build(deps): bump the pip group across 5 directories with 7 updates

[dependabot]

Bumps the pip group with 1 update in the /backend/python/openvoice directory: gradio.
Bumps the pip group with 2 updates in the /examples/chainlit directory: llama-index and requests.
Bumps the pip group with 1 update in the /examples/langchain-chroma directory: llama-index.
Bumps the pip group with 4 updates in the /examples/langchain/langchainpy-localai-example directory: requests, aiohttp, certifi and urllib3.
Bumps the pip group with 1 update in the /examples/streamlit-bot directory: streamlit.

Updates gradio from 3.48.0 to 4.37.1

Release notes

Sourced from gradio's releases.

@​gradio/model3d@​0.12.0

Features

• #8975 3feea64 - Prevent overflow in Model3D. Thanks @​hannahblair!

Dependency updates

• @​gradio/atoms@​0.7.9
• @​gradio/statustracker@​0.7.4
• @​gradio/client@​1.5.0
• @​gradio/icons@​0.7.0
• @​gradio/upload@​0.12.2

@​gradio/model3d@​0.11.2

Dependency updates

• @​gradio/atoms@​0.7.8
• @​gradio/icons@​0.6.1
• @​gradio/utils@​0.5.2
• @​gradio/statustracker@​0.7.3
• @​gradio/upload@​0.12.1

Changelog

Sourced from gradio's changelog.

4.37.1

Fixes

• #8610 9204d86 - Add guide on cleaning up state and file resources. Thanks @​freddyaboulton!

4.37.0

Features

• #8131 bb504b4 - Gradio components in gr.Chatbot(). Thanks @​dawoodkhan82!
• #8489 c2a0d05 - Control Display of Error, Info, Warning. Thanks @​freddyaboulton!
• #8571 a77877f - First time loading performance optimization. Thanks @​baojianting!
• #8607 c7cd0a0 - Ensure chatbot background is consistent with other components. Thanks @​pngwn!
• #8555 7fc7455 - support html in chatbot. Thanks @​pngwn!
• #8590 65afffd - Fix multimodal chat look. Thanks @​aliabid94!
• #8603 affce4c - Fix resizer on altair. Thanks @​aliabid94!
• #8580 797621b - Improved plot rendering to thematically match. Thanks @​aliabid94!/n highlight:Expect visual changes in gr.Plot, gr.BarPlot, gr.LinePlot, gr.ScatterPlot, including changes to color and width sizing.
• #8520 595ecf3 - Add build target option to the custom component gradio.config.js file. Thanks @​pngwn!
• #8593 d35c290 - Adding more docs for using components in chatbot. Thanks @​abidlabs!
• #8609 36b2af9 - Changed gradio version check from print statement to warning. Thanks @​gdevakumar!
• #8600 7289c4b - Add credentials: include and Cookie header to prevent 401 error. Thanks @​yinkiu602!
• #8488 b03da67 - Minor changes to monitoring. Thanks @​freddyaboulton!
• #8569 6f99a02 - Upgrade pyodide 0.26. Thanks @​whitphx!
• #8565 fd5aab1 - Remove duplicated code in routes.py. Thanks @​sadra-barikbin!
• #8529 d43d696 - feat: exception handling about file_count params of File component. Thanks @​young-hun-jo!
• #8528 2b0c157 - Added an optional height and overflow scrollbar for the Markdown Component. Thanks @​ShruAgarwal!
• #8516 de6aa2b - Add helper classes to docs. Thanks @​aliabd!
• #8522 bdaa678 - add handle_file docs. Thanks @​pngwn!

Fixes

• #8599 ca125b7 - Fix reload mode for jupyter notebook and stateful demos. Thanks @​freddyaboulton!
• #8521 900cf25 - Ensure frontend functions work when they don't return a value. Thanks @​pngwn!
• #8594 530f8a0 - chatbot component tweaks. Thanks @​pngwn!
• #8530 d429690 - Fix request serialization for fastapi /docs. Thanks @​zhzLuke96!
• #8589 34430b9 - Handle GIFs correct in gr.Image preprocessing. Thanks @​abidlabs!
• #8506 7c5fec3 - Use root url for monitoring url. Thanks @​abidlabs!
• #8524 546d14e - add test + demo. Thanks @​pngwn!
• #8588 1e61644 - move deploy_space_action.yaml to correct location. Thanks @​abidlabs!
• #8543 a4433be - Ability to disable orange progress animation for generators by setting show_progress='minimal' or show_progress='hidden' in the event definition. This is a small visual breaking change but it aligns better with the expected behavior of the show_progress parameter. Also added show_progress to gr.Interface and gr.ChatInterface. Thanks @​freddyaboulton!
• #8579 bc5fccf - Allow gr.load to work inside gr.Blocks automatically. Thanks @​abidlabs!
• #8573 56af40f - Fixes the favicon_path working error. Thanks @​ShruAgarwal!
• #8548 7fc0f51 - Fix reload mode by implementing close on the client. Thanks @​freddyaboulton!
• #8531 88de38e - Fix custom components on windows. Thanks @​freddyaboulton!
• #8581 a1c21cb - fix dataset update. Thanks @​abidlabs!
• #8537 81ae766 - Many small fixes to website and docs. Thanks @​aliabd!

4.36.1

... (truncated)

Commits

• 8d425ee chore: update versions (#8613)
• 4cfb6ee chore: update versions (#8523)
• 9204d86 Add guide on cleaning up state and file resources (#8610)
• affce4c Fix resizer on altair (#8603)
• 8aad678 Fix plotly version (#8606)
• 36b2af9 Changed gradio version check from print statement to warning (#8609)
• c7cd0a0 Ensure chatbot background is consistent with other components (#8607)
• fe83e64 Small fix to guide styling (#8605)
• ca125b7 Fix reload mode for jupyter notebook and stateful demos (#8599)
• 65afffd Fix multimodal chat look (#8590)
• Additional commits viewable in compare view

Updates llama-index from 0.8.55 to 0.10.13

Release notes

Sourced from llama-index's releases.

v0.10.13

New Features

• Added a llama-pack for KodaRetriever, for on-the-fly alpha tuning (#11311)
• Added support for mistral-large (#11398)
• Last token pooling mode for huggingface embeddings models like SFR-Embedding-Mistral (#11373)
• Added fsspec support to SimpleDirectoryReader (#11303)

Bug Fixes / Nits

• Fixed an issue with context window + prompt helper (#11379)
• Moved OpenSearch vector store to BasePydanticVectorStore (#11400)
• Fixed function calling in fireworks LLM (#11363)
• Made cohere embedding types more automatic (#11288)
• Improve function calling in react agent (#11280)
• Fixed MockLLM imports (#11376)

v0.10.12

No release notes provided.

v0.10.11

No release notes provided.

v0.10.10

No release notes provided.

v0.10.8

No release notes provided.

v0.10.7

New Features

• Added Self-Discover llamapack (#10951)

Bug Fixes / Nits

• Fixed linting in CICD (#10945)
• Fixed using remote graph stores (#10971)
• Added missing LLM kwarg in NoText response synthesizer (#10971)
• Fixed openai import in rankgpt (#10971)
• Fixed resolving model name to string in openai embeddings (#10971)
• Off by one error in sentence window node parser (#10971)

v0.10.6

[0.10.6] - 2024-02-17

First, apologies for missing the changelog the last few versions. Trying to figure out the best process with 400+ packages.

At some point, each package will have a dedicated changelog.

... (truncated)

Changelog

Sourced from llama-index's changelog.

[0.10.13] - 2024-02-26

New Features

• Added a llama-pack for KodaRetriever, for on-the-fly alpha tuning (#11311)
• Added support for mistral-large (#11398)
• Last token pooling mode for huggingface embeddings models like SFR-Embedding-Mistral (#11373)
• Added fsspec support to SimpleDirectoryReader (#11303)

Bug Fixes / Nits

• Fixed an issue with context window + prompt helper (#11379)
• Moved OpenSearch vector store to BasePydanticVectorStore (#11400)
• Fixed function calling in fireworks LLM (#11363)
• Made cohere embedding types more automatic (#11288)
• Improve function calling in react agent (#11280)
• Fixed MockLLM imports (#11376)

[0.10.12] - 2024-02-22

New Features

• Added llama-index-postprocessor-colbert-rerank package (#11057)
• MyMagicAI LLM (#11263)
• MariaTalk LLM (#10925)
• Add retries to github reader (#10980)
• Added FireworksAI embedding and LLM modules (#10959)

Bug Fixes / Nits

• Fixed string formatting in weaviate (#11294)
• Fixed off-by-one error in semantic splitter (#11295)
• Fixed download_llama_pack for multiple files (#11272)
• Removed BUILD files from packages (#11267)
• Loosened python version reqs for all packages (#11267)
• Fixed args issue with chromadb (#11104)

[0.10.11] - 2024-02-21

Bug Fixes / Nits

• Fixed multi-modal LLM for async acomplete (#11064)
• Fixed issue with llamaindex-cli imports (#11068)

[0.10.10] - 2024-02-20

I'm still a bit wonky with our publishing process -- apologies. This is just a version bump to ensure the changes that were supposed to happen in 0.10.9 actually did get published. (AF)

... (truncated)

Commits

• 6d642a0 Logan/release v0.10.13 (#11408)
• 78a4c9e fix prompt helper init (#11379)
• 52383c7 Update opensearch vectorstore to PydanticVectorStore class (#11400)
• 4077fee Astra DB Vector store, package rename for naming consistency (#11056)
• 65290f5 Alpha Tuning Llama Pack: KodaRetriever (#11311)
• 70d4a5c Only firefunction is function calling (#11363)
• 3a10235 Elastic Search retrieval : Bug Fix for Cases when No Relationships Detected (...
• 0b13b8d Add support for mistral-large (#11398)
• 1f48dd9 Astra DB clients identify themselves as coming through LlamaIndex usage (#11396)
• 6024956 Last token pooling for Huggingface models like SFR-Embedding-Mistral (#11373)
• Additional commits viewable in compare view

Updates requests from 2.31.0 to 2.32.2

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

• To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

  A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

• Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

• Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

• verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
• Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

• Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
• Fixed deserialization bug in JSONDecodeError. (#6629)
• Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

• To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

  A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

• Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

• Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

• verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
• Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

• Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
• Fixed deserialization bug in JSONDecodeError. (#6629)
• Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

Deprecations

... (truncated)

Commits

• 88dce9d v2.32.2
• c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
• 92075b3 Add deprecation warning
• aa1461b Move _get_connection to get_connection_with_tls_context
• 970e8ce v2.32.1
• d6ebc4a v2.32.0
• 9a40d12 Avoid reloading root certificates to improve concurrent performance (#6667)
• 0c030f7 Merge pull request #6702 from nateprewitt/no_char_detection
• 555b870 Allow character detection dependencies to be optional in post-packaging steps
• d6dded3 Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-test
• Additional commits viewable in compare view

Updates llama-index from 0.9.36 to 0.10.13

Release notes

Sourced from llama-index's releases.

v0.10.13

New Features

• Added a llama-pack for KodaRetriever, for on-the-fly alpha tuning (#11311)
• Added support for mistral-large (#11398)
• Last token pooling mode for huggingface embeddings models like SFR-Embedding-Mistral (#11373)
• Added fsspec support to SimpleDirectoryReader (#11303)

Bug Fixes / Nits

• Fixed an issue with context window + prompt helper (#11379)
• Moved OpenSearch vector store to BasePydanticVectorStore (#11400)
• Fixed function calling in fireworks LLM (#11363)
• Made cohere embedding types more automatic (#11288)
• Improve function calling in react agent (#11280)
• Fixed MockLLM imports (#11376)

v0.10.12

No release notes provided.

v0.10.11

No release notes provided.

v0.10.10

No release notes provided.

v0.10.8

No release notes provided.

v0.10.7

New Features

• Added Self-Discover llamapack (#10951)

Bug Fixes / Nits

• Fixed linting in CICD (#10945)
• Fixed using remote graph stores (#10971)
• Added missing LLM kwarg in NoText response synthesizer (#10971)
• Fixed openai import in rankgpt (#10971)
• Fixed resolving model name to string in openai embeddings (#10971)
• Off by one error in sentence window node parser (#10971)

v0.10.6

[0.10.6] - 2024-02-17

First, apologies for missing the changelog the last few versions. Trying to figure out the best process with 400+ packages.

At some point, each package will have a dedicated changelog.

... (truncated)

Changelog

Sourced from llama-index's changelog.

[0.10.13] - 2024-02-26

New Features

• Added a llama-pack for KodaRetriever, for on-the-fly alpha tuning (#11311)
• Added support for mistral-large (#11398)
• Last token pooling mode for huggingface embeddings models like SFR-Embedding-Mistral (#11373)
• Added fsspec support to SimpleDirectoryReader (#11303)

Bug Fixes / Nits

• Fixed an issue with context window + prompt helper (#11379)
• Moved OpenSearch vector store to BasePydanticVectorStore (#11400)
• Fixed function calling in fireworks LLM (#11363)
• Made cohere embedding types more automatic (#11288)
• Improve function calling in react agent (#11280)
• Fixed MockLLM imports (#11376)

[0.10.12] - 2024-02-22

New Features

• Added llama-index-postprocessor-colbert-rerank package (#11057)
• MyMagicAI LLM (#11263)
• MariaTalk LLM (#10925)
• Add retries to github reader (#10980)
• Added FireworksAI embedding and LLM modules (#10959)

Bug Fixes / Nits

• Fixed string formatting in weaviate (#11294)
• Fixed off-by-one error in semantic splitter (#11295)
• Fixed download_llama_pack for multiple files (#11272)
• Removed BUILD files from packages (#11267)
• Loosened python version reqs for all packages (#11267)
• Fixed args issue with chromadb (#11104)

[0.10.11] - 2024-02-21

Bug Fixes / Nits

• Fixed multi-modal LLM for async acomplete (#11064)
• Fixed issue with llamaindex-cli imports (#11068)

[0.10.10] - 2024-02-20

I'm still a bit wonky with our publishing process -- apologies. This is just a version bump to ensure the changes that were supposed to happen in 0.10.9 actually did get published. (AF)

... (truncated)

Commits

• 6d642a0 Logan/release v0.10.13 (#11408)
• 78a4c9e fix prompt helper init (#11379)
• 52383c7 Update opensearch vectorstore to PydanticVectorStore class (#11400)
• 4077fee Astra DB Vector store, package rename for naming consistency (#11056)
• 65290f5 Alpha Tuning Llama Pack: KodaRetriever (#11311)
• 70d4a5c Only firefunction is function calling (#11363)
• 3a10235 Elastic Search retrieval : Bug Fix for Cases when No Relationships Detected (...
• 0b13b8d Add support for mistral-large (#11398)
• 1f48dd9 Astra DB clients identify themselves as coming through LlamaIndex usage (#11396)
• 6024956 Last token pooling for Huggingface models like SFR-Embedding-Mistral (#11373)
• Additional commits viewable in compare view

Updates requests from 2.31.0 to 2.32.2

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

• To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

  A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

• Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

• Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

• verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
• Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

• Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
• Fixed deserialization bug in JSONDecodeError. (#6629)
• Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

• To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

  A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

• Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

• Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

• verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
• Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

• Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
• Fixed deserialization bug in JSONDecodeError. (#6629)
• Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

Deprecations

... (truncated)

Commits

• 88dce9d v2.32.2
• c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
• 92075b3 Add deprecation warning
• aa1461b Move _get_connection to get_connection_with_tls_context
• 970e8ce v2.32.1
• d6ebc4a v2.32.0
• 9a40d12 Avoid reloading root certificates to improve concurrent performance (#6667)
• 0c030f7 Merge pull request #6702 from nateprewitt/no_char_detection
• 555b870 Allow character detection dependencies to be optional in post-packaging steps
• d6dded3 Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-test
• Additional commits viewable in compare view

Updates aiohttp from 3.9.4 to 3.10.2

Release notes

Sourced from aiohttp's releases.

3.10.2

Bug fixes

• Fixed server checks for circular symbolic links to be compatible with Python 3.13 -- by :user:steverep.

  Related issues and pull requests on GitHub: #8565.

• Fixed request body not being read when ignoring an Upgrade request -- by :user:Dreamsorcerer.

  Related issues and pull requests on GitHub: #8597.

• Fixed an edge case where shutdown would wait for timeout when the handler was already completed -- by :user:Dreamsorcerer.

  Related issues and pull requests on GitHub: #8611.

• Fixed connecting to npipe://, tcp://, and unix:// urls -- by :user:bdraco.

  Related issues and pull requests on GitHub: #8632.

• Fixed WebSocket ping tasks being prematurely garbage collected -- by :user:bdraco.

  There was a small risk that WebSocket ping tasks would be prematurely garbage collected because the event loop only holds a weak reference to the task. The garbage collection risk has been fixed by holding a strong reference to the task. Additionally, the task is now scheduled eagerly with Python 3.12+ to increase the chance it can be completed immediately and avoid having to hold any references to the task.

  Related issues and pull requests on GitHub: #8641.

• Fixed incorrectly following symlinks for compressed file variants -- by :user:steverep.

  Related issues and pull requests on GitHub:

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.10.2 (2024-08-08)

Bug fixes

• Fixed server checks for circular symbolic links to be compatible with Python 3.13 -- by :user:steverep.

  Related issues and pull requests on GitHub: :issue:8565.

• Fixed request body not being read when ignoring an Upgrade request -- by :user:Dreamsorcerer.

  Related issues and pull requests on GitHub: :issue:8597.

• Fixed an edge case where shutdown would wait for timeout when the handler was already completed -- by :user:Dreamsorcerer.

  Related issues and pull requests on GitHub: :issue:8611.

• Fixed connecting to npipe://, tcp://, and unix:// urls -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:8632.

• Fixed WebSocket ping tasks being prematurely garbage collected -- by :user:bdraco.

  There was a small risk that WebSocket ping tasks would be prematurely garbage collected because the event loop only holds a weak reference to the task. The garbage collection risk has been fixed by holding a strong reference to the task. Additionally, the task is now scheduled eagerly with Python 3.12+ to increase the chance it can be completed immediately and avoid having to hold any references to the task.

  Related issues and pull requests on GitHub: :issue:8641.

• Fixed incorrectly following symlinks for compressed file variants -- by :user:steverep.

... (truncated)

Commits

• 491106e Release 3.10.2 (#8655)
• ce2e975 [PR #8652/b0536ae6 backport][3.10] Do not follow symlinks for compressed file...
• 6a77806 [PR #8636/51d872e backport][3.10] Remove Request.wait_for_disconnection() met...
• 1f92213 [PR #8642/e4942771 backport][3.10] Fix response to circular symlinks with Pyt...
• 2ef14a6 [PR #8641/0a88bab backport][3.10] Fix WebSocket ping tasks being prematurely ...
• 68e8496 [PR #8608/c4acabc backport][3.10] Fix timer handle churn in websocket heartbe...
• 72f41aa [PR #8632/b2691f2 backport][3.10] Fix connecting to npipe://, tcp://, and uni...
• bf83dbe [PR #8634/c7293e19 backport][3.10] Backport #8620 as improvements to various ...
• 4815765 [PR #8597/c99a1e27 backport][3.10] Fix reading of body when ignoring an upgra...
• 266608d [PR #8611/1fcef940 backport][3.10] Fix handler waiting on shutdown (#8627)
• Additional commits viewable in compare view

Updates certifi from 2023.7.22 to 2024.7.4

Commits

• bd81538 2024.07.04 (#295)
• 06a2cbf Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294)
• 13bba02 Bump actions/checkout from 4.1.6 to 4.1.7 (#293)
• e8abcd0 Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#292)
• 124f4ad 2024.06.02 (#291)
• c2196ce --- (#290)
• fefdeec Bump actions/checkout from 4.1.4 to 4.1.5 (#289)
• 3c5fb15 Bump actions/download-artifact from 4.1.6 to 4.1.7 (#286)
• 4a9569a Bump actions/checkout from 4.1.2 to 4.1.4 (#287)
• 1fc8086 Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#288)
• Additional commits viewable in compare view

Updates urllib3 from 1.26.18 to 1.26.19

Release notes

Sourced from urllib3's releases.

1.26.19

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of o...

Description has been truncated

[korbit-ai]

👋 I'm here to help you review your pull request. When you're ready for me to perform a review, you can comment anywhere on this pull request with this command: /korbit-review.

As a reminder, here are some helpful tips on how we can collaborate together:

• To have me re-scan your pull request, simply re-invoke the /korbit-review command in a new comment.
• You can interact with me by tagging @korbit-ai in any conversation in your pull requests.
• On any comment I make on your code, please leave a 👍 if it is helpful and a 👎 if it is unhelpful. This will help me learn and improve as we work together
• Lastly, to learn more, check out our Docs.

[coderabbitai]

Warning

Rate limit exceeded

@dependabot[bot] has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 21 minutes and 24 seconds before requesting another review.

How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

Commits

Files that changed from the base of the PR and between fd0bc21 and 8f1cb18.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
pypi/aiohttp@3.10.2	environment, eval, filesystem, network, shell, unsafe	0	14.3 MB	Andrew.Svetlov, fafhrd, webknjaz
pypi/gradio@4.37.1	environment, eval, filesystem, network, shell	0	71.1 MB	aabid93, aliabd, aliabid94, ...1 more
pypi/llama-index@0.10.13	None	0	21.9 kB	jerryjliu, simonsdsuo
pypi/numexpr@2.8.4	environment, eval, filesystem, shell	0	1.63 MB	andreabedini, falted, matthew.brett, ...1 more
pypi/requests@2.32.2	environment, eval, filesystem, network, shell, unsafe	0	473 kB	Lukasa, graffatcolmingov, nateprewitt

🚮 Removed packages: pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/aiohttp@3.9.4, pypi/certifi@2023.7.22, pypi/certifi@2023.7.22, pypi/gradio@3.48.0, pypi/gradio@3.48.0, pypi/llama-index@0.8.55, pypi/llama-index@0.8.55, pypi/llama-index@0.9.36, pypi/llama-index@0.9.36, pypi/requests@2.31.0, pypi/requests@2.31.0

View full report↗︎