chore(deps): bump the langchain group across 1 directory with 8 updates #999
Conversation
dependabot
bot
added
the
dependencies
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
This pull request updates multiple langchain-related package dependencies in pyproject.toml. Here's a summary of the key changes:
- Updates 8 langchain packages including langchain, langchain-mistralai, langchain-google-vertexai, langchain-openai, langchain-anthropic, langchain-groq, langchain-aws, and langchain-community to their latest versions
- Adds support for Claude 3 models in langchain-anthropic package
- Improves error handling and metadata parsing across multiple packages
- Adds support for image inputs in langchain-anthropic
- Fixes GraphQA chain security vulnerability in langchain-community
The changes are non-breaking dependency updates that maintain compatibility while enabling access to new features and security fixes.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
4eb287e to
296be2a
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
This PR continues updating langchain-related dependencies with several important changes. Here's a focused summary of the latest updates:
Updates langchain packages in pyproject.toml with significant changes:
- Adds multimodal support and Claude 3 model integration in langchain-anthropic
- Patches GraphQA chains security vulnerability (CVE-2024-8309) in langchain-community
- Improves error handling for server quota and metadata parsing
- Adds support for session-level feedback in evaluation features
The changes maintain backward compatibility while adding important security fixes and new capabilities.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
296be2a to
a1bae43
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
This PR continues updating langchain-related dependencies with a focus on the latest changes. Here's a concise summary of the key updates:
- Adds support for Claude 3 models and multimodal capabilities in langchain-anthropic package
- Fixes critical security vulnerability CVE-2024-8309 in langchain-community GraphQA chains
- Improves error handling for server quota management and metadata parsing
- Adds support for image inputs in langchain-anthropic package
- Implements session-level feedback functionality in evaluation features
The changes are non-breaking updates that enhance security and functionality while maintaining backward compatibility.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
a1bae43 to
cb3d702
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
This PR updates multiple langchain-related dependencies in pyproject.toml with several key changes:
- Patches critical security vulnerability CVE-2024-8309 in langchain-community GraphQA chains
- Adds Claude 3 model support with multimodal capabilities in langchain-anthropic
- Improves server quota error handling and metadata parsing across packages
- Updates 8 langchain packages including core, mistralai, google-vertexai, openai, anthropic, groq, aws and community
The changes are non-breaking updates focused on security fixes and new model capabilities while maintaining backward compatibility.
Key points:
- Critical security fix for GraphQA chains vulnerability
- Support for Claude 3 models and multimodal inputs
- Improved error handling for server quotas
- Streamlined metadata parsing and management
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
cb3d702 to
017b3a2
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
This PR updates multiple langchain-related packages with a focus on the latest changes. Here's a concise summary of the new updates:
- Adds support for image inputs and model type strings in langchain-anthropic package
- Implements session-level feedback and RAPTOR evaluation features in langchain core
- Adds support for mistral and llama MAAS models in langchain-google-vertexai
- Improves error handling for server quota management and metadata parsing
The changes are non-breaking updates that enhance functionality while maintaining backward compatibility.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
017b3a2 to
2f4f36f
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
This PR updates multiple langchain-related dependencies with significant new features and security improvements. Here's a focused summary of the latest changes:
- Adds support for Claude 3 models and image inputs in langchain-anthropic package
- Implements RAPTOR evaluation and session-level feedback in langchain core
- Adds support for mistral and llama MAAS models in langchain-google-vertexai
- Patches critical security vulnerability CVE-2024-8309 in langchain-community GraphQA chains
- Improves server quota error handling and metadata parsing across packages
The changes maintain backward compatibility while adding important security fixes and new model capabilities.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
2f4f36f to
df2ed86
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
Based on the latest changes, here's a focused summary of the key updates:
Updates multiple langchain packages in pyproject.toml with critical security and feature enhancements:
- Patches critical security vulnerability CVE-2024-8309 in langchain-community GraphQA chains
- Adds Claude 3 model support with multimodal capabilities in langchain-anthropic
- Implements RAPTOR evaluation and session-level feedback in langchain core
- Improves server quota error handling and metadata parsing across packages
- Adds support for mistral and llama MAAS models in langchain-google-vertexai
The changes maintain backward compatibility while adding important security fixes and new model capabilities.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
df2ed86 to
f12ca32
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
Based on the latest changes, here's a focused summary of the new updates in this PR:
Updates multiple langchain packages in pyproject.toml with significant changes:
- Adds support for Claude 3 model type strings and multimodal capabilities in langchain-anthropic
- Fixes server quota error handling and metadata parsing in langchain-google-vertexai
- Adds support for image inputs and model type strings in langchain-anthropic
- Implements session-level feedback and RAPTOR evaluation features in langchain core
- Adds support for mistral and llama MAAS models in langchain-google-vertexai
The changes are non-breaking updates focused on new model capabilities and improved error handling while maintaining backward compatibility.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
f12ca32 to
058ff2c
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
Based on the latest changes, here's a focused summary of the new updates:
Updates langchain-related packages in pyproject.toml with significant changes:
- Adds support for Claude 3 model type strings and multimodal capabilities in langchain-anthropic 0.1.22
- Implements session-level feedback and RAPTOR evaluation features in langchain 0.1.11
- Fixes server quota error handling and metadata parsing in langchain-google-vertexai 1.0.10
- Adds support for mistral and llama MAAS models in langchain-google-vertexai
- Patches critical security vulnerability CVE-2024-8309 in langchain-community 0.2.19
The changes maintain backward compatibility while adding important security fixes and new model capabilities.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
058ff2c to
f4f1096
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
Based on the latest changes, here's a focused summary of the new updates:
Updates langchain packages in pyproject.toml with critical security and feature enhancements:
- Patches GraphQA chains security vulnerability (CVE-2024-8309) in langchain-community 0.2.19
- Adds Claude 3 model support with multimodal capabilities in langchain-anthropic 0.1.22
- Adds support for mistral and llama MAAS models in langchain-google-vertexai 1.0.10
- Implements session-level feedback and RAPTOR evaluation in langchain 0.1.11
- Improves server quota error handling across multiple packages
The changes maintain backward compatibility while adding important security fixes and new model capabilities.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
f4f1096 to
4b5fdda
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
Based on the latest changes, here's a focused summary of the key new updates:
Updates langchain packages in pyproject.toml with significant changes:
- Adds support for Claude 3 model type strings and multimodal capabilities in langchain-anthropic 0.1.25
- Implements session-level feedback and RAPTOR evaluation in langchain 0.1.11
- Adds support for mistral and llama MAAS models in langchain-google-vertexai 1.0.10
- Patches critical security vulnerability CVE-2024-8309 in langchain-community 0.2.19
- Improves server quota error handling and metadata parsing across packages
The changes maintain backward compatibility while adding important security fixes and new model capabilities.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
4b5fdda to
d8c1f2f
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
Based on the latest changes, here's a focused summary of the new updates:
Updates langchain packages in pyproject.toml with significant changes:
- Adds support for Claude 3 model type strings and multimodal capabilities in langchain-anthropic 0.1.25
- Patches critical security vulnerability CVE-2024-8309 in langchain-community 0.2.19
- Adds support for mistral and llama MAAS models in langchain-google-vertexai 1.0.10
- Implements session-level feedback and RAPTOR evaluation in langchain 0.1.11
- Improves server quota error handling and metadata parsing across packages
The changes maintain backward compatibility while adding important security fixes and new model capabilities.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
d8c1f2f to
d5f75ca
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
Based on the latest changes, here's a focused summary of the key new updates:
Updates multiple langchain packages in pyproject.toml with critical security and feature enhancements:
- Patches GraphQA chains security vulnerability (CVE-2024-8309) in langchain-community 0.2.19
- Adds Claude 3 model support with multimodal capabilities in langchain-anthropic 0.1.25
- Adds support for mistral and llama MAAS models in langchain-google-vertexai 1.0.10
- Implements session-level feedback and RAPTOR evaluation in langchain 0.1.11
- Improves server quota error handling and metadata parsing across packages
The changes maintain backward compatibility while adding important security fixes and new model capabilities.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
d5f75ca to
d6fe919
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
Based on the latest changes, here's a focused summary of the key new updates:
Updates multiple langchain packages in pyproject.toml with critical security and feature enhancements:
- Patches critical security vulnerability CVE-2024-8309 in langchain-community 0.2.19 for GraphQA chains
- Adds support for Claude 3 model type strings and multimodal capabilities in langchain-anthropic 0.1.25
- Adds support for mistral and llama MAAS models in langchain-google-vertexai 1.0.10
- Implements session-level feedback and RAPTOR evaluation in langchain 0.1.11
- Improves server quota error handling and metadata parsing across packages
The changes maintain backward compatibility while adding important security fixes and new model capabilities.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
Bumps the langchain group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [langchain](https://github.com/langchain-ai/langchain) | `0.2.16` | `0.2.17` | | [langchain-mistralai](https://github.com/langchain-ai/langchain) | `0.1.7` | `0.1.13` | | [langchain-google-vertexai](https://github.com/langchain-ai/langchain-google) | `1.0.4` | `1.0.10` | | [langchain-openai](https://github.com/langchain-ai/langchain) | `0.1.7` | `0.1.25` | | [langchain-anthropic](https://github.com/langchain-ai/langchain) | `0.1.13` | `0.1.22` | | [langchain-groq](https://github.com/langchain-ai/langchain) | `0.1.5` | `0.1.10` | | [langchain-aws](https://github.com/langchain-ai/langchain-aws) | `0.1.17` | `0.1.18` | | [langchain-community](https://github.com/langchain-ai/langchain) | `0.2.16` | `0.2.19` | Updates `langchain` from 0.2.16 to 0.2.17 - [Release notes](https://github.com/langchain-ai/langchain/releases) - [Commits](langchain-ai/langchain@langchain==0.2.16...langchain==0.2.17) Updates `langchain-mistralai` from 0.1.7 to 0.1.13 - [Release notes](https://github.com/langchain-ai/langchain/releases) - [Commits](langchain-ai/langchain@langchain-mistralai==0.1.7...langchain-mistralai==0.1.13) Updates `langchain-google-vertexai` from 1.0.4 to 1.0.10 - [Release notes](https://github.com/langchain-ai/langchain-google/releases) - [Commits](langchain-ai/langchain-google@libs/genai/v1.0.4...libs/genai/v1.0.10) Updates `langchain-openai` from 0.1.7 to 0.1.25 - [Release notes](https://github.com/langchain-ai/langchain/releases) - [Commits](langchain-ai/langchain@langchain-openai==0.1.7...langchain-openai==0.1.25) Updates `langchain-anthropic` from 0.1.13 to 0.1.22 - [Release notes](https://github.com/langchain-ai/langchain/releases) - [Commits](langchain-ai/langchain@langchain-anthropic==0.1.13...langchain-anthropic==0.1.22) Updates `langchain-groq` from 0.1.5 to 0.1.10 - [Release notes](https://github.com/langchain-ai/langchain/releases) - [Commits](langchain-ai/langchain@langchain-groq==0.1.5...langchain-groq==0.1.10) Updates `langchain-aws` from 0.1.17 to 0.1.18 - [Release notes](https://github.com/langchain-ai/langchain-aws/releases) - [Commits](langchain-ai/langchain-aws@v0.1.17...v0.1.18) Updates `langchain-community` from 0.2.16 to 0.2.19 - [Release notes](https://github.com/langchain-ai/langchain/releases) - [Commits](langchain-ai/langchain@langchain-community==0.2.16...langchain-community==0.2.19) --- updated-dependencies: - dependency-name: langchain dependency-type: direct:production update-type: version-update:semver-patch dependency-group: langchain - dependency-name: langchain-mistralai dependency-type: direct:development update-type: version-update:semver-patch dependency-group: langchain - dependency-name: langchain-google-vertexai dependency-type: direct:development update-type: version-update:semver-patch dependency-group: langchain - dependency-name: langchain-openai dependency-type: direct:development update-type: version-update:semver-patch dependency-group: langchain - dependency-name: langchain-anthropic dependency-type: direct:development update-type: version-update:semver-patch dependency-group: langchain - dependency-name: langchain-groq dependency-type: direct:development update-type: version-update:semver-patch dependency-group: langchain - dependency-name: langchain-aws dependency-type: direct:development update-type: version-update:semver-patch dependency-group: langchain - dependency-name: langchain-community dependency-type: direct:development update-type: version-update:semver-patch dependency-group: langchain ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/pip/langchain-223f804694
branch
from
d6fe919 to
4b8f672
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
Based on the latest changes, here's a focused summary of the key new updates:
Updates multiple langchain packages in pyproject.toml with critical security and feature enhancements:
- Patches critical security vulnerability CVE-2024-8309 in langchain-community 0.2.19 for GraphQA chains
- Adds support for Claude 3 model type strings and multimodal capabilities in langchain-anthropic 0.1.25
- Adds support for mistral and llama MAAS models in langchain-google-vertexai 1.0.10
- Implements session-level feedback and RAPTOR evaluation in langchain 0.1.11
- Improves server quota error handling and metadata parsing across packages
The changes maintain backward compatibility while adding important security fixes and new model capabilities.
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
|
@dependabot rebase |
|
Looks like these dependencies are updatable in another way, so this is no longer needed. |
Bumps the langchain group with 8 updates in the / directory:
0.2.160.2.170.1.70.1.131.0.41.0.100.1.70.1.250.1.130.1.220.1.50.1.100.1.170.1.180.2.160.2.19Updates
langchainfrom 0.2.16 to 0.2.17Release notes
Sourced from langchain's releases.
Commits
76e1dc7langchain,community[patch]: release with bumped core (#27854)9fdeb74core[patch]: Release 0.2.43 (#27808)7d481f1core[patch]: remove prompt img loading (#27807)33a5397infra: turn off release attestations (#27766)283cb50core[patch]: Release 0.2.42 (#27763)5e3cee6core[patch]: make get_all_basemodel_annotations public (#27762)8073146Added mapping to fix CI for #langchain-aws:227. (#27114)6cfd1e8core[patch]: Release 0.2.41 (#26687)c5eca37core[patch]: Fixed bedrock chat model load. (#26643)70c992bcommunity: poetry lock for cffi dep (#26674)Updates
langchain-mistralaifrom 0.1.7 to 0.1.13Commits
7457949mistralai[patch]: Release 0.1.13 (#25978)0c69c9fcore[patch]: Release 0.2.38 (#25974)fa8402ecore[minor]: Add support for multiple env keys for secrets_from_env (#25971)fdeaff4langchain-mistralai- make base URL possible to set via env variable for `C...c7154a4community: sambastudio llms api v2 support (#25063)8d784dbdocs: Add missing args in api doc ofWebResearchRetriever(#25949)da113f6docs: ChatOpenAI.with_structured_output nits (#25952)5b99bb2docs: fix bullet list spacing (#25950)ef329f6docs: Fix databricks doc (#25941)f872c50docs: installation nits (#24484)Updates
langchain-google-vertexaifrom 1.0.4 to 1.0.10Release notes
Sourced from langchain-google-vertexai's releases.
... (truncated)
Commits
0150996release (#461)86aade8Llama maas (#458)dedfe89test for mistral tools (#456)3557076Tests cleanup (#455)8b7a871fix condition for gemini advanced model family (#454)0de5c85vertex: fix SafetySetting import (#450)e642e0bAdd support for allOf in genai (#453)aad9465fix default params + added support for Gemma 2B (#451)35e4cc5added support for mistral maas models (#447)d52d774genai and vertexai: implement ls_params for LLMs (#446)Updates
langchain-openaifrom 0.1.7 to 0.1.25Release notes
Sourced from langchain-openai's releases.
Commits
d9813bdopenai[patch]: Release 0.1.25 (#26439)7fc9e99openai[patch]: get output_type when using with_structured_output (#26307)0f2b32fcore[patch]: Release 0.2.40 (#26435)e32adadcommunity[patch]: Release 0.2.17 (#26432)8a02fd9core: add additional import mappings to loads (#26406)1d98937partners/openai: release 0.1.24 (#26417)28ad244community, openai: support nested dicts (#26414)c0dd293partners/groq: release 0.1.10 (#26393)54c8508groq: add back streaming tool calls (#26391)396c0aedocs: Adding LC Academy links (#26164)Updates
langchain-anthropicfrom 0.1.13 to 0.1.22Commits
c776471community: fix AttributeError: 'YandexGPT' object has no attribute '_grpc_met...752a71bintegrations[patch]: release model packages (#24900)1213a59docs[patch]: Update kv store docs pages (#24848)17a06cbinfra: check templates based on integration (#24857)a7380ddcli: release 0.0.28 (#24852)e98e4becli: register new integration doc templates (#24854)210623bcore[minor]: Add support for pydantic 2 to utility to get fields (#24899)7d16940core[patch]: Release 0.2.26 (#24898)add1611community[patch]: Make the pydantic linter stricter (#24897)a4a444fcommunity[patch]: Fix arcee llm usage of root_validator(pre=False) (#24896)Updates
langchain-groqfrom 0.1.5 to 0.1.10Commits
c0dd293partners/groq: release 0.1.10 (#26393)54c8508groq: add back streaming tool calls (#26391)396c0aedocs: Adding LC Academy links (#26164)feb3517core[patch]: fix empty OpenAI tools when strict=True (#26287)d87feb1[Docs] Correct the admonition explaining min langchain-anthropic version in d...398718ecore[patch]: fix regression in convert_to_openai_tool with instances of Tool ...7feae62core[patch]: Support non ASCII characters in tool output if user doesn't outp...b993172Keyword-like runnable config (#26295)17659cacore[patch]: Release 0.2.39 (#26279)212c688core[minor]: Remove serialized manifest from tracing requests for non-llm run...Updates
langchain-awsfrom 0.1.17 to 0.1.18Release notes
Sourced from langchain-aws's releases.
Commits
fc72065infra[patch]: fix release workflow (#191)644de0binfra[patch]: support dev + rc releases (#190)feb8f09Update pyproject.toml to v0.1.18 (#189)4aebf17Fixes get provider for model_ids with region prefix. Added unit tests. (#184)533effbaws[patch]: backward-compatible pydantic v2 changes (#180)d89fcf8Updating README to include support for Bedrock Agents (#166)Updates
langchain-communityfrom 0.2.16 to 0.2.19Release notes
Sourced from langchain-community's releases.
Commits
b9d892ecommunity: release 0.2.19 (#28057)64c317ecommunity: patch graphqa chains (CVE-2024-8309) (#28050)76e1dc7langchain,community[patch]: release with bumped core (#27854)9fdeb74core[patch]: Release 0.2.43 (#27808)7d481f1core[patch]: remove prompt img loading (#27807)33a5397infra: turn off release attestations (#27766)283cb50core[patch]: Release 0.2.42 (#27763)5e3cee6core[patch]: make get_all_basemodel_annotations public (#27762)8073146Added mapping to fix CI for #langchain-aws:227. (#27114)6cfd1e8core[patch]: Release 0.2.41 (#26687)You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions