github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-03-10 15:54:15 -05:00
Code Issues 308 Packages Projects Releases 100 Wiki Activity

[PR #4096] [MERGED] chore(deps): bump the pip group across 2 directories with 2 updates #8192

New Issue
Closed
opened 2025-11-11 17:47:21 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2025-11-11 17:47:21 -06:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/4096
Author: @dependabot[bot]
Created: 7/24/2024
Status: Merged
Merged: 7/25/2024
Merged by: @tjbck

Base: devHead: dependabot/pip/pip-b4bdd6eb86

📝 Commits (1)

  • 8193c2f chore(deps): bump the pip group across 2 directories with 2 updates

📊 Changes

2 files changed (+3 additions, -3 deletions)

View changed files

📝 backend/requirements.txt (+1 -1)
📝 pyproject.toml (+2 -2)

📄 Description

Bumps the pip group with 2 updates in the / directory: pymysql and langchain-community.
Bumps the pip group with 1 update in the /backend directory: langchain-community.

Updates pymysql from 1.1.0 to 1.1.1

Release notes

Sourced from pymysql's releases.

v1.1.1

[!WARNING] This release fixes a vulnerability (CVE-2024-36039). All users are recommended to update to this version.

If you can not update soon, check the input value from untrusted source has an expected type. Only dict input from untrusted source can be an attack vector.

What's Changed

  • Prohibit dict parameter for Cursor.execute(). It didn't produce valid SQL and might cause SQL injection. (CVE-2024-36039)
  • Added ssl_key_password param by @​svaskov in PyMySQL/PyMySQL#1145

Merged PRs

New Contributors

Full Changelog: https://github.com/PyMySQL/PyMySQL/compare/v1.1.0...v1.1.1

Changelog

Sourced from pymysql's changelog.

v1.1.1

Release date: 2024-05-21

[!WARNING] This release fixes a vulnerability (CVE-2024-36039). All users are recommended to update to this version.

If you can not update soon, check the input value from untrusted source has an expected type. Only dict input from untrusted source can be an attack vector.

  • Prohibit dict parameter for Cursor.execute(). It didn't produce valid SQL and might cause SQL injection. (CVE-2024-36039)
  • Added ssl_key_password param. #1145
Commits

Updates langchain-community from 0.2.0 to 0.2.9

Release notes

Sourced from langchain-community's releases.

langchain-community==0.2.9

Changes since langchain-community==0.2.7

infra: add min version testing to pr test flow (#24358) community[patch]: Release 0.2.9 (#24453) community[patch]: gpt-4o-mini costs (#24421) community[patch]: Force opt-in for WebResearchRetriever (CVE-2024-3095) (#24451) community[minor]: [GoogleApiYoutubeLoader] Replace API used in _get_document_for_channel from search to playlistItem (#24034) community[minor]: GraphCypherQAChain to accept additional inputs as provided by the user for cypher generation (#24300) community[minor]: add mongodb byte store (#23876) community[minor]: Add ability to specify file encoding and json encoding for FileChatMessageHistory (#24258) Community[minor]: Added checksum in while send data to pebblo-cloud (#23968) community[minor]: Add TextEmbed Embedding Integration (#22946) community[minor]: Add Riza Python/JS code execution tool (#23995) community[minor]: Add keybert-based link extractor (#24311) community[minor]: GLiNER link extraction (#24314) Mask API keys for various LLM/ChatModel Modules (#13885) community[patch]: fix formatting (#24443) Merge pull request #24315 Merge pull request #24363 Mask API key for ChatOpenAI based chat_models (#14293) community: fix tool appending logic and update planner prompt in OpenAPI agent toolkit (#24384) [fix] baidu qianfan AiMessage with usage_metadata (#24389) community[minor]: [PebbloSafeLoader] Rename loader type and add SharePointLoader to supported loaders (#24393) Community[patch]: Missing "stream" parameter in cloudflare_workersai (#23987) community: support advanced text extraction options for pdf documents (#20265) community[patch]: Release 0.2.8 (#24354) community: Fix SQLDatabse.from_databricks issue when ran from Job (#24346) Neo4j: Update with non-deprecated cypher methods, and new method to associate relationship embeddings (#23725) docs: Add ChatBaichuan docstrings (#24348) neo4j: Fix test for order-insensitive comparison and floating-point precision issues (#24338) community[minor]: Add ApertureDB as a vectorstore (#24088) community[patch]: Fix docstring for ollama parameter "keep_alive" (#23973) community[patch]: Update TavilySearch to use TavilyClient instead of the deprecated Client (#24270) baidu qianfan AiMessage with usage_metadata (#24288) community[patch]: change the class of qianfan_ak and qianfan_sk parameters (#24293) community: Add support for specifying hybrid search for Databricks vector search (#23528) community(you): Integrate You.com conversational APIs (#23046) feat: Add ChatTongyi structured output (#24187) baidu qianfan streaming token_usage (#24117) community[patch]: Improve ChatBaichuan init args and role (#23878) partners: add similarity search by image functionality to langchain_chroma partner package (#22982) fix azure_openai.py: some keys do not exists (#24158) docs: Spell check fixes (#24217) community[patch]: upgrade default model for ChatAnyscale (#24232) core[patch]: fix ToolCall "type" when streaming (#24218) community: Skip Login to HuggubgFaceHub when token is not set (#21561) community[patch]: update typo document content returned from semanticscholar (#24175) Fix neo4j type error on missing constraint information (#24177) community: Fix Bug in Azure Search Vectorstore search asyncronously (#24081)

... (truncated)

Commits
  • f4ee3c8 infra: add min version testing to pr test flow (#24358)
  • 50cb0a0 docs: advanced feature note (#24456)
  • 842065a community[patch]: Release 0.2.9 (#24453)
  • 27ad6a4 langchain[patch]: Release 0.2.10 (#24452)
  • dda9438 community[patch]: gpt-4o-mini costs (#24421)
  • 604dfe2 community[patch]: Force opt-in for WebResearchRetriever (CVE-2024-3095) (#24451)
  • f101c75 docs: how to pass runtime secrets (#24450)
  • 372c27f community[minor]: [GoogleApiYoutubeLoader] Replace API used in _get_document...
  • 6a45bf9 community[minor]: GraphCypherQAChain to accept additional inputs as provided ...
  • f585668 community[minor]: add mongodb byte store (#23876)
  • Additional commits viewable in compare view

Updates langchain-community from 0.2.6 to 0.2.9

Release notes

Sourced from langchain-community's releases.

langchain-community==0.2.9

Changes since langchain-community==0.2.7

infra: add min version testing to pr test flow (#24358) community[patch]: Release 0.2.9 (#24453) community[patch]: gpt-4o-mini costs (#24421) community[patch]: Force opt-in for WebResearchRetriever (CVE-2024-3095) (#24451) community[minor]: [GoogleApiYoutubeLoader] Replace API used in _get_document_for_channel from search to playlistItem (#24034) community[minor]: GraphCypherQAChain to accept additional inputs as provided by the user for cypher generation (#24300) community[minor]: add mongodb byte store (#23876) community[minor]: Add ability to specify file encoding and json encoding for FileChatMessageHistory (#24258) Community[minor]: Added checksum in while send data to pebblo-cloud (#23968) community[minor]: Add TextEmbed Embedding Integration (#22946) community[minor]: Add Riza Python/JS code execution tool (#23995) community[minor]: Add keybert-based link extractor (#24311) community[minor]: GLiNER link extraction (#24314) Mask API keys for various LLM/ChatModel Modules (#13885) community[patch]: fix formatting (#24443) Merge pull request #24315 Merge pull request #24363 Mask API key for ChatOpenAI based chat_models (#14293) community: fix tool appending logic and update planner prompt in OpenAPI agent toolkit (#24384) [fix] baidu qianfan AiMessage with usage_metadata (#24389) community[minor]: [PebbloSafeLoader] Rename loader type and add SharePointLoader to supported loaders (#24393) Community[patch]: Missing "stream" parameter in cloudflare_workersai (#23987) community: support advanced text extraction options for pdf documents (#20265) community[patch]: Release 0.2.8 (#24354) community: Fix SQLDatabse.from_databricks issue when ran from Job (#24346) Neo4j: Update with non-deprecated cypher methods, and new method to associate relationship embeddings (#23725) docs: Add ChatBaichuan docstrings (#24348) neo4j: Fix test for order-insensitive comparison and floating-point precision issues (#24338) community[minor]: Add ApertureDB as a vectorstore (#24088) community[patch]: Fix docstring for ollama parameter "keep_alive" (#23973) community[patch]: Update TavilySearch to use TavilyClient instead of the deprecated Client (#24270) baidu qianfan AiMessage with usage_metadata (#24288) community[patch]: change the class of qianfan_ak and qianfan_sk parameters (#24293) community: Add support for specifying hybrid search for Databricks vector search (#23528) community(you): Integrate You.com conversational APIs (#23046) feat: Add ChatTongyi structured output (#24187) baidu qianfan streaming token_usage (#24117) community[patch]: Improve ChatBaichuan init args and role (#23878) partners: add similarity search by image functionality to langchain_chroma partner package (#22982) fix azure_openai.py: some keys do not exists (#24158) docs: Spell check fixes (#24217) community[patch]: upgrade default model for ChatAnyscale (#24232) core[patch]: fix ToolCall "type" when streaming (#24218) community: Skip Login to HuggubgFaceHub when token is not set (#21561) community[patch]: update typo document content returned from semanticscholar (#24175) Fix neo4j type error on missing constraint information (#24177) community: Fix Bug in Azure Search Vectorstore search asyncronously (#24081)

... (truncated)

Commits
  • f4ee3c8 infra: add min version testing to pr test flow (#24358)
  • 50cb0a0 docs: advanced feature note (#24456)
  • 842065a community[patch]: Release 0.2.9 (#24453)
  • 27ad6a4 langchain[patch]: Release 0.2.10 (#24452)
  • dda9438 community[patch]: gpt-4o-mini costs (#24421)
  • 604dfe2 community[patch]: Force opt-in for WebResearchRetriever (CVE-2024-3095) (#24451)
  • f101c75 docs: how to pass runtime secrets (#24450)
  • 372c27f community[minor]: [GoogleApiYoutubeLoader] Replace API used in _get_document...
  • 6a45bf9 community[minor]: GraphCypherQAChain to accept additional inputs as provided ...
  • f585668 community[minor]: add mongodb byte store (#23876)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/4096 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 7/24/2024 **Status:** ✅ Merged **Merged:** 7/25/2024 **Merged by:** [@tjbck](https://github.com/tjbck) **Base:** `dev` ← **Head:** `dependabot/pip/pip-b4bdd6eb86` --- ### 📝 Commits (1) - [`8193c2f`](https://github.com/open-webui/open-webui/commit/8193c2f847c910a9de4b07ad695cfaa2ea4d3762) chore(deps): bump the pip group across 2 directories with 2 updates ### 📊 Changes **2 files changed** (+3 additions, -3 deletions) <details> <summary>View changed files</summary> 📝 `backend/requirements.txt` (+1 -1) 📝 `pyproject.toml` (+2 -2) </details> ### 📄 Description Bumps the pip group with 2 updates in the / directory: [pymysql](https://github.com/PyMySQL/PyMySQL) and [langchain-community](https://github.com/langchain-ai/langchain). Bumps the pip group with 1 update in the /backend directory: [langchain-community](https://github.com/langchain-ai/langchain). Updates `pymysql` from 1.1.0 to 1.1.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/PyMySQL/PyMySQL/releases">pymysql's releases</a>.</em></p> <blockquote> <h2>v1.1.1</h2> <blockquote> <p>[!WARNING] This release fixes a vulnerability (CVE-2024-36039). All users are recommended to update to this version.</p> <p>If you can not update soon, check the input value from untrusted source has an expected type. Only dict input from untrusted source can be an attack vector.</p> </blockquote> <h2>What's Changed</h2> <ul> <li>Prohibit dict parameter for <code>Cursor.execute()</code>. It didn't produce valid SQL and might cause SQL injection. (CVE-2024-36039)</li> <li>Added ssl_key_password param by <a href="https://github.com/svaskov"><code>@​svaskov</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1145">PyMySQL/PyMySQL#1145</a></li> </ul> <h2>Merged PRs</h2> <ul> <li>Add support for Python 3.12 by <a href="https://github.com/hugovk"><code>@​hugovk</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1134">PyMySQL/PyMySQL#1134</a></li> <li>chore(deps): update actions/checkout action to v4 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1136">PyMySQL/PyMySQL#1136</a></li> <li>Update codecov/codecov-action action to v4 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1137">PyMySQL/PyMySQL#1137</a></li> <li>ci: use codecov@v3 by <a href="https://github.com/methane"><code>@​methane</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1142">PyMySQL/PyMySQL#1142</a></li> <li>chore(deps): update dessant/lock-threads action to v5 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1141">PyMySQL/PyMySQL#1141</a></li> <li>doc: use rtd theme by <a href="https://github.com/methane"><code>@​methane</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1143">PyMySQL/PyMySQL#1143</a></li> <li>use Ruff as formatter by <a href="https://github.com/methane"><code>@​methane</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1144">PyMySQL/PyMySQL#1144</a></li> <li>chore(deps): update dependency sphinx-rtd-theme to v2 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1147">PyMySQL/PyMySQL#1147</a></li> <li>chore(deps): update actions/setup-python action to v5 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1152">PyMySQL/PyMySQL#1152</a></li> <li>chore(deps): update github/codeql-action action to v3 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1154">PyMySQL/PyMySQL#1154</a></li> <li>chore(deps): update codecov/codecov-action action to v4 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1158">PyMySQL/PyMySQL#1158</a></li> <li>Support error packet without sqlstate by <a href="https://github.com/methane"><code>@​methane</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1160">PyMySQL/PyMySQL#1160</a></li> <li>test json - mariadb without JSON type by <a href="https://github.com/grooverdan"><code>@​grooverdan</code></a> in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1165">PyMySQL/PyMySQL#1165</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/hugovk"><code>@​hugovk</code></a> made their first contribution in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1134">PyMySQL/PyMySQL#1134</a></li> <li><a href="https://github.com/svaskov"><code>@​svaskov</code></a> made their first contribution in <a href="https://redirect.github.com/PyMySQL/PyMySQL/pull/1145">PyMySQL/PyMySQL#1145</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/PyMySQL/PyMySQL/compare/v1.1.0...v1.1.1">https://github.com/PyMySQL/PyMySQL/compare/v1.1.0...v1.1.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/PyMySQL/PyMySQL/blob/main/CHANGELOG.md">pymysql's changelog</a>.</em></p> <blockquote> <h2>v1.1.1</h2> <p>Release date: 2024-05-21</p> <blockquote> <p>[!WARNING] This release fixes a vulnerability (CVE-2024-36039). All users are recommended to update to this version.</p> <p>If you can not update soon, check the input value from untrusted source has an expected type. Only dict input from untrusted source can be an attack vector.</p> </blockquote> <ul> <li>Prohibit dict parameter for <code>Cursor.execute()</code>. It didn't produce valid SQL and might cause SQL injection. (CVE-2024-36039)</li> <li>Added ssl_key_password param. <a href="https://redirect.github.com/PyMySQL/PyMySQL/issues/1145">#1145</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PyMySQL/PyMySQL/commit/2cab9ecc641e962565c6254a5091f90c47f59b35"><code>2cab9ec</code></a> v1.1.1</li> <li><a href="https://github.com/PyMySQL/PyMySQL/commit/521e40050cb386a499f68f483fefd144c493053c"><code>521e400</code></a> forbid dict parameter</li> <li><a href="https://github.com/PyMySQL/PyMySQL/commit/7f032a699d55340f05101deb4d7d4f63db4adc11"><code>7f032a6</code></a> remove coveralls from requirements</li> <li><a href="https://github.com/PyMySQL/PyMySQL/commit/69f6c7439bee14784e0ea70ae107af6446cc0c67"><code>69f6c74</code></a> ruff format</li> <li><a href="https://github.com/PyMySQL/PyMySQL/commit/b4ed6884a1105df0a27f948f52b3e81d5585634f"><code>b4ed688</code></a> test json - mariadb without JSON type (<a href="https://redirect.github.com/PyMySQL/PyMySQL/issues/1165">#1165</a>)</li> <li><a href="https://github.com/PyMySQL/PyMySQL/commit/bbd049f40db9c696574ce6f31669880042c56d79"><code>bbd049f</code></a> Support error packet without sqlstate (<a href="https://redirect.github.com/PyMySQL/PyMySQL/issues/1160">#1160</a>)</li> <li><a href="https://github.com/PyMySQL/PyMySQL/commit/9694747ae619e88b792a8e0b4c08036572452584"><code>9694747</code></a> pyupgrade</li> <li><a href="https://github.com/PyMySQL/PyMySQL/commit/1f0b7856de4008e7e4c1e8c1b215d5d4dfaecd1a"><code>1f0b785</code></a> chore(deps): update codecov/codecov-action action to v4 (<a href="https://redirect.github.com/PyMySQL/PyMySQL/issues/1158">#1158</a>)</li> <li><a href="https://github.com/PyMySQL/PyMySQL/commit/1e28be81c24dde66f8acbf4c5e24f60d6b5e72e7"><code>1e28be8</code></a> chore(deps): update github/codeql-action action to v3 (<a href="https://redirect.github.com/PyMySQL/PyMySQL/issues/1154">#1154</a>)</li> <li><a href="https://github.com/PyMySQL/PyMySQL/commit/f13f054abcc18b39855a760a84be0a517f0da658"><code>f13f054</code></a> chore(deps): update actions/setup-python action to v5 (<a href="https://redirect.github.com/PyMySQL/PyMySQL/issues/1152">#1152</a>)</li> <li>Additional commits viewable in <a href="https://github.com/PyMySQL/PyMySQL/compare/v1.1.0...v1.1.1">compare view</a></li> </ul> </details> <br /> Updates `langchain-community` from 0.2.0 to 0.2.9 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langchain/releases">langchain-community's releases</a>.</em></p> <blockquote> <h2>langchain-community==0.2.9</h2> <p>Changes since langchain-community==0.2.7</p> <p>infra: add min version testing to pr test flow (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24358">#24358</a>) community[patch]: Release 0.2.9 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24453">#24453</a>) community[patch]: gpt-4o-mini costs (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24421">#24421</a>) community[patch]: Force opt-in for WebResearchRetriever (CVE-2024-3095) (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24451">#24451</a>) community[minor]: [GoogleApiYoutubeLoader] Replace API used in _get_document_for_channel from search to playlistItem (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24034">#24034</a>) community[minor]: GraphCypherQAChain to accept additional inputs as provided by the user for cypher generation (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24300">#24300</a>) community[minor]: add mongodb byte store (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23876">#23876</a>) community[minor]: Add ability to specify file encoding and json encoding for FileChatMessageHistory (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24258">#24258</a>) Community[minor]: Added checksum in while send data to pebblo-cloud (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23968">#23968</a>) community[minor]: Add TextEmbed Embedding Integration (<a href="https://redirect.github.com/langchain-ai/langchain/issues/22946">#22946</a>) community[minor]: Add Riza Python/JS code execution tool (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23995">#23995</a>) community[minor]: Add keybert-based link extractor (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24311">#24311</a>) community[minor]: GLiNER link extraction (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24314">#24314</a>) Mask API keys for various LLM/ChatModel Modules (<a href="https://redirect.github.com/langchain-ai/langchain/issues/13885">#13885</a>) community[patch]: fix formatting (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24443">#24443</a>) Merge pull request <a href="https://redirect.github.com/langchain-ai/langchain/issues/24315">#24315</a> Merge pull request <a href="https://redirect.github.com/langchain-ai/langchain/issues/24363">#24363</a> Mask API key for ChatOpenAI based chat_models (<a href="https://redirect.github.com/langchain-ai/langchain/issues/14293">#14293</a>) community: fix tool appending logic and update planner prompt in OpenAPI agent toolkit (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24384">#24384</a>) [fix] baidu qianfan AiMessage with usage_metadata (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24389">#24389</a>) community[minor]: [PebbloSafeLoader] Rename loader type and add SharePointLoader to supported loaders (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24393">#24393</a>) Community[patch]: Missing &quot;stream&quot; parameter in cloudflare_workersai (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23987">#23987</a>) community: support advanced text extraction options for pdf documents (<a href="https://redirect.github.com/langchain-ai/langchain/issues/20265">#20265</a>) community[patch]: Release 0.2.8 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24354">#24354</a>) community: Fix SQLDatabse.from_databricks issue when ran from Job (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24346">#24346</a>) Neo4j: Update with non-deprecated cypher methods, and new method to associate relationship embeddings (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23725">#23725</a>) docs: Add ChatBaichuan docstrings (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24348">#24348</a>) neo4j: Fix test for order-insensitive comparison and floating-point precision issues (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24338">#24338</a>) community[minor]: Add ApertureDB as a vectorstore (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24088">#24088</a>) community[patch]: Fix docstring for ollama parameter &quot;keep_alive&quot; (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23973">#23973</a>) community[patch]: Update TavilySearch to use TavilyClient instead of the deprecated Client (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24270">#24270</a>) baidu qianfan AiMessage with usage_metadata (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24288">#24288</a>) community[patch]: change the class of <code>qianfan_ak</code> and <code>qianfan_sk</code> parameters (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24293">#24293</a>) community: Add support for specifying hybrid search for Databricks vector search (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23528">#23528</a>) community(you): Integrate You.com conversational APIs (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23046">#23046</a>) feat: Add ChatTongyi structured output (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24187">#24187</a>) baidu qianfan streaming token_usage (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24117">#24117</a>) community[patch]: Improve ChatBaichuan init args and role (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23878">#23878</a>) partners: add similarity search by image functionality to langchain_chroma partner package (<a href="https://redirect.github.com/langchain-ai/langchain/issues/22982">#22982</a>) fix azure_openai.py: some keys do not exists (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24158">#24158</a>) docs: Spell check fixes (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24217">#24217</a>) community[patch]: upgrade default model for ChatAnyscale (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24232">#24232</a>) core[patch]: fix ToolCall &quot;type&quot; when streaming (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24218">#24218</a>) community: Skip Login to HuggubgFaceHub when token is not set (<a href="https://redirect.github.com/langchain-ai/langchain/issues/21561">#21561</a>) community[patch]: update typo document content returned from semanticscholar (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24175">#24175</a>) Fix neo4j type error on missing constraint information (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24177">#24177</a>) community: Fix Bug in Azure Search Vectorstore search asyncronously (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24081">#24081</a>)</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/langchain-ai/langchain/commit/f4ee3c8a223ea4b3d7bd9e08fcd3769c70e3446c"><code>f4ee3c8</code></a> infra: add min version testing to pr test flow (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24358">#24358</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/50cb0a03bc59787fc094aba96604e51afe32a402"><code>50cb0a0</code></a> docs: advanced feature note (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24456">#24456</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/842065a9cc321e04af6341daa5f0816e53180260"><code>842065a</code></a> community[patch]: Release 0.2.9 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24453">#24453</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/27ad6a4bb383d60cb9b33db3205edaaa890dc389"><code>27ad6a4</code></a> langchain[patch]: Release 0.2.10 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24452">#24452</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/dda9438e879ded0b156739e419345c6d98215bf8"><code>dda9438</code></a> community[patch]: gpt-4o-mini costs (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24421">#24421</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/604dfe2d99246b0c09f047c604f0c63eafba31e7"><code>604dfe2</code></a> community[patch]: Force opt-in for WebResearchRetriever (CVE-2024-3095) (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24451">#24451</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/f101c759ed0e1df8bcf9044a429dc578e0c33b22"><code>f101c75</code></a> docs: how to pass runtime secrets (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24450">#24450</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/372c27f2e57847b7dc5a230a3e3e3d347317f267"><code>372c27f</code></a> community[minor]: [GoogleApiYoutubeLoader] Replace API used in _get_document...</li> <li><a href="https://github.com/langchain-ai/langchain/commit/6a45bf9554f481af0aac9af954e7cdf91c40b914"><code>6a45bf9</code></a> community[minor]: GraphCypherQAChain to accept additional inputs as provided ...</li> <li><a href="https://github.com/langchain-ai/langchain/commit/f5856680fe55ca1ee515d8ece7aa3032413eb38e"><code>f585668</code></a> community[minor]: add mongodb byte store (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23876">#23876</a>)</li> <li>Additional commits viewable in <a href="https://github.com/langchain-ai/langchain/compare/langchain-community==0.2.0...langchain-community==0.2.9">compare view</a></li> </ul> </details> <br /> Updates `langchain-community` from 0.2.6 to 0.2.9 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/langchain-ai/langchain/releases">langchain-community's releases</a>.</em></p> <blockquote> <h2>langchain-community==0.2.9</h2> <p>Changes since langchain-community==0.2.7</p> <p>infra: add min version testing to pr test flow (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24358">#24358</a>) community[patch]: Release 0.2.9 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24453">#24453</a>) community[patch]: gpt-4o-mini costs (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24421">#24421</a>) community[patch]: Force opt-in for WebResearchRetriever (CVE-2024-3095) (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24451">#24451</a>) community[minor]: [GoogleApiYoutubeLoader] Replace API used in _get_document_for_channel from search to playlistItem (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24034">#24034</a>) community[minor]: GraphCypherQAChain to accept additional inputs as provided by the user for cypher generation (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24300">#24300</a>) community[minor]: add mongodb byte store (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23876">#23876</a>) community[minor]: Add ability to specify file encoding and json encoding for FileChatMessageHistory (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24258">#24258</a>) Community[minor]: Added checksum in while send data to pebblo-cloud (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23968">#23968</a>) community[minor]: Add TextEmbed Embedding Integration (<a href="https://redirect.github.com/langchain-ai/langchain/issues/22946">#22946</a>) community[minor]: Add Riza Python/JS code execution tool (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23995">#23995</a>) community[minor]: Add keybert-based link extractor (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24311">#24311</a>) community[minor]: GLiNER link extraction (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24314">#24314</a>) Mask API keys for various LLM/ChatModel Modules (<a href="https://redirect.github.com/langchain-ai/langchain/issues/13885">#13885</a>) community[patch]: fix formatting (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24443">#24443</a>) Merge pull request <a href="https://redirect.github.com/langchain-ai/langchain/issues/24315">#24315</a> Merge pull request <a href="https://redirect.github.com/langchain-ai/langchain/issues/24363">#24363</a> Mask API key for ChatOpenAI based chat_models (<a href="https://redirect.github.com/langchain-ai/langchain/issues/14293">#14293</a>) community: fix tool appending logic and update planner prompt in OpenAPI agent toolkit (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24384">#24384</a>) [fix] baidu qianfan AiMessage with usage_metadata (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24389">#24389</a>) community[minor]: [PebbloSafeLoader] Rename loader type and add SharePointLoader to supported loaders (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24393">#24393</a>) Community[patch]: Missing &quot;stream&quot; parameter in cloudflare_workersai (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23987">#23987</a>) community: support advanced text extraction options for pdf documents (<a href="https://redirect.github.com/langchain-ai/langchain/issues/20265">#20265</a>) community[patch]: Release 0.2.8 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24354">#24354</a>) community: Fix SQLDatabse.from_databricks issue when ran from Job (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24346">#24346</a>) Neo4j: Update with non-deprecated cypher methods, and new method to associate relationship embeddings (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23725">#23725</a>) docs: Add ChatBaichuan docstrings (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24348">#24348</a>) neo4j: Fix test for order-insensitive comparison and floating-point precision issues (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24338">#24338</a>) community[minor]: Add ApertureDB as a vectorstore (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24088">#24088</a>) community[patch]: Fix docstring for ollama parameter &quot;keep_alive&quot; (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23973">#23973</a>) community[patch]: Update TavilySearch to use TavilyClient instead of the deprecated Client (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24270">#24270</a>) baidu qianfan AiMessage with usage_metadata (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24288">#24288</a>) community[patch]: change the class of <code>qianfan_ak</code> and <code>qianfan_sk</code> parameters (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24293">#24293</a>) community: Add support for specifying hybrid search for Databricks vector search (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23528">#23528</a>) community(you): Integrate You.com conversational APIs (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23046">#23046</a>) feat: Add ChatTongyi structured output (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24187">#24187</a>) baidu qianfan streaming token_usage (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24117">#24117</a>) community[patch]: Improve ChatBaichuan init args and role (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23878">#23878</a>) partners: add similarity search by image functionality to langchain_chroma partner package (<a href="https://redirect.github.com/langchain-ai/langchain/issues/22982">#22982</a>) fix azure_openai.py: some keys do not exists (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24158">#24158</a>) docs: Spell check fixes (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24217">#24217</a>) community[patch]: upgrade default model for ChatAnyscale (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24232">#24232</a>) core[patch]: fix ToolCall &quot;type&quot; when streaming (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24218">#24218</a>) community: Skip Login to HuggubgFaceHub when token is not set (<a href="https://redirect.github.com/langchain-ai/langchain/issues/21561">#21561</a>) community[patch]: update typo document content returned from semanticscholar (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24175">#24175</a>) Fix neo4j type error on missing constraint information (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24177">#24177</a>) community: Fix Bug in Azure Search Vectorstore search asyncronously (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24081">#24081</a>)</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/langchain-ai/langchain/commit/f4ee3c8a223ea4b3d7bd9e08fcd3769c70e3446c"><code>f4ee3c8</code></a> infra: add min version testing to pr test flow (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24358">#24358</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/50cb0a03bc59787fc094aba96604e51afe32a402"><code>50cb0a0</code></a> docs: advanced feature note (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24456">#24456</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/842065a9cc321e04af6341daa5f0816e53180260"><code>842065a</code></a> community[patch]: Release 0.2.9 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24453">#24453</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/27ad6a4bb383d60cb9b33db3205edaaa890dc389"><code>27ad6a4</code></a> langchain[patch]: Release 0.2.10 (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24452">#24452</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/dda9438e879ded0b156739e419345c6d98215bf8"><code>dda9438</code></a> community[patch]: gpt-4o-mini costs (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24421">#24421</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/604dfe2d99246b0c09f047c604f0c63eafba31e7"><code>604dfe2</code></a> community[patch]: Force opt-in for WebResearchRetriever (CVE-2024-3095) (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24451">#24451</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/f101c759ed0e1df8bcf9044a429dc578e0c33b22"><code>f101c75</code></a> docs: how to pass runtime secrets (<a href="https://redirect.github.com/langchain-ai/langchain/issues/24450">#24450</a>)</li> <li><a href="https://github.com/langchain-ai/langchain/commit/372c27f2e57847b7dc5a230a3e3e3d347317f267"><code>372c27f</code></a> community[minor]: [GoogleApiYoutubeLoader] Replace API used in _get_document...</li> <li><a href="https://github.com/langchain-ai/langchain/commit/6a45bf9554f481af0aac9af954e7cdf91c40b914"><code>6a45bf9</code></a> community[minor]: GraphCypherQAChain to accept additional inputs as provided ...</li> <li><a href="https://github.com/langchain-ai/langchain/commit/f5856680fe55ca1ee515d8ece7aa3032413eb38e"><code>f585668</code></a> community[minor]: add mongodb byte store (<a href="https://redirect.github.com/langchain-ai/langchain/issues/23876">#23876</a>)</li> <li>Additional commits viewable in <a href="https://github.com/langchain-ai/langchain/compare/langchain-community==0.2.0...langchain-community==0.2.9">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/open-webui/open-webui/network/alerts). </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2025-11-11 17:47:21 -06:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#8192
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?