LocalAI icon indicating copy to clipboard operation
LocalAI copied to clipboard

Published 20 hours ago verified publisher icon mudler

build(deps): bump the pip group across 3 directories with 3 updates

Open dependabot[bot] opened this issue 1 year ago • 1 comments

Bumps the pip group with 1 update in the /backend/python/openvoice directory: gradio. Bumps the pip group with 2 updates in the /examples/chainlit directory: llama-index and requests. Bumps the pip group with 1 update in the /examples/langchain/langchainpy-localai-example directory: requests.

Updates gradio from 3.48.0 to 4.19.2

Release notes

Sourced from gradio's releases.

@​gradio/model3d@​0.10.5

Dependency updates

  • @​gradio/utils@​0.4.2
  • @​gradio/atoms@​0.7.4
  • @​gradio/statustracker@​0.5.5
  • @​gradio/upload@​0.10.5
  • @​gradio/client@​0.19.4

@​gradio/model3d@​0.10.4

Dependency updates

  • @​gradio/client@​0.19.3
  • @​gradio/statustracker@​0.5.4
  • @​gradio/upload@​0.10.4
Changelog

Sourced from gradio's changelog.

4.19.2

Features

Fixes

4.19.1

Features

Fixes

4.19.0

Features

Fixes

... (truncated)

Commits

Updates llama-index from 0.8.55 to 0.10.13

Release notes

Sourced from llama-index's releases.

v0.10.13

New Features

  • Added a llama-pack for KodaRetriever, for on-the-fly alpha tuning (#11311)
  • Added support for mistral-large (#11398)
  • Last token pooling mode for huggingface embeddings models like SFR-Embedding-Mistral (#11373)
  • Added fsspec support to SimpleDirectoryReader (#11303)

Bug Fixes / Nits

  • Fixed an issue with context window + prompt helper (#11379)
  • Moved OpenSearch vector store to BasePydanticVectorStore (#11400)
  • Fixed function calling in fireworks LLM (#11363)
  • Made cohere embedding types more automatic (#11288)
  • Improve function calling in react agent (#11280)
  • Fixed MockLLM imports (#11376)

v0.10.12

No release notes provided.

v0.10.11

No release notes provided.

v0.10.10

No release notes provided.

v0.10.8

No release notes provided.

v0.10.7

New Features

  • Added Self-Discover llamapack (#10951)

Bug Fixes / Nits

  • Fixed linting in CICD (#10945)
  • Fixed using remote graph stores (#10971)
  • Added missing LLM kwarg in NoText response synthesizer (#10971)
  • Fixed openai import in rankgpt (#10971)
  • Fixed resolving model name to string in openai embeddings (#10971)
  • Off by one error in sentence window node parser (#10971)

v0.10.6

[0.10.6] - 2024-02-17

First, apologies for missing the changelog the last few versions. Trying to figure out the best process with 400+ packages.

At some point, each package will have a dedicated changelog.

... (truncated)

Changelog

Sourced from llama-index's changelog.

[0.10.13] - 2024-02-26

New Features

  • Added a llama-pack for KodaRetriever, for on-the-fly alpha tuning (#11311)
  • Added support for mistral-large (#11398)
  • Last token pooling mode for huggingface embeddings models like SFR-Embedding-Mistral (#11373)
  • Added fsspec support to SimpleDirectoryReader (#11303)

Bug Fixes / Nits

  • Fixed an issue with context window + prompt helper (#11379)
  • Moved OpenSearch vector store to BasePydanticVectorStore (#11400)
  • Fixed function calling in fireworks LLM (#11363)
  • Made cohere embedding types more automatic (#11288)
  • Improve function calling in react agent (#11280)
  • Fixed MockLLM imports (#11376)

[0.10.12] - 2024-02-22

New Features

  • Added llama-index-postprocessor-colbert-rerank package (#11057)
  • MyMagicAI LLM (#11263)
  • MariaTalk LLM (#10925)
  • Add retries to github reader (#10980)
  • Added FireworksAI embedding and LLM modules (#10959)

Bug Fixes / Nits

  • Fixed string formatting in weaviate (#11294)
  • Fixed off-by-one error in semantic splitter (#11295)
  • Fixed download_llama_pack for multiple files (#11272)
  • Removed BUILD files from packages (#11267)
  • Loosened python version reqs for all packages (#11267)
  • Fixed args issue with chromadb (#11104)

[0.10.11] - 2024-02-21

Bug Fixes / Nits

  • Fixed multi-modal LLM for async acomplete (#11064)
  • Fixed issue with llamaindex-cli imports (#11068)

[0.10.10] - 2024-02-20

I'm still a bit wonky with our publishing process -- apologies. This is just a version bump to ensure the changes that were supposed to happen in 0.10.9 actually did get published. (AF)

... (truncated)

Commits
  • 6d642a0 Logan/release v0.10.13 (#11408)
  • 78a4c9e fix prompt helper init (#11379)
  • 52383c7 Update opensearch vectorstore to PydanticVectorStore class (#11400)
  • 4077fee Astra DB Vector store, package rename for naming consistency (#11056)
  • 65290f5 Alpha Tuning Llama Pack: KodaRetriever (#11311)
  • 70d4a5c Only firefunction is function calling (#11363)
  • 3a10235 Elastic Search retrieval : Bug Fix for Cases when No Relationships Detected (...
  • 0b13b8d Add support for mistral-large (#11398)
  • 1f48dd9 Astra DB clients identify themselves as coming through LlamaIndex usage (#11396)
  • 6024956 Last token pooling for Huggingface models like SFR-Embedding-Mistral (#11373)
  • Additional commits viewable in compare view

Updates requests from 2.31.0 to 2.32.2

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

  • Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
  • Fixed deserialization bug in JSONDecodeError. (#6629)
  • Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

  • Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
  • Fixed deserialization bug in JSONDecodeError. (#6629)
  • Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

Deprecations

... (truncated)

Commits
  • 88dce9d v2.32.2
  • c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
  • 92075b3 Add deprecation warning
  • aa1461b Move _get_connection to get_connection_with_tls_context
  • 970e8ce v2.32.1
  • d6ebc4a v2.32.0
  • 9a40d12 Avoid reloading root certificates to improve concurrent performance (#6667)
  • 0c030f7 Merge pull request #6702 from nateprewitt/no_char_detection
  • 555b870 Allow character detection dependencies to be optional in post-packaging steps
  • d6dded3 Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-test
  • Additional commits viewable in compare view

Updates requests from 2.31.0 to 2.32.2

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

  • Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
  • Fixed deserialization bug in JSONDecodeError. (#6629)
  • Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

  • Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
  • Fixed deserialization bug in JSONDecodeError. (#6629)
  • Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

Deprecations

... (truncated)

Commits
  • 88dce9d v2.32.2
  • c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
  • 92075b3 Add deprecation warning
  • aa1461b Move _get_connection to get_connection_with_tls_context
  • 970e8ce v2.32.1
  • d6ebc4a v2.32.0
  • 9a40d12 Avoid reloading root certificates to improve concurrent performance (#6667)
  • 0c030f7 Merge pull request #6702 from nateprewitt/no_char_detection
  • 555b870 Allow character detection dependencies to be optional in post-packaging steps
  • d6dded3 Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-test
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the Security Alerts page.

dependabot[bot] avatar May 24 '24 19:05 dependabot[bot]

Deploy Preview for localai canceled.

Name Link
Latest commit 92ab10ef4aa5a884299cd2dbe7155a3f9323e048
Latest deploy log https://app.netlify.com/sites/localai/deploys/665f7d220fc4700008c5b1c0

netlify[bot] avatar May 24 '24 19:05 netlify[bot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

dependabot[bot] avatar Jul 16 '24 04:07 dependabot[bot]

Bot can re create if relevant this one is old.

dave-gray101 avatar Jul 16 '24 04:07 dave-gray101