdown",
@@ -126,9 +104,7 @@
"output_type": "execute_result"
}
],
"source": [
"await openai_llm.ainvoke(prompt)"
]
"source": ["await openai_llm.ainvoke(prompt)"]
},
{
"cell_type": "code",
@@ -149,9 +125,7 @@
"output_type": "execute_result"
}
],
"source": [
"anthropic.batch([prompt, prompt])"
]
"source": ["anthropic.batch([prompt, prompt])"]
},
{
"cell_type": "code",
@@ -172,9 +146,7 @@
"output_type": "execute_result"
}
],
"source": [
"await anthropic.abatch([prompt, prompt])"
]
"source": ["await anthropic.abatch([prompt, prompt])"]
},
{
"cell_type": "markdown",
@@ -198,10 +170,7 @@
]
}
],
"source": [
"for chunk in anthropic.stream(prompt):\n",
" print(chunk.content, end=\"\", flush=True)"
]
"source": ["for chunk in anthropic.stream(prompt):\n print(chunk.content, end=\"\", flush=True)"]
},
{
"cell_type": "code",
@@ -218,19 +187,14 @@
]
}
],
"source": [
"async for chunk in anthropic.astream(prompt):\n",
" print(chunk.content, end=\"\", flush=True)"
]
"source": ["async for chunk in anthropic.astream(prompt):\n print(chunk.content, end=\"\", flush=True)"]
},
{
"cell_type": "code",
"execution_count": 13,
"metadata": {},
"outputs": [],
"source": [
"from langchain.schema.runnable import RunnablePassthrough"
]
"source": ["from langchain_core.runnables import RunnablePassthrough"]
},
{
"cell_type": "code",
@@ -239,37 +203,7 @@
"tags": []
},
"outputs": [],
"source": [
"comedian_chain = (\n",
" ChatPromptTemplate.from_messages(\n",
" [\n",
" (\n",
" \"system\",\n",
" \"You are a comedian that sometimes tells funny jokes and other times you just state facts that are not funny. Please either tell a joke or state fact now but only output one.\",\n",
" ),\n",
" ]\n",
" )\n",
" | openai_llm\n",
")\n",
"\n",
"joke_classifier_chain = (\n",
" ChatPromptTemplate.from_messages(\n",
" [\n",
" (\n",
" \"system\",\n",
" \"Please determine if the joke is funny. Say `funny` if it's funny and `not funny` if not funny. Then repeat the first five words of the joke for reference...\",\n",
" ),\n",
" (\"human\", \"{joke}\"),\n",
" ]\n",
" )\n",
" | anthropic\n",
")\n",
"\n",
"\n",
"chain = {\"joke\": comedian_chain} | RunnablePassthrough.assign(\n",
" classification=joke_classifier_chain\n",
")"
]
"source": ["comedian_chain = (\n ChatPromptTemplate.from_messages(\n [\n (\n \"system\",\n \"You are a comedian that sometimes tells funny jokes and other times you just state facts that are not funny. Please either tell a joke or state fact now but only output one.\",\n ),\n ]\n )\n | openai_llm\n)\n\njoke_classifier_chain = (\n ChatPromptTemplate.from_messages(\n [\n (\n \"system\",\n \"Please determine if the joke is funny. Say `funny` if it's funny and `not funny` if not funny. Then repeat the first five words of the joke for reference...\",\n ),\n (\"human\", \"{joke}\"),\n ]\n )\n | anthropic\n)\n\n\nchain = {\"joke\": comedian_chain} | RunnablePassthrough.assign(\n classification=joke_classifier_chain\n)"]
},
{
"cell_type": "code",
@@ -290,9 +224,7 @@
"output_type": "execute_result"
}
],
"source": [
"chain.invoke({})"
]
"source": ["chain.invoke({})"]
}
],
"metadata": {
+4 -3
View File
@@ -2,7 +2,8 @@
"""Example LangChain server exposes multiple runnables (LLMs in this case)."""
from fastapi import FastAPI
from langchain.chat_models import ChatAnthropic, ChatOpenAI
from langchain_anthropic import ChatAnthropic
from langchain_openai import ChatOpenAI
from langserve import add_routes
@@ -14,12 +15,12 @@ app = FastAPI(
add_routes(
app,
ChatOpenAI(),
ChatOpenAI(model="gpt-3.5-turbo-0125"),
path="/openai",
)
add_routes(
app,
ChatAnthropic(),
ChatAnthropic(model="claude-3-haiku-20240307"),
path="/anthropic",
)
+11 -46
View File
@@ -18,9 +18,7 @@
"tags": []
},
"outputs": [],
"source": [
"from langchain.prompts.chat import ChatPromptTemplate"
]
"source": ["from langchain_core.prompts import ChatPromptTemplate"]
},
{
"cell_type": "code",
@@ -29,11 +27,7 @@
"tags": []
},
"outputs": [],
"source": [
"from langserve import RemoteRunnable\n",
"\n",
"model = RemoteRunnable(\"http://localhost:8000/ollama/\")"
]
"source": ["from langserve import RemoteRunnable\n\nmodel = RemoteRunnable(\"http://localhost:8000/ollama/\")"]
},
{
"cell_type": "markdown",
@@ -49,9 +43,7 @@
"tags": []
},
"outputs": [],
"source": [
"prompt = \"Tell me a 3 sentence story about a cat.\""
]
"source": ["prompt = \"Tell me a 3 sentence story about a cat.\""]
},
{
"cell_type": "code",
@@ -71,9 +63,7 @@
"output_type": "execute_result"
}
],
"source": [
"model.invoke(prompt)"
]
"source": ["model.invoke(prompt)"]
},
{
"cell_type": "code",
@@ -93,9 +83,7 @@
"output_type": "execute_result"
}
],
"source": [
"await model.ainvoke(prompt)"
]
"source": ["await model.ainvoke(prompt)"]
},
{
"cell_type": "markdown",
@@ -131,10 +119,7 @@
"output_type": "execute_result"
}
],
"source": [
"%%time\n",
"model.batch([prompt, prompt])"
]
"source": ["%%time\nmodel.batch([prompt, prompt])"]
},
{
"cell_type": "code",
@@ -152,11 +137,7 @@
]
}
],
"source": [
"%%time\n",
"for _ in range(2):\n",
" model.invoke(prompt)"
]
"source": ["%%time\nfor _ in range(2):\n model.invoke(prompt)"]
},
{
"cell_type": "code",
@@ -177,9 +158,7 @@
"output_type": "execute_result"
}
],
"source": [
"await model.abatch([prompt, prompt])"
]
"source": ["await model.abatch([prompt, prompt])"]
},
{
"cell_type": "markdown",
@@ -206,10 +185,7 @@
]
}
],
"source": [
"for chunk in model.stream(prompt):\n",
" print(chunk.content, end=\"|\", flush=True)"
]
"source": ["for chunk in model.stream(prompt):\n print(chunk.content, end=\"|\", flush=True)"]
},
{
"cell_type": "code",
@@ -227,10 +203,7 @@
]
}
],
"source": [
"async for chunk in model.astream(prompt):\n",
" print(chunk.content, end=\"|\", flush=True)"
]
"source": ["async for chunk in model.astream(prompt):\n print(chunk.content, end=\"|\", flush=True)"]
},
{
"cell_type": "markdown",
@@ -266,15 +239,7 @@
]
}
],
"source": [
"i = 0\n",
"async for event in model.astream_events(prompt, version='v1'):\n",
" print(event)\n",
" if i > 10:\n",
" print('...')\n",
" break\n",
" i += 1"
]
"source": ["i = 0\nasync for event in model.astream_events(prompt, version='v1'):\n print(event)\n if i > 10:\n print('...')\n break\n i += 1"]
}
],
"metadata": {
+6 -23
View File
@@ -16,9 +16,7 @@
"tags": []
},
"outputs": [],
"source": [
"from langchain.prompts.chat import ChatPromptTemplate"
]
"source": ["from langchain_core.prompts import ChatPromptTemplate"]
},
{
"cell_type": "code",
@@ -27,11 +25,7 @@
"tags": []
},
"outputs": [],
"source": [
"from langserve import RemoteRunnable\n",
"\n",
"chain = RemoteRunnable(\"http://localhost:8000/v1/\")"
]
"source": ["from langserve import RemoteRunnable\n\nchain = RemoteRunnable(\"http://localhost:8000/v1/\")"]
},
{
"cell_type": "markdown",
@@ -59,9 +53,7 @@
"output_type": "execute_result"
}
],
"source": [
"chain.invoke({'thing': 'apple', 'language': 'italian', 'info': {\"user_id\": 42, \"user_info\": {\"address\": 42}}})"
]
"source": ["chain.invoke({'thing': 'apple', 'language': 'italian', 'info': {\"user_id\": 42, \"user_info\": {\"address\": 42}}})"]
},
{
"cell_type": "code",
@@ -82,10 +74,7 @@
]
}
],
"source": [
"for chunk in chain.stream({'thing': 'apple', 'language': 'italian', 'info': {\"user_id\": 42, \"user_info\": {\"address\": 42}}}):\n",
" print(chunk)"
]
"source": ["for chunk in chain.stream({'thing': 'apple', 'language': 'italian', 'info': {\"user_id\": 42, \"user_info\": {\"address\": 42}}}):\n print(chunk)"]
},
{
"cell_type": "code",
@@ -94,11 +83,7 @@
"tags": []
},
"outputs": [],
"source": [
"from langserve import RemoteRunnable\n",
"\n",
"chain = RemoteRunnable(\"http://localhost:8000/v2/\")"
]
"source": ["from langserve import RemoteRunnable\n\nchain = RemoteRunnable(\"http://localhost:8000/v2/\")"]
},
{
"cell_type": "code",
@@ -119,9 +104,7 @@
"output_type": "execute_result"
}
],
"source": [
"chain.invoke({'thing': 'apple', 'language': 'italian', 'info': {\"user_id\": 42, \"user_info\": {\"address\": 42}}})"
]
"source": ["chain.invoke({'thing': 'apple', 'language': 'italian', 'info': {\"user_id\": 42, \"user_info\": {\"address\": 42}}})"]
}
],
"metadata": {
+4 -4
View File
@@ -4,9 +4,9 @@
from typing import Any, Callable, Dict, List, Optional, TypedDict
from fastapi import FastAPI
from langchain.chat_models import ChatOpenAI
from langchain.prompts import ChatPromptTemplate
from langchain.schema.runnable import RunnableMap, RunnablePassthrough
from langchain_core.prompts import ChatPromptTemplate
from langchain_core.runnables import RunnableParallel, RunnablePassthrough
from langchain_openai import ChatOpenAI
from langserve import add_routes
@@ -43,7 +43,7 @@ model = ChatOpenAI()
underlying_chain = prompt | model
wrapped_chain = RunnableMap(
wrapped_chain = RunnableParallel(
{
"output": _create_projection(exclude_keys=["info"]) | underlying_chain,
"info": _create_projection(include_keys=["info"]),
+2 -2
View File
@@ -1,8 +1,8 @@
#!/usr/bin/env python
"""Example LangChain server exposes a retriever."""
from fastapi import FastAPI
from langchain.embeddings import OpenAIEmbeddings
from langchain.vectorstores import FAISS
from langchain_community.vectorstores import FAISS
from langchain_openai import OpenAIEmbeddings
from langserve import add_routes
+4 -3
View File
@@ -9,7 +9,8 @@ See more documentation at:
https://fastapi.tiangolo.com/tutorial/bigger-applications/
"""
from fastapi import APIRouter, FastAPI
from langchain.chat_models import ChatAnthropic, ChatOpenAI
from langchain_anthropic import ChatAnthropic
from langchain_openai import ChatOpenAI
from langserve import add_routes
@@ -20,13 +21,13 @@ router = APIRouter(prefix="/models")
# Invocations to this router will appear in trace logs as /models/openai
add_routes(
router,
ChatOpenAI(),
ChatOpenAI(model="gpt-3.5-turbo-0125"),
path="/openai",
)
# Invocations to this router will appear in trace logs as /models/anthropic
add_routes(
router,
ChatAnthropic(),
ChatAnthropic(model="claude-3-haiku-20240307"),
path="/anthropic",
)
+3 -3
View File
@@ -6,13 +6,13 @@ from typing import List, Union
from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware
from langchain.chat_models import ChatAnthropic
from langchain_anthropic import ChatAnthropic
from langchain_core.messages import AIMessage, HumanMessage, SystemMessage
from langchain_core.output_parsers import StrOutputParser
from langchain_core.prompts import ChatPromptTemplate, MessagesPlaceholder
from pydantic import BaseModel, Field
from langserve import add_routes
from langserve.pydantic_v1 import BaseModel, Field
app = FastAPI(
title="LangChain Server",
@@ -40,7 +40,7 @@ prompt = ChatPromptTemplate.from_messages(
]
)
chain = prompt | ChatAnthropic(model="claude-2") | StrOutputParser()
chain = prompt | ChatAnthropic(model="claude-2.1") | StrOutputParser()
class InputChat(BaseModel):
+6 -7
View File
@@ -6,18 +6,17 @@ from typing import Any, Dict, List, Tuple
from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware
from langchain.chat_models.openai import ChatOpenAI
from langchain.document_loaders.blob_loaders import Blob
from langchain.document_loaders.parsers.pdf import PDFMinerParser
from langchain.pydantic_v1 import BaseModel, Field
from langchain.schema.messages import (
from langchain_community.document_loaders.parsers.pdf import PDFMinerParser
from langchain_core.document_loaders import Blob
from langchain_core.messages import (
AIMessage,
BaseMessage,
FunctionMessage,
HumanMessage,
)
from langchain.schema.runnable import RunnableLambda
from langchain_core.runnables import RunnableParallel
from langchain_core.runnables import RunnableLambda, RunnableParallel
from langchain_openai import ChatOpenAI
from pydantic import BaseModel, Field
from langserve import CustomUserType
from langserve.server import add_routes
+53
View File
@@ -0,0 +1,53 @@
from typing import Any, Dict, Type, cast
from pydantic import BaseModel, ConfigDict, RootModel
from pydantic.json_schema import (
DEFAULT_REF_TEMPLATE,
GenerateJsonSchema,
JsonSchemaMode,
)
def _create_root_model(name: str, type_: Any) -> Type[RootModel]:
"""Create a base class."""
def schema(
cls: Type[BaseModel],
by_alias: bool = True,
ref_template: str = DEFAULT_REF_TEMPLATE,
) -> Dict[str, Any]:
# Complains about schema not being defined in superclass
schema_ = super(cls, cls).schema( # type: ignore[misc]
by_alias=by_alias, ref_template=ref_template
)
schema_["title"] = name
return schema_
def model_json_schema(
cls: Type[BaseModel],
by_alias: bool = True,
ref_template: str = DEFAULT_REF_TEMPLATE,
schema_generator: type[GenerateJsonSchema] = GenerateJsonSchema,
mode: JsonSchemaMode = "validation",
) -> Dict[str, Any]:
# Complains about model_json_schema not being defined in superclass
schema_ = super(cls, cls).model_json_schema( # type: ignore[misc]
by_alias=by_alias,
ref_template=ref_template,
schema_generator=schema_generator,
mode=mode,
)
schema_["title"] = name
return schema_
base_class_attributes = {
"__annotations__": {"root": type_},
"model_config": ConfigDict(arbitrary_types_allowed=True),
"schema": classmethod(schema),
"model_json_schema": classmethod(model_json_schema),
# Should replace __module__ with caller based on stack frame.
"__module__": "langserve._pydantic",
}
custom_root_type = type(name, (RootModel,), base_class_attributes)
return cast(Type[RootModel], custom_root_type)
+448 -207
View File
File diff suppressed because it is too large Load Diff
+27 -10
View File
@@ -4,13 +4,16 @@ import uuid
from typing import Any, Dict, List, Optional, Sequence
from uuid import UUID
from langchain.callbacks.base import AsyncCallbackHandler
from langchain.callbacks.manager import (
from langchain_core.agents import AgentAction, AgentFinish
from langchain_core.callbacks import AsyncCallbackHandler
from langchain_core.callbacks.manager import (
BaseRunManager,
ahandle_event,
handle_event,
)
from langchain.schema import AgentAction, AgentFinish, BaseMessage, Document, LLMResult
from langchain_core.documents import Document
from langchain_core.messages import BaseMessage
from langchain_core.outputs import LLMResult
from typing_extensions import TypedDict
@@ -45,7 +48,7 @@ class AsyncEventAggregatorCallback(AsyncCallbackHandler):
async def on_chat_model_start(
self,
serialized: Dict[str, Any],
serialized: Optional[Dict[str, Any]],
messages: List[List[BaseMessage]],
*,
run_id: UUID,
@@ -70,7 +73,7 @@ class AsyncEventAggregatorCallback(AsyncCallbackHandler):
async def on_chain_start(
self,
serialized: Dict[str, Any],
serialized: Optional[Dict[str, Any]],
inputs: Dict[str, Any],
*,
run_id: UUID,
@@ -135,7 +138,7 @@ class AsyncEventAggregatorCallback(AsyncCallbackHandler):
async def on_retriever_start(
self,
serialized: Dict[str, Any],
serialized: Optional[Dict[str, Any]],
query: str,
*,
run_id: UUID,
@@ -199,7 +202,7 @@ class AsyncEventAggregatorCallback(AsyncCallbackHandler):
async def on_tool_start(
self,
serialized: Dict[str, Any],
serialized: Optional[Dict[str, Any]],
input_str: str,
*,
run_id: UUID,
@@ -303,7 +306,7 @@ class AsyncEventAggregatorCallback(AsyncCallbackHandler):
async def on_llm_start(
self,
serialized: Dict[str, Any],
serialized: Optional[Dict[str, Any]],
prompts: List[str],
*,
run_id: UUID,
@@ -442,7 +445,14 @@ async def ahandle_callbacks(
if event["parent_run_id"] is None: # How do we make sure it's None!?
event["parent_run_id"] = callback_manager.run_id
event_data = {key: value for key, value in event.items() if key != "type"}
event_data = {
key: value
for key, value in event.items()
if key != "type" and key != "kwargs"
}
if "kwargs" in event:
event_data.update(event["kwargs"])
await ahandle_event(
# Unpacking like this may not work
@@ -464,7 +474,14 @@ def handle_callbacks(
if event["parent_run_id"] is None: # How do we make sure it's None!?
event["parent_run_id"] = callback_manager.run_id
event_data = {key: value for key, value in event.items() if key != "type"}
event_data = {
key: value
for key, value in event.items()
if key != "type" and key != "kwargs"
}
if "kwargs" in event:
event_data.update(event["kwargs"])
handle_event(
# Unpacking like this may not work
File diff suppressed because one or more lines are too long
+1 -1
View File
@@ -5,7 +5,7 @@
<link rel="icon" href="/____LANGSERVE_BASE_URL/favicon.ico" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Chat Playground</title>
<script type="module" crossorigin src="/____LANGSERVE_BASE_URL/assets/index-86d4d9c0.js"></script>
<script type="module" crossorigin src="/____LANGSERVE_BASE_URL/assets/index-53ad47d4.js"></script>
<link rel="stylesheet" href="/____LANGSERVE_BASE_URL/assets/index-434ff580.css">
</head>
<body>
+9 -2
View File
@@ -22,7 +22,7 @@
"clsx": "^2.0.0",
"dayjs": "^1.11.10",
"fast-json-patch": "^3.1.1",
"lodash": "^4.17.21",
"lodash": "^4.18.1",
"lz-string": "^1.5.0",
"react": "^18.2.0",
"react-dom": "^18.2.0",
@@ -46,7 +46,14 @@
"postcss": "^8.4.31",
"tailwindcss": "^3.3.3",
"typescript": "^5.0.2",
"vite": "^4.4.5",
"vite": "^6.4.2",
"vite-plugin-svgr": "^4.1.0"
},
"resolutions": {
"braces": "^3.0.3",
"cross-spawn": "^7.0.5",
"rollup": "^3.30.0",
"ajv": "^8.18.0",
"esbuild": "0.25.0"
}
}
+1
View File
@@ -30,6 +30,7 @@ export function App() {
);
const outputSchemaSupported = (
outputDataSchema?.anyOf?.find((option) => option.properties?.type?.enum?.includes("ai")) ||
outputDataSchema?.oneOf?.find((option) => option.properties?.type?.enum?.includes("ai")) ||
outputDataSchema?.type === "string"
);
const isSupported = isLoading || (inputSchemaSupported && outputSchemaSupported);
+291 -239
View File
@@ -28,6 +28,15 @@
"@babel/highlight" "^7.22.13"
chalk "^2.4.2"
"@babel/code-frame@^7.28.6":
version "7.29.0"
resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.29.0.tgz#7cd7a59f15b3cc0dcd803038f7792712a7d0b15c"
integrity sha512-9NhCeYjq9+3uxgdtp20LSiJXJvN0FeCtNGpJxuMFZ1Kv3cWUNb6DOhJwUvcVCzKGR66cw4njwM6hrJLqgOwbcw==
dependencies:
"@babel/helper-validator-identifier" "^7.28.5"
js-tokens "^4.0.0"
picocolors "^1.1.1"
"@babel/compat-data@^7.22.9":
version "7.23.2"
resolved "https://registry.yarnpkg.com/@babel/compat-data/-/compat-data-7.23.2.tgz#6a12ced93455827037bfb5ed8492820d60fc32cc"
@@ -137,24 +146,33 @@
resolved "https://registry.yarnpkg.com/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz#533f36457a25814cf1df6488523ad547d784a99f"
integrity sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==
"@babel/helper-string-parser@^7.27.1":
version "7.27.1"
resolved "https://registry.yarnpkg.com/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz#54da796097ab19ce67ed9f88b47bb2ec49367687"
integrity sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==
"@babel/helper-validator-identifier@^7.22.20":
version "7.22.20"
resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz#c4ae002c61d2879e724581d96665583dbc1dc0e0"
integrity sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==
"@babel/helper-validator-identifier@^7.28.5":
version "7.28.5"
resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.28.5.tgz#010b6938fab7cb7df74aa2bbc06aa503b8fe5fb4"
integrity sha512-qSs4ifwzKJSV39ucNjsvc6WVHs6b7S03sOh2OcHF9UHfVPqWWALUsNUVzhSBiItjRZoLHx7nIarVjqKVusUZ1Q==
"@babel/helper-validator-option@^7.22.15":
version "7.22.15"
resolved "https://registry.yarnpkg.com/@babel/helper-validator-option/-/helper-validator-option-7.22.15.tgz#694c30dfa1d09a6534cdfcafbe56789d36aba040"
integrity sha512-bMn7RmyFjY/mdECUbgn9eoSY4vqvacUnS9i9vGAGttgFWesO6B4CYWA7XlpbWgBt71iv/hfbPlynohStqnu5hA==
"@babel/helpers@^7.23.2":
version "7.23.2"
resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.23.2.tgz#2832549a6e37d484286e15ba36a5330483cac767"
integrity sha512-lzchcp8SjTSVe/fPmLwtWVBFC7+Tbn8LGHDVfDp9JGxpAY5opSaEFgt8UQvrnECWOTdji2mOWMz1rOhkHscmGQ==
version "7.28.6"
resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.28.6.tgz#fca903a313ae675617936e8998b814c415cbf5d7"
integrity sha512-xOBvwq86HHdB7WUDTfKfT/Vuxh7gElQ+Sfti2Cy6yIWNW05P8iUslOVcZ4/sKbE+/jQaukQAdz/gf3724kYdqw==
dependencies:
"@babel/template" "^7.22.15"
"@babel/traverse" "^7.23.2"
"@babel/types" "^7.23.0"
"@babel/template" "^7.28.6"
"@babel/types" "^7.28.6"
"@babel/highlight@^7.22.13":
version "7.22.20"
@@ -170,6 +188,13 @@
resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.23.0.tgz#da950e622420bf96ca0d0f2909cdddac3acd8719"
integrity sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==
"@babel/parser@^7.28.6":
version "7.29.0"
resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.29.0.tgz#669ef345add7d057e92b7ed15f0bac07611831b6"
integrity sha512-IyDgFV5GeDUVX4YdF/3CPULtVGSXXMLh1xVIgdCgxApktqnQV0r7/8Nqthg+8YLGaAtdyIlo2qIdZrbCv4+7ww==
dependencies:
"@babel/types" "^7.29.0"
"@babel/plugin-transform-react-jsx-self@^7.22.5":
version "7.22.5"
resolved "https://registry.yarnpkg.com/@babel/plugin-transform-react-jsx-self/-/plugin-transform-react-jsx-self-7.22.5.tgz#ca2fdc11bc20d4d46de01137318b13d04e481d8e"
@@ -185,11 +210,9 @@
"@babel/helper-plugin-utils" "^7.22.5"
"@babel/runtime@^7.12.5", "@babel/runtime@^7.13.10", "@babel/runtime@^7.18.3", "@babel/runtime@^7.23.1", "@babel/runtime@^7.5.5", "@babel/runtime@^7.8.7":
version "7.23.2"
resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.23.2.tgz#062b0ac103261d68a966c4c7baf2ae3e62ec3885"
integrity sha512-mM8eg4yl5D6i3lu2QKPuPH4FArvJ8KhTofbE7jwMUv9KX5mBvwPAqnV3MlyBNqdp9RyRKP6Yck8TrfYrPvX3bg==
dependencies:
regenerator-runtime "^0.14.0"
version "7.28.6"
resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.28.6.tgz#d267a43cb1836dc4d182cce93ae75ba954ef6d2b"
integrity sha512-05WQkdpL9COIMz4LjTxGpPNCdlpyimKppYNoJ5Di5EUObifl8t4tuLuUBBZEpoLYOmfvIWrsp9fCl0HoPRVTdA==
"@babel/template@^7.22.15":
version "7.22.15"
@@ -200,6 +223,15 @@
"@babel/parser" "^7.22.15"
"@babel/types" "^7.22.15"
"@babel/template@^7.28.6":
version "7.28.6"
resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.28.6.tgz#0e7e56ecedb78aeef66ce7972b082fce76a23e57"
integrity sha512-YA6Ma2KsCdGb+WC6UpBVFJGXL58MDA6oyONbjyF/+5sBgxY/dwkhLogbMT2GXXyU84/IhRw/2D1Os1B/giz+BQ==
dependencies:
"@babel/code-frame" "^7.28.6"
"@babel/parser" "^7.28.6"
"@babel/types" "^7.28.6"
"@babel/traverse@^7.23.2":
version "7.23.2"
resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.23.2.tgz#329c7a06735e144a506bdb2cad0268b7f46f4ad8"
@@ -225,6 +257,14 @@
"@babel/helper-validator-identifier" "^7.22.20"
to-fast-properties "^2.0.0"
"@babel/types@^7.28.6", "@babel/types@^7.29.0":
version "7.29.0"
resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.29.0.tgz#9f5b1e838c446e72cf3cd4b918152b8c605e37c7"
integrity sha512-LwdZHpScM4Qz8Xw2iKSzS+cfglZzJGvofQICy7W7v4caru4EaAmyUuO6BGrbyQ2mYV11W0U8j5mBhd14dd3B0A==
dependencies:
"@babel/helper-string-parser" "^7.27.1"
"@babel/helper-validator-identifier" "^7.28.5"
"@emotion/babel-plugin@^11.11.0":
version "11.11.0"
resolved "https://registry.yarnpkg.com/@emotion/babel-plugin/-/babel-plugin-11.11.0.tgz#c2d872b6a7767a9d176d007f5b31f7d504bb5d6c"
@@ -332,115 +372,130 @@
resolved "https://registry.yarnpkg.com/@emotion/weak-memoize/-/weak-memoize-0.3.1.tgz#d0fce5d07b0620caa282b5131c297bb60f9d87e6"
integrity sha512-EsBwpc7hBUJWAsNPBmJy4hxWx12v6bshQsldrVmjxJoc3isbxhOrF2IcCpaXxfvq03NwkI7sbsOLXbYuqF/8Ww==
"@esbuild/android-arm64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/android-arm64/-/android-arm64-0.18.20.tgz#984b4f9c8d0377443cc2dfcef266d02244593622"
integrity sha512-Nz4rJcchGDtENV0eMKUNa6L12zz2zBDXuhj/Vjh18zGqB44Bi7MBMSXjgunJgjRhCmKOjnPuZp4Mb6OKqtMHLQ==
"@esbuild/aix-ppc64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/aix-ppc64/-/aix-ppc64-0.25.0.tgz#499600c5e1757a524990d5d92601f0ac3ce87f64"
integrity sha512-O7vun9Sf8DFjH2UtqK8Ku3LkquL9SZL8OLY1T5NZkA34+wG3OQF7cl4Ql8vdNzM6fzBbYfLaiRLIOZ+2FOCgBQ==
"@esbuild/android-arm@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/android-arm/-/android-arm-0.18.20.tgz#fedb265bc3a589c84cc11f810804f234947c3682"
integrity sha512-fyi7TDI/ijKKNZTUJAQqiG5T7YjJXgnzkURqmGj13C6dCqckZBLdl4h7bkhHt/t0WP+zO9/zwroDvANaOqO5Sw==
"@esbuild/android-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/android-arm64/-/android-arm64-0.25.0.tgz#b9b8231561a1dfb94eb31f4ee056b92a985c324f"
integrity sha512-grvv8WncGjDSyUBjN9yHXNt+cq0snxXbDxy5pJtzMKGmmpPxeAmAhWxXI+01lU5rwZomDgD3kJwulEnhTRUd6g==
"@esbuild/android-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/android-x64/-/android-x64-0.18.20.tgz#35cf419c4cfc8babe8893d296cd990e9e9f756f2"
integrity sha512-8GDdlePJA8D6zlZYJV/jnrRAi6rOiNaCC/JclcXpB+KIuvfBN4owLtgzY2bsxnx666XjJx2kDPUmnTtR8qKQUg==
"@esbuild/android-arm@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/android-arm/-/android-arm-0.25.0.tgz#ca6e7888942505f13e88ac9f5f7d2a72f9facd2b"
integrity sha512-PTyWCYYiU0+1eJKmw21lWtC+d08JDZPQ5g+kFyxP0V+es6VPPSUhM6zk8iImp2jbV6GwjX4pap0JFbUQN65X1g==
"@esbuild/darwin-arm64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/darwin-arm64/-/darwin-arm64-0.18.20.tgz#08172cbeccf95fbc383399a7f39cfbddaeb0d7c1"
integrity sha512-bxRHW5kHU38zS2lPTPOyuyTm+S+eobPUnTNkdJEfAddYgEcll4xkT8DB9d2008DtTbl7uJag2HuE5NZAZgnNEA==
"@esbuild/android-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/android-x64/-/android-x64-0.25.0.tgz#e765ea753bac442dfc9cb53652ce8bd39d33e163"
integrity sha512-m/ix7SfKG5buCnxasr52+LI78SQ+wgdENi9CqyCXwjVR2X4Jkz+BpC3le3AoBPYTC9NHklwngVXvbJ9/Akhrfg==
"@esbuild/darwin-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/darwin-x64/-/darwin-x64-0.18.20.tgz#d70d5790d8bf475556b67d0f8b7c5bdff053d85d"
integrity sha512-pc5gxlMDxzm513qPGbCbDukOdsGtKhfxD1zJKXjCCcU7ju50O7MeAZ8c4krSJcOIJGFR+qx21yMMVYwiQvyTyQ==
"@esbuild/darwin-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/darwin-arm64/-/darwin-arm64-0.25.0.tgz#fa394164b0d89d4fdc3a8a21989af70ef579fa2c"
integrity sha512-mVwdUb5SRkPayVadIOI78K7aAnPamoeFR2bT5nszFUZ9P8UpK4ratOdYbZZXYSqPKMHfS1wdHCJk1P1EZpRdvw==
"@esbuild/freebsd-arm64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/freebsd-arm64/-/freebsd-arm64-0.18.20.tgz#98755cd12707f93f210e2494d6a4b51b96977f54"
integrity sha512-yqDQHy4QHevpMAaxhhIwYPMv1NECwOvIpGCZkECn8w2WFHXjEwrBn3CeNIYsibZ/iZEUemj++M26W3cNR5h+Tw==
"@esbuild/darwin-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/darwin-x64/-/darwin-x64-0.25.0.tgz#91979d98d30ba6e7d69b22c617cc82bdad60e47a"
integrity sha512-DgDaYsPWFTS4S3nWpFcMn/33ZZwAAeAFKNHNa1QN0rI4pUjgqf0f7ONmXf6d22tqTY+H9FNdgeaAa+YIFUn2Rg==
"@esbuild/freebsd-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/freebsd-x64/-/freebsd-x64-0.18.20.tgz#c1eb2bff03915f87c29cece4c1a7fa1f423b066e"
integrity sha512-tgWRPPuQsd3RmBZwarGVHZQvtzfEBOreNuxEMKFcd5DaDn2PbBxfwLcj4+aenoh7ctXcbXmOQIn8HI6mCSw5MQ==
"@esbuild/freebsd-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.0.tgz#b97e97073310736b430a07b099d837084b85e9ce"
integrity sha512-VN4ocxy6dxefN1MepBx/iD1dH5K8qNtNe227I0mnTRjry8tj5MRk4zprLEdG8WPyAPb93/e4pSgi1SoHdgOa4w==
"@esbuild/linux-arm64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-arm64/-/linux-arm64-0.18.20.tgz#bad4238bd8f4fc25b5a021280c770ab5fc3a02a0"
integrity sha512-2YbscF+UL7SQAVIpnWvYwM+3LskyDmPhe31pE7/aoTMFKKzIc9lLbyGUpmmb8a8AixOL61sQ/mFh3jEjHYFvdA==
"@esbuild/freebsd-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/freebsd-x64/-/freebsd-x64-0.25.0.tgz#f3b694d0da61d9910ec7deff794d444cfbf3b6e7"
integrity sha512-mrSgt7lCh07FY+hDD1TxiTyIHyttn6vnjesnPoVDNmDfOmggTLXRv8Id5fNZey1gl/V2dyVK1VXXqVsQIiAk+A==
"@esbuild/linux-arm@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-arm/-/linux-arm-0.18.20.tgz#3e617c61f33508a27150ee417543c8ab5acc73b0"
integrity sha512-/5bHkMWnq1EgKr1V+Ybz3s1hWXok7mDFUMQ4cG10AfW3wL02PSZi5kFpYKrptDsgb2WAJIvRcDm+qIvXf/apvg==
"@esbuild/linux-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-arm64/-/linux-arm64-0.25.0.tgz#f921f699f162f332036d5657cad9036f7a993f73"
integrity sha512-9QAQjTWNDM/Vk2bgBl17yWuZxZNQIF0OUUuPZRKoDtqF2k4EtYbpyiG5/Dk7nqeK6kIJWPYldkOcBqjXjrUlmg==
"@esbuild/linux-ia32@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-ia32/-/linux-ia32-0.18.20.tgz#699391cccba9aee6019b7f9892eb99219f1570a7"
integrity sha512-P4etWwq6IsReT0E1KHU40bOnzMHoH73aXp96Fs8TIT6z9Hu8G6+0SHSw9i2isWrD2nbx2qo5yUqACgdfVGx7TA==
"@esbuild/linux-arm@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-arm/-/linux-arm-0.25.0.tgz#cc49305b3c6da317c900688995a4050e6cc91ca3"
integrity sha512-vkB3IYj2IDo3g9xX7HqhPYxVkNQe8qTK55fraQyTzTX/fxaDtXiEnavv9geOsonh2Fd2RMB+i5cbhu2zMNWJwg==
"@esbuild/linux-loong64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-loong64/-/linux-loong64-0.18.20.tgz#e6fccb7aac178dd2ffb9860465ac89d7f23b977d"
integrity sha512-nXW8nqBTrOpDLPgPY9uV+/1DjxoQ7DoB2N8eocyq8I9XuqJ7BiAMDMf9n1xZM9TgW0J8zrquIb/A7s3BJv7rjg==
"@esbuild/linux-ia32@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-ia32/-/linux-ia32-0.25.0.tgz#3e0736fcfab16cff042dec806247e2c76e109e19"
integrity sha512-43ET5bHbphBegyeqLb7I1eYn2P/JYGNmzzdidq/w0T8E2SsYL1U6un2NFROFRg1JZLTzdCoRomg8Rvf9M6W6Gg==
"@esbuild/linux-mips64el@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-mips64el/-/linux-mips64el-0.18.20.tgz#eeff3a937de9c2310de30622a957ad1bd9183231"
integrity sha512-d5NeaXZcHp8PzYy5VnXV3VSd2D328Zb+9dEq5HE6bw6+N86JVPExrA6O68OPwobntbNJ0pzCpUFZTo3w0GyetQ==
"@esbuild/linux-loong64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-loong64/-/linux-loong64-0.25.0.tgz#ea2bf730883cddb9dfb85124232b5a875b8020c7"
integrity sha512-fC95c/xyNFueMhClxJmeRIj2yrSMdDfmqJnyOY4ZqsALkDrrKJfIg5NTMSzVBr5YW1jf+l7/cndBfP3MSDpoHw==
"@esbuild/linux-ppc64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-ppc64/-/linux-ppc64-0.18.20.tgz#2f7156bde20b01527993e6881435ad79ba9599fb"
integrity sha512-WHPyeScRNcmANnLQkq6AfyXRFr5D6N2sKgkFo2FqguP44Nw2eyDlbTdZwd9GYk98DZG9QItIiTlFLHJHjxP3FA==
"@esbuild/linux-mips64el@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-mips64el/-/linux-mips64el-0.25.0.tgz#4cababb14eede09248980a2d2d8b966464294ff1"
integrity sha512-nkAMFju7KDW73T1DdH7glcyIptm95a7Le8irTQNO/qtkoyypZAnjchQgooFUDQhNAy4iu08N79W4T4pMBwhPwQ==
"@esbuild/linux-riscv64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-riscv64/-/linux-riscv64-0.18.20.tgz#6628389f210123d8b4743045af8caa7d4ddfc7a6"
integrity sha512-WSxo6h5ecI5XH34KC7w5veNnKkju3zBRLEQNY7mv5mtBmrP/MjNBCAlsM2u5hDBlS3NGcTQpoBvRzqBcRtpq1A==
"@esbuild/linux-ppc64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-ppc64/-/linux-ppc64-0.25.0.tgz#8860a4609914c065373a77242e985179658e1951"
integrity sha512-NhyOejdhRGS8Iwv+KKR2zTq2PpysF9XqY+Zk77vQHqNbo/PwZCzB5/h7VGuREZm1fixhs4Q/qWRSi5zmAiO4Fw==
"@esbuild/linux-s390x@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-s390x/-/linux-s390x-0.18.20.tgz#255e81fb289b101026131858ab99fba63dcf0071"
integrity sha512-+8231GMs3mAEth6Ja1iK0a1sQ3ohfcpzpRLH8uuc5/KVDFneH6jtAJLFGafpzpMRO6DzJ6AvXKze9LfFMrIHVQ==
"@esbuild/linux-riscv64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-riscv64/-/linux-riscv64-0.25.0.tgz#baf26e20bb2d38cfb86ee282dff840c04f4ed987"
integrity sha512-5S/rbP5OY+GHLC5qXp1y/Mx//e92L1YDqkiBbO9TQOvuFXM+iDqUNG5XopAnXoRH3FjIUDkeGcY1cgNvnXp/kA==
"@esbuild/linux-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-x64/-/linux-x64-0.18.20.tgz#c7690b3417af318a9b6f96df3031a8865176d338"
integrity sha512-UYqiqemphJcNsFEskc73jQ7B9jgwjWrSayxawS6UVFZGWrAAtkzjxSqnoclCXxWtfwLdzU+vTpcNYhpn43uP1w==
"@esbuild/linux-s390x@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-s390x/-/linux-s390x-0.25.0.tgz#8323afc0d6cb1b6dc6e9fd21efd9e1542c3640a4"
integrity sha512-XM2BFsEBz0Fw37V0zU4CXfcfuACMrppsMFKdYY2WuTS3yi8O1nFOhil/xhKTmE1nPmVyvQJjJivgDT+xh8pXJA==
"@esbuild/netbsd-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/netbsd-x64/-/netbsd-x64-0.18.20.tgz#30e8cd8a3dded63975e2df2438ca109601ebe0d1"
integrity sha512-iO1c++VP6xUBUmltHZoMtCUdPlnPGdBom6IrO4gyKPFFVBKioIImVooR5I83nTew5UOYrk3gIJhbZh8X44y06A==
"@esbuild/linux-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-x64/-/linux-x64-0.25.0.tgz#08fcf60cb400ed2382e9f8e0f5590bac8810469a"
integrity sha512-9yl91rHw/cpwMCNytUDxwj2XjFpxML0y9HAOH9pNVQDpQrBxHy01Dx+vaMu0N1CKa/RzBD2hB4u//nfc+Sd3Cw==
"@esbuild/openbsd-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/openbsd-x64/-/openbsd-x64-0.18.20.tgz#7812af31b205055874c8082ea9cf9ab0da6217ae"
integrity sha512-e5e4YSsuQfX4cxcygw/UCPIEP6wbIL+se3sxPdCiMbFLBWu0eiZOJ7WoD+ptCLrmjZBK1Wk7I6D/I3NglUGOxg==
"@esbuild/netbsd-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.0.tgz#935c6c74e20f7224918fbe2e6c6fe865b6c6ea5b"
integrity sha512-RuG4PSMPFfrkH6UwCAqBzauBWTygTvb1nxWasEJooGSJ/NwRw7b2HOwyRTQIU97Hq37l3npXoZGYMy3b3xYvPw==
"@esbuild/sunos-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/sunos-x64/-/sunos-x64-0.18.20.tgz#d5c275c3b4e73c9b0ecd38d1ca62c020f887ab9d"
integrity sha512-kDbFRFp0YpTQVVrqUd5FTYmWo45zGaXe0X8E1G/LKFC0v8x0vWrhOWSLITcCn63lmZIxfOMXtCfti/RxN/0wnQ==
"@esbuild/netbsd-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/netbsd-x64/-/netbsd-x64-0.25.0.tgz#414677cef66d16c5a4d210751eb2881bb9c1b62b"
integrity sha512-jl+qisSB5jk01N5f7sPCsBENCOlPiS/xptD5yxOx2oqQfyourJwIKLRA2yqWdifj3owQZCL2sn6o08dBzZGQzA==
"@esbuild/win32-arm64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/win32-arm64/-/win32-arm64-0.18.20.tgz#73bc7f5a9f8a77805f357fab97f290d0e4820ac9"
integrity sha512-ddYFR6ItYgoaq4v4JmQQaAI5s7npztfV4Ag6NrhiaW0RrnOXqBkgwZLofVTlq1daVTQNhtI5oieTvkRPfZrePg==
"@esbuild/openbsd-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.0.tgz#8fd55a4d08d25cdc572844f13c88d678c84d13f7"
integrity sha512-21sUNbq2r84YE+SJDfaQRvdgznTD8Xc0oc3p3iW/a1EVWeNj/SdUCbm5U0itZPQYRuRTW20fPMWMpcrciH2EJw==
"@esbuild/win32-ia32@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/win32-ia32/-/win32-ia32-0.18.20.tgz#ec93cbf0ef1085cc12e71e0d661d20569ff42102"
integrity sha512-Wv7QBi3ID/rROT08SABTS7eV4hX26sVduqDOTe1MvGMjNd3EjOz4b7zeexIR62GTIEKrfJXKL9LFxTYgkyeu7g==
"@esbuild/openbsd-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/openbsd-x64/-/openbsd-x64-0.25.0.tgz#0c48ddb1494bbc2d6bcbaa1429a7f465fa1dedde"
integrity sha512-2gwwriSMPcCFRlPlKx3zLQhfN/2WjJ2NSlg5TKLQOJdV0mSxIcYNTMhk3H3ulL/cak+Xj0lY1Ym9ysDV1igceg==
"@esbuild/win32-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/win32-x64/-/win32-x64-0.18.20.tgz#786c5f41f043b07afb1af37683d7c33668858f6d"
integrity sha512-kTdfRcSiDfQca/y9QIkng02avJ+NCaQvrMejlsB3RRv5sE9rRoeBPISaZpKxHELzRxZyLvNts1P27W3wV+8geQ==
"@esbuild/sunos-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/sunos-x64/-/sunos-x64-0.25.0.tgz#86ff9075d77962b60dd26203d7352f92684c8c92"
integrity sha512-bxI7ThgLzPrPz484/S9jLlvUAHYMzy6I0XiU1ZMeAEOBcS0VePBFxh1JjTQt3Xiat5b6Oh4x7UC7IwKQKIJRIg==
"@esbuild/win32-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/win32-arm64/-/win32-arm64-0.25.0.tgz#849c62327c3229467f5b5cd681bf50588442e96c"
integrity sha512-ZUAc2YK6JW89xTbXvftxdnYy3m4iHIkDtK3CLce8wg8M2L+YZhIvO1DKpxrd0Yr59AeNNkTiic9YLf6FTtXWMw==
"@esbuild/win32-ia32@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/win32-ia32/-/win32-ia32-0.25.0.tgz#f62eb480cd7cca088cb65bb46a6db25b725dc079"
integrity sha512-eSNxISBu8XweVEWG31/JzjkIGbGIJN/TrRoiSVZwZ6pkC6VX4Im/WV2cz559/TXLcYbcrDN8JtKgd9DJVIo8GA==
"@esbuild/win32-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/win32-x64/-/win32-x64-0.25.0.tgz#c8e119a30a7c8d60b9d2e22d2073722dde3b710b"
integrity sha512-ZENoHJBxA20C2zFzh6AI4fT6RraMzjYw4xKWemRTRmRVtN9c5DcH9r/f2ihEkMjOW5eGgrwCslG/+Y/3bL+DHQ==
"@eslint-community/eslint-utils@^4.2.0", "@eslint-community/eslint-utils@^4.4.0":
version "4.4.0"
@@ -1198,25 +1253,15 @@ ajv-formats@^2.1.0:
dependencies:
ajv "^8.0.0"
ajv@^6.12.4:
version "6.12.6"
resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4"
integrity sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==
ajv@^6.12.4, ajv@^8.0.0, ajv@^8.18.0, ajv@^8.6.1:
version "8.18.0"
resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.18.0.tgz#8864186b6738d003eb3a933172bb3833e10cefbc"
integrity sha512-PlXPeEWMXMZ7sPYOHqmDyCJzcfNrUr3fGNKtezX14ykXOEIvyK81d+qydx89KY5O71FKMPaQ2vBfBFI5NHR63A==
dependencies:
fast-deep-equal "^3.1.1"
fast-json-stable-stringify "^2.0.0"
json-schema-traverse "^0.4.1"
uri-js "^4.2.2"
ajv@^8.0.0, ajv@^8.6.1:
version "8.12.0"
resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.12.0.tgz#d1a0527323e22f53562c567c00991577dfbe19d1"
integrity sha512-sRu1kpcO9yLtYxBKvqfTeh9KzZEwO3STyX1HT+4CaDzC6HpTGYhIhPIzj9XuKU7KYDwnaeh5hcOwjy1QuJzBPA==
dependencies:
fast-deep-equal "^3.1.1"
fast-deep-equal "^3.1.3"
fast-uri "^3.0.1"
json-schema-traverse "^1.0.0"
require-from-string "^2.0.2"
uri-js "^4.2.2"
ansi-regex@^5.0.1:
version "5.0.1"
@@ -1304,19 +1349,19 @@ binary-extensions@^2.0.0:
integrity sha512-jDctJ/IVQbZoJykoeHbhXpOlNBqGNcwXJKJog42E5HDPUwQTSdjCHdihjj0DlnheQ7blbT6dHOafNAiS8ooQKA==
brace-expansion@^1.1.7:
version "1.1.11"
resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd"
integrity sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==
version "1.1.13"
resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.13.tgz#d37875c01dc9eff988dd49d112a57cb67b54efe6"
integrity sha512-9ZLprWS6EENmhEOpjCYW2c8VkmOvckIJZfkr7rBW6dObmfgJ/L1GpSYW5Hpo9lDz4D1+n0Ckz8rU7FwHDQiG/w==
dependencies:
balanced-match "^1.0.0"
concat-map "0.0.1"
braces@^3.0.2, braces@~3.0.2:
version "3.0.2"
resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.2.tgz#3454e1a462ee8d599e236df336cd9ea4f8afe107"
integrity sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==
braces@^3.0.3, braces@~3.0.2:
version "3.0.3"
resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.3.tgz#490332f40919452272d55a8480adc0c441358789"
integrity sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==
dependencies:
fill-range "^7.0.1"
fill-range "^7.1.1"
browserslist@^4.21.10, browserslist@^4.21.9:
version "4.22.1"
@@ -1460,10 +1505,10 @@ cosmiconfig@^8.1.3:
parse-json "^5.2.0"
path-type "^4.0.0"
cross-spawn@^7.0.2:
version "7.0.3"
resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.3.tgz#f73a85b9d5d41d045551c177e2882d4ac85728a6"
integrity sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==
cross-spawn@^7.0.2, cross-spawn@^7.0.5:
version "7.0.6"
resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.6.tgz#8a58fe78f00dcd70c370451759dfbfaf03e8ee9f"
integrity sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==
dependencies:
path-key "^3.1.0"
shebang-command "^2.0.0"
@@ -1558,33 +1603,36 @@ error-ex@^1.3.1:
dependencies:
is-arrayish "^0.2.1"
esbuild@^0.18.10:
version "0.18.20"
resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.18.20.tgz#4709f5a34801b43b799ab7d6d82f7284a9b7a7a6"
integrity sha512-ceqxoedUrcayh7Y7ZX6NdbbDzGROiyVBgC4PriJThBKSVPWnnFHZAkfI1lJT8QFkOwH4qOS2SJkS4wvpGl8BpA==
esbuild@0.25.0, esbuild@^0.25.0:
version "0.25.0"
resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.25.0.tgz#0de1787a77206c5a79eeb634a623d39b5006ce92"
integrity sha512-BXq5mqc8ltbaN34cDqWuYKyNhX8D/Z0J1xdtdQ8UcIIIyJyz+ZMKUt58tF3SrZ85jcfN/PZYhjR5uDQAYNVbuw==
optionalDependencies:
"@esbuild/android-arm" "0.18.20"
"@esbuild/android-arm64" "0.18.20"
"@esbuild/android-x64" "0.18.20"
"@esbuild/darwin-arm64" "0.18.20"
"@esbuild/darwin-x64" "0.18.20"
"@esbuild/freebsd-arm64" "0.18.20"
"@esbuild/freebsd-x64" "0.18.20"
"@esbuild/linux-arm" "0.18.20"
"@esbuild/linux-arm64" "0.18.20"
"@esbuild/linux-ia32" "0.18.20"
"@esbuild/linux-loong64" "0.18.20"
"@esbuild/linux-mips64el" "0.18.20"
"@esbuild/linux-ppc64" "0.18.20"
"@esbuild/linux-riscv64" "0.18.20"
"@esbuild/linux-s390x" "0.18.20"
"@esbuild/linux-x64" "0.18.20"
"@esbuild/netbsd-x64" "0.18.20"
"@esbuild/openbsd-x64" "0.18.20"
"@esbuild/sunos-x64" "0.18.20"
"@esbuild/win32-arm64" "0.18.20"
"@esbuild/win32-ia32" "0.18.20"
"@esbuild/win32-x64" "0.18.20"
"@esbuild/aix-ppc64" "0.25.0"
"@esbuild/android-arm" "0.25.0"
"@esbuild/android-arm64" "0.25.0"
"@esbuild/android-x64" "0.25.0"
"@esbuild/darwin-arm64" "0.25.0"
"@esbuild/darwin-x64" "0.25.0"
"@esbuild/freebsd-arm64" "0.25.0"
"@esbuild/freebsd-x64" "0.25.0"
"@esbuild/linux-arm" "0.25.0"
"@esbuild/linux-arm64" "0.25.0"
"@esbuild/linux-ia32" "0.25.0"
"@esbuild/linux-loong64" "0.25.0"
"@esbuild/linux-mips64el" "0.25.0"
"@esbuild/linux-ppc64" "0.25.0"
"@esbuild/linux-riscv64" "0.25.0"
"@esbuild/linux-s390x" "0.25.0"
"@esbuild/linux-x64" "0.25.0"
"@esbuild/netbsd-arm64" "0.25.0"
"@esbuild/netbsd-x64" "0.25.0"
"@esbuild/openbsd-arm64" "0.25.0"
"@esbuild/openbsd-x64" "0.25.0"
"@esbuild/sunos-x64" "0.25.0"
"@esbuild/win32-arm64" "0.25.0"
"@esbuild/win32-ia32" "0.25.0"
"@esbuild/win32-x64" "0.25.0"
escalade@^3.1.1:
version "3.1.1"
@@ -1705,7 +1753,7 @@ esutils@^2.0.2:
resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.3.tgz#74d2eb4de0b8da1293711910d50775b9b710ef64"
integrity sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==
fast-deep-equal@^3.1.1, fast-deep-equal@^3.1.3:
fast-deep-equal@^3.1.3:
version "3.1.3"
resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz#3a7d56b559d6cbc3eb512325244e619a65c6c525"
integrity sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==
@@ -1726,16 +1774,16 @@ fast-json-patch@^3.1.1:
resolved "https://registry.yarnpkg.com/fast-json-patch/-/fast-json-patch-3.1.1.tgz#85064ea1b1ebf97a3f7ad01e23f9337e72c66947"
integrity sha512-vf6IHUX2SBcA+5/+4883dsIjpBTqmfBjmYiWK1savxQmFk4JfBMLa7ynTYOs1Rolp/T1betJxHiGD3g1Mn8lUQ==
fast-json-stable-stringify@^2.0.0:
version "2.1.0"
resolved "https://registry.yarnpkg.com/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz#874bf69c6f404c2b5d99c481341399fd55892633"
integrity sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==
fast-levenshtein@^2.0.6:
version "2.0.6"
resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917"
integrity sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==
fast-uri@^3.0.1:
version "3.1.0"
resolved "https://registry.yarnpkg.com/fast-uri/-/fast-uri-3.1.0.tgz#66eecff6c764c0df9b762e62ca7edcfb53b4edfa"
integrity sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==
fastq@^1.6.0:
version "1.15.0"
resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.15.0.tgz#d04d07c6a2a68fe4599fea8d2e103a937fae6b3a"
@@ -1743,6 +1791,11 @@ fastq@^1.6.0:
dependencies:
reusify "^1.0.4"
fdir@^6.4.4, fdir@^6.5.0:
version "6.5.0"
resolved "https://registry.yarnpkg.com/fdir/-/fdir-6.5.0.tgz#ed2ab967a331ade62f18d077dae192684d50d350"
integrity sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==
file-entry-cache@^6.0.1:
version "6.0.1"
resolved "https://registry.yarnpkg.com/file-entry-cache/-/file-entry-cache-6.0.1.tgz#211b2dd9659cb0394b073e7323ac3c933d522027"
@@ -1750,10 +1803,10 @@ file-entry-cache@^6.0.1:
dependencies:
flat-cache "^3.0.4"
fill-range@^7.0.1:
version "7.0.1"
resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.0.1.tgz#1919a6a7c75fe38b2c7c77e5198535da9acdda40"
integrity sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==
fill-range@^7.1.1:
version "7.1.1"
resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.1.1.tgz#44265d3cac07e3ea7dc247516380643754a05292"
integrity sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==
dependencies:
to-regex-range "^5.0.1"
@@ -1780,9 +1833,9 @@ flat-cache@^3.0.4:
rimraf "^3.0.2"
flatted@^3.2.9:
version "3.2.9"
resolved "https://registry.yarnpkg.com/flatted/-/flatted-3.2.9.tgz#7eb4c67ca1ba34232ca9d2d93e9886e611ad7daf"
integrity sha512-36yxDn5H7OFZQla0/jFJmbIKTdZAQHngCedGxiMmpNfEZM0sdEeT+WczLQrjK6D7o2aiyLYDnkw0R3JK0Qv1RQ==
version "3.4.2"
resolved "https://registry.yarnpkg.com/flatted/-/flatted-3.4.2.tgz#f5c23c107f0f37de8dbdf24f13722b3b98d52726"
integrity sha512-PjDse7RzhcPkIJwy5t7KPWQSZ9cAbzQXcafsetQoD7sOJRQlGikNbx7yZp2OotDnJyrDcbyRq3Ttb18iYOqkxA==
fraction.js@^4.3.6:
version "4.3.7"
@@ -1794,7 +1847,7 @@ fs.realpath@^1.0.0:
resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f"
integrity sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==
fsevents@~2.3.2:
fsevents@~2.3.2, fsevents@~2.3.3:
version "2.3.3"
resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-2.3.3.tgz#cac6407785d03675a2a5e1a5305c697b347d90d6"
integrity sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==
@@ -1993,9 +2046,9 @@ jiti@^1.18.2:
integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==
js-yaml@^4.1.0:
version "4.1.0"
resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz#c1fb65f8f5017901cdd2c951864ba18458a10602"
integrity sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==
version "4.1.1"
resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.1.tgz#854c292467705b699476e1a2decc0c8a3458806b"
integrity sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==
dependencies:
argparse "^2.0.1"
@@ -2014,11 +2067,6 @@ json-parse-even-better-errors@^2.3.0:
resolved "https://registry.yarnpkg.com/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz#7c47805a94319928e05777405dc12e1f7a4ee02d"
integrity sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==
json-schema-traverse@^0.4.1:
version "0.4.1"
resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660"
integrity sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==
json-schema-traverse@^1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz#ae7bcb3656ab77a73ba5c49bf654f38e6b6860e2"
@@ -2071,10 +2119,10 @@ lodash.merge@^4.6.2:
resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.2.tgz#558aa53b43b661e1925a0afdfa36a9a1085fe57a"
integrity sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==
lodash@^4.17.21:
version "4.17.21"
resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c"
integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==
lodash@^4.17.21, lodash@^4.18.1:
version "4.18.1"
resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.18.1.tgz#ff2b66c1f6326d59513de2407bf881439812771c"
integrity sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==
loose-envify@^1.0.0, loose-envify@^1.1.0, loose-envify@^1.4.0:
version "1.4.0"
@@ -2115,17 +2163,17 @@ merge2@^1.3.0, merge2@^1.4.1:
integrity sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==
micromatch@^4.0.4, micromatch@^4.0.5:
version "4.0.5"
resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.5.tgz#bc8999a7cbbf77cdc89f132f6e467051b49090c6"
integrity sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==
version "4.0.8"
resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.8.tgz#d66fa18f3a47076789320b9b1af32bd86d9fa202"
integrity sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==
dependencies:
braces "^3.0.2"
braces "^3.0.3"
picomatch "^2.3.1"
minimatch@^3.0.4, minimatch@^3.0.5, minimatch@^3.1.1, minimatch@^3.1.2:
version "3.1.2"
resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.2.tgz#19cd194bfd3e428f049a70817c038d89ab4be35b"
integrity sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==
version "3.1.5"
resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.5.tgz#580c88f8d5445f2bd6aa8f3cadefa0de79fbd69e"
integrity sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==
dependencies:
brace-expansion "^1.1.7"
@@ -2143,10 +2191,10 @@ mz@^2.7.0:
object-assign "^4.0.1"
thenify-all "^1.0.0"
nanoid@^3.3.6:
version "3.3.6"
resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.3.6.tgz#443380c856d6e9f9824267d960b4236ad583ea4c"
integrity sha512-BGcqMMJuToF7i1rt+2PWSNVnWIkGCU78jBG3RxO/bZlnZPK2Cmi2QaffxGO/2RvWi9sL+FAiRiXMgsyxQ1DIDA==
nanoid@^3.3.11:
version "3.3.11"
resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.3.11.tgz#4f4f112cefbe303202f2199838128936266d185b"
integrity sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w==
natural-compare@^1.4.0:
version "1.4.0"
@@ -2266,10 +2314,20 @@ picocolors@^1.0.0:
resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.0.0.tgz#cb5bdc74ff3f51892236eaf79d68bc44564ab81c"
integrity sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==
picocolors@^1.1.1:
version "1.1.1"
resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.1.1.tgz#3d321af3eab939b083c8f929a1d12cda81c26b6b"
integrity sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==
picomatch@^2.0.4, picomatch@^2.2.1, picomatch@^2.3.1:
version "2.3.1"
resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.1.tgz#3ba3833733646d9d3e4995946c1365a67fb07a42"
integrity sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==
version "2.3.2"
resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.2.tgz#5a942915e26b372dc0f0e6753149a16e6b1c5601"
integrity sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==
picomatch@^4.0.2, picomatch@^4.0.4:
version "4.0.4"
resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-4.0.4.tgz#fd6f5e00a143086e074dffe4c924b8fb293b0589"
integrity sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==
pify@^2.3.0:
version "2.3.0"
@@ -2325,14 +2383,14 @@ postcss-value-parser@^4.0.0, postcss-value-parser@^4.2.0:
resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz#723c09920836ba6d3e5af019f92bc0971c02e514"
integrity sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==
postcss@^8.4.23, postcss@^8.4.27, postcss@^8.4.31:
version "8.4.31"
resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.4.31.tgz#92b451050a9f914da6755af352bdc0192508656d"
integrity sha512-PS08Iboia9mts/2ygV3eLpY5ghnUcfLV/EXTOW1E2qYxJKGGBUtNjN76FYHnMs36RmARn41bC0AZmn+rR0OVpQ==
postcss@^8.4.23, postcss@^8.4.31, postcss@^8.5.3:
version "8.5.9"
resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.5.9.tgz#f6ee9e0b94f0f19c97d2f172bfbd7fc71fe1cca4"
integrity sha512-7a70Nsot+EMX9fFU3064K/kdHWZqGVY+BADLyXc8Dfv+mTLLVl6JzJpPaCZ2kQL9gIJvKXSLMHhqdRRjwQeFtw==
dependencies:
nanoid "^3.3.6"
picocolors "^1.0.0"
source-map-js "^1.0.2"
nanoid "^3.3.11"
picocolors "^1.1.1"
source-map-js "^1.2.1"
prelude-ls@^1.2.1:
version "1.2.1"
@@ -2348,11 +2406,6 @@ prop-types@^15.6.2, prop-types@^15.8.1:
object-assign "^4.1.1"
react-is "^16.13.1"
punycode@^2.1.0:
version "2.3.0"
resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.3.0.tgz#f67fa67c94da8f4d0cfff981aee4118064199b8f"
integrity sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==
queue-microtask@^1.2.2:
version "1.2.3"
resolved "https://registry.yarnpkg.com/queue-microtask/-/queue-microtask-1.2.3.tgz#4929228bbc724dfac43e0efb058caf7b6cfb6243"
@@ -2447,11 +2500,6 @@ readdirp@~3.6.0:
dependencies:
picomatch "^2.2.1"
regenerator-runtime@^0.14.0:
version "0.14.0"
resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.14.0.tgz#5e19d68eb12d486f797e15a3c6a918f7cec5eb45"
integrity sha512-srw17NI0TUWHuGa5CFGGmhfNIeja30WMBfbslPNhf6JrqQlLN5gcrvig1oqPxiVaXb0oW0XRKtH6Nngs5lKCIA==
require-from-string@^2.0.2:
version "2.0.2"
resolved "https://registry.yarnpkg.com/require-from-string/-/require-from-string-2.0.2.tgz#89a7fdd938261267318eafe14f9c32e598c36909"
@@ -2483,10 +2531,10 @@ rimraf@^3.0.2:
dependencies:
glob "^7.1.3"
rollup@^3.27.1:
version "3.29.4"
resolved "https://registry.yarnpkg.com/rollup/-/rollup-3.29.4.tgz#4d70c0f9834146df8705bfb69a9a19c9e1109981"
integrity sha512-oWzmBZwvYrU0iJHtDmhsm662rC15FRXmcjCk1xD771dFDx5jJ02ufAQQTn0etB2emNk4J9EZg/yWKpsn9BWGRw==
rollup@^3.30.0, rollup@^4.34.9:
version "3.30.0"
resolved "https://registry.yarnpkg.com/rollup/-/rollup-3.30.0.tgz#3fa506fee2c5ba9d540a38da87067376cd55966d"
integrity sha512-kQvGasUgN+AlWGliFn2POSajRQEsULVYFGTvOZmK06d7vCD+YhZztt70kGk3qaeAXeWYL5eO7zx+rAubBc55eA==
optionalDependencies:
fsevents "~2.3.2"
@@ -2541,10 +2589,10 @@ snake-case@^3.0.4:
dot-case "^3.0.4"
tslib "^2.0.3"
source-map-js@^1.0.2:
version "1.0.2"
resolved "https://registry.yarnpkg.com/source-map-js/-/source-map-js-1.0.2.tgz#adbc361d9c62df380125e7f161f71c826f1e490c"
integrity sha512-R0XvVJ9WusLiqTCEiGCmICCMplcCkIwwR11mOSD9CR5u+IXYdiseeEuXCVAjS54zqwkLcPNnmU4OeJ6tUrWhDw==
source-map-js@^1.2.1:
version "1.2.1"
resolved "https://registry.yarnpkg.com/source-map-js/-/source-map-js-1.2.1.tgz#1ce5650fddd87abc099eda37dcff024c2667ae46"
integrity sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA==
source-map@^0.5.7:
version "0.5.7"
@@ -2665,6 +2713,14 @@ thenify-all@^1.0.0:
dependencies:
any-promise "^1.0.0"
tinyglobby@^0.2.13:
version "0.2.16"
resolved "https://registry.yarnpkg.com/tinyglobby/-/tinyglobby-0.2.16.tgz#1c3b7eb953fce42b226bc5a1ee06428281aff3d6"
integrity sha512-pn99VhoACYR8nFHhxqix+uvsbXineAasWm5ojXoN8xEwK5Kd3/TrhNn1wByuD52UxWRLy8pu+kRMniEi6Eq9Zg==
dependencies:
fdir "^6.5.0"
picomatch "^4.0.4"
to-fast-properties@^2.0.0:
version "2.0.0"
resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-2.0.0.tgz#dc5e698cbd079265bc73e0377681a4e4e83f616e"
@@ -2717,13 +2773,6 @@ update-browserslist-db@^1.0.13:
escalade "^3.1.1"
picocolors "^1.0.0"
uri-js@^4.2.2:
version "4.4.1"
resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.4.1.tgz#9b1a52595225859e55f669d928f88c6c57f2a77e"
integrity sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==
dependencies:
punycode "^2.1.0"
use-callback-ref@^1.3.0:
version "1.3.0"
resolved "https://registry.yarnpkg.com/use-callback-ref/-/use-callback-ref-1.3.0.tgz#772199899b9c9a50526fedc4993fc7fa1f7e32d5"
@@ -2770,16 +2819,19 @@ vite-plugin-svgr@^4.1.0:
"@svgr/core" "^8.1.0"
"@svgr/plugin-jsx" "^8.1.0"
vite@^4.4.5:
version "4.5.0"
resolved "https://registry.yarnpkg.com/vite/-/vite-4.5.0.tgz#ec406295b4167ac3bc23e26f9c8ff559287cff26"
integrity sha512-ulr8rNLA6rkyFAlVWw2q5YJ91v098AFQ2R0PRFwPzREXOUJQPtFUG0t+/ZikhaOCDqFoDhN6/v8Sq0o4araFAw==
vite@^6.4.2:
version "6.4.2"
resolved "https://registry.yarnpkg.com/vite/-/vite-6.4.2.tgz#a4e548ca3a90ca9f3724582cab35e1ba15efc6f2"
integrity sha512-2N/55r4JDJ4gdrCvGgINMy+HH3iRpNIz8K6SFwVsA+JbQScLiC+clmAxBgwiSPgcG9U15QmvqCGWzMbqda5zGQ==
dependencies:
esbuild "^0.18.10"
postcss "^8.4.27"
rollup "^3.27.1"
esbuild "^0.25.0"
fdir "^6.4.4"
picomatch "^4.0.2"
postcss "^8.5.3"
rollup "^4.34.9"
tinyglobby "^0.2.13"
optionalDependencies:
fsevents "~2.3.2"
fsevents "~2.3.3"
which@^2.0.1:
version "2.0.2"
@@ -2804,14 +2856,14 @@ yallist@^4.0.0:
integrity sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==
yaml@^1.10.0:
version "1.10.2"
resolved "https://registry.yarnpkg.com/yaml/-/yaml-1.10.2.tgz#2301c5ffbf12b467de8da2333a459e29e7920e4b"
integrity sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==
version "1.10.3"
resolved "https://registry.yarnpkg.com/yaml/-/yaml-1.10.3.tgz#76e407ed95c42684fb8e14641e5de62fe65bbcb3"
integrity sha512-vIYeF1u3CjlhAFekPPAk2h/Kv4T3mAkMox5OymRiJQB0spDP10LHvt+K7G9Ny6NuuMAb25/6n1qyUjAcGNf/AA==
yaml@^2.1.1:
version "2.3.3"
resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.3.3.tgz#01f6d18ef036446340007db8e016810e5d64aad9"
integrity sha512-zw0VAJxgeZ6+++/su5AFoqBbZbrEakwu+X0M5HmcwUiBL7AzcuPKjj5we4xfQLp78LkEMpD0cOnUhmgOVy3KdQ==
version "2.8.3"
resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.8.3.tgz#a0d6bd2efb3dd03c59370223701834e60409bd7d"
integrity sha512-AvbaCLOO2Otw/lW5bmh9d/WEdcDFdQp2Z2ZUH3pX9U2ihyUY0nvLv7J6TrWowklRGPYbB/IuIMfYgxaCPg5Bpg==
yocto-queue@^0.1.0:
version "0.1.0"
+75 -70
View File
@@ -8,6 +8,7 @@ import weakref
from concurrent.futures import ThreadPoolExecutor
from functools import lru_cache
from typing import (
TYPE_CHECKING,
Any,
AsyncIterator,
Dict,
@@ -21,22 +22,22 @@ from typing import (
from urllib.parse import urljoin
import httpx
from httpx._types import AuthTypes, CertTypes, CookieTypes, HeaderTypes, VerifyTypes
from langchain.callbacks.manager import (
from httpx._types import AuthTypes, CertTypes, CookieTypes, HeaderTypes
from langchain_core.callbacks import (
AsyncCallbackManagerForChainRun,
CallbackManagerForChainRun,
)
from langchain.callbacks.tracers.log_stream import RunLogPatch
from langchain.load.dump import dumpd
from langchain.schema.runnable import Runnable
from langchain.schema.runnable.config import (
from langchain_core.load.dump import dumpd
from langchain_core.runnables import Runnable
from langchain_core.runnables.config import (
RunnableConfig,
ensure_config,
get_async_callback_manager_for_config,
get_callback_manager_for_config,
)
from langchain.schema.runnable.utils import AddableDict, Input, Output
from langchain_core.runnables.schema import StreamEvent
from langchain_core.runnables.utils import AddableDict, Input, Output
from langchain_core.tracers.log_stream import RunLogPatch
from typing_extensions import Literal
from langserve.callbacks import CallbackEventDict, ahandle_callbacks, handle_callbacks
@@ -45,9 +46,14 @@ from langserve.serialization import (
WellKnownLCSerializer,
load_events,
)
from langserve.server_sent_events import aconnect_sse, connect_sse
logger = logging.getLogger(__name__)
if TYPE_CHECKING:
# For type checking httpx types
import ssl
def _is_json_serializable(obj: Any) -> bool:
"""Return True if the object is json serializable."""
@@ -119,6 +125,12 @@ def _log_error_message_once(error_message: str) -> None:
logger.error(error_message)
@lru_cache(maxsize=1_000) # Will accommodate up to 1_000 different error messages
def _log_info_message_once(error_message: str) -> None:
"""Log an error message once."""
logger.info(error_message)
def _sanitize_request(request: httpx.Request) -> httpx.Request:
"""Remove sensitive headers from the request."""
accept_headers = {
@@ -274,10 +286,11 @@ class RemoteRunnable(Runnable[Input, Output]):
auth: Optional[AuthTypes] = None,
headers: Optional[HeaderTypes] = None,
cookies: Optional[CookieTypes] = None,
verify: VerifyTypes = True,
verify: ssl.SSLContext | str | bool = True,
cert: Optional[CertTypes] = None,
client_kwargs: Optional[Dict[str, Any]] = None,
use_server_callback_events: bool = True,
serializer: Optional[Serializer] = None,
) -> None:
"""Initialize the client.
@@ -293,6 +306,8 @@ class RemoteRunnable(Runnable[Input, Output]):
and async httpx clients
use_server_callback_events: Whether to invoke callbacks on any
callback events returned by the server.
serializer: The serializer to use for serializing and deserializing
data. If not provided, a default serializer will be used.
"""
_client_kwargs = client_kwargs or {}
# Enforce trailing slash
@@ -320,7 +335,7 @@ class RemoteRunnable(Runnable[Input, Output]):
# Register cleanup handler once RemoteRunnable is garbage collected
weakref.finalize(self, _close_clients, self.sync_client, self.async_client)
self._lc_serializer = WellKnownLCSerializer()
self._lc_serializer = serializer or WellKnownLCSerializer()
self._use_server_callback_events = use_server_callback_events
def _invoke(
@@ -430,11 +445,15 @@ class RemoteRunnable(Runnable[Input, Output]):
self,
inputs: List[Input],
config: Optional[RunnableConfig] = None,
*,
return_exceptions: bool = False,
**kwargs: Any,
) -> List[Output]:
if kwargs:
raise NotImplementedError("kwargs not implemented yet.")
return self._batch_with_config(self._batch, inputs, config)
raise NotImplementedError(f"kwargs not implemented yet. Got {kwargs}")
return self._batch_with_config(
self._batch, inputs, config, return_exceptions=return_exceptions
)
async def _abatch(
self,
@@ -523,25 +542,17 @@ class RemoteRunnable(Runnable[Input, Output]):
}
endpoint = urljoin(self.url, "stream")
try:
from httpx_sse import connect_sse
except ImportError:
raise ImportError(
"Missing `httpx_sse` dependency to use the stream method. "
"Install via `pip install httpx_sse`'"
)
try:
with connect_sse(
self.sync_client, "POST", endpoint, json=data
) as event_source:
for sse in event_source.iter_sse():
if sse.event == "data":
chunk = self._lc_serializer.loads(sse.data)
if sse["event"] == "data":
chunk = self._lc_serializer.loads(sse["data"])
if isinstance(chunk, dict):
# Any dict returned from streaming end point
# is assumed to follow additive semantics
# and will be converted to an AddableDict
# and will be coverted to an AddableDict
# automatically
chunk = AddableDict(chunk)
yield chunk
@@ -563,21 +574,21 @@ class RemoteRunnable(Runnable[Input, Output]):
except TypeError:
final_output = None
final_output_supported = False
elif sse.event == "error":
elif sse["event"] == "error":
# This can only be a server side error
_raise_exception_from_data(
sse.data, httpx.Request(method="POST", url=endpoint)
sse["data"], httpx.Request(method="POST", url=endpoint)
)
elif sse.event == "metadata":
elif sse["event"] == "metadata":
# Nothing to do for metadata for the regular remote client.
continue
elif sse.event == "end":
elif sse["event"] == "end":
break
else:
_log_error_message_once(
f"Encountered an unsupported event type: `{sse.event}`. "
f"Encountered an unsupported event type: `{sse['event']}`. "
f"Try upgrading the remote client to the latest version."
f"Ignoring events of type `{sse.event}`."
f"Ignoring events of type `{sse['event']}`."
)
except BaseException as e:
run_manager.on_chain_error(e)
@@ -609,18 +620,13 @@ class RemoteRunnable(Runnable[Input, Output]):
}
endpoint = urljoin(self.url, "stream")
try:
from httpx_sse import aconnect_sse
except ImportError:
raise ImportError("You must install `httpx_sse` to use the stream method.")
try:
async with aconnect_sse(
self.async_client, "POST", endpoint, json=data
) as event_source:
async for sse in event_source.aiter_sse():
if sse.event == "data":
chunk = self._lc_serializer.loads(sse.data)
if sse["event"] == "data":
chunk = self._lc_serializer.loads(sse["data"])
if isinstance(chunk, dict):
# Any dict returned from streaming end point
# is assumed to follow additive semantics
@@ -647,21 +653,21 @@ class RemoteRunnable(Runnable[Input, Output]):
final_output = None
final_output_supported = False
elif sse.event == "error":
elif sse["event"] == "error":
# This can only be a server side error
_raise_exception_from_data(
sse.data, httpx.Request(method="POST", url=endpoint)
sse["data"], httpx.Request(method="POST", url=endpoint)
)
elif sse.event == "metadata":
elif sse["event"] == "metadata":
# Nothing to do for metadata for the regular remote client.
continue
elif sse.event == "end":
elif sse["event"] == "end":
break
else:
_log_error_message_once(
f"Encountered an unsupported event type: `{sse.event}`. "
f"Encountered an unsupported event type: `{sse['event']}`. "
f"Try upgrading the remote client to the latest version."
f"Ignoring events of type `{sse.event}`."
f"Ignoring events of type `{sse['event']}`."
)
except BaseException as e:
await run_manager.on_chain_error(e)
@@ -718,18 +724,13 @@ class RemoteRunnable(Runnable[Input, Output]):
}
endpoint = urljoin(self.url, "stream_log")
try:
from httpx_sse import aconnect_sse
except ImportError:
raise ImportError("You must install `httpx_sse` to use the stream method.")
try:
async with aconnect_sse(
self.async_client, "POST", endpoint, json=data
) as event_source:
async for sse in event_source.aiter_sse():
if sse.event == "data":
data = self._lc_serializer.loads(sse.data)
if sse["event"] == "data":
data = self._lc_serializer.loads(sse["data"])
# Create a copy of the data to yield since underlying
# code is using jsonpatch which does some stuff in-place
# that can cause unexpected consequences.
@@ -741,18 +742,18 @@ class RemoteRunnable(Runnable[Input, Output]):
final_output += chunk
else:
final_output = chunk
elif sse.event == "error":
elif sse["event"] == "error":
# This can only be a server side error
_raise_exception_from_data(
sse.data, httpx.Request(method="POST", url=endpoint)
sse["data"], httpx.Request(method="POST", url=endpoint)
)
elif sse.event == "end":
elif sse["event"] == "end":
break
else:
_log_error_message_once(
f"Encountered an unsupported event type: `{sse.event}`. "
f"Encountered an unsupported event type: `{sse['event']}`. "
f"Try upgrading the remote client to the latest version."
f"Ignoring events of type `{sse.event}`."
f"Ignoring events of type `{sse['event']}`."
)
except BaseException as e:
await run_manager.on_chain_error(e)
@@ -765,7 +766,7 @@ class RemoteRunnable(Runnable[Input, Output]):
input: Any,
config: Optional[RunnableConfig] = None,
*,
version: Literal["v1"],
version: Literal["v1", "v2", None] = None,
include_names: Optional[Sequence[str]] = None,
include_types: Optional[Sequence[str]] = None,
include_tags: Optional[Sequence[str]] = None,
@@ -788,7 +789,8 @@ class RemoteRunnable(Runnable[Input, Output]):
input: The input to the runnable
config: The config to use for the runnable
version: The version of the astream_events to use.
Currently only "v1" is supported.
Currently, this input is IGNORED on the client.
The server will return whatever format it's configured with.
include_names: The names of the events to include
include_types: The types of the events to include
include_tags: The tags of the events to include
@@ -796,13 +798,18 @@ class RemoteRunnable(Runnable[Input, Output]):
exclude_types: The types of the events to exclude
exclude_tags: The tags of the events to exclude
"""
if version != "v1":
raise ValueError(f"Unsupported version: {version}. Use 'v1'")
# Create a stream handler that will emit Log objects
config = ensure_config(config)
callback_manager = get_async_callback_manager_for_config(config)
if version is not None:
_log_info_message_once(
"Versioning of the astream_events API is not supported on the client "
"side currently. The server will return events in whatever format "
"it was configured with in add_routes or APIHandler. "
"To stop seeing this message, remove the `version` argument."
)
events = []
run_manager = await callback_manager.on_chain_start(
@@ -822,36 +829,34 @@ class RemoteRunnable(Runnable[Input, Output]):
"exclude_tags": exclude_tags,
}
endpoint = urljoin(self.url, "stream_events")
try:
from httpx_sse import aconnect_sse
except ImportError:
raise ImportError("You must install `httpx_sse` to use the stream method.")
headers = kwargs.pop("headers", {})
headers["Accept"] = "text/event-stream"
headers["Cache-Control"] = "no-store"
try:
async with aconnect_sse(
self.async_client, "POST", endpoint, json=data
) as event_source:
async for sse in event_source.aiter_sse():
if sse.event == "data":
event = self._lc_serializer.loads(sse.data)
if sse["event"] == "data":
event = self._lc_serializer.loads(sse["data"])
# Create a copy of the data to yield since underlying
# code is using jsonpatch which does some stuff in-place
# that can cause unexpected consequences.
yield event
events.append(event)
elif sse.event == "error":
elif sse["event"] == "error":
# This can only be a server side error
_raise_exception_from_data(
sse.data, httpx.Request(method="POST", url=endpoint)
sse["data"], httpx.Request(method="POST", url=endpoint)
)
elif sse.event == "end":
elif sse["event"] == "end":
break
else:
_log_error_message_once(
f"Encountered an unsupported event type: `{sse.event}`. "
f"Encountered an unsupported event type: `{sse['event']}`. "
f"Try upgrading the remote client to the latest version."
f"Ignoring events of type `{sse.event}`."
f"Ignoring events of type `{sse['event']}`."
)
except BaseException as e:
await run_manager.on_chain_error(e)
+7 -6
View File
@@ -5,9 +5,8 @@ from string import Template
from typing import Literal, Sequence, Type
from fastapi.responses import Response
from langchain.schema.runnable import Runnable
from langserve.pydantic_v1 import BaseModel
from langchain_core.runnables import Runnable
from pydantic import BaseModel
class PlaygroundTemplate(Template):
@@ -90,10 +89,12 @@ async def serve_playground(
if base_url.startswith("/")
else base_url,
LANGSERVE_CONFIG_SCHEMA=json.dumps(
runnable.config_schema(include=config_keys).schema()
runnable.config_schema(include=config_keys).model_json_schema()
),
LANGSERVE_INPUT_SCHEMA=json.dumps(input_schema.model_json_schema()),
LANGSERVE_OUTPUT_SCHEMA=json.dumps(
output_schema.model_json_schema()
),
LANGSERVE_INPUT_SCHEMA=json.dumps(input_schema.schema()),
LANGSERVE_OUTPUT_SCHEMA=json.dumps(output_schema.schema()),
LANGSERVE_FEEDBACK_ENABLED=json.dumps(
"true" if feedback_enabled else "false"
),
File diff suppressed because one or more lines are too long
+1 -1
View File
@@ -5,7 +5,7 @@
<link rel="icon" href="/____LANGSERVE_BASE_URL/favicon.ico" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Playground</title>
<script type="module" crossorigin src="/____LANGSERVE_BASE_URL/assets/index-dbc96538.js"></script>
<script type="module" crossorigin src="/____LANGSERVE_BASE_URL/assets/index-400979f0.js"></script>
<link rel="stylesheet" href="/____LANGSERVE_BASE_URL/assets/index-52e8ab2f.css">
</head>
<body>
+9 -2
View File
@@ -25,7 +25,7 @@
"clsx": "^2.0.0",
"dayjs": "^1.11.10",
"fast-json-patch": "^3.1.1",
"lodash": "^4.17.21",
"lodash": "^4.18.1",
"lz-string": "^1.5.0",
"react": "^18.2.0",
"react-dom": "^18.2.0",
@@ -48,7 +48,14 @@
"postcss": "^8.4.31",
"tailwindcss": "^3.3.3",
"typescript": "^5.0.2",
"vite": "^4.4.5",
"vite": "^6.4.2",
"vite-plugin-svgr": "^4.1.0"
},
"resolutions": {
"braces": "^3.0.3",
"cross-spawn": "^7.0.5",
"rollup": "^3.30.0",
"ajv": "^8.18.0",
"esbuild": "0.25.0"
}
}
@@ -6,12 +6,30 @@ import {
schemaMatches,
Paths,
isControl,
JsonSchema,
} from "@jsonforms/core";
import { useStreamCallback } from "../useStreamCallback";
import { isJsonSchemaExtra } from "../utils/schema";
import { MessageFields, ChatMessageInput } from "./ChatMessageInput";
import { useEffect } from "react";
function checkItemSchema(schema: JsonSchema) {
const isObjectMessage =
schema.type === "object" &&
(schema.title?.endsWith("Message") ||
schema.title?.endsWith("MessageChunk"));
const isTupleMessage =
schema.type === "array" &&
schema.minItems === 2 &&
schema.maxItems === 2 &&
Array.isArray(schema.items) &&
schema.items.length === 2 &&
schema.items.every((schema) => schema.type === "string");
return isObjectMessage || isTupleMessage;
}
export const chatMessagesTester = rankWith(
12,
and(
@@ -34,22 +52,11 @@ export const chatMessagesTester = rankWith(
}
if ("anyOf" in schema.items && schema.items.anyOf != null) {
return schema.items.anyOf.every((schema) => {
const isObjectMessage =
schema.type === "object" &&
(schema.title?.endsWith("Message") ||
schema.title?.endsWith("MessageChunk"));
return schema.items.anyOf.every(checkItemSchema);
}
const isTupleMessage =
schema.type === "array" &&
schema.minItems === 2 &&
schema.maxItems === 2 &&
Array.isArray(schema.items) &&
schema.items.length === 2 &&
schema.items.every((schema) => schema.type === "string");
return isObjectMessage || isTupleMessage;
});
if ("oneOf" in schema.items && schema.items.oneOf != null) {
return schema.items.oneOf.every(checkItemSchema);
}
return false;
@@ -64,10 +71,14 @@ export const ChatMessagesControlRenderer = withJsonFormsControlProps(
useEffect(() => {
if (!isJsonSchemaExtra(props.schema)) return;
if (props.schema.extra.widget.type !== "chat") return;
setTimeout(() => props.handleChange(props.path, [
...data,
{ content: "", type: "human" },
]), 10);
setTimeout(
() =>
props.handleChange(props.path, [
...data,
{ content: "", type: "human" },
]),
10
);
}, []);
useStreamCallback("onStart", () => {
@@ -81,7 +92,10 @@ export const ChatMessagesControlRenderer = withJsonFormsControlProps(
if (props.schema.extra.widget.type !== "chat") return;
if (aggregatedState?.final_output !== undefined) {
const msgPath = Paths.compose(props.path, `${data.length - 1}`);
if ((aggregatedState.final_output as MessageFields)?.type === "AIMessageChunk") {
if (
(aggregatedState.final_output as MessageFields)?.type ===
"AIMessageChunk"
) {
props.handleChange(
Paths.compose(msgPath, "content"),
(aggregatedState.final_output as MessageFields)?.content
@@ -140,7 +154,7 @@ export const ChatMessagesControlRenderer = withJsonFormsControlProps(
props.path,
data.filter((_, i) => i !== index)
);
}
};
return (
<ChatMessageInput
message={message}
@@ -148,7 +162,7 @@ export const ChatMessagesControlRenderer = withJsonFormsControlProps(
handleRemoval={handleChatMessageRemoval}
path={props.path}
key={index}
></ChatMessageInput>
></ChatMessageInput>
);
})}
</div>
+291 -239
View File
@@ -28,6 +28,15 @@
"@babel/highlight" "^7.22.13"
chalk "^2.4.2"
"@babel/code-frame@^7.28.6":
version "7.29.0"
resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.29.0.tgz#7cd7a59f15b3cc0dcd803038f7792712a7d0b15c"
integrity sha512-9NhCeYjq9+3uxgdtp20LSiJXJvN0FeCtNGpJxuMFZ1Kv3cWUNb6DOhJwUvcVCzKGR66cw4njwM6hrJLqgOwbcw==
dependencies:
"@babel/helper-validator-identifier" "^7.28.5"
js-tokens "^4.0.0"
picocolors "^1.1.1"
"@babel/compat-data@^7.22.9":
version "7.23.2"
resolved "https://registry.yarnpkg.com/@babel/compat-data/-/compat-data-7.23.2.tgz#6a12ced93455827037bfb5ed8492820d60fc32cc"
@@ -137,24 +146,33 @@
resolved "https://registry.yarnpkg.com/@babel/helper-string-parser/-/helper-string-parser-7.22.5.tgz#533f36457a25814cf1df6488523ad547d784a99f"
integrity sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==
"@babel/helper-string-parser@^7.27.1":
version "7.27.1"
resolved "https://registry.yarnpkg.com/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz#54da796097ab19ce67ed9f88b47bb2ec49367687"
integrity sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==
"@babel/helper-validator-identifier@^7.22.20":
version "7.22.20"
resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz#c4ae002c61d2879e724581d96665583dbc1dc0e0"
integrity sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==
"@babel/helper-validator-identifier@^7.28.5":
version "7.28.5"
resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.28.5.tgz#010b6938fab7cb7df74aa2bbc06aa503b8fe5fb4"
integrity sha512-qSs4ifwzKJSV39ucNjsvc6WVHs6b7S03sOh2OcHF9UHfVPqWWALUsNUVzhSBiItjRZoLHx7nIarVjqKVusUZ1Q==
"@babel/helper-validator-option@^7.22.15":
version "7.22.15"
resolved "https://registry.yarnpkg.com/@babel/helper-validator-option/-/helper-validator-option-7.22.15.tgz#694c30dfa1d09a6534cdfcafbe56789d36aba040"
integrity sha512-bMn7RmyFjY/mdECUbgn9eoSY4vqvacUnS9i9vGAGttgFWesO6B4CYWA7XlpbWgBt71iv/hfbPlynohStqnu5hA==
"@babel/helpers@^7.23.2":
version "7.23.2"
resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.23.2.tgz#2832549a6e37d484286e15ba36a5330483cac767"
integrity sha512-lzchcp8SjTSVe/fPmLwtWVBFC7+Tbn8LGHDVfDp9JGxpAY5opSaEFgt8UQvrnECWOTdji2mOWMz1rOhkHscmGQ==
version "7.28.6"
resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.28.6.tgz#fca903a313ae675617936e8998b814c415cbf5d7"
integrity sha512-xOBvwq86HHdB7WUDTfKfT/Vuxh7gElQ+Sfti2Cy6yIWNW05P8iUslOVcZ4/sKbE+/jQaukQAdz/gf3724kYdqw==
dependencies:
"@babel/template" "^7.22.15"
"@babel/traverse" "^7.23.2"
"@babel/types" "^7.23.0"
"@babel/template" "^7.28.6"
"@babel/types" "^7.28.6"
"@babel/highlight@^7.22.13":
version "7.22.20"
@@ -170,6 +188,13 @@
resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.23.0.tgz#da950e622420bf96ca0d0f2909cdddac3acd8719"
integrity sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==
"@babel/parser@^7.28.6":
version "7.29.0"
resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.29.0.tgz#669ef345add7d057e92b7ed15f0bac07611831b6"
integrity sha512-IyDgFV5GeDUVX4YdF/3CPULtVGSXXMLh1xVIgdCgxApktqnQV0r7/8Nqthg+8YLGaAtdyIlo2qIdZrbCv4+7ww==
dependencies:
"@babel/types" "^7.29.0"
"@babel/plugin-transform-react-jsx-self@^7.22.5":
version "7.22.5"
resolved "https://registry.yarnpkg.com/@babel/plugin-transform-react-jsx-self/-/plugin-transform-react-jsx-self-7.22.5.tgz#ca2fdc11bc20d4d46de01137318b13d04e481d8e"
@@ -185,11 +210,9 @@
"@babel/helper-plugin-utils" "^7.22.5"
"@babel/runtime@^7.12.5", "@babel/runtime@^7.13.10", "@babel/runtime@^7.18.3", "@babel/runtime@^7.23.1", "@babel/runtime@^7.5.5", "@babel/runtime@^7.8.7":
version "7.23.2"
resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.23.2.tgz#062b0ac103261d68a966c4c7baf2ae3e62ec3885"
integrity sha512-mM8eg4yl5D6i3lu2QKPuPH4FArvJ8KhTofbE7jwMUv9KX5mBvwPAqnV3MlyBNqdp9RyRKP6Yck8TrfYrPvX3bg==
dependencies:
regenerator-runtime "^0.14.0"
version "7.28.6"
resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.28.6.tgz#d267a43cb1836dc4d182cce93ae75ba954ef6d2b"
integrity sha512-05WQkdpL9COIMz4LjTxGpPNCdlpyimKppYNoJ5Di5EUObifl8t4tuLuUBBZEpoLYOmfvIWrsp9fCl0HoPRVTdA==
"@babel/template@^7.22.15":
version "7.22.15"
@@ -200,6 +223,15 @@
"@babel/parser" "^7.22.15"
"@babel/types" "^7.22.15"
"@babel/template@^7.28.6":
version "7.28.6"
resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.28.6.tgz#0e7e56ecedb78aeef66ce7972b082fce76a23e57"
integrity sha512-YA6Ma2KsCdGb+WC6UpBVFJGXL58MDA6oyONbjyF/+5sBgxY/dwkhLogbMT2GXXyU84/IhRw/2D1Os1B/giz+BQ==
dependencies:
"@babel/code-frame" "^7.28.6"
"@babel/parser" "^7.28.6"
"@babel/types" "^7.28.6"
"@babel/traverse@^7.23.2":
version "7.23.2"
resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.23.2.tgz#329c7a06735e144a506bdb2cad0268b7f46f4ad8"
@@ -225,6 +257,14 @@
"@babel/helper-validator-identifier" "^7.22.20"
to-fast-properties "^2.0.0"
"@babel/types@^7.28.6", "@babel/types@^7.29.0":
version "7.29.0"
resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.29.0.tgz#9f5b1e838c446e72cf3cd4b918152b8c605e37c7"
integrity sha512-LwdZHpScM4Qz8Xw2iKSzS+cfglZzJGvofQICy7W7v4caru4EaAmyUuO6BGrbyQ2mYV11W0U8j5mBhd14dd3B0A==
dependencies:
"@babel/helper-string-parser" "^7.27.1"
"@babel/helper-validator-identifier" "^7.28.5"
"@date-io/core@^1.3.13":
version "1.3.13"
resolved "https://registry.yarnpkg.com/@date-io/core/-/core-1.3.13.tgz#90c71da493f20204b7a972929cc5c482d078b3fa"
@@ -344,115 +384,130 @@
resolved "https://registry.yarnpkg.com/@emotion/weak-memoize/-/weak-memoize-0.3.1.tgz#d0fce5d07b0620caa282b5131c297bb60f9d87e6"
integrity sha512-EsBwpc7hBUJWAsNPBmJy4hxWx12v6bshQsldrVmjxJoc3isbxhOrF2IcCpaXxfvq03NwkI7sbsOLXbYuqF/8Ww==
"@esbuild/android-arm64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/android-arm64/-/android-arm64-0.18.20.tgz#984b4f9c8d0377443cc2dfcef266d02244593622"
integrity sha512-Nz4rJcchGDtENV0eMKUNa6L12zz2zBDXuhj/Vjh18zGqB44Bi7MBMSXjgunJgjRhCmKOjnPuZp4Mb6OKqtMHLQ==
"@esbuild/aix-ppc64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/aix-ppc64/-/aix-ppc64-0.25.0.tgz#499600c5e1757a524990d5d92601f0ac3ce87f64"
integrity sha512-O7vun9Sf8DFjH2UtqK8Ku3LkquL9SZL8OLY1T5NZkA34+wG3OQF7cl4Ql8vdNzM6fzBbYfLaiRLIOZ+2FOCgBQ==
"@esbuild/android-arm@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/android-arm/-/android-arm-0.18.20.tgz#fedb265bc3a589c84cc11f810804f234947c3682"
integrity sha512-fyi7TDI/ijKKNZTUJAQqiG5T7YjJXgnzkURqmGj13C6dCqckZBLdl4h7bkhHt/t0WP+zO9/zwroDvANaOqO5Sw==
"@esbuild/android-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/android-arm64/-/android-arm64-0.25.0.tgz#b9b8231561a1dfb94eb31f4ee056b92a985c324f"
integrity sha512-grvv8WncGjDSyUBjN9yHXNt+cq0snxXbDxy5pJtzMKGmmpPxeAmAhWxXI+01lU5rwZomDgD3kJwulEnhTRUd6g==
"@esbuild/android-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/android-x64/-/android-x64-0.18.20.tgz#35cf419c4cfc8babe8893d296cd990e9e9f756f2"
integrity sha512-8GDdlePJA8D6zlZYJV/jnrRAi6rOiNaCC/JclcXpB+KIuvfBN4owLtgzY2bsxnx666XjJx2kDPUmnTtR8qKQUg==
"@esbuild/android-arm@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/android-arm/-/android-arm-0.25.0.tgz#ca6e7888942505f13e88ac9f5f7d2a72f9facd2b"
integrity sha512-PTyWCYYiU0+1eJKmw21lWtC+d08JDZPQ5g+kFyxP0V+es6VPPSUhM6zk8iImp2jbV6GwjX4pap0JFbUQN65X1g==
"@esbuild/darwin-arm64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/darwin-arm64/-/darwin-arm64-0.18.20.tgz#08172cbeccf95fbc383399a7f39cfbddaeb0d7c1"
integrity sha512-bxRHW5kHU38zS2lPTPOyuyTm+S+eobPUnTNkdJEfAddYgEcll4xkT8DB9d2008DtTbl7uJag2HuE5NZAZgnNEA==
"@esbuild/android-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/android-x64/-/android-x64-0.25.0.tgz#e765ea753bac442dfc9cb53652ce8bd39d33e163"
integrity sha512-m/ix7SfKG5buCnxasr52+LI78SQ+wgdENi9CqyCXwjVR2X4Jkz+BpC3le3AoBPYTC9NHklwngVXvbJ9/Akhrfg==
"@esbuild/darwin-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/darwin-x64/-/darwin-x64-0.18.20.tgz#d70d5790d8bf475556b67d0f8b7c5bdff053d85d"
integrity sha512-pc5gxlMDxzm513qPGbCbDukOdsGtKhfxD1zJKXjCCcU7ju50O7MeAZ8c4krSJcOIJGFR+qx21yMMVYwiQvyTyQ==
"@esbuild/darwin-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/darwin-arm64/-/darwin-arm64-0.25.0.tgz#fa394164b0d89d4fdc3a8a21989af70ef579fa2c"
integrity sha512-mVwdUb5SRkPayVadIOI78K7aAnPamoeFR2bT5nszFUZ9P8UpK4ratOdYbZZXYSqPKMHfS1wdHCJk1P1EZpRdvw==
"@esbuild/freebsd-arm64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/freebsd-arm64/-/freebsd-arm64-0.18.20.tgz#98755cd12707f93f210e2494d6a4b51b96977f54"
integrity sha512-yqDQHy4QHevpMAaxhhIwYPMv1NECwOvIpGCZkECn8w2WFHXjEwrBn3CeNIYsibZ/iZEUemj++M26W3cNR5h+Tw==
"@esbuild/darwin-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/darwin-x64/-/darwin-x64-0.25.0.tgz#91979d98d30ba6e7d69b22c617cc82bdad60e47a"
integrity sha512-DgDaYsPWFTS4S3nWpFcMn/33ZZwAAeAFKNHNa1QN0rI4pUjgqf0f7ONmXf6d22tqTY+H9FNdgeaAa+YIFUn2Rg==
"@esbuild/freebsd-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/freebsd-x64/-/freebsd-x64-0.18.20.tgz#c1eb2bff03915f87c29cece4c1a7fa1f423b066e"
integrity sha512-tgWRPPuQsd3RmBZwarGVHZQvtzfEBOreNuxEMKFcd5DaDn2PbBxfwLcj4+aenoh7ctXcbXmOQIn8HI6mCSw5MQ==
"@esbuild/freebsd-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.0.tgz#b97e97073310736b430a07b099d837084b85e9ce"
integrity sha512-VN4ocxy6dxefN1MepBx/iD1dH5K8qNtNe227I0mnTRjry8tj5MRk4zprLEdG8WPyAPb93/e4pSgi1SoHdgOa4w==
"@esbuild/linux-arm64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-arm64/-/linux-arm64-0.18.20.tgz#bad4238bd8f4fc25b5a021280c770ab5fc3a02a0"
integrity sha512-2YbscF+UL7SQAVIpnWvYwM+3LskyDmPhe31pE7/aoTMFKKzIc9lLbyGUpmmb8a8AixOL61sQ/mFh3jEjHYFvdA==
"@esbuild/freebsd-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/freebsd-x64/-/freebsd-x64-0.25.0.tgz#f3b694d0da61d9910ec7deff794d444cfbf3b6e7"
integrity sha512-mrSgt7lCh07FY+hDD1TxiTyIHyttn6vnjesnPoVDNmDfOmggTLXRv8Id5fNZey1gl/V2dyVK1VXXqVsQIiAk+A==
"@esbuild/linux-arm@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-arm/-/linux-arm-0.18.20.tgz#3e617c61f33508a27150ee417543c8ab5acc73b0"
integrity sha512-/5bHkMWnq1EgKr1V+Ybz3s1hWXok7mDFUMQ4cG10AfW3wL02PSZi5kFpYKrptDsgb2WAJIvRcDm+qIvXf/apvg==
"@esbuild/linux-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-arm64/-/linux-arm64-0.25.0.tgz#f921f699f162f332036d5657cad9036f7a993f73"
integrity sha512-9QAQjTWNDM/Vk2bgBl17yWuZxZNQIF0OUUuPZRKoDtqF2k4EtYbpyiG5/Dk7nqeK6kIJWPYldkOcBqjXjrUlmg==
"@esbuild/linux-ia32@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-ia32/-/linux-ia32-0.18.20.tgz#699391cccba9aee6019b7f9892eb99219f1570a7"
integrity sha512-P4etWwq6IsReT0E1KHU40bOnzMHoH73aXp96Fs8TIT6z9Hu8G6+0SHSw9i2isWrD2nbx2qo5yUqACgdfVGx7TA==
"@esbuild/linux-arm@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-arm/-/linux-arm-0.25.0.tgz#cc49305b3c6da317c900688995a4050e6cc91ca3"
integrity sha512-vkB3IYj2IDo3g9xX7HqhPYxVkNQe8qTK55fraQyTzTX/fxaDtXiEnavv9geOsonh2Fd2RMB+i5cbhu2zMNWJwg==
"@esbuild/linux-loong64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-loong64/-/linux-loong64-0.18.20.tgz#e6fccb7aac178dd2ffb9860465ac89d7f23b977d"
integrity sha512-nXW8nqBTrOpDLPgPY9uV+/1DjxoQ7DoB2N8eocyq8I9XuqJ7BiAMDMf9n1xZM9TgW0J8zrquIb/A7s3BJv7rjg==
"@esbuild/linux-ia32@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-ia32/-/linux-ia32-0.25.0.tgz#3e0736fcfab16cff042dec806247e2c76e109e19"
integrity sha512-43ET5bHbphBegyeqLb7I1eYn2P/JYGNmzzdidq/w0T8E2SsYL1U6un2NFROFRg1JZLTzdCoRomg8Rvf9M6W6Gg==
"@esbuild/linux-mips64el@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-mips64el/-/linux-mips64el-0.18.20.tgz#eeff3a937de9c2310de30622a957ad1bd9183231"
integrity sha512-d5NeaXZcHp8PzYy5VnXV3VSd2D328Zb+9dEq5HE6bw6+N86JVPExrA6O68OPwobntbNJ0pzCpUFZTo3w0GyetQ==
"@esbuild/linux-loong64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-loong64/-/linux-loong64-0.25.0.tgz#ea2bf730883cddb9dfb85124232b5a875b8020c7"
integrity sha512-fC95c/xyNFueMhClxJmeRIj2yrSMdDfmqJnyOY4ZqsALkDrrKJfIg5NTMSzVBr5YW1jf+l7/cndBfP3MSDpoHw==
"@esbuild/linux-ppc64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-ppc64/-/linux-ppc64-0.18.20.tgz#2f7156bde20b01527993e6881435ad79ba9599fb"
integrity sha512-WHPyeScRNcmANnLQkq6AfyXRFr5D6N2sKgkFo2FqguP44Nw2eyDlbTdZwd9GYk98DZG9QItIiTlFLHJHjxP3FA==
"@esbuild/linux-mips64el@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-mips64el/-/linux-mips64el-0.25.0.tgz#4cababb14eede09248980a2d2d8b966464294ff1"
integrity sha512-nkAMFju7KDW73T1DdH7glcyIptm95a7Le8irTQNO/qtkoyypZAnjchQgooFUDQhNAy4iu08N79W4T4pMBwhPwQ==
"@esbuild/linux-riscv64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-riscv64/-/linux-riscv64-0.18.20.tgz#6628389f210123d8b4743045af8caa7d4ddfc7a6"
integrity sha512-WSxo6h5ecI5XH34KC7w5veNnKkju3zBRLEQNY7mv5mtBmrP/MjNBCAlsM2u5hDBlS3NGcTQpoBvRzqBcRtpq1A==
"@esbuild/linux-ppc64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-ppc64/-/linux-ppc64-0.25.0.tgz#8860a4609914c065373a77242e985179658e1951"
integrity sha512-NhyOejdhRGS8Iwv+KKR2zTq2PpysF9XqY+Zk77vQHqNbo/PwZCzB5/h7VGuREZm1fixhs4Q/qWRSi5zmAiO4Fw==
"@esbuild/linux-s390x@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-s390x/-/linux-s390x-0.18.20.tgz#255e81fb289b101026131858ab99fba63dcf0071"
integrity sha512-+8231GMs3mAEth6Ja1iK0a1sQ3ohfcpzpRLH8uuc5/KVDFneH6jtAJLFGafpzpMRO6DzJ6AvXKze9LfFMrIHVQ==
"@esbuild/linux-riscv64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-riscv64/-/linux-riscv64-0.25.0.tgz#baf26e20bb2d38cfb86ee282dff840c04f4ed987"
integrity sha512-5S/rbP5OY+GHLC5qXp1y/Mx//e92L1YDqkiBbO9TQOvuFXM+iDqUNG5XopAnXoRH3FjIUDkeGcY1cgNvnXp/kA==
"@esbuild/linux-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/linux-x64/-/linux-x64-0.18.20.tgz#c7690b3417af318a9b6f96df3031a8865176d338"
integrity sha512-UYqiqemphJcNsFEskc73jQ7B9jgwjWrSayxawS6UVFZGWrAAtkzjxSqnoclCXxWtfwLdzU+vTpcNYhpn43uP1w==
"@esbuild/linux-s390x@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-s390x/-/linux-s390x-0.25.0.tgz#8323afc0d6cb1b6dc6e9fd21efd9e1542c3640a4"
integrity sha512-XM2BFsEBz0Fw37V0zU4CXfcfuACMrppsMFKdYY2WuTS3yi8O1nFOhil/xhKTmE1nPmVyvQJjJivgDT+xh8pXJA==
"@esbuild/netbsd-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/netbsd-x64/-/netbsd-x64-0.18.20.tgz#30e8cd8a3dded63975e2df2438ca109601ebe0d1"
integrity sha512-iO1c++VP6xUBUmltHZoMtCUdPlnPGdBom6IrO4gyKPFFVBKioIImVooR5I83nTew5UOYrk3gIJhbZh8X44y06A==
"@esbuild/linux-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/linux-x64/-/linux-x64-0.25.0.tgz#08fcf60cb400ed2382e9f8e0f5590bac8810469a"
integrity sha512-9yl91rHw/cpwMCNytUDxwj2XjFpxML0y9HAOH9pNVQDpQrBxHy01Dx+vaMu0N1CKa/RzBD2hB4u//nfc+Sd3Cw==
"@esbuild/openbsd-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/openbsd-x64/-/openbsd-x64-0.18.20.tgz#7812af31b205055874c8082ea9cf9ab0da6217ae"
integrity sha512-e5e4YSsuQfX4cxcygw/UCPIEP6wbIL+se3sxPdCiMbFLBWu0eiZOJ7WoD+ptCLrmjZBK1Wk7I6D/I3NglUGOxg==
"@esbuild/netbsd-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.0.tgz#935c6c74e20f7224918fbe2e6c6fe865b6c6ea5b"
integrity sha512-RuG4PSMPFfrkH6UwCAqBzauBWTygTvb1nxWasEJooGSJ/NwRw7b2HOwyRTQIU97Hq37l3npXoZGYMy3b3xYvPw==
"@esbuild/sunos-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/sunos-x64/-/sunos-x64-0.18.20.tgz#d5c275c3b4e73c9b0ecd38d1ca62c020f887ab9d"
integrity sha512-kDbFRFp0YpTQVVrqUd5FTYmWo45zGaXe0X8E1G/LKFC0v8x0vWrhOWSLITcCn63lmZIxfOMXtCfti/RxN/0wnQ==
"@esbuild/netbsd-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/netbsd-x64/-/netbsd-x64-0.25.0.tgz#414677cef66d16c5a4d210751eb2881bb9c1b62b"
integrity sha512-jl+qisSB5jk01N5f7sPCsBENCOlPiS/xptD5yxOx2oqQfyourJwIKLRA2yqWdifj3owQZCL2sn6o08dBzZGQzA==
"@esbuild/win32-arm64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/win32-arm64/-/win32-arm64-0.18.20.tgz#73bc7f5a9f8a77805f357fab97f290d0e4820ac9"
integrity sha512-ddYFR6ItYgoaq4v4JmQQaAI5s7npztfV4Ag6NrhiaW0RrnOXqBkgwZLofVTlq1daVTQNhtI5oieTvkRPfZrePg==
"@esbuild/openbsd-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.0.tgz#8fd55a4d08d25cdc572844f13c88d678c84d13f7"
integrity sha512-21sUNbq2r84YE+SJDfaQRvdgznTD8Xc0oc3p3iW/a1EVWeNj/SdUCbm5U0itZPQYRuRTW20fPMWMpcrciH2EJw==
"@esbuild/win32-ia32@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/win32-ia32/-/win32-ia32-0.18.20.tgz#ec93cbf0ef1085cc12e71e0d661d20569ff42102"
integrity sha512-Wv7QBi3ID/rROT08SABTS7eV4hX26sVduqDOTe1MvGMjNd3EjOz4b7zeexIR62GTIEKrfJXKL9LFxTYgkyeu7g==
"@esbuild/openbsd-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/openbsd-x64/-/openbsd-x64-0.25.0.tgz#0c48ddb1494bbc2d6bcbaa1429a7f465fa1dedde"
integrity sha512-2gwwriSMPcCFRlPlKx3zLQhfN/2WjJ2NSlg5TKLQOJdV0mSxIcYNTMhk3H3ulL/cak+Xj0lY1Ym9ysDV1igceg==
"@esbuild/win32-x64@0.18.20":
version "0.18.20"
resolved "https://registry.yarnpkg.com/@esbuild/win32-x64/-/win32-x64-0.18.20.tgz#786c5f41f043b07afb1af37683d7c33668858f6d"
integrity sha512-kTdfRcSiDfQca/y9QIkng02avJ+NCaQvrMejlsB3RRv5sE9rRoeBPISaZpKxHELzRxZyLvNts1P27W3wV+8geQ==
"@esbuild/sunos-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/sunos-x64/-/sunos-x64-0.25.0.tgz#86ff9075d77962b60dd26203d7352f92684c8c92"
integrity sha512-bxI7ThgLzPrPz484/S9jLlvUAHYMzy6I0XiU1ZMeAEOBcS0VePBFxh1JjTQt3Xiat5b6Oh4x7UC7IwKQKIJRIg==
"@esbuild/win32-arm64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/win32-arm64/-/win32-arm64-0.25.0.tgz#849c62327c3229467f5b5cd681bf50588442e96c"
integrity sha512-ZUAc2YK6JW89xTbXvftxdnYy3m4iHIkDtK3CLce8wg8M2L+YZhIvO1DKpxrd0Yr59AeNNkTiic9YLf6FTtXWMw==
"@esbuild/win32-ia32@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/win32-ia32/-/win32-ia32-0.25.0.tgz#f62eb480cd7cca088cb65bb46a6db25b725dc079"
integrity sha512-eSNxISBu8XweVEWG31/JzjkIGbGIJN/TrRoiSVZwZ6pkC6VX4Im/WV2cz559/TXLcYbcrDN8JtKgd9DJVIo8GA==
"@esbuild/win32-x64@0.25.0":
version "0.25.0"
resolved "https://registry.yarnpkg.com/@esbuild/win32-x64/-/win32-x64-0.25.0.tgz#c8e119a30a7c8d60b9d2e22d2073722dde3b710b"
integrity sha512-ZENoHJBxA20C2zFzh6AI4fT6RraMzjYw4xKWemRTRmRVtN9c5DcH9r/f2ihEkMjOW5eGgrwCslG/+Y/3bL+DHQ==
"@eslint-community/eslint-utils@^4.2.0", "@eslint-community/eslint-utils@^4.4.0":
version "4.4.0"
@@ -1225,25 +1280,15 @@ ajv-formats@^2.1.0:
dependencies:
ajv "^8.0.0"
ajv@^6.12.4:
version "6.12.6"
resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4"
integrity sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==
ajv@^6.12.4, ajv@^8.0.0, ajv@^8.18.0, ajv@^8.6.1:
version "8.18.0"
resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.18.0.tgz#8864186b6738d003eb3a933172bb3833e10cefbc"
integrity sha512-PlXPeEWMXMZ7sPYOHqmDyCJzcfNrUr3fGNKtezX14ykXOEIvyK81d+qydx89KY5O71FKMPaQ2vBfBFI5NHR63A==
dependencies:
fast-deep-equal "^3.1.1"
fast-json-stable-stringify "^2.0.0"
json-schema-traverse "^0.4.1"
uri-js "^4.2.2"
ajv@^8.0.0, ajv@^8.6.1:
version "8.12.0"
resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.12.0.tgz#d1a0527323e22f53562c567c00991577dfbe19d1"
integrity sha512-sRu1kpcO9yLtYxBKvqfTeh9KzZEwO3STyX1HT+4CaDzC6HpTGYhIhPIzj9XuKU7KYDwnaeh5hcOwjy1QuJzBPA==
dependencies:
fast-deep-equal "^3.1.1"
fast-deep-equal "^3.1.3"
fast-uri "^3.0.1"
json-schema-traverse "^1.0.0"
require-from-string "^2.0.2"
uri-js "^4.2.2"
ansi-regex@^5.0.1:
version "5.0.1"
@@ -1331,19 +1376,19 @@ binary-extensions@^2.0.0:
integrity sha512-jDctJ/IVQbZoJykoeHbhXpOlNBqGNcwXJKJog42E5HDPUwQTSdjCHdihjj0DlnheQ7blbT6dHOafNAiS8ooQKA==
brace-expansion@^1.1.7:
version "1.1.11"
resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd"
integrity sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==
version "1.1.13"
resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.13.tgz#d37875c01dc9eff988dd49d112a57cb67b54efe6"
integrity sha512-9ZLprWS6EENmhEOpjCYW2c8VkmOvckIJZfkr7rBW6dObmfgJ/L1GpSYW5Hpo9lDz4D1+n0Ckz8rU7FwHDQiG/w==
dependencies:
balanced-match "^1.0.0"
concat-map "0.0.1"
braces@^3.0.2, braces@~3.0.2:
version "3.0.2"
resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.2.tgz#3454e1a462ee8d599e236df336cd9ea4f8afe107"
integrity sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==
braces@^3.0.3, braces@~3.0.2:
version "3.0.3"
resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.3.tgz#490332f40919452272d55a8480adc0c441358789"
integrity sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==
dependencies:
fill-range "^7.0.1"
fill-range "^7.1.1"
browserslist@^4.21.10, browserslist@^4.21.9:
version "4.22.1"
@@ -1482,10 +1527,10 @@ cosmiconfig@^8.1.3:
parse-json "^5.2.0"
path-type "^4.0.0"
cross-spawn@^7.0.2:
version "7.0.3"
resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.3.tgz#f73a85b9d5d41d045551c177e2882d4ac85728a6"
integrity sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==
cross-spawn@^7.0.2, cross-spawn@^7.0.5:
version "7.0.6"
resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.6.tgz#8a58fe78f00dcd70c370451759dfbfaf03e8ee9f"
integrity sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==
dependencies:
path-key "^3.1.0"
shebang-command "^2.0.0"
@@ -1585,33 +1630,36 @@ error-ex@^1.3.1:
dependencies:
is-arrayish "^0.2.1"
esbuild@^0.18.10:
version "0.18.20"
resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.18.20.tgz#4709f5a34801b43b799ab7d6d82f7284a9b7a7a6"
integrity sha512-ceqxoedUrcayh7Y7ZX6NdbbDzGROiyVBgC4PriJThBKSVPWnnFHZAkfI1lJT8QFkOwH4qOS2SJkS4wvpGl8BpA==
esbuild@0.25.0, esbuild@^0.25.0:
version "0.25.0"
resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.25.0.tgz#0de1787a77206c5a79eeb634a623d39b5006ce92"
integrity sha512-BXq5mqc8ltbaN34cDqWuYKyNhX8D/Z0J1xdtdQ8UcIIIyJyz+ZMKUt58tF3SrZ85jcfN/PZYhjR5uDQAYNVbuw==
optionalDependencies:
"@esbuild/android-arm" "0.18.20"
"@esbuild/android-arm64" "0.18.20"
"@esbuild/android-x64" "0.18.20"
"@esbuild/darwin-arm64" "0.18.20"
"@esbuild/darwin-x64" "0.18.20"
"@esbuild/freebsd-arm64" "0.18.20"
"@esbuild/freebsd-x64" "0.18.20"
"@esbuild/linux-arm" "0.18.20"
"@esbuild/linux-arm64" "0.18.20"
"@esbuild/linux-ia32" "0.18.20"
"@esbuild/linux-loong64" "0.18.20"
"@esbuild/linux-mips64el" "0.18.20"
"@esbuild/linux-ppc64" "0.18.20"
"@esbuild/linux-riscv64" "0.18.20"
"@esbuild/linux-s390x" "0.18.20"
"@esbuild/linux-x64" "0.18.20"
"@esbuild/netbsd-x64" "0.18.20"
"@esbuild/openbsd-x64" "0.18.20"
"@esbuild/sunos-x64" "0.18.20"
"@esbuild/win32-arm64" "0.18.20"
"@esbuild/win32-ia32" "0.18.20"
"@esbuild/win32-x64" "0.18.20"
"@esbuild/aix-ppc64" "0.25.0"
"@esbuild/android-arm" "0.25.0"
"@esbuild/android-arm64" "0.25.0"
"@esbuild/android-x64" "0.25.0"
"@esbuild/darwin-arm64" "0.25.0"
"@esbuild/darwin-x64" "0.25.0"
"@esbuild/freebsd-arm64" "0.25.0"
"@esbuild/freebsd-x64" "0.25.0"
"@esbuild/linux-arm" "0.25.0"
"@esbuild/linux-arm64" "0.25.0"
"@esbuild/linux-ia32" "0.25.0"
"@esbuild/linux-loong64" "0.25.0"
"@esbuild/linux-mips64el" "0.25.0"
"@esbuild/linux-ppc64" "0.25.0"
"@esbuild/linux-riscv64" "0.25.0"
"@esbuild/linux-s390x" "0.25.0"
"@esbuild/linux-x64" "0.25.0"
"@esbuild/netbsd-arm64" "0.25.0"
"@esbuild/netbsd-x64" "0.25.0"
"@esbuild/openbsd-arm64" "0.25.0"
"@esbuild/openbsd-x64" "0.25.0"
"@esbuild/sunos-x64" "0.25.0"
"@esbuild/win32-arm64" "0.25.0"
"@esbuild/win32-ia32" "0.25.0"
"@esbuild/win32-x64" "0.25.0"
escalade@^3.1.1:
version "3.1.1"
@@ -1732,7 +1780,7 @@ esutils@^2.0.2:
resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.3.tgz#74d2eb4de0b8da1293711910d50775b9b710ef64"
integrity sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==
fast-deep-equal@^3.1.1, fast-deep-equal@^3.1.3:
fast-deep-equal@^3.1.3:
version "3.1.3"
resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz#3a7d56b559d6cbc3eb512325244e619a65c6c525"
integrity sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==
@@ -1753,16 +1801,16 @@ fast-json-patch@^3.1.1:
resolved "https://registry.yarnpkg.com/fast-json-patch/-/fast-json-patch-3.1.1.tgz#85064ea1b1ebf97a3f7ad01e23f9337e72c66947"
integrity sha512-vf6IHUX2SBcA+5/+4883dsIjpBTqmfBjmYiWK1savxQmFk4JfBMLa7ynTYOs1Rolp/T1betJxHiGD3g1Mn8lUQ==
fast-json-stable-stringify@^2.0.0:
version "2.1.0"
resolved "https://registry.yarnpkg.com/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz#874bf69c6f404c2b5d99c481341399fd55892633"
integrity sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==
fast-levenshtein@^2.0.6:
version "2.0.6"
resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917"
integrity sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==
fast-uri@^3.0.1:
version "3.1.0"
resolved "https://registry.yarnpkg.com/fast-uri/-/fast-uri-3.1.0.tgz#66eecff6c764c0df9b762e62ca7edcfb53b4edfa"
integrity sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==
fastq@^1.6.0:
version "1.15.0"
resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.15.0.tgz#d04d07c6a2a68fe4599fea8d2e103a937fae6b3a"
@@ -1770,6 +1818,11 @@ fastq@^1.6.0:
dependencies:
reusify "^1.0.4"
fdir@^6.4.4, fdir@^6.5.0:
version "6.5.0"
resolved "https://registry.yarnpkg.com/fdir/-/fdir-6.5.0.tgz#ed2ab967a331ade62f18d077dae192684d50d350"
integrity sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==
file-entry-cache@^6.0.1:
version "6.0.1"
resolved "https://registry.yarnpkg.com/file-entry-cache/-/file-entry-cache-6.0.1.tgz#211b2dd9659cb0394b073e7323ac3c933d522027"
@@ -1777,10 +1830,10 @@ file-entry-cache@^6.0.1:
dependencies:
flat-cache "^3.0.4"
fill-range@^7.0.1:
version "7.0.1"
resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.0.1.tgz#1919a6a7c75fe38b2c7c77e5198535da9acdda40"
integrity sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==
fill-range@^7.1.1:
version "7.1.1"
resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.1.1.tgz#44265d3cac07e3ea7dc247516380643754a05292"
integrity sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==
dependencies:
to-regex-range "^5.0.1"
@@ -1807,9 +1860,9 @@ flat-cache@^3.0.4:
rimraf "^3.0.2"
flatted@^3.2.9:
version "3.2.9"
resolved "https://registry.yarnpkg.com/flatted/-/flatted-3.2.9.tgz#7eb4c67ca1ba34232ca9d2d93e9886e611ad7daf"
integrity sha512-36yxDn5H7OFZQla0/jFJmbIKTdZAQHngCedGxiMmpNfEZM0sdEeT+WczLQrjK6D7o2aiyLYDnkw0R3JK0Qv1RQ==
version "3.4.2"
resolved "https://registry.yarnpkg.com/flatted/-/flatted-3.4.2.tgz#f5c23c107f0f37de8dbdf24f13722b3b98d52726"
integrity sha512-PjDse7RzhcPkIJwy5t7KPWQSZ9cAbzQXcafsetQoD7sOJRQlGikNbx7yZp2OotDnJyrDcbyRq3Ttb18iYOqkxA==
fraction.js@^4.3.6:
version "4.3.7"
@@ -1821,7 +1874,7 @@ fs.realpath@^1.0.0:
resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f"
integrity sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==
fsevents@~2.3.2:
fsevents@~2.3.2, fsevents@~2.3.3:
version "2.3.3"
resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-2.3.3.tgz#cac6407785d03675a2a5e1a5305c697b347d90d6"
integrity sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==
@@ -2020,9 +2073,9 @@ jiti@^1.18.2:
integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==
js-yaml@^4.1.0:
version "4.1.0"
resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz#c1fb65f8f5017901cdd2c951864ba18458a10602"
integrity sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==
version "4.1.1"
resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.1.tgz#854c292467705b699476e1a2decc0c8a3458806b"
integrity sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==
dependencies:
argparse "^2.0.1"
@@ -2041,11 +2094,6 @@ json-parse-even-better-errors@^2.3.0:
resolved "https://registry.yarnpkg.com/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz#7c47805a94319928e05777405dc12e1f7a4ee02d"
integrity sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==
json-schema-traverse@^0.4.1:
version "0.4.1"
resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660"
integrity sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==
json-schema-traverse@^1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz#ae7bcb3656ab77a73ba5c49bf654f38e6b6860e2"
@@ -2098,10 +2146,10 @@ lodash.merge@^4.6.2:
resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.2.tgz#558aa53b43b661e1925a0afdfa36a9a1085fe57a"
integrity sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==
lodash@^4.17.15, lodash@^4.17.21:
version "4.17.21"
resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c"
integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==
lodash@^4.17.15, lodash@^4.18.1:
version "4.18.1"
resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.18.1.tgz#ff2b66c1f6326d59513de2407bf881439812771c"
integrity sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==
loose-envify@^1.0.0, loose-envify@^1.1.0, loose-envify@^1.4.0:
version "1.4.0"
@@ -2142,17 +2190,17 @@ merge2@^1.3.0, merge2@^1.4.1:
integrity sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==
micromatch@^4.0.4, micromatch@^4.0.5:
version "4.0.5"
resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.5.tgz#bc8999a7cbbf77cdc89f132f6e467051b49090c6"
integrity sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==
version "4.0.8"
resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.8.tgz#d66fa18f3a47076789320b9b1af32bd86d9fa202"
integrity sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==
dependencies:
braces "^3.0.2"
braces "^3.0.3"
picomatch "^2.3.1"
minimatch@^3.0.4, minimatch@^3.0.5, minimatch@^3.1.1, minimatch@^3.1.2:
version "3.1.2"
resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.2.tgz#19cd194bfd3e428f049a70817c038d89ab4be35b"
integrity sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==
version "3.1.5"
resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.5.tgz#580c88f8d5445f2bd6aa8f3cadefa0de79fbd69e"
integrity sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==
dependencies:
brace-expansion "^1.1.7"
@@ -2170,10 +2218,10 @@ mz@^2.7.0:
object-assign "^4.0.1"
thenify-all "^1.0.0"
nanoid@^3.3.6:
version "3.3.6"
resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.3.6.tgz#443380c856d6e9f9824267d960b4236ad583ea4c"
integrity sha512-BGcqMMJuToF7i1rt+2PWSNVnWIkGCU78jBG3RxO/bZlnZPK2Cmi2QaffxGO/2RvWi9sL+FAiRiXMgsyxQ1DIDA==
nanoid@^3.3.11:
version "3.3.11"
resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.3.11.tgz#4f4f112cefbe303202f2199838128936266d185b"
integrity sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w==
natural-compare@^1.4.0:
version "1.4.0"
@@ -2293,10 +2341,20 @@ picocolors@^1.0.0:
resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.0.0.tgz#cb5bdc74ff3f51892236eaf79d68bc44564ab81c"
integrity sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==
picocolors@^1.1.1:
version "1.1.1"
resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.1.1.tgz#3d321af3eab939b083c8f929a1d12cda81c26b6b"
integrity sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==
picomatch@^2.0.4, picomatch@^2.2.1, picomatch@^2.3.1:
version "2.3.1"
resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.1.tgz#3ba3833733646d9d3e4995946c1365a67fb07a42"
integrity sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==
version "2.3.2"
resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.2.tgz#5a942915e26b372dc0f0e6753149a16e6b1c5601"
integrity sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==
picomatch@^4.0.2, picomatch@^4.0.4:
version "4.0.4"
resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-4.0.4.tgz#fd6f5e00a143086e074dffe4c924b8fb293b0589"
integrity sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==
pify@^2.3.0:
version "2.3.0"
@@ -2352,14 +2410,14 @@ postcss-value-parser@^4.0.0, postcss-value-parser@^4.2.0:
resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz#723c09920836ba6d3e5af019f92bc0971c02e514"
integrity sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==
postcss@^8.4.23, postcss@^8.4.27, postcss@^8.4.31:
version "8.4.31"
resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.4.31.tgz#92b451050a9f914da6755af352bdc0192508656d"
integrity sha512-PS08Iboia9mts/2ygV3eLpY5ghnUcfLV/EXTOW1E2qYxJKGGBUtNjN76FYHnMs36RmARn41bC0AZmn+rR0OVpQ==
postcss@^8.4.23, postcss@^8.4.31, postcss@^8.5.3:
version "8.5.9"
resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.5.9.tgz#f6ee9e0b94f0f19c97d2f172bfbd7fc71fe1cca4"
integrity sha512-7a70Nsot+EMX9fFU3064K/kdHWZqGVY+BADLyXc8Dfv+mTLLVl6JzJpPaCZ2kQL9gIJvKXSLMHhqdRRjwQeFtw==
dependencies:
nanoid "^3.3.6"
picocolors "^1.0.0"
source-map-js "^1.0.2"
nanoid "^3.3.11"
picocolors "^1.1.1"
source-map-js "^1.2.1"
prelude-ls@^1.2.1:
version "1.2.1"
@@ -2375,11 +2433,6 @@ prop-types@^15.6.2, prop-types@^15.8.1:
object-assign "^4.1.1"
react-is "^16.13.1"
punycode@^2.1.0:
version "2.3.0"
resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.3.0.tgz#f67fa67c94da8f4d0cfff981aee4118064199b8f"
integrity sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==
queue-microtask@^1.2.2:
version "1.2.3"
resolved "https://registry.yarnpkg.com/queue-microtask/-/queue-microtask-1.2.3.tgz#4929228bbc724dfac43e0efb058caf7b6cfb6243"
@@ -2467,11 +2520,6 @@ readdirp@~3.6.0:
dependencies:
picomatch "^2.2.1"
regenerator-runtime@^0.14.0:
version "0.14.0"
resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.14.0.tgz#5e19d68eb12d486f797e15a3c6a918f7cec5eb45"
integrity sha512-srw17NI0TUWHuGa5CFGGmhfNIeja30WMBfbslPNhf6JrqQlLN5gcrvig1oqPxiVaXb0oW0XRKtH6Nngs5lKCIA==
require-from-string@^2.0.2:
version "2.0.2"
resolved "https://registry.yarnpkg.com/require-from-string/-/require-from-string-2.0.2.tgz#89a7fdd938261267318eafe14f9c32e598c36909"
@@ -2503,10 +2551,10 @@ rimraf@^3.0.2:
dependencies:
glob "^7.1.3"
rollup@^3.27.1:
version "3.29.4"
resolved "https://registry.yarnpkg.com/rollup/-/rollup-3.29.4.tgz#4d70c0f9834146df8705bfb69a9a19c9e1109981"
integrity sha512-oWzmBZwvYrU0iJHtDmhsm662rC15FRXmcjCk1xD771dFDx5jJ02ufAQQTn0etB2emNk4J9EZg/yWKpsn9BWGRw==
rollup@^3.30.0, rollup@^4.34.9:
version "3.30.0"
resolved "https://registry.yarnpkg.com/rollup/-/rollup-3.30.0.tgz#3fa506fee2c5ba9d540a38da87067376cd55966d"
integrity sha512-kQvGasUgN+AlWGliFn2POSajRQEsULVYFGTvOZmK06d7vCD+YhZztt70kGk3qaeAXeWYL5eO7zx+rAubBc55eA==
optionalDependencies:
fsevents "~2.3.2"
@@ -2561,10 +2609,10 @@ snake-case@^3.0.4:
dot-case "^3.0.4"
tslib "^2.0.3"
source-map-js@^1.0.2:
version "1.0.2"
resolved "https://registry.yarnpkg.com/source-map-js/-/source-map-js-1.0.2.tgz#adbc361d9c62df380125e7f161f71c826f1e490c"
integrity sha512-R0XvVJ9WusLiqTCEiGCmICCMplcCkIwwR11mOSD9CR5u+IXYdiseeEuXCVAjS54zqwkLcPNnmU4OeJ6tUrWhDw==
source-map-js@^1.2.1:
version "1.2.1"
resolved "https://registry.yarnpkg.com/source-map-js/-/source-map-js-1.2.1.tgz#1ce5650fddd87abc099eda37dcff024c2667ae46"
integrity sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA==
source-map@^0.5.7:
version "0.5.7"
@@ -2685,6 +2733,14 @@ thenify-all@^1.0.0:
dependencies:
any-promise "^1.0.0"
tinyglobby@^0.2.13:
version "0.2.16"
resolved "https://registry.yarnpkg.com/tinyglobby/-/tinyglobby-0.2.16.tgz#1c3b7eb953fce42b226bc5a1ee06428281aff3d6"
integrity sha512-pn99VhoACYR8nFHhxqix+uvsbXineAasWm5ojXoN8xEwK5Kd3/TrhNn1wByuD52UxWRLy8pu+kRMniEi6Eq9Zg==
dependencies:
fdir "^6.5.0"
picomatch "^4.0.4"
to-fast-properties@^2.0.0:
version "2.0.0"
resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-2.0.0.tgz#dc5e698cbd079265bc73e0377681a4e4e83f616e"
@@ -2737,13 +2793,6 @@ update-browserslist-db@^1.0.13:
escalade "^3.1.1"
picocolors "^1.0.0"
uri-js@^4.2.2:
version "4.4.1"
resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.4.1.tgz#9b1a52595225859e55f669d928f88c6c57f2a77e"
integrity sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==
dependencies:
punycode "^2.1.0"
use-callback-ref@^1.3.0:
version "1.3.0"
resolved "https://registry.yarnpkg.com/use-callback-ref/-/use-callback-ref-1.3.0.tgz#772199899b9c9a50526fedc4993fc7fa1f7e32d5"
@@ -2790,16 +2839,19 @@ vite-plugin-svgr@^4.1.0:
"@svgr/core" "^8.1.0"
"@svgr/plugin-jsx" "^8.1.0"
vite@^4.4.5:
version "4.5.0"
resolved "https://registry.yarnpkg.com/vite/-/vite-4.5.0.tgz#ec406295b4167ac3bc23e26f9c8ff559287cff26"
integrity sha512-ulr8rNLA6rkyFAlVWw2q5YJ91v098AFQ2R0PRFwPzREXOUJQPtFUG0t+/ZikhaOCDqFoDhN6/v8Sq0o4araFAw==
vite@^6.4.2:
version "6.4.2"
resolved "https://registry.yarnpkg.com/vite/-/vite-6.4.2.tgz#a4e548ca3a90ca9f3724582cab35e1ba15efc6f2"
integrity sha512-2N/55r4JDJ4gdrCvGgINMy+HH3iRpNIz8K6SFwVsA+JbQScLiC+clmAxBgwiSPgcG9U15QmvqCGWzMbqda5zGQ==
dependencies:
esbuild "^0.18.10"
postcss "^8.4.27"
rollup "^3.27.1"
esbuild "^0.25.0"
fdir "^6.4.4"
picomatch "^4.0.2"
postcss "^8.5.3"
rollup "^4.34.9"
tinyglobby "^0.2.13"
optionalDependencies:
fsevents "~2.3.2"
fsevents "~2.3.3"
which@^2.0.1:
version "2.0.2"
@@ -2824,14 +2876,14 @@ yallist@^4.0.0:
integrity sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==
yaml@^1.10.0:
version "1.10.2"
resolved "https://registry.yarnpkg.com/yaml/-/yaml-1.10.2.tgz#2301c5ffbf12b467de8da2333a459e29e7920e4b"
integrity sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==
version "1.10.3"
resolved "https://registry.yarnpkg.com/yaml/-/yaml-1.10.3.tgz#76e407ed95c42684fb8e14641e5de62fe65bbcb3"
integrity sha512-vIYeF1u3CjlhAFekPPAk2h/Kv4T3mAkMox5OymRiJQB0spDP10LHvt+K7G9Ny6NuuMAb25/6n1qyUjAcGNf/AA==
yaml@^2.1.1:
version "2.3.3"
resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.3.3.tgz#01f6d18ef036446340007db8e016810e5d64aad9"
integrity sha512-zw0VAJxgeZ6+++/su5AFoqBbZbrEakwu+X0M5HmcwUiBL7AzcuPKjj5we4xfQLp78LkEMpD0cOnUhmgOVy3KdQ==
version "2.8.3"
resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.8.3.tgz#a0d6bd2efb3dd03c59370223701834e60409bd7d"
integrity sha512-AvbaCLOO2Otw/lW5bmh9d/WEdcDFdQp2Z2ZUH3pX9U2ihyUY0nvLv7J6TrWowklRGPYbB/IuIMfYgxaCPg5Bpg==
yocto-queue@^0.1.0:
version "0.1.0"
-33
View File
@@ -1,33 +0,0 @@
from importlib import metadata
## Create namespaces for pydantic v1 and v2.
# This code must stay at the top of the file before other modules may
# attempt to import pydantic since it adds pydantic_v1 and pydantic_v2 to sys.modules.
#
# This hack is done for the following reasons:
# * Langchain will attempt to remain compatible with both pydantic v1 and v2 since
# both dependencies and dependents may be stuck on either version of v1 or v2.
# * Creating namespaces for pydantic v1 and v2 should allow us to write code that
# unambiguously uses either v1 or v2 API.
# * This change is easier to roll out and roll back.
try:
# F401: imported but unused
from pydantic.v1 import ( # noqa: F401
BaseModel,
Field,
ValidationError,
create_model,
)
except ImportError:
from pydantic import BaseModel, Field, ValidationError, create_model # noqa: F401
# This is not a pydantic v1 thing, but it feels too small to create a new module for.
PYDANTIC_VERSION = metadata.version("pydantic")
try:
_PYDANTIC_MAJOR_VERSION: int = int(PYDANTIC_VERSION.split(".")[0])
except metadata.PackageNotFoundError:
_PYDANTIC_MAJOR_VERSION = -1
+67 -22
View File
@@ -2,9 +2,11 @@ from datetime import datetime
from typing import Dict, List, Optional, Union
from uuid import UUID
from pydantic import BaseModel # Floats between v1 and v2
from langserve.pydantic_v1 import BaseModel as BaseModelV1
from pydantic import (
BaseModel,
Field,
)
from pydantic import BaseModel as BaseModelV1
class CustomUserType(BaseModelV1):
@@ -41,14 +43,35 @@ class SharedResponseMetadata(BaseModelV1):
pass
class SingletonResponseMetadata(SharedResponseMetadata):
"""
Represents response metadata used for just single input/output LangServe
class FeedbackToken(BaseModelV1):
"""Represents the feedback tokens for a given request."""
key: str # The key of the feedback token
token_url: Optional[str] = None
expires_at: Optional[datetime] = None
class InvokeResponseMetadata(SharedResponseMetadata):
"""Represents response metadata used for just single input/output LangServe
responses.
"""
# Represents the parent run id for a given request
run_id: UUID
feedback_tokens: List[FeedbackToken] = Field(
...,
description=(
"Feedback tokens from the given run."
"These tokens allow a user to provide feedback on the run."
"Only available if server was configured to provide feedback tokens."
),
)
# Alias for backwards compatibility
# Keep here in case clients are somehow using this for type checking
# TODO(Deprecate): This should be deprecated in 2025.
SingletonResponseMetadata = InvokeResponseMetadata
class BatchResponseMetadata(SharedResponseMetadata):
@@ -57,17 +80,25 @@ class BatchResponseMetadata(SharedResponseMetadata):
responses.
"""
# This namespace can include any additional metadata that is shared
# across all responses in the batch (e.g., if a batch run
# ID was a thing, it would go here)
# metadata for each individual response in the batch
# Parallel list of InvokeResponseMetadata objects matching
# the individual requests in the batch
responses: List[InvokeResponseMetadata]
# A list of UUIDs
# Represents each parent run id for a given request, in
# the same order in which they were received
run_ids: List[UUID]
run_ids: List[UUID] # For backwards compatibility, clients should not use this
class BaseFeedback(BaseModel):
"""
Shared information between create requests of feedback and feedback objects
"""
"""Shared information between create requests of feedback and feedback objects"""
run_id: UUID
run_id: Optional[UUID]
"""The associated run ID this feedback is logged for."""
key: str
@@ -83,18 +114,34 @@ class BaseFeedback(BaseModel):
"""Comment or explanation for the feedback."""
class FeedbackCreateRequest(BaseFeedback):
"""
Represents a request that creates feedback for an individual run
"""
class FeedbackCreateRequestTokenBased(BaseModel):
"""Shared information between create requests of feedback and feedback objects."""
pass
token_or_url: Union[UUID, str]
"""The associated run ID this feedback is logged for."""
score: Optional[Union[float, int, bool]] = None
"""Value or score to assign the run."""
value: Optional[Union[float, int, bool, str, Dict]] = None
"""The display value for the feedback if not a metric."""
comment: Optional[str] = None
"""Comment or explanation for the feedback."""
correction: Optional[Dict] = None
"""Correction for the run."""
metadata: Optional[Dict] = None
"""Metadata for the feedback."""
class FeedbackCreateRequest(BaseFeedback):
"""Represents a request that creates feedback for an individual run"""
class Feedback(BaseFeedback):
"""
Represents feedback given on an individual run
"""
"""Represents feedback given on an individual run"""
id: UUID
"""The unique ID of the feedback that was created."""
@@ -110,9 +157,7 @@ class Feedback(BaseFeedback):
class PublicTraceLinkCreateRequest(BaseModel):
"""
Represents a request that creates a public trace for an individual run
"""
"""Represents a request that creates a public trace for an individual run."""
run_id: UUID
"""The unique ID of the run to share."""
+102 -75
View File
@@ -10,17 +10,16 @@ By default, exceptions are serialized as a generic exception without
any information about the exception. This is done to prevent leaking
sensitive information from the server to the client.
"""
import abc
import logging
from functools import lru_cache
from typing import Any, Dict, List, Union
from typing import Annotated, Any, Dict, List, Union
import orjson
from langchain.prompts.base import StringPromptValue
from langchain.prompts.chat import ChatPromptValueConcrete
from langchain.schema.agent import AgentAction, AgentActionMessageLog, AgentFinish
from langchain.schema.document import Document
from langchain.schema.messages import (
from langchain_core.agents import AgentAction, AgentActionMessageLog, AgentFinish
from langchain_core.documents import Document
from langchain_core.messages import (
AIMessage,
AIMessageChunk,
ChatMessage,
@@ -31,15 +30,19 @@ from langchain.schema.messages import (
HumanMessageChunk,
SystemMessage,
SystemMessageChunk,
ToolMessage,
ToolMessageChunk,
)
from langchain.schema.output import (
from langchain_core.outputs import (
ChatGeneration,
ChatGenerationChunk,
Generation,
LLMResult,
)
from langchain_core.prompt_values import ChatPromptValueConcrete
from langchain_core.prompts.base import StringPromptValue
from pydantic import BaseModel, Discriminator, Field, RootModel, Tag, ValidationError
from langserve.pydantic_v1 import BaseModel, ValidationError
from langserve.validation import CallbackEvent
logger = logging.getLogger(__name__)
@@ -51,42 +54,58 @@ def _log_error_message_once(error_message: str) -> None:
logger.error(error_message)
class WellKnownLCObject(BaseModel):
"""A well known LangChain object.
def _get_type(v: Any) -> str:
"""Get the type associated with the object for serialization purposes."""
if isinstance(v, dict) and "type" in v:
return v["type"]
elif hasattr(v, "type"):
return v.type
else:
raise TypeError(
f"Expected either a dictionary with a 'type' key or an object "
f"with a 'type' attribute. Instead got type {type(v)}."
)
A pydantic model that defines what constitutes a well known LangChain object.
All well-known objects are allowed to be serialized and de-serialized.
"""
# A well known LangChain object.
# A pydantic model that defines what constitutes a well known LangChain object.
# All well-known objects are allowed to be serialized and de-serialized.
__root__: Union[
Document,
HumanMessage,
SystemMessage,
ChatMessage,
FunctionMessage,
AIMessage,
HumanMessageChunk,
SystemMessageChunk,
ChatMessageChunk,
FunctionMessageChunk,
AIMessageChunk,
StringPromptValue,
ChatPromptValueConcrete,
AgentAction,
AgentFinish,
AgentActionMessageLog,
LLMResult,
ChatGeneration,
Generation,
ChatGenerationChunk,
WellKnownLCObject = RootModel[
Annotated[
Union[
Annotated[AIMessage, Tag(tag="ai")],
Annotated[HumanMessage, Tag(tag="human")],
Annotated[ChatMessage, Tag(tag="chat")],
Annotated[SystemMessage, Tag(tag="system")],
Annotated[FunctionMessage, Tag(tag="function")],
Annotated[ToolMessage, Tag(tag="tool")],
Annotated[AIMessageChunk, Tag(tag="AIMessageChunk")],
Annotated[HumanMessageChunk, Tag(tag="HumanMessageChunk")],
Annotated[ChatMessageChunk, Tag(tag="ChatMessageChunk")],
Annotated[SystemMessageChunk, Tag(tag="SystemMessageChunk")],
Annotated[FunctionMessageChunk, Tag(tag="FunctionMessageChunk")],
Annotated[ToolMessageChunk, Tag(tag="ToolMessageChunk")],
Annotated[Document, Tag(tag="Document")],
Annotated[StringPromptValue, Tag(tag="StringPromptValue")],
Annotated[ChatPromptValueConcrete, Tag(tag="ChatPromptValueConcrete")],
Annotated[AgentAction, Tag(tag="AgentAction")],
Annotated[AgentFinish, Tag(tag="AgentFinish")],
Annotated[AgentActionMessageLog, Tag(tag="AgentActionMessageLog")],
Annotated[ChatGeneration, Tag(tag="ChatGeneration")],
Annotated[Generation, Tag(tag="Generation")],
Annotated[ChatGenerationChunk, Tag(tag="ChatGenerationChunk")],
Annotated[LLMResult, Tag(tag="LLMResult")],
],
Field(discriminator=Discriminator(_get_type)),
]
]
def default(obj) -> Any:
"""Default serialization for well known objects."""
if isinstance(obj, BaseModel):
return obj.dict()
return obj.model_dump()
return super().default(obj)
@@ -96,12 +115,10 @@ def _decode_lc_objects(value: Any) -> Any:
v = {key: _decode_lc_objects(v) for key, v in value.items()}
try:
obj = WellKnownLCObject.parse_obj(v)
parsed = obj.__root__
if set(parsed.dict()) != set(value):
raise ValueError("Invalid object")
obj = WellKnownLCObject.model_validate(v)
parsed = obj.root
return parsed
except (ValidationError, ValueError):
except (ValidationError, ValueError, TypeError):
return v
elif isinstance(value, list):
return [_decode_lc_objects(item) for item in value]
@@ -123,12 +140,12 @@ def _decode_event_data(value: Any) -> Any:
"""Decode the event data from a JSON object representation."""
if isinstance(value, dict):
try:
obj = CallbackEvent.parse_obj(value)
return obj.__root__
obj = CallbackEvent.model_validate(value)
return obj.root
except ValidationError:
try:
obj = WellKnownLCObject.parse_obj(value)
return obj.__root__
obj = WellKnownLCObject.model_validate(value)
return obj.root
except ValidationError:
return {key: _decode_event_data(v) for key, v in value.items()}
elif isinstance(value, list):
@@ -141,44 +158,54 @@ def _decode_event_data(value: Any) -> Any:
class Serializer(abc.ABC):
@abc.abstractmethod
def dumpd(self, obj: Any) -> Any:
"""Convert the given object to a JSON serializable object."""
@abc.abstractmethod
def dumps(self, obj: Any) -> bytes:
"""Dump the given object as a JSON string."""
@abc.abstractmethod
def loads(self, s: bytes) -> Any:
"""Load the given JSON string."""
@abc.abstractmethod
def loadd(self, obj: Any) -> Any:
"""Load the given object."""
class WellKnownLCSerializer(Serializer):
def dumpd(self, obj: Any) -> Any:
"""Convert the given object to a JSON serializable object."""
return orjson.loads(orjson.dumps(obj, default=default))
def dumps(self, obj: Any) -> bytes:
"""Dump the given object as a JSON string."""
return orjson.dumps(obj, default=default)
def loadd(self, obj: Any) -> Any:
"""Load the given object."""
return _decode_lc_objects(obj)
return orjson.loads(self.dumps(obj))
def loads(self, s: bytes) -> Any:
"""Load the given JSON string."""
return self.loadd(orjson.loads(s))
@abc.abstractmethod
def dumps(self, obj: Any) -> bytes:
"""Dump the given object to a JSON byte string."""
@abc.abstractmethod
def loadd(self, s: bytes) -> Any:
"""Given a python object, load it into a well known object.
The obj represents content that was json loaded from a string, but
not yet validated or converted into a well known object.
"""
class WellKnownLCSerializer(Serializer):
"""A pre-defined serializer for well known LangChain objects.
This is the default serialized used by LangServe for serializing and
de-serializing well known LangChain objects.
If you need to extend the serialization capabilities for your own application,
feel free to create a new instance of the Serializer class and implement
the abstract methods dumps and loadd.
"""
def dumps(self, obj: Any) -> bytes:
"""Dump the given object to a JSON byte string."""
return orjson.dumps(obj, default=default)
def loadd(self, obj: Any) -> Any:
"""Given a python object, load it into a well known object.
The obj represents content that was json loaded from a string, but
not yet validated or converted into a well known object.
"""
return _decode_lc_objects(obj)
def _project_top_level(model: BaseModel) -> Dict[str, Any]:
"""Project the top level of the model as dict."""
return {key: getattr(model, key) for key in model.__fields__}
return {key: getattr(model, key) for key in model.model_fields}
def load_events(events: Any) -> List[Dict[str, Any]]:
@@ -209,15 +236,15 @@ def load_events(events: Any) -> List[Dict[str, Any]]:
# Then validate the event
try:
full_event = CallbackEvent.parse_obj(decoded_event_data)
full_event = CallbackEvent.model_validate(decoded_event_data)
except ValidationError as e:
msg = f"Encountered an invalid event: {e}"
if "type" in decoded_event_data:
msg += f' of type {repr(decoded_event_data["type"])}'
msg += f" of type {repr(decoded_event_data['type'])}"
_log_error_message_once(msg)
continue
decoded_event_data = _project_top_level(full_event.__root__)
decoded_event_data = _project_top_level(full_event.root)
if decoded_event_data["type"].endswith("_error"):
# Data is validated by this point, so we can assume that the shape
+388 -363
View File
@@ -5,6 +5,8 @@ This code contains integration for langchain runnables with FastAPI.
The main entry point is the `add_routes` function which adds the routes to an existing
FastAPI app or APIRouter.
"""
import warnings
import weakref
from typing import (
Any,
@@ -15,21 +17,23 @@ from typing import (
Union,
)
from langchain.schema.runnable import Runnable
from langchain_core.runnables import Runnable
from pydantic import BaseModel
from typing_extensions import Annotated
from langserve.api_handler import APIHandler, PerRequestConfigModifier, _is_hosted
from langserve.pydantic_v1 import (
_PYDANTIC_MAJOR_VERSION,
PYDANTIC_VERSION,
BaseModel,
from langserve.api_handler import (
APIHandler,
PerRequestConfigModifier,
TokenFeedbackConfig,
_is_hosted,
)
from langserve.serialization import Serializer
try:
from fastapi import APIRouter, Depends, FastAPI, Request, Response
from fastapi import APIRouter, Body, Depends, FastAPI, Request, Response
except ImportError:
# [server] extra not installed
APIRouter = Depends = FastAPI = Request = Response = Any
APIRouter = Body = Depends = FastAPI = Request = Response = Any
# A function that that takes a config and a raw request
# and updates the config based on the request.
@@ -39,71 +43,15 @@ except ImportError:
# Duplicated model names break fastapi's openapi generation.
_APP_SEEN = weakref.WeakSet()
# Keeps track of the paths that have been associated with each app.
# Each runnable registered with an APP will have a unique path.
# An APP can have multiple runnables registered with it.
# There are multiple APPs as it's common to use APIRouter in larger
# FastAPI applications.
_APP_TO_PATHS = weakref.WeakKeyDictionary()
def _setup_global_app_handlers(app: Union[FastAPI, APIRouter]) -> None:
@app.on_event("startup")
async def startup_event():
LANGSERVE = r"""
__ ___ .__ __. _______ _______. _______ .______ ____ ____ _______
| | / \ | \ | | / _____| / || ____|| _ \ \ \ / / | ____|
| | / ^ \ | \| | | | __ | (----`| |__ | |_) | \ \/ / | |__
| | / /_\ \ | . ` | | | |_ | \ \ | __| | / \ / | __|
| `----./ _____ \ | |\ | | |__| | .----) | | |____ | |\ \----. \ / | |____
|_______/__/ \__\ |__| \__| \______| |_______/ |_______|| _| `._____| \__/ |_______|
""" # noqa: E501
def green(text: str) -> str:
"""Return the given text in green."""
return "\x1b[1;32;40m" + text + "\x1b[0m"
def orange(text: str) -> str:
"""Return the given text in orange."""
return "\x1b[1;31;40m" + text + "\x1b[0m"
paths = _APP_TO_PATHS[app]
print(LANGSERVE)
for path in paths:
print(
f'{green("LANGSERVE:")} Playground for chain "{path or ""}/" is '
f"live at:"
)
print(f'{green("LANGSERVE:")}')
print(f'{green("LANGSERVE:")} └──> {path}/playground/')
print(f'{green("LANGSERVE:")}')
print(f'{green("LANGSERVE:")} See all available routes at {app.docs_url}/')
if _PYDANTIC_MAJOR_VERSION == 2:
print()
print(f'{orange("LANGSERVE:")} ', end="")
print(
f"⚠️ Using pydantic {PYDANTIC_VERSION}. "
f"OpenAPI docs for invoke, batch, stream, stream_log "
f"endpoints will not be generated. API endpoints and playground "
f"should work as expected. "
f"If you need to see the docs, you can downgrade to pydantic 1. "
"For example, `pip install pydantic==1.10.13`. "
f"See https://github.com/tiangolo/fastapi/issues/10360 for details."
)
print()
def _register_path_for_app(app: Union[FastAPI, APIRouter], path: str) -> None:
"""Register a path when its added to app. Raise if path already seen."""
if app in _APP_TO_PATHS:
seen_paths = _APP_TO_PATHS.get(app)
if path in seen_paths:
raise ValueError(
f"A runnable already exists at path: {path}. If adding "
f"multiple runnables make sure they have different paths."
)
seen_paths.add(path)
else:
_setup_global_app_handlers(app)
_APP_TO_PATHS[app] = {path}
# This is the type annotation
EndpointName = Literal[
"invoke",
@@ -130,6 +78,7 @@ KNOWN_ENDPOINTS = {
"stream_events",
"playground",
"feedback",
"token_feedback",
"public_trace_link",
"input_schema",
"config_schema",
@@ -181,6 +130,7 @@ class _EndpointConfiguration:
is_output_schema_enabled = True
is_config_schema_enabled = True
is_config_hash_enabled = True
is_token_feedback_enabled = True
else:
disabled_endpoints_ = set(name.lower() for name in disabled_endpoints)
if disabled_endpoints_ - KNOWN_ENDPOINTS:
@@ -198,12 +148,12 @@ class _EndpointConfiguration:
is_output_schema_enabled = "output_schema" not in disabled_endpoints_
is_config_schema_enabled = "config_schema" not in disabled_endpoints_
is_config_hash_enabled = "config_hashes" not in disabled_endpoints_
is_token_feedback_enabled = "token_feedback" not in disabled_endpoints_
else:
enabled_endpoints_ = set(name.lower() for name in enabled_endpoints)
if enabled_endpoints_ - KNOWN_ENDPOINTS:
raise ValueError(
f"Got unknown endpoint names: {enabled_endpoints_- KNOWN_ENDPOINTS}"
)
unknown = enabled_endpoints_ - KNOWN_ENDPOINTS
raise ValueError(f"Got unknown endpoint names: {unknown}")
is_invoke_enabled = "invoke" in enabled_endpoints_
is_batch_enabled = "batch" in enabled_endpoints_
is_stream_enabled = "stream" in enabled_endpoints_
@@ -214,6 +164,7 @@ class _EndpointConfiguration:
is_output_schema_enabled = "output_schema" in enabled_endpoints_
is_config_schema_enabled = "config_schema" in enabled_endpoints_
is_config_hash_enabled = "config_hashes" in enabled_endpoints_
is_token_feedback_enabled = "token_feedback" in enabled_endpoints_
self.is_invoke_enabled = is_invoke_enabled
self.is_batch_enabled = is_batch_enabled
@@ -227,6 +178,68 @@ class _EndpointConfiguration:
self.is_config_hash_enabled = is_config_hash_enabled
self.is_feedback_enabled = enable_feedback_endpoint
self.is_public_trace_link_enabled = enable_public_trace_link_endpoint
self.is_token_feedback_enabled = is_token_feedback_enabled
def _register_path_for_app(
app: Union[FastAPI, APIRouter],
path: str,
endpoint_configuration: _EndpointConfiguration,
) -> None:
"""Register a path when its added to app. Raise if path already seen."""
if app in _APP_TO_PATHS:
seen_paths = _APP_TO_PATHS.get(app)
if path in seen_paths:
raise ValueError(
f"A runnable already exists at path: {path}. If adding "
f"multiple runnables make sure they have different paths."
)
seen_paths.add(path)
else:
_setup_global_app_handlers(app, endpoint_configuration)
_APP_TO_PATHS[app] = {path}
def _setup_global_app_handlers(
app: Union[FastAPI, APIRouter], endpoint_configuration: _EndpointConfiguration
) -> None:
with warnings.catch_warnings():
# We are using deprecated functionality here.
# We should re-write to use lifetime events at some point, and yielding
# an APIRouter instance to the caller.
warnings.filterwarnings(
"ignore",
"[\\s.]*on_event is deprecated[\\s.]*",
category=DeprecationWarning,
)
@app.on_event("startup")
async def startup_event():
LANGSERVE = r"""
__ ___ .__ __. _______ _______. _______ .______ ____ ____ _______
| | / \ | \ | | / _____| / || ____|| _ \ \ \ / / | ____|
| | / ^ \ | \| | | | __ | (----`| |__ | |_) | \ \/ / | |__
| | / /_\ \ | . ` | | | |_ | \ \ | __| | / \ / | __|
| `----./ _____ \ | |\ | | |__| | .----) | | |____ | |\ \----. \ / | |____
|_______/__/ \__\ |__| \__| \______| |_______/ |_______|| _| `._____| \__/ |_______|
""" # noqa: E501
def green(text: str) -> str:
"""Return the given text in green."""
return "\x1b[1;32;40m" + text + "\x1b[0m"
paths = _APP_TO_PATHS[app]
print(LANGSERVE)
for path in paths:
if endpoint_configuration.is_playground_enabled:
print(
f'{green("LANGSERVE:")} Playground for chain "{path or ""}/" '
f"is live at:"
)
print(f"{green('LANGSERVE:')}")
print(f"{green('LANGSERVE:')} └──> {path}/playground/")
print(f"{green('LANGSERVE:')}")
print(f"{green('LANGSERVE:')} See all available routes at {app.docs_url}/")
# PUBLIC API
@@ -243,12 +256,15 @@ def add_routes(
include_callback_events: bool = False,
per_req_config_modifier: Optional[PerRequestConfigModifier] = None,
enable_feedback_endpoint: bool = _is_hosted(),
token_feedback_config: Optional[TokenFeedbackConfig] = None,
enable_public_trace_link_endpoint: bool = False,
disabled_endpoints: Optional[Sequence[EndpointName]] = None,
stream_log_name_allow_list: Optional[Sequence[str]] = None,
enabled_endpoints: Optional[Sequence[EndpointName]] = None,
dependencies: Optional[Sequence[Depends]] = None,
playground_type: Literal["default", "chat"] = "default",
astream_events_version: Literal["v1", "v2"] = "v2",
serializer: Optional[Serializer] = None,
) -> None:
"""Register the routes on the given FastAPI app or APIRouter.
@@ -297,6 +313,16 @@ def add_routes(
to LangSmith. Enabled by default. If this flag is disabled or LangSmith
tracing is not enabled for the runnable, then 400 errors will be thrown
when accessing the feedback endpoint.
token_feedback_config: optional configuration for token based feedback.
**Attention** this is distinct from `enable_feedback_endpoint`.
When provided, feedback tokens will be included in the response
metadata that can be used to provide feedback on the run.
In addition, an endpoint will be created for submitting feedback
using the feedback tokens. This is a safer option for public facing
APIs as they scope the feedback to a specific run id and key
and include an expiration time.
This endpoint will be created at /token_feedback
**BETA**: This feature is in beta and may change in the future.
enable_public_trace_link_endpoint: Whether to enable an endpoint for
end-users to publicly view LangSmith traces of your chain runs.
WARNING: THIS WILL EXPOSE THE INTERNAL STATE OF YOUR RUN AND CHAIN AS
@@ -352,7 +378,25 @@ def add_routes(
dependencies: list of dependencies to be applied to the *path operation*.
See [FastAPI docs for Dependencies in path operation decorators](https://fastapi.tiangolo.com/tutorial/dependencies/dependencies-in-path-operation-decorators/).
playground_type: The type of playground to serve. The default is "default".
- default: supports more types of inputs / outputs. Not optimized
for any particular use case.
- chat: UX is optimized for chat-like interactions. Please review
the README in langserve for more details about constraints (e.g.,
which message types are supported etc.)
astream_events_version: version of the stream events endpoint to use.
By default "v2".
serializer: The serializer to use for serializing the output. If not provided,
the default serializer will be used.
""" # noqa: E501
if not isinstance(runnable, Runnable):
raise TypeError(
f"Expected a Runnable, got {type(runnable)}. "
"The second argument to add_routes should be a Runnable instance."
"add_route(app, runnable, ...) is the correct usage."
"Please make sure that you are using a runnable which is an instance of "
"langchain_core.runnables.Runnable."
)
endpoint_configuration = _EndpointConfiguration(
enabled_endpoints=enabled_endpoints,
disabled_endpoints=disabled_endpoints,
@@ -378,7 +422,7 @@ def add_routes(
if isinstance(app, FastAPI): # type: ignore
# Cannot do this checking logic for a router since
# API routers are not hashable
_register_path_for_app(app, path)
_register_path_for_app(app, path, endpoint_configuration)
# Determine the base URL for the playground endpoint
prefix = app.prefix if isinstance(app, APIRouter) else "" # type: ignore
@@ -401,11 +445,15 @@ def add_routes(
config_keys=config_keys,
include_callback_events=include_callback_events,
enable_feedback_endpoint=enable_feedback_endpoint,
token_feedback_config=token_feedback_config,
enable_public_trace_link_endpoint=enable_public_trace_link_endpoint,
per_req_config_modifier=per_req_config_modifier,
stream_log_name_allow_list=stream_log_name_allow_list,
playground_type=playground_type,
astream_events_version=astream_events_version,
serializer=serializer,
)
namespace = path or ""
route_tags = [path.strip("/")] if path else None
@@ -424,35 +472,9 @@ def add_routes(
if hasattr(app, "openapi_tags") and (path or (app not in _APP_SEEN)):
if not path:
_APP_SEEN.add(app)
if _PYDANTIC_MAJOR_VERSION == 1:
# Documentation for the default endpoints
default_endpoint_tags = {
"name": route_tags[0] if route_tags else "default",
}
elif _PYDANTIC_MAJOR_VERSION == 2:
# When using pydantic v2, we cannot generate openapi docs for
# the invoke/batch/stream/stream_log endpoints since the underlying
# models are from the pydantic.v1 namespace and cannot be supported
# by FastAPI's.
# https://github.com/tiangolo/fastapi/issues/10360
default_endpoint_tags = {
"name": route_tags[0] if route_tags else "default",
"description": (
f"⚠️ Using pydantic {PYDANTIC_VERSION}. "
f"OpenAPI docs for `invoke`, `batch`, `stream`, `stream_log` "
f"endpoints will not be generated. API endpoints and playground "
f"should work as expected. "
f"If you need to see the docs, you can downgrade to pydantic 1. "
"For example, `pip install pydantic==1.10.13`"
f"See https://github.com/tiangolo/fastapi/issues/10360 for details."
),
}
else:
raise AssertionError(
f"Expected pydantic major version 1 or 2, got {_PYDANTIC_MAJOR_VERSION}"
)
default_endpoint_tags = {
"name": route_tags[0] if route_tags else "default",
}
if endpoint_configuration.is_config_hash_enabled:
app.openapi_tags = [
*(getattr(app, "openapi_tags", []) or []),
@@ -697,6 +719,12 @@ def add_routes(
include_in_schema=False,
)(playground)
if endpoint_configuration.is_token_feedback_enabled:
app.post(
namespace + "/token_feedback",
dependencies=dependencies,
)(api_handler.create_feedback_from_token)
if enable_feedback_endpoint:
app.post(
namespace + "/feedback",
@@ -723,329 +751,326 @@ def add_routes(
# Documentation variants of end points.
#######################################
# At the moment, we only support pydantic 1.x for documentation
if _PYDANTIC_MAJOR_VERSION == 1:
InvokeRequest = api_handler.InvokeRequest
InvokeResponse = api_handler.InvokeResponse
BatchRequest = api_handler.BatchRequest
BatchResponse = api_handler.BatchResponse
StreamRequest = api_handler.StreamRequest
StreamLogRequest = api_handler.StreamLogRequest
StreamEventsRequest = api_handler.StreamEventsRequest
InvokeRequest = api_handler.InvokeRequest
InvokeResponse = api_handler.InvokeResponse
BatchRequest = api_handler.BatchRequest
BatchResponse = api_handler.BatchResponse
StreamRequest = api_handler.StreamRequest
StreamLogRequest = api_handler.StreamLogRequest
StreamEventsRequest = api_handler.StreamEventsRequest
if endpoint_configuration.is_invoke_enabled:
if endpoint_configuration.is_invoke_enabled:
async def _invoke_docs(
invoke_request: Annotated[InvokeRequest, InvokeRequest],
config_hash: str = "",
) -> InvokeResponse:
"""Invoke the runnable with the given input and config."""
raise AssertionError("This endpoint should not be reachable.")
async def _invoke_docs(
invoke_request: Annotated[InvokeRequest, Body()],
config_hash: str = "",
) -> InvokeResponse:
"""Invoke the runnable with the given input and config."""
raise AssertionError("This endpoint should not be reachable.")
invoke_docs = app.post(
f"{namespace}/invoke",
invoke_docs = app.post(
f"{namespace}/invoke",
response_model=api_handler.InvokeResponse,
tags=route_tags,
name=_route_name("invoke"),
dependencies=dependencies,
)(_invoke_docs)
if endpoint_configuration.is_config_hash_enabled:
app.post(
namespace + "/c/{config_hash}/invoke",
response_model=api_handler.InvokeResponse,
tags=route_tags,
name=_route_name("invoke"),
tags=route_tags_with_config,
name=_route_name_with_config("invoke"),
dependencies=dependencies,
)(_invoke_docs)
description=(
"This endpoint is to be used with share links generated by the "
"LangServe playground. "
"The hash is an LZString compressed JSON string. "
"For regular use cases, use the /invoke endpoint without "
"the `c/{config_hash}` path parameter."
),
)(invoke_docs)
if endpoint_configuration.is_config_hash_enabled:
app.post(
namespace + "/c/{config_hash}/invoke",
response_model=api_handler.InvokeResponse,
tags=route_tags_with_config,
name=_route_name_with_config("invoke"),
dependencies=dependencies,
description=(
"This endpoint is to be used with share links generated by the "
"LangServe playground. "
"The hash is an LZString compressed JSON string. "
"For regular use cases, use the /invoke endpoint without "
"the `c/{config_hash}` path parameter."
),
)(invoke_docs)
if endpoint_configuration.is_batch_enabled:
if endpoint_configuration.is_batch_enabled:
async def _batch_docs(
batch_request: Annotated[BatchRequest, Body()],
config_hash: str = "",
) -> BatchResponse:
"""Batch invoke the runnable with the given inputs and config."""
raise AssertionError("This endpoint should not be reachable.")
async def _batch_docs(
batch_request: Annotated[BatchRequest, BatchRequest],
config_hash: str = "",
) -> BatchResponse:
"""Batch invoke the runnable with the given inputs and config."""
raise AssertionError("This endpoint should not be reachable.")
batch_docs = app.post(
f"{namespace}/batch",
response_model=BatchResponse,
tags=route_tags,
name=_route_name("batch"),
dependencies=dependencies,
)(_batch_docs)
batch_docs = app.post(
f"{namespace}/batch",
if endpoint_configuration.is_config_hash_enabled:
app.post(
namespace + "/c/{config_hash}/batch",
response_model=BatchResponse,
tags=route_tags,
name=_route_name("batch"),
tags=route_tags_with_config,
name=_route_name_with_config("batch"),
dependencies=dependencies,
)(_batch_docs)
description=(
"This endpoint is to be used with share links generated by the "
"LangServe playground. "
"The hash is an LZString compressed JSON string. "
"For regular use cases, use the /batch endpoint without "
"the `c/{config_hash}` path parameter."
),
)(batch_docs)
if endpoint_configuration.is_config_hash_enabled:
app.post(
namespace + "/c/{config_hash}/batch",
response_model=BatchResponse,
tags=route_tags_with_config,
name=_route_name_with_config("batch"),
dependencies=dependencies,
description=(
"This endpoint is to be used with share links generated by the "
"LangServe playground. "
"The hash is an LZString compressed JSON string. "
"For regular use cases, use the /batch endpoint without "
"the `c/{config_hash}` path parameter."
),
)(batch_docs)
if endpoint_configuration.is_stream_enabled:
if endpoint_configuration.is_stream_enabled:
async def _stream_docs(
stream_request: Annotated[StreamRequest, Body()],
config_hash: str = "",
) -> EventSourceResponse:
"""Invoke the runnable stream the output.
async def _stream_docs(
stream_request: Annotated[StreamRequest, StreamRequest],
config_hash: str = "",
) -> EventSourceResponse:
"""Invoke the runnable stream the output.
This endpoint allows to stream the output of the runnable.
This endpoint allows to stream the output of the runnable.
The endpoint uses a server sent event stream to stream the output.
The endpoint uses a server sent event stream to stream the output.
https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events
https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events
Important: Set the "text/event-stream" media type for request headers if
not using an existing SDK.
Important: Set the "text/event-stream" media type for request headers if
not using an existing SDK.
The events that the endpoint uses are the following:
* "data" -- used for streaming the output of the runnale
* "error" -- signaling an error while streaming and ends the stream.
* "end" -- used for signaling the end of the stream
* "metadata" -- used for sending metadata about the run; e.g., run id.
The events that the endpoint uses are the following:
* "data" -- used for streaming the output of the runnale
* "error" -- signaling an error while streaming and ends the stream.
* "end" -- used for signaling the end of the stream
* "metadata" -- used for sending metadata about the run; e.g., run id.
The event type is in the "event" field of the event.
The payload associated with the event is in the "data" field
of the event, and it is JSON encoded.
The event type is in the "event" field of the event.
The payload associated with the event is in the "data" field
of the event, and it is JSON encoded.
Here are some examples of events that the endpoint can send:
Here are some examples of events that the endpoint can send:
Regular streaming event:
{
"event": "data",
"data": {
...
}
}
Internal server error:
{
"event": "error",
"data": {
"status_code": 500,
"message": "Internal Server Error"
}
}
Streaming ended so client should stop listening for events:
{
"event": "end",
}
"""
raise AssertionError("This endpoint should not be reachable.")
stream_docs = app.post(
f"{namespace}/stream",
include_in_schema=True,
tags=route_tags,
name=_route_name("stream"),
dependencies=dependencies,
description=(
"This endpoint allows to stream the output of the runnable. "
"The endpoint uses a server sent event stream to stream the "
"output. "
"https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events"
),
)(_stream_docs)
if endpoint_configuration.is_config_hash_enabled:
app.post(
namespace + "/c/{config_hash}/stream",
include_in_schema=True,
tags=route_tags_with_config,
name=_route_name_with_config("stream"),
dependencies=dependencies,
description=(
"This endpoint is to be used with share links generated by the "
"LangServe playground. "
"The hash is an LZString compressed JSON string. "
"For regular use cases, use the /stream endpoint without "
"the `c/{config_hash}` path parameter."
),
)(stream_docs)
if endpoint_configuration.is_stream_log_enabled:
async def _stream_log_docs(
stream_log_request: Annotated[StreamLogRequest, Body()],
config_hash: str = "",
) -> EventSourceResponse:
"""Invoke the runnable stream_log the output.
This endpoint allows to stream the output of the runnable, including
the output of all intermediate steps.
The endpoint uses a server sent event stream to stream the output.
https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events
Important: Set the "text/event-stream" media type for request headers if
not using an existing SDK.
This endpoint uses two different types of events:
* data - for streaming the output of the runnable
Regular streaming event:
{
"event": "data",
"data": {
...
...
}
}
Internal server error:
{
"event": "error",
"data": {
"status_code": 500,
"message": "Internal Server Error"
}
}
* error - for signaling an error in the stream, also ends the stream.
{
"event": "error",
"data": {
"status_code": 500,
"message": "Internal Server Error"
}
}
* end - for signaling the end of the stream.
This helps the client to know when to stop listening for events and
know that the streaming has ended successfully.
Streaming ended so client should stop listening for events:
{
"event": "end",
}
"""
raise AssertionError("This endpoint should not be reachable.")
"""
raise AssertionError("This endpoint should not be reachable.")
stream_docs = app.post(
f"{namespace}/stream",
include_in_schema=True,
tags=route_tags,
name=_route_name("stream"),
dependencies=dependencies,
description=(
"This endpoint allows to stream the output of the runnable. "
"The endpoint uses a server sent event stream to stream the "
"output. "
"https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events"
),
)(_stream_docs)
if endpoint_configuration.is_config_hash_enabled:
app.post(
namespace + "/c/{config_hash}/stream",
include_in_schema=True,
tags=route_tags_with_config,
name=_route_name_with_config("stream"),
dependencies=dependencies,
description=(
"This endpoint is to be used with share links generated by the "
"LangServe playground. "
"The hash is an LZString compressed JSON string. "
"For regular use cases, use the /stream endpoint without "
"the `c/{config_hash}` path parameter."
),
)(stream_docs)
if endpoint_configuration.is_stream_log_enabled:
async def _stream_log_docs(
stream_log_request: Annotated[StreamLogRequest, StreamLogRequest],
config_hash: str = "",
) -> EventSourceResponse:
"""Invoke the runnable stream_log the output.
This endpoint allows to stream the output of the runnable, including
the output of all intermediate steps.
The endpoint uses a server sent event stream to stream the output.
https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events
Important: Set the "text/event-stream" media type for request headers if
not using an existing SDK.
This endpoint uses two different types of events:
* data - for streaming the output of the runnable
{
"event": "data",
"data": {
...
}
}
* error - for signaling an error in the stream, also ends the stream.
{
"event": "error",
"data": {
"status_code": 500,
"message": "Internal Server Error"
}
}
* end - for signaling the end of the stream.
This helps the client to know when to stop listening for events and
know that the streaming has ended successfully.
{
"event": "end",
}
"""
raise AssertionError("This endpoint should not be reachable.")
app.post(
f"{namespace}/stream_log",
include_in_schema=True,
tags=route_tags,
name=_route_name("stream_log"),
dependencies=dependencies,
)(_stream_log_docs)
if endpoint_configuration.is_config_hash_enabled:
app.post(
f"{namespace}/stream_log",
namespace + "/c/{config_hash}/stream_log",
include_in_schema=True,
tags=route_tags,
name=_route_name("stream_log"),
tags=route_tags_with_config,
name=_route_name_with_config("stream_log"),
description=(
"This endpoint is to be used with share links generated by the "
"LangServe playground. "
"The hash is an LZString compressed JSON string. "
"For regular use cases, use the /stream_log endpoint without "
"the `c/{config_hash}` path parameter."
),
dependencies=dependencies,
)(_stream_log_docs)
if endpoint_configuration.is_config_hash_enabled:
app.post(
namespace + "/c/{config_hash}/stream_log",
include_in_schema=True,
tags=route_tags_with_config,
name=_route_name_with_config("stream_log"),
description=(
"This endpoint is to be used with share links generated by the "
"LangServe playground. "
"The hash is an LZString compressed JSON string. "
"For regular use cases, use the /stream_log endpoint without "
"the `c/{config_hash}` path parameter."
),
dependencies=dependencies,
)(_stream_log_docs)
if has_astream_events and endpoint_configuration.is_stream_events_enabled:
if has_astream_events and endpoint_configuration.is_stream_events_enabled:
async def _stream_events_docs(
stream_events_request: Annotated[StreamEventsRequest, Body()],
config_hash: str = "",
) -> EventSourceResponse:
"""Stream events from the given runnable.
async def _stream_events_docs(
stream_events_request: Annotated[
StreamEventsRequest, StreamEventsRequest
],
config_hash: str = "",
) -> EventSourceResponse:
"""Stream events from the given runnable.
This endpoint allows to stream events from the runnable, including
events from all intermediate steps.
This endpoint allows to stream events from the runnable, including
events from all intermediate steps.
**Attention**
**Attention**
This is a new endpoint that only works for langchain-core >= 0.1.14.
This is a new endpoint that only works for langchain-core >= 0.1.14.
It belongs to a Beta API that may change in the future.
It belongs to a Beta API that may change in the future.
**Important**
Specify filters to the events you want to receive by setting
the appropriate filters in the request body.
**Important**
Specify filters to the events you want to receive by setting
the appropriate filters in the request body.
This will help avoid sending too much data over the network.
This will help avoid sending too much data over the network.
It will also prevent serialization issues with
any unsupported types since it won't need to serialize events
that aren't transmitted.
It will also prevent serialization issues with
any unsupported types since it won't need to serialize events
that aren't transmitted.
The endpoint uses a server sent event stream to stream the output.
The endpoint uses a server sent event stream to stream the output.
https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events
https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events
The encoding of events follows the following format:
The encoding of events follows the following format:
* data - for streaming the output of the runnable
{
"event": "data",
"data": {
...
}
}
* error - for signaling an error in the stream, also ends the stream.
* data - for streaming the output of the runnable
{
"event": "error",
"event": "data",
"data": {
"status_code": 500,
"message": "Internal Server Error"
...
}
}
* end - for signaling the end of the stream.
* error - for signaling an error in the stream, also ends the stream.
This helps the client to know when to stop listening for events and
know that the streaming has ended successfully.
{
"event": "error",
"data": {
"status_code": 500,
"message": "Internal Server Error"
}
}
{
"event": "end",
}
* end - for signaling the end of the stream.
`data` for the `data` event is a JSON object that corresponds
to a serialized representation of a StreamEvent.
This helps the client to know when to stop listening for events and
know that the streaming has ended successfully.
See LangChain documentation for more information about astream_events.
"""
raise AssertionError("This endpoint should not be reachable.")
{
"event": "end",
}
`data` for the `data` event is a JSON object that corresponds
to a serialized representation of a StreamEvent.
See LangChain documentation for more information about astream_events.
"""
raise AssertionError("This endpoint should not be reachable.")
app.post(
f"{namespace}/stream_events",
include_in_schema=True,
tags=route_tags,
name=_route_name("stream_events"),
dependencies=dependencies,
)(_stream_events_docs)
if endpoint_configuration.is_config_hash_enabled:
app.post(
f"{namespace}/stream_events",
namespace + "/c/{config_hash}/stream_events",
include_in_schema=True,
tags=route_tags,
name=_route_name("stream_events"),
tags=route_tags_with_config,
name=_route_name_with_config("stream_events"),
description=(
"This endpoint is to be used with share links generated by the "
"LangServe playground. "
"The hash is an LZString compressed JSON string. "
"For regular use cases, use the /stream_events endpoint "
"without the `c/{config_hash}` path parameter."
),
dependencies=dependencies,
)(_stream_events_docs)
if endpoint_configuration.is_config_hash_enabled:
app.post(
namespace + "/c/{config_hash}/stream_events",
include_in_schema=True,
tags=route_tags_with_config,
name=_route_name_with_config("stream_events"),
description=(
"This endpoint is to be used with share links generated by the "
"LangServe playground. "
"The hash is an LZString compressed JSON string. "
"For regular use cases, use the /stream_events endpoint "
"without the `c/{config_hash}` path parameter."
),
dependencies=dependencies,
)(_stream_events_docs)
+138
View File
@@ -0,0 +1,138 @@
"""Adapted from https://github.com/florimondmanca/httpx-sse"""
from contextlib import asynccontextmanager, contextmanager
from typing import Any, AsyncIterator, Iterator, List, Optional
import httpx
from typing_extensions import TypedDict
class ServerSentEvent(TypedDict):
event: Optional[str]
data: Optional[str]
id: Optional[str]
retry: Optional[int]
class SSEDecoder:
def __init__(self) -> None:
self._event = ""
self._data: List[str] = []
self._last_event_id = ""
self._retry: Optional[int] = None
def decode(self, line: str) -> Optional[ServerSentEvent]:
# See: https://html.spec.whatwg.org/multipage/server-sent-events.html#event-stream-interpretation # noqa: E501
if not line:
if (
not self._event
and not self._data
and not self._last_event_id
and self._retry is None
):
return None
sse = {
"event": self._event,
"data": "\n".join(self._data),
"id": self._last_event_id,
"retry": self._retry,
}
# NOTE: as per the SSE spec, do not reset last_event_id.
self._event = ""
self._data = []
self._retry = None
return sse
if line.startswith(":"):
return None
fieldname, _, value = line.partition(":")
if value.startswith(" "):
value = value[1:]
if fieldname == "event":
self._event = value
elif fieldname == "data":
self._data.append(value)
elif fieldname == "id":
if "\0" in value:
pass
else:
self._last_event_id = value
elif fieldname == "retry":
try:
self._retry = int(value)
except (TypeError, ValueError):
pass
else:
pass # Field is ignored.
return None
class EventSource:
def __init__(self, response: httpx.Response) -> None:
self._response = response
def _check_content_type(self) -> None:
"""Check that the response content type is 'text/event-stream'."""
self._response.raise_for_status()
content_type = self._response.headers.get("content-type", "").partition(";")[0]
if "text/event-stream" not in content_type:
raise AssertionError(
"Expected response header Content-Type to contain 'text/event-stream', "
f"got {content_type!r}"
)
@property
def response(self) -> httpx.Response:
return self._response
def iter_sse(self) -> Iterator[ServerSentEvent]:
self._check_content_type()
decoder = SSEDecoder()
for line in self._response.iter_lines():
line = line.rstrip("\n")
sse = decoder.decode(line)
if sse is not None:
yield sse
async def aiter_sse(self) -> AsyncIterator[ServerSentEvent]:
self._check_content_type()
decoder = SSEDecoder()
async for line in self._response.aiter_lines():
line = line.rstrip("\n")
sse = decoder.decode(line)
if sse is not None:
yield sse
@contextmanager
def connect_sse(
client: httpx.Client, method: str, url: str, **kwargs: Any
) -> Iterator[EventSource]:
headers = kwargs.pop("headers", {})
headers["Accept"] = "text/event-stream"
headers["Cache-Control"] = "no-store"
with client.stream(method, url, headers=headers, **kwargs) as response:
yield EventSource(response)
@asynccontextmanager
async def aconnect_sse(
client: httpx.AsyncClient,
method: str,
url: str,
**kwargs: Any,
) -> AsyncIterator[EventSource]:
headers = kwargs.pop("headers", {})
headers["Accept"] = "text/event-stream"
headers["Cache-Control"] = "no-store"
async with client.stream(method, url, headers=headers, **kwargs) as response:
yield EventSource(response)
+95 -101
View File
@@ -16,25 +16,17 @@ Models are created with a namespace to avoid name collisions when hosting
multiple runnables. When present the name collisions prevent fastapi from
generating OpenAPI specs.
"""
from typing import Any, Dict, List, Literal, Optional, Sequence, Union
from uuid import UUID
from langchain.schema import (
BaseMessage,
ChatGeneration,
Document,
Generation,
RunInfo,
)
from langchain_core.documents import Document
from langchain_core.messages import BaseMessage
from langchain_core.outputs import ChatGeneration, Generation, RunInfo
from pydantic import BaseModel, Field, RootModel, create_model
from typing_extensions import Type
from langserve.schema import BatchResponseMetadata, SingletonResponseMetadata
try:
from pydantic.v1 import BaseModel, Field, create_model
except ImportError:
from pydantic import BaseModel, Field, create_model
from langserve.schema import BatchResponseMetadata, InvokeResponseMetadata
# Type that is either a python annotation or a pydantic model that can be
# used to validate the input or output of a runnable.
@@ -70,7 +62,7 @@ def create_invoke_request_model(
),
),
)
invoke_request_type.update_forward_refs()
invoke_request_type.model_rebuild()
return invoke_request_type
@@ -101,7 +93,7 @@ def create_stream_request_model(
),
),
)
stream_request_model.update_forward_refs()
stream_request_model.model_rebuild()
return stream_request_model
@@ -133,7 +125,7 @@ def create_batch_request_model(
),
),
)
batch_request_type.update_forward_refs()
batch_request_type.model_rebuild()
return batch_request_type
@@ -191,7 +183,7 @@ def create_stream_log_request_model(
),
kwargs=(dict, Field(default_factory=dict)),
)
stream_log_request.update_forward_refs()
stream_log_request.model_rebuild()
return stream_log_request
@@ -249,7 +241,7 @@ def create_stream_events_request_model(
),
kwargs=(dict, Field(default_factory=dict)),
)
stream_events_request.update_forward_refs()
stream_events_request.model_rebuild()
return stream_events_request
@@ -264,52 +256,76 @@ class BatchBaseResponse(BaseModel):
def create_invoke_response_model(
namespace: str,
output_type: Validator,
include_callbacks: bool,
) -> Type[BaseModel]:
"""Create a pydantic model for the invoke response."""
# The invoke response uses a key called `output` for the output, so
# other information can be added to the response at a later date.
invoke_response_type = create_model(
f"{namespace}InvokeResponse",
output=(output_type, Field(..., description="The output of the invocation.")),
callback_events=(
List[CallbackEvent],
Field(..., description="Callback events generated by the server side."),
fields = {
"output": (
output_type,
Field(..., description="The output of the invocation."),
),
metadata=(
SingletonResponseMetadata,
"metadata": (
InvokeResponseMetadata,
Field(
...,
description=(
"Metadata about the response that may be useful to "
"specific clients"
"Metadata about the response that may be useful to specific clients"
),
),
),
}
if include_callbacks:
fields["callback_events"] = (
List[CallbackEvent],
Field(
...,
description=("Callback events generated by the server side."),
),
)
invoke_response_type = create_model(
f"{namespace}InvokeResponse",
__base__=InvokeBaseResponse,
**fields,
)
invoke_response_type.update_forward_refs()
invoke_response_type.model_rebuild()
return invoke_response_type
def create_batch_response_model(
namespace: str,
output_type: Validator,
include_callbacks: bool,
) -> Type[BaseModel]:
"""Create a pydantic model for the batch response."""
# The response uses a key called `output` for the output, so
# other information can be added to the response at a later date.
batch_response_type = create_model(
f"{namespace}BatchResponse",
output=(
fields = {
"output": (
List[output_type],
Field(
...,
description="The outputs corresponding to the inputs the "
"batch request.",
),
),
"metadata": (
BatchResponseMetadata,
Field(
...,
description=(
"The outputs corresponding to the inputs the batch request."
"Metadata about the response that may be useful to specific clients"
),
),
),
callback_events=(
}
if include_callbacks:
fields["callback_events"] = (
List[List[CallbackEvent]],
Field(
...,
@@ -319,19 +335,14 @@ def create_batch_response_model(
"list corresponds to the callbacks generated for that input."
),
),
),
metadata=(
BatchResponseMetadata,
Field(
...,
description=(
"Metadata about the response that may be useful to specific clients"
),
),
),
)
batch_response_type = create_model(
f"{namespace}BatchResponse",
__base__=BatchBaseResponse,
**fields,
)
batch_response_type.update_forward_refs()
batch_response_type.model_rebuild()
return batch_response_type
@@ -385,27 +396,29 @@ class StreamEventsParameters(BaseModel):
# status code and a message.
class OnChainStart(BaseModel):
"""On Chain Start Callback Event."""
class BaseCallback(BaseModel):
"""Base class for all callback events."""
serialized: Dict[str, Any]
inputs: Any
run_id: UUID
parent_run_id: Optional[UUID] = None
tags: Optional[List[str]] = None
metadata: Optional[Dict[str, Any]] = None
kwargs: Any = None
class OnChainStart(BaseCallback):
"""On Chain Start Callback Event."""
serialized: Optional[Dict[str, Any]] = None
inputs: Any
kwargs: Optional[Dict[str, Any]] = None
type: Literal["on_chain_start"] = "on_chain_start"
class OnChainEnd(BaseModel):
class OnChainEnd(BaseCallback):
"""On Chain End Callback Event."""
outputs: Any
run_id: UUID
parent_run_id: Optional[UUID] = None
tags: Optional[List[str]] = None
kwargs: Any = None
kwargs: Optional[Dict[str, Any]] = None
type: Literal["on_chain_end"] = "on_chain_end"
@@ -417,38 +430,35 @@ class Error(BaseModel):
type: Literal["error"] = "error"
class OnChainError(BaseModel):
class OnChainError(BaseCallback):
"""On Chain Error Callback Event."""
error: Error
run_id: UUID
parent_run_id: Optional[UUID] = None
tags: Optional[List[str]] = None
kwargs: Any = None
kwargs: Optional[Dict[str, Any]] = None
type: Literal["on_chain_error"] = "on_chain_error"
class OnToolStart(BaseModel):
class OnToolStart(BaseCallback):
"""On Tool Start Callback Event."""
serialized: Dict[str, Any]
serialized: Optional[Dict[str, Any]] = None
input_str: str
run_id: UUID
parent_run_id: Optional[UUID] = None
tags: Optional[List[str]] = None
metadata: Optional[Dict[str, Any]] = None
kwargs: Any = None
kwargs: Optional[Dict[str, Any]] = None
type: Literal["on_tool_start"] = "on_tool_start"
class OnToolEnd(BaseModel):
class OnToolEnd(BaseCallback):
"""On Tool End Callback Event."""
output: str
run_id: UUID
parent_run_id: Optional[UUID] = None
tags: Optional[List[str]] = None
kwargs: Any = None
kwargs: Optional[Dict[str, Any]] = None
type: Literal["on_tool_end"] = "on_tool_end"
@@ -456,36 +466,29 @@ class OnToolError(BaseModel):
"""On Tool Error Callback Event."""
error: Error
run_id: UUID
parent_run_id: Optional[UUID] = None
tags: Optional[List[str]] = None
kwargs: Any = None
kwargs: Optional[Dict[str, Any]] = None
type: Literal["on_tool_error"] = "on_tool_error"
class OnChatModelStart(BaseModel):
class OnChatModelStart(BaseCallback):
"""On Chat Model Start Callback Event."""
serialized: Dict[str, Any]
serialized: Optional[Dict[str, Any]] = None
messages: List[List[BaseMessage]]
run_id: UUID
parent_run_id: Optional[UUID] = None
tags: Optional[List[str]] = None
metadata: Optional[Dict[str, Any]] = None
kwargs: Any = None
kwargs: Optional[Dict[str, Any]] = None
type: Literal["on_chat_model_start"] = "on_chat_model_start"
class OnLLMStart(BaseModel):
class OnLLMStart(BaseCallback):
"""On LLM Start Callback Event."""
serialized: Dict[str, Any]
serialized: Optional[Dict[str, Any]] = None
prompts: List[str]
run_id: UUID
parent_run_id: Optional[UUID] = None
tags: Optional[List[str]] = None
metadata: Optional[Dict[str, Any]] = None
kwargs: Any = None
kwargs: Optional[Dict[str, Any]] = None
type: Literal["on_llm_start"] = "on_llm_start"
@@ -504,54 +507,44 @@ class LLMResult(BaseModel):
"""List of metadata info for model call for each input."""
class OnLLMEnd(BaseModel):
class OnLLMEnd(BaseCallback):
"""On LLM End Callback Event."""
response: LLMResult
run_id: UUID
parent_run_id: Optional[UUID] = None
tags: Optional[List[str]] = None
kwargs: Any = None
kwargs: Optional[Dict[str, Any]] = None
type: Literal["on_llm_end"] = "on_llm_end"
class OnRetrieverStart(BaseModel):
class OnRetrieverStart(BaseCallback):
"""On Retriever Start Callback Event."""
serialized: Dict[str, Any]
serialized: Optional[Dict[str, Any]] = None
query: str
run_id: UUID
parent_run_id: Optional[UUID] = None
tags: Optional[List[str]] = None
metadata: Optional[Dict[str, Any]] = None
kwargs: Any = None
kwargs: Optional[Dict[str, Any]] = None
type: Literal["on_retriever_start"] = "on_retriever_start"
class OnRetrieverError(BaseModel):
class OnRetrieverError(BaseCallback):
"""On Retriever Error Callback Event."""
error: Error
run_id: UUID
parent_run_id: Optional[UUID] = None
tags: Optional[List[str]] = None
kwargs: Any = None
kwargs: Optional[Dict[str, Any]] = None
type: Literal["on_retriever_error"] = "on_retriever_error"
class OnRetrieverEnd(BaseModel):
class OnRetrieverEnd(BaseCallback):
"""On Retriever End Callback Event."""
documents: Sequence[Document]
run_id: UUID
parent_run_id: Optional[UUID] = None
tags: Optional[List[str]] = None
kwargs: Any = None
kwargs: Optional[Dict[str, Any]] = None
type: Literal["on_retriever_end"] = "on_retriever_end"
class CallbackEvent(BaseModel):
__root__: Union[
CallbackEvent = RootModel[
Union[
OnChainStart,
OnChainEnd,
OnChainError,
@@ -565,3 +558,4 @@ class CallbackEvent(BaseModel):
OnRetrieverEnd,
OnRetrieverError,
]
]
+1
View File
@@ -1,4 +1,5 @@
"""Main entrypoint into package."""
from importlib import metadata
try:
+4 -1
View File
@@ -20,11 +20,14 @@
"devDependencies": {
"@types/react": "^18.2.29",
"prettier": "^3.0.3",
"tsup": "^7.2.0",
"tsup": "^8.3.5",
"typescript": "^5.2.2"
},
"peerDependencies": {
"react": "^16.8 || ^17.0 || ^18.0",
"react-dom": "^16.8 || ^17.0 || ^18.0"
},
"resolutions": {
"esbuild": "0.25.0"
}
}
File diff suppressed because it is too large Load Diff
Generated
+2576 -2590
View File
File diff suppressed because it is too large Load Diff
+26 -23
View File
@@ -1,6 +1,6 @@
[tool.poetry]
name = "langserve"
version = "0.0.51"
version = "0.3.3"
description = ""
readme = "README.md"
authors = ["LangChain"]
@@ -10,62 +10,61 @@ exclude = ["langserve/playground,langserve/chat_playground"]
include = ["langserve/playground/dist/**/*", "langserve/chat_playground/dist/**/*"]
[tool.poetry.dependencies]
python = "^3.8.1"
httpx = ">=0.23.0" # May be able to decrease this version
python = "^3.10"
httpx = ">=0.23.0,<1.0"
fastapi = {version = ">=0.90.1,<1", optional = true}
sse-starlette = {version = "^1.3.0", optional = true}
httpx-sse = {version = ">=0.3.1", optional = true}
pydantic = ">=1"
langchain = ">=0.0.333"
orjson = ">=2"
langchain-core = ">=0.3,<2"
orjson = ">=2,<4"
pydantic = "^2.13"
[tool.poetry.group.dev.dependencies]
jupyterlab = "^3.6.1"
jupyterlab = "^4.5.3"
fastapi = ">=0.90.1"
sse-starlette = "^1.3.0"
httpx-sse = ">=0.3.1"
[tool.poetry.group.typing.dependencies]
[tool.poetry.group.lint.dependencies]
ruff = "^0.1.4"
codespell = "^2.2.0"
ruff = "^0.15.10"
codespell = "^2.4.2"
[tool.poetry.group.test.dependencies]
pytest = "^7.2.1"
pytest-cov = "^4.0.0"
pytest = "^9.0.3"
pytest-cov = "^7.1.0"
pytest-asyncio = "^0.21.1"
pytest-mock = "^3.11.1"
pytest-socket = "^0.6.0"
pytest-socket = "^0.7.0"
pytest-watch = "^4.2.0"
pytest-timeout = "^2.2.0"
[tool.poetry.group.examples.dependencies]
openai = "^0.28.0"
uvicorn = {extras = ["standard"], version = "^0.23.2"}
openai = "^2.30.0"
uvicorn = {extras = ["standard"], version = "^0.44.0"}
fastapi = ">=0.90.1"
sse-starlette = "^1.3.0"
httpx-sse = ">=0.3.1"
[tool.poetry.extras]
# Extras that are used for client
client = ["httpx-sse"]
client = ["fastapi"]
# Extras that are used for server
server = ["sse-starlette", "fastapi"]
# All
all = ["httpx-sse", "sse-starlette", "fastapi"]
all = ["sse-starlette", "fastapi"]
[tool.ruff]
# Same as Black.
line-length = 88
extend-exclude = ["examples"]
[tool.ruff.lint]
select = [
"E", # pycodestyle
"F", # pyflakes
"I", # isort
]
# Same as Black.
line-length = 88
[tool.ruff.isort]
[tool.ruff.lint.isort]
# TODO(Team): Temporary to make isort work with examples.
# examples assume langserve is available as a 3rd party package
# For simplicity we'll define it as first party for now can update later.
@@ -97,3 +96,7 @@ addopts = "--strict-markers --strict-config --durations=5 -vv"
# take more than 5 seconds
timeout = 5
asyncio_mode = "auto"
filterwarnings = [
"ignore::langchain_core._api.beta_decorator.LangChainBetaWarning",
]
+114
View File
@@ -0,0 +1,114 @@
"""Test the playground API."""
import httpx
from fastapi import APIRouter, FastAPI
from httpx import AsyncClient
from langchain_core.runnables import RunnableLambda
from langserve import add_routes
async def test_serve_playground() -> None:
"""Test the server directly via HTTP requests."""
app = FastAPI()
add_routes(
app,
RunnableLambda(lambda foo: "hello"),
)
async with AsyncClient(
base_url="http://localhost:9999", transport=httpx.ASGITransport(app=app)
) as client:
response = await client.get("/playground/index.html")
assert response.status_code == 200
# Test that we can't access files that do not exist.
response = await client.get("/playground/i_do_not_exist.txt")
assert response.status_code == 404
# Test that we can't access files outside of the playground directory
response = await client.get("/playground//etc/passwd")
assert response.status_code == 404
async def test_serve_playground_with_api_router() -> None:
"""Test serving playground from an api router with a prefix."""
app = FastAPI()
# Make sure that we can add routers
# to an API router
router = APIRouter(prefix="/langserve_runnables")
add_routes(
router,
RunnableLambda(lambda foo: "hello"),
path="/chat",
)
app.include_router(router)
async with AsyncClient(
base_url="http://localhost:9999", transport=httpx.ASGITransport(app=app)
) as client:
response = await client.get("/langserve_runnables/chat/playground/index.html")
assert response.status_code == 200
async def test_serve_playground_with_api_router_in_api_router() -> None:
"""Test serving playground from an api router within an api router."""
app = FastAPI()
router = APIRouter(prefix="/foo")
add_routes(
router,
RunnableLambda(lambda foo: "hello"),
)
parent_router = APIRouter(prefix="/parent")
parent_router.include_router(router, prefix="/bar")
# Now add parent router to the app
app.include_router(parent_router)
async with AsyncClient(
base_url="http://localhost:9999", transport=httpx.ASGITransport(app=app)
) as client:
response = await client.get("/parent/bar/foo/playground/index.html")
assert response.status_code == 200
async def test_root_path_on_playground() -> None:
"""Test that the playground respects the root_path for requesting assets"""
for root_path in ("/home/root", "/home/root/"):
app = FastAPI(root_path=root_path)
add_routes(
app,
RunnableLambda(lambda foo: "hello"),
path="/chat",
)
router = APIRouter(prefix="/router")
add_routes(
router,
RunnableLambda(lambda foo: "hello"),
path="/chat",
)
app.include_router(router)
async_client = AsyncClient(
base_url="http://localhost:9999", transport=httpx.ASGITransport(app=app)
)
response = await async_client.get("/chat/playground/index.html")
assert response.status_code == 200
assert (
f'src="{root_path.rstrip("/")}/chat/playground/assets/'
in response.content.decode()
), "html should contain reference to playground assets with root_path prefix"
response = await async_client.get("/router/chat/playground/index.html")
assert response.status_code == 200
assert (
f'src="{root_path.rstrip("/")}/router/chat/playground/assets/'
in response.content.decode()
), "html should contain reference to playground assets with root_path prefix"
+3 -4
View File
@@ -1,14 +1,13 @@
import uuid
from langchain_core.prompts import ChatPromptTemplate
from langserve.callbacks import AsyncEventAggregatorCallback, replace_uuids
from tests.unit_tests.utils.llms import FakeListLLM
async def test_event_aggregator() -> None:
"""Test that the event aggregator is aggregating events."""
from langchain.llms import FakeListLLM
from langchain.prompts import ChatPromptTemplate
prompt = ChatPromptTemplate.from_template("{question}")
llm = FakeListLLM(responses=["hello", "world"])
+17 -11
View File
@@ -4,19 +4,23 @@ from enum import Enum
from typing import Any
import pytest
from langchain.schema.messages import (
HumanMessage,
HumanMessageChunk,
SystemMessage,
from langchain_core.documents.base import Document
from langchain_core.messages import HumanMessage, HumanMessageChunk, SystemMessage
from langchain_core.outputs import ChatGeneration
from pydantic import BaseModel
from langserve.serialization import (
WellKnownLCObject,
WellKnownLCSerializer,
load_events,
)
from langchain.schema.output import ChatGeneration
try:
from pydantic.v1 import BaseModel
except ImportError:
from pydantic import BaseModel
from langserve.serialization import WellKnownLCSerializer, load_events
def test_document_serialization() -> None:
"""Simple test. Exhaustive tests follow below."""
doc = Document(page_content="hello")
d = doc.model_dump()
WellKnownLCObject.model_validate(d)
@pytest.mark.parametrize(
@@ -27,6 +31,8 @@ from langserve.serialization import WellKnownLCSerializer, load_events
[],
{},
{"a": 1},
Document(page_content="Hello"),
[Document(page_content="Hello")],
{"output": [HumanMessage(content="hello")]},
# Test with a single message (HumanMessage)
HumanMessage(content="Hello"),
@@ -81,7 +87,7 @@ def _get_full_representation(data: Any) -> Any:
elif isinstance(data, list):
return [_get_full_representation(value) for value in data]
elif isinstance(data, BaseModel):
return data.schema()
return data.model_json_schema()
else:
return data
File diff suppressed because it is too large Load Diff
+41
View File
@@ -0,0 +1,41 @@
"""Test utilities for streaming."""
import datetime
import json
import uuid
from langsmith.schemas import FeedbackIngestToken
from langserve.api_handler import _create_metadata_event
def test_create_metadata_event() -> None:
"""Test that the metadata event is created correctly."""
run_id = uuid.UUID(int=7)
event = _create_metadata_event(run_id, feedback_ingest_token=None)
assert event == {
"data": '{"run_id": "00000000-0000-0000-0000-000000000007"}',
"event": "metadata",
}
# Test with feedback ingest token
feedback_ingest_token = FeedbackIngestToken(
id=uuid.UUID(int=8), expires_at=datetime.datetime(2022, 1, 1), url="ingest-url"
)
event = _create_metadata_event(
run_id, feedback_ingest_token=feedback_ingest_token, feedback_key="key"
)
data = json.loads(event.pop("data"))
assert event == {
"event": "metadata",
}
assert data == {
"feedback_tokens": [
{
"expires_at": "2022-01-01T00:00:00",
"key": "key",
"token_url": "ingest-url",
}
],
"run_id": "00000000-0000-0000-0000-000000000007",
}
+5 -10
View File
@@ -3,16 +3,11 @@ from unittest.mock import MagicMock
import pytest
from fastapi import Request
from langchain.prompts import PromptTemplate
from langchain.schema.runnable.utils import ConfigurableField
from langchain_core.prompts import PromptTemplate
from langchain_core.runnables import ConfigurableField
from pydantic import BaseModel, ValidationError
from langserve.api_handler import _unpack_request_config
try:
from pydantic.v1 import BaseModel, ValidationError
except ImportError:
from pydantic import BaseModel, ValidationError
from langserve.validation import (
create_batch_request_model,
create_invoke_request_model,
@@ -175,11 +170,11 @@ async def test_invoke_request_with_runnables() -> None:
"configurable": {"template": "goodbye {name}"},
},
)
assert request.input == {"name": "bob"}
assert dict(request.input) == {"name": "bob"}
assert request.config.tags == ["hello"]
assert request.config.run_name == "run"
assert isinstance(request.config.configurable, BaseModel)
assert request.config.configurable.dict() == {
assert request.config.configurable.model_dump() == {
"template": "goodbye {name}",
}
+1
View File
@@ -1,4 +1,5 @@
"""Fake Chat Model wrapper for testing purposes."""
import asyncio
import re
import time
+27
View File
@@ -0,0 +1,27 @@
from typing import Any
def recursive_dump(obj: Any) -> Any:
"""Recursively dump the object if encountering any pydantic models."""
if isinstance(obj, dict):
return {
k: recursive_dump(v)
for k, v in obj.items()
if k != "id" # Remove the id field for testing purposes
}
if isinstance(obj, list):
return [recursive_dump(v) for v in obj]
if hasattr(obj, "model_dump"):
# if the object contains an ID field, we'll remove it for testing purposes
d = obj.model_dump()
if "id" in d:
d.pop("id")
return recursive_dump(d)
if hasattr(obj, "dict"):
# if the object contains an ID field, we'll remove it for testing purposes
if hasattr(obj, "id"):
d = obj.dict()
d.pop("id")
return recursive_dump(d)
return recursive_dump(obj.dict())
return obj
+22
View File
@@ -0,0 +1,22 @@
from typing import Any
from langchain_core.messages import AIMessage, AIMessageChunk
class AnyStr(str):
def __eq__(self, other: Any) -> bool:
return isinstance(other, str)
def _AnyIdAIMessage(**kwargs: Any) -> AIMessage:
"""Create ai message with an any id field."""
message = AIMessage(**kwargs)
message.id = AnyStr()
return message
def _AnyIdAIMessageChunk(**kwargs: Any) -> AIMessageChunk:
"""Create ai message with an any id field."""
message = AIMessageChunk(**kwargs)
message.id = AnyStr()
return message
+57 -36
View File
@@ -1,13 +1,15 @@
"""Tests for verifying that testing utility code works as expected."""
from itertools import cycle
from typing import Any, Dict, List, Optional, Union
from uuid import UUID
from langchain_core.callbacks.base import AsyncCallbackHandler
from langchain_core.messages import AIMessage, AIMessageChunk, BaseMessage
from langchain_core.messages import AIMessage, BaseMessage
from langchain_core.outputs import ChatGenerationChunk, GenerationChunk
from tests.unit_tests.utils.llms import GenericFakeChatModel
from tests.unit_tests.utils.stubs import _AnyIdAIMessage, _AnyIdAIMessageChunk
def test_generic_fake_chat_model_invoke() -> None:
@@ -15,11 +17,11 @@ def test_generic_fake_chat_model_invoke() -> None:
infinite_cycle = cycle([AIMessage(content="hello"), AIMessage(content="goodbye")])
model = GenericFakeChatModel(messages=infinite_cycle)
response = model.invoke("meow")
assert response == AIMessage(content="hello")
assert response == _AnyIdAIMessage(content="hello")
response = model.invoke("kitty")
assert response == AIMessage(content="goodbye")
assert response == _AnyIdAIMessage(content="goodbye")
response = model.invoke("meow")
assert response == AIMessage(content="hello")
assert response == _AnyIdAIMessage(content="hello")
async def test_generic_fake_chat_model_ainvoke() -> None:
@@ -27,11 +29,23 @@ async def test_generic_fake_chat_model_ainvoke() -> None:
infinite_cycle = cycle([AIMessage(content="hello"), AIMessage(content="goodbye")])
model = GenericFakeChatModel(messages=infinite_cycle)
response = await model.ainvoke("meow")
assert response == AIMessage(content="hello")
assert response == _AnyIdAIMessage(content="hello")
response = await model.ainvoke("kitty")
assert response == AIMessage(content="goodbye")
assert response == _AnyIdAIMessage(content="goodbye")
response = await model.ainvoke("meow")
assert response == AIMessage(content="hello")
assert response == _AnyIdAIMessage(content="hello")
def _filter_final_empty_chunk(chunks: list) -> list:
"""Filter out the final empty sentinel chunk emitted by langchain-core 1.x.
langchain-core 1.x emits an extra empty AIMessageChunk with
chunk_position='last' at the end of streams. Strip it for backward-compat
assertions.
"""
if chunks and chunks[-1].content == "" and not chunks[-1].additional_kwargs:
return chunks[:-1]
return chunks
async def test_generic_fake_chat_model_stream() -> None:
@@ -42,28 +56,28 @@ async def test_generic_fake_chat_model_stream() -> None:
]
)
model = GenericFakeChatModel(messages=infinite_cycle)
chunks = [chunk async for chunk in model.astream("meow")]
chunks = _filter_final_empty_chunk([chunk async for chunk in model.astream("meow")])
assert chunks == [
AIMessageChunk(content="hello"),
AIMessageChunk(content=" "),
AIMessageChunk(content="goodbye"),
_AnyIdAIMessageChunk(content="hello"),
_AnyIdAIMessageChunk(content=" "),
_AnyIdAIMessageChunk(content="goodbye"),
]
chunks = [chunk for chunk in model.stream("meow")]
chunks = _filter_final_empty_chunk([chunk for chunk in model.stream("meow")])
assert chunks == [
AIMessageChunk(content="hello"),
AIMessageChunk(content=" "),
AIMessageChunk(content="goodbye"),
_AnyIdAIMessageChunk(content="hello"),
_AnyIdAIMessageChunk(content=" "),
_AnyIdAIMessageChunk(content="goodbye"),
]
# Test streaming of additional kwargs.
# Relying on insertion order of the additional kwargs dict
message = AIMessage(content="", additional_kwargs={"foo": 42, "bar": 24})
message = AIMessage(content="", additional_kwargs={"foo": 42, "bar": 24}, id="1")
model = GenericFakeChatModel(messages=cycle([message]))
chunks = [chunk async for chunk in model.astream("meow")]
chunks = _filter_final_empty_chunk([chunk async for chunk in model.astream("meow")])
assert chunks == [
AIMessageChunk(content="", additional_kwargs={"foo": 42}),
AIMessageChunk(content="", additional_kwargs={"bar": 24}),
_AnyIdAIMessageChunk(content="", additional_kwargs={"foo": 42}),
_AnyIdAIMessageChunk(content="", additional_kwargs={"bar": 24}),
]
message = AIMessage(
@@ -77,22 +91,24 @@ async def test_generic_fake_chat_model_stream() -> None:
},
)
model = GenericFakeChatModel(messages=cycle([message]))
chunks = [chunk async for chunk in model.astream("meow")]
chunks = _filter_final_empty_chunk([chunk async for chunk in model.astream("meow")])
assert chunks == [
AIMessageChunk(
content="", additional_kwargs={"function_call": {"name": "move_file"}}
_AnyIdAIMessageChunk(
content="",
additional_kwargs={"function_call": {"name": "move_file"}},
),
AIMessageChunk(
_AnyIdAIMessageChunk(
content="",
additional_kwargs={
"function_call": {"arguments": '{\n "source_path": "foo"'}
},
),
AIMessageChunk(
content="", additional_kwargs={"function_call": {"arguments": ","}}
_AnyIdAIMessageChunk(
content="",
additional_kwargs={"function_call": {"arguments": ","}},
),
AIMessageChunk(
_AnyIdAIMessageChunk(
content="",
additional_kwargs={
"function_call": {"arguments": '\n "destination_path": "bar"\n}'}
@@ -107,7 +123,7 @@ async def test_generic_fake_chat_model_stream() -> None:
else:
accumulate_chunks += chunk
assert accumulate_chunks == AIMessageChunk(
assert accumulate_chunks == _AnyIdAIMessageChunk(
content="",
additional_kwargs={
"function_call": {
@@ -127,10 +143,11 @@ async def test_generic_fake_chat_model_astream_log() -> None:
log_patch async for log_patch in model.astream_log("meow", diff=False)
]
final = log_patches[-1]
assert final.state["streamed_output"] == [
AIMessageChunk(content="hello"),
AIMessageChunk(content=" "),
AIMessageChunk(content="goodbye"),
streamed = _filter_final_empty_chunk(final.state["streamed_output"])
assert streamed == [
_AnyIdAIMessageChunk(content="hello"),
_AnyIdAIMessageChunk(content=" "),
_AnyIdAIMessageChunk(content="goodbye"),
]
@@ -176,10 +193,14 @@ async def test_callback_handlers() -> None:
model = GenericFakeChatModel(messages=infinite_cycle)
tokens: List[str] = []
# New model
results = list(model.stream("meow", {"callbacks": [MyCustomAsyncHandler(tokens)]}))
results = _filter_final_empty_chunk(
list(model.stream("meow", {"callbacks": [MyCustomAsyncHandler(tokens)]}))
)
assert results == [
AIMessageChunk(content="hello"),
AIMessageChunk(content=" "),
AIMessageChunk(content="goodbye"),
_AnyIdAIMessageChunk(content="hello"),
_AnyIdAIMessageChunk(content=" "),
_AnyIdAIMessageChunk(content="goodbye"),
]
assert tokens == ["hello", " ", "goodbye"]
# Filter empty token from final sentinel chunk if present
content_tokens = [t for t in tokens if t]
assert content_tokens == ["hello", " ", "goodbye"]
+30 -2
View File
@@ -1,7 +1,7 @@
from typing import Dict, List
from typing import Any, Dict, List, Optional
from uuid import UUID
from langchain.callbacks.tracers.base import BaseTracer
from langchain_core.tracers import BaseTracer
from langsmith.schemas import Run
@@ -39,6 +39,34 @@ class FakeTracer(BaseTracer):
}
)
def _create_chain_run(
self,
serialized: Dict[str, Any],
inputs: Dict[str, Any],
run_id: UUID,
tags: Optional[List[str]] = None,
parent_run_id: Optional[UUID] = None,
metadata: Optional[Dict[str, Any]] = None,
run_type: Optional[str] = None,
name: Optional[str] = None,
**kwargs: Any,
) -> Run:
if name is None:
# can't raise an exception from here, but can get a breakpoint
# import pdb; pdb.set_trace()
pass
return super()._create_chain_run(
serialized,
inputs,
run_id,
tags,
parent_run_id,
metadata,
run_type,
name,
**kwargs,
)
def _persist_run(self, run: Run) -> None:
"""Persist a run."""
self.runs.append(self._copy_run(run))