Open
Conversation
It's often helpful to commit this file
Bumps the uv group with 4 updates in the / directory: [cryptography](https://github.com/pyca/cryptography), [langchain-core](https://github.com/langchain-ai/langchain), [pillow](https://github.com/python-pillow/Pillow) and [protobuf](https://github.com/protocolbuffers/protobuf). Updates `cryptography` from 46.0.3 to 46.0.5 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@46.0.3...46.0.5) Updates `langchain-core` from 1.2.7 to 1.2.11 - [Release notes](https://github.com/langchain-ai/langchain/releases) - [Commits](langchain-ai/langchain@langchain-core==1.2.7...langchain-core==1.2.11) Updates `pillow` from 12.1.0 to 12.1.1 - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@12.1.0...12.1.1) Updates `protobuf` from 6.33.4 to 6.33.5 - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Commits](https://github.com/protocolbuffers/protobuf/commits) --- updated-dependencies: - dependency-name: cryptography dependency-version: 46.0.5 dependency-type: indirect dependency-group: uv - dependency-name: langchain-core dependency-version: 1.2.11 dependency-type: indirect dependency-group: uv - dependency-name: pillow dependency-version: 12.1.1 dependency-type: indirect dependency-group: uv - dependency-name: protobuf dependency-version: 6.33.5 dependency-type: indirect dependency-group: uv ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the uv group with 4 updates in the / directory: [cryptography](https://github.com/pyca/cryptography), [langchain-core](https://github.com/langchain-ai/langchain), [pillow](https://github.com/python-pillow/Pillow) and [protobuf](https://github.com/protocolbuffers/protobuf). Updates `cryptography` from 46.0.3 to 46.0.5 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's changelog</a>.</em></p> <blockquote> <p>46.0.5 - 2026-02-10</p> <pre><code> * An attacker could create a malicious public key that reveals portions of your private key when using certain uncommon elliptic curves (binary curves). This version now includes additional security checks to prevent this attack. This issue only affects binary elliptic curves, which are rarely used in real-world applications. Credit to **XlabAI Team of Tencent Xuanwu Lab and Atuin Automated Vulnerability Discovery Engine** for reporting the issue. **CVE-2026-26007** * Support for ``SECT*`` binary elliptic curves is deprecated and will be removed in the next release. <p>.. v46-0-4:</p> <p>46.0.4 - 2026-01-27<br /> </code></pre></p> <ul> <li><code>Dropped support for win_arm64 wheels</code>_.</li> <li>Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.5.</li> </ul> <p>.. _v46-0-3:</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pyca/cryptography/commit/06e120e682cb200e3f7050c02f0bcdac90c4c6ad"><code>06e120e</code></a> bump version for 46.0.5 release (<a href="https://redirect.github.com/pyca/cryptography/issues/14289">#14289</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c"><code>0eebb9d</code></a> EC check key on cofactor > 1 (<a href="https://redirect.github.com/pyca/cryptography/issues/14287">#14287</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/bedf6e186b814f69a3f54f51252c23a71d44ed2e"><code>bedf6e1</code></a> fix openssl version on 46 branch (<a href="https://redirect.github.com/pyca/cryptography/issues/14220">#14220</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/e6f44fc8e6391f05d719fb9d369692325b87a471"><code>e6f44fc</code></a> bump for 46.0.4 and drop win arm64 due to CI issues (<a href="https://redirect.github.com/pyca/cryptography/issues/14217">#14217</a>)</li> <li>See full diff in <a href="https://github.com/pyca/cryptography/compare/46.0.3...46.0.5">compare view</a></li> </ul> </details> <br /> Updates `langchain-core` from 1.2.7 to 1.2.11 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langchain/releases">langchain-core's releases</a>.</em></p> <blockquote> <h2>langchain-core==1.2.11</h2> <p>Changes since langchain-core==1.2.10</p> <p>release(core): 1.2.11 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35144">#35144</a>) fix(openai): sanitize urls when counting tokens in images (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35143">#35143</a>) chore(core): clean up docstring mismatch and redundant logic in langchain-core (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35064">#35064</a>) fix(core): replace bare except with Exception in tracer (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35138">#35138</a>)</p> <h2>langchain-core==1.2.10</h2> <p>Changes since langchain-core==1.2.9</p> <p>release(core): 1.2.10 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35136">#35136</a>) chore(deps): bump the langchain-deps group across 3 directories with 40 updates (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35129">#35129</a>) chore(deps): bump the langchain-deps group across 3 directories with 11 updates (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35121">#35121</a>) feat(core): add ContextOverflowError, raise in anthropic and openai (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35099">#35099</a>) feat(model-profiles): add <code>text_inputs</code> and <code>text_outputs</code> (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35084">#35084</a>) feat(core): count tokens from tool schemas in <code>count_tokens_approximately</code> (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35098">#35098</a>) docs(core): add missing <code>name</code> docstring for <code>RunnableSerializable</code> (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35088">#35088</a>)</p> <h2>langchain-core==1.2.9</h2> <p>Changes since langchain-core==1.2.8</p> <p>release(core): 1.2.9 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35025">#35025</a>) fix(core): adjust cap when scaling approximate token counts (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35017">#35017</a>) revert: precompile hex color regex pattern at module level (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35016">#35016</a>) chore: add <code>make type</code> target (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35015">#35015</a>) revert: "chore: add typing target in <code>Makefile</code>" (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35013">#35013</a>) chore: add typing target in <code>Makefile</code> (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35012">#35012</a>) fix(core): apply cap when scaling approximate token counts (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35005">#35005</a>) feat(core): allow scaling by reported usage when counting tokens approximately (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34996">#34996</a>) test(core): increase <code>delta_time</code> for flaky test (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34982">#34982</a>) chore: enrich <code>pyproject.toml</code> files (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34980">#34980</a>)</p> <h2>langchain-core==1.2.8</h2> <p>Changes since langchain-core==1.2.7</p> <p>release(core): 1.2.8 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34975">#34975</a>) docs(core): add examples for <code>pretty_repr</code>, <code>pretty_print</code> (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34968">#34968</a>) docs(core): use proper admonition for <code>get_buffer_string</code> (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34967">#34967</a>) docs: add usage examples to core classes (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34841">#34841</a>) chore(core): fix docstring format (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34966">#34966</a>) chore(deps): bump the uv group across 20 directories with 3 updates (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34941">#34941</a>) docs: add example to create_message function docstring (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34851">#34851</a>) docs(core): clarify <a href="https://github.com/tool"><code>@tool</code></a> decorator argument and return type requirements (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34860">#34860</a>) fix(core): fix nested mustache variable extraction and update docs (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34872">#34872</a>) fix(core): allow base model annotations for empty model (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34932">#34932</a>) chore: upgrade urllib3 to 2.6.3 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34940">#34940</a>) fix(core): prevent crash in ParrotFakeChatModel when messages list is empty (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34943">#34943</a>) fix(core): google docstring parsing with no arguments/reserved arguments (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34861">#34861</a>) test(core): add tests for approximate token counting with multimodal messages (<a href="https://redirect.github.com/langchain-ai/langchain/issues/34898">#34898</a>)</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/langchain-ai/langchain/commit/524e1dab5e7c8229bd78be3c13ab38ac93a6216b"><code>524e1da</code></a> release(core): 1.2.11 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35144">#35144</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/2b4b1dc29a833d4053deba4c2b77a3848c834565"><code>2b4b1dc</code></a> fix(openai): sanitize urls when counting tokens in images (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35143">#35143</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/0493b276e0be31d4f48d9d0ba5fcbce7fdded38f"><code>0493b27</code></a> fix(anthropic): support effort="max" and remove beta headers (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35141">#35141</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/a5f22e7cb18a05ed057028797a7d0d79cd509b0d"><code>a5f22e7</code></a> chore(core): clean up docstring mismatch and redundant logic in langchain-cor...</li> <li><a href="https://github.com/langchain-ai/langchain/commit/97ee14c179f703473a6ec6ee24179ea756a5698f"><code>97ee14c</code></a> fix(core): replace bare except with Exception in tracer (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35138">#35138</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/990e8076e1d61a0c8ced4d83607685bd71e23687"><code>990e807</code></a> release(standard-tests): release 1.1.5 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35139">#35139</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/74dffca3d89effdb62da567d1ff6d160c9ad5354"><code>74dffca</code></a> release(langchain): 1.2.10 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35137">#35137</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/f41e0493336698e9a3e25e6e238786dfc8af91ba"><code>f41e049</code></a> release(core): 1.2.10 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35136">#35136</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/de05838fca46eb6c2f67064da3a59f5e84818e9a"><code>de05838</code></a> chore(deps): bump the langchain-deps group across 3 directories with 40 updat...</li> <li><a href="https://github.com/langchain-ai/langchain/commit/d6e86aa748ae173857732ee1f7114a06ff8f4231"><code>d6e86aa</code></a> chore(deps): bump the other-deps group across 3 directories with 12 updates (...</li> <li>Additional commits viewable in <a href="https://github.com/langchain-ai/langchain/compare/langchain-core==1.2.7...langchain-core==1.2.11">compare view</a></li> </ul> </details> <br /> Updates `pillow` from 12.1.0 to 12.1.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/python-pillow/Pillow/releases">pillow's releases</a>.</em></p> <blockquote> <h2>12.1.1</h2> <p><a href="https://pillow.readthedocs.io/en/stable/releasenotes/12.1.1.html">https://pillow.readthedocs.io/en/stable/releasenotes/12.1.1.html</a></p> <h2>Dependencies</h2> <ul> <li>Patch libavif for svt-av1 4.0 compatibility <a href="https://redirect.github.com/python-pillow/Pillow/issues/9413">#9413</a> [<a href="https://github.com/hugovk"><code>@hugovk</code></a>]</li> </ul> <h2>Other changes</h2> <ul> <li>Fix OOB Write with invalid tile extents <a href="https://redirect.github.com/python-pillow/Pillow/issues/9427">#9427</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/python-pillow/Pillow/commit/5158d98c807e719c5938aa3886913ef0ea6814e9"><code>5158d98</code></a> 12.1.1 version bump</li> <li><a href="https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa"><code>9000313</code></a> Fix OOB Write with invalid tile extents (<a href="https://redirect.github.com/python-pillow/Pillow/issues/9427">#9427</a>)</li> <li><a href="https://github.com/python-pillow/Pillow/commit/cd0111849fb32c40860e3ee3d57b9b1cee4260cf"><code>cd01118</code></a> Patch libavif for svt-av1 4.0 compatibility</li> <li>See full diff in <a href="https://github.com/python-pillow/Pillow/compare/12.1.0...12.1.1">compare view</a></li> </ul> </details> <br /> Updates `protobuf` from 6.33.4 to 6.33.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/protocolbuffers/protobuf/releases">protobuf's releases</a>.</em></p> <blockquote> <h2>Protocol Buffers v34.0-rc1</h2> <h1>Announcements</h1> <ul> <li><strong>This version includes breaking changes to: C++, Objective-C, PHP, Python.</strong></li> <li>[Bazel] Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (<a href="https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb">https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb</a>)</li> <li>[C++] Make generator headers private (<a href="https://github.com/protocolbuffers/protobuf/commit/3a2af3510f0d454dbe3e4dc281674b61c4d20b9e">https://github.com/protocolbuffers/protobuf/commit/3a2af3510f0d454dbe3e4dc281674b61c4d20b9e</a>)</li> <li>[C++] Add a debug check that the target of CopyFrom is not a descendant of the source. (<a href="https://github.com/protocolbuffers/protobuf/commit/7a7589823d2cfaaf7994b050e98d5d553bc9b1c1">https://github.com/protocolbuffers/protobuf/commit/7a7589823d2cfaaf7994b050e98d5d553bc9b1c1</a>)</li> <li>[C++] Add [[nodiscard]] to many APIs. (<a href="https://github.com/protocolbuffers/protobuf/commit/a70115f33f9af2c4b2202c800b84837e7fe0d738">https://github.com/protocolbuffers/protobuf/commit/a70115f33f9af2c4b2202c800b84837e7fe0d738</a>)</li> <li>[C++] Make the arena-enabled constructors of <code>RepeatedField</code>, <code>RepeatedPtrField</code>, and <code>Map</code> private. (<a href="https://github.com/protocolbuffers/protobuf/commit/ef890c3d0c79398c70e047fe5dd893f460ba2336">https://github.com/protocolbuffers/protobuf/commit/ef890c3d0c79398c70e047fe5dd893f460ba2336</a>)</li> <li>[C++] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (<a href="https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292">https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292</a>)</li> <li>[C++] Removes proto2::util::MessageDifferencer::AddIgnoreCriteria that takes a raw pointer as an argument in favor of the overload that takes a unique_ptr. Remove macro PROTOBUF_FUTURE_REMOVE_ADD_IGNORE_CRITERIA (<a href="https://github.com/protocolbuffers/protobuf/commit/b115358c64127896fed88b8b5ef5d91d86d8cbae">https://github.com/protocolbuffers/protobuf/commit/b115358c64127896fed88b8b5ef5d91d86d8cbae</a>)</li> <li>[C++] Remove deprecated FieldDescriptor::has_optional_keyword() in OSS. Use is_repeated() or has_presence() instead (<a href="https://github.com/protocolbuffers/protobuf/commit/68346ec9348e932664e58c3ecdcd1478f95233a8">https://github.com/protocolbuffers/protobuf/commit/68346ec9348e932664e58c3ecdcd1478f95233a8</a>)</li> <li>[C++] Remove AddUnusedImportTrackFile() and ClearUnusedImportTrackFiles(). Remove PROTOBUF_FUTURE_RENAME_ADD_UNUSED_IMPORT (<a href="https://github.com/protocolbuffers/protobuf/commit/837a2cd1d6c75402b2503ffe7cd8aeaf25868536">https://github.com/protocolbuffers/protobuf/commit/837a2cd1d6c75402b2503ffe7cd8aeaf25868536</a>)</li> <li>[C++] Remove deprecated FieldDescriptor::is_optional() in OSS. Use (!is_required() && !is_repeated()) instead (<a href="https://github.com/protocolbuffers/protobuf/commit/9dbc5d479a8e453921485d8d3de47fb3c005f1af">https://github.com/protocolbuffers/protobuf/commit/9dbc5d479a8e453921485d8d3de47fb3c005f1af</a>)</li> <li>[C++] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (<a href="https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00">https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00</a>)</li> <li>[C++] All entity names have length limit (2afb0dc)</li> <li>[ObjC] Remove <code>generate_minimal_imports</code> generation option warning (<a href="https://github.com/protocolbuffers/protobuf/commit/45b1297fdaad5a9436d0e207422168c38dc45ac4">https://github.com/protocolbuffers/protobuf/commit/45b1297fdaad5a9436d0e207422168c38dc45ac4</a>)</li> <li>[ObjC] Fix nullability annotations on some <code>GPB*Dictionary</code> types. (<a href="https://github.com/protocolbuffers/protobuf/commit/ea67d6d26a48478a567c404679e3bb99cf230d50">https://github.com/protocolbuffers/protobuf/commit/ea67d6d26a48478a567c404679e3bb99cf230d50</a>)</li> <li>[ObjC] Remove <code>-[GPBFieldDescriptor optional]</code> (<a href="https://github.com/protocolbuffers/protobuf/commit/3414dc151eb4dcbdb2ca952e2589993bf7af75c4">https://github.com/protocolbuffers/protobuf/commit/3414dc151eb4dcbdb2ca952e2589993bf7af75c4</a>)</li> <li>[Other] Remove deprecated flag for enabling MSVC support (<a href="https://github.com/protocolbuffers/protobuf/commit/97c979be6e0907e1051bee62584dac4594e73fa7">https://github.com/protocolbuffers/protobuf/commit/97c979be6e0907e1051bee62584dac4594e73fa7</a>)</li> <li>[PHP] Remove deprecated PHP APIs (<a href="https://github.com/protocolbuffers/protobuf/commit/9c45014099a4f7004fab6dd1278de2f4f2a393c5">https://github.com/protocolbuffers/protobuf/commit/9c45014099a4f7004fab6dd1278de2f4f2a393c5</a>)</li> <li>[PHP] Remove deprecated PHP APIs FieldDescriptor getLabel, use IsRepeated or isRequired instead. (<a href="https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345">https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345</a>, <a href="https://github.com/protocolbuffers/protobuf/commit/cd76e675b14d00dda5623b30835d2bc7105fccc6">https://github.com/protocolbuffers/protobuf/commit/cd76e675b14d00dda5623b30835d2bc7105fccc6</a>, <a href="https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345">https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345</a>)</li> <li>[PHP] Add PHP typehints for setters and remove redundant GPBUtil checks (<a href="https://redirect.github.com/protocolbuffers/protobuf/pull/25296">protocolbuffers/protobuf#25296</a>) (<a href="https://github.com/protocolbuffers/protobuf/commit/aee03b78929c02461a5f9d8e136a2a016359b0cd">https://github.com/protocolbuffers/protobuf/commit/aee03b78929c02461a5f9d8e136a2a016359b0cd</a>)</li> <li>[PHP] support default values for editions/proto2 (<a href="https://redirect.github.com/protocolbuffers/protobuf/pull/25161">protocolbuffers/protobuf#25161</a>) (<a href="https://github.com/protocolbuffers/protobuf/commit/b01099d56350551bae3da88b97bf3027274c9f17">https://github.com/protocolbuffers/protobuf/commit/b01099d56350551bae3da88b97bf3027274c9f17</a>)</li> <li>[Python] Raise errors in OSS when assign bool to int/enum field in Python Proto. (<a href="https://github.com/protocolbuffers/protobuf/commit/5b116fe2f14f49dd0cc3b76089983717f211025c">https://github.com/protocolbuffers/protobuf/commit/5b116fe2f14f49dd0cc3b76089983717f211025c</a>)</li> <li>[Python] Remove float_format/double_format from python proto text_format (<a href="https://github.com/protocolbuffers/protobuf/commit/e4854a186e0bfa867d5bfa5cd850608a948fd488">https://github.com/protocolbuffers/protobuf/commit/e4854a186e0bfa867d5bfa5cd850608a948fd488</a>)</li> <li>[Python] Raise TypeError when convert non-timedelta to Duration, or convert non-datetime to Timestamp in python proto. (Original code may raise ArributeError) (<a href="https://github.com/protocolbuffers/protobuf/commit/00aaca1b4d98954bc2933d7c8a5379ba6088124c">https://github.com/protocolbuffers/protobuf/commit/00aaca1b4d98954bc2933d7c8a5379ba6088124c</a>)</li> <li>[Python] Remove float_precision from python proto json_format (<a href="https://github.com/protocolbuffers/protobuf/commit/f027f1fcd52b9d080b7ee79f4024f53cf54e0dc5">https://github.com/protocolbuffers/protobuf/commit/f027f1fcd52b9d080b7ee79f4024f53cf54e0dc5</a>)</li> <li>[Python] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (<a href="https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292">https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292</a>)</li> <li>[Python] Remove deprecated FieldDescriptor.label (<a href="https://github.com/protocolbuffers/protobuf/commit/0a8ff55518ea5874478ad5b26515b31d186045a9">https://github.com/protocolbuffers/protobuf/commit/0a8ff55518ea5874478ad5b26515b31d186045a9</a>)</li> <li>[Python] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (<a href="https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00">https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00</a>)</li> <li><a href="https://protobuf.dev/news/">Protobuf News</a> may include additional announcements or pre-announcements for upcoming changes.</li> <li><a href="https://protobuf.dev/support/migration/">Migration Guide</a> may include additional guidance for breaking changes.</li> </ul> <h1>Bazel</h1> <ul> <li>Fix: cc_toolchain should prefer protoc when prebuilt flag is flipped. (<a href="https://redirect.github.com/protocolbuffers/protobuf/issues/25168">#25168</a>) (<a href="https://github.com/protocolbuffers/protobuf/commit/8c857c3a1c6a106b0a096f1c9fa504bfaca035a9">https://github.com/protocolbuffers/protobuf/commit/8c857c3a1c6a106b0a096f1c9fa504bfaca035a9</a>)</li> <li>Breaking change: Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (<a href="https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb">https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb</a>)</li> <li>Feat(bazel): wire up prebuilt protoc toolchain (<a href="https://redirect.github.com/protocolbuffers/protobuf/issues/24115">#24115</a>) (<a href="https://github.com/protocolbuffers/protobuf/commit/cc23698b486e690ea2eb873cc7596a87c74a3ba6">https://github.com/protocolbuffers/protobuf/commit/cc23698b486e690ea2eb873cc7596a87c74a3ba6</a>)</li> <li>Migrate <code>proto_descriptor_set</code> (<a href="https://redirect.github.com/protocolbuffers/protobuf/issues/23369">#23369</a>) (<a href="https://github.com/protocolbuffers/protobuf/commit/8d4dfdd39a7a242a9ed631a6ab2192c57dd9b9c8">https://github.com/protocolbuffers/protobuf/commit/8d4dfdd39a7a242a9ed631a6ab2192c57dd9b9c8</a>)</li> </ul> <h1>Compiler</h1> <ul> <li>Ruby codegen: support generation of rbs files (<a href="https://redirect.github.com/protocolbuffers/protobuf/issues/15633">#15633</a>) (<a href="https://github.com/protocolbuffers/protobuf/commit/6ebdf851ba78728f0aa145d38454ed9a316fb08d">https://github.com/protocolbuffers/protobuf/commit/6ebdf851ba78728f0aa145d38454ed9a316fb08d</a>)</li> <li>Avoid collision name problems between a message named <code>Xyz</code> and a direct sibling enum named <code>XyzView</code> (<a href="https://github.com/protocolbuffers/protobuf/commit/eba53e8f172b273d679759a72ce4250131ee3df1">https://github.com/protocolbuffers/protobuf/commit/eba53e8f172b273d679759a72ce4250131ee3df1</a>)</li> <li>Generalizing and implementing ValidateFeatureSupport for both Options and Features during proto parsing (<a href="https://github.com/protocolbuffers/protobuf/commit/ed3c57114d8e2b47cca7697ddaa50c1b3762a6b0">https://github.com/protocolbuffers/protobuf/commit/ed3c57114d8e2b47cca7697ddaa50c1b3762a6b0</a>)</li> <li>Fix a bug with custom features outside of the <code>pb</code> package. (<a href="https://github.com/protocolbuffers/protobuf/commit/872d3ce7a4da00d7dcec33ced20cfe45235935e8">https://github.com/protocolbuffers/protobuf/commit/872d3ce7a4da00d7dcec33ced20cfe45235935e8</a>)</li> <li>Fix import option handling when include_imports isn't set. (<a href="https://github.com/protocolbuffers/protobuf/commit/9ef9e80afd9bc8379d578fe67e5ab0738728c04e">https://github.com/protocolbuffers/protobuf/commit/9ef9e80afd9bc8379d578fe67e5ab0738728c04e</a>)</li> <li>Fix a bug in STRICT check of namespaced enums to properly check for 'reserved 1 to max' (<a href="https://github.com/protocolbuffers/protobuf/commit/1229d4adba24c0952ab85ce96bc7b7f8a1fe6d0f">https://github.com/protocolbuffers/protobuf/commit/1229d4adba24c0952ab85ce96bc7b7f8a1fe6d0f</a>)</li> <li>Prevent accidental stripping of <code>debug_redact</code> options via import option. (<a href="https://github.com/protocolbuffers/protobuf/commit/f58b098bffa7ca4045ef7773b09151a6af5d0c28">https://github.com/protocolbuffers/protobuf/commit/f58b098bffa7ca4045ef7773b09151a6af5d0c28</a>)</li> </ul> <h1>C++</h1> <ul> <li>Add EnumerateEnumValues function. (<a href="https://github.com/protocolbuffers/protobuf/commit/397d5d99db274b379d1384814074bf7df39d32f7">https://github.com/protocolbuffers/protobuf/commit/397d5d99db274b379d1384814074bf7df39d32f7</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/protocolbuffers/protobuf/commits">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/react-agent/network/alerts). </details>
Bumps the uv group with 2 updates in the / directory: [langgraph](https://github.com/langchain-ai/langgraph) and [orjson](https://github.com/ijl/orjson). Updates `langgraph` from 1.0.6 to 1.0.10rc1 - [Release notes](https://github.com/langchain-ai/langgraph/releases) - [Commits](langchain-ai/langgraph@1.0.6...1.0.10rc1) Updates `orjson` from 3.11.5 to 3.11.6 - [Release notes](https://github.com/ijl/orjson/releases) - [Changelog](https://github.com/ijl/orjson/blob/master/CHANGELOG.md) - [Commits](ijl/orjson@3.11.5...3.11.6) --- updated-dependencies: - dependency-name: langgraph dependency-version: 1.0.10rc1 dependency-type: direct:production dependency-group: uv - dependency-name: orjson dependency-version: 3.11.6 dependency-type: indirect dependency-group: uv ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the uv group with 2 updates in the / directory: [langgraph](https://github.com/langchain-ai/langgraph) and [orjson](https://github.com/ijl/orjson). Updates `langgraph` from 1.0.6 to 1.0.10rc1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langgraph/releases">langgraph's releases</a>.</em></p> <blockquote> <h2>langgraph==1.0.10rc1</h2> <p>Changes since 1.0.9</p> <ul> <li>release: Candidate (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6947">#6947</a>)</li> <li>Merge commit from fork</li> <li>chore: add tests to confirm expected subgraph persistence behavior (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6943">#6943</a>)</li> <li>fix(langgraph): correct ParentCommand bubbling when checkpoint_ns includes numeric task segments (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6864">#6864</a>)</li> <li>chore: add <code>make type</code> target for type checking (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6748">#6748</a>)</li> </ul> <h2>langgraph==1.0.9</h2> <p>Changes since 1.0.8</p> <ul> <li>release: langgraph + prebuilt (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6875">#6875</a>)</li> <li>fix: sequential interrupt handling w/ functional API (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6863">#6863</a>)</li> <li>chore: state_updated_at sort by (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6857">#6857</a>)</li> <li>chore: bump orjson (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6852">#6852</a>)</li> <li>chore: conformance testing (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6842">#6842</a>)</li> <li>chore(deps): bump the all-dependencies group in /libs/langgraph with 6 updates (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6815">#6815</a>)</li> <li>chore(deps): bump protobuf from 6.33.4 to 6.33.5 in /libs/langgraph (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6833">#6833</a>)</li> <li>chore(deps): bump cryptography from 46.0.3 to 46.0.5 in /libs/langgraph (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6837">#6837</a>)</li> <li>chore(deps): bump nbconvert from 7.16.6 to 7.17.0 in /libs/langgraph (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6832">#6832</a>)</li> <li>chore: server runtime type (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6774">#6774</a>)</li> <li>refactor: replace bare except with BaseException in AsyncQueue (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6765">#6765</a>)</li> </ul> <h2>langgraph==1.0.8</h2> <p>Changes since 1.0.7</p> <ul> <li>release(langgraph): 1.0.8 (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6757">#6757</a>)</li> <li>chore: shallow copy futures (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6755">#6755</a>)</li> <li>fix: pydantic messages double streaming (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6753">#6753</a>)</li> <li>chore(deps-dev): bump ruff from 0.14.7 to 0.14.11 in /libs/sdk-py (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6673">#6673</a>)</li> <li>chore: Omit lock when using connection pool (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6734">#6734</a>)</li> <li>docs: enhance <code>Runtime</code> and <code>ToolRuntime</code> class descriptions for clarity (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6689">#6689</a>)</li> <li>docs: add clarity to use of <code>thread_id</code> (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6515">#6515</a>)</li> <li>docs: add docstrings to <code>add_node</code> overloads (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6514">#6514</a>)</li> <li>docs: update notebook links and add archival notices for examples (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6720">#6720</a>)</li> <li>release(cli): 0.4.12 (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6716">#6716</a>)</li> </ul> <h2>langgraph-prebuilt==1.0.8</h2> <p>Changes since prebuilt==1.0.7</p> <ul> <li>release: langgraph + prebuilt (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6875">#6875</a>)</li> <li>fix: inject ToolRuntime for dynamically registered tools (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6874">#6874</a>)</li> <li>chore: bump orjson (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6852">#6852</a>)</li> <li>chore(deps): bump langchain-core from 1.2.12 to 1.2.13 in /libs/prebuilt in the all-dependencies group (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6849">#6849</a>)</li> <li>chore: conformance testing (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6842">#6842</a>)</li> <li>chore(deps): bump the all-dependencies group in /libs/prebuilt with 3 updates (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6810">#6810</a>)</li> <li>chore: server runtime type (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6774">#6774</a>)</li> <li>docs(prebuilt): update warning for <code>create_react_agent</code> (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6760">#6760</a>)</li> <li>release(langgraph): 1.0.8 (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6757">#6757</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/langchain-ai/langgraph/commit/a04ec5d6f00fa6583b2d98dfe789da741204b767"><code>a04ec5d</code></a> release: Candidate (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6947">#6947</a>)</li> <li><a href="https://github.com/langchain-ai/langgraph/commit/50df7d423abebcb5a192f0a59c2952c68cb0df8c"><code>50df7d4</code></a> Merge commit from fork</li> <li><a href="https://github.com/langchain-ai/langgraph/commit/c4a4a4647343d802d0ab909439806076bae15bd6"><code>c4a4a46</code></a> chore: add tests to confirm expected subgraph persistence behavior (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6943">#6943</a>)</li> <li><a href="https://github.com/langchain-ai/langgraph/commit/f178eb821e52906e1705c9cc02533bb88854b409"><code>f178eb8</code></a> fix(langgraph): correct ParentCommand bubbling when checkpoint_ns includes nu...</li> <li><a href="https://github.com/langchain-ai/langgraph/commit/48167d7fec9c25228426c92ba83d8650b77de0f3"><code>48167d7</code></a> chore(deps): bump the all-dependencies group in /libs/cli with 2 updates (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6920">#6920</a>)</li> <li><a href="https://github.com/langchain-ai/langgraph/commit/806878a421458e99f9882e666ff35a41ad1bb561"><code>806878a</code></a> chore(deps): bump the all-dependencies group in /libs/checkpoint-postgres wit...</li> <li><a href="https://github.com/langchain-ai/langgraph/commit/8087e6a42c62c2049a5fb3f99372a8c601d07e08"><code>8087e6a</code></a> docs(sdk-py): update auth docstrings to default-deny pattern (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6933">#6933</a>)</li> <li><a href="https://github.com/langchain-ai/langgraph/commit/8fbdb144876ec9ca75943c7addb452a2bb634304"><code>8fbdb14</code></a> release(sdk-py): 0.3.9 (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6932">#6932</a>)</li> <li><a href="https://github.com/langchain-ai/langgraph/commit/5093802f319119be674c02269f9874df04558419"><code>5093802</code></a> chore(deps): bump the all-dependencies group in /libs/checkpoint with 2 updat...</li> <li><a href="https://github.com/langchain-ai/langgraph/commit/b89ef60b91e019c3cb4422af1e3cc216804ccb20"><code>b89ef60</code></a> feat(sdk-py): add extract parameter to threads.search() (<a href="https://redirect.github.com/langchain-ai/langgraph/issues/6880">#6880</a>)</li> <li>Additional commits viewable in <a href="https://github.com/langchain-ai/langgraph/compare/1.0.6...1.0.10rc1">compare view</a></li> </ul> </details> <br /> Updates `orjson` from 3.11.5 to 3.11.6 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ijl/orjson/releases">orjson's releases</a>.</em></p> <blockquote> <h2>3.11.6</h2> <h3>Changed</h3> <ul> <li>orjson now includes code licensed under the Mozilla Public License 2.0 (MPL-2.0).</li> <li>Drop support for Python 3.9.</li> <li>ABI compatibility with CPython 3.15 alpha 5.</li> <li>Build now depends on Rust 1.89 or later instead of 1.85.</li> </ul> <h3>Fixed</h3> <ul> <li>Fix sporadic crash serializing deeply nested <code>list</code> of <code>dict</code>.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ijl/orjson/blob/master/CHANGELOG.md">orjson's changelog</a>.</em></p> <blockquote> <h2>3.11.6 - 2026-01-29</h2> <h3>Changed</h3> <ul> <li>orjson now includes code licensed under the Mozilla Public License 2.0 (MPL-2.0).</li> <li>Drop support for Python 3.9.</li> <li>ABI compatibility with CPython 3.15 alpha 5.</li> <li>Build now depends on Rust 1.89 or later instead of 1.85.</li> </ul> <h3>Fixed</h3> <ul> <li>Fix sporadic crash serializing deeply nested <code>list</code> of <code>dict</code>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ijl/orjson/commit/ec02024c3837255064f248c0d2d331319b75e9ad"><code>ec02024</code></a> 3.11.6</li> <li><a href="https://github.com/ijl/orjson/commit/d58168733189f82b3fd0c058dff73e05d09202e6"><code>d581687</code></a> build, clippy misc</li> <li><a href="https://github.com/ijl/orjson/commit/4105b29b2275f200f6fae01349bef02ccf1bc2e2"><code>4105b29</code></a> writer::num</li> <li><a href="https://github.com/ijl/orjson/commit/62bb185b70785ded49c79c26f8c9781f1e6fe370"><code>62bb185</code></a> Fix sporadic crash on serializing object close</li> <li><a href="https://github.com/ijl/orjson/commit/d860078a973f44401265c5c4ad12a7dbe4f839ad"><code>d860078</code></a> PyRef idiom refactors</li> <li><a href="https://github.com/ijl/orjson/commit/343ae2f148197918aba9f8562db42c364620e4b8"><code>343ae2f</code></a> Deserializer, Utf8Buffer</li> <li><a href="https://github.com/ijl/orjson/commit/7835f58d1c56947d1cf7a18acdfc07a2bca9b0f2"><code>7835f58</code></a> PyBytesRef and other input refactor</li> <li><a href="https://github.com/ijl/orjson/commit/71e0516424ce1e11613eb1780f18e8cde83989fd"><code>71e0516</code></a> PyStrRef</li> <li><a href="https://github.com/ijl/orjson/commit/1096df42dc585fde837ed0c930a346f5ef7dbb94"><code>1096df4</code></a> MSRV 1.89</li> <li><a href="https://github.com/ijl/orjson/commit/b718e75b8ba18a707c2b44b6de14d52547573771"><code>b718e75</code></a> Drop support for python3.9</li> <li>Additional commits viewable in <a href="https://github.com/ijl/orjson/compare/3.11.5...3.11.6">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/react-agent/network/alerts). </details>
Bumps the uv group with 1 update in the / directory: [requests](https://github.com/psf/requests). Updates `requests` from 2.32.5 to 2.33.0 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.32.5...v2.33.0) --- updated-dependencies: - dependency-name: requests dependency-version: 2.33.0 dependency-type: indirect dependency-group: uv ... Signed-off-by: dependabot[bot] <support@github.com>
#37) Bumps the uv group with 1 update in the / directory: [requests](https://github.com/psf/requests). Updates `requests` from 2.32.5 to 2.33.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/releases">requests's releases</a>.</em></p> <blockquote> <h2>v2.33.0</h2> <h2>2.33.0 (2026-03-25)</h2> <p><strong>Announcements</strong></p> <ul> <li>📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at <a href="https://redirect.github.com/psf/requests/issues/7271">#7271</a>. Give it a try, and report any gaps or feedback you may have in the issue. 📣</li> </ul> <p><strong>Security</strong></p> <ul> <li>CVE-2026-25645 <code>requests.utils.extract_zipped_paths</code> now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.</li> </ul> <p><strong>Improvements</strong></p> <ul> <li>Migrated to a PEP 517 build system using setuptools. (<a href="https://redirect.github.com/psf/requests/issues/7012">#7012</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (<a href="https://redirect.github.com/psf/requests/issues/7205">#7205</a>)</li> </ul> <p><strong>Deprecations</strong></p> <ul> <li>Dropped support for Python 3.9 following its end of support. (<a href="https://redirect.github.com/psf/requests/issues/7196">#7196</a>)</li> </ul> <p><strong>Documentation</strong></p> <ul> <li>Various typo fixes and doc improvements.</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/M0d3v1"><code>@M0d3v1</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/6865">psf/requests#6865</a></li> <li><a href="https://github.com/aminvakil"><code>@aminvakil</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/7220">psf/requests#7220</a></li> <li><a href="https://github.com/E8Price"><code>@E8Price</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/6960">psf/requests#6960</a></li> <li><a href="https://github.com/mitre88"><code>@mitre88</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/7244">psf/requests#7244</a></li> <li><a href="https://github.com/magsen"><code>@magsen</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/6553">psf/requests#6553</a></li> <li><a href="https://github.com/Rohan5commit"><code>@Rohan5commit</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/7227">psf/requests#7227</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25">https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's changelog</a>.</em></p> <blockquote> <h2>2.33.0 (2026-03-25)</h2> <p><strong>Announcements</strong></p> <ul> <li>📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at <a href="https://redirect.github.com/psf/requests/issues/7271">#7271</a>. Give it a try, and report any gaps or feedback you may have in the issue. 📣</li> </ul> <p><strong>Security</strong></p> <ul> <li>CVE-2026-25645 <code>requests.utils.extract_zipped_paths</code> now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.</li> </ul> <p><strong>Improvements</strong></p> <ul> <li>Migrated to a PEP 517 build system using setuptools. (<a href="https://redirect.github.com/psf/requests/issues/7012">#7012</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (<a href="https://redirect.github.com/psf/requests/issues/7205">#7205</a>)</li> </ul> <p><strong>Deprecations</strong></p> <ul> <li>Dropped support for Python 3.9 following its end of support. (<a href="https://redirect.github.com/psf/requests/issues/7196">#7196</a>)</li> </ul> <p><strong>Documentation</strong></p> <ul> <li>Various typo fixes and doc improvements.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761"><code>bc04dfd</code></a> v2.33.0</li> <li><a href="https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7"><code>66d21cb</code></a> Merge commit from fork</li> <li><a href="https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028"><code>8b9bc8f</code></a> Move badges to top of README (<a href="https://redirect.github.com/psf/requests/issues/7293">#7293</a>)</li> <li><a href="https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286"><code>e331a28</code></a> Remove unused extraction call (<a href="https://redirect.github.com/psf/requests/issues/7292">#7292</a>)</li> <li><a href="https://github.com/psf/requests/commit/753fd08c5eacce0aa0df73fe47e49525c67e0a29"><code>753fd08</code></a> docs: fix FAQ grammar in httplib2 example</li> <li><a href="https://github.com/psf/requests/commit/774a0b837a194ee885d4fdd9ca947900cc3daf71"><code>774a0b8</code></a> docs(socks): same block as other sections</li> <li><a href="https://github.com/psf/requests/commit/9c72a41bec8597f948c9d8caa5dc3f12273b3303"><code>9c72a41</code></a> Bump github/codeql-action from 4.33.0 to 4.34.1</li> <li><a href="https://github.com/psf/requests/commit/ebf71906798ec82f34e07d3168f8b8aecaf8a3be"><code>ebf7190</code></a> Bump github/codeql-action from 4.32.0 to 4.33.0</li> <li><a href="https://github.com/psf/requests/commit/0e4ae38f0c93d4f92a96c774bd52c069d12a4798"><code>0e4ae38</code></a> docs: exclude Response.is_permanent_redirect from API docs (<a href="https://redirect.github.com/psf/requests/issues/7244">#7244</a>)</li> <li><a href="https://github.com/psf/requests/commit/d568f47278492e630cc990a259047c67991d007a"><code>d568f47</code></a> docs: clarify Quickstart POST example (<a href="https://redirect.github.com/psf/requests/issues/6960">#6960</a>)</li> <li>Additional commits viewable in <a href="https://github.com/psf/requests/compare/v2.32.5...v2.33.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/react-agent/network/alerts). </details>
- Add top-level `permissions: contents: read` to integration-tests.yml and unit-tests.yml - SHA-pin codespell-project/actions-codespell@v2 → 406322ec52dd7b488e48c1c4b82e2a8b3a1bf630 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
## Summary - Add top-level `permissions: contents: read` to `integration-tests.yml` and `unit-tests.yml` (Rule 1 compliance) - SHA-pin `codespell-project/actions-codespell@v2` → `406322ec52dd7b488e48c1c4b82e2a8b3a1bf630` in both usages in `unit-tests.yml` (Rule 6 compliance) ## Test plan - [ ] CI passes on this branch - [x] Code scanning alerts for missing permissions are resolved after merge
Bumps the uv group with 1 update in the / directory: [langchain-core](https://github.com/langchain-ai/langchain). Updates `langchain-core` from 1.2.11 to 1.2.22 - [Release notes](https://github.com/langchain-ai/langchain/releases) - [Commits](langchain-ai/langchain@langchain-core==1.2.11...langchain-core==1.2.22) --- updated-dependencies: - dependency-name: langchain-core dependency-version: 1.2.22 dependency-type: indirect dependency-group: uv ... Signed-off-by: dependabot[bot] <support@github.com>
…rectory (#39) Bumps the uv group with 1 update in the / directory: [langchain-core](https://github.com/langchain-ai/langchain). Updates `langchain-core` from 1.2.11 to 1.2.22 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langchain/releases">langchain-core's releases</a>.</em></p> <blockquote> <h2>langchain-core==1.2.22</h2> <p>Changes since langchain-core==1.2.21</p> <p>release(core): 1.2.22 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36201">#36201</a>) fix(core): validate paths in <code>prompt.save</code> and <code>load_prompt</code>, deprecate methods (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36200">#36200</a>)</p> <h2>langchain-core==1.2.21</h2> <p>Changes since langchain-core==1.2.20</p> <p>release(core): 1.2.21 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36179">#36179</a>) fix(core,model-profiles): add missing <code>ModelProfile</code> fields, warn on schema drift (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36129">#36129</a>) chore(core): remove stale blockbuster allowlist for deleted context module (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36168">#36168</a>) ci: suppress pytest streaming output in CI (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36092">#36092</a>)</p> <h2>langchain-core==1.2.20</h2> <p>Changes since langchain-core==1.2.19</p> <p>release(core): 1.2.20 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36085">#36085</a>) fix(core): trace invocation params in metadata (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36080">#36080</a>) feat: Add LangSmith integration metadata to create_agent and init_chat_model (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35810">#35810</a>) feat(core): harden anti-ssrf (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35960">#35960</a>) ci: avoid unnecessary dep installs in lint targets (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36046">#36046</a>) docs(core): document <code>base_url</code> in mermaid api (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35961">#35961</a>) chore: bump orjson from 3.11.5 to 3.11.6 in /libs/core (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35805">#35805</a>) chore: housekeeping (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35850">#35850</a>)</p> <h2>langchain-core==1.2.19</h2> <p>Changes since langchain-core==1.2.18</p> <p>release(core): 1.2.19 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35832">#35832</a>) chore(core): move BaseCrossEncoder to langchain-core (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35809">#35809</a>) chore: bump tornado from 6.5.2 to 6.5.5 in /libs/core (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35775">#35775</a>)</p> <h2>langchain-core==1.2.18</h2> <p>Changes since langchain-core==1.2.17</p> <p>release(core): 1.2.18 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35704">#35704</a>) fix(core): fix double backticks in deprecation docstring for alternative_import (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35658">#35658</a>) fix(core): preserve default_factory when generating tool call schema (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35550">#35550</a>) feat(openai): support tool search (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35582">#35582</a>) chore: bump the minor-and-patch group across 3 directories with 7 updates (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35605">#35605</a>)</p> <h2>langchain-core==1.2.17</h2> <p>Changes since langchain-core==1.2.16</p> <p>release(core): 1.2.17 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35527">#35527</a>) fix(core): extract usage metadata from serialized tracer message outputs (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35526">#35526</a>) chore: bump the langchain-deps group across 3 directories with 7 updates (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35513">#35513</a>) chore: bump the langchain-deps group across 3 directories with 14 updates (<a href="https://redirect.github.com/langchain-ai/langchain/issues/35441">#35441</a>)</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/langchain-ai/langchain/commit/d22df94537e4267f72dc1bbfc8e3849baf20d9f7"><code>d22df94</code></a> release(core): 1.2.22 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36201">#36201</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/27add913474e01e33bededf4096151130ba0d47c"><code>27add91</code></a> fix(core): validate paths in <code>prompt.save</code> and <code>load_prompt</code>, deprecate metho...</li> <li><a href="https://github.com/langchain-ai/langchain/commit/7563fceb40ce31165524f3f57ec65e487c02b1a7"><code>7563fce</code></a> chore(model-profiles): refresh model profile data (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36195">#36195</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/3e64c255b84b283b3a65216b19b9838734258c96"><code>3e64c25</code></a> chore: use repo permissions instead of org membership for maintainer override...</li> <li><a href="https://github.com/langchain-ai/langchain/commit/1778b082ecd64a9dedd48674d874ca1bfcbe4c7d"><code>1778b08</code></a> chore(partners): bump <code>langchain-core</code> min to <code>1.2.21</code> (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36183">#36183</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/ad574fce0d52740c249b0db7bde871d779ffb93d"><code>ad574fc</code></a> fix(openai): bump min core version (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36180">#36180</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/19f81cf6f1d73f7adf156491ba0617497a526b8c"><code>19f81cf</code></a> release(core): 1.2.21 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36179">#36179</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/6d07ef28a7023dc7b832fe52862f7a6fc0a187f3"><code>6d07ef2</code></a> release(openai): 1.1.12 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/36178">#36178</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/2f64d80cc65091985873c339ca76a59af7baf739"><code>2f64d80</code></a> fix(core,model-profiles): add missing <code>ModelProfile</code> fields, warn on schema d...</li> <li><a href="https://github.com/langchain-ai/langchain/commit/5ffece5c033365baf4a3df52ffed5c6bfbed27ee"><code>5ffece5</code></a> chore(core): remove stale blockbuster allowlist for deleted context module (#...</li> <li>Additional commits viewable in <a href="https://github.com/langchain-ai/langchain/compare/langchain-core==1.2.11...langchain-core==1.2.22">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/react-agent/network/alerts). </details>
Bumps the uv group with 1 update in the / directory: [cryptography](https://github.com/pyca/cryptography). Updates `cryptography` from 46.0.5 to 46.0.6 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@46.0.5...46.0.6) --- updated-dependencies: - dependency-name: cryptography dependency-version: 46.0.6 dependency-type: indirect dependency-group: uv ... Signed-off-by: dependabot[bot] <support@github.com>
…ctory (#41) Bumps the uv group with 1 update in the / directory: [cryptography](https://github.com/pyca/cryptography). Updates `cryptography` from 46.0.5 to 46.0.6 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's changelog</a>.</em></p> <blockquote> <p>46.0.6 - 2026-03-25</p> <pre><code> * **SECURITY ISSUE**: Fixed a bug where name constraints were not applied to peer names during verification when the leaf certificate contains a wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug, including those used by the Web PKI. Credit to **Oleh Konko (1seal)** for reporting the issue. **CVE-2026-34073** <p>.. _v46-0-5:<br /> </code></pre></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pyca/cryptography/commit/91d728897bdad30cd5c79a2b23e207f1f050d587"><code>91d7288</code></a> Cherry-pick <a href="https://redirect.github.com/pyca/cryptography/issues/14542">#14542</a> (<a href="https://redirect.github.com/pyca/cryptography/issues/14543">#14543</a>)</li> <li>See full diff in <a href="https://github.com/pyca/cryptography/compare/46.0.5...46.0.6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/react-agent/network/alerts). </details>
pyjwt < 2.12.0 accepts unknown `crit` header extensions. Transitive via langgraph-api -> pyjwt (dev-only path). Strategy: constraint-dependencies (C). Remove once langgraph-api requires pyjwt>=2.12.0 upstream.
## Security Alert Patch Resolves 1 Dependabot security alert in the high severity tier. ### Packages Updated | Package | Old Constraint | New Constraint | Strategy | Scope | CVEs Resolved | |---------|---------------|----------------|----------|-------|---------------| | PyJWT | (unconstrained, resolved 2.10.1) | `>=2.12.0` (resolved 2.12.1) | C — constraint | dev-only | CVE-2026-32597 | Strategy C = `[tool.uv.constraint-dependencies]` override — valid because PyJWT is dev-only (transitive via `langgraph-cli[inmem]` → `langgraph-api` → `pyjwt`). ### CVE Details - **[CVE-2026-32597](https://nvd.nist.gov/vuln/detail/CVE-2026-32597)** / [GHSA-752w-5fwx-jx9f](GHSA-752w-5fwx-jx9f): PyJWT accepts unknown `crit` header extensions — versions < 2.12.0 are vulnerable. ### Removal Condition The `constraint-dependencies` entry can be removed once `langgraph-api` releases a version that requires `pyjwt>=2.12.0` upstream. ### Linear Tickets No matching Linear tickets found for the resolved CVEs. ### Verification - [x] Lockfile updated — resolved version is now 2.12.1 - [x] Linters pass (`ruff check`) - [ ] Tests pass (CI) 🤖 Submitted by langster-patch
--- updated-dependencies: - dependency-name: aiohttp dependency-version: 3.13.4 dependency-type: indirect dependency-group: uv ... Signed-off-by: dependabot[bot] <support@github.com>
…s 1 directory (#43) [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/react-agent/network/alerts). </details>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.