fix: updated the dependabot changes packages#941
Merged
Conversation
Bumps the python-deps group in /src/backend with 27 updates: | Package | From | To | | --- | --- | --- | | [azure-ai-evaluation](https://github.com/Azure/azure-sdk-for-python) | `1.11.0` | `1.15.3` | | [azure-ai-projects](https://github.com/Azure/azure-sdk-for-python) | `1.0.0b11` | `2.0.0b4` | | [azure-ai-agents](https://github.com/Azure/azure-sdk-for-python) | `1.2.0b5` | `1.2.0b6` | | [azure-cosmos](https://github.com/Azure/azure-sdk-for-python) | `4.9.0` | `4.15.0` | | [azure-identity](https://github.com/Azure/azure-sdk-for-python) | `1.24.0` | `1.25.2` | | [azure-monitor-opentelemetry](https://github.com/Azure/azure-sdk-for-python) | `1.7.0` | `1.8.6` | | [azure-search-documents](https://github.com/Azure/azure-sdk-for-python) | `11.5.3` | `11.6.0` | | [fastapi](https://github.com/fastapi/fastapi) | `0.116.1` | `0.135.0` | | [openai](https://github.com/openai/openai-python) | `1.84.0` | `2.24.0` | | [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-python) | `1.36.0` | `1.39.1` | | [opentelemetry-exporter-otlp-proto-grpc](https://github.com/open-telemetry/opentelemetry-python) | `1.36.0` | `1.39.1` | | [opentelemetry-exporter-otlp-proto-http](https://github.com/open-telemetry/opentelemetry-python) | `1.36.0` | `1.39.1` | | [opentelemetry-instrumentation-fastapi](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.57b0` | `0.60b1` | | [opentelemetry-instrumentation-openai](https://github.com/traceloop/openllmetry) | `0.46.2` | `0.52.6` | | [opentelemetry-sdk](https://github.com/open-telemetry/opentelemetry-python) | `1.36.0` | `1.39.1` | | [pytest](https://github.com/pytest-dev/pytest) | `8.4.1` | `9.0.2` | | [pytest-asyncio](https://github.com/pytest-dev/pytest-asyncio) | `0.24.0` | `1.3.0` | | [pytest-cov](https://github.com/pytest-dev/pytest-cov) | `5.0.0` | `7.0.0` | | [python-dotenv](https://github.com/theskumar/python-dotenv) | `1.1.1` | `1.2.1` | | [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.20` | `0.0.22` | | [semantic-kernel](https://github.com/microsoft/semantic-kernel) | `1.39.3` | `1.39.4` | | [uvicorn](https://github.com/Kludex/uvicorn) | `0.35.0` | `0.41.0` | | [pylint-pydantic](https://github.com/fcfangcc/pylint-pydantic) | `0.3.5` | `0.4.1` | | [mcp](https://github.com/modelcontextprotocol/python-sdk) | `1.23.0` | `1.26.0` | | [werkzeug](https://github.com/pallets/werkzeug) | `3.1.5` | `3.1.6` | | [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.38.0` | `1.38.2` | | [semantic-kernel[azure]](https://github.com/microsoft/semantic-kernel) | `1.32.2` | `1.39.4` | Updates `azure-ai-evaluation` from 1.11.0 to 1.15.3 - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Commits](Azure/azure-sdk-for-python@azure-ai-evaluation_1.11.0...azure-ai-evaluation_1.15.3) Updates `azure-ai-projects` from 1.0.0b11 to 2.0.0b4 - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Commits](Azure/azure-sdk-for-python@azure-ai-projects_1.0.0b11...azure-ai-projects_2.0.0b4) Updates `azure-ai-agents` from 1.2.0b5 to 1.2.0b6 - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Commits](Azure/azure-sdk-for-python@azure-ai-agents_1.2.0b5...azure-ai-agents_1.2.0b6) Updates `azure-cosmos` from 4.9.0 to 4.15.0 - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Commits](Azure/azure-sdk-for-python@azure-cosmos_4.9.0...azure-cosmos_4.15.0) Updates `azure-identity` from 1.24.0 to 1.25.2 - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Commits](Azure/azure-sdk-for-python@azure-identity_1.24.0...azure-identity_1.25.2) Updates `azure-monitor-opentelemetry` from 1.7.0 to 1.8.6 - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Commits](Azure/azure-sdk-for-python@azure-monitor-opentelemetry_1.7.0...azure-monitor-opentelemetry_1.8.6) Updates `azure-search-documents` from 11.5.3 to 11.6.0 - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/sdk/search/azure-search-documents/CHANGELOG.md) - [Commits](Azure/azure-sdk-for-python@azure-search-documents_11.5.3...azure-search-documents_11.6.0) Updates `fastapi` from 0.116.1 to 0.135.0 - [Release notes](https://github.com/fastapi/fastapi/releases) - [Commits](fastapi/fastapi@0.116.1...0.135.0) Updates `openai` from 1.84.0 to 2.24.0 - [Release notes](https://github.com/openai/openai-python/releases) - [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md) - [Commits](openai/openai-python@v1.84.0...v2.24.0) Updates `opentelemetry-api` from 1.36.0 to 1.39.1 - [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/v1.39.1/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-python@v1.36.0...v1.39.1) Updates `opentelemetry-exporter-otlp-proto-grpc` from 1.36.0 to 1.39.1 - [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/v1.39.1/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-python@v1.36.0...v1.39.1) Updates `opentelemetry-exporter-otlp-proto-http` from 1.36.0 to 1.39.1 - [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/v1.39.1/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-python@v1.36.0...v1.39.1) Updates `opentelemetry-instrumentation-fastapi` from 0.57b0 to 0.60b1 - [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits) Updates `opentelemetry-instrumentation-openai` from 0.46.2 to 0.52.6 - [Release notes](https://github.com/traceloop/openllmetry/releases) - [Changelog](https://github.com/traceloop/openllmetry/blob/main/CHANGELOG.md) - [Commits](traceloop/openllmetry@0.46.2...0.52.6) Updates `opentelemetry-sdk` from 1.36.0 to 1.39.1 - [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/v1.39.1/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-python@v1.36.0...v1.39.1) Updates `pytest` from 8.4.1 to 9.0.2 - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@8.4.1...9.0.2) Updates `pytest-asyncio` from 0.24.0 to 1.3.0 - [Release notes](https://github.com/pytest-dev/pytest-asyncio/releases) - [Commits](pytest-dev/pytest-asyncio@v0.24.0...v1.3.0) Updates `pytest-cov` from 5.0.0 to 7.0.0 - [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst) - [Commits](pytest-dev/pytest-cov@v5.0.0...v7.0.0) Updates `python-dotenv` from 1.1.1 to 1.2.1 - [Release notes](https://github.com/theskumar/python-dotenv/releases) - [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md) - [Commits](theskumar/python-dotenv@v1.1.1...v1.2.1) Updates `python-multipart` from 0.0.20 to 0.0.22 - [Release notes](https://github.com/Kludex/python-multipart/releases) - [Changelog](https://github.com/Kludex/python-multipart/blob/master/CHANGELOG.md) - [Commits](Kludex/python-multipart@0.0.20...0.0.22) Updates `semantic-kernel` from 1.39.3 to 1.39.4 - [Release notes](https://github.com/microsoft/semantic-kernel/releases) - [Commits](microsoft/semantic-kernel@python-1.39.3...python-1.39.4) Updates `uvicorn` from 0.35.0 to 0.41.0 - [Release notes](https://github.com/Kludex/uvicorn/releases) - [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md) - [Commits](Kludex/uvicorn@0.35.0...0.41.0) Updates `pylint-pydantic` from 0.3.5 to 0.4.1 - [Release notes](https://github.com/fcfangcc/pylint-pydantic/releases) - [Commits](fcfangcc/pylint-pydantic@v0.3.5...v0.4.1) Updates `mcp` from 1.23.0 to 1.26.0 - [Release notes](https://github.com/modelcontextprotocol/python-sdk/releases) - [Changelog](https://github.com/modelcontextprotocol/python-sdk/blob/main/RELEASE.md) - [Commits](modelcontextprotocol/python-sdk@v1.23.0...v1.26.0) Updates `werkzeug` from 3.1.5 to 3.1.6 - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](pallets/werkzeug@3.1.5...3.1.6) Updates `azure-core` from 1.38.0 to 1.38.2 - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Commits](Azure/azure-sdk-for-python@azure-core_1.38.0...azure-core_1.38.2) Updates `semantic-kernel[azure]` from 1.32.2 to 1.39.4 - [Release notes](https://github.com/microsoft/semantic-kernel/releases) - [Commits](microsoft/semantic-kernel@python-1.32.2...python-1.39.4) --- updated-dependencies: - dependency-name: azure-ai-evaluation dependency-version: 1.15.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: azure-ai-projects dependency-version: 2.0.0b4 dependency-type: direct:production update-type: version-update:semver-major dependency-group: python-deps - dependency-name: azure-ai-agents dependency-version: 1.2.0b6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: azure-cosmos dependency-version: 4.15.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: azure-identity dependency-version: 1.25.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: azure-monitor-opentelemetry dependency-version: 1.8.6 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: azure-search-documents dependency-version: 11.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: fastapi dependency-version: 0.135.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: openai dependency-version: 2.24.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: python-deps - dependency-name: opentelemetry-api dependency-version: 1.39.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-exporter-otlp-proto-grpc dependency-version: 1.39.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-exporter-otlp-proto-http dependency-version: 1.39.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-instrumentation-fastapi dependency-version: 0.60b1 dependency-type: direct:production dependency-group: python-deps - dependency-name: opentelemetry-instrumentation-openai dependency-version: 0.52.6 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-sdk dependency-version: 1.39.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: pytest dependency-version: 9.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: python-deps - dependency-name: pytest-asyncio dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: python-deps - dependency-name: pytest-cov dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: python-deps - dependency-name: python-dotenv dependency-version: 1.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: python-multipart dependency-version: 0.0.22 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: semantic-kernel dependency-version: 1.39.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: uvicorn dependency-version: 0.41.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: pylint-pydantic dependency-version: 0.4.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: mcp dependency-version: 1.26.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: werkzeug dependency-version: 3.1.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: azure-core dependency-version: 1.38.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: semantic-kernel[azure] dependency-version: 1.39.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the all-actions group with 8 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4` | `6` | | [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `46.0.5` | `47.0.4` | | [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) | `2.4.1` | `2.8.0` | | [codfish/semantic-release-action](https://github.com/codfish/semantic-release-action) | `4` | `5` | | [amannn/action-semantic-pull-request](https://github.com/amannn/action-semantic-pull-request) | `5` | `6` | | [actions/setup-python](https://github.com/actions/setup-python) | `4` | `6` | | [actions/stale](https://github.com/actions/stale) | `9` | `10` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `7` | Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v6) Updates `tj-actions/changed-files` from 46.0.5 to 47.0.4 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](tj-actions/changed-files@ed68ef8...7dee1b0) Updates `lycheeverse/lychee-action` from 2.4.1 to 2.8.0 - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](lycheeverse/lychee-action@v2.4.1...v2.8.0) Updates `codfish/semantic-release-action` from 4 to 5 - [Release notes](https://github.com/codfish/semantic-release-action/releases) - [Changelog](https://github.com/codfish/semantic-release-action/blob/main/RELEASE_NOTES_V5.md) - [Commits](codfish/semantic-release-action@v4...v5) Updates `amannn/action-semantic-pull-request` from 5 to 6 - [Release notes](https://github.com/amannn/action-semantic-pull-request/releases) - [Changelog](https://github.com/amannn/action-semantic-pull-request/blob/main/CHANGELOG.md) - [Commits](amannn/action-semantic-pull-request@v5...v6) Updates `actions/setup-python` from 4 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v4...v6) Updates `actions/stale` from 9 to 10 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@v9...v10) Updates `actions/upload-artifact` from 4 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4...v7) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: tj-actions/changed-files dependency-version: 47.0.4 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: lycheeverse/lychee-action dependency-version: 2.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: codfish/semantic-release-action dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: amannn/action-semantic-pull-request dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/stale dependency-version: '10' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the python-deps group in /src/backend with 18 updates: | Package | From | To | | --- | --- | --- | | [azure-ai-evaluation](https://github.com/Azure/azure-sdk-for-python) | `1.15.3` | `1.16.2` | | azure-ai-projects | `2.0.0b4` | `2.0.1` | | [azure-identity](https://github.com/Azure/azure-sdk-for-python) | `1.25.2` | `1.25.3` | | [azure-monitor-opentelemetry](https://github.com/Azure/azure-sdk-for-python) | `1.8.6` | `1.8.7` | | [fastapi](https://github.com/fastapi/fastapi) | `0.135.0` | `0.135.2` | | [openai](https://github.com/openai/openai-python) | `2.24.0` | `2.30.0` | | [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-python) | `1.39.1` | `1.40.0` | | [opentelemetry-exporter-otlp-proto-grpc](https://github.com/open-telemetry/opentelemetry-python) | `1.39.1` | `1.40.0` | | [opentelemetry-exporter-otlp-proto-http](https://github.com/open-telemetry/opentelemetry-python) | `1.39.1` | `1.40.0` | | [opentelemetry-instrumentation-fastapi](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.60b1` | `0.61b0` | | [opentelemetry-instrumentation-openai](https://github.com/traceloop/openllmetry) | `0.52.6` | `0.57.0` | | [opentelemetry-sdk](https://github.com/open-telemetry/opentelemetry-python) | `1.39.1` | `1.40.0` | | [pytest-cov](https://github.com/pytest-dev/pytest-cov) | `7.0.0` | `7.1.0` | | [python-dotenv](https://github.com/theskumar/python-dotenv) | `1.2.1` | `1.2.2` | | [semantic-kernel](https://github.com/microsoft/semantic-kernel) | `1.39.4` | `1.41.1` | | [uvicorn](https://github.com/Kludex/uvicorn) | `0.41.0` | `0.42.0` | | [werkzeug](https://github.com/pallets/werkzeug) | `3.1.6` | `3.1.7` | | [azure-core](https://github.com/Azure/azure-sdk-for-python) | `1.38.2` | `1.39.0` | Updates `azure-ai-evaluation` from 1.15.3 to 1.16.2 - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Commits](Azure/azure-sdk-for-python@azure-ai-evaluation_1.15.3...azure-ai-evaluation_1.16.2) Updates `azure-ai-projects` from 2.0.0b4 to 2.0.1 Updates `azure-identity` from 1.25.2 to 1.25.3 - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Commits](Azure/azure-sdk-for-python@azure-identity_1.25.2...azure-identity_1.25.3) Updates `azure-monitor-opentelemetry` from 1.8.6 to 1.8.7 - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Commits](Azure/azure-sdk-for-python@azure-monitor-opentelemetry_1.8.6...azure-monitor-opentelemetry_1.8.7) Updates `fastapi` from 0.135.0 to 0.135.2 - [Release notes](https://github.com/fastapi/fastapi/releases) - [Commits](fastapi/fastapi@0.135.0...0.135.2) Updates `openai` from 2.24.0 to 2.30.0 - [Release notes](https://github.com/openai/openai-python/releases) - [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md) - [Commits](openai/openai-python@v2.24.0...v2.30.0) Updates `opentelemetry-api` from 1.39.1 to 1.40.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-python@v1.39.1...v1.40.0) Updates `opentelemetry-exporter-otlp-proto-grpc` from 1.39.1 to 1.40.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-python@v1.39.1...v1.40.0) Updates `opentelemetry-exporter-otlp-proto-http` from 1.39.1 to 1.40.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-python@v1.39.1...v1.40.0) Updates `opentelemetry-instrumentation-fastapi` from 0.60b1 to 0.61b0 - [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits) Updates `opentelemetry-instrumentation-openai` from 0.52.6 to 0.57.0 - [Release notes](https://github.com/traceloop/openllmetry/releases) - [Changelog](https://github.com/traceloop/openllmetry/blob/main/CHANGELOG.md) - [Commits](traceloop/openllmetry@0.52.6...0.57.0) Updates `opentelemetry-sdk` from 1.39.1 to 1.40.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-python@v1.39.1...v1.40.0) Updates `pytest-cov` from 7.0.0 to 7.1.0 - [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst) - [Commits](pytest-dev/pytest-cov@v7.0.0...v7.1.0) Updates `python-dotenv` from 1.2.1 to 1.2.2 - [Release notes](https://github.com/theskumar/python-dotenv/releases) - [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md) - [Commits](theskumar/python-dotenv@v1.2.1...v1.2.2) Updates `semantic-kernel` from 1.39.4 to 1.41.1 - [Release notes](https://github.com/microsoft/semantic-kernel/releases) - [Commits](microsoft/semantic-kernel@python-1.39.4...python-1.41.1) Updates `uvicorn` from 0.41.0 to 0.42.0 - [Release notes](https://github.com/Kludex/uvicorn/releases) - [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md) - [Commits](Kludex/uvicorn@0.41.0...0.42.0) Updates `werkzeug` from 3.1.6 to 3.1.7 - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](pallets/werkzeug@3.1.6...3.1.7) Updates `azure-core` from 1.38.2 to 1.39.0 - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Commits](Azure/azure-sdk-for-python@azure-core_1.38.2...azure-core_1.39.0) --- updated-dependencies: - dependency-name: azure-ai-evaluation dependency-version: 1.16.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: azure-ai-projects dependency-version: 2.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: azure-identity dependency-version: 1.25.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: azure-monitor-opentelemetry dependency-version: 1.8.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: fastapi dependency-version: 0.135.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: openai dependency-version: 2.30.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-api dependency-version: 1.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-exporter-otlp-proto-grpc dependency-version: 1.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-exporter-otlp-proto-http dependency-version: 1.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-instrumentation-fastapi dependency-version: 0.61b0 dependency-type: direct:production dependency-group: python-deps - dependency-name: opentelemetry-instrumentation-openai dependency-version: 0.57.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-sdk dependency-version: 1.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: pytest-cov dependency-version: 7.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: python-dotenv dependency-version: 1.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: semantic-kernel dependency-version: 1.41.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: uvicorn dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: werkzeug dependency-version: 3.1.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: azure-core dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the all-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5` | `6` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6` | `7` | | [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `47.0.4` | `47.0.5` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3` | `4` | | [azure/login](https://github.com/azure/login) | `2` | `3` | Updates `docker/metadata-action` from 5 to 6 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@v5...v6) Updates `docker/build-push-action` from 6 to 7 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v6...v7) Updates `tj-actions/changed-files` from 47.0.4 to 47.0.5 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](tj-actions/changed-files@7dee1b0...22103cc) Updates `docker/setup-buildx-action` from 3 to 4 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v3...v4) Updates `azure/login` from 2 to 3 - [Release notes](https://github.com/azure/login/releases) - [Commits](Azure/login@v2...v3) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: docker/build-push-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: tj-actions/changed-files dependency-version: 47.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-actions - dependency-name: docker/setup-buildx-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: azure/login dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions ... Signed-off-by: dependabot[bot] <support@github.com>
Updates the requirements on [azure-ai-evaluation](https://github.com/Azure/azure-sdk-for-python), [fastapi](https://github.com/fastapi/fastapi), [openai](https://github.com/openai/openai-python), [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-python), [opentelemetry-exporter-otlp-proto-grpc](https://github.com/open-telemetry/opentelemetry-python), [opentelemetry-exporter-otlp-proto-http](https://github.com/open-telemetry/opentelemetry-python), [opentelemetry-instrumentation-fastapi](https://github.com/open-telemetry/opentelemetry-python-contrib), [opentelemetry-instrumentation-openai](https://github.com/traceloop/openllmetry), [opentelemetry-sdk](https://github.com/open-telemetry/opentelemetry-python), [pytest](https://github.com/pytest-dev/pytest), [python-multipart](https://github.com/Kludex/python-multipart), [semantic-kernel](https://github.com/microsoft/semantic-kernel), [uvicorn](https://github.com/Kludex/uvicorn), [mcp](https://github.com/modelcontextprotocol/python-sdk), [werkzeug](https://github.com/pallets/werkzeug) and [agent-framework](https://github.com/microsoft/agent-framework) to permit the latest version. Updates `azure-ai-evaluation` from 1.16.2 to 1.16.5 - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Commits](Azure/azure-sdk-for-python@azure-ai-evaluation_1.16.2...azure-ai-evaluation_1.16.5) Updates `fastapi` from 0.135.2 to 0.135.3 - [Release notes](https://github.com/fastapi/fastapi/releases) - [Commits](fastapi/fastapi@0.135.2...0.135.3) Updates `openai` from 2.30.0 to 2.31.0 - [Release notes](https://github.com/openai/openai-python/releases) - [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md) - [Commits](openai/openai-python@v2.30.0...v2.31.0) Updates `opentelemetry-api` from 1.40.0 to 1.41.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-python@v1.40.0...v1.41.0) Updates `opentelemetry-exporter-otlp-proto-grpc` from 1.40.0 to 1.41.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-python@v1.40.0...v1.41.0) Updates `opentelemetry-exporter-otlp-proto-http` from 1.40.0 to 1.41.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-python@v1.40.0...v1.41.0) Updates `opentelemetry-instrumentation-fastapi` from 0.61b0 to 0.62b0 - [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits) Updates `opentelemetry-instrumentation-openai` from 0.57.0 to 0.59.0 - [Release notes](https://github.com/traceloop/openllmetry/releases) - [Changelog](https://github.com/traceloop/openllmetry/blob/main/CHANGELOG.md) - [Commits](traceloop/openllmetry@0.57.0...0.59.0) Updates `opentelemetry-sdk` from 1.40.0 to 1.41.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-python@v1.40.0...v1.41.0) Updates `pytest` from 9.0.2 to 9.0.3 - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@9.0.2...9.0.3) Updates `python-multipart` from 0.0.22 to 0.0.26 - [Release notes](https://github.com/Kludex/python-multipart/releases) - [Changelog](https://github.com/Kludex/python-multipart/blob/master/CHANGELOG.md) - [Commits](Kludex/python-multipart@0.0.22...0.0.26) Updates `semantic-kernel` from 1.41.1 to 1.41.2 - [Release notes](https://github.com/microsoft/semantic-kernel/releases) - [Commits](microsoft/semantic-kernel@python-1.41.1...python-1.41.2) Updates `uvicorn` from 0.42.0 to 0.44.0 - [Release notes](https://github.com/Kludex/uvicorn/releases) - [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md) - [Commits](Kludex/uvicorn@0.42.0...0.44.0) Updates `mcp` from 1.26.0 to 1.27.0 - [Release notes](https://github.com/modelcontextprotocol/python-sdk/releases) - [Changelog](https://github.com/modelcontextprotocol/python-sdk/blob/main/RELEASE.md) - [Commits](modelcontextprotocol/python-sdk@v1.26.0...v1.27.0) Updates `werkzeug` from 3.1.7 to 3.1.8 - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](pallets/werkzeug@3.1.7...3.1.8) Updates `agent-framework` to 1.0.1 - [Release notes](https://github.com/microsoft/agent-framework/releases) - [Commits](microsoft/agent-framework@python-1.0.0b251105...python-1.0.1) --- updated-dependencies: - dependency-name: azure-ai-evaluation dependency-version: 1.16.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: fastapi dependency-version: 0.135.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: openai dependency-version: 2.31.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-api dependency-version: 1.41.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-exporter-otlp-proto-grpc dependency-version: 1.41.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-exporter-otlp-proto-http dependency-version: 1.41.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-instrumentation-fastapi dependency-version: 0.62b0 dependency-type: direct:production dependency-group: python-deps - dependency-name: opentelemetry-instrumentation-openai dependency-version: 0.59.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: opentelemetry-sdk dependency-version: 1.41.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: pytest dependency-version: 9.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: python-multipart dependency-version: 0.0.26 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: semantic-kernel dependency-version: 1.41.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: uvicorn dependency-version: 0.44.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: mcp dependency-version: 1.27.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-deps - dependency-name: werkzeug dependency-version: 3.1.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-deps - dependency-name: agent-framework dependency-version: 1.0.1 dependency-type: direct:production dependency-group: python-deps ... Signed-off-by: dependabot[bot] <support@github.com>
Dhruvkumar-Microsoft
requested review from
Avijit-Microsoft,
Fr4nc3,
Prajwal-Microsoft,
Roopan-Microsoft,
Vinay-Microsoft,
aniaroramsft,
dgp10801,
marktayl1,
nchandhi and
toherman-msft
as code owners
Dhruvkumar-Microsoft
temporarily deployed
to
production
GitHub Actions
Inactive
Coverage Report •
|
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates CI/CD workflow action versions and bumps a few project dependencies/lockfiles across the Python packages and the frontend, aligning the repo with newer dependency releases.
Changes:
- Upgraded multiple GitHub Actions used across workflows (checkout/setup-python/upload-artifact/docker actions, etc.).
- Updated Python dependencies/locks (e.g.,
python-multipartto0.0.26,mcpto1.27.0, and added/pinnedauthlib==1.6.11formcp_server). - Updated frontend npm override and lock entry for
minimatch(3.1.3→3.1.5).
Reviewed changes
Copilot reviewed 23 out of 27 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| src/mcp_server/uv.lock | Updates locked Python deps (authlib, python-multipart) and records authlib as a direct dependency. |
| src/mcp_server/pyproject.toml | Bumps python-multipart and adds/pins authlib. |
| src/backend/uv.lock | Updates locked versions for mcp and python-multipart. |
| src/backend/requirements.txt | Bumps python-multipart and mcp pins. |
| src/backend/pyproject.toml | Bumps python-multipart and mcp pins. |
| src/App/uv.lock | Updates locked python-multipart version for the App’s Python environment. |
| src/App/package.json | Updates npm override for minimatch. |
| src/App/package-lock.json | Updates resolved minimatch version metadata in lockfile. |
| .github/workflows/test.yml | Upgrades checkout/setup-python versions used in test workflow. |
| .github/workflows/test-automation.yml | Upgrades checkout/setup-python/upload-artifact and azure/login versions. |
| .github/workflows/test-automation-v2.yml | Upgrades checkout/upload-artifact versions. |
| .github/workflows/telemetry-template-check.yml | Upgrades checkout version. |
| .github/workflows/stale-bot.yml | Upgrades stale action, checkout, and upload-artifact versions. |
| .github/workflows/scheduled-Dependabot-PRs-Auto-Merge.yml | Upgrades checkout version. |
| .github/workflows/pylint.yml | Upgrades checkout/setup-python versions. |
| .github/workflows/pr-title-checker.yml | Upgrades semantic PR title checker action version. |
| .github/workflows/job-docker-build.yml | Upgrades checkout and docker buildx/build-push action versions. |
| .github/workflows/job-deploy.yml | Upgrades checkout version. |
| .github/workflows/job-deploy-windows.yml | Upgrades checkout version. |
| .github/workflows/job-deploy-linux.yml | Upgrades checkout version. |
| .github/workflows/docker-build-and-push.yml | Upgrades checkout and docker buildx/build-push action versions. |
| .github/workflows/deploy.yml | Upgrades checkout version. |
| .github/workflows/deploy-waf.yml | Upgrades checkout version. |
| .github/workflows/create-release.yml | Upgrades checkout and semantic-release action versions. |
| .github/workflows/codeql.yml | Upgrades checkout version. |
| .github/workflows/broken-links-checker.yml | Upgrades checkout, changed-files pin, and lychee action version. |
| .github/workflows/agnext-biab-02-containerimage.yml | Upgrades docker metadata and build-push action versions. |
Files not reviewed (1)
- src/App/package-lock.json: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Roopan-Microsoft
approved these changes
Apr 21, 2026
|
🎉 This PR is included in version 4.2.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Purpose
This pull request updates various GitHub Actions and workflow dependencies across multiple CI/CD workflows to their latest major or minor versions. These updates improve security, maintainability, and compatibility with the latest features and bug fixes. Additionally, a minor npm dependency is updated in the frontend package lock file.
GitHub Actions and Workflow Dependency Updates
General Actions Upgrades:
actions/checkoutfrom v4 or v5 to v6 in all workflows for improved performance and bug fixes. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17]actions/setup-pythonfrom v4 to v6 for Python workflows. [1] [2] [3]actions/upload-artifactfrom v4 to v7 for artifact uploads. [1] [2] [3]Docker and Build Tools:
docker/build-push-actionfrom v6 to v7 anddocker/setup-buildx-actionfrom v3 to v4 in all relevant workflows for Docker image builds and pushes. [1] [2] [3] [4] [5] [6] [7] [8]docker/metadata-actionfrom v5 to v6 for Docker metadata extraction.Other Workflow and Action Updates:
lycheeverse/lychee-actionfor broken link checking from v2.4.1 to v2.8.0. [1] [2]tj-actions/changed-filesfrom v46 to v47.0.5.codfish/semantic-release-actionfrom v4 to v5.amannn/action-semantic-pull-requestfrom v5 to v6.actions/stalefrom v9 to v10 andactions/upload-artifactfrom v4 to v7 in stale bot workflow. [1] [2]azure/loginfrom v2 to v3 in test-automation workflow.NPM Dependency Update
minimatchnpm package from version 3.1.3 to 3.1.5 insrc/App/package-lock.jsonfor improved security and bug fixes.Does this introduce a breaking change?
How to Test
What to Check
Verify that the following are valid
Other Information