chore(deps-dev): bump pymongo from 4.7.3 to 4.10.1 #953
Conversation
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
This pull request updates the pymongo dependency from version 4.7.3 to 4.10.1 in the dev dependencies of the langfuse-python project.
- The CI workflow in
.github/workflows/ci.ymlincludes tests that likely use pymongo, as it's listed in the dev dependencies - The dependabot-merge workflow in
.github/workflows/dependabot-merge.ymlis configured to auto-merge patch updates, which this is not - The update includes bug fixes and improvements, such as fixing deadlock issues and improving vector storage support
- No changes to the project's source files are required for this dependency update
No file(s) reviewed, no comment(s)
Edit PR Review Bot Settings
dependabot
bot
force-pushed
the
dependabot/pip/pymongo-4.10.1
branch
2 times, most recently
from
4890fda to
0b87e94
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
(updates since last review)
This pull request updates the pymongo dependency from version 4.7.3 to 4.10.1 and includes several changes across the project. Here are the key points to consider:
- Updated pymongo to version 4.10.1, which includes bug fixes and new features like efficient vector storage support
- Changed
start_datefield type fromdatetodatetimein model-related files for more precise timestamp handling - Introduced new LlamaIndex instrumentation classes and removed the old
LlamaIndexSpanHandler - Improved error logging and context management in various parts of the codebase
- Updated test files to accommodate new features and changes in the LlamaIndex integration
Key changes to review:
- Verify that the
start_datefield type change fromdatetodatetimedoesn't break existing functionality - Ensure that the new LlamaIndex instrumentation classes (
LlamaIndexInstrumentorandLlamaIndexEventHandler) are properly integrated and tested - Check that the removal of
LlamaIndexSpanHandlerdoesn't negatively impact existing integrations - Review the updated OpenAI integration for compatibility with different SDK versions and new features
25 file(s) reviewed, 4 comment(s)
Edit PR Review Bot Settings | Greptile
dependabot
bot
force-pushed
the
dependabot/pip/pymongo-4.10.1
branch
from
0b87e94 to
b35aa34
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
(updates since last review)
This pull request updates the pymongo dependency from version 4.7.3 to 4.10.1 and includes minor changes to the Langfuse SDK, particularly in the Langchain integration.
- Updated
langfuse/callback/langchain.pyto handle tools in LLM actions, extending prompts with tool information - Modified
tests/test_langchain.pyto add a new test function for OpenAI function calling with structured tools - No changes to model field types or LlamaIndex instrumentation were observed in this update
- The pymongo update includes bug fixes and new features like efficient vector storage support (Binary BSON subtype 9)
2 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
dependabot
bot
force-pushed
the
dependabot/pip/pymongo-4.10.1
branch
from
b35aa34 to
b286db2
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
(updates since last review)
This pull request updates the pymongo dependency from 4.7.3 to 4.10.1 and bumps the package version from 2.52.0 to 2.52.1 in the langfuse-python project.
- Updated
langfuse/version.pyto reflect the new package version 2.52.1 - Modified
pyproject.tomlto update pymongo dependency to 4.10.1 - Pymongo update includes bug fixes and new features, such as efficient vector storage support (Binary BSON subtype 9)
- No changes to the project's source files are required for this dependency update
- CI workflow in
.github/workflows/ci.ymlwill test the compatibility of the updated pymongo version
2 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
dependabot
bot
force-pushed
the
dependabot/pip/pymongo-4.10.1
branch
from
b286db2 to
c85469b
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
(updates since last review)
This pull request updates the pymongo dependency from version 4.7.3 to 4.10.1 and includes minor changes to improve the Langfuse SDK's functionality and stability.
- Added 'DeepInfra' model pattern in
langfuse/extract_model.pyfor better model ID extraction - Removed '[BETA]' tag from LlamaIndexInstrumentor class in
langfuse/llama_index/_instrumentor.py, indicating increased stability - Added deprecation notice for LlamaIndexCallbackHandler in
langfuse/llama_index/llama_index.py, recommending LlamaIndexInstrumentor instead - Improved error handling in
langfuse/openai.pyfor None responses and safer dict access - Bumped package version to 2.52.2 in
langfuse/version.pyandpyproject.toml
6 file(s) reviewed, 1 comment(s)
Edit PR Review Bot Settings | Greptile
Bumps [pymongo](https://github.com/mongodb/mongo-python-driver) from 4.7.3 to 4.10.1. - [Release notes](https://github.com/mongodb/mongo-python-driver/releases) - [Changelog](https://github.com/mongodb/mongo-python-driver/blob/master/doc/changelog.rst) - [Commits](mongodb/mongo-python-driver@4.7.3...4.10.1) --- updated-dependencies: - dependency-name: pymongo dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/pip/pymongo-4.10.1
branch
from
c85469b to
d1d458f
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
(updates since last review)
This pull request adds a new data masking feature across the Langfuse Python SDK while updating the pymongo dependency. Here's a concise summary of the key changes:
- Added new
maskparameter to Langfuse client for masking sensitive data in event inputs/outputs - Implemented
MaskFunctionprotocol type and masking functionality in TaskManager for secure data handling - Added masking support to LlamaIndex instrumentor and handlers for consistent data protection
- Added test coverage for the new masking functionality in test_core_sdk.py
- Improved error handling for None values and dict access in OpenAI integration
The changes focus on enhancing data security and privacy features while maintaining backward compatibility.
15 file(s) reviewed, 2 comment(s)
Edit PR Review Bot Settings | Greptile
|
Superseded by #1092. |
Bumps pymongo from 4.7.3 to 4.10.1.
Release notes
Sourced from pymongo's releases.
Changelog
Sourced from pymongo's changelog.
... (truncated)
Commits
77cd7abBUMP 4.10.11c28430PYTHON-4808 Add changelog for 4.10.1 (#1890)7848febPYTHON-4786 - Fix UpdateResult.did_upsert TypeError (#1878)0279407PYTHON-4806 Fix expected metadata in mockupdb tests (#1888)7fbeca9[PYTHON-4803] Big endian fix for binary bson vectors (#1885)bfba548PYTHON-4789 Migrate test_retryable_reads.py to async (#1877)8791aa0PYTHON-4790 Migrate test_retryable_writes.py to async (#1876)c0f7810BUMP 4.11.0.dev04713afaBUMP 4.10.0ae6cfd6[DRIVERS-2926] [PYTHON-4577] BSON Binary Vector Subtype Support (#1813)You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)