chore(deps): bump mem0ai from 0.1.117 to 2.0.5 in /sdk

[dependabot]

Bumps mem0ai from 0.1.117 to 2.0.5.

Release notes

Sourced from mem0ai's releases.

Mem0 Python SDK (v2.0.5)

New Features:

• Memory: Warn at init time when hybrid/BM25 search silently degrades to semantic-only because the configured vector store does not implement keyword_search. Affected stores: Chroma, FAISS, Cassandra, LangChain, Neptune Analytics, S3 Vectors, Supabase, TurboPuffer, Valkey (#5444)
• Memory: Add opt-in explain=True parameter to Memory.search() and AsyncMemory.search(). When enabled, each result includes a score_breakdown dict with semantic, keyword (normalized BM25), entity_boost, and temporal_boost signals so callers can understand and tune retrieval ranking (#5102)

Bug Fixes:

• Vector Stores: Normalize similarity scores to [0, 1] (higher = better) consistently across all backends. 11 adapters previously returned raw distance metrics (lower = better) — FAISS, Chroma, Milvus, Redis, Cassandra, PGVector, S3 Vectors, Supabase, Valkey, Azure MySQL, and Vertex AI Vector Search — causing incorrect ranking in multi-store setups (#5391)
• Memory: Parallelize entity boost searches in Memory.search() and AsyncMemory.search(). Previously up to 8 entities were embedded and queried sequentially (16 serial round-trips with remote embedders); all entity lookups now run concurrently, eliminating multi-second latency on entity-rich queries (#5377)
• Memory: Reject empty or whitespace-only queries in Memory.search(), AsyncMemory.search(), MemoryClient.search(), and AsyncMemoryClient.search() before any embedding or API call is made. Also strips leading/trailing whitespace from valid queries (#5258)
• LLMs: Add is_reasoning_model: Optional[bool] override to BaseLlmConfig (surfaced on OpenAILlmConfig and AzureOpenAILlmConfig). Fixes silent zero-extraction when using Azure deployments with versioned gpt-5.x names that the automatic name-based heuristic cannot recognize (#5327)
• LLMs: Fix xAI LLM provider: add XAIConfig with xai_base_url, forward tools/tool_choice in generate_response(), and parse tool_calls in the response. Previously the provider raised AttributeError at init and silently dropped tool results (#5190)
• Vector Stores: Fix PGVector ConnectionPool hang in Docker Compose environments where the app container starts before Postgres is DNS-resolvable — switched to open=False to avoid blocking constructor or silent zombie pool (#5155)
• Vector Stores: Fix PGVector sslmode handling for PostgreSQL URIs — the sslmode query parameter is now correctly extracted and forwarded when building the async connection pool (#5308)
• Vector Stores: Fix S3 Vectors list() not applying metadata filters — filtering is now done client-side after fetching, with pagination preserved and top_k applied after filtering to prevent pre-truncation of matching rows (#5018)
• Vector Stores: Fix Upstash Vector search() routing all queries to the default namespace — namespace is now passed as a top-level keyword argument to query_many() instead of inside the per-query dict where it was silently ignored (#5202)
• Core: Replace mutable default arguments with None sentinels in embedder configs and the proxy module, preventing cross-request state contamination (#5302)

Mem0 Python SDK (v2.0.4)

New Features:

• Client: delete() and async delete() accept delete_linked (default False). When True, deleting a memory also removes the older memories it superseded (the v3 linked_memory_ids chain), transitively — the delete-side counterpart of latest_only, so a superseded memory does not resurface after the current one is deleted (#5270)

Mem0 Python SDK (v2.0.3)

Bug Fixes:

• Vector Stores: PGVector adapter now supports rich filter operators (eq, ne, gt, gte, lt, lte, in, nin, contains, icontains, wildcard *, $or, $not) in search(), keyword_search(), and list(). Previously only exact-equality filters worked — operator dicts were silently stringified and returned zero results (#5263)

• Server: Fixed /search endpoint returning 502 when user_id, agent_id, or run_id are sent as top-level request fields. The server now maps these into the filters dict before calling Memory.search(), matching the v3 API contract. Top-level entity ID fields are marked as deprecated in the OpenAPI schema and emit a warning log — clients should migrate to filters={"user_id": "..."} (#5263)

Mem0 Python SDK (v2.0.2)

Bug Fixes:

• Telemetry: Stitch OSS and platform PostHog identities on MemoryClient init so $identify events fire and a single user is no longer tracked as two or three disconnected personas (#5040)
• Security: Harden against SQL injection and prompt injection (#4997)

New Features:

• SDK: Expose decay on project.update (#5062)

Improvements:

• Plugin: Hand mem0 search decisions to the agent (#4992)

Mem0 Python SDK (v2.0.1)

Bug Fixes:

• Client: Map user_id, agent_id, run_id entity params to filters in GET /memories (#4960)
• Memory: Honor prompt param in vector store extraction pipeline (#4914)
• Memory: Add missing text_lemmatized field in AsyncMemory._create_memory (#4886)
• Memory: Merge same-key operator dicts in AND metadata filters (#4853)
• LLMs: Narrow _is_reasoning_model check to not match gpt-5.x variants (#4746)

... (truncated)

Commits

• 8399b08 chore: release Python SDK v2.0.5 and TypeScript SDK v3.0.7 (#5470)
• 437f0b5 ci: route all release publishing through a single Release Router workflow (#5...
• 0ffaffa fix(pi-agent-plugin): correct repository.url for npm provenance validation (#...
• 433ff49 chore(pi-agent-plugin): bump version to 0.1.1 (#5471)
• de03c52 ci: add CI and CD workflows for pi-agent-plugin (#5469)
• b4a50e3 feat(vercel-ai-sdk): migrate to Vercel AI SDK v6 (#4741)
• b819d95 fix(pgvector): use open=False to prevent ConnectionPool hang in Docker (#5155)
• 3ac1c94 fix(vector-stores): filter S3 vector list results (#5018)
• d6347f6 fix(vector_stores): pass namespace as top-level kwarg to UpstashVector query_...
• e769502 feat: warn when hybrid search silently degrades to semantic-only (#5444)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.