Skip to content

chore(deps): bump the ai-providers group with 5 updates#636

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/ai-providers-5d6fc4807f
Open

chore(deps): bump the ai-providers group with 5 updates#636
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/ai-providers-5d6fc4807f

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 29, 2026

Bumps the ai-providers group with 5 updates:

Package From To
openai 2.29.0 2.38.0
anthropic 0.102.0 0.104.1
langgraph 1.2.0 1.2.1
langchain-openai 1.1.12 1.2.2
google-genai 1.24.0 2.6.0

Updates openai from 2.29.0 to 2.38.0

Release notes

Sourced from openai's releases.

v2.38.0

2.38.0 (2026-05-21)

Full Changelog: v2.37.0...v2.38.0

Features

  • api: api update (33d1d01)
  • api: manual updates (a21700a)
  • api: update OpenAPI spec or Stainless config (00265c5)

Chores

  • api: docs updates (ee10152)
  • check release PR custom code sync (2638779)
  • remove release automation trigger (bd6eea5)
  • trigger release automation (f62d082)

v2.37.0

2.37.0 (2026-05-13)

Full Changelog: v2.36.0...v2.37.0

Features

  • api: add service_tier parameter to responses compact method (625827c)
  • internal/types: support eagerly validating pydantic iterators (7e527bc)
  • Remove unnecessary client_id when using workload identity provider for auth (c39ea8d)

Bug Fixes

  • client: add missing f-string prefix in file type error message (c85ebd9)

v2.36.0

2.36.0 (2026-05-07)

Full Changelog: v2.35.1...v2.36.0

Features

v2.35.1

2.35.1 (2026-05-06)

Full Changelog: v2.35.0...v2.35.1

... (truncated)

Changelog

Sourced from openai's changelog.

2.38.0 (2026-05-21)

Full Changelog: v2.37.0...v2.38.0

Features

  • api: api update (33d1d01)
  • api: manual updates (a21700a)
  • api: update OpenAPI spec or Stainless config (00265c5)

Chores

  • api: docs updates (ee10152)
  • check release PR custom code sync (2638779)
  • remove release automation trigger (bd6eea5)
  • trigger release automation (f62d082)

2.37.0 (2026-05-13)

Full Changelog: v2.36.0...v2.37.0

Features

  • api: add service_tier parameter to responses compact method (625827c)
  • internal/types: support eagerly validating pydantic iterators (7e527bc)
  • Remove unnecessary client_id when using workload identity provider for auth (c39ea8d)

Bug Fixes

  • client: add missing f-string prefix in file type error message (c85ebd9)

2.36.0 (2026-05-07)

Full Changelog: v2.35.1...v2.36.0

Features

2.35.1 (2026-05-06)

Full Changelog: v2.35.0...v2.35.1

Bug Fixes

  • api: fix imagegen size enum regression (4484653)

... (truncated)

Commits
  • e757667 release: 2.38.0
  • b85b647 feat(api): api update
  • d881c67 Revert "chore: check release PR custom code sync"
  • d4a3228 chore: check release PR custom code sync
  • 4888838 chore: remove release automation trigger
  • 74978f0 chore: trigger release automation
  • bab18af chore(api): docs updates
  • a6f899a feat(api): manual updates
  • 2897485 feat(api): update OpenAPI spec or Stainless config
  • a2f1d6c codegen metadata
  • Additional commits viewable in compare view

Updates anthropic from 0.102.0 to 0.104.1

Release notes

Sourced from anthropic's releases.

v0.104.1

0.104.1 (2026-05-21)

Full Changelog: v0.104.0...v0.104.1

Bug Fixes

  • streaming: carry encrypted_content through beta compaction accumulator (#1821) (f7a720c)

v0.104.0

0.104.0 (2026-05-21)

Full Changelog: v0.103.1...v0.104.0

Features

  • api: Add support for thinking-token-count beta for estimated tokens in thinking block deltas when streaming (80d0fdf)

v0.103.1

0.103.1 (2026-05-19)

Full Changelog: v0.103.0...v0.103.1

Bug Fixes

  • runner: skip tool calls SessionToolRunner does not own (#1817) (9425c6a)

v0.103.0

0.103.0 (2026-05-19)

Full Changelog: v0.102.0...v0.103.0

Features

  • client: Add support for self-hosted sandboxes in CMA with sandbox helpers (e5625b0)
Changelog

Sourced from anthropic's changelog.

0.104.1 (2026-05-21)

Full Changelog: v0.104.0...v0.104.1

Bug Fixes

  • streaming: carry encrypted_content through beta compaction accumulator (#1821) (f7a720c)

0.104.0 (2026-05-21)

Full Changelog: v0.103.1...v0.104.0

Features

  • api: Add support for thinking-token-count beta for estimated tokens in thinking block deltas when streaming (80d0fdf)

0.103.1 (2026-05-19)

Full Changelog: v0.103.0...v0.103.1

Bug Fixes

  • runner: skip tool calls SessionToolRunner does not own (#1817) (9425c6a)

0.103.0 (2026-05-19)

Full Changelog: v0.102.0...v0.103.0

Features

  • client: Add support for self-hosted sandboxes in CMA with sandbox helpers (e5625b0)
Commits
  • 5db69c6 release: 0.104.1
  • 5fe4933 fix(streaming): carry encrypted_content through beta compaction accumulator (...
  • aaaacb5 release: 0.104.0
  • 4b05172 feat(api): Add support for thinking-token-count beta for estimated tokens in ...
  • 28cdc33 release: 0.103.1
  • 321efe5 fix(runner): skip tool calls SessionToolRunner does not own (#1817)
  • a28508b release: 0.103.0 (#1565)
  • See full diff in compare view

Updates langgraph from 1.2.0 to 1.2.1

Release notes

Sourced from langgraph's releases.

langgraph==1.2.1

Changes since 1.2.0

  • release(langgraph): 1.2.1 (#7883)
  • feat(langgraph): add before_builtins opt-in for stream transformers (#7882)
  • chore(deps): bump idna from 3.11 to 3.15 in /libs/langgraph (#7866)
  • fix(langgraph): keep tool results out of v3 messages (#7838)
  • chore(deps): bump langsmith from 0.7.31 to 0.8.0 in /libs/langgraph (#7788)
Commits
  • bf7fec0 release(langgraph): 1.2.1 (#7883)
  • 8215a9d feat(langgraph): add before_builtins opt-in for stream transformers (#7882)
  • aa322c1 chore(deps): bump langsmith from 0.7.31 to 0.8.0 in /libs/checkpoint-sqlite (...
  • d631912 chore(deps): bump idna from 3.11 to 3.15 in /libs/prebuilt (#7864)
  • 9b0864a chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint-sqlite (#7862)
  • e68726d chore(deps): bump turbo from 2.9.7 to 2.9.14 in /libs/cli/js-monorepo-example...
  • a459020 chore(deps): bump idna from 3.11 to 3.15 in /libs/langgraph (#7866)
  • 5d3f11e chore(deps): bump idna from 3.11 to 3.15 in /libs/sdk-py (#7863)
  • 37dc5c1 chore(deps): bump idna from 3.13 to 3.15 in /libs/checkpoint-conformance (#7867)
  • ea44df3 fix(langgraph): keep tool results out of v3 messages (#7838)
  • Additional commits viewable in compare view

Updates langchain-openai from 1.1.12 to 1.2.2

Release notes

Sourced from langchain-openai's releases.

langchain-openai==1.2.2

Changes since langchain-openai==1.2.1

release(openai): 1.2.2 (#37617) chore(infra): bump langchain-tests floor to 1.1.9 (#37610) test(openai): unbreak audio chat and Azure embedding integration tests (#37589) fix(openai): guard httpx finalizers (#37570) chore: bump langsmith from 0.8.4 to 0.8.5 in /libs/partners/openai (#37549) chore: bump idna from 3.11 to 3.15 in /libs/partners/openai (#37548) ci(infra): harden Dependabot version-bound preservation (#37510) test(standard-tests): assert ls_model_name honors per-call model override (#37504) fix(openai): source LLM context size from model profiles (#37489) chore(core,langchain,openai): refresh stale OpenAI model references (#37487) fix(openai): broaden condition for ContextOverflowError to accommodate other providers (#37457) docs(openai): document base_url env var fallback chain (#37436) chore: bump langsmith from 0.8.0 to 0.8.4 in /libs/partners/openai (#37416) chore: bump langsmith from 0.7.31 to 0.8.0 in /libs/partners/openai (#37398) chore(infra): merge v1.4 into master (#37350) chore: bump urllib3 from 2.6.3 to 2.7.0 in /libs/partners/openai (#37330) chore: bump langchain-core from 1.3.2 to 1.3.3 in /libs/partners/openai (#37266) chore(docs): update x handle references (#37081) chore(model-profiles): refresh model profile data (#37074) chore(docs): update comment for chatopenai (#37034) chore(model-profiles): refresh model profile data (#37015)

langchain-openai==1.2.1

Changes since langchain-openai==1.2.0

hotfix: bump min core versions (#36996) release(openai): 1.2.1 (#36995) fix(openai): add gpt-5.5 pro to Responses API check (#36994) feat(core): add content-block-centric streaming (v2) (#36834) chore(model-profiles): refresh model profile data (#36982)

langchain-openai==1.2.0

Changes since langchain-openai==1.1.16

release(openai): 1.2.0 (#36961) feat(openai): prevent silent streaming hangs in ChatOpenAI (#36949) hotfix(ci): remove nobenchmark flag (#36959) chore(partners): standardize integration test invocation (#36958)

langchain-openai==1.1.16

Changes since langchain-openai==1.1.15

release(openai): 1.1.16 (#36927) fix(openai): tolerate prompt_cache_retention drift in streaming (#36925)

langchain-openai==1.1.15

Changes since langchain-openai==1.1.14

... (truncated)

Commits
  • a1e2daf release(openai): 1.2.2 (#37617)
  • 9e21348 fix(openai): guard httpx finalizers against uninitialized instances (#37568)
  • 74cecb4 ci(infra): expand integration tests dispatch dropdown to external partners (#...
  • 269d628 fix(standard-tests): recognize parametrize-nested xfails in override check (#...
  • 23d369e test(xai): tolerate extra block types in web search and xfail v1 streaming to...
  • aef86c4 chore(infra): bump langchain-tests floor to 1.1.9 (#37610)
  • ebc1880 release(standard-tests): 1.1.9 (#37609)
  • 22575ad test(standard-tests): allow extra content blocks in streaming assertions (#37...
  • 1aa4496 feat(langchain): register stream transformers on middleware (#37591)
  • d2931d8 release(fireworks): 1.4.1 (#37603)
  • Additional commits viewable in compare view

Updates google-genai from 1.24.0 to 2.6.0

Release notes

Sourced from google-genai's releases.

v2.6.0

2.6.0 (2026-05-21)

Features

  • Add enable_prompt_injection_detection for Computer Use feature for the Gemini API. (b1f632d)
  • Add budget_exceeded status (15443c0)
  • Add gemini-3.5-flash (15443c0)
  • Add new fields (2910346)

Documentation

  • Replace vertexai with enterprise in Client instantiation (c1c6df7)

v2.5.0

2.5.0 (2026-05-20)

Features

  • Add Gemini 3.5 Flash model to options (706fd02)

v2.4.0

2.4.0 (2026-05-17)

Features

  • Support Agent and Environment APIs. (ef20d6b)

Bug Fixes

  • Output_text for turns that don't end with text. (2afdeff)
  • Pass max_line_length to readline() to prevent LineTooLong on large SSE lines with MTLS. (0e8f7bb)

v2.3.0

2.3.0 (2026-05-15)

Features

  • Add content union to UserInputStep (a5059a8)
  • Interaction.{output_text,output_image,output_audio,output_video} (975d16a)
  • Migrate Agent Engines, Evaluation, Prompt Management, and Skill features to agentplatform (abb1099)

Documentation

... (truncated)

Changelog

Sourced from google-genai's changelog.

2.6.0 (2026-05-21)

Features

  • Add enable_prompt_injection_detection for Computer Use feature for the Gemini API. (b1f632d)
  • Add budget_exceeded status (15443c0)
  • Add gemini-3.5-flash (15443c0)
  • Add new fields (2910346)

Documentation

  • Replace vertexai with enterprise in Client instantiation (c1c6df7)

2.5.0 (2026-05-20)

Features

  • Add Gemini 3.5 Flash model to options (706fd02)

2.4.0 (2026-05-17)

Features

  • Support Agent and Environment APIs. (ef20d6b)

Bug Fixes

  • Output_text for turns that don't end with text. (2afdeff)
  • Pass max_line_length to readline() to prevent LineTooLong on large SSE lines with MTLS. (0e8f7bb)

2.3.0 (2026-05-15)

Features

  • Add content union to UserInputStep (a5059a8)
  • Interaction.{output_text,output_image,output_audio,output_video} (975d16a)
  • Migrate Agent Engines, Evaluation, Prompt Management, and Skill features to agentplatform (abb1099)

Documentation

  • Refresh generated docs for 2.2 (2ce0298)

2.2.0 (2026-05-12)

... (truncated)

Commits
  • a682e6a chore(main): release 2.6.0 (#2485)
  • b1f632d feat: add enable_prompt_injection_detection for Computer Use feature for th...
  • 2910346 feat: add new fields
  • 15443c0 feat: Add budget_exceeded status
  • c1c6df7 docs: replace vertexai with enterprise in Client instantiation
  • 161f8e4 chore(main): release 2.5.0 (#2473)
  • 06216a4 chore: update comment in BatchJobOutputInfo to unblock javadoc generation
  • 706fd02 feat: Add Gemini 3.5 Flash model to options
  • e12c163 chore: Cleanup
  • 610059b chore(main): release 2.4.0 (#2446)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the ai-providers group with 5 updates
139376d 
Bumps the ai-providers group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [openai](https://github.com/openai/openai-python) | `2.29.0` | `2.38.0` |
| [anthropic](https://github.com/anthropics/anthropic-sdk-python) | `0.102.0` | `0.104.1` |
| [langgraph](https://github.com/langchain-ai/langgraph) | `1.2.0` | `1.2.1` |
| [langchain-openai](https://github.com/langchain-ai/langchain) | `1.1.12` | `1.2.2` |
| [google-genai](https://github.com/googleapis/python-genai) | `1.24.0` | `2.6.0` |


Updates `openai` from 2.29.0 to 2.38.0
- [Release notes](https://github.com/openai/openai-python/releases)
- [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md)
- [Commits](openai/openai-python@v2.29.0...v2.38.0)

Updates `anthropic` from 0.102.0 to 0.104.1
- [Release notes](https://github.com/anthropics/anthropic-sdk-python/releases)
- [Changelog](https://github.com/anthropics/anthropic-sdk-python/blob/main/CHANGELOG.md)
- [Commits](anthropics/anthropic-sdk-python@v0.102.0...v0.104.1)

Updates `langgraph` from 1.2.0 to 1.2.1
- [Release notes](https://github.com/langchain-ai/langgraph/releases)
- [Commits](langchain-ai/langgraph@1.2.0...1.2.1)

Updates `langchain-openai` from 1.1.12 to 1.2.2
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain-openai==1.1.12...langchain-openai==1.2.2)

Updates `google-genai` from 1.24.0 to 2.6.0
- [Release notes](https://github.com/googleapis/python-genai/releases)
- [Changelog](https://github.com/googleapis/python-genai/blob/main/CHANGELOG.md)
- [Commits](googleapis/python-genai@v1.24.0...v2.6.0)

---
updated-dependencies:
- dependency-name: openai
  dependency-version: 2.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ai-providers
- dependency-name: anthropic
  dependency-version: 0.104.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ai-providers
- dependency-name: langgraph
  dependency-version: 1.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ai-providers
- dependency-name: langchain-openai
  dependency-version: 1.2.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ai-providers
- dependency-name: google-genai
  dependency-version: 2.6.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ai-providers
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels May 29, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 29, 2026 18:44
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels May 29, 2026
@socket-security
Copy link
Copy Markdown

socket-security Bot commented May 29, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedgoogle-genai@​1.24.0 ⏵ 2.6.077 -16100100100100
Updatedlanggraph@​1.2.0 ⏵ 1.2.187 +1100100100100
Updatedanthropic@​0.102.0 ⏵ 0.104.191 -1100100100100
Addedopenai@​2.38.096100100100100
Addedlangchain-openai@​1.2.2100100100100100

View full report

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 29, 2026

posthog-python Compliance Report

Date: 2026-05-29 18:48:32 UTC
Duration: 176173ms

✅ All Tests Passed!

45/45 tests passed

Capture Tests

29/29 tests passed

View Details
Test Status Duration
Format Validation.Event Has Required Fields 517ms
Format Validation.Event Has Uuid 1508ms
Format Validation.Event Has Lib Properties 1508ms
Format Validation.Distinct Id Is String 1508ms
Format Validation.Token Is Present 1507ms
Format Validation.Custom Properties Preserved 1507ms
Format Validation.Event Has Timestamp 1508ms
Retry Behavior.Retries On 503 9519ms
Retry Behavior.Does Not Retry On 400 3507ms
Retry Behavior.Does Not Retry On 401 3508ms
Retry Behavior.Respects Retry After Header 9514ms
Retry Behavior.Implements Backoff 23530ms
Retry Behavior.Retries On 500 7507ms
Retry Behavior.Retries On 502 7514ms
Retry Behavior.Retries On 504 7508ms
Retry Behavior.Max Retries Respected 23533ms
Deduplication.Generates Unique Uuids 1499ms
Deduplication.Preserves Uuid On Retry 7512ms
Deduplication.Preserves Uuid And Timestamp On Retry 14524ms
Deduplication.Preserves Uuid And Timestamp On Batch Retry 7511ms
Deduplication.No Duplicate Events In Batch 1504ms
Deduplication.Different Events Have Different Uuids 1508ms
Compression.Sends Gzip When Enabled 1507ms
Batch Format.Uses Proper Batch Structure 1507ms
Batch Format.Flush With No Events Sends Nothing 1006ms
Batch Format.Multiple Events Batched Together 1505ms
Error Handling.Does Not Retry On 403 3509ms
Error Handling.Does Not Retry On 413 3508ms
Error Handling.Retries On 408 7514ms

Feature_Flags Tests

16/16 tests passed

View Details
Test Status Duration
Request Payload.Request With Person Properties Device Id 1004ms
Request Payload.Flags Request Uses V2 Query Param 1007ms
Request Payload.Flags Request Hits Flags Path Not Decide 1007ms
Request Payload.Flags Request Omits Authorization Header 1007ms
Request Payload.Token In Flags Body Matches Init 1006ms
Request Payload.Groups Round Trip 1007ms
Request Payload.Groups Default To Empty Object 1007ms
Request Payload.Person Properties Distinct Id Auto Populated When Caller Omits It 1007ms
Request Payload.Disable Geoip False Propagates As Geoip Disable False 1007ms
Request Payload.Disable Geoip Omitted Defaults To False 1007ms
Request Payload.Flag Keys To Evaluate Contains Only Requested Key 1007ms
Request Lifecycle.No Flags Request On Init Alone 503ms
Request Lifecycle.No Flags Request On Normal Capture 1507ms
Request Lifecycle.Two Flag Calls Produce Two Remote Requests 1011ms
Request Lifecycle.Mock Response Value Is Returned To Caller 1003ms
Side Effect Events.Get Feature Flag Captures Feature Flag Called Event 1509ms

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants