Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Bump the pip group across 9 directories with 11 updates#2

Open
dependabot[bot] wants to merge 1 commit intomainpaulpham157/GenerativeAIExamples:mainfrom
dependabot/pip/RAG/src/rag_playground/pip-45855cbc7dpaulpham157/GenerativeAIExamples:dependabot/pip/RAG/src/rag_playground/pip-45855cbc7dCopy head branch name to clipboard
Open

Bump the pip group across 9 directories with 11 updates#2
dependabot[bot] wants to merge 1 commit intomainpaulpham157/GenerativeAIExamples:mainfrom
dependabot/pip/RAG/src/rag_playground/pip-45855cbc7dpaulpham157/GenerativeAIExamples:dependabot/pip/RAG/src/rag_playground/pip-45855cbc7dCopy head branch name to clipboard

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github May 29, 2025
edited by sourcery-ai bot
Loading

Bumps the pip group with 1 update in the /RAG/src/rag_playground directory: jinja2.
Bumps the pip group with 1 update in the /community/llm-prompt-design-helper directory: langchain.
Bumps the pip group with 2 updates in the /community/pdfspeak/webapp/src/main/backend directory: flask and langchain-core.
Bumps the pip group with 3 updates in the /community/rag-developer-chatbot/notebooks directory: langchain, langchain-community and jupyterlab.
Bumps the pip group with 2 updates in the /industries/healthcare/agentic-healthcare-front-desk directory: langchain and langchain-community.
Bumps the pip group with 2 updates in the /industries/healthcare/medical-device-training-assistant/evaluation directory: langchain and langchain-core.
Bumps the pip group with 5 updates in the /industries/healthcare/medical-device-training-assistant/src/chain_server directory:

Package From To
langchain 0.3.14 0.3.25
langchain-community 0.3.14 0.3.24
langchain-core 0.3.29 0.3.63
python-multipart 0.0.9 0.0.18
opencv-python 4.8.0.74 4.8.1.78

Bumps the pip group with 1 update in the /industries/healthcare/medical-device-training-assistant/src/rag_playground directory: jinja2.
Bumps the pip group with 3 updates in the /nemo/retriever-synthetic-data-generation directory: tqdm, transformers and nltk.

Updates jinja2 from 3.1.3 to 3.1.6

Release notes

Sourced from jinja2's releases.

3.1.6

This is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.6/ Changes: https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6

  • The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. GHSA-cpwx-vrp4-4pq7

3.1.5

This is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.5/ Changes: https://jinja.palletsprojects.com/changes/#version-3-1-5 Milestone: https://github.com/pallets/jinja/milestone/16?closed=1

  • The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. GHSA-q2x7-8rv6-6q7h
  • Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. #1792, GHSA-gmj6-6f8f-6699
  • Sandbox does not allow clear and pop on known mutable sequence types. #2032
  • Calling sync render for an async template uses asyncio.run. #1952
  • Avoid unclosed auto_aiter warnings. #1960
  • Return an aclose-able AsyncGenerator from Template.generate_async. #1960
  • Avoid leaving root_render_func() unclosed in Template.generate_async. #1960
  • Avoid leaving async generators unclosed in blocks, includes and extends. #1960
  • The runtime uses the correct concat function for the current environment when calling block references. #1701
  • Make |unique async-aware, allowing it to be used after another async-aware filter. #1781
  • |int filter handles OverflowError from scientific notation. #1921
  • Make compiling deterministic for tuple unpacking in a {% set ... %} call. #2021
  • Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. #2025
  • Fix copy/pickle support for the internal missing object. #2027
  • Environment.overlay(enable_async) is applied correctly. #2061
  • The error message from FileSystemLoader includes the paths that were searched. #1661
  • PackageLoader shows a clearer error message when the package does not contain the templates directory. #1705
  • Improve annotations for methods returning copies. #1880
  • urlize does not add mailto: to values like @a@b. #1870
  • Tests decorated with @pass_context can be used with the |select filter. #1624
  • Using set for multiple assignment (a, b = 1, 2) does not fail when the target is a namespace attribute. #1413
  • Using set in all branches of {% if %}{% elif %}{% else %} blocks does not cause the variable to be considered initially undefined. #1253

3.1.4

This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Jinja2/3.1.4/ Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4

  • The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj
Changelog

Sourced from jinja2's changelog.

Version 3.1.6

Released 2025-03-05

  • The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. :ghsa:cpwx-vrp4-4pq7

Version 3.1.5

Released 2024-12-21

  • The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. :ghsa:q2x7-8rv6-6q7h
  • Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. :issue:1792, :ghsa:gmj6-6f8f-6699
  • Sandbox does not allow clear and pop on known mutable sequence types. :issue:2032
  • Calling sync render for an async template uses asyncio.run. :pr:1952
  • Avoid unclosed auto_aiter warnings. :pr:1960
  • Return an aclose-able AsyncGenerator from Template.generate_async. :pr:1960
  • Avoid leaving root_render_func() unclosed in Template.generate_async. :pr:1960
  • Avoid leaving async generators unclosed in blocks, includes and extends. :pr:1960
  • The runtime uses the correct concat function for the current environment when calling block references. :issue:1701
  • Make |unique async-aware, allowing it to be used after another async-aware filter. :issue:1781
  • |int filter handles OverflowError from scientific notation. :issue:1921
  • Make compiling deterministic for tuple unpacking in a {% set ... %} call. :issue:2021
  • Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. :issue:2025
  • Fix copy/pickle support for the internal missing object. :issue:2027
  • Environment.overlay(enable_async) is applied correctly. :pr:2061
  • The error message from FileSystemLoader includes the paths that were searched. :issue:1661
  • PackageLoader shows a clearer error message when the package does not contain the templates directory. :issue:1705
  • Improve annotations for methods returning copies. :pr:1880
  • urlize does not add mailto: to values like @a@b. :pr:1870

... (truncated)

Commits

Updates langchain from 0.2.6 to 0.3.0.dev1

Release notes

Sourced from langchain's releases.

langchain-mistralai==0.2.10

Changes since langchain-mistralai==0.2.9

mistralai: release 0.2.10 (#30526) Fix: Enable max_retries Parameter in ChatMistralAI Class (#30448) mistral[patch]: check types in adding model_name to response_metadata (#30499) standard-tests[patch]: require model_name in response_metadata if returns_usage_metadata (#30497)

langchain-mistralai==0.2.9

Changes since langchain-mistralai==0.2.8

mistral: release 0.2.9 (#30402) multiple: enforce standards on tool_choice (#30372) multiple: support strict and method in with_structured_output (#30385)

langchain-fireworks==0.2.9

Changes since langchain-fireworks==0.2.8

fireworks: release 0.2.9 (#30527) standard-tests[patch]: require model_name in response_metadata if returns_usage_metadata (#30497)

langchain-mistralai==0.2.8

Changes since langchain-mistralai==0.2.7

mistralai[patch]: bump core (#30278) mistral: release 0.2.8 (#30275) mistral[patch]: set global ssl context (#30189) core[patch]: update structured output tracing (#30123) anthropic, mistral: return model_name in response metadata (#30048) mistral[patch]: support model_kwargs (#29838)

langchain-fireworks==0.2.8

Changes since langchain-fireworks==0.2.7

fireworks: release 0.2.8 (#30400) multiple: support strict and method in with_structured_output (#30385) core[patch]: update structured output tracing (#30123) multiple: fix uv path deps (#29790) infra: add UV_FROZEN to makefiles (#29642) infra: migrate to uv (#29566)

langchain-mistralai==0.2.7

Changes since langchain-mistralai==0.2.6

mistralai[patch]: release 0.2.7 (#29906) multiple: fix uv path deps (#29790) infra: add UV_FROZEN to makefiles (#29642) infra: migrate to uv (#29566) [MistralAI] Improve MistralAIEmbeddings (#29242)

Commits

Updates flask from 3.1.0 to 3.1.1

Release notes

Sourced from flask's releases.

3.1.1

This is the Flask 3.1.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Flask/3.1.1/ Changes: https://flask.palletsprojects.com/en/stable/changes/#version-3-1-1 Milestone https://github.com/pallets/flask/milestone/36?closed=1

  • Fix signing key selection order when key rotation is enabled via SECRET_KEY_FALLBACKS. GHSA-4grg-w6v8-c28g
  • Fix type hint for cli_runner.invoke. #5645
  • flask --help loads the app and plugins first to make sure all commands are shown. #5673
  • Mark sans-io base class as being able to handle views that return AsyncIterable. This is not accurate for Flask, but makes typing easier for Quart. #5659
Changelog

Sourced from flask's changelog.

Version 3.1.1

Released 2025-05-13

  • Fix signing key selection order when key rotation is enabled via SECRET_KEY_FALLBACKS. :ghsa:4grg-w6v8-c28g
  • Fix type hint for cli_runner.invoke. :issue:5645
  • flask --help loads the app and plugins first to make sure all commands are shown. :issue:5673
  • Mark sans-io base class as being able to handle views that return AsyncIterable. This is not accurate for Flask, but makes typing easier for Quart. :pr:5659
Commits

Updates langchain-core from 0.3.34 to 0.3.63

Release notes

Sourced from langchain-core's releases.

langchain-core==0.3.63

Changes since langchain-core==0.3.62

core: release 0.3.63 (#31419) langchain-core: Add image_generation tool to list of known openai tools (#31396) standard-tests: add benchmarks (#31302)

langchain-core==0.3.62

Changes since langchain-core==0.3.61

core: release 0.3.62 (#31376) anthropic: support for code execution, MCP connector, files API features (#31340)

langchain-core==0.3.61

Changes since langchain-core==0.3.60

core: release 0.3.61 (#31317) openai[patch]: support built-in code interpreter and remote MCP tools (#31304) core: Improve Runnable __or__ method typing annotations (#31273) core: support Union type args in strict mode of OpenAI function calling / structured output (#30971) core: Add ruff rules A (builtins shadowing) (#29312) langchain[patch]: Allow async indexing code to work for vectorstores that only defined sync delete (#30869) core: Add ruff rules RUF (#29353)

langchain-core==0.3.60

Changes since langchain-core==0.3.59

core: release 0.3.60 (#31249) core: Add ruff rules SLF (#30666) perf[core]: remove unnecessary model validators (#31238) packaging[core]: bump min pydantic version (#31239) langchain-core[patch]: Incremental record manager deletion should be batched (#31206) perf[core]: remove generations summation from hot loop (#31231) perf[core]: remove costly async helpers for non-end event handlers (#31230) core: Fix some private member accesses (#30912) core: Fix issue 31035 alias fields in base tool langchain core (#31112)

langchain-core==0.3.59

Changes since langchain-core==0.3.58

core: release 0.3.59 (#31150) fix(core): Permit OpenAI style blocks to be passed into convert_to_openai_messages (#31140)

langchain-core==0.3.58

Changes since langchain-core==0.3.57

core: release 0.3.58 (#31099) core, openai[patch]: prefer provider-assigned IDs when aggregating message chunks (#31080)

langchain-core==0.3.57

... (truncated)

Commits

Updates langchain from 0.2.1 to 0.3.0.dev1

Release notes

Sourced from langchain's releases.

langchain-mistralai==0.2.10

Changes since langchain-mistralai==0.2.9

mistralai: release 0.2.10 (#30526) Fix: Enable max_retries Parameter in ChatMistralAI Class (#30448) mistral[patch]: check types in adding model_name to response_metadata (#30499) standard-tests[patch]: require model_name in response_metadata if returns_usage_metadata (#30497)

langchain-mistralai==0.2.9

Changes since langchain-mistralai==0.2.8

mistral: release 0.2.9 (#30402) multiple: enforce standards on tool_choice (#30372) multiple: support strict and method in with_structured_output (#30385)

langchain-fireworks==0.2.9

Changes since langchain-fireworks==0.2.8

fireworks: release 0.2.9 (#30527) standard-tests[patch]: require model_name in response_metadata if returns_usage_metadata (#30497)

langchain-mistralai==0.2.8

Changes since langchain-mistralai==0.2.7

mistralai[patch]: bump core (#30278) mistral: release 0.2.8 (#30275) mistral[patch]: set global ssl context (#30189) core[patch]: update structured output tracing (#30123) anthropic, mistral: return model_name in response metadata (#30048) mistral[patch]: support model_kwargs (#29838)

langchain-fireworks==0.2.8

Changes since langchain-fireworks==0.2.7

fireworks: release 0.2.8 (#30400) multiple: support strict and method in with_structured_output (#30385) core[patch]: update structured output tracing (#30123) multiple: fix uv path deps (#29790) infra: add UV_FROZEN to makefiles (#29642) infra: migrate to uv (#29566)

langchain-mistralai==0.2.7

Changes since langchain-mistralai==0.2.6

mistralai[patch]: release 0.2.7 (#29906) multiple: fix uv path deps (#29790) infra: add UV_FROZEN to makefiles (#29642) infra: migrate to uv (#29566) [MistralAI] Improve MistralAIEmbeddings (#29242)

Commits

Updates langchain-community from 0.2.1 to 0.2.9

Commits

Updates jupyterlab from 4.0.8 to 4.2.5

Release notes

Sourced from jupyterlab's releases.

v4.2.5

4.2.5

(Full Changelog)

Bugs fixed

Maintenance and upkeep improvements

Documentation improvements

  • Fix JupyterLab install instructions in the debugger docs #16683 (@​jtpio)

Contributors to this release

(GitHub contributors page for this release)

@​davidbrochart | @​fcollonval | @​github-actions | @​HaudinFlorence | @​JasonWeill | @​jtpio | @​jupyterlab-probot | @​krassowski | @​meeseeksmachine | @​Mehak261124 | @​Rob-P-Smith | @​tonyfast | @​welcome | @​williamstein

v4.2.4

4.2.4

(Full Changelog)

Bugs fixed

Maintenance and upkeep improvements

Documentation improvements

... (truncated)

Changelog

Sourced from jupyterlab's changelog.

4.2.5

(Full Changelog)

Bugs fixed

Maintenance and upkeep improvements

Documentation improvements

  • Fix JupyterLab install instructions in the debugger docs #16683 (@​jtpio)

Contributors to this release

(GitHub contributors page for this release)

@​davidbrochart | @​fcollonval | @​github-actions | @​HaudinFlorence | @​JasonWeill | @​jtpio | @​jupyterlab-probot | @​krassowski | @​meeseeksmachine | @​Mehak261124 | @​Rob-P-Smith | @​tonyfast | @​welcome | @​williamstein

4.2.4

(Full Changelog)

Bugs fixed

Maintenance and upkeep improvements

Documentation improvements

Contributors to this release

(GitHub contributors page for this release)

... (truncated)

Commits
  • a046125 [ci skip] Publish 4.2.5
  • 88e24ba Merge commit from fork
  • 58d7535 Backport PR #16710: Use locale name instead of display/native name to toggle ...
  • 524f71d Backport PR #16486: Bump braces from 3.0.2 to 3.0.3 (#16699)
  • 7bf7ec5 Backport PR #16682: Prevent replacing code with find and replace in read-only...
  • 355cbd5 Backport PR #16683: Fix JupyterLab install instructions in the debugger docs ...
  • 1fa4474 Backport PR #16647: Do not block shift-click mouse up handler on active cell ...
  • c639643 [ci skip] Publish 4.2.4
  • 8f78e27 Backport PR #16450 on branch 4.2.x (Align extension migration docs with the l...
  • 9223530 Backport PR #16507: Add customisation options to prevent inline completer res...
  • Additional commits viewable in compare view

Updates langchain from 0.3.7 to 0.3.25

Release notes

Sourced from langchain's releases.

langchain-mistralai==0.2.10

Changes since langchain-mistralai==0.2.9

mistralai: release 0.2.10 (#30526) Fix: Enable max_retries Parameter in ChatMistralAI Class (#30448) mistral[patch]: check types in adding model_name to response_metadata (#30499) standard-tests[patch]: require model_name in response_metadata if returns_usage_metadata (#30497)

langchain-mistralai==0.2.9

Changes since langchain-mistralai==0.2.8

mistral: release 0.2.9 (#30402) multiple: enforce standards on tool_choice (#30372) multiple: support strict and method in with_structured_output (#30385)

langchain-fireworks==0.2.9

Changes since langchain-fireworks==0.2.8

fireworks: release 0.2.9 (#30527) standard-tests[patch]: require model_name in response_metadata if returns_usage_metadata (#30497)

langchain-mistralai==0.2.8

Changes since langchain-mistralai==0.2.7

mistralai[patch]: bump core (#30278) mistral: release 0.2.8 (#30275) mistral[patch]: set global ssl context (#30189) core[patch]: update structured output tracing (#30123) anthropic, mistral: return model_name in response metadata (#30048) mistral[patch]: support model_kwargs (#29838)

langchain-fireworks==0.2.8

Changes since langchain-fireworks==0.2.7

fireworks: release 0.2.8 (#30400) multiple: support strict and method in with_structured_output (#30385) core[patch]: update structured output tracing (#30123) multiple: fix uv path deps (#29790) infra: add UV_FROZEN to makefiles (#29642) infra: migrate to uv (#29566)

langchain-mistralai==0.2.7

Changes since langchain-mistralai==0.2.6

mistralai[patch]: release 0.2.7 (#29906) multiple: fix uv path deps (#29790) infra: add UV_FROZEN to makefiles (#29642) infra: migrate to uv (#29566) [MistralAI] Improve MistralAIEmbeddings (#29242)

Commits

Updates langchain-community from 0.3.7 to 0.3.24

Commits

Updates langchain from 0.1.9 to 0.3.0.dev1

Release notes

Sourced from

@dependabot
Bump the pip group across 9 directories with 11 updates
336f54f 
Bumps the pip group with 1 update in the /RAG/src/rag_playground directory: [jinja2](https://github.com/pallets/jinja).
Bumps the pip group with 1 update in the /community/llm-prompt-design-helper directory: [langchain](https://github.com/langchain-ai/langchain).
Bumps the pip group with 2 updates in the /community/pdfspeak/webapp/src/main/backend directory: [flask](https://github.com/pallets/flask) and [langchain-core](https://github.com/langchain-ai/langchain).
Bumps the pip group with 3 updates in the /community/rag-developer-chatbot/notebooks directory: [langchain](https://github.com/langchain-ai/langchain), [langchain-community](https://github.com/langchain-ai/langchain) and [jupyterlab](https://github.com/jupyterlab/jupyterlab).
Bumps the pip group with 2 updates in the /industries/healthcare/agentic-healthcare-front-desk directory: [langchain](https://github.com/langchain-ai/langchain) and [langchain-community](https://github.com/langchain-ai/langchain).
Bumps the pip group with 2 updates in the /industries/healthcare/medical-device-training-assistant/evaluation directory: [langchain](https://github.com/langchain-ai/langchain) and [langchain-core](https://github.com/langchain-ai/langchain).
Bumps the pip group with 5 updates in the /industries/healthcare/medical-device-training-assistant/src/chain_server directory:

| Package | From | To |
| --- | --- | --- |
| [langchain](https://github.com/langchain-ai/langchain) | `0.3.14` | `0.3.25` |
| [langchain-community](https://github.com/langchain-ai/langchain) | `0.3.14` | `0.3.24` |
| [langchain-core](https://github.com/langchain-ai/langchain) | `0.3.29` | `0.3.63` |
| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.9` | `0.0.18` |
| [opencv-python](https://github.com/opencv/opencv-python) | `4.8.0.74` | `4.8.1.78` |

Bumps the pip group with 1 update in the /industries/healthcare/medical-device-training-assistant/src/rag_playground directory: [jinja2](https://github.com/pallets/jinja).
Bumps the pip group with 3 updates in the /nemo/retriever-synthetic-data-generation directory: [tqdm](https://github.com/tqdm/tqdm), [transformers](https://github.com/huggingface/transformers) and [nltk](https://github.com/nltk/nltk).


Updates `jinja2` from 3.1.3 to 3.1.6
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](pallets/jinja@3.1.3...3.1.6)

Updates `langchain` from 0.2.6 to 0.3.0.dev1
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain==0.2.6...langchain==0.3.0.dev1)

Updates `flask` from 3.1.0 to 3.1.1
- [Release notes](https://github.com/pallets/flask/releases)
- [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst)
- [Commits](pallets/flask@3.1.0...3.1.1)

Updates `langchain-core` from 0.3.34 to 0.3.63
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain-core==0.3.34...langchain-core==0.3.63)

Updates `langchain` from 0.2.1 to 0.3.0.dev1
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain==0.2.6...langchain==0.3.0.dev1)

Updates `langchain-community` from 0.2.1 to 0.2.9
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain-community==0.2.1...langchain-community==0.2.9)

Updates `jupyterlab` from 4.0.8 to 4.2.5
- [Release notes](https://github.com/jupyterlab/jupyterlab/releases)
- [Changelog](https://github.com/jupyterlab/jupyterlab/blob/@jupyterlab/lsp@4.2.5/CHANGELOG.md)
- [Commits](https://github.com/jupyterlab/jupyterlab/compare/@jupyterlab/lsp@4.0.8...@jupyterlab/lsp@4.2.5)

Updates `langchain` from 0.3.7 to 0.3.25
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain==0.2.6...langchain==0.3.0.dev1)

Updates `langchain-community` from 0.3.7 to 0.3.24
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain-community==0.2.1...langchain-community==0.2.9)

Updates `langchain` from 0.1.9 to 0.3.0.dev1
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain==0.2.6...langchain==0.3.0.dev1)

Updates `langchain-core` from 0.1.29 to 0.1.53
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain-core==0.3.34...langchain-core==0.3.63)

Updates `langchain` from 0.3.14 to 0.3.25
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain==0.2.6...langchain==0.3.0.dev1)

Updates `langchain-community` from 0.3.14 to 0.3.24
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain-community==0.2.1...langchain-community==0.2.9)

Updates `langchain-core` from 0.3.29 to 0.3.63
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain-core==0.3.34...langchain-core==0.3.63)

Updates `python-multipart` from 0.0.9 to 0.0.18
- [Release notes](https://github.com/Kludex/python-multipart/releases)
- [Changelog](https://github.com/Kludex/python-multipart/blob/master/CHANGELOG.md)
- [Commits](Kludex/python-multipart@0.0.9...0.0.18)

Updates `opencv-python` from 4.8.0.74 to 4.8.1.78
- [Release notes](https://github.com/opencv/opencv-python/releases)
- [Commits](https://github.com/opencv/opencv-python/commits)

Updates `jinja2` from 3.1.3 to 3.1.6
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](pallets/jinja@3.1.3...3.1.6)

Updates `tqdm` from 4.66.2 to 4.66.3
- [Release notes](https://github.com/tqdm/tqdm/releases)
- [Commits](tqdm/tqdm@v4.66.2...v4.66.3)

Updates `transformers` from 4.42.1 to 4.50.0
- [Release notes](https://github.com/huggingface/transformers/releases)
- [Commits](huggingface/transformers@v4.42.1...v4.50.0)

Updates `nltk` from 3.8.1 to 3.9.1
- [Changelog](https://github.com/nltk/nltk/blob/develop/ChangeLog)
- [Commits](nltk/nltk@3.8.1...3.9.1)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-version: 3.1.6
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: langchain
  dependency-version: 0.3.0.dev1
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: flask
  dependency-version: 3.1.1
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: langchain-core
  dependency-version: 0.3.63
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: langchain
  dependency-version: 0.3.0.dev1
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: langchain-community
  dependency-version: 0.2.9
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: jupyterlab
  dependency-version: 4.2.5
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: langchain
  dependency-version: 0.3.25
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: langchain-community
  dependency-version: 0.3.24
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: langchain
  dependency-version: 0.3.0.dev1
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: langchain-core
  dependency-version: 0.1.53
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: langchain
  dependency-version: 0.3.25
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: langchain-community
  dependency-version: 0.3.24
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: langchain-core
  dependency-version: 0.3.63
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: python-multipart
  dependency-version: 0.0.18
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: opencv-python
  dependency-version: 4.8.1.78
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: jinja2
  dependency-version: 3.1.6
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: tqdm
  dependency-version: 4.66.3
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: transformers
  dependency-version: 4.50.0
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: nltk
  dependency-version: 3.9.1
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 29, 2025
@sourcery-ai
Copy link

sourcery-ai bot commented May 29, 2025
edited
Loading

Hướng dẫn dành cho người đánh giá

PR này cập nhật một cách có hệ thống các dependency pip trên chín dự án con, áp dụng các bản phát hành bảo mật và sửa lỗi (Jinja2, Flask, JupyterLab), nâng cấp các thư viện LLM cốt lõi lên các phiên bản LangChain gần đây và hài hòa các yêu cầu dịch vụ để đảm bảo tính nhất quán.

Thay đổi ở cấp độ tệp

Thay đổi Chi tiết Tệp
Bản vá bảo mật: nâng cấp Jinja2 lên 3.1.6 trong các mô-đun playground
  • Cập nhật jinja2 từ 3.1.3 lên 3.1.6 để sửa các lỗi bảo mật sandbox
 RAG/src/rag_playground/requirements.txt
industries/healthcare/medical-device-training-assistant/src/rag_playground/requirements.txt
Nâng cấp Flask và LangChain core trong backend PDFSpeak
  • Nâng cấp Flask từ 3.1.0 lên 3.1.1
  • Nâng cấp langchain_core từ 0.3.34 lên 0.3.63
 community/pdfspeak/webapp/src/main/backend/requirements.txt
Hài hòa hệ sinh thái LangChain trong các dịch vụ chăm sóc sức khỏe
  • Nâng cấp langchain từ 0.3.7 lên 0.3.25
  • Nâng cấp langchain-community từ 0.3.7 lên 0.3.24
  • Nâng cấp langchain từ 0.1.9 lên 0.3.0.dev1
  • Nâng cấp langchain-core từ 0.1.29 lên 0.1.53
 industries/healthcare/agentic-healthcare-front-desk/requirements.txt
industries/healthcare/medical-device-training-assistant/evaluation/requirements.txt
Cập nhật các yêu cầu của chain server với multipart, LangChain và OpenCV
  • Nâng cấp python-multipart từ 0.0.9 lên 0.0.18
  • Nâng cấp langchain từ 0.3.14 lên 0.3.25
  • Nâng cấp langchain-community từ 0.3.14 lên 0.3.24
  • Nâng cấp langchain-core từ 0.3.29 lên 0.3.63
  • Nâng cấp opencv-python từ 4.8.0.74 lên 4.8.1.78
 industries/healthcare/medical-device-training-assistant/src/chain_server/requirements.txt
Làm mới các dependency notebook và helper trong các mô-đun community
  • Cập nhật langchain lên 0.3.0.dev1, langchain-community lên 0.2.9 và jupyterlab lên 4.2.5 trong rag-developer-chatbot
  • Cập nhật langchain lên 0.3.0.dev1 trong llm-prompt-design-helper
  • Nâng cấp tqdm từ 4.66.2 lên 4.66.3, transformers từ 4.42.1 lên 4.50.0, nltk từ 3.8.1 lên 3.9.1
 community/rag-developer-chatbot/notebooks/requirements.txt
community/llm-prompt-design-helper/requirements.txt
nemo/retriever-synthetic-data-generation/requirements.txt
Mẹo và lệnh

Tương tác với Sourcery

  • Khởi chạy một đánh giá mới: Bình luận @sourcery-ai review trên pull request.
  • Tiếp tục thảo luận: Trả lời trực tiếp vào các bình luận đánh giá của Sourcery.
  • Tạo một issue GitHub từ một bình luận đánh giá: Yêu cầu Sourcery tạo một
    issue từ một bình luận đánh giá bằng cách trả lời nó. Bạn cũng có thể trả lời một
    bình luận đánh giá bằng @sourcery-ai issue để tạo một issue từ nó.
  • Tạo tiêu đề pull request: Viết @sourcery-ai ở bất kỳ đâu trong tiêu đề
    pull request để tạo tiêu đề bất kỳ lúc nào. Bạn cũng có thể bình luận
    @sourcery-ai title trên pull request để (tạo lại) tiêu đề bất kỳ lúc nào.
  • Tạo tóm tắt pull request: Viết @sourcery-ai summary ở bất kỳ đâu trong
    phần thân pull request để tạo bản tóm tắt PR bất kỳ lúc nào chính xác ở nơi bạn
    muốn. Bạn cũng có thể bình luận @sourcery-ai summary trên pull request để
    (tạo lại) bản tóm tắt bất kỳ lúc nào.
  • Tạo hướng dẫn dành cho người đánh giá: Bình luận @sourcery-ai guide trên pull
    request để (tạo lại) hướng dẫn dành cho người đánh giá bất kỳ lúc nào.
  • Giải quyết tất cả các bình luận của Sourcery: Bình luận @sourcery-ai resolve trên
    pull request để giải quyết tất cả các bình luận của Sourcery. Hữu ích nếu bạn đã
    giải quyết tất cả các bình luận và không muốn nhìn thấy chúng nữa.
  • Bỏ qua tất cả các đánh giá của Sourcery: Bình luận @sourcery-ai dismiss trên pull
    request để bỏ qua tất cả các đánh giá hiện có của Sourcery. Đặc biệt hữu ích nếu bạn
    muốn bắt đầu lại với một đánh giá mới - đừng quên bình luận
    @sourcery-ai review để kích hoạt một đánh giá mới!

Tùy chỉnh trải nghiệm của bạn

Truy cập dashboard của bạn để:

  • Bật hoặc tắt các tính năng đánh giá như bản tóm tắt pull request do Sourcery tạo,
    hướng dẫn dành cho người đánh giá và các tính năng khác.
  • Thay đổi ngôn ngữ đánh giá.
  • Thêm, xóa hoặc chỉnh sửa các hướng dẫn đánh giá tùy chỉnh.
  • Điều chỉnh các cài đặt đánh giá khác.

Nhận trợ giúp

Original review guide in English

Reviewer's Guide

This PR systematically updates pip dependencies across nine sub-projects, applying security and bug-fix releases (Jinja2, Flask, JupyterLab), upgrading core LLM libraries to recent LangChain versions, and harmonizing service requirements for consistency.

File-Level Changes

Change Details Files
Security patch: bump Jinja2 to 3.1.6 in playground modules
  • Update jinja2 from 3.1.3 to 3.1.6 for sandbox security fixes
 RAG/src/rag_playground/requirements.txt
industries/healthcare/medical-device-training-assistant/src/rag_playground/requirements.txt
Upgrade Flask and LangChain core in PDFSpeak backend
  • Bump Flask from 3.1.0 to 3.1.1
  • Bump langchain_core from 0.3.34 to 0.3.63
 community/pdfspeak/webapp/src/main/backend/requirements.txt
Harmonize LangChain ecosystem in healthcare services
  • Bump langchain from 0.3.7 to 0.3.25
  • Bump langchain-community from 0.3.7 to 0.3.24
  • Bump langchain from 0.1.9 to 0.3.0.dev1
  • Bump langchain-core from 0.1.29 to 0.1.53
 industries/healthcare/agentic-healthcare-front-desk/requirements.txt
industries/healthcare/medical-device-training-assistant/evaluation/requirements.txt
Update chain server requirements with multipart, LangChain and OpenCV
  • Bump python-multipart from 0.0.9 to 0.0.18
  • Bump langchain from 0.3.14 to 0.3.25
  • Bump langchain-community from 0.3.14 to 0.3.24
  • Bump langchain-core from 0.3.29 to 0.3.63
  • Bump opencv-python from 4.8.0.74 to 4.8.1.78
 industries/healthcare/medical-device-training-assistant/src/chain_server/requirements.txt
Refresh notebook and helper dependencies in community modules
  • Update langchain to 0.3.0.dev1, langchain-community to 0.2.9 and jupyterlab to 4.2.5 in rag-developer-chatbot
  • Update langchain to 0.3.0.dev1 in llm-prompt-design-helper
  • Bump tqdm from 4.66.2 to 4.66.3, transformers from 4.42.1 to 4.50.0, nltk from 3.8.1 to 3.9.1
 community/rag-developer-chatbot/notebooks/requirements.txt
community/llm-prompt-design-helper/requirements.txt
nemo/retriever-synthetic-data-generation/requirements.txt
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants

Morty Proxy This is a proxified and sanitized view of the page, visit original site.