build(deps): bump the pip group across 3 directories with 8 updates #8

dependabot · 2024-06-15T05:25:20Z

Bumps the pip group with 1 update in the /examples/functions directory: langchain.
Bumps the pip group with 2 updates in the /examples/langchain-chroma directory: langchain and llama-index.
Bumps the pip group with 7 updates in the /examples/langchain/langchainpy-localai-example directory:

Package	From	To
langchain	`0.1.0`	`0.2.3`
aiohttp	`3.9.4`	`3.9.5`
certifi	`2023.7.22`	`2024.6.2`
pydantic	`1.10.13`	`2.7.4`
requests	`2.31.0`	`2.32.2`
tqdm	`4.66.3`	`4.66.4`
urllib3	`1.26.18`	`2.2.1`

Updates langchain from 0.1.0 to 0.2.3

Release notes

Sourced from langchain's releases.

langchain==0.2.3

Release langchain==0.2.3

Changes since langchain==0.2.2

langchain[patch]: Release 0.2.3 (#22644) multiple: get rid of pyproject extras (#22581) langchain[minor]: add universal init_model (#22039)

langchain-together==0.1.3

Release langchain-together==0.1.3

Changes since langchain-together==0.1.2

together: bump langchain-core (#22616) together[patch]: Release 0.1.3 (#22615) together, upstage: bump minimum langchain-openai version (#22505) infra: rm unused # noqa violations (#22049) partners: bump core in packages implementing ls_params (#21868) core, standard tests, partner packages: add test for model params (#21677)

langchain-community==0.2.3

Release langchain-community==0.2.3

Changes since langchain-community==0.2.2

community[patch]: Release 0.2.3 (#22562) community[patch]: improve test setup to accurately test filtering of labels in neo4j (#22531) community[minor]: Add support for metadata indexing policy in Cassandra vector store (#22548) community[minor]: add user agent for web scraping loaders (#22480) community[minor]: Add native async support to SQLChatMessageHistory (#22065) community[minor]: Improve InMemoryVectorStore with ability to persist to disk and filter on metadata. (#22186) community[patch]: add detailed paragraph and example for BaichuanTextEmbeddings (#22031) community[minor]: Added filter search for LanceDB (#22461) community: fix huggingface deprecations (#22522) community[minor]: Vectara Integration Update - Streaming, FCS, Chat, updates to documentation and example notebooks (#21334)

langchain-nomic==0.1.2

Release langchain-nomic==0.1.2

Changes since langchain-nomic==0.1.1

nomic[patch]: Release 0.1.2 (#22561) embeddings: nomic embed vision (#22482)

langchain-mongodb==0.1.6

Release langchain-mongodb==0.1.6

Changes since langchain-mongodb==0.1.5

mongodb[patch]: Release 0.1.6 (#22501) community, milvus, pinecone, qdrant, mongo: Broadcast operation failure while using simsimd beyond v3.7.7 (#22271) infra: rm unused # noqa violations (#22049)

langchain-milvus==0.1.1

... (truncated)

Commits

fe2e5a3 langchain[patch]: Release 0.2.3 (#22644)
a24a9c6 multiple: get rid of pyproject extras (#22581)
4367e89 core[patch]: Release 0.2.5 (#22642)
28f744c core[patch]: Correctly order parent ids in astream events (from root to immed...
8359261 updated oracleai_demo.ipynb (#22635)
035a9c9 core[minor]: Add parent_ids to astream_events API (#22563)
67e58fd docs[patch]: Fix diffbot docs (#22584)
6b8963a docs: Add information about run time binding values to tools (#22623)
aa49163 docs[patch]: typo in AutoGPT example notebook (#22631)
ffe75d1 docs: typo in dev container documentation (#22630)
Additional commits viewable in compare view

Updates langchain from 0.1.0 to 0.2.3

Release notes

Sourced from langchain's releases.

langchain==0.2.3

Release langchain==0.2.3

Changes since langchain==0.2.2

langchain[patch]: Release 0.2.3 (#22644) multiple: get rid of pyproject extras (#22581) langchain[minor]: add universal init_model (#22039)

langchain-together==0.1.3

Release langchain-together==0.1.3

Changes since langchain-together==0.1.2

together: bump langchain-core (#22616) together[patch]: Release 0.1.3 (#22615) together, upstage: bump minimum langchain-openai version (#22505) infra: rm unused # noqa violations (#22049) partners: bump core in packages implementing ls_params (#21868) core, standard tests, partner packages: add test for model params (#21677)

langchain-community==0.2.3

Release langchain-community==0.2.3

Changes since langchain-community==0.2.2

community[patch]: Release 0.2.3 (#22562) community[patch]: improve test setup to accurately test filtering of labels in neo4j (#22531) community[minor]: Add support for metadata indexing policy in Cassandra vector store (#22548) community[minor]: add user agent for web scraping loaders (#22480) community[minor]: Add native async support to SQLChatMessageHistory (#22065) community[minor]: Improve InMemoryVectorStore with ability to persist to disk and filter on metadata. (#22186) community[patch]: add detailed paragraph and example for BaichuanTextEmbeddings (#22031) community[minor]: Added filter search for LanceDB (#22461) community: fix huggingface deprecations (#22522) community[minor]: Vectara Integration Update - Streaming, FCS, Chat, updates to documentation and example notebooks (#21334)

langchain-nomic==0.1.2

Release langchain-nomic==0.1.2

Changes since langchain-nomic==0.1.1

nomic[patch]: Release 0.1.2 (#22561) embeddings: nomic embed vision (#22482)

langchain-mongodb==0.1.6

Release langchain-mongodb==0.1.6

Changes since langchain-mongodb==0.1.5

mongodb[patch]: Release 0.1.6 (#22501) community, milvus, pinecone, qdrant, mongo: Broadcast operation failure while using simsimd beyond v3.7.7 (#22271) infra: rm unused # noqa violations (#22049)

langchain-milvus==0.1.1

... (truncated)

Commits

fe2e5a3 langchain[patch]: Release 0.2.3 (#22644)
a24a9c6 multiple: get rid of pyproject extras (#22581)
4367e89 core[patch]: Release 0.2.5 (#22642)
28f744c core[patch]: Correctly order parent ids in astream events (from root to immed...
8359261 updated oracleai_demo.ipynb (#22635)
035a9c9 core[minor]: Add parent_ids to astream_events API (#22563)
67e58fd docs[patch]: Fix diffbot docs (#22584)
6b8963a docs: Add information about run time binding values to tools (#22623)
aa49163 docs[patch]: typo in AutoGPT example notebook (#22631)
ffe75d1 docs: typo in dev container documentation (#22630)
Additional commits viewable in compare view

Updates llama-index from 0.9.36 to 0.10.13

Release notes

Sourced from llama-index's releases.

v0.10.13

New Features

Added a llama-pack for KodaRetriever, for on-the-fly alpha tuning (#11311)

Added support for mistral-large (#11398)

Last token pooling mode for huggingface embeddings models like SFR-Embedding-Mistral (#11373)

Added fsspec support to SimpleDirectoryReader (#11303)

Bug Fixes / Nits

Fixed an issue with context window + prompt helper (#11379)

Moved OpenSearch vector store to BasePydanticVectorStore (#11400)

Fixed function calling in fireworks LLM (#11363)

Made cohere embedding types more automatic (#11288)

Improve function calling in react agent (#11280)

Fixed MockLLM imports (#11376)

v0.10.12

No release notes provided.

v0.10.11

No release notes provided.

v0.10.10

No release notes provided.

v0.10.8

No release notes provided.

v0.10.7

New Features

Added Self-Discover llamapack (#10951)

Bug Fixes / Nits

Fixed linting in CICD (#10945)

Fixed using remote graph stores (#10971)

Added missing LLM kwarg in NoText response synthesizer (#10971)

Fixed openai import in rankgpt (#10971)

Fixed resolving model name to string in openai embeddings (#10971)

Off by one error in sentence window node parser (#10971)

v0.10.6

[0.10.6] - 2024-02-17

First, apologies for missing the changelog the last few versions. Trying to figure out the best process with 400+ packages.

At some point, each package will have a dedicated changelog.

... (truncated)

Changelog

Sourced from llama-index's changelog.

[0.10.13] - 2024-02-26

New Features

Added a llama-pack for KodaRetriever, for on-the-fly alpha tuning (#11311)

Added support for mistral-large (#11398)

Last token pooling mode for huggingface embeddings models like SFR-Embedding-Mistral (#11373)

Added fsspec support to SimpleDirectoryReader (#11303)

Bug Fixes / Nits

Fixed an issue with context window + prompt helper (#11379)

Moved OpenSearch vector store to BasePydanticVectorStore (#11400)

Fixed function calling in fireworks LLM (#11363)

Made cohere embedding types more automatic (#11288)

Improve function calling in react agent (#11280)

Fixed MockLLM imports (#11376)

[0.10.12] - 2024-02-22

New Features

Added llama-index-postprocessor-colbert-rerank package (#11057)

MyMagicAI LLM (#11263)

MariaTalk LLM (#10925)

Add retries to github reader (#10980)

Added FireworksAI embedding and LLM modules (#10959)

Bug Fixes / Nits

Fixed string formatting in weaviate (#11294)

Fixed off-by-one error in semantic splitter (#11295)

Fixed download_llama_pack for multiple files (#11272)

Removed BUILD files from packages (#11267)

Loosened python version reqs for all packages (#11267)

Fixed args issue with chromadb (#11104)

[0.10.11] - 2024-02-21

Bug Fixes / Nits

Fixed multi-modal LLM for async acomplete (#11064)

Fixed issue with llamaindex-cli imports (#11068)

[0.10.10] - 2024-02-20

I'm still a bit wonky with our publishing process -- apologies. This is just a version bump to ensure the changes that were supposed to happen in 0.10.9 actually did get published. (AF)

... (truncated)

Commits

6d642a0 Logan/release v0.10.13 (#11408)
78a4c9e fix prompt helper init (#11379)
52383c7 Update opensearch vectorstore to PydanticVectorStore class (#11400)
4077fee Astra DB Vector store, package rename for naming consistency (#11056)
65290f5 Alpha Tuning Llama Pack: KodaRetriever (#11311)
70d4a5c Only firefunction is function calling (#11363)
3a10235 Elastic Search retrieval : Bug Fix for Cases when No Relationships Detected (...
0b13b8d Add support for mistral-large (#11398)
1f48dd9 Astra DB clients identify themselves as coming through LlamaIndex usage (#11396)
6024956 Last token pooling for Huggingface models like SFR-Embedding-Mistral (#11373)
Additional commits viewable in compare view

Updates langchain from 0.1.0 to 0.2.3

Release notes

Sourced from langchain's releases.

langchain==0.2.3

Release langchain==0.2.3

Changes since langchain==0.2.2

langchain[patch]: Release 0.2.3 (#22644) multiple: get rid of pyproject extras (#22581) langchain[minor]: add universal init_model (#22039)

langchain-together==0.1.3

Release langchain-together==0.1.3

Changes since langchain-together==0.1.2

together: bump langchain-core (#22616) together[patch]: Release 0.1.3 (#22615) together, upstage: bump minimum langchain-openai version (#22505) infra: rm unused # noqa violations (#22049) partners: bump core in packages implementing ls_params (#21868) core, standard tests, partner packages: add test for model params (#21677)

langchain-community==0.2.3

Release langchain-community==0.2.3

Changes since langchain-community==0.2.2

community[patch]: Release 0.2.3 (#22562) community[patch]: improve test setup to accurately test filtering of labels in neo4j (#22531) community[minor]: Add support for metadata indexing policy in Cassandra vector store (#22548) community[minor]: add user agent for web scraping loaders (#22480) community[minor]: Add native async support to SQLChatMessageHistory (#22065) community[minor]: Improve InMemoryVectorStore with ability to persist to disk and filter on metadata. (#22186) community[patch]: add detailed paragraph and example for BaichuanTextEmbeddings (#22031) community[minor]: Added filter search for LanceDB (#22461) community: fix huggingface deprecations (#22522) community[minor]: Vectara Integration Update - Streaming, FCS, Chat, updates to documentation and example notebooks (#21334)

langchain-nomic==0.1.2

Release langchain-nomic==0.1.2

Changes since langchain-nomic==0.1.1

nomic[patch]: Release 0.1.2 (#22561) embeddings: nomic embed vision (#22482)

langchain-mongodb==0.1.6

Release langchain-mongodb==0.1.6

Changes since langchain-mongodb==0.1.5

mongodb[patch]: Release 0.1.6 (#22501) community, milvus, pinecone, qdrant, mongo: Broadcast operation failure while using simsimd beyond v3.7.7 (#22271) infra: rm unused # noqa violations (#22049)

langchain-milvus==0.1.1

... (truncated)

Commits

fe2e5a3 langchain[patch]: Release 0.2.3 (#22644)
a24a9c6 multiple: get rid of pyproject extras (#22581)
4367e89 core[patch]: Release 0.2.5 (#22642)
28f744c core[patch]: Correctly order parent ids in astream events (from root to immed...
8359261 updated oracleai_demo.ipynb (#22635)
035a9c9 core[minor]: Add parent_ids to astream_events API (#22563)
67e58fd docs[patch]: Fix diffbot docs (#22584)
6b8963a docs: Add information about run time binding values to tools (#22623)
aa49163 docs[patch]: typo in AutoGPT example notebook (#22631)
ffe75d1 docs: typo in dev container documentation (#22630)
Additional commits viewable in compare view

Updates aiohttp from 3.9.4 to 3.9.5

Release notes

Sourced from aiohttp's releases.

3.9.5

Bug fixes

Fixed "Unclosed client session" when initialization of :py:class:~aiohttp.ClientSession fails -- by :user:NewGlad.

Related issues and pull requests on GitHub: #8253.

Fixed regression (from :pr:8280) with adding Content-Disposition to the form-data part after appending to writer -- by :user:Dreamsorcerer/:user:Olegt0rr.

Related issues and pull requests on GitHub: #8332.

Added default Content-Disposition in multipart/form-data responses to avoid broken form-data responses -- by :user:Dreamsorcerer.

Related issues and pull requests on GitHub: #8335.

Changelog

Sourced from aiohttp's changelog.

3.9.5 (2024-04-16)

Bug fixes

Fixed "Unclosed client session" when initialization of :py:class:~aiohttp.ClientSession fails -- by :user:NewGlad.

Related issues and pull requests on GitHub: :issue:8253.

Fixed regression (from :pr:8280) with adding Content-Disposition to the form-data part after appending to writer -- by :user:Dreamsorcerer/:user:Olegt0rr.

Related issues and pull requests on GitHub: :issue:8332.

Added default Content-Disposition in multipart/form-data responses to avoid broken form-data responses -- by :user:Dreamsorcerer.

Related issues and pull requests on GitHub: :issue:8335.

Commits

b844d42 Release v3.9.5 (#8340)
0415a4c Patchback/backports/3.9/5fd29467fb63efdfae1ace280cec36b1f8139567/pr 8290 (#8311)
f21c6f2 [PR #8335/5a6949da backport][3.9] Add Content-Disposition automatically (#8336)
7eecdff [PR #8332/482e6cdf backport][3.9] Add set_content_disposition test (#8333)
82fbe64 [PR #8324/4a8fd08b backport][3.9] Add missing changelogs (#8330)
01df7ec Bump version
7917ae2 Merge 3.1
See full diff in compare view

Updates certifi from 2023.7.22 to 2024.6.2

Commits

124f4ad 2024.06.02 (#291)
c2196ce --- (#290)
fefdeec Bump actions/checkout from 4.1.4 to 4.1.5 (#289)
3c5fb15 Bump actions/download-artifact from 4.1.6 to 4.1.7 (#286)
4a9569a Bump actions/checkout from 4.1.2 to 4.1.4 (#287)
1fc8086 Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#288)
ad52dce Bump peter-evans/create-pull-request from 6.0.3 to 6.0.4 (#283)
651904f Bump actions/upload-artifact from 4.3.1 to 4.3.3 (#284)
84fcfba Bump actions/download-artifact from 4.1.4 to 4.1.6 (#285)
46b8057 Bump peter-evans/create-pull-request from 6.0.2 to 6.0.3 (#282)
Additional commits viewable in compare view

Updates pydantic from 1.10.13 to 2.7.4

Release notes

Sourced from pydantic's releases.

v2.7.4 (2024-06-12)

What's Changed

Packaging

Bump pydantic.v1 to v1.10.16 reference by @sydney-runkle in #9639

Fixes

Specify recursive_guard as kwarg in FutureRef._evaluate by @vfazio in #9612

Full Changelog: pydantic/pydantic@v2.7.3...v2.7.4

v2.7.3 (2024-06-03)

What's Changed

Packaging

Bump pydantic-core to v2.18.4 by @sydney-runkle in #9550

Fixes

Fix u style unicode strings in python @samuelcolvin in pydantic/jiter#110

Full Changelog: pydantic/pydantic@v2.7.2...v2.7.3/*

v2.7.2 (2024-05-28)

What's Changed

Packaging

Bump pydantic-core to v2.18.3 by @sydney-runkle in #9515

Fixes

Replace __spec__.parent with __package__ by @hramezani in #9331

Fix validation of ints with leading unary minus by @RajatRajdeep in pydantic/pydantic-core#1291

Fix str subclass validation for enums by @sydney-runkle in pydantic/pydantic-core#1273

Support BigInts in Literals and Enums by @samuelcolvin in pydantic/pydantic-core#1297

Fix: uuid - allow str subclass as input by @davidhewitt in pydantic/pydantic-core#1296

Full Changelog: pydantic/pydantic@v2.7.1...v2.7.2/

v2.7.1 (2024-04-23)

What's Changed

Packaging

Bump pydantic-core to v2.18.2 by @sydney-runkle in #9307

New Features

... (truncated)

Changelog

Sourced from pydantic's changelog.

v2.7.4 (2024-06-12)

Github release

What's Changed

Packaging

Bump pydantic.v1 to v1.10.16 reference by @sydney-runkle in #9639

Fixes

Specify recursive_guard as kwarg in FutureRef._evaluate by @vfazio in #9612

v2.7.3 (2024-06-03)

GitHub release

What's Changed

Packaging

Bump pydantic-core to v2.18.4 by @sydney-runkle in #9550

Fixes

Fix u style unicode strings in python @samuelcolvin in pydantic/jiter#110

v2.7.2 (2024-05-28)

GitHub release

What's Changed

Packaging

Bump pydantic-core to v2.18.3 by @sydney-runkle in #9515

Fixes

Replace __spec__.parent with __package__ by @hramezani in #9331

Fix validation of ints with leading unary minus by @RajatRajdeep in pydantic/pydantic-core#1291

Fix str subclass validation for enums by @sydney-runkle in pydantic/pydantic-core#1273

Support BigInts in Literals and Enums by @samuelcolvin in pydantic/pydantic-core#1297

Fix: uuid - allow str subclass as input by @davidhewitt in pydantic/pydantic-core#1296

v2.7.1 (2024-04-23)

GitHub release

... (truncated)

Commits

1ab655a Prep for v2.7.4 release (#9642)
2e3650e V1 bump to v1.10.16 (#9639)
9f48fc2 prep for 2.7.3 release (#9551)
1f8c7d7 Bump pydantic-core to v2.18.4 (#9550)
70ac7a0 fix version
08d6ed2 Merge branch '2.7' of https://github.com/pydantic/pydantic into 2.7
42f544a fix version
a20da21 2.7.2 prep (#9515)
f42ae9b Logfire annoucement (#9362)
451f780 Replace __spec__.parent with __package__ (#9331)
Additional commits viewable in compare view

Updates requests from 2.31.0 to 2.32.2

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)

Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)

Fixed deserialization bug in JSONDecodeError. (#6629)

Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)

Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)

Fixed deserialization bug in JSONDecodeError. (#6629)

Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

Deprecations

... (truncated)

Commits

88dce9d v2.32.2
c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
92075b3 Add deprecation warning
aa1461b Move _get_connection to get_connection_with_tls_context
970e8ce v2.32.1
d6ebc4a v2.32.0
9a40d12 Avoid reloading root certificates to improve concurrent performance (#6667)
0c030f7 Merge pull request #6702 from nateprewitt/no_char_detection
555b870 Allow character detection dependencies to be optional in post-packaging steps
d6dded3 Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-test
Additional commits viewable in compare view

Updates tqdm from 4.66.3 to 4.66.4

Release notes

Sourced from tqdm's releases.

tqdm v4.66.4 stable

rich: fix completion (#1395 <- #1306)

minor framework updates & code tidy (#1578)

Commits

7472295 bump version, merge pull request #1578 from tqdm/devel
e84d488 tests: bump pre-commit
7c8753f Merge pull request #1395 from glensc/patch-1
d7f469e Add display to close in rich module
d774884 tidy super() calls
See full diff in compare view

Updates urllib3 from 1.26.18 to 2.2.1

Release notes

Sourced from urllib3's releases.

2.2.1

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

Fixed issue where InsecureRequestWarning was emitted for HTTPS connections when using Emscripten. (#3331)

Fixed HTTPConnectionPool.urlopen to stop automatically casting non-proxy headers to HTTPHeaderDict. This change was premature as it did not apply to proxy headers and HTTPHeaderDict does not handle byte header values correctly yet. (#3343)

Changed ProtocolError to InvalidChunkLength when response terminates before the chunk length is sent. (#2860)

Changed ProtocolError to be more verbose on incomplete reads with excess content. (#3261)

2.2.0

🖥️ urllib3 now works in the browser

🎉 This release adds experimental support for using urllib3 in the browser with Pyodide! 🎉

Thanks to Joe Marshall (@joemarshall) for contributing this feature. This change was possible thanks to work done in urllib3 v2.0 to detach our API from http.client. Please report all bugs to the urllib3 issue tracker.

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

Added support for Emscripten and Pyodide, including streaming support in cross-origin isolated browser environments where threading is enabled. (#2951)

Added support for HTTPResponse.read1() method. (#3186)

Added rudimentary support for HTTP/2. (#3284)

Fixed issue where requests against urls with trailing dots were failing due to SSL errors when using proxy. (#2244)

Fixed HTTPConnection.proxy_is_verified and HTTPSConnection.proxy_is_verified to be always set to a boolean after connecting to a proxy. It could be None in some cases previously. (#3130)

Fixed an issue where headers passed in a request with json= would be mutated (#3203)

Fixed HTTPSConnection.is_verified to be set to False when connecting from a HTTPS proxy to an HTTP target. It was set to True previously. (#3267)

Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS (#3268)

Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled (#3325)

Note for downstream distributors: To run integration tests, you now need to run the tests a second time with the --integration pytest flag. (#3181)

2.1.0

Read the v2 migration guide for help upgrading to the latest version of urllib3.

Removals

Removed support for the deprecated urllib3[secure] extra. (#2680)

Removed support for the deprecated SecureTransport TLS implementation. (#2681)

Removed support for the end-of-life Python 3.7. (#3143)

... (truncated)

Changelog

Description has been truncated

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps the pip group with 1 update in the /examples/functions directory: [langchain](https://github.com/langchain-ai/langchain). Bumps the pip group with 2 updates in the /examples/langchain-chroma directory: [langchain](https://github.com/langchain-ai/langchain) and [llama-index](https://github.com/run-llama/llama_index). Bumps the pip group with 7 updates in the /examples/langchain/langchainpy-localai-example directory: | Package | From | To | | --- | --- | --- | | [langchain](https://github.com/langchain-ai/langchain) | `0.1.0` | `0.2.3` | | [aiohttp](https://github.com/aio-libs/aiohttp) | `3.9.4` | `3.9.5` | | [certifi](https://github.com/certifi/python-certifi) | `2023.7.22` | `2024.6.2` | | [pydantic](https://github.com/pydantic/pydantic) | `1.10.13` | `2.7.4` | | [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.2` | | [tqdm](https://github.com/tqdm/tqdm) | `4.66.3` | `4.66.4` | | [urllib3](https://github.com/urllib3/urllib3) | `1.26.18` | `2.2.1` | Updates `langchain` from 0.1.0 to 0.2.3 - [Release notes](https://github.com/langchain-ai/langchain/releases) - [Commits](langchain-ai/langchain@langchain-exa==0.1.0...langchain==0.2.3) Updates `langchain` from 0.1.0 to 0.2.3 - [Release notes](https://github.com/langchain-ai/langchain/releases) - [Commits](langchain-ai/langchain@langchain-exa==0.1.0...langchain==0.2.3) Updates `llama-index` from 0.9.36 to 0.10.13 - [Release notes](https://github.com/run-llama/llama_index/releases) - [Changelog](https://github.com/run-llama/llama_index/blob/main/CHANGELOG.md) - [Commits](run-llama/llama_index@v0.9.36...v0.10.13) Updates `langchain` from 0.1.0 to 0.2.3 - [Release notes](https://github.com/langchain-ai/langchain/releases) - [Commits](langchain-ai/langchain@langchain-exa==0.1.0...langchain==0.2.3) Updates `aiohttp` from 3.9.4 to 3.9.5 - [Release notes](https://github.com/aio-libs/aiohttp/releases) - [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst) - [Commits](aio-libs/aiohttp@v3.9.4...v3.9.5) Updates `certifi` from 2023.7.22 to 2024.6.2 - [Commits](certifi/python-certifi@2023.07.22...2024.06.02) Updates `pydantic` from 1.10.13 to 2.7.4 - [Release notes](https://github.com/pydantic/pydantic/releases) - [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md) - [Commits](pydantic/pydantic@v1.10.13...v2.7.4) Updates `requests` from 2.31.0 to 2.32.2 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.31.0...v2.32.2) Updates `tqdm` from 4.66.3 to 4.66.4 - [Release notes](https://github.com/tqdm/tqdm/releases) - [Commits](tqdm/tqdm@v4.66.3...v4.66.4) Updates `urllib3` from 1.26.18 to 2.2.1 - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@1.26.18...2.2.1) --- updated-dependencies: - dependency-name: langchain dependency-type: direct:production dependency-group: pip - dependency-name: langchain dependency-type: direct:production dependency-group: pip - dependency-name: llama-index dependency-type: direct:production dependency-group: pip - dependency-name: langchain dependency-type: direct:production dependency-group: pip - dependency-name: aiohttp dependency-type: direct:production dependency-group: pip - dependency-name: certifi dependency-type: direct:production dependency-group: pip - dependency-name: pydantic dependency-type: direct:production dependency-group: pip - dependency-name: requests dependency-type: direct:production dependency-group: pip - dependency-name: tqdm dependency-type: direct:production dependency-group: pip - dependency-name: urllib3 dependency-type: direct:production dependency-group: pip ... Signed-off-by: dependabot[bot] <[email protected]>

socket-security · 2024-06-15T05:26:10Z

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
pypi/[email protected]	environment, eval, filesystem, network, shell, unsafe	`0`	14.2 MB	Andrew.Svetlov, fafhrd, webknjaz
pypi/[email protected]	environment, eval, filesystem, network	`0`	2.32 MB	hwchase17
pypi/[email protected]	None	`0`	21.9 kB	jerryjliu, simonsdsuo
pypi/[email protected]	environment, eval, filesystem, shell, unsafe	`0`	3.83 MB	samuelcolvin
pypi/[email protected]	environment, eval, filesystem, network, unsafe	`0`	2.7 MB	ingy, nitzmahone, tinita
pypi/[email protected]	environment, eval, filesystem, network, shell, unsafe	`0`	473 kB	Lukasa, graffatcolmingov, nateprewitt

View full report↗︎

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jun 15, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the pip group across 3 directories with 8 updates #8

build(deps): bump the pip group across 3 directories with 8 updates #8

dependabot bot commented on behalf of github Jun 15, 2024 •

edited

Loading

socket-security bot commented Jun 15, 2024

build(deps): bump the pip group across 3 directories with 8 updates #8

Are you sure you want to change the base?

build(deps): bump the pip group across 3 directories with 8 updates #8

Conversation

dependabot bot commented on behalf of github Jun 15, 2024 • edited Loading

langchain==0.2.3

Release langchain==0.2.3

langchain-together==0.1.3

Release langchain-together==0.1.3

langchain-community==0.2.3

Release langchain-community==0.2.3

langchain-nomic==0.1.2

Release langchain-nomic==0.1.2

langchain-mongodb==0.1.6

Release langchain-mongodb==0.1.6

langchain-milvus==0.1.1

langchain==0.2.3

Release langchain==0.2.3

langchain-together==0.1.3

Release langchain-together==0.1.3

langchain-community==0.2.3

Release langchain-community==0.2.3

langchain-nomic==0.1.2

Release langchain-nomic==0.1.2

langchain-mongodb==0.1.6

Release langchain-mongodb==0.1.6

langchain-milvus==0.1.1

v0.10.13

New Features

Bug Fixes / Nits

v0.10.12

v0.10.11

v0.10.10

v0.10.8

v0.10.7

New Features

Bug Fixes / Nits

v0.10.6

[0.10.6] - 2024-02-17

[0.10.13] - 2024-02-26

New Features

Bug Fixes / Nits

[0.10.12] - 2024-02-22

New Features

Bug Fixes / Nits

[0.10.11] - 2024-02-21

Bug Fixes / Nits

[0.10.10] - 2024-02-20

langchain==0.2.3

Release langchain==0.2.3

langchain-together==0.1.3

Release langchain-together==0.1.3

langchain-community==0.2.3

Release langchain-community==0.2.3

langchain-nomic==0.1.2

Release langchain-nomic==0.1.2

langchain-mongodb==0.1.6

Release langchain-mongodb==0.1.6

langchain-milvus==0.1.1

3.9.5

Bug fixes

3.9.5 (2024-04-16)

Bug fixes

v2.7.4 (2024-06-12)

What's Changed

Packaging

Fixes

v2.7.3 (2024-06-03)

What's Changed

Packaging

Fixes

v2.7.2 (2024-05-28)

What's Changed

Packaging

Fixes

v2.7.1 (2024-04-23)

What's Changed

Packaging

New Features

v2.7.4 (2024-06-12)

dependabot bot commented on behalf of github Jun 15, 2024 •

edited

Loading