Skip to content

Bump the production-dependencies group across 1 directory with 10 updates#122

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/production-dependencies-ecebd9eb76
Open

Bump the production-dependencies group across 1 directory with 10 updates#122
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/production-dependencies-ecebd9eb76

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the production-dependencies group with 10 updates in the / directory:

Package From To
rdflib 7.5.0 7.6.0
crewai 1.8.1 1.9.3
rich 13.9.4 14.3.4
weave 0.51.59 0.53.0
mlflow 3.5.0 3.14.0
poetry 2.2.1 2.4.1
spacy 3.8.11 3.8.14
litellm 1.53.3 1.75.3
transformers 4.45.2 4.46.3
torch 2.10.0 2.12.1

Updates rdflib from 7.5.0 to 7.6.0

Release notes

Sourced from rdflib's releases.

2026-02-13 RELEASE 7.6.0

This release introduces a new major feature: GraphDB integration via the Python GraphDB Client. Users can now manage GraphDB instances and perform administrative tasks directly from Python. As GraphDB also supports the RDF4J REST API, users may utilize the recently released RDF4J Client and Store with GraphDB instances. For more details, see the new RDFLib GraphDB documentation under the extras section of the RDFLib documentation.

This release also includes a number of fixes to Graph.cbd() and Turtle-related serializers. Thanks to @​mgberg and @​lisat-dstg, the affected code is now more standards-compliant.

At the request of users, the recently introduced CLI tool sq has been renamed to sparqlquery to avoid conflicts with existing well-known packages.

Other maintenance tasks include updating all CI actions to the latest versions and adding a compatibility layer for pyparsing v3 to remove deprecation warnings.

See the CHANGELOG.md for more details.

Changelog

Sourced from rdflib's changelog.

2026-02-13 RELEASE 7.6.0

This release introduces a new major feature: GraphDB integration via the Python GraphDB Client. Users can now manage GraphDB instances and perform administrative tasks directly from Python. As GraphDB also supports the RDF4J REST API, users may utilize the recently released RDF4J Client and Store with GraphDB instances. For more details, see the new RDFLib GraphDB documentation under the extras section of the RDFLib documentation.

This release also includes a number of fixes to Graph.cbd() and Turtle-related serializers. Thanks to @​mgberg and @​lisat-dstg, the affected code is now more standards-compliant.

At the request of users, the recently introduced CLI tool sq has been renamed to sparqlquery to avoid conflicts with existing well-known packages.

Other maintenance tasks include updating all CI actions to the latest versions and adding a compatibility layer for pyparsing v3 to remove deprecation warnings.

Pull requests merged:

Commits

Updates crewai from 1.8.1 to 1.9.3

Release notes

Sourced from crewai's releases.

1.9.3

What's Changed

Features

  • feat: add a2a liteagent, auth, transport negotiation, and file support

Bug Fixes:

  • fix: improve output handling and response model integration in agents

1.9.2

What's Changed

  • fix: ensure verbosity flag is applied b
  • fix: use response_json_schema
  • fix: tool response pt2

1.9.1

What's Changed

Features

  • Implement before and after tool call hooks in CrewAgentExecutor
  • Add structured outputs and response_format support across providers

Bug Fixes

  • Correct tool-calling content handling and schema serialization

Contributors

@​greysonlalonde, @​lorenzejay

1.9.0

What's Changed

Features

  • Add structured outputs and response_format support across providers
  • Add response_id in streaming response
  • Add event ordering and parent-child hierarchy
  • Add Keycloak SSO provider support
  • Add native multimodal file handling; OpenAI responses API
  • Add a2a task execution utilities
  • Add a2a server config and agent card generation
  • Add additional a2a events and enrich event metadata
  • Add additional a2a transports
  • Add Galileo to integrations page
  • Improved tool calling

Bug Fixes

  • Enhance file store with fallback memory cache
  • Ensure document list is not empty
  • Ensure Bedrock client handles stop sequences properly

... (truncated)

Commits
  • 63a508f feat: bump versions to 1.9.3 (#4316)
  • 102b6ae feat: add a2a liteagent, auth, transport negotiation, and file support
  • 19ce560 fix: improve output handling and response model integration in agents (#4307)
  • 85f3145 docs link
  • 6fcf748 refactor: update Flow HITL Management documentation to emphasize email-first ...
  • 38065e2 updating docs
  • e291a97 chore: update version to 1.9.2 across all relevant files (#4299)
  • 2d05e59 Lorenze/improve tool response pt2 (#4297)
  • a731efa fix: improve structured output handling across providers and agents
  • 1e27cf3 fix: ensure verbosity flag is applied
  • Additional commits viewable in compare view

Updates rich from 13.9.4 to 14.3.4

Release notes

Sourced from rich's releases.

The Faster Startup Release

No new features in this release, but there should be improved startup time for Rich apps, and potentially improved runtime if you have a lot of links.

[14.3.4] - 2026-04-11

Changed

The infinite Release

Fixed a infinite loop in split_graphemes

[14.3.3] - 2026-02-19

Fixed

The ZWJy release

A fix for cell_len edge cases

[14.3.2] - 2026-02-01

Fixed

The Nerdy Fix release

Fixed issue with characters outside of unicode range reporting 0 cell size

[14.3.1] - 2026-01-24

Fixed

The more emojis release

Rich now has support for multi-codepoint emojis. There have also been some Markdown improvements, and a number of fixes. See the release notes below for details.

[14.3.0] - 2026-01-24

Fixed

... (truncated)

Changelog

Sourced from rich's changelog.

[14.3.4] - 2026-04-11

Changed

[14.3.3] - 2026-02-19

Fixed

[14.3.2] - 2026-02-01

Fixed

[14.3.1] - 2026-01-24

Fixed

[14.3.0] - 2026-01-24

Fixed

Added

Changed

... (truncated)

Commits

Updates weave from 0.51.59 to 0.53.0

Release notes

Sourced from weave's releases.

v0.52.43

What's Changed

... (truncated)

Commits
  • ebaa175 Release version: 0.53.0-dev0 → 0.53.0 (#7447)
  • 7293299 chore(weave): Bump to 0.53.0 (#7446)
  • 7de4fd9 fix(weave): reject feedback on a deleted annotation spec with not-found (#7410)
  • 0b1ac9a fix(weave): tolerate stored external refs on agent reads instead of 500 (#7443)
  • b9a8184 feat(weave): rename Session SDK to Conversation SDK (#7437)
  • 96dbc96 chore(weave): fix flaky test_call_stats_call_metrics on 2s2r leg (#7420)
  • 97e85ac feat(weave): full-fidelity batch turn logging + Turn/SubAgent.record() (#7429)
  • 5e27c37 perf(weave): extract-before-aggregate heavy json filters to avoid calls_merge...
  • 23db234 feat(weave_ts): Rename Session --> Conversation. (#7436)
  • 749bb77 feat(weave): migrate 10 remaining weave/trace_server files to @​traced (#7264)
  • Additional commits viewable in compare view

Updates mlflow from 3.5.0 to 3.14.0

Release notes

Sourced from mlflow's releases.

v3.14.0

MLflow 3.14.0 includes several major features and improvements

Major New Features

  • 🚀 One-command agent onboarding with mlflow agent setup: Install MLflow, set up tracing, and hand your favorite coding agent (Claude Code, OpenAI Codex, or OpenCode) the MLflow skills to instrument your app, all from a single command.
  • Durable, low-latency tracing for Claude Code: Roll out Claude Code tracing across a team with confidence: a write-ahead-log keeps it from slowing the agent, overwhelming the tracking server, or losing traces on a network blip or crash.
  • 📝 Review Queues for traces: Assign traces to reviewers (or agents) and collect structured feedback and ground-truth annotations in the UI, written straight back onto the trace so they are immediately usable for evaluation.
  • 🗂️ Revamped evaluation dataset UI: Browse, inspect, edit, and bulk-manage evaluation dataset records directly in the UI, with click-through to the source trace.
  • 🧪 Pytest integration for regression testing: Write GenAI regression tests as plain pytest functions with the @mlflow.test marker, gate them in CI, and review test history and per-assertion judge results in the UI.
  • 🎛️ LLM Playground: Iterate on prompts in the browser against your AI Gateway endpoints and Prompt Registry versions, with settings, tools, structured output, and template variables.

Breaking Changes

Other Assorted Features & Improvements:

... (truncated)

Changelog

Sourced from mlflow's changelog.

3.14.0 (2026-06-17)

MLflow 3.14.0 includes several major features and improvements

Major New Features

  • 🚀 One-command agent onboarding with mlflow agent setup: Install MLflow, set up tracing, and hand your favorite coding agent (Claude Code, OpenAI Codex, or OpenCode) the MLflow skills to instrument your app, all from a single command.
  • Durable, low-latency tracing for Claude Code: Roll out Claude Code tracing across a team with confidence: a write-ahead-log keeps it from slowing the agent, overwhelming the tracking server, or losing traces on a network blip or crash.
  • 📝 Review Queues for traces: Assign traces to reviewers (or agents) and collect structured feedback and ground-truth annotations in the UI, written straight back onto the trace so they are immediately usable for evaluation.
  • 🗂️ Revamped evaluation dataset UI: Browse, inspect, edit, and bulk-manage evaluation dataset records directly in the UI, with click-through to the source trace.
  • 🧪 Pytest integration for regression testing: Write GenAI regression tests as plain pytest functions with the @mlflow.test marker, gate them in CI, and review test history and per-assertion judge results in the UI.
  • 🎛️ LLM Playground: Iterate on prompts in the browser against your AI Gateway endpoints and Prompt Registry versions, with settings, tools, structured output, and template variables.

Breaking Changes

Other Assorted Features & Improvements:

... (truncated)

Commits
  • 86cd7f5 Bump version to 3.14.0 (#24052)
  • 2db0fed Add docs page for @mlflow.test pytest regression testing (#24011)
  • 6786bef [3/3] Show regression-test results in the existing eval-run UI (#23985)
  • fb1a4ed Skip tracking backend prompt in mlflow agent setup when `MLFLOW_TRACKING_UR...
  • 4d7a1b3 Fix ChrfScore RAGAS scorer instantiation due to class name mismatch (#24047)
  • a64ca84 [Fix] Restore scrolling in the Playground conversation area (#24042)
  • 03dd3d2 Fix make_judge doc: self-referential deprecation note and link typo (#24046)
  • 1b64388 [Fix] Map OpenAI Agents SDK guardrail spans to SpanType.GUARDRAIL (#24044)
  • 4b60b87 Add "Save prompt to registry" action to the Prompt Playground (#24021)
  • 437d9f6 Surface review-question modal failures as toasts (#24035)
  • Additional commits viewable in compare view

Updates poetry from 2.2.1 to 2.4.1

Release notes

Sourced from poetry's releases.

2.4.1

Changed

  • Re-allow installer==0.7.0 (#10887).

Fixed

  • Fix an issue where poetry update <package> failed when <package> was a transitive dependency (#10885).

2.4.0

Added

  • Add solver.min-release-age setting to require package releases to be a certain number of days old before they are considered during dependency resolution (#10824).
  • Add solver.min-release-age-exclude to exclude selected packages from age filtering (#10824).
  • Add solver.min-release-age-exclude-source to exclude all packages from selected package indexes from age filtering (#10824).

Changed

  • Raise an error instead of silently ignoring a package name that is not a dependency when it is passed to poetry update (#10721).
  • Automatically add a trailing slash to legacy repository URLs (used for publishing) if missing (#10785).
  • Require installer>=1.0.0 (#10869).
  • Allow findpython>=0.8 (#10874).

Fixed

  • Fix an issue where requires-plugins fails on Windows if scheme paths are on different drives (#10869).
  • Fix an issue where the order of markers in the lock file was not deterministic (#10720).
  • Fix an issue where the wrong command was suggested when poetry self commands failed due to an outdated lock file (#10715).
  • Fix an issue where poetry env activate did not work for bash on Windows (#10716).
  • Fix an issue where poetry debug resolve failed when there was a package with a marker (#10807).
  • Fix an issue where the error message about a build backend failure contained garbled --config-settings (#10804).
  • Fix an issue where a false warning about a circular dependency was printed (#10811).
  • Fix an issue where falsy config values were incorrectly treated as not set (#10808).
  • Fix an issue where poetry publish --build ignored failing builds and uploaded stale artifacts (#10802).
  • Fix an issue where poetry publish was aborted instead of retrying after package registration (#10801).
  • Fix an issue where zip files were not closed after fetching metadata via lazy-wheel (#10800).
  • Fix an issue where data fetched via lazy-wheel was corrupted when part of it had already been cached (#10806).
  • Fix an issue where further packages were installed even though installation should be aborted (#10742).
  • Fix an issue where installed packages without a METADATA file caused an exception on Python 3.15+ (#10860).
  • Fix an issue where http-basic could not be set for repository names with periods (#10845).
  • Fix an issue where calculating the hash of large wheels failed with a memory error (#10814).

Docs

  • Clarify the precedence of configuration sources (#10757).
  • Add a note about the influence of .gitignore on tool.poetry.packages (#10835).

poetry-core (2.4.0)

  • Update vendored packaging to 26.2 (#936).

... (truncated)

Changelog

Sourced from poetry's changelog.

[2.4.1] - 2026-05-09

Changed

  • Re-allow installer==0.7.0 (#10887).

Fixed

  • Fix an issue where poetry update <package> failed when <package> was a transitive dependency (Description has been truncated

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 1, 2026
@dependabot dependabot Bot changed the title Bump the production-dependencies group with 10 updates Bump the production-dependencies group across 1 directory with 10 updates Jun 1, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/production-dependencies-ecebd9eb76 branch from 963ba1c to 3b3010a Compare June 1, 2026 04:22
…ates

Bumps the production-dependencies group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [rdflib](https://github.com/RDFLib/rdflib) | `7.5.0` | `7.6.0` |
| [crewai](https://github.com/crewAIInc/crewAI) | `1.8.1` | `1.9.3` |
| [rich](https://github.com/Textualize/rich) | `13.9.4` | `14.3.4` |
| [weave](https://github.com/wandb/weave) | `0.51.59` | `0.53.0` |
| [mlflow](https://github.com/mlflow/mlflow) | `3.5.0` | `3.14.0` |
| [poetry](https://github.com/python-poetry/poetry) | `2.2.1` | `2.4.1` |
| [spacy](https://github.com/explosion/spaCy) | `3.8.11` | `3.8.14` |
| [litellm](https://github.com/BerriAI/litellm) | `1.53.3` | `1.75.3` |
| [transformers](https://github.com/huggingface/transformers) | `4.45.2` | `4.46.3` |
| [torch](https://github.com/pytorch/pytorch) | `2.10.0` | `2.12.1` |



Updates `rdflib` from 7.5.0 to 7.6.0
- [Release notes](https://github.com/RDFLib/rdflib/releases)
- [Changelog](https://github.com/RDFLib/rdflib/blob/main/CHANGELOG.md)
- [Commits](RDFLib/rdflib@7.5.0...7.6.0)

Updates `crewai` from 1.8.1 to 1.9.3
- [Release notes](https://github.com/crewAIInc/crewAI/releases)
- [Commits](crewAIInc/crewAI@1.8.1...1.9.3)

Updates `rich` from 13.9.4 to 14.3.4
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/main/CHANGELOG.md)
- [Commits](Textualize/rich@v13.9.4...v14.3.4)

Updates `weave` from 0.51.59 to 0.53.0
- [Release notes](https://github.com/wandb/weave/releases)
- [Changelog](https://github.com/wandb/weave/blob/master/dev_docs/RELEASE.md)
- [Commits](wandb/weave@v0.51.59...v0.53.0)

Updates `mlflow` from 3.5.0 to 3.14.0
- [Release notes](https://github.com/mlflow/mlflow/releases)
- [Changelog](https://github.com/mlflow/mlflow/blob/master/CHANGELOG.md)
- [Commits](mlflow/mlflow@v3.5.0...v3.14.0)

Updates `poetry` from 2.2.1 to 2.4.1
- [Release notes](https://github.com/python-poetry/poetry/releases)
- [Changelog](https://github.com/python-poetry/poetry/blob/main/CHANGELOG.md)
- [Commits](python-poetry/poetry@2.2.1...2.4.1)

Updates `spacy` from 3.8.11 to 3.8.14
- [Release notes](https://github.com/explosion/spaCy/releases)
- [Commits](explosion/spaCy@release-v3.8.11...release-v3.8.14)

Updates `litellm` from 1.53.3 to 1.75.3
- [Release notes](https://github.com/BerriAI/litellm/releases)
- [Commits](https://github.com/BerriAI/litellm/commits)

Updates `transformers` from 4.45.2 to 4.46.3
- [Release notes](https://github.com/huggingface/transformers/releases)
- [Commits](huggingface/transformers@v4.45.2...v4.46.3)

Updates `torch` from 2.10.0 to 2.12.1
- [Release notes](https://github.com/pytorch/pytorch/releases)
- [Changelog](https://github.com/pytorch/pytorch/blob/main/RELEASE.md)
- [Commits](pytorch/pytorch@v2.10.0...v2.12.1)

---
updated-dependencies:
- dependency-name: crewai
  dependency-version: 1.9.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: litellm
  dependency-version: 1.75.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: mlflow
  dependency-version: 3.11.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: poetry
  dependency-version: 2.3.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: rdflib
  dependency-version: 7.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: rich
  dependency-version: 14.3.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: spacy
  dependency-version: 3.8.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: torch
  dependency-version: 2.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: transformers
  dependency-version: 4.46.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: weave
  dependency-version: 0.52.38
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/production-dependencies-ecebd9eb76 branch from 3b3010a to e83bbcb Compare July 1, 2026 02:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants