chore(deps): bump mlflow-skinny from 3.11.1 to 3.12.0

[dependabot]

Bumps mlflow-skinny from 3.11.1 to 3.12.0.

Release notes

Sourced from mlflow-skinny's releases.

v3.12.0

MLflow 3.12.0 includes several major features and improvements

Major New Features

• 🖼️ Multimodal Tracing: Users can now store multimodal content in tracing spans as artifact attachments instead of inline binary data. We've also patched the UI to support the new mlflow-attachment:// style URI, with rich rendering available for PDFs, audio, and images.
• 🤖 Codex, Gemini, Qwen coding agent tracing support: Similar to our Claude Code tracing integration, we've now added support for the Codex, Gemini, and Qwen coding agent platforms as well!
• 🛡️ Gateway guardrails: You can now set guardrails on your gateway endpoints to prevent unsafe or non-compliant model inputs and outputs. Try it out in the MLflow UI!
• ⚡ Trace table pagination: The traces tab is now paginated, rather than fetching all traces up to a limit of 1000. This improves initial load time, and makes the page feel more responsive overall.

Breaking Changes

• [Scoring] Deprecate enable_mlserver in pyfunc serving backend (#22994, @​B-Step62)

Other Assorted Features & Improvements:

• [UI] Add coding agents section to AI Gateway quick start (#23006, @​TomeHirata)
• [Tracing] feat: record caller in gateway traces from request headers (#22926, @​TomeHirata)
• [] Run guardrails on passthrough endpoints; skip response_format for non-chat payloads (#22856, @​TomeHirata)
• [] Gateway: preserve client auth header for subscription-based CLI tools (claude-cli, Codex-Desktop, GeminiCLI) (#22915, @​TomeHirata)
• [Tracing] Expose Codex and Qwen Code hooks as installable CLI binaries (#22853, @​kriscon-db)
• [Tracking / UI] Add Portkey as a supported AI Gateway provider (#22830, @​sairavuri-sudo)
• [Tracking] Cache successful basic-auth credential checks to eliminate per-request PBKDF2 (#22817, @​PattaraS)
• [] Add last_updated_at field to model catalog entries (#22838, @​copilot-swe-agent)
• [Evaluation] Enable third-party scorer registration in OSS MLflow (#22634, @​smoorjani)
• [] Add platform-side telemetry fields to Gateway invocation and budget events (#22557, @​PattaraS)
• [Tracing] Auto-start SQL warehouse before V4/V5 MLflow tracing calls (#22798, @​artjen)
• [Tracing] Migrate Claude Code tracing to TypeScript-based plugin for simpler installation and runtime handling. (#22338, @​B-Step62)
• [Tracing] Add TypeScript Qwen Code tracing via Stop hook (#22411, @​kriscon-db)
• [] Support model_kwargs in DeepEval scorers for LLM parameter control (#22494, @​debu-sinha)
• [] Add Application Default Credentials auth mode for Vertex AI gateway (#22754, @​harupy)
• [UI] Reorganize Settings into section-based routing with sub-sidebar navigation (#22743, @​serena-ruan)
• [Tracing] Add TypeScript Codex CLI tracing via notify hook (#22410, @​kriscon-db)
• [Tracing / UI] Add Share button to trace detail view (#22608, @​alkispoly-db)
• [Docs / Models] Add mlflow.diffusers flavor for diffusion model LoRA adapters (#22253, @​Rasaboun)
• [Tracing] Add size limit for trace attachments (#22575, @​kriscon-db)
• [Tracing] Add GeminiCliTranslator for Gemini CLI OTLP span type mapping (#22409, @​kriscon-db)
• [Tracing] Add JSON OTLP encoding support for trace ingestion (#22408, @​kriscon-db)
• [Tracing] Extract service.name from OTLP resource attributes for usage telemetry (#22407, @​kriscon-db)
• [Tracing] Add MLflow tracing spans to guardrail execution in gateway (#22581, @​TomeHirata)
• [Tracing / UI] Add rendering size guards for large media content (#22574, @​kriscon-db)
• [Tracking] #21037 Add presigned upload URL endpoint for S3 artifact uploads (#21039, @​henishborad)
• [UI] Add Guardrails tab to endpoint editor (#22360, @​TomeHirata)
• [UI] Add click-to-expand modal for trace attachment images (#22461, @​kriscon-db)
• [UI] Enhance Gateway quick start cards with logos, multi-model options, and compact variant (#22513, @​xq-yin)
• [Tracing] Add @​mlflow/vercel for better Vercel AI SDK tracing in Databricks UC (#22105, @​dbrx-euirim)
• [UI] [UI] Refactor API keys page: bulk delete, inline drawer editing, consistent list pattern (#22485, @​xq-yin)
• [] Add Guardrail base class and JudgeGuardrail implementation (#21964, @​TomeHirata)
• [Tracing] Add multimodal demo traces with synthetic image and audio data (#22465, @​kriscon-db)
• [] [FR] #22217 Add configurable provider allow/deny list to AI Gateway (#22291, @​etirelli)

... (truncated)

Changelog

Sourced from mlflow-skinny's changelog.

3.12.0 (2026-05-04)

MLflow 3.12.0 includes several major features and improvements

Major New Features

• 🖼️ Multimodal Tracing: Users can now store multimodal content in tracing spans as artifact attachments instead of inline binary data. We've also patched the UI to support the new mlflow-attachment:// style URI, with rich rendering available for PDFs, audio, and images.
• 🤖 Codex, Gemini, Qwen coding agent tracing support: Similar to our Claude Code tracing integration, we've now added support for the Codex, Gemini, and Qwen coding agent platforms as well!
• 🛡️ Gateway guardrails: You can now set guardrails on your gateway endpoints to prevent unsafe or non-compliant model inputs and outputs. Try it out in the MLflow UI!
• ⚡ Trace table pagination: The traces tab is now paginated, rather than fetching all traces up to a limit of 1000. This improves initial load time, and makes the page feel more responsive overall.

Breaking Changes

• [Scoring] Deprecate enable_mlserver in pyfunc serving backend (#22994, @​B-Step62)

Other Assorted Features & Improvements:

• [UI] Add coding agents section to AI Gateway quick start (#23006, @​TomeHirata)
• [Tracing] feat: record caller in gateway traces from request headers (#22926, @​TomeHirata)
• [] Run guardrails on passthrough endpoints; skip response_format for non-chat payloads (#22856, @​TomeHirata)
• [] Gateway: preserve client auth header for subscription-based CLI tools (claude-cli, Codex-Desktop, GeminiCLI) (#22915, @​TomeHirata)
• [Tracing] Expose Codex and Qwen Code hooks as installable CLI binaries (#22853, @​kriscon-db)
• [Tracking / UI] Add Portkey as a supported AI Gateway provider (#22830, @​sairavuri-sudo)
• [Tracking] Cache successful basic-auth credential checks to eliminate per-request PBKDF2 (#22817, @​PattaraS)
• [] Add last_updated_at field to model catalog entries (#22838, @​copilot-swe-agent)
• [Evaluation] Enable third-party scorer registration in OSS MLflow (#22634, @​smoorjani)
• [] Add platform-side telemetry fields to Gateway invocation and budget events (#22557, @​PattaraS)
• [Tracing] Auto-start SQL warehouse before V4/V5 MLflow tracing calls (#22798, @​artjen)
• [Tracing] Migrate Claude Code tracing to TypeScript-based plugin for simpler installation and runtime handling. (#22338, @​B-Step62)
• [Tracing] Add TypeScript Qwen Code tracing via Stop hook (#22411, @​kriscon-db)
• [] Support model_kwargs in DeepEval scorers for LLM parameter control (#22494, @​debu-sinha)
• [] Add Application Default Credentials auth mode for Vertex AI gateway (#22754, @​harupy)
• [UI] Reorganize Settings into section-based routing with sub-sidebar navigation (#22743, @​serena-ruan)
• [Tracing] Add TypeScript Codex CLI tracing via notify hook (#22410, @​kriscon-db)
• [Tracing / UI] Add Share button to trace detail view (#22608, @​alkispoly-db)
• [Docs / Models] Add mlflow.diffusers flavor for diffusion model LoRA adapters (#22253, @​Rasaboun)
• [Tracing] Add size limit for trace attachments (#22575, @​kriscon-db)
• [Tracing] Add GeminiCliTranslator for Gemini CLI OTLP span type mapping (#22409, @​kriscon-db)
• [Tracing] Add JSON OTLP encoding support for trace ingestion (#22408, @​kriscon-db)
• [Tracing] Extract service.name from OTLP resource attributes for usage telemetry (#22407, @​kriscon-db)
• [Tracing] Add MLflow tracing spans to guardrail execution in gateway (#22581, @​TomeHirata)
• [Tracing / UI] Add rendering size guards for large media content (#22574, @​kriscon-db)
• [Tracking] #21037 Add presigned upload URL endpoint for S3 artifact uploads (#21039, @​henishborad)
• [UI] Add Guardrails tab to endpoint editor (#22360, @​TomeHirata)
• [UI] Add click-to-expand modal for trace attachment images (#22461, @​kriscon-db)
• [UI] Enhance Gateway quick start cards with logos, multi-model options, and compact variant (#22513, @​xq-yin)
• [Tracing] Add @​mlflow/vercel for better Vercel AI SDK tracing in Databricks UC (#22105, @​dbrx-euirim)
• [UI] [UI] Refactor API keys page: bulk delete, inline drawer editing, consistent list pattern (#22485, @​xq-yin)
• [] Add Guardrail base class and JudgeGuardrail implementation (#21964, @​TomeHirata)
• [Tracing] Add multimodal demo traces with synthetic image and audio data (#22465, @​kriscon-db)

... (truncated)

Commits

• 75b30ca Bump version to 3.12.0 (#23065)
• 263031c Redact presigned URL credentials in urllib3 retry logs (#22995)
• 725bcda Add coding agents section to AI Gateway quick start (#23006)
• 7eebae8 Deprecate enable_mlserver in pyfunc serving backend (#22994)
• 8464081 Restore expandable max height of params/metrics boxes on run details page (#2...
• 2640035 Fix assessment logging silently dropped in distributed tracing (#22963)
• f3fed29 [UI] Restore visible label on trace assessments pane toggle (#22978)
• e57e2d2 Add hint and benchmark for issue detection cost (#22919)
• 390a57e Filter _list_budget_windows results by active workspace when request is wor...
• cdbba9a Track telemetry event when user sends a message in the Assistant chat panel (...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)