Skip to content

Bump the production-dependencies group across 1 directory with 10 updates#122

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/production-dependencies-ecebd9eb76
Open

Bump the production-dependencies group across 1 directory with 10 updates#122
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/production-dependencies-ecebd9eb76

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 1, 2026
edited
Loading

Bumps the production-dependencies group with 10 updates in the / directory:

Package From To
rdflib 7.5.0 7.6.0
crewai 1.8.1 1.9.3
rich 13.9.4 14.3.4
weave 0.51.59 0.52.41
mlflow 3.5.0 3.12.0
poetry 2.2.1 2.4.1
spacy 3.8.11 3.8.14
litellm 1.53.3 1.75.3
transformers 4.45.2 4.46.3
torch 2.10.0 2.12.0

Updates rdflib from 7.5.0 to 7.6.0

Release notes

Sourced from rdflib's releases.

2026-02-13 RELEASE 7.6.0

This release introduces a new major feature: GraphDB integration via the Python GraphDB Client. Users can now manage GraphDB instances and perform administrative tasks directly from Python. As GraphDB also supports the RDF4J REST API, users may utilize the recently released RDF4J Client and Store with GraphDB instances. For more details, see the new RDFLib GraphDB documentation under the extras section of the RDFLib documentation.

This release also includes a number of fixes to Graph.cbd() and Turtle-related serializers. Thanks to @​mgberg and @​lisat-dstg, the affected code is now more standards-compliant.

At the request of users, the recently introduced CLI tool sq has been renamed to sparqlquery to avoid conflicts with existing well-known packages.

Other maintenance tasks include updating all CI actions to the latest versions and adding a compatibility layer for pyparsing v3 to remove deprecation warnings.

See the CHANGELOG.md for more details.

Changelog

Sourced from rdflib's changelog.

2025-10-30 RELEASE 7.4.0

This release addresses a couple of bugs and improves the testing matrix by adding python 3.12, 3.13 and 3.14 to the test matrix.

This is also the first RDFLib release to use MkDocs for documentation.

Pull requests merged:

2025-10-24 RELEASE 7.3.0

This release delivers several important fixes and enhancements to RDFLib’s Dataset implementation, resolving long-standing issues and improving consistency across serialization and SPARQL operations. It also introduces new deprecation notices for certain Dataset methods and attributes, which will be removed in the next major release. In addition, this version includes a range of improvements to SPARQL result parsing, typing, and literal handling.

Features

  • Added Dataset.__iadd__ support
  • Dataset's default serialize format is now trig
  • Datasets can now add graphs backed by different stores

Fixes and Improvements

  • Fixed an issue where the RecursiveSerializer would output undeclared prefixes for predicates that contained the base as a substring
  • Prevented prefix generation for predicates corresponding to the base namespace
  • SPARQL Update now correctly inserts into the default graph
  • Dataset.parse now returns Self
  • N-Quads serialization no longer includes the RDFLib internal default graph identifier
  • Static type checkers can now infer the type of Term.__new__
  • Removed automatic date conversion for gYear and gYearMonth literals
  • Optional clauses in SPARQL queries can now bind variables
  • Fixed reevaluation logic in SPARQL Update between update loops

Maintenance

  • Added deprecation notices to certain Dataset methods and attributes
    • Use Dataset.graphs instead of Dataset.contexts method
    • Use Dataset.default_graph instead of Dataset.default_context
    • Deprecate Dataset.identifier entirely.
  • Updated type hints for Graph.open() with SPARQLUpdateStore configuration
  • SPARQL Result Parsing Improvements
    • Simplified and modernized the SPARQL result parsing system:
    • These changes maintain backward compatibility while making the SPARQL API more flexible and extensible.

Pull requests merged:

  • feat: add Dataset __iadd__ support by @​edmondchuc in #3268
  • fix: RecursiveSerializer- outputs undeclared prefix for predicates that contains the base as a substring by @​edmondchuc in #3267

... (truncated)

Commits

Updates crewai from 1.8.1 to 1.9.3

Release notes

Sourced from crewai's releases.

1.9.3

What's Changed

Features

  • feat: add a2a liteagent, auth, transport negotiation, and file support

Bug Fixes:

  • fix: improve output handling and response model integration in agents

1.9.2

What's Changed

  • fix: ensure verbosity flag is applied b
  • fix: use response_json_schema
  • fix: tool response pt2

1.9.1

What's Changed

Features

  • Implement before and after tool call hooks in CrewAgentExecutor
  • Add structured outputs and response_format support across providers

Bug Fixes

  • Correct tool-calling content handling and schema serialization

Contributors

@​greysonlalonde, @​lorenzejay

1.9.0

What's Changed

Features

  • Add structured outputs and response_format support across providers
  • Add response_id in streaming response
  • Add event ordering and parent-child hierarchy
  • Add Keycloak SSO provider support
  • Add native multimodal file handling; OpenAI responses API
  • Add a2a task execution utilities
  • Add a2a server config and agent card generation
  • Add additional a2a events and enrich event metadata
  • Add additional a2a transports
  • Add Galileo to integrations page
  • Improved tool calling

Bug Fixes

  • Enhance file store with fallback memory cache
  • Ensure document list is not empty
  • Ensure Bedrock client handles stop sequences properly

... (truncated)

Commits
  • 63a508f feat: bump versions to 1.9.3 (#4316)
  • 102b6ae feat: add a2a liteagent, auth, transport negotiation, and file support
  • 19ce560 fix: improve output handling and response model integration in agents (#4307)
  • 85f3145 docs link
  • 6fcf748 refactor: update Flow HITL Management documentation to emphasize email-first ...
  • 38065e2 updating docs
  • e291a97 chore: update version to 1.9.2 across all relevant files (#4299)
  • 2d05e59 Lorenze/improve tool response pt2 (#4297)
  • a731efa fix: improve structured output handling across providers and agents
  • 1e27cf3 fix: ensure verbosity flag is applied
  • Additional commits viewable in compare view

Updates rich from 13.9.4 to 14.3.4

Release notes

Sourced from rich's releases.

The Faster Startup Release

No new features in this release, but there should be improved startup time for Rich apps, and potentially improved runtime if you have a lot of links.

[14.3.4] - 2026-04-11

Changed

The infinite Release

Fixed a infinite loop in split_graphemes

[14.3.3] - 2026-02-19

Fixed

The ZWJy release

A fix for cell_len edge cases

[14.3.2] - 2026-02-01

Fixed

The Nerdy Fix release

Fixed issue with characters outside of unicode range reporting 0 cell size

[14.3.1] - 2026-01-24

Fixed

The more emojis release

Rich now has support for multi-codepoint emojis. There have also been some Markdown improvements, and a number of fixes. See the release notes below for details.

[14.3.0] - 2026-01-24

Fixed

... (truncated)

Changelog

Sourced from rich's changelog.

[14.3.4] - 2026-04-11

Changed

[14.3.3] - 2026-02-19

Fixed

[14.3.2] - 2026-02-01

Fixed

[14.3.1] - 2026-01-24

Fixed

[14.3.0] - 2026-01-24

Fixed

Added

Changed

... (truncated)

Commits

Updates weave from 0.51.59 to 0.52.41

Release notes

Sourced from weave's releases.

v0.52.41

What's Changed

Full Changelog: wandb/weave@v0.52.40...v0.52.41

v0.52.40

What's Changed

... (truncated)

Commits
  • 0582d43 Release version: 0.52.41-dev0 → 0.52.41
  • c847146 chore(weave): emit dogstatsd counters for every DB insert (#6882)
  • a3e24b7 chore(weave): Drop unnecessary client fixtures (#6773)
  • 3716693 chore(weave): Rename mcp integration to fastmcp (#6811)
  • ab1af8a chore(weave): Update settings call sites #6836
  • b7bbc0e chore(weave): EvaluationLogger init: avoid dict (#6887)
  • acec452 fix(weave): allow linking all spans to a single eval call (#6881)
  • b5933cc fix(weave): evict failed file_create futures from send_file_cache (#6874)
  • 3b4bc30 fix(weave): persist expand_columns in SavedViewDefinition (#6876)
  • 12439cf chore(weave): preserve unpaired calls on flush via eager start (#6851)
  • Additional commits viewable in compare view

Updates mlflow from 3.5.0 to 3.12.0

Release notes

Sourced from mlflow's releases.

v3.12.0

MLflow 3.12.0 includes several major features and improvements

Major New Features

  • 🖼️ Multimodal Tracing: Users can now store multimodal content in tracing spans as artifact attachments instead of inline binary data. We've also patched the UI to support the new mlflow-attachment:// style URI, with rich rendering available for PDFs, audio, and images.
  • 🤖 Codex, Gemini, Qwen coding agent tracing support: Similar to our Claude Code tracing integration, we've now added support for the Codex, Gemini, and Qwen coding agent platforms as well!
  • 🛡️ Gateway guardrails: You can now set guardrails on your gateway endpoints to prevent unsafe or non-compliant model inputs and outputs. Try it out in the MLflow UI!
  • ⚡ Trace table pagination: The traces tab is now paginated, rather than fetching all traces up to a limit of 1000. This improves initial load time, and makes the page feel more responsive overall.

Breaking Changes

Other Assorted Features & Improvements:

... (truncated)

Changelog

Sourced from mlflow's changelog.

3.12.0 (2026-05-04)

MLflow 3.12.0 includes several major features and improvements

Major New Features

  • 🖼️ Multimodal Tracing: Users can now store multimodal content in tracing spans as artifact attachments instead of inline binary data. We've also patched the UI to support the new mlflow-attachment:// style URI, with rich rendering available for PDFs, audio, and images.
  • 🤖 Codex, Gemini, Qwen coding agent tracing support: Similar to our Claude Code tracing integration, we've now added support for the Codex, Gemini, and Qwen coding agent platforms as well!
  • 🛡️ Gateway guardrails: You can now set guardrails on your gateway endpoints to prevent unsafe or non-compliant model inputs and outputs. Try it out in the MLflow UI!
  • ⚡ Trace table pagination: The traces tab is now paginated, rather than fetching all traces up to a limit of 1000. This improves initial load time, and makes the page feel more responsive overall.

Breaking Changes

Other Assorted Features & Improvements:

... (truncated)

Commits
  • 75b30ca Bump version to 3.12.0 (#23065)
  • 263031c Redact presigned URL credentials in urllib3 retry logs (#22995)
  • 725bcda Add coding agents section to AI Gateway quick start (#23006)
  • 7eebae8 Deprecate enable_mlserver in pyfunc serving backend (#22994)
  • 8464081 Restore expandable max height of params/metrics boxes on run details page (#2...
  • 2640035 Fix assessment logging silently dropped in distributed tracing (#22963)
  • f3fed29 [UI] Restore visible label on trace assessments pane toggle (#22978)
  • e57e2d2 Add hint and benchmark for issue detection cost (#22919)
  • 390a57e Filter _list_budget_windows results by active workspace when request is wor...
  • cdbba9a Track telemetry event when user sends a message in the Assistant chat panel (...
  • Additional commits viewable in compare view

Updates poetry from 2.2.1 to 2.4.1

Release notes

Sourced from poetry's releases.

2.4.1

Changed

  • Re-allow installer==0.7.0 (#10887).

Fixed

  • Fix an issue where poetry update <package> failed when <package> was a transitive dependency (#10885).

2.4.0

Added

  • Add solver.min-release-age setting to require package releases to be a certain number of days old before they are considered during dependency resolution (#10824).
  • Add solver.min-release-age-exclude to exclude selected packages from age filtering (#10824).
  • Add solver.min-release-age-exclude-source to exclude all packages from selected package indexes from age filtering (#10824).

Changed

  • Raise an error instead of silently ignoring a package name that is not a dependency when it is passed to poetry update (#10721).
  • Automatically add a trailing slash to legacy repository URLs (used for publishing) if missing (#10785).
  • Require installer>=1.0.0 (#10869).
  • Allow findpython>=0.8 (#10874).

Fixed

  • Fix an issue where requires-plugins fails on Windows if scheme paths are on different drives (#10869).
  • Fix an issue where the order of markers in the lock file was not deterministic (#10720).
  • Fix an issue where the wrong command was suggested when poetry self commands failed due to an outdated lock file (#10715).
  • Fix an issue where poetry env activate did not work for bash on Windows (#10716).
  • Fix an issue where poetry debug resolve failed when there was a package with a marker (#10807).
  • Fix an issue where the error message about a build backend failure contained garbled --config-settings (#10804).
  • Fix an issue where a false warning about a circular dependency was printed (#10811).
  • Fix an issue where falsy config values were incorrectly treated as not set (#10808).
  • Fix an issue where poetry publish --build ignored failing builds and uploaded stale artifacts (#10802).
  • Fix an issue where poetry publish was aborted instead of retrying after package registration (#10801).
  • Fix an issue where zip files were not closed after fetching metadata via lazy-wheel (#10800).
  • Fix an issue where data fetched via lazy-wheel was corrupted when part of it had already been cached (#10806).
  • Fix an issue where further packages were installed even though installation should be aborted (#10742).
  • Fix an issue where installed packages without a METADATA file caused an exception on Python 3.15+ (#10860).
  • Fix an issue where http-basic could not be set for repository names with periods (#10845).
  • Fix an issue where calculating the hash of large wheels failed with a memory error (#10814).

Docs

  • Clarify the precedence of configuration sources (#10757).
  • Add a note about the influence of .gitignore on tool.poetry.packages (#10835).

poetry-core (2.4.0)

  • Update vendored packaging to 26.2 (#936).

... (truncated)

Changelog

Sourced from poetry's changelog.

[2.4.1] - 2026-05-09

Changed

  • Re-allow installer==0.7.0 (#10887).

Fixed

  • Fix an issue where poetry update <package> failed when <package> was a transitive dependency (#10885).

[2.4.0] - 2026-05-03

Added

  • Add solver.min-release-age setting to require package releases to be a certain number of days old before they are considered during dependency resolution (#10824).
  • Add solver.min-release-age-exclude to exclude selected packages from age filtering (#10824).
  • Add solver.min-release-age-exclude-source to exclude all packages from selected package indexes from age filtering (#10824).

Changed

  • Raise an error instead of silently ignoring a package name that is not a dependency when it is passed to poetry update (#10721).
  • Automatically add a trailing slash to legacy repository URLs (used for publishing) if missing (#10785).
  • Require installer>=1.0.0 (#10869).
  • Allow findpython>=0.8 (#10874).

Fixed

  • Fix an issue where requires-plugins fails on Windows if scheme paths are on different drives (#10869).
  • Fix an issue where the order of markers in the lock file was not deterministic (#10720).
  • Fix an issue where the wrong command was suggested when poetry self commands failed due to an outdated lock file (#10715).
  • Fix an issue where poetry env activate did not work for bash on Windows (#10716).
  • Fix an issue w...

    Description has been truncated

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 1, 2026
@dependabot
Bump the production-dependencies group across 1 directory with 10 upd…
3b3010a 
…ates

Bumps the production-dependencies group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [rdflib](https://github.com/RDFLib/rdflib) | `7.5.0` | `7.6.0` |
| [crewai](https://github.com/crewAIInc/crewAI) | `1.8.1` | `1.9.3` |
| [rich](https://github.com/Textualize/rich) | `13.9.4` | `14.3.4` |
| [weave](https://github.com/wandb/weave) | `0.51.59` | `0.52.41` |
| [mlflow](https://github.com/mlflow/mlflow) | `3.5.0` | `3.12.0` |
| [poetry](https://github.com/python-poetry/poetry) | `2.2.1` | `2.4.1` |
| [spacy](https://github.com/explosion/spaCy) | `3.8.11` | `3.8.14` |
| [litellm](https://github.com/BerriAI/litellm) | `1.53.3` | `1.75.3` |
| [transformers](https://github.com/huggingface/transformers) | `4.45.2` | `4.46.3` |
| [torch](https://github.com/pytorch/pytorch) | `2.10.0` | `2.12.0` |



Updates `rdflib` from 7.5.0 to 7.6.0
- [Release notes](https://github.com/RDFLib/rdflib/releases)
- [Changelog](https://github.com/RDFLib/rdflib/blob/main/CHANGELOG.md)
- [Commits](RDFLib/rdflib@7.5.0...7.6.0)

Updates `crewai` from 1.8.1 to 1.9.3
- [Release notes](https://github.com/crewAIInc/crewAI/releases)
- [Commits](crewAIInc/crewAI@1.8.1...1.9.3)

Updates `rich` from 13.9.4 to 14.3.4
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](Textualize/rich@v13.9.4...v14.3.4)

Updates `weave` from 0.51.59 to 0.52.41
- [Release notes](https://github.com/wandb/weave/releases)
- [Changelog](https://github.com/wandb/weave/blob/master/dev_docs/RELEASE.md)
- [Commits](wandb/weave@v0.51.59...v0.52.41)

Updates `mlflow` from 3.5.0 to 3.12.0
- [Release notes](https://github.com/mlflow/mlflow/releases)
- [Changelog](https://github.com/mlflow/mlflow/blob/master/CHANGELOG.md)
- [Commits](mlflow/mlflow@v3.5.0...v3.12.0)

Updates `poetry` from 2.2.1 to 2.4.1
- [Release notes](https://github.com/python-poetry/poetry/releases)
- [Changelog](https://github.com/python-poetry/poetry/blob/main/CHANGELOG.md)
- [Commits](python-poetry/poetry@2.2.1...2.4.1)

Updates `spacy` from 3.8.11 to 3.8.14
- [Release notes](https://github.com/explosion/spaCy/releases)
- [Commits](explosion/spaCy@release-v3.8.11...release-v3.8.14)

Updates `litellm` from 1.53.3 to 1.75.3
- [Release notes](https://github.com/BerriAI/litellm/releases)
- [Commits](https://github.com/BerriAI/litellm/commits)

Updates `transformers` from 4.45.2 to 4.46.3
- [Release notes](https://github.com/huggingface/transformers/releases)
- [Commits](huggingface/transformers@v4.45.2...v4.46.3)

Updates `torch` from 2.10.0 to 2.12.0
- [Release notes](https://github.com/pytorch/pytorch/releases)
- [Changelog](https://github.com/pytorch/pytorch/blob/main/RELEASE.md)
- [Commits](pytorch/pytorch@v2.10.0...v2.12.0)

---
updated-dependencies:
- dependency-name: crewai
  dependency-version: 1.9.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: litellm
  dependency-version: 1.75.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: mlflow
  dependency-version: 3.11.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: poetry
  dependency-version: 2.3.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: rdflib
  dependency-version: 7.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: rich
  dependency-version: 14.3.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: spacy
  dependency-version: 3.8.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: torch
  dependency-version: 2.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: transformers
  dependency-version: 4.46.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: weave
  dependency-version: 0.52.38
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump the production-dependencies group with 10 updates Bump the production-dependencies group across 1 directory with 10 updates Jun 1, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/production-dependencies-ecebd9eb76 branch from 963ba1c to 3b3010a Compare June 1, 2026 04:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants