From 9e38bd5b78259ec8acc68e77f2d2b485626324be Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Feb 2026 21:28:22 -0600 Subject: [PATCH 1/9] chore(backend/deps): bump the production-dependencies group across 1 directory with 8 updates (#12014) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the production-dependencies group with 8 updates in the /autogpt_platform/backend directory: | Package | From | To | | --- | --- | --- | | [anthropic](https://github.com/anthropics/anthropic-sdk-python) | `0.59.0` | `0.79.0` | | [fastapi](https://github.com/fastapi/fastapi) | `0.128.3` | `0.128.5` | | [ollama](https://github.com/ollama/ollama-python) | `0.5.4` | `0.6.1` | | [prometheus-client](https://github.com/prometheus/client_python) | `0.22.1` | `0.24.1` | | [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.20` | `0.0.22` | | [supabase](https://github.com/supabase/supabase-py) | `2.27.2` | `2.27.3` | | [tenacity](https://github.com/jd/tenacity) | `9.1.3` | `9.1.4` | | [tiktoken](https://github.com/openai/tiktoken) | `0.9.0` | `0.12.0` | Updates `anthropic` from 0.59.0 to 0.79.0
Release notes

Sourced from anthropic's releases.

v0.79.0

0.79.0 (2026-02-07)

Full Changelog: v0.78.0...v0.79.0

Features

Bug Fixes

v0.78.0

0.78.0 (2026-02-05)

Full Changelog: v0.77.1...v0.78.0

Features

v0.77.1

0.77.1 (2026-02-03)

Full Changelog: v0.77.0...v0.77.1

Bug Fixes

Chores

v0.77.0

0.77.0 (2026-01-29)

Full Changelog: v0.76.0...v0.77.0

Features

... (truncated)

Changelog

Sourced from anthropic's changelog.

0.79.0 (2026-02-07)

Full Changelog: v0.78.0...v0.79.0

Features

Bug Fixes

0.78.0 (2026-02-05)

Full Changelog: v0.77.1...v0.78.0

Features

0.77.1 (2026-02-03)

Full Changelog: v0.77.0...v0.77.1

Bug Fixes

Chores

0.77.0 (2026-01-29)

Full Changelog: v0.76.0...v0.77.0

Features

Bug Fixes

... (truncated)

Commits

Updates `fastapi` from 0.128.3 to 0.128.5
Release notes

Sourced from fastapi's releases.

0.128.5

Refactors

Internal

0.128.4

Refactors

Translations

Internal

Commits

Updates `ollama` from 0.5.4 to 0.6.1
Release notes

Sourced from ollama's releases.

v0.6.1

What's Changed

Full Changelog: https://github.com/ollama/ollama-python/compare/v0.6.0...v0.6.1

v0.6.0

What's Changed

New Contributors

Full Changelog: https://github.com/ollama/ollama-python/compare/v0.5.4...v0.6.0

Commits

Updates `prometheus-client` from 0.22.1 to 0.24.1
Release notes

Sourced from prometheus-client's releases.

v0.24.1

v0.24.0

What's Changed

Full Changelog: https://github.com/prometheus/client_python/compare/v0.23.1...v0.24.0

v0.23.1

What's Changed

New Contributors

Full Changelog: https://github.com/prometheus/client_python/compare/v0.23.0...v0.23.1

v0.23.0

What's Changed

New Contributors

Full Changelog: https://github.com/prometheus/client_python/compare/v0.22.1...v0.23.0

Commits

Updates `python-multipart` from 0.0.20 to 0.0.22
Release notes

Sourced from python-multipart's releases.

Version 0.0.22

What's Changed

Full Changelog: https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22

Version 0.0.21

What's Changed

New Contributors

Full Changelog: https://github.com/Kludex/python-multipart/compare/0.0.20...0.0.21

Changelog

Sourced from python-multipart's changelog.

0.0.22 (2026-01-25)

0.0.21 (2025-12-17)

Commits

Updates `supabase` from 2.27.2 to 2.27.3
Release notes

Sourced from supabase's releases.

v2.27.3

2.27.3 (2026-02-03)

Bug Fixes

Changelog

Sourced from supabase's changelog.

2.27.3 (2026-02-03)

Bug Fixes

Commits

Updates `tenacity` from 9.1.3 to 9.1.4
Release notes

Sourced from tenacity's releases.

9.1.4

What's Changed

Full Changelog: https://github.com/jd/tenacity/compare/9.1.3...9.1.4

Commits

Updates `tiktoken` from 0.9.0 to 0.12.0
Changelog

Sourced from tiktoken's changelog.

[v0.12.0]

[v0.11.0]

[v0.10.0]

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
--------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Otto --- .../backend/backend/blocks/llm.py | 4 +- autogpt_platform/backend/poetry.lock | 200 +++++++++++------- autogpt_platform/backend/pyproject.toml | 16 +- 3 files changed, 133 insertions(+), 87 deletions(-) diff --git a/autogpt_platform/backend/backend/blocks/llm.py b/autogpt_platform/backend/backend/blocks/llm.py index dcf007440b..7a020593d7 100644 --- a/autogpt_platform/backend/backend/blocks/llm.py +++ b/autogpt_platform/backend/backend/blocks/llm.py @@ -531,12 +531,12 @@ class LLMResponse(BaseModel): def convert_openai_tool_fmt_to_anthropic( openai_tools: list[dict] | None = None, -) -> Iterable[ToolParam] | anthropic.NotGiven: +) -> Iterable[ToolParam] | anthropic.Omit: """ Convert OpenAI tool format to Anthropic tool format. """ if not openai_tools or len(openai_tools) == 0: - return anthropic.NOT_GIVEN + return anthropic.omit anthropic_tools = [] for tool in openai_tools: diff --git a/autogpt_platform/backend/poetry.lock b/autogpt_platform/backend/poetry.lock index 66b70be3b7..d80c6da0fc 100644 --- a/autogpt_platform/backend/poetry.lock +++ b/autogpt_platform/backend/poetry.lock @@ -269,19 +269,20 @@ files = [ [[package]] name = "anthropic" -version = "0.59.0" +version = "0.79.0" description = "The official Python library for the anthropic API" optional = false -python-versions = ">=3.8" +python-versions = ">=3.9" groups = ["main"] files = [ - {file = "anthropic-0.59.0-py3-none-any.whl", hash = "sha256:cbc8b3dccef66ad6435c4fa1d317e5ebb092399a4b88b33a09dc4bf3944c3183"}, - {file = "anthropic-0.59.0.tar.gz", hash = "sha256:d710d1ef0547ebbb64b03f219e44ba078e83fc83752b96a9b22e9726b523fd8f"}, + {file = "anthropic-0.79.0-py3-none-any.whl", hash = "sha256:04cbd473b6bbda4ca2e41dd670fe2f829a911530f01697d0a1e37321eb75f3cf"}, + {file = "anthropic-0.79.0.tar.gz", hash = "sha256:8707aafb3b1176ed6c13e2b1c9fb3efddce90d17aee5d8b83a86c70dcdcca871"}, ] [package.dependencies] anyio = ">=3.5.0,<5" distro = ">=1.7.0,<2" +docstring-parser = ">=0.15,<1" httpx = ">=0.25.0,<1" jiter = ">=0.4.0,<1" pydantic = ">=1.9.0,<3" @@ -289,7 +290,7 @@ sniffio = "*" typing-extensions = ">=4.10,<5" [package.extras] -aiohttp = ["aiohttp", "httpx-aiohttp (>=0.1.8)"] +aiohttp = ["aiohttp", "httpx-aiohttp (>=0.1.9)"] bedrock = ["boto3 (>=1.28.57)", "botocore (>=1.31.57)"] vertex = ["google-auth[requests] (>=2,<3)"] @@ -1148,6 +1149,23 @@ idna = ["idna (>=3.10)"] trio = ["trio (>=0.30)"] wmi = ["wmi (>=1.5.1) ; platform_system == \"Windows\""] +[[package]] +name = "docstring-parser" +version = "0.17.0" +description = "Parse Python docstrings in reST, Google and Numpydoc format" +optional = false +python-versions = ">=3.8" +groups = ["main"] +files = [ + {file = "docstring_parser-0.17.0-py3-none-any.whl", hash = "sha256:cf2569abd23dce8099b300f9b4fa8191e9582dda731fd533daf54c4551658708"}, + {file = "docstring_parser-0.17.0.tar.gz", hash = "sha256:583de4a309722b3315439bb31d64ba3eebada841f2e2cee23b99df001434c912"}, +] + +[package.extras] +dev = ["pre-commit (>=2.16.0) ; python_version >= \"3.9\"", "pydoctor (>=25.4.0)", "pytest"] +docs = ["pydoctor (>=25.4.0)"] +test = ["pytest"] + [[package]] name = "dulwich" version = "0.22.8" @@ -1364,14 +1382,14 @@ tzdata = "*" [[package]] name = "fastapi" -version = "0.128.3" +version = "0.128.5" description = "FastAPI framework, high performance, easy to learn, fast to code, ready for production" optional = false python-versions = ">=3.9" groups = ["main"] files = [ - {file = "fastapi-0.128.3-py3-none-any.whl", hash = "sha256:c8cdf7c2182c9a06bf9cfa3329819913c189dc86389b90d5709892053582db29"}, - {file = "fastapi-0.128.3.tar.gz", hash = "sha256:ed99383fd96063447597d5aa2a9ec3973be198e3b4fc10c55f15c62efdb21c60"}, + {file = "fastapi-0.128.5-py3-none-any.whl", hash = "sha256:bceec0de8aa6564599c5bcc0593b0d287703562c848271fca8546fd2c87bf4dd"}, + {file = "fastapi-0.128.5.tar.gz", hash = "sha256:a7173579fc162d6471e3c6fbd9a4b7610c7a3b367bcacf6c4f90d5d022cab711"}, ] [package.dependencies] @@ -3945,14 +3963,14 @@ signedtoken = ["cryptography (>=3.0.0)", "pyjwt (>=2.0.0,<3)"] [[package]] name = "ollama" -version = "0.5.4" +version = "0.6.1" description = "The official Python client for Ollama." optional = false python-versions = ">=3.8" groups = ["main"] files = [ - {file = "ollama-0.5.4-py3-none-any.whl", hash = "sha256:6374c9bb4f2a371b3583c09786112ba85b006516745689c172a7e28af4d4d1a2"}, - {file = "ollama-0.5.4.tar.gz", hash = "sha256:75857505a5d42e5e58114a1b78cc8c24596d8866863359d8a2329946a9b6d6f3"}, + {file = "ollama-0.6.1-py3-none-any.whl", hash = "sha256:fc4c984b345735c5486faeee67d8a265214a31cbb828167782dc642ce0a2bf8c"}, + {file = "ollama-0.6.1.tar.gz", hash = "sha256:478c67546836430034b415ed64fa890fd3d1ff91781a9d548b3325274e69d7c6"}, ] [package.dependencies] @@ -4710,14 +4728,14 @@ tests = ["coverage-conditional-plugin (>=0.9.0)", "portalocker[redis]", "pytest [[package]] name = "postgrest" -version = "2.27.2" +version = "2.27.3" description = "PostgREST client for Python. This library provides an ORM interface to PostgREST." optional = false python-versions = ">=3.9" groups = ["main"] files = [ - {file = "postgrest-2.27.2-py3-none-any.whl", hash = "sha256:1666fef3de05ca097a314433dd5ae2f2d71c613cb7b233d0f468c4ffe37277da"}, - {file = "postgrest-2.27.2.tar.gz", hash = "sha256:55407d530b5af3d64e883a71fec1f345d369958f723ce4a8ab0b7d169e313242"}, + {file = "postgrest-2.27.3-py3-none-any.whl", hash = "sha256:ed79123af7127edd78d538bfe8351d277e45b1a36994a4dbf57ae27dde87a7b7"}, + {file = "postgrest-2.27.3.tar.gz", hash = "sha256:c2e2679addfc8eaab23197bad7ddaee6cbb4cbe8c483ebd2d2e5219543037cc3"}, ] [package.dependencies] @@ -4875,17 +4893,19 @@ tqdm = "*" [[package]] name = "prometheus-client" -version = "0.22.1" +version = "0.24.1" description = "Python client for the Prometheus monitoring system." optional = false python-versions = ">=3.9" groups = ["main"] files = [ - {file = "prometheus_client-0.22.1-py3-none-any.whl", hash = "sha256:cca895342e308174341b2cbf99a56bef291fbc0ef7b9e5412a0f26d653ba7094"}, - {file = "prometheus_client-0.22.1.tar.gz", hash = "sha256:190f1331e783cf21eb60bca559354e0a4d4378facecf78f5428c39b675d20d28"}, + {file = "prometheus_client-0.24.1-py3-none-any.whl", hash = "sha256:150db128af71a5c2482b36e588fc8a6b95e498750da4b17065947c16070f4055"}, + {file = "prometheus_client-0.24.1.tar.gz", hash = "sha256:7e0ced7fbbd40f7b84962d5d2ab6f17ef88a72504dcf7c0b40737b43b2a461f9"}, ] [package.extras] +aiohttp = ["aiohttp"] +django = ["django"] twisted = ["twisted"] [[package]] @@ -5945,14 +5965,14 @@ cli = ["click (>=5.0)"] [[package]] name = "python-multipart" -version = "0.0.20" +version = "0.0.22" description = "A streaming multipart parser for Python" optional = false -python-versions = ">=3.8" +python-versions = ">=3.10" groups = ["main"] files = [ - {file = "python_multipart-0.0.20-py3-none-any.whl", hash = "sha256:8a62d3a8335e06589fe01f2a3e178cdcc632f3fbe0d492ad9ee0ec35aab1f104"}, - {file = "python_multipart-0.0.20.tar.gz", hash = "sha256:8dd0cab45b8e23064ae09147625994d090fa46f5b0d1e13af944c331a7fa9d13"}, + {file = "python_multipart-0.0.22-py3-none-any.whl", hash = "sha256:2b2cd894c83d21bf49d702499531c7bafd057d730c201782048f7945d82de155"}, + {file = "python_multipart-0.0.22.tar.gz", hash = "sha256:7340bef99a7e0032613f56dc36027b959fd3b30a787ed62d310e951f7c3a3a58"}, ] [[package]] @@ -6240,14 +6260,14 @@ all = ["numpy"] [[package]] name = "realtime" -version = "2.27.2" +version = "2.27.3" description = "" optional = false python-versions = ">=3.9" groups = ["main"] files = [ - {file = "realtime-2.27.2-py3-none-any.whl", hash = "sha256:34a9cbb26a274e707e8fc9e3ee0a66de944beac0fe604dc336d1e985db2c830f"}, - {file = "realtime-2.27.2.tar.gz", hash = "sha256:b960a90294d2cea1b3f1275ecb89204304728e08fff1c393cc1b3150739556b3"}, + {file = "realtime-2.27.3-py3-none-any.whl", hash = "sha256:f571115f86988e33c41c895cb3fba2eaa1b693aeaede3617288f44274ca90f43"}, + {file = "realtime-2.27.3.tar.gz", hash = "sha256:02b082243107656a5ef3fb63e8e2ab4c40bc199abb45adb8a42ed63f089a1041"}, ] [package.dependencies] @@ -7005,14 +7025,14 @@ full = ["httpx (>=0.27.0,<0.29.0)", "itsdangerous", "jinja2", "python-multipart [[package]] name = "storage3" -version = "2.27.2" +version = "2.27.3" description = "Supabase Storage client for Python." optional = false python-versions = ">=3.9" groups = ["main"] files = [ - {file = "storage3-2.27.2-py3-none-any.whl", hash = "sha256:e6f16e7a260729e7b1f46e9bf61746805a02e30f5e419ee1291007c432e3ec63"}, - {file = "storage3-2.27.2.tar.gz", hash = "sha256:cb4807b7f86b4bb1272ac6fdd2f3cfd8ba577297046fa5f88557425200275af5"}, + {file = "storage3-2.27.3-py3-none-any.whl", hash = "sha256:11a05b7da84bccabeeea12d940bca3760cf63fe6ca441868677335cfe4fdfbe0"}, + {file = "storage3-2.27.3.tar.gz", hash = "sha256:dc1a4a010cf36d5482c5cb6c1c28fc5f00e23284342b89e4ae43b5eae8501ddb"}, ] [package.dependencies] @@ -7072,35 +7092,35 @@ typing-extensions = {version = ">=4.5.0", markers = "python_version >= \"3.7\""} [[package]] name = "supabase" -version = "2.27.2" +version = "2.27.3" description = "Supabase client for Python." optional = false python-versions = ">=3.9" groups = ["main"] files = [ - {file = "supabase-2.27.2-py3-none-any.whl", hash = "sha256:d4dce00b3a418ee578017ec577c0e5be47a9a636355009c76f20ed2faa15bc54"}, - {file = "supabase-2.27.2.tar.gz", hash = "sha256:2aed40e4f3454438822442a1e94a47be6694c2c70392e7ae99b51a226d4293f7"}, + {file = "supabase-2.27.3-py3-none-any.whl", hash = "sha256:082a74642fcf9954693f1ce8c251baf23e4bda26ffdbc8dcd4c99c82e60d69ff"}, + {file = "supabase-2.27.3.tar.gz", hash = "sha256:5e5a348232ac4315c1032ddd687278f0b982465471f0cbb52bca7e6a66495ff3"}, ] [package.dependencies] httpx = ">=0.26,<0.29" -postgrest = "2.27.2" -realtime = "2.27.2" -storage3 = "2.27.2" -supabase-auth = "2.27.2" -supabase-functions = "2.27.2" +postgrest = "2.27.3" +realtime = "2.27.3" +storage3 = "2.27.3" +supabase-auth = "2.27.3" +supabase-functions = "2.27.3" yarl = ">=1.22.0" [[package]] name = "supabase-auth" -version = "2.27.2" +version = "2.27.3" description = "Python Client Library for Supabase Auth" optional = false python-versions = ">=3.9" groups = ["main"] files = [ - {file = "supabase_auth-2.27.2-py3-none-any.whl", hash = "sha256:78ec25b11314d0a9527a7205f3b1c72560dccdc11b38392f80297ef98664ee91"}, - {file = "supabase_auth-2.27.2.tar.gz", hash = "sha256:0f5bcc79b3677cb42e9d321f3c559070cfa40d6a29a67672cc8382fb7dc2fe97"}, + {file = "supabase_auth-2.27.3-py3-none-any.whl", hash = "sha256:82a4262eaad85383319d394dab0eea11fcf3ebd774062aef8ea3874ae2f02579"}, + {file = "supabase_auth-2.27.3.tar.gz", hash = "sha256:39894d4bc60b6f23b5cff4d0d7d4c1659e5d69563cadf014d4896f780ca8ca78"}, ] [package.dependencies] @@ -7110,14 +7130,14 @@ pyjwt = {version = ">=2.10.1", extras = ["crypto"]} [[package]] name = "supabase-functions" -version = "2.27.2" +version = "2.27.3" description = "Library for Supabase Functions" optional = false python-versions = ">=3.9" groups = ["main"] files = [ - {file = "supabase_functions-2.27.2-py3-none-any.whl", hash = "sha256:db480efc669d0bca07605b9b6f167312af43121adcc842a111f79bea416ef754"}, - {file = "supabase_functions-2.27.2.tar.gz", hash = "sha256:d0c8266207a94371cb3fd35ad3c7f025b78a97cf026861e04ccd35ac1775f80b"}, + {file = "supabase_functions-2.27.3-py3-none-any.whl", hash = "sha256:9d14a931d49ede1c6cf5fbfceb11c44061535ba1c3f310f15384964d86a83d9e"}, + {file = "supabase_functions-2.27.3.tar.gz", hash = "sha256:e954f1646da8ca6e7e16accef58d0884a5f97b25956ee98e7d4927a210ed92f9"}, ] [package.dependencies] @@ -7127,14 +7147,14 @@ yarl = ">=1.20.1" [[package]] name = "tenacity" -version = "9.1.3" +version = "9.1.4" description = "Retry code until it succeeds" optional = false python-versions = ">=3.10" groups = ["main"] files = [ - {file = "tenacity-9.1.3-py3-none-any.whl", hash = "sha256:51171cfc6b8a7826551e2f029426b10a6af189c5ac6986adcd7eb36d42f17954"}, - {file = "tenacity-9.1.3.tar.gz", hash = "sha256:a6724c947aa717087e2531f883bde5c9188f603f6669a9b8d54eb998e604c12a"}, + {file = "tenacity-9.1.4-py3-none-any.whl", hash = "sha256:6095a360c919085f28c6527de529e76a06ad89b23659fa881ae0649b867a9d55"}, + {file = "tenacity-9.1.4.tar.gz", hash = "sha256:adb31d4c263f2bd041081ab33b498309a57c77f9acf2db65aadf0898179cf93a"}, ] [package.extras] @@ -7143,43 +7163,69 @@ test = ["pytest", "tornado (>=4.5)", "typeguard"] [[package]] name = "tiktoken" -version = "0.9.0" +version = "0.12.0" description = "tiktoken is a fast BPE tokeniser for use with OpenAI's models" optional = false python-versions = ">=3.9" groups = ["main"] files = [ - {file = "tiktoken-0.9.0-cp310-cp310-macosx_10_12_x86_64.whl", hash = "sha256:586c16358138b96ea804c034b8acf3f5d3f0258bd2bc3b0227af4af5d622e382"}, - {file = "tiktoken-0.9.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:d9c59ccc528c6c5dd51820b3474402f69d9a9e1d656226848ad68a8d5b2e5108"}, - {file = "tiktoken-0.9.0-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f0968d5beeafbca2a72c595e8385a1a1f8af58feaebb02b227229b69ca5357fd"}, - {file = "tiktoken-0.9.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:92a5fb085a6a3b7350b8fc838baf493317ca0e17bd95e8642f95fc69ecfed1de"}, - {file = "tiktoken-0.9.0-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:15a2752dea63d93b0332fb0ddb05dd909371ededa145fe6a3242f46724fa7990"}, - {file = "tiktoken-0.9.0-cp310-cp310-win_amd64.whl", hash = "sha256:26113fec3bd7a352e4b33dbaf1bd8948de2507e30bd95a44e2b1156647bc01b4"}, - {file = "tiktoken-0.9.0-cp311-cp311-macosx_10_12_x86_64.whl", hash = "sha256:f32cc56168eac4851109e9b5d327637f15fd662aa30dd79f964b7c39fbadd26e"}, - {file = "tiktoken-0.9.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:45556bc41241e5294063508caf901bf92ba52d8ef9222023f83d2483a3055348"}, - {file = "tiktoken-0.9.0-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:03935988a91d6d3216e2ec7c645afbb3d870b37bcb67ada1943ec48678e7ee33"}, - {file = "tiktoken-0.9.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:8b3d80aad8d2c6b9238fc1a5524542087c52b860b10cbf952429ffb714bc1136"}, - {file = "tiktoken-0.9.0-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:b2a21133be05dc116b1d0372af051cd2c6aa1d2188250c9b553f9fa49301b336"}, - {file = "tiktoken-0.9.0-cp311-cp311-win_amd64.whl", hash = "sha256:11a20e67fdf58b0e2dea7b8654a288e481bb4fc0289d3ad21291f8d0849915fb"}, - {file = "tiktoken-0.9.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:e88f121c1c22b726649ce67c089b90ddda8b9662545a8aeb03cfef15967ddd03"}, - {file = "tiktoken-0.9.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:a6600660f2f72369acb13a57fb3e212434ed38b045fd8cc6cdd74947b4b5d210"}, - {file = "tiktoken-0.9.0-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:95e811743b5dfa74f4b227927ed86cbc57cad4df859cb3b643be797914e41794"}, - {file = "tiktoken-0.9.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:99376e1370d59bcf6935c933cb9ba64adc29033b7e73f5f7569f3aad86552b22"}, - {file = "tiktoken-0.9.0-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:badb947c32739fb6ddde173e14885fb3de4d32ab9d8c591cbd013c22b4c31dd2"}, - {file = "tiktoken-0.9.0-cp312-cp312-win_amd64.whl", hash = "sha256:5a62d7a25225bafed786a524c1b9f0910a1128f4232615bf3f8257a73aaa3b16"}, - {file = "tiktoken-0.9.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:2b0e8e05a26eda1249e824156d537015480af7ae222ccb798e5234ae0285dbdb"}, - {file = "tiktoken-0.9.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:27d457f096f87685195eea0165a1807fae87b97b2161fe8c9b1df5bd74ca6f63"}, - {file = "tiktoken-0.9.0-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2cf8ded49cddf825390e36dd1ad35cd49589e8161fdcb52aa25f0583e90a3e01"}, - {file = "tiktoken-0.9.0-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:cc156cb314119a8bb9748257a2eaebd5cc0753b6cb491d26694ed42fc7cb3139"}, - {file = "tiktoken-0.9.0-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:cd69372e8c9dd761f0ab873112aba55a0e3e506332dd9f7522ca466e817b1b7a"}, - {file = "tiktoken-0.9.0-cp313-cp313-win_amd64.whl", hash = "sha256:5ea0edb6f83dc56d794723286215918c1cde03712cbbafa0348b33448faf5b95"}, - {file = "tiktoken-0.9.0-cp39-cp39-macosx_10_12_x86_64.whl", hash = "sha256:c6386ca815e7d96ef5b4ac61e0048cd32ca5a92d5781255e13b31381d28667dc"}, - {file = "tiktoken-0.9.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:75f6d5db5bc2c6274b674ceab1615c1778e6416b14705827d19b40e6355f03e0"}, - {file = "tiktoken-0.9.0-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e15b16f61e6f4625a57a36496d28dd182a8a60ec20a534c5343ba3cafa156ac7"}, - {file = "tiktoken-0.9.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3ebcec91babf21297022882344c3f7d9eed855931466c3311b1ad6b64befb3df"}, - {file = "tiktoken-0.9.0-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:e5fd49e7799579240f03913447c0cdfa1129625ebd5ac440787afc4345990427"}, - {file = "tiktoken-0.9.0-cp39-cp39-win_amd64.whl", hash = "sha256:26242ca9dc8b58e875ff4ca078b9a94d2f0813e6a535dcd2205df5d49d927cc7"}, - {file = "tiktoken-0.9.0.tar.gz", hash = "sha256:d02a5ca6a938e0490e1ff957bc48c8b078c88cb83977be1625b1fd8aac792c5d"}, + {file = "tiktoken-0.12.0-cp310-cp310-macosx_10_12_x86_64.whl", hash = "sha256:3de02f5a491cfd179aec916eddb70331814bd6bf764075d39e21d5862e533970"}, + {file = "tiktoken-0.12.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:b6cfb6d9b7b54d20af21a912bfe63a2727d9cfa8fbda642fd8322c70340aad16"}, + {file = "tiktoken-0.12.0-cp310-cp310-manylinux_2_28_aarch64.whl", hash = "sha256:cde24cdb1b8a08368f709124f15b36ab5524aac5fa830cc3fdce9c03d4fb8030"}, + {file = "tiktoken-0.12.0-cp310-cp310-manylinux_2_28_x86_64.whl", hash = "sha256:6de0da39f605992649b9cfa6f84071e3f9ef2cec458d08c5feb1b6f0ff62e134"}, + {file = "tiktoken-0.12.0-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:6faa0534e0eefbcafaccb75927a4a380463a2eaa7e26000f0173b920e98b720a"}, + {file = "tiktoken-0.12.0-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:82991e04fc860afb933efb63957affc7ad54f83e2216fe7d319007dab1ba5892"}, + {file = "tiktoken-0.12.0-cp310-cp310-win_amd64.whl", hash = "sha256:6fb2995b487c2e31acf0a9e17647e3b242235a20832642bb7a9d1a181c0c1bb1"}, + {file = "tiktoken-0.12.0-cp311-cp311-macosx_10_12_x86_64.whl", hash = "sha256:6e227c7f96925003487c33b1b32265fad2fbcec2b7cf4817afb76d416f40f6bb"}, + {file = "tiktoken-0.12.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:c06cf0fcc24c2cb2adb5e185c7082a82cba29c17575e828518c2f11a01f445aa"}, + {file = "tiktoken-0.12.0-cp311-cp311-manylinux_2_28_aarch64.whl", hash = "sha256:f18f249b041851954217e9fd8e5c00b024ab2315ffda5ed77665a05fa91f42dc"}, + {file = "tiktoken-0.12.0-cp311-cp311-manylinux_2_28_x86_64.whl", hash = "sha256:47a5bc270b8c3db00bb46ece01ef34ad050e364b51d406b6f9730b64ac28eded"}, + {file = "tiktoken-0.12.0-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:508fa71810c0efdcd1b898fda574889ee62852989f7c1667414736bcb2b9a4bd"}, + {file = "tiktoken-0.12.0-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:a1af81a6c44f008cba48494089dd98cccb8b313f55e961a52f5b222d1e507967"}, + {file = "tiktoken-0.12.0-cp311-cp311-win_amd64.whl", hash = "sha256:3e68e3e593637b53e56f7237be560f7a394451cb8c11079755e80ae64b9e6def"}, + {file = "tiktoken-0.12.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:b97f74aca0d78a1ff21b8cd9e9925714c15a9236d6ceacf5c7327c117e6e21e8"}, + {file = "tiktoken-0.12.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:2b90f5ad190a4bb7c3eb30c5fa32e1e182ca1ca79f05e49b448438c3e225a49b"}, + {file = "tiktoken-0.12.0-cp312-cp312-manylinux_2_28_aarch64.whl", hash = "sha256:65b26c7a780e2139e73acc193e5c63ac754021f160df919add909c1492c0fb37"}, + {file = "tiktoken-0.12.0-cp312-cp312-manylinux_2_28_x86_64.whl", hash = "sha256:edde1ec917dfd21c1f2f8046b86348b0f54a2c0547f68149d8600859598769ad"}, + {file = "tiktoken-0.12.0-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:35a2f8ddd3824608b3d650a000c1ef71f730d0c56486845705a8248da00f9fe5"}, + {file = "tiktoken-0.12.0-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:83d16643edb7fa2c99eff2ab7733508aae1eebb03d5dfc46f5565862810f24e3"}, + {file = "tiktoken-0.12.0-cp312-cp312-win_amd64.whl", hash = "sha256:ffc5288f34a8bc02e1ea7047b8d041104791d2ddbf42d1e5fa07822cbffe16bd"}, + {file = "tiktoken-0.12.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:775c2c55de2310cc1bc9a3ad8826761cbdc87770e586fd7b6da7d4589e13dab3"}, + {file = "tiktoken-0.12.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:a01b12f69052fbe4b080a2cfb867c4de12c704b56178edf1d1d7b273561db160"}, + {file = "tiktoken-0.12.0-cp313-cp313-manylinux_2_28_aarch64.whl", hash = "sha256:01d99484dc93b129cd0964f9d34eee953f2737301f18b3c7257bf368d7615baa"}, + {file = "tiktoken-0.12.0-cp313-cp313-manylinux_2_28_x86_64.whl", hash = "sha256:4a1a4fcd021f022bfc81904a911d3df0f6543b9e7627b51411da75ff2fe7a1be"}, + {file = "tiktoken-0.12.0-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:981a81e39812d57031efdc9ec59fa32b2a5a5524d20d4776574c4b4bd2e9014a"}, + {file = "tiktoken-0.12.0-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:9baf52f84a3f42eef3ff4e754a0db79a13a27921b457ca9832cf944c6be4f8f3"}, + {file = "tiktoken-0.12.0-cp313-cp313-win_amd64.whl", hash = "sha256:b8a0cd0c789a61f31bf44851defbd609e8dd1e2c8589c614cc1060940ef1f697"}, + {file = "tiktoken-0.12.0-cp313-cp313t-macosx_10_13_x86_64.whl", hash = "sha256:d5f89ea5680066b68bcb797ae85219c72916c922ef0fcdd3480c7d2315ffff16"}, + {file = "tiktoken-0.12.0-cp313-cp313t-macosx_11_0_arm64.whl", hash = "sha256:b4e7ed1c6a7a8a60a3230965bdedba8cc58f68926b835e519341413370e0399a"}, + {file = "tiktoken-0.12.0-cp313-cp313t-manylinux_2_28_aarch64.whl", hash = "sha256:fc530a28591a2d74bce821d10b418b26a094bf33839e69042a6e86ddb7a7fb27"}, + {file = "tiktoken-0.12.0-cp313-cp313t-manylinux_2_28_x86_64.whl", hash = "sha256:06a9f4f49884139013b138920a4c393aa6556b2f8f536345f11819389c703ebb"}, + {file = "tiktoken-0.12.0-cp313-cp313t-musllinux_1_2_aarch64.whl", hash = "sha256:04f0e6a985d95913cabc96a741c5ffec525a2c72e9df086ff17ebe35985c800e"}, + {file = "tiktoken-0.12.0-cp313-cp313t-musllinux_1_2_x86_64.whl", hash = "sha256:0ee8f9ae00c41770b5f9b0bb1235474768884ae157de3beb5439ca0fd70f3e25"}, + {file = "tiktoken-0.12.0-cp313-cp313t-win_amd64.whl", hash = "sha256:dc2dd125a62cb2b3d858484d6c614d136b5b848976794edfb63688d539b8b93f"}, + {file = "tiktoken-0.12.0-cp314-cp314-macosx_10_13_x86_64.whl", hash = "sha256:a90388128df3b3abeb2bfd1895b0681412a8d7dc644142519e6f0a97c2111646"}, + {file = "tiktoken-0.12.0-cp314-cp314-macosx_11_0_arm64.whl", hash = "sha256:da900aa0ad52247d8794e307d6446bd3cdea8e192769b56276695d34d2c9aa88"}, + {file = "tiktoken-0.12.0-cp314-cp314-manylinux_2_28_aarch64.whl", hash = "sha256:285ba9d73ea0d6171e7f9407039a290ca77efcdb026be7769dccc01d2c8d7fff"}, + {file = "tiktoken-0.12.0-cp314-cp314-manylinux_2_28_x86_64.whl", hash = "sha256:d186a5c60c6a0213f04a7a802264083dea1bbde92a2d4c7069e1a56630aef830"}, + {file = "tiktoken-0.12.0-cp314-cp314-musllinux_1_2_aarch64.whl", hash = "sha256:604831189bd05480f2b885ecd2d1986dc7686f609de48208ebbbddeea071fc0b"}, + {file = "tiktoken-0.12.0-cp314-cp314-musllinux_1_2_x86_64.whl", hash = "sha256:8f317e8530bb3a222547b85a58583238c8f74fd7a7408305f9f63246d1a0958b"}, + {file = "tiktoken-0.12.0-cp314-cp314-win_amd64.whl", hash = "sha256:399c3dd672a6406719d84442299a490420b458c44d3ae65516302a99675888f3"}, + {file = "tiktoken-0.12.0-cp314-cp314t-macosx_10_13_x86_64.whl", hash = "sha256:c2c714c72bc00a38ca969dae79e8266ddec999c7ceccd603cc4f0d04ccd76365"}, + {file = "tiktoken-0.12.0-cp314-cp314t-macosx_11_0_arm64.whl", hash = "sha256:cbb9a3ba275165a2cb0f9a83f5d7025afe6b9d0ab01a22b50f0e74fee2ad253e"}, + {file = "tiktoken-0.12.0-cp314-cp314t-manylinux_2_28_aarch64.whl", hash = "sha256:dfdfaa5ffff8993a3af94d1125870b1d27aed7cb97aa7eb8c1cefdbc87dbee63"}, + {file = "tiktoken-0.12.0-cp314-cp314t-manylinux_2_28_x86_64.whl", hash = "sha256:584c3ad3d0c74f5269906eb8a659c8bfc6144a52895d9261cdaf90a0ae5f4de0"}, + {file = "tiktoken-0.12.0-cp314-cp314t-musllinux_1_2_aarch64.whl", hash = "sha256:54c891b416a0e36b8e2045b12b33dd66fb34a4fe7965565f1b482da50da3e86a"}, + {file = "tiktoken-0.12.0-cp314-cp314t-musllinux_1_2_x86_64.whl", hash = "sha256:5edb8743b88d5be814b1a8a8854494719080c28faaa1ccbef02e87354fe71ef0"}, + {file = "tiktoken-0.12.0-cp314-cp314t-win_amd64.whl", hash = "sha256:f61c0aea5565ac82e2ec50a05e02a6c44734e91b51c10510b084ea1b8e633a71"}, + {file = "tiktoken-0.12.0-cp39-cp39-macosx_10_12_x86_64.whl", hash = "sha256:d51d75a5bffbf26f86554d28e78bfb921eae998edc2675650fd04c7e1f0cdc1e"}, + {file = "tiktoken-0.12.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:09eb4eae62ae7e4c62364d9ec3a57c62eea707ac9a2b2c5d6bd05de6724ea179"}, + {file = "tiktoken-0.12.0-cp39-cp39-manylinux_2_28_aarch64.whl", hash = "sha256:df37684ace87d10895acb44b7f447d4700349b12197a526da0d4a4149fde074c"}, + {file = "tiktoken-0.12.0-cp39-cp39-manylinux_2_28_x86_64.whl", hash = "sha256:4c9614597ac94bb294544345ad8cf30dac2129c05e2db8dc53e082f355857af7"}, + {file = "tiktoken-0.12.0-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:20cf97135c9a50de0b157879c3c4accbb29116bcf001283d26e073ff3b345946"}, + {file = "tiktoken-0.12.0-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:15d875454bbaa3728be39880ddd11a5a2a9e548c29418b41e8fd8a767172b5ec"}, + {file = "tiktoken-0.12.0-cp39-cp39-win_amd64.whl", hash = "sha256:2cff3688ba3c639ebe816f8d58ffbbb0aa7433e23e08ab1cade5d175fc973fb3"}, + {file = "tiktoken-0.12.0.tar.gz", hash = "sha256:b18ba7ee2b093863978fcb14f74b3707cdc8d4d4d3836853ce7ec60772139931"}, ] [package.dependencies] @@ -8395,4 +8441,4 @@ cffi = ["cffi (>=1.17,<2.0) ; platform_python_implementation != \"PyPy\" and pyt [metadata] lock-version = "2.1" python-versions = ">=3.10,<3.14" -content-hash = "1e226d8f7a342d17a85c036bfdfdf2ccc7d9e52c96644022fa69bf6044046528" +content-hash = "57127e7ce52ee64c6eea638b269ad0185bad72ff95d11cca28bd1a082015d396" diff --git a/autogpt_platform/backend/pyproject.toml b/autogpt_platform/backend/pyproject.toml index 20ddc61869..b1f755b8c8 100644 --- a/autogpt_platform/backend/pyproject.toml +++ b/autogpt_platform/backend/pyproject.toml @@ -12,7 +12,7 @@ python = ">=3.10,<3.14" aio-pika = "^9.5.5" aiohttp = "^3.10.0" aiodns = "^3.5.0" -anthropic = "^0.59.0" +anthropic = "^0.79.0" apscheduler = "^3.11.1" autogpt-libs = { path = "../autogpt_libs", develop = true } bleach = { extras = ["css"], version = "^6.2.0" } @@ -21,7 +21,7 @@ cryptography = "^46.0" discord-py = "^2.5.2" e2b-code-interpreter = "^1.5.2" elevenlabs = "^1.50.0" -fastapi = "^0.128.0" +fastapi = "^0.128.5" feedparser = "^6.0.11" flake8 = "^7.3.0" google-api-python-client = "^2.177.0" @@ -38,7 +38,7 @@ langfuse = "^3.11.0" launchdarkly-server-sdk = "^9.14.1" mem0ai = "^0.1.115" moviepy = "^2.1.2" -ollama = "^0.5.1" +ollama = "^0.6.1" openai = "^1.97.1" orjson = "^3.10.0" pika = "^1.3.2" @@ -48,7 +48,7 @@ postmarker = "^1.0" praw = "~7.8.1" prisma = "^0.15.0" rank-bm25 = "^0.2.2" -prometheus-client = "^0.22.1" +prometheus-client = "^0.24.1" prometheus-fastapi-instrumentator = "^7.0.0" psutil = "^7.0.0" psycopg2-binary = "^2.9.10" @@ -57,7 +57,7 @@ pydantic-settings = "^2.12.0" pytest = "^8.4.1" pytest-asyncio = "^1.1.0" python-dotenv = "^1.1.1" -python-multipart = "^0.0.20" +python-multipart = "^0.0.22" redis = "^6.2.0" regex = "^2025.9.18" replicate = "^1.0.6" @@ -65,8 +65,8 @@ sentry-sdk = {extras = ["anthropic", "fastapi", "launchdarkly", "openai", "sqlal sqlalchemy = "^2.0.40" strenum = "^0.4.9" stripe = "^11.5.0" -supabase = "2.27.2" -tenacity = "^9.1.2" +supabase = "2.27.3" +tenacity = "^9.1.4" todoist-api-python = "^2.1.7" tweepy = "^4.16.0" uvicorn = { extras = ["standard"], version = "^0.40.0" } @@ -77,7 +77,7 @@ zerobouncesdk = "^1.1.2" # NOTE: please insert new dependencies in their alphabetical location pytest-snapshot = "^0.9.0" aiofiles = "^24.1.0" -tiktoken = "^0.9.0" +tiktoken = "^0.12.0" aioclamd = "^1.0.0" setuptools = "^80.9.0" gcloud-aio-storage = "^9.5.0" From deccc26f1f250e7d602926ea4a3527c9554476d6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Feb 2026 21:28:23 -0600 Subject: [PATCH 2/9] chore(deps): bump actions/cache from 4 to 5 (#11665) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5.
Release notes

Sourced from actions/cache's releases.

v5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

If you are using self-hosted runners, ensure they are updated before upgrading.

What's Changed

Full Changelog: https://github.com/actions/cache/compare/v4.3.0...v5.0.0

v4.3.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/cache/compare/v4...v4.3.0

v4.2.4

What's Changed

New Contributors

Full Changelog: https://github.com/actions/cache/compare/v4...v4.2.4

v4.2.3

What's Changed

  • Update to use @​actions/cache 4.0.3 package & prepare for new release by @​salmanmkc in actions/cache#1577 (SAS tokens for cache entries are now masked in debug logs)

New Contributors

Full Changelog: https://github.com/actions/cache/compare/v4.2.2...v4.2.3

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

Changelog

5.0.1

  • Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

4.3.0

  • Bump @actions/cache to v4.1.0

4.2.4

  • Bump @actions/cache to v4.0.5

4.2.3

  • Bump @actions/cache to v4.0.3 (obfuscates SAS token in debug logs for cache entries)

4.2.2

  • Bump @actions/cache to v4.0.2

4.2.1

  • Bump @actions/cache to v4.0.1

4.2.0

TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

Upgrading to the recommended versions will not break your workflows.

4.1.2

... (truncated)

Commits
  • 9255dc7 Merge pull request #1686 from actions/cache-v5.0.1-release
  • 8ff5423 chore: release v5.0.1
  • 9233019 Merge pull request #1685 from salmanmkc/node24-storage-blob-fix
  • b975f2b fix: add peer property to package-lock.json for dependencies
  • d0a0e18 fix: update license files for @​actions/cache, fast-xml-parser, and strnum
  • 74de208 fix: update @​actions/cache to ^5.0.1 for Node.js 24 punycode fix
  • ac7f115 peer
  • b0f846b fix: update @​actions/cache with storage-blob fix for Node.js 24 punycode depr...
  • a783357 Merge pull request #1684 from actions/prepare-cache-v5-release
  • 3bb0d78 docs: highlight v5 runner requirement in releases
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=4&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nick Tindle --- .github/workflows/claude-dependabot.yml | 6 +++--- .github/workflows/claude.yml | 6 +++--- .github/workflows/copilot-setup-steps.yml | 6 +++--- .github/workflows/docs-block-sync.yml | 2 +- .github/workflows/docs-claude-review.yml | 2 +- .github/workflows/docs-enhance.yml | 2 +- .github/workflows/platform-backend-ci.yml | 2 +- .github/workflows/platform-frontend-ci.yml | 12 ++++++------ .github/workflows/platform-fullstack-ci.yml | 4 ++-- 9 files changed, 21 insertions(+), 21 deletions(-) diff --git a/.github/workflows/claude-dependabot.yml b/.github/workflows/claude-dependabot.yml index 6fb052e8f3..c39fdb0e35 100644 --- a/.github/workflows/claude-dependabot.yml +++ b/.github/workflows/claude-dependabot.yml @@ -41,7 +41,7 @@ jobs: python-version: "3.11" # Use standard version matching CI - name: Set up Python dependency cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pypoetry key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }} @@ -91,7 +91,7 @@ jobs: echo "PNPM_HOME=$HOME/.pnpm-store" >> $GITHUB_ENV - name: Cache frontend dependencies - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.pnpm-store key: ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }} @@ -124,7 +124,7 @@ jobs: # Phase 1: Cache and load Docker images for faster setup - name: Set up Docker image cache id: docker-cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/docker-cache # Use a versioned key for cache invalidation when image list changes diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index 8c45f930dc..805f3d78bb 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -57,7 +57,7 @@ jobs: python-version: "3.11" # Use standard version matching CI - name: Set up Python dependency cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pypoetry key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }} @@ -107,7 +107,7 @@ jobs: echo "PNPM_HOME=$HOME/.pnpm-store" >> $GITHUB_ENV - name: Cache frontend dependencies - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.pnpm-store key: ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }} @@ -140,7 +140,7 @@ jobs: # Phase 1: Cache and load Docker images for faster setup - name: Set up Docker image cache id: docker-cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/docker-cache # Use a versioned key for cache invalidation when image list changes diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index aac8befee0..f70fe36572 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -39,7 +39,7 @@ jobs: python-version: "3.11" # Use standard version matching CI - name: Set up Python dependency cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pypoetry key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }} @@ -89,7 +89,7 @@ jobs: echo "PNPM_HOME=$HOME/.pnpm-store" >> $GITHUB_ENV - name: Cache frontend dependencies - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.pnpm-store key: ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }} @@ -132,7 +132,7 @@ jobs: # Phase 1: Cache and load Docker images for faster setup - name: Set up Docker image cache id: docker-cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/docker-cache # Use a versioned key for cache invalidation when image list changes diff --git a/.github/workflows/docs-block-sync.yml b/.github/workflows/docs-block-sync.yml index b1fc986ea7..4977877b19 100644 --- a/.github/workflows/docs-block-sync.yml +++ b/.github/workflows/docs-block-sync.yml @@ -33,7 +33,7 @@ jobs: python-version: "3.11" - name: Set up Python dependency cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pypoetry key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }} diff --git a/.github/workflows/docs-claude-review.yml b/.github/workflows/docs-claude-review.yml index 511c2efcd5..1643fe1c49 100644 --- a/.github/workflows/docs-claude-review.yml +++ b/.github/workflows/docs-claude-review.yml @@ -33,7 +33,7 @@ jobs: python-version: "3.11" - name: Set up Python dependency cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pypoetry key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }} diff --git a/.github/workflows/docs-enhance.yml b/.github/workflows/docs-enhance.yml index db750e78ae..4baa882cd1 100644 --- a/.github/workflows/docs-enhance.yml +++ b/.github/workflows/docs-enhance.yml @@ -38,7 +38,7 @@ jobs: python-version: "3.11" - name: Set up Python dependency cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pypoetry key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }} diff --git a/.github/workflows/platform-backend-ci.yml b/.github/workflows/platform-backend-ci.yml index f66cce8a37..a301477ecf 100644 --- a/.github/workflows/platform-backend-ci.yml +++ b/.github/workflows/platform-backend-ci.yml @@ -88,7 +88,7 @@ jobs: run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT - name: Set up Python dependency cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/pypoetry key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }} diff --git a/.github/workflows/platform-frontend-ci.yml b/.github/workflows/platform-frontend-ci.yml index 14676a6a1f..01e057207d 100644 --- a/.github/workflows/platform-frontend-ci.yml +++ b/.github/workflows/platform-frontend-ci.yml @@ -54,7 +54,7 @@ jobs: run: echo "key=${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}" >> $GITHUB_OUTPUT - name: Cache dependencies - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.pnpm-store key: ${{ steps.cache-key.outputs.key }} @@ -82,7 +82,7 @@ jobs: run: corepack enable - name: Restore dependencies cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.pnpm-store key: ${{ needs.setup.outputs.cache-key }} @@ -120,7 +120,7 @@ jobs: run: corepack enable - name: Restore dependencies cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.pnpm-store key: ${{ needs.setup.outputs.cache-key }} @@ -176,7 +176,7 @@ jobs: uses: docker/setup-buildx-action@v3 - name: Cache Docker layers - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-frontend-test-${{ hashFiles('autogpt_platform/docker-compose.yml', 'autogpt_platform/backend/Dockerfile', 'autogpt_platform/backend/pyproject.toml', 'autogpt_platform/backend/poetry.lock') }} @@ -231,7 +231,7 @@ jobs: fi - name: Restore dependencies cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.pnpm-store key: ${{ needs.setup.outputs.cache-key }} @@ -290,7 +290,7 @@ jobs: run: corepack enable - name: Restore dependencies cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.pnpm-store key: ${{ needs.setup.outputs.cache-key }} diff --git a/.github/workflows/platform-fullstack-ci.yml b/.github/workflows/platform-fullstack-ci.yml index c888ace6c5..f64d5e33c9 100644 --- a/.github/workflows/platform-fullstack-ci.yml +++ b/.github/workflows/platform-fullstack-ci.yml @@ -44,7 +44,7 @@ jobs: run: echo "key=${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}" >> $GITHUB_OUTPUT - name: Cache dependencies - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.pnpm-store key: ${{ steps.cache-key.outputs.key }} @@ -88,7 +88,7 @@ jobs: docker compose -f ../docker-compose.yml --profile local --profile deps_backend up -d - name: Restore dependencies cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.pnpm-store key: ${{ needs.setup.outputs.cache-key }} From 1a32ba7d9ab8d844246a050229e977b669924a8a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Feb 2026 21:39:05 -0600 Subject: [PATCH 3/9] chore(deps): bump urllib3 from 2.5.0 to 2.6.0 in /autogpt_platform/backend (#11607) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.5.0 to 2.6.0.
Release notes

Sourced from urllib3's releases.

2.6.0

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Security

  • Fixed a security issue where streaming API could improperly handle highly compressed HTTP content ("decompression bombs") leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by @​Cycloctane, 8.9 High, GHSA-2xpw-w6gg-jr37)
  • Fixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the Content-Encoding header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by @​illia-v, 8.9 High, GHSA-gm62-xv2j-4w53)

[!IMPORTANT]

  • If urllib3 is not installed with the optional urllib3[brotli] extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to benefit from the security fixes and avoid warnings. Prefer using urllib3[brotli] to install a compatible Brotli package automatically.
  • If you use custom decompressors, please make sure to update them to respect the changed API of urllib3.response.ContentDecoder.

Features

  • Enabled retrieval, deletion, and membership testing in HTTPHeaderDict using bytes keys. (#3653)
  • Added host and port information to string representations of HTTPConnection. (#3666)
  • Added support for Python 3.14 free-threading builds explicitly. (#3696)

Removals

  • Removed the HTTPResponse.getheaders() method in favor of HTTPResponse.headers. Removed the HTTPResponse.getheader(name, default) method in favor of HTTPResponse.headers.get(name, default). (#3622)

Bugfixes

  • Fixed redirect handling in urllib3.PoolManager when an integer is passed for the retries parameter. (#3649)
  • Fixed HTTPConnectionPool when used in Emscripten with no explicit port. (#3664)
  • Fixed handling of SSLKEYLOGFILE with expandable variables. (#3700)

Misc

  • Changed the zstd extra to install backports.zstd instead of zstandard on Python 3.13 and before. (#3693)
  • Improved the performance of content decoding by optimizing BytesQueueBuffer class. (#3710)
  • Allowed building the urllib3 package with newer setuptools-scm v9.x. (#3652)
  • Ensured successful urllib3 builds by setting Hatchling requirement to ≥ 1.27.0. (#3638)
Changelog

Sourced from urllib3's changelog.

2.6.0 (2025-12-05)

Security

  • Fixed a security issue where streaming API could improperly handle highly compressed HTTP content ("decompression bombs") leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (GHSA-2xpw-w6gg-jr37 <https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37>__)
  • Fixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the Content-Encoding header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (GHSA-gm62-xv2j-4w53 <https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53>__)

.. caution::

  • If urllib3 is not installed with the optional urllib3[brotli] extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to benefit from the security fixes and avoid warnings. Prefer using urllib3[brotli] to install a compatible Brotli package automatically.

  • If you use custom decompressors, please make sure to update them to respect the changed API of urllib3.response.ContentDecoder.

Features

  • Enabled retrieval, deletion, and membership testing in HTTPHeaderDict using bytes keys. ([#3653](https://github.com/urllib3/urllib3/issues/3653) <https://github.com/urllib3/urllib3/issues/3653>__)
  • Added host and port information to string representations of HTTPConnection. ([#3666](https://github.com/urllib3/urllib3/issues/3666) <https://github.com/urllib3/urllib3/issues/3666>__)
  • Added support for Python 3.14 free-threading builds explicitly. ([#3696](https://github.com/urllib3/urllib3/issues/3696) <https://github.com/urllib3/urllib3/issues/3696>__)

Removals

  • Removed the HTTPResponse.getheaders() method in favor of HTTPResponse.headers. Removed the HTTPResponse.getheader(name, default) method in favor of HTTPResponse.headers.get(name, default). ([#3622](https://github.com/urllib3/urllib3/issues/3622) <https://github.com/urllib3/urllib3/issues/3622>__)

Bugfixes

  • Fixed redirect handling in urllib3.PoolManager when an integer is passed for the retries parameter. ([#3649](https://github.com/urllib3/urllib3/issues/3649) <https://github.com/urllib3/urllib3/issues/3649>__)
  • Fixed HTTPConnectionPool when used in Emscripten with no explicit port. ([#3664](https://github.com/urllib3/urllib3/issues/3664) <https://github.com/urllib3/urllib3/issues/3664>__)
  • Fixed handling of SSLKEYLOGFILE with expandable variables. ([#3700](https://github.com/urllib3/urllib3/issues/3700) <https://github.com/urllib3/urllib3/issues/3700>__)

... (truncated)

Commits
  • 720f484 Release 2.6.0
  • 24d7b67 Merge commit from fork
  • c19571d Merge commit from fork
  • 816fcf0 Bump actions/setup-python from 6.0.0 to 6.1.0 (#3725)
  • 18af0a1 Improve speed of BytesQueueBuffer.get() by using memoryview (#3711)
  • 1f6abac Bump versions of pre-commit hooks (#3716)
  • 1c8fbf7 Bump actions/checkout from 5.0.0 to 6.0.0 (#3722)
  • 7784b9e Add Python 3.15 to CI (#3717)
  • 0241c9e Updated docs to reflect change in optional zstd dependency from zstandard t...
  • 7afcabb Expand environment variable of SSLKEYLOGFILE (#3705)
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.5.0&new-version=2.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Significant-Gravitas/AutoGPT/network/alerts).
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nick Tindle From b04e916c239de95c15a8f2384b39874d62bd0c0c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Feb 2026 04:26:58 +0000 Subject: [PATCH 4/9] chore(backend/deps-dev): bump the development-dependencies group across 1 directory with 3 updates (#12005) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the development-dependencies group with 3 updates in the /autogpt_platform/backend directory: [poethepoet](https://github.com/nat-n/poethepoet), [pytest-watcher](https://github.com/olzhasar/pytest-watcher) and [ruff](https://github.com/astral-sh/ruff). Updates `poethepoet` from 0.37.0 to 0.40.0
Release notes

Sourced from poethepoet's releases.

0.40.0

Enhancements

Fixes

Code improvements

Full Changelog: https://github.com/nat-n/poethepoet/compare/v0.39.0...v0.40.0

0.39.0

Enhancements

  • Add support for uv executor options by @​rochacbruno and @​nat-n in nat-n/poethepoet#327
    • feat: add various options to the uv executor to be passed to the uv run command
    • feat: allow task executor to be configure with just the type as a string
    • feat executor options to be set at runtime via the new --executor-opt cli global option
    • feat: allow inheritance of compatible executor options from global to task to runtime
    • refactor: extend PoeOptions to support annotating config fields with a config_name to parse, separate from the attribute name
    • refactor: some micro-optimizations to PoeOptions and AnnotationType
    • doc: Add guide for replacing tox with poe + uv
    • doc: tidy up executor docs
    • doc: fix typo in doc for expr task
    • test: improve test coverage of PoeOptions
    • test: disable some test cases on windows that are too flaky

New Contributors

Full Changelog: https://github.com/nat-n/poethepoet/compare/v0.38.0...v0.39.0

0.38.0

Enhancements

Breaking changes

... (truncated)

Commits
  • 0a7247d Bump version to 0.40.0
  • 312e74a feat: Add choices option to constrain named arguments (#348)
  • 5e0b3e5 feat: support ignore_fail on execution task types and ref tasks (#347)
  • a3c97e1 test: ensure the test virtual environment is always removed (#346)
  • bc04e2f feat: support capture_output on ref tasks (#343)
  • f7b82ef fix: global executor option (#340)
  • 8e7b116 fix: handle SIGHUP and SIGBREAK signals to stop tasks (#344)
  • 8e51f2b refactor: modernize type annotations (#339)
  • 72a9225 fix: set uv to quiet during shell completion (#338)
  • c6c7306 feat: allow optional envfiles without warnings (#337)
  • Additional commits viewable in compare view

Updates `pytest-watcher` from 0.4.3 to 0.6.3
Release notes

Sourced from pytest-watcher's releases.

v0.6.3

Features

  • Add debug mode activated with PTW_DEBUG environment variable and improve log messages.

Bugfixes

  • Fix terminal flushing after menu and header prints.
  • Use monotonic clock for trigger detection to avoid misbehavior on clock changes.

v0.6.2

Bugfixes

  • Allow specifying blank patterns via CLI
  • Fix duplicate command entries in menu

v0.6.1

Bugfixes

  • Trigger tests in interactive mode for carriage return character

Improved Documentation

  • Add contributing guide

Misc

  • Integrate towncrier into the development process

v0.6.0

Features

  • Add notify-on-failure flag (and config option) to emit BEL symbol on test suite failure.

Infrastructure

  • Migrate from poetry to uv.
  • Remove tox.

v0.5.0

Fixes

  • Merge arguments passed to the runner from config and CLI instead of overriding.

Changes

  • Drop support for Python 3.7 & 3.8
Changelog

Sourced from pytest-watcher's changelog.

0.6.3 - 2026-01-11

Features

  • Add debug mode activated with PTW_DEBUG environment variable and improve log messages.

Bugfixes

  • Fix terminal flushing after menu and header prints.
  • Use monotonic clock for trigger detection to avoid misbehavior on clock changes.

0.6.2 - 2025-12-28

Bugfixes

  • Allow specifying blank patterns via CLI
  • Fix duplicate command entries in menu

0.6.1 - 2025-12-26

Bugfixes

  • Trigger tests in interactive mode for carriage return character

Improved Documentation

  • Add contributing guide

Misc

  • Integrate towncrier into the development process

0.6.0 - 2025-12-22

Features

  • Add notify-on-failure flag (and config option) to emit BEL symbol on test suite failure.

Infrastructure

  • Migrate from poetry to uv.
  • Remove tox.

0.5.0 - 2025-12-21

Fixes

  • Merge arguments passed to the runner from config and CLI instead of overriding.

Changes

... (truncated)

Commits
  • c52925b release v0.6.3
  • 23d4989 Add debug mode. Improve log messages
  • e3dffa1 Fix terminal flushing after menu and header prints
  • 0eeaf60 Use monotonic clock for trigger detection
  • 5ed9d0e Update CHANGELOG. Fix changelog_reader action
  • 756f005 release v0.6.2
  • 902aa9e Merge pull request #51 from olzhasar/fix-duplicate-menu
  • e6b20d3 Allow specifying empty patterns via CLI
  • 2d522da Fix duplicate menu entries
  • 171e6f1 Fix towncrier CHANGELOG versioning
  • Additional commits viewable in compare view

Updates `ruff` from 0.14.14 to 0.15.0
Release notes

Sourced from ruff's releases.

0.15.0

Release Notes

Released on 2026-02-03.

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

  • Ruff now formats your code according to the 2026 style guide. See the formatter section below or in the blog post for a detailed list of changes.

  • The linter now supports block suppression comments. For example, to suppress N803 for all parameters in this function:

    # ruff: disable[N803]
def foo(
    legacyArg1,
    legacyArg2,
    legacyArg3,
    legacyArg4,
): ...
# ruff: enable[N803]

    See the documentation for more details.

  • The ruff:alpine Docker image is now based on Alpine 3.23 (up from 3.21).

  • The ruff:debian and ruff:debian-slim Docker images are now based on Debian 13 "Trixie" instead of Debian 12 "Bookworm."

  • Binaries for the ppc64 (64-bit big-endian PowerPC) architecture are no longer included in our releases. It should still be possible to build Ruff manually for this platform, if needed.

  • Ruff now resolves all extended configuration files before falling back on a default Python version.

Stabilization

The following rules have been stabilized and are no longer in preview:

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.0

Released on 2026-02-03.

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

  • Ruff now formats your code according to the 2026 style guide. See the formatter section below or in the blog post for a detailed list of changes.

  • The linter now supports block suppression comments. For example, to suppress N803 for all parameters in this function:

    # ruff: disable[N803]
def foo(
    legacyArg1,
    legacyArg2,
    legacyArg3,
    legacyArg4,
): ...
# ruff: enable[N803]

    See the documentation for more details.

  • The ruff:alpine Docker image is now based on Alpine 3.23 (up from 3.21).

  • The ruff:debian and ruff:debian-slim Docker images are now based on Debian 13 "Trixie" instead of Debian 12 "Bookworm."

  • Binaries for the ppc64 (64-bit big-endian PowerPC) architecture are no longer included in our releases. It should still be possible to build Ruff manually for this platform, if needed.

  • Ruff now resolves all extended configuration files before falling back on a default Python version.

Stabilization

The following rules have been stabilized and are no longer in preview:

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
--------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nick Tindle Co-authored-by: Nicholas Tindle --- autogpt_platform/backend/poetry.lock | 63 ++++++++++++------------- autogpt_platform/backend/pyproject.toml | 6 +-- 2 files changed, 34 insertions(+), 35 deletions(-) diff --git a/autogpt_platform/backend/poetry.lock b/autogpt_platform/backend/poetry.lock index d80c6da0fc..425b8d555a 100644 --- a/autogpt_platform/backend/poetry.lock +++ b/autogpt_platform/backend/poetry.lock @@ -4640,20 +4640,20 @@ testing = ["coverage", "pytest", "pytest-benchmark"] [[package]] name = "poethepoet" -version = "0.37.0" +version = "0.41.0" description = "A task runner that works well with poetry and uv." optional = false -python-versions = ">=3.9" +python-versions = ">=3.10" groups = ["dev"] files = [ - {file = "poethepoet-0.37.0-py3-none-any.whl", hash = "sha256:861790276315abcc8df1b4bd60e28c3d48a06db273edd3092f3c94e1a46e5e22"}, - {file = "poethepoet-0.37.0.tar.gz", hash = "sha256:73edf458707c674a079baa46802e21455bda3a7f82a408e58c31b9f4fe8e933d"}, + {file = "poethepoet-0.41.0-py3-none-any.whl", hash = "sha256:4bab9fd8271664c5d21407e8f12827daeb6aa484dc6cc7620f0c3b4e62b42ee4"}, + {file = "poethepoet-0.41.0.tar.gz", hash = "sha256:dcaad621dc061f6a90b17d091bebb9ca043d67bfe9bd6aa4185aea3ebf7ff3e6"}, ] [package.dependencies] pastel = ">=0.2.1,<0.3.0" -pyyaml = ">=6.0.2,<7.0" -tomli = {version = ">=1.2.2", markers = "python_version < \"3.11\""} +pyyaml = ">=6.0.3,<7.0" +tomli = {version = ">=1.3.0", markers = "python_version < \"3.11\""} [package.extras] poetry-plugin = ["poetry (>=1.2.0,<3.0.0) ; python_version < \"4.0\""] @@ -5919,18 +5919,18 @@ pytest = ">=3.0.0" [[package]] name = "pytest-watcher" -version = "0.4.3" +version = "0.6.3" description = "Automatically rerun your tests on file modifications" optional = false -python-versions = "<4.0.0,>=3.7.0" +python-versions = ">=3.9" groups = ["dev"] files = [ - {file = "pytest_watcher-0.4.3-py3-none-any.whl", hash = "sha256:d59b1e1396f33a65ea4949b713d6884637755d641646960056a90b267c3460f9"}, - {file = "pytest_watcher-0.4.3.tar.gz", hash = "sha256:0cb0e4661648c8c0ff2b2d25efa5a8e421784b9e4c60fcecbf9b7c30b2d731b3"}, + {file = "pytest_watcher-0.6.3-py3-none-any.whl", hash = "sha256:83e7748c933087e8276edb6078663e6afa9926434b4fd8b85cf6b32b1d5bec89"}, + {file = "pytest_watcher-0.6.3.tar.gz", hash = "sha256:842dc904264df0ad2d5264153a66bb452fccfa46598cd6e0a5ef1d19afed9b13"}, ] [package.dependencies] -tomli = {version = ">=2.0.1,<3.0.0", markers = "python_version < \"3.11\""} +tomli = {version = ">=2.0.1", markers = "python_version < \"3.11\""} watchdog = ">=2.0.0" [[package]] @@ -6672,31 +6672,30 @@ pyasn1 = ">=0.1.3" [[package]] name = "ruff" -version = "0.14.14" +version = "0.15.0" description = "An extremely fast Python linter and code formatter, written in Rust." optional = false python-versions = ">=3.7" groups = ["dev"] files = [ - {file = "ruff-0.14.14-py3-none-linux_armv6l.whl", hash = "sha256:7cfe36b56e8489dee8fbc777c61959f60ec0f1f11817e8f2415f429552846aed"}, - {file = "ruff-0.14.14-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:6006a0082336e7920b9573ef8a7f52eec837add1265cc74e04ea8a4368cd704c"}, - {file = "ruff-0.14.14-py3-none-macosx_11_0_arm64.whl", hash = "sha256:026c1d25996818f0bf498636686199d9bd0d9d6341c9c2c3b62e2a0198b758de"}, - {file = "ruff-0.14.14-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f666445819d31210b71e0a6d1c01e24447a20b85458eea25a25fe8142210ae0e"}, - {file = "ruff-0.14.14-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:3c0f18b922c6d2ff9a5e6c3ee16259adc513ca775bcf82c67ebab7cbd9da5bc8"}, - {file = "ruff-0.14.14-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:1629e67489c2dea43e8658c3dba659edbfd87361624b4040d1df04c9740ae906"}, - {file = "ruff-0.14.14-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:27493a2131ea0f899057d49d303e4292b2cae2bb57253c1ed1f256fbcd1da480"}, - {file = "ruff-0.14.14-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:01ff589aab3f5b539e35db38425da31a57521efd1e4ad1ae08fc34dbe30bd7df"}, - {file = "ruff-0.14.14-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:1cc12d74eef0f29f51775f5b755913eb523546b88e2d733e1d701fe65144e89b"}, - {file = "ruff-0.14.14-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bb8481604b7a9e75eff53772496201690ce2687067e038b3cc31aaf16aa0b974"}, - {file = "ruff-0.14.14-py3-none-manylinux_2_31_riscv64.whl", hash = "sha256:14649acb1cf7b5d2d283ebd2f58d56b75836ed8c6f329664fa91cdea19e76e66"}, - {file = "ruff-0.14.14-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:e8058d2145566510790eab4e2fad186002e288dec5e0d343a92fe7b0bc1b3e13"}, - {file = "ruff-0.14.14-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:e651e977a79e4c758eb807f0481d673a67ffe53cfa92209781dfa3a996cf8412"}, - {file = "ruff-0.14.14-py3-none-musllinux_1_2_i686.whl", hash = "sha256:cc8b22da8d9d6fdd844a68ae937e2a0adf9b16514e9a97cc60355e2d4b219fc3"}, - {file = "ruff-0.14.14-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:16bc890fb4cc9781bb05beb5ab4cd51be9e7cb376bf1dd3580512b24eb3fda2b"}, - {file = "ruff-0.14.14-py3-none-win32.whl", hash = "sha256:b530c191970b143375b6a68e6f743800b2b786bbcf03a7965b06c4bf04568167"}, - {file = "ruff-0.14.14-py3-none-win_amd64.whl", hash = "sha256:3dde1435e6b6fe5b66506c1dff67a421d0b7f6488d466f651c07f4cab3bf20fd"}, - {file = "ruff-0.14.14-py3-none-win_arm64.whl", hash = "sha256:56e6981a98b13a32236a72a8da421d7839221fa308b223b9283312312e5ac76c"}, - {file = "ruff-0.14.14.tar.gz", hash = "sha256:2d0f819c9a90205f3a867dbbd0be083bee9912e170fd7d9704cc8ae45824896b"}, + {file = "ruff-0.15.0-py3-none-linux_armv6l.whl", hash = "sha256:aac4ebaa612a82b23d45964586f24ae9bc23ca101919f5590bdb368d74ad5455"}, + {file = "ruff-0.15.0-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:dcd4be7cc75cfbbca24a98d04d0b9b36a270d0833241f776b788d59f4142b14d"}, + {file = "ruff-0.15.0-py3-none-macosx_11_0_arm64.whl", hash = "sha256:d747e3319b2bce179c7c1eaad3d884dc0a199b5f4d5187620530adf9105268ce"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:650bd9c56ae03102c51a5e4b554d74d825ff3abe4db22b90fd32d816c2e90621"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:a6664b7eac559e3048223a2da77769c2f92b43a6dfd4720cef42654299a599c9"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:6f811f97b0f092b35320d1556f3353bf238763420ade5d9e62ebd2b73f2ff179"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:761ec0a66680fab6454236635a39abaf14198818c8cdf691e036f4bc0f406b2d"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:940f11c2604d317e797b289f4f9f3fa5555ffe4fb574b55ed006c3d9b6f0eb78"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bcbca3d40558789126da91d7ef9a7c87772ee107033db7191edefa34e2c7f1b4"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_31_riscv64.whl", hash = "sha256:9a121a96db1d75fa3eb39c4539e607f628920dd72ff1f7c5ee4f1b768ac62d6e"}, + {file = "ruff-0.15.0-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:5298d518e493061f2eabd4abd067c7e4fb89e2f63291c94332e35631c07c3662"}, + {file = "ruff-0.15.0-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:afb6e603d6375ff0d6b0cee563fa21ab570fd15e65c852cb24922cef25050cf1"}, + {file = "ruff-0.15.0-py3-none-musllinux_1_2_i686.whl", hash = "sha256:77e515f6b15f828b94dc17d2b4ace334c9ddb7d9468c54b2f9ed2b9c1593ef16"}, + {file = "ruff-0.15.0-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:6f6e80850a01eb13b3e42ee0ebdf6e4497151b48c35051aab51c101266d187a3"}, + {file = "ruff-0.15.0-py3-none-win32.whl", hash = "sha256:238a717ef803e501b6d51e0bdd0d2c6e8513fe9eec14002445134d3907cd46c3"}, + {file = "ruff-0.15.0-py3-none-win_amd64.whl", hash = "sha256:dd5e4d3301dc01de614da3cdffc33d4b1b96fb89e45721f1598e5532ccf78b18"}, + {file = "ruff-0.15.0-py3-none-win_arm64.whl", hash = "sha256:c480d632cc0ca3f0727acac8b7d053542d9e114a462a145d0b00e7cd658c515a"}, + {file = "ruff-0.15.0.tar.gz", hash = "sha256:6bdea47cdbea30d40f8f8d7d69c0854ba7c15420ec75a26f463290949d7f7e9a"}, ] [[package]] @@ -8441,4 +8440,4 @@ cffi = ["cffi (>=1.17,<2.0) ; platform_python_implementation != \"PyPy\" and pyt [metadata] lock-version = "2.1" python-versions = ">=3.10,<3.14" -content-hash = "57127e7ce52ee64c6eea638b269ad0185bad72ff95d11cca28bd1a082015d396" +content-hash = "14686ee0e2dc446a75d0db145b08dc410dc31c357e25085bb0f9b0174711c4b1" diff --git a/autogpt_platform/backend/pyproject.toml b/autogpt_platform/backend/pyproject.toml index b1f755b8c8..677b73b468 100644 --- a/autogpt_platform/backend/pyproject.toml +++ b/autogpt_platform/backend/pyproject.toml @@ -95,13 +95,13 @@ black = "^24.10.0" faker = "^38.2.0" httpx = "^0.28.1" isort = "^5.13.2" -poethepoet = "^0.37.0" +poethepoet = "^0.41.0" pre-commit = "^4.4.0" pyright = "^1.1.407" pytest-mock = "^3.15.1" -pytest-watcher = "^0.4.2" +pytest-watcher = "^0.6.3" requests = "^2.32.5" -ruff = "^0.14.5" +ruff = "^0.15.0" # NOTE: please insert new dependencies in their alphabetical location [build-system] From 0c6fa60436d4678cd8401a0195b731df7bbe54d6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Feb 2026 04:27:07 +0000 Subject: [PATCH 5/9] chore(deps): Bump actions/github-script from 7 to 8 (#10870) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [actions/github-script](https://github.com/actions/github-script) from 7 to 8.
Release notes

Sourced from actions/github-script's releases.

v8.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

New Contributors

Full Changelog: https://github.com/actions/github-script/compare/v7.1.0...v8.0.0

v7.1.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/github-script/compare/v7...v7.1.0

... (truncated)

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/github-script&package-manager=github_actions&previous-version=7&new-version=8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. --- > [!NOTE] > Update GitHub Actions workflows to use actions/github-script v8. > > - **CI Workflows**: > - Update `actions/github-script` from `v7` to `v8` in: > - `.github/workflows/claude-ci-failure-auto-fix.yml` > - `.github/workflows/platform-dev-deploy-event-dispatcher.yml` > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit cfdccf966b92bb9c244a2f39f86bbd37c453c401. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot). Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nicholas Tindle --- .github/workflows/claude-ci-failure-auto-fix.yml | 2 +- .../platform-dev-deploy-event-dispatcher.yml | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/claude-ci-failure-auto-fix.yml b/.github/workflows/claude-ci-failure-auto-fix.yml index e39c6676ce..070a4acd14 100644 --- a/.github/workflows/claude-ci-failure-auto-fix.yml +++ b/.github/workflows/claude-ci-failure-auto-fix.yml @@ -42,7 +42,7 @@ jobs: - name: Get CI failure details id: failure_details - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: | const run = await github.rest.actions.getWorkflowRun({ diff --git a/.github/workflows/platform-dev-deploy-event-dispatcher.yml b/.github/workflows/platform-dev-deploy-event-dispatcher.yml index d7915f64c6..b5324b7c2c 100644 --- a/.github/workflows/platform-dev-deploy-event-dispatcher.yml +++ b/.github/workflows/platform-dev-deploy-event-dispatcher.yml @@ -17,7 +17,7 @@ jobs: - name: Check comment permissions and deployment status id: check_status if: github.event_name == 'issue_comment' && github.event.issue.pull_request - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: | const commentBody = context.payload.comment.body.trim(); @@ -55,7 +55,7 @@ jobs: - name: Post permission denied comment if: steps.check_status.outputs.permission_denied == 'true' - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: | await github.rest.issues.createComment({ @@ -68,7 +68,7 @@ jobs: - name: Get PR details for deployment id: pr_details if: steps.check_status.outputs.should_deploy == 'true' || steps.check_status.outputs.should_undeploy == 'true' - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: | const pr = await github.rest.pulls.get({ @@ -98,7 +98,7 @@ jobs: - name: Post deploy success comment if: steps.check_status.outputs.should_deploy == 'true' - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: | await github.rest.issues.createComment({ @@ -126,7 +126,7 @@ jobs: - name: Post undeploy success comment if: steps.check_status.outputs.should_undeploy == 'true' - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: | await github.rest.issues.createComment({ @@ -139,7 +139,7 @@ jobs: - name: Check deployment status on PR close id: check_pr_close if: github.event_name == 'pull_request' && github.event.action == 'closed' - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: | const comments = await github.rest.issues.listComments({ @@ -187,7 +187,7 @@ jobs: github.event_name == 'pull_request' && github.event.action == 'closed' && steps.check_pr_close.outputs.should_undeploy == 'true' - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: | await github.rest.issues.createComment({ From 6cbfbdd01380d272aac1479a331f4bf2493e8f67 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Feb 2026 04:54:05 +0000 Subject: [PATCH 6/9] chore(libs/deps-dev): bump the development-dependencies group across 1 directory with 4 updates (#11349) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the development-dependencies group with 4 updates in the /autogpt_platform/autogpt_libs directory: [pyright](https://github.com/RobertCraigie/pyright-python), [pytest-asyncio](https://github.com/pytest-dev/pytest-asyncio), [pytest-mock](https://github.com/pytest-dev/pytest-mock) and [ruff](https://github.com/astral-sh/ruff). Updates `pyright` from 1.1.404 to 1.1.407
Commits

Updates `pytest-asyncio` from 1.1.0 to 1.3.0
Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio 1.3.0

1.3.0 - 2025-11-10

Removed

  • Support for Python 3.9 (#1278)

Added

  • Support for pytest 9 (#1279)

Notes for Downstream Packagers

  • Tested Python versions include free threaded Python 3.14t (#1274)
  • Tests are run in the same pytest process, instead of spawning a subprocess with pytest.Pytester.runpytest_subprocess. This prevents the test suite from accidentally using a system installation of pytest-asyncio, which could result in test errors. (#1275)

pytest-asyncio 1.2.0

1.2.0 - 2025-09-12

Added

  • --asyncio-debug CLI option and asyncio_debug configuration option to enable asyncio debug mode for the default event loop. (#980)
  • A pytest.UsageError for invalid configuration values of asyncio_default_fixture_loop_scope and asyncio_default_test_loop_scope. (#1189)
  • Compatibility with the Pyright type checker (#731)

Fixed

  • RuntimeError: There is no current event loop in thread 'MainThread' when any test unsets the event loop (such as when using asyncio.run and asyncio.Runner). (#1177)
  • Deprecation warning when decorating an asynchronous fixture with @pytest.fixture in [strict]{.title-ref} mode. The warning message now refers to the correct package. (#1198)

Notes for Downstream Packagers

  • Bump the minimum required version of tox to v4.28. This change is only relevant if you use the tox.ini file provided by pytest-asyncio to run tests.
  • Extend dependency on typing-extensions>=4.12 from Python<3.10 to Python<3.13.

pytest-asyncio 1.1.1

v1.1.1 - 2025-09-12

Notes for Downstream Packagers

- Addresses a build problem with setuptoos-scm >= 9 caused by invalid setuptools-scm configuration in pytest-asyncio. (#1192)

Commits
  • 2e9695f docs: Compile changelog for v1.3.0
  • dd0e9ba docs: Reference correct issue in news fragment.
  • 4c31abe Build(deps): Bump nh3 from 0.3.1 to 0.3.2
  • 13e9477 Link to migration guides from changelog
  • 4d2cf3c tests: handle Python 3.14 DefaultEventLoopPolicy deprecation warnings
  • ee3549b test: Remove obsolete test for the event_loop fixture.
  • 7a67c82 tests: Fix failing test by preventing warning conversion to error.
  • a17b689 test: add pytest config to isolated test directories
  • 18afc9d fix(tests): replace runpytest_subprocess with runpytest
  • cdc6bd1 Add support for pytest 9 and drop Python 3.9 support
  • Additional commits viewable in compare view

Updates `pytest-mock` from 3.14.1 to 3.15.1
Release notes

Sourced from pytest-mock's releases.

v3.15.1

2025-09-16

  • #529: Fixed itertools._tee object has no attribute error -- now duplicate_iterators=True must be passed to mocker.spy to duplicate iterators.

v3.15.0

2025-09-04

  • Python 3.8 (EOL) is no longer supported.
  • #524: Added spy_return_iter to mocker.spy, which contains a duplicate of the return value of the spied method if it is an Iterator.
Changelog

Sourced from pytest-mock's changelog.

3.15.1

2025-09-16

  • [#529](https://github.com/pytest-dev/pytest-mock/issues/529) <https://github.com/pytest-dev/pytest-mock/issues/529>_: Fixed itertools._tee object has no attribute error -- now duplicate_iterators=True must be passed to mocker.spy to duplicate iterators.

3.15.0

2025-09-04

  • Python 3.8 (EOL) is no longer supported.
  • [#524](https://github.com/pytest-dev/pytest-mock/issues/524) <https://github.com/pytest-dev/pytest-mock/pull/524>_: Added spy_return_iter to mocker.spy, which contains a duplicate of the return value of the spied method if it is an Iterator.
Commits
  • e1b5c62 Release 3.15.1
  • 184eb19 Set spy_return_iter only when explicitly requested (#537)
  • 4fa0088 [pre-commit.ci] pre-commit autoupdate (#536)
  • f5aff33 Fix test failure with pytest 8+ and verbose mode (#535)
  • adc4187 Bump actions/setup-python from 5 to 6 in the github-actions group (#533)
  • 95ad570 [pre-commit.ci] pre-commit autoupdate (#532)
  • e696bf0 Fix standalone mock support (#531)
  • 5b29b03 Fix gen-release-notes script
  • 7d22ef4 Merge pull request #528 from pytest-dev/release-3.15.0
  • 90b29f8 Update CHANGELOG for 3.15.0
  • Additional commits viewable in compare view

Updates `ruff` from 0.12.11 to 0.14.4
Release notes

Sourced from ruff's releases.

0.14.4

Release Notes

Released on 2025-11-06.

Preview features

  • [formatter] Allow newlines after function headers without docstrings (#21110)
  • [formatter] Avoid extra parentheses for long match patterns with as captures (#21176)
  • [refurb] Expand fix safety for keyword arguments and Decimals (FURB164) (#21259)
  • [refurb] Preserve argument ordering in autofix (FURB103) (#20790)

Bug fixes

  • [server] Fix missing diagnostics for notebooks (#21156)
  • [flake8-bugbear] Ignore non-NFKC attribute names in B009 and B010 (#21131)
  • [refurb] Fix false negative for underscores before sign in Decimal constructor (FURB157) (#21190)
  • [ruff] Fix false positives on starred arguments (RUF057) (#21256)

Rule changes

  • [airflow] extend deprecated argument concurrency in airflow..DAG (AIR301) (#21220)

Documentation

  • Improve extend docs (#21135)
  • [flake8-comprehensions] Fix typo in C416 documentation (#21184)
  • Revise Ruff setup instructions for Zed editor (#20935)

Other changes

  • Make ruff analyze graph work with jupyter notebooks (#21161)

Contributors

Install ruff 0.14.4

Install prebuilt binaries via shell script

... (truncated)

Changelog

Sourced from ruff's changelog.

0.14.4

Released on 2025-11-06.

Preview features

  • [formatter] Allow newlines after function headers without docstrings (#21110)
  • [formatter] Avoid extra parentheses for long match patterns with as captures (#21176)
  • [refurb] Expand fix safety for keyword arguments and Decimals (FURB164) (#21259)
  • [refurb] Preserve argument ordering in autofix (FURB103) (#20790)

Bug fixes

  • [server] Fix missing diagnostics for notebooks (#21156)
  • [flake8-bugbear] Ignore non-NFKC attribute names in B009 and B010 (#21131)
  • [refurb] Fix false negative for underscores before sign in Decimal constructor (FURB157) (#21190)
  • [ruff] Fix false positives on starred arguments (RUF057) (#21256)

Rule changes

  • [airflow] extend deprecated argument concurrency in airflow..DAG (AIR301) (#21220)

Documentation

  • Improve extend docs (#21135)
  • [flake8-comprehensions] Fix typo in C416 documentation (#21184)
  • Revise Ruff setup instructions for Zed editor (#20935)

Other changes

  • Make ruff analyze graph work with jupyter notebooks (#21161)

Contributors

0.14.3

Released on 2025-10-30.

Preview features

... (truncated)

Commits

You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nick Tindle --- autogpt_platform/autogpt_libs/poetry.lock | 66 ++++++++++---------- autogpt_platform/autogpt_libs/pyproject.toml | 8 +-- 2 files changed, 37 insertions(+), 37 deletions(-) diff --git a/autogpt_platform/autogpt_libs/poetry.lock b/autogpt_platform/autogpt_libs/poetry.lock index 59c5351a6a..f1d1e932fe 100644 --- a/autogpt_platform/autogpt_libs/poetry.lock +++ b/autogpt_platform/autogpt_libs/poetry.lock @@ -2002,14 +2002,14 @@ files = [ [[package]] name = "pyright" -version = "1.1.404" +version = "1.1.408" description = "Command line wrapper for pyright" optional = false python-versions = ">=3.7" groups = ["dev"] files = [ - {file = "pyright-1.1.404-py3-none-any.whl", hash = "sha256:c7b7ff1fdb7219c643079e4c3e7d4125f0dafcc19d253b47e898d130ea426419"}, - {file = "pyright-1.1.404.tar.gz", hash = "sha256:455e881a558ca6be9ecca0b30ce08aa78343ecc031d37a198ffa9a7a1abeb63e"}, + {file = "pyright-1.1.408-py3-none-any.whl", hash = "sha256:090b32865f4fdb1e0e6cd82bf5618480d48eecd2eb2e70f960982a3d9a4c17c1"}, + {file = "pyright-1.1.408.tar.gz", hash = "sha256:f28f2321f96852fa50b5829ea492f6adb0e6954568d1caa3f3af3a5f555eb684"}, ] [package.dependencies] @@ -2141,19 +2141,20 @@ dev = ["argcomplete", "attrs (>=19.2)", "hypothesis (>=3.56)", "mock", "requests [[package]] name = "pytest-asyncio" -version = "1.1.0" +version = "1.3.0" description = "Pytest support for asyncio" optional = false -python-versions = ">=3.9" +python-versions = ">=3.10" groups = ["dev"] files = [ - {file = "pytest_asyncio-1.1.0-py3-none-any.whl", hash = "sha256:5fe2d69607b0bd75c656d1211f969cadba035030156745ee09e7d71740e58ecf"}, - {file = "pytest_asyncio-1.1.0.tar.gz", hash = "sha256:796aa822981e01b68c12e4827b8697108f7205020f24b5793b3c41555dab68ea"}, + {file = "pytest_asyncio-1.3.0-py3-none-any.whl", hash = "sha256:611e26147c7f77640e6d0a92a38ed17c3e9848063698d5c93d5aa7aa11cebff5"}, + {file = "pytest_asyncio-1.3.0.tar.gz", hash = "sha256:d7f52f36d231b80ee124cd216ffb19369aa168fc10095013c6b014a34d3ee9e5"}, ] [package.dependencies] backports-asyncio-runner = {version = ">=1.1,<2", markers = "python_version < \"3.11\""} -pytest = ">=8.2,<9" +pytest = ">=8.2,<10" +typing-extensions = {version = ">=4.12", markers = "python_version < \"3.13\""} [package.extras] docs = ["sphinx (>=5.3)", "sphinx-rtd-theme (>=1)"] @@ -2181,14 +2182,14 @@ testing = ["fields", "hunter", "process-tests", "pytest-xdist", "virtualenv"] [[package]] name = "pytest-mock" -version = "3.14.1" +version = "3.15.1" description = "Thin-wrapper around the mock package for easier use with pytest" optional = false -python-versions = ">=3.8" +python-versions = ">=3.9" groups = ["dev"] files = [ - {file = "pytest_mock-3.14.1-py3-none-any.whl", hash = "sha256:178aefcd11307d874b4cd3100344e7e2d888d9791a6a1d9bfe90fbc1b74fd1d0"}, - {file = "pytest_mock-3.14.1.tar.gz", hash = "sha256:159e9edac4c451ce77a5cdb9fc5d1100708d2dd4ba3c3df572f14097351af80e"}, + {file = "pytest_mock-3.15.1-py3-none-any.whl", hash = "sha256:0a25e2eb88fe5168d535041d09a4529a188176ae608a6d249ee65abc0949630d"}, + {file = "pytest_mock-3.15.1.tar.gz", hash = "sha256:1849a238f6f396da19762269de72cb1814ab44416fa73a8686deac10b0d87a0f"}, ] [package.dependencies] @@ -2322,31 +2323,30 @@ pyasn1 = ">=0.1.3" [[package]] name = "ruff" -version = "0.12.11" +version = "0.15.0" description = "An extremely fast Python linter and code formatter, written in Rust." optional = false python-versions = ">=3.7" groups = ["dev"] files = [ - {file = "ruff-0.12.11-py3-none-linux_armv6l.whl", hash = "sha256:93fce71e1cac3a8bf9200e63a38ac5c078f3b6baebffb74ba5274fb2ab276065"}, - {file = "ruff-0.12.11-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:b8e33ac7b28c772440afa80cebb972ffd823621ded90404f29e5ab6d1e2d4b93"}, - {file = "ruff-0.12.11-py3-none-macosx_11_0_arm64.whl", hash = "sha256:d69fb9d4937aa19adb2e9f058bc4fbfe986c2040acb1a4a9747734834eaa0bfd"}, - {file = "ruff-0.12.11-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:411954eca8464595077a93e580e2918d0a01a19317af0a72132283e28ae21bee"}, - {file = "ruff-0.12.11-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:6a2c0a2e1a450f387bf2c6237c727dd22191ae8c00e448e0672d624b2bbd7fb0"}, - {file = "ruff-0.12.11-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:8ca4c3a7f937725fd2413c0e884b5248a19369ab9bdd850b5781348ba283f644"}, - {file = "ruff-0.12.11-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:4d1df0098124006f6a66ecf3581a7f7e754c4df7644b2e6704cd7ca80ff95211"}, - {file = "ruff-0.12.11-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:5a8dd5f230efc99a24ace3b77e3555d3fbc0343aeed3fc84c8d89e75ab2ff793"}, - {file = "ruff-0.12.11-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:4dc75533039d0ed04cd33fb8ca9ac9620b99672fe7ff1533b6402206901c34ee"}, - {file = "ruff-0.12.11-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4fc58f9266d62c6eccc75261a665f26b4ef64840887fc6cbc552ce5b29f96cc8"}, - {file = "ruff-0.12.11-py3-none-manylinux_2_31_riscv64.whl", hash = "sha256:5a0113bd6eafd545146440225fe60b4e9489f59eb5f5f107acd715ba5f0b3d2f"}, - {file = "ruff-0.12.11-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:0d737b4059d66295c3ea5720e6efc152623bb83fde5444209b69cd33a53e2000"}, - {file = "ruff-0.12.11-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:916fc5defee32dbc1fc1650b576a8fed68f5e8256e2180d4d9855aea43d6aab2"}, - {file = "ruff-0.12.11-py3-none-musllinux_1_2_i686.whl", hash = "sha256:c984f07d7adb42d3ded5be894fb4007f30f82c87559438b4879fe7aa08c62b39"}, - {file = "ruff-0.12.11-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:e07fbb89f2e9249f219d88331c833860489b49cdf4b032b8e4432e9b13e8a4b9"}, - {file = "ruff-0.12.11-py3-none-win32.whl", hash = "sha256:c792e8f597c9c756e9bcd4d87cf407a00b60af77078c96f7b6366ea2ce9ba9d3"}, - {file = "ruff-0.12.11-py3-none-win_amd64.whl", hash = "sha256:a3283325960307915b6deb3576b96919ee89432ebd9c48771ca12ee8afe4a0fd"}, - {file = "ruff-0.12.11-py3-none-win_arm64.whl", hash = "sha256:bae4d6e6a2676f8fb0f98b74594a048bae1b944aab17e9f5d504062303c6dbea"}, - {file = "ruff-0.12.11.tar.gz", hash = "sha256:c6b09ae8426a65bbee5425b9d0b82796dbb07cb1af045743c79bfb163001165d"}, + {file = "ruff-0.15.0-py3-none-linux_armv6l.whl", hash = "sha256:aac4ebaa612a82b23d45964586f24ae9bc23ca101919f5590bdb368d74ad5455"}, + {file = "ruff-0.15.0-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:dcd4be7cc75cfbbca24a98d04d0b9b36a270d0833241f776b788d59f4142b14d"}, + {file = "ruff-0.15.0-py3-none-macosx_11_0_arm64.whl", hash = "sha256:d747e3319b2bce179c7c1eaad3d884dc0a199b5f4d5187620530adf9105268ce"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:650bd9c56ae03102c51a5e4b554d74d825ff3abe4db22b90fd32d816c2e90621"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:a6664b7eac559e3048223a2da77769c2f92b43a6dfd4720cef42654299a599c9"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:6f811f97b0f092b35320d1556f3353bf238763420ade5d9e62ebd2b73f2ff179"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:761ec0a66680fab6454236635a39abaf14198818c8cdf691e036f4bc0f406b2d"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:940f11c2604d317e797b289f4f9f3fa5555ffe4fb574b55ed006c3d9b6f0eb78"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bcbca3d40558789126da91d7ef9a7c87772ee107033db7191edefa34e2c7f1b4"}, + {file = "ruff-0.15.0-py3-none-manylinux_2_31_riscv64.whl", hash = "sha256:9a121a96db1d75fa3eb39c4539e607f628920dd72ff1f7c5ee4f1b768ac62d6e"}, + {file = "ruff-0.15.0-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:5298d518e493061f2eabd4abd067c7e4fb89e2f63291c94332e35631c07c3662"}, + {file = "ruff-0.15.0-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:afb6e603d6375ff0d6b0cee563fa21ab570fd15e65c852cb24922cef25050cf1"}, + {file = "ruff-0.15.0-py3-none-musllinux_1_2_i686.whl", hash = "sha256:77e515f6b15f828b94dc17d2b4ace334c9ddb7d9468c54b2f9ed2b9c1593ef16"}, + {file = "ruff-0.15.0-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:6f6e80850a01eb13b3e42ee0ebdf6e4497151b48c35051aab51c101266d187a3"}, + {file = "ruff-0.15.0-py3-none-win32.whl", hash = "sha256:238a717ef803e501b6d51e0bdd0d2c6e8513fe9eec14002445134d3907cd46c3"}, + {file = "ruff-0.15.0-py3-none-win_amd64.whl", hash = "sha256:dd5e4d3301dc01de614da3cdffc33d4b1b96fb89e45721f1598e5532ccf78b18"}, + {file = "ruff-0.15.0-py3-none-win_arm64.whl", hash = "sha256:c480d632cc0ca3f0727acac8b7d053542d9e114a462a145d0b00e7cd658c515a"}, + {file = "ruff-0.15.0.tar.gz", hash = "sha256:6bdea47cdbea30d40f8f8d7d69c0854ba7c15420ec75a26f463290949d7f7e9a"}, ] [[package]] @@ -2893,4 +2893,4 @@ type = ["pytest-mypy"] [metadata] lock-version = "2.1" python-versions = ">=3.10,<4.0" -content-hash = "cc80d3a129b84435a0f40132d073caa37858ca2427ed372fecfd810a61712d0c" +content-hash = "b7ac335a86aa44c3d7d2802298818b389a6f1286e3e9b7b0edb2ff06377cecaf" diff --git a/autogpt_platform/autogpt_libs/pyproject.toml b/autogpt_platform/autogpt_libs/pyproject.toml index 591be11d0b..9b2bcb8fbe 100644 --- a/autogpt_platform/autogpt_libs/pyproject.toml +++ b/autogpt_platform/autogpt_libs/pyproject.toml @@ -22,12 +22,12 @@ supabase = "^2.27.2" uvicorn = "^0.40.0" [tool.poetry.group.dev.dependencies] -pyright = "^1.1.404" +pyright = "^1.1.408" pytest = "^8.4.1" -pytest-asyncio = "^1.1.0" -pytest-mock = "^3.14.1" +pytest-asyncio = "^1.3.0" +pytest-mock = "^3.15.1" pytest-cov = "^6.2.1" -ruff = "^0.12.11" +ruff = "^0.15.0" [build-system] requires = ["poetry-core"] From 5dae303ce0a2080b06a971b90b7aaeb6dc4ccb91 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Feb 2026 06:42:47 +0000 Subject: [PATCH 7/9] chore(frontend/deps): Bump react-window and @types/react-window in /autogpt_platform/frontend (#10943) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [react-window](https://github.com/bvaughn/react-window) and [@types/react-window](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-window). These dependencies needed to be updated together. Updates `react-window` from 1.8.11 to 2.1.0
Release notes

Sourced from react-window's releases.

2.1.0

Improved ARIA support:

  • Add better default ARIA attributes for outer HTMLDivElement
  • Add optional ariaAttributes prop to row and cell renderers to simplify better ARIA attributes for user-rendered cells
  • Remove intermediate HTMLDivElement from List and Grid
    • This may enable more/better custom CSS styling
    • This may also enable adding an optional children prop to List and Grid for e.g. overlays/tooltips
  • Add optional tagName prop; defaults to "div" but can be changed to e.g. "ul"
// Example of how to use new `ariaAttributes` prop
function RowComponent({
  ariaAttributes,
  index,
  style,
  ...rest
}: RowComponentProps<object>) {
  return (
    <div style={style} {...ariaAttributes}>
      ...
    </div>
  );
}

Added optional children prop to better support edge cases like sticky rows.

Minor changes to onRowsRendered and onCellsRendered callbacks to make it easier to differentiate between visible items and items rendered due to overscan settings. These methods will now receive two params– the first for visible rows and the second for all rows (including overscan), e.g.:

function onRowsRendered(
  visibleRows: {
    startIndex: number;
    stopIndex: number;
  },
  allRows: {
    startIndex: number;
    stopIndex: number;
  }
): void {
  // ...
}

function onCellsRendered(

visibleCells: {

columnStartIndex: number;

columnStopIndex: number;

rowStartIndex: number;

rowStopIndex: number;

</tr></table>

... (truncated)

Changelog

Sourced from react-window's changelog.

2.1.0

Improved ARIA support:

  • Add better default ARIA attributes for outer HTMLDivElement
  • Add optional ariaAttributes prop to row and cell renderers to simplify better ARIA attributes for user-rendered cells
  • Remove intermediate HTMLDivElement from List and Grid
    • This may enable more/better custom CSS styling
    • This may also enable adding an optional children prop to List and Grid for e.g. overlays/tooltips
  • Add optional tagName prop; defaults to "div" but can be changed to e.g. "ul"
// Example of how to use new `ariaAttributes` prop
function RowComponent({
  ariaAttributes,
  index,
  style,
  ...rest
}: RowComponentProps<object>) {
  return (
    <div style={style} {...ariaAttributes}>
      ...
    </div>
  );
}

Added optional children prop to better support edge cases like sticky rows.

Minor changes to onRowsRendered and onCellsRendered callbacks to make it easier to differentiate between visible items and items rendered due to overscan settings. These methods will now receive two params– the first for visible rows and the second for all rows (including overscan), e.g.:

function onRowsRendered(
  visibleRows: {
    startIndex: number;
    stopIndex: number;
  },
  allRows: {
    startIndex: number;
    stopIndex: number;
  }
): void {
  // ...
}

function onCellsRendered(

visibleCells: {

columnStartIndex: number;

columnStopIndex: number;

rowStartIndex: number;

</tr></table>

... (truncated)

Commits
  • 1b6840b Merge pull request #836 from bvaughn/ARIA-roles
  • 35f651b Revert accidental change to docs example
  • 8bce7f5 onRowsRendered/onCellsRendered separate visible and overscan items
  • 9f1e8f2 Support custom tagName for outer element and (optional) children
  • 7f07ac3 Improve ARIA attributes
  • 7234ec3 Reduced network waterfalls between routes
  • 5c431a2 Stronger typing for doc website routes
  • c9349a4 2.0.1 -> 2.0.2
  • 6adc6c0 Merge pull request #832 from bvaughn/issues/831
  • bd562c5 Add tests
  • Additional commits viewable in compare view

Updates `@types/react-window` from 1.8.8 to 2.0.0
Commits

You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nicholas Tindle Co-authored-by: Nick Tindle --- autogpt_platform/frontend/package.json | 4 +- autogpt_platform/frontend/pnpm-lock.yaml | 38 +++++++++---------- .../ActivityDropdown/ActivityDropdown.tsx | 31 +++++++-------- 3 files changed, 35 insertions(+), 38 deletions(-) diff --git a/autogpt_platform/frontend/package.json b/autogpt_platform/frontend/package.json index f22a182d20..e8c9871a72 100644 --- a/autogpt_platform/frontend/package.json +++ b/autogpt_platform/frontend/package.json @@ -102,7 +102,7 @@ "react-markdown": "9.0.3", "react-modal": "3.16.3", "react-shepherd": "6.1.9", - "react-window": "1.8.11", + "react-window": "2.2.0", "recharts": "3.3.0", "rehype-autolink-headings": "7.1.0", "rehype-highlight": "7.0.2", @@ -140,7 +140,7 @@ "@types/react": "18.3.17", "@types/react-dom": "18.3.5", "@types/react-modal": "3.16.3", - "@types/react-window": "1.8.8", + "@types/react-window": "2.0.0", "@vitejs/plugin-react": "5.1.2", "axe-playwright": "2.2.2", "chromatic": "13.3.3", diff --git a/autogpt_platform/frontend/pnpm-lock.yaml b/autogpt_platform/frontend/pnpm-lock.yaml index db891ccf3f..377a298564 100644 --- a/autogpt_platform/frontend/pnpm-lock.yaml +++ b/autogpt_platform/frontend/pnpm-lock.yaml @@ -228,8 +228,8 @@ importers: specifier: 6.1.9 version: 6.1.9(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(typescript@5.9.3) react-window: - specifier: 1.8.11 - version: 1.8.11(react-dom@18.3.1(react@18.3.1))(react@18.3.1) + specifier: 2.2.0 + version: 2.2.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1) recharts: specifier: 3.3.0 version: 3.3.0(@types/react@18.3.17)(react-dom@18.3.1(react@18.3.1))(react-is@18.3.1)(react@18.3.1)(redux@5.0.1) @@ -337,8 +337,8 @@ importers: specifier: 3.16.3 version: 3.16.3 '@types/react-window': - specifier: 1.8.8 - version: 1.8.8 + specifier: 2.0.0 + version: 2.0.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1) '@vitejs/plugin-react': specifier: 5.1.2 version: 5.1.2(vite@7.3.1(@types/node@24.10.0)(jiti@2.6.1)(terser@5.44.1)(yaml@2.8.2)) @@ -3469,8 +3469,9 @@ packages: '@types/react-modal@3.16.3': resolution: {integrity: sha512-xXuGavyEGaFQDgBv4UVm8/ZsG+qxeQ7f77yNrW3n+1J6XAstUy5rYHeIHPh1KzsGc6IkCIdu6lQ2xWzu1jBTLg==} - '@types/react-window@1.8.8': - resolution: {integrity: sha512-8Ls660bHR1AUA2kuRvVG9D/4XpRC6wjAaPT9dil7Ckc76eP9TKWZwwmgfq8Q1LANX3QNDnoU4Zp48A3w+zK69Q==} + '@types/react-window@2.0.0': + resolution: {integrity: sha512-E8hMDtImEpMk1SjswSvqoSmYvk7GEtyVaTa/GJV++FdDNuMVVEzpAClyJ0nqeKYBrMkGiyH6M1+rPLM0Nu1exQ==} + deprecated: This is a stub types definition. react-window provides its own type definitions, so you do not need this installed. '@types/react@18.3.17': resolution: {integrity: sha512-opAQ5no6LqJNo9TqnxBKsgnkIYHozW9KSTlFVoSUJYh1Fl/sswkEoqIugRSm7tbh6pABtYjGAjW+GOS23j8qbw==} @@ -5976,9 +5977,6 @@ packages: resolution: {integrity: sha512-UERzLsxzllchadvbPs5aolHh65ISpKpM+ccLbOJ8/vvpBKmAWf+la7dXFy7Mr0ySHbdHrFv5kGFCUHHe6GFEmw==} engines: {node: '>= 4.0.0'} - memoize-one@5.2.1: - resolution: {integrity: sha512-zYiwtZUcYyXKo/np96AGZAckk+FWWsUdJ3cHGGmld7+AhvcWmQyGCYUh1hc4Q/pkOhb65dQR/pqCyK0cOaHz4Q==} - merge-stream@2.0.0: resolution: {integrity: sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==} @@ -6891,12 +6889,11 @@ packages: '@types/react': optional: true - react-window@1.8.11: - resolution: {integrity: sha512-+SRbUVT2scadgFSWx+R1P754xHPEqvcfSfVX10QYg6POOz+WNgkN48pS+BtZNIMGiL1HYrSEiCkwsMS15QogEQ==} - engines: {node: '>8.0.0'} + react-window@2.2.0: + resolution: {integrity: sha512-Y2L7yonHq6K1pQA2P98wT5QdIsEcjBTB7T8o6Mub12hH9eYppXoYu6vgClmcjlh3zfNcW2UrXiJJJqDxUY7GVw==} peerDependencies: - react: ^15.0.0 || ^16.0.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 - react-dom: ^15.0.0 || ^16.0.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 + react: ^18.0.0 || ^19.0.0 + react-dom: ^18.0.0 || ^19.0.0 react@18.3.1: resolution: {integrity: sha512-wS+hAgJShR0KhEvPJArfuPVN1+Hz1t0Y6n5jLrGQbkb4urgPE/0Rve+1kMB1v/oWgHgm4WIcV+i7F2pTVj+2iQ==} @@ -11603,9 +11600,12 @@ snapshots: dependencies: '@types/react': 18.3.17 - '@types/react-window@1.8.8': + '@types/react-window@2.0.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': dependencies: - '@types/react': 18.3.17 + react-window: 2.2.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1) + transitivePeerDependencies: + - react + - react-dom '@types/react@18.3.17': dependencies: @@ -14545,8 +14545,6 @@ snapshots: dependencies: fs-monkey: 1.1.0 - memoize-one@5.2.1: {} - merge-stream@2.0.0: {} merge2@1.4.1: {} @@ -15592,10 +15590,8 @@ snapshots: optionalDependencies: '@types/react': 18.3.17 - react-window@1.8.11(react-dom@18.3.1(react@18.3.1))(react@18.3.1): + react-window@2.2.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1): dependencies: - '@babel/runtime': 7.28.4 - memoize-one: 5.2.1 react: 18.3.1 react-dom: 18.3.1(react@18.3.1) diff --git a/autogpt_platform/frontend/src/components/layout/Navbar/components/AgentActivityDropdown/components/ActivityDropdown/ActivityDropdown.tsx b/autogpt_platform/frontend/src/components/layout/Navbar/components/AgentActivityDropdown/components/ActivityDropdown/ActivityDropdown.tsx index 263453b327..885877786f 100644 --- a/autogpt_platform/frontend/src/components/layout/Navbar/components/AgentActivityDropdown/components/ActivityDropdown/ActivityDropdown.tsx +++ b/autogpt_platform/frontend/src/components/layout/Navbar/components/AgentActivityDropdown/components/ActivityDropdown/ActivityDropdown.tsx @@ -4,7 +4,7 @@ import { Button } from "@/components/atoms/Button/Button"; import { Input } from "@/components/atoms/Input/Input"; import { Text } from "@/components/atoms/Text/Text"; import { Bell, MagnifyingGlass, X } from "@phosphor-icons/react"; -import { FixedSizeList as List } from "react-window"; +import { List, type RowComponentProps } from "react-window"; import { AgentExecutionWithInfo } from "../../helpers"; import { ActivityItem } from "../ActivityItem"; import styles from "./styles.module.css"; @@ -19,14 +19,16 @@ interface Props { recentFailures: AgentExecutionWithInfo[]; } -interface VirtualizedItemProps { - index: number; - style: React.CSSProperties; - data: AgentExecutionWithInfo[]; +interface ActivityRowProps { + executions: AgentExecutionWithInfo[]; } -function VirtualizedActivityItem({ index, style, data }: VirtualizedItemProps) { - const execution = data[index]; +function VirtualizedActivityItem({ + index, + style, + executions, +}: RowComponentProps) { + const execution = executions[index]; return (
@@ -129,14 +131,13 @@ export function ActivityDropdown({ > {filteredExecutions.length > 0 ? ( - {VirtualizedActivityItem} - + defaultHeight={listHeight} + rowCount={filteredExecutions.length} + rowHeight={itemHeight} + rowProps={{ executions: filteredExecutions }} + rowComponent={VirtualizedActivityItem} + style={{ width: 320, height: listHeight }} + /> ) : (
From 1a16e203b8df62efd1fc8dfeb83d5f795385b445 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Feb 2026 07:11:21 +0000 Subject: [PATCH 8/9] chore(deps): Bump actions/setup-node from 4 to 6 (#11213) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4 to 6.
Release notes

Sourced from actions/setup-node's releases.

v6.0.0

What's Changed

Breaking Changes

Dependency Upgrades

Full Changelog: https://github.com/actions/setup-node/compare/v5...v6.0.0

v5.0.0

What's Changed

Breaking Changes

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set package-manager-cache: false

steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

New Contributors

Full Changelog: https://github.com/actions/setup-node/compare/v4...v5.0.0

v4.4.0

... (truncated)

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-node&package-manager=github_actions&previous-version=4&new-version=6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nick Tindle --- .github/workflows/claude-dependabot.yml | 2 +- .github/workflows/claude.yml | 2 +- .github/workflows/copilot-setup-steps.yml | 2 +- .github/workflows/platform-frontend-ci.yml | 10 +++++----- .github/workflows/platform-fullstack-ci.yml | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/claude-dependabot.yml b/.github/workflows/claude-dependabot.yml index c39fdb0e35..6dbe068c3d 100644 --- a/.github/workflows/claude-dependabot.yml +++ b/.github/workflows/claude-dependabot.yml @@ -78,7 +78,7 @@ jobs: # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml) - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: "22" diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index 805f3d78bb..8e165b823e 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -94,7 +94,7 @@ jobs: # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml) - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: "22" diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index f70fe36572..eae6eea5d2 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -76,7 +76,7 @@ jobs: # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml) - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: "22" diff --git a/.github/workflows/platform-frontend-ci.yml b/.github/workflows/platform-frontend-ci.yml index 01e057207d..669a775934 100644 --- a/.github/workflows/platform-frontend-ci.yml +++ b/.github/workflows/platform-frontend-ci.yml @@ -42,7 +42,7 @@ jobs: - 'autogpt_platform/frontend/src/components/**' - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: "22.18.0" @@ -74,7 +74,7 @@ jobs: uses: actions/checkout@v4 - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: "22.18.0" @@ -112,7 +112,7 @@ jobs: fetch-depth: 0 - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: "22.18.0" @@ -153,7 +153,7 @@ jobs: submodules: recursive - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: "22.18.0" @@ -282,7 +282,7 @@ jobs: submodules: recursive - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: "22.18.0" diff --git a/.github/workflows/platform-fullstack-ci.yml b/.github/workflows/platform-fullstack-ci.yml index f64d5e33c9..67be0ae939 100644 --- a/.github/workflows/platform-fullstack-ci.yml +++ b/.github/workflows/platform-fullstack-ci.yml @@ -32,7 +32,7 @@ jobs: uses: actions/checkout@v4 - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: "22.18.0" @@ -68,7 +68,7 @@ jobs: submodules: recursive - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: "22.18.0" From e8fc8ee6234772484e4c0f88ffa1e4d019e6e488 Mon Sep 17 00:00:00 2001 From: Nicholas Tindle Date: Mon, 9 Feb 2026 01:19:43 -0600 Subject: [PATCH 9/9] fix(backend): filter graph-only blocks from CoPilot's find_block results (#11892) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Filters out blocks that are unsuitable for standalone execution from CoPilot's block search and execution. These blocks serve graph-specific purposes and will either fail, hang, or confuse users when run outside of a graph context. **Important:** This does NOT affect the Builder UI which uses `load_all_blocks()` directly. ### Changes 🏗️ - **find_block.py**: Added `EXCLUDED_BLOCK_TYPES` and `EXCLUDED_BLOCK_IDS` constants, skip excluded blocks in search results - **run_block.py**: Added execution guard that returns clear error message for excluded blocks - **content_handlers.py**: Added filtering to `BlockHandler.get_missing_items()` and `get_stats()` to prevent indexing excluded blocks **Excluded by BlockType:** | BlockType | Reason | |-----------|--------| | `INPUT` | Graph interface definition - data enters via chat, not graph inputs | | `OUTPUT` | Graph interface definition - data exits via chat, not graph outputs | | `WEBHOOK` | Wait for external events - would hang forever in CoPilot | | `WEBHOOK_MANUAL` | Same as WEBHOOK | | `NOTE` | Visual annotation only - no runtime behavior | | `HUMAN_IN_THE_LOOP` | Pauses for human approval - CoPilot IS human-in-the-loop | | `AGENT` | AgentExecutorBlock requires graph context - use `run_agent` tool instead | **Excluded by ID:** | Block | Reason | |-------|--------| | `SmartDecisionMakerBlock` | Dynamically discovers downstream blocks via graph topology | ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [ ] Search for "input" in CoPilot - should NOT return AgentInputBlock variants - [ ] Search for "output" in CoPilot - should NOT return AgentOutputBlock - [ ] Search for "webhook" in CoPilot - should NOT return trigger blocks - [ ] Search for "human" in CoPilot - should NOT return HumanInTheLoopBlock - [ ] Search for "decision" in CoPilot - should NOT return SmartDecisionMakerBlock - [ ] Verify functional blocks still appear (e.g., "email", "http", "text") - [ ] Verify Builder UI still shows ALL blocks (no regression) #### For configuration changes: - [x] `.env.default` is updated or already compatible with my changes - [x] `docker-compose.yml` is updated or already compatible with my changes - [x] I have included a list of my configuration changes in the PR description (under **Changes**) No configuration changes required. --- Resolves: [SECRT-1831](https://linear.app/autogpt/issue/SECRT-1831) 🤖 Generated with [Claude Code](https://claude.ai/code) --- > [!NOTE] > **Low Risk** > Behavior change is limited to CoPilot’s block discovery/execution guards and is covered by new tests; main risk is inadvertently excluding a block that should be runnable. > > **Overview** > CoPilot now **filters out graph-only blocks** from `find_block` results and prevents them from being executed via `run_block`, returning a clear error when a user attempts to run an excluded block. > > `find_block` introduces explicit exclusion lists (by `BlockType` and a specific block ID), over-fetches search results to maintain up to 10 usable matches after filtering, and adds debug logging when results are reduced. New unit tests cover both the search filtering and the `run_block` execution guard; a minor cleanup removes an unused `pytest` import in `execution_queue_test.py`. > > Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit bc50755dcff892fecd5a0c46c4bd629742320e3c. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot). --------- Co-authored-by: Claude Opus 4.5 Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com> Co-authored-by: Nicholas Tindle Co-authored-by: Otto --- .../api/features/chat/tools/find_block.py | 158 ++++++++++++------ .../features/chat/tools/find_block_test.py | 139 +++++++++++++++ .../api/features/chat/tools/run_block.py | 17 ++ .../api/features/chat/tools/run_block_test.py | 106 ++++++++++++ .../backend/data/execution_queue_test.py | 2 - 5 files changed, 367 insertions(+), 55 deletions(-) create mode 100644 autogpt_platform/backend/backend/api/features/chat/tools/find_block_test.py create mode 100644 autogpt_platform/backend/backend/api/features/chat/tools/run_block_test.py diff --git a/autogpt_platform/backend/backend/api/features/chat/tools/find_block.py b/autogpt_platform/backend/backend/api/features/chat/tools/find_block.py index 7ca85961f9..f55cd567e8 100644 --- a/autogpt_platform/backend/backend/api/features/chat/tools/find_block.py +++ b/autogpt_platform/backend/backend/api/features/chat/tools/find_block.py @@ -13,10 +13,32 @@ from backend.api.features.chat.tools.models import ( NoResultsResponse, ) from backend.api.features.store.hybrid_search import unified_hybrid_search -from backend.data.block import get_block +from backend.data.block import BlockType, get_block logger = logging.getLogger(__name__) +_TARGET_RESULTS = 10 +# Over-fetch to compensate for post-hoc filtering of graph-only blocks. +# 40 is 2x current removed; speed of query 10 vs 40 is minimial +_OVERFETCH_PAGE_SIZE = 40 + +# Block types that only work within graphs and cannot run standalone in CoPilot. +COPILOT_EXCLUDED_BLOCK_TYPES = { + BlockType.INPUT, # Graph interface definition - data enters via chat, not graph inputs + BlockType.OUTPUT, # Graph interface definition - data exits via chat, not graph outputs + BlockType.WEBHOOK, # Wait for external events - would hang forever in CoPilot + BlockType.WEBHOOK_MANUAL, # Same as WEBHOOK + BlockType.NOTE, # Visual annotation only - no runtime behavior + BlockType.HUMAN_IN_THE_LOOP, # Pauses for human approval - CoPilot IS human-in-the-loop + BlockType.AGENT, # AgentExecutorBlock requires execution_context - use run_agent tool +} + +# Specific block IDs excluded from CoPilot (STANDARD type but still require graph context) +COPILOT_EXCLUDED_BLOCK_IDS = { + # SmartDecisionMakerBlock - dynamically discovers downstream blocks via graph topology + "3b191d9f-356f-482d-8238-ba04b6d18381", +} + class FindBlockTool(BaseTool): """Tool for searching available blocks.""" @@ -88,7 +110,7 @@ class FindBlockTool(BaseTool): query=query, content_types=[ContentType.BLOCK], page=1, - page_size=10, + page_size=_OVERFETCH_PAGE_SIZE, ) if not results: @@ -108,60 +130,90 @@ class FindBlockTool(BaseTool): block = get_block(block_id) # Skip disabled blocks - if block and not block.disabled: - # Get input/output schemas - input_schema = {} - output_schema = {} - try: - input_schema = block.input_schema.jsonschema() - except Exception: - pass - try: - output_schema = block.output_schema.jsonschema() - except Exception: - pass + if not block or block.disabled: + continue - # Get categories from block instance - categories = [] - if hasattr(block, "categories") and block.categories: - categories = [cat.value for cat in block.categories] + # Skip blocks excluded from CoPilot (graph-only blocks) + if ( + block.block_type in COPILOT_EXCLUDED_BLOCK_TYPES + or block.id in COPILOT_EXCLUDED_BLOCK_IDS + ): + continue - # Extract required inputs for easier use - required_inputs: list[BlockInputFieldInfo] = [] - if input_schema: - properties = input_schema.get("properties", {}) - required_fields = set(input_schema.get("required", [])) - # Get credential field names to exclude from required inputs - credentials_fields = set( - block.input_schema.get_credentials_fields().keys() - ) - - for field_name, field_schema in properties.items(): - # Skip credential fields - they're handled separately - if field_name in credentials_fields: - continue - - required_inputs.append( - BlockInputFieldInfo( - name=field_name, - type=field_schema.get("type", "string"), - description=field_schema.get("description", ""), - required=field_name in required_fields, - default=field_schema.get("default"), - ) - ) - - blocks.append( - BlockInfoSummary( - id=block_id, - name=block.name, - description=block.description or "", - categories=categories, - input_schema=input_schema, - output_schema=output_schema, - required_inputs=required_inputs, - ) + # Get input/output schemas + input_schema = {} + output_schema = {} + try: + input_schema = block.input_schema.jsonschema() + except Exception as e: + logger.debug( + "Failed to generate input schema for block %s: %s", + block_id, + e, ) + try: + output_schema = block.output_schema.jsonschema() + except Exception as e: + logger.debug( + "Failed to generate output schema for block %s: %s", + block_id, + e, + ) + + # Get categories from block instance + categories = [] + if hasattr(block, "categories") and block.categories: + categories = [cat.value for cat in block.categories] + + # Extract required inputs for easier use + required_inputs: list[BlockInputFieldInfo] = [] + if input_schema: + properties = input_schema.get("properties", {}) + required_fields = set(input_schema.get("required", [])) + # Get credential field names to exclude from required inputs + credentials_fields = set( + block.input_schema.get_credentials_fields().keys() + ) + + for field_name, field_schema in properties.items(): + # Skip credential fields - they're handled separately + if field_name in credentials_fields: + continue + + required_inputs.append( + BlockInputFieldInfo( + name=field_name, + type=field_schema.get("type", "string"), + description=field_schema.get("description", ""), + required=field_name in required_fields, + default=field_schema.get("default"), + ) + ) + + blocks.append( + BlockInfoSummary( + id=block_id, + name=block.name, + description=block.description or "", + categories=categories, + input_schema=input_schema, + output_schema=output_schema, + required_inputs=required_inputs, + ) + ) + + if len(blocks) >= _TARGET_RESULTS: + break + + if blocks and len(blocks) < _TARGET_RESULTS: + logger.debug( + "find_block returned %d/%d results for query '%s' " + "(filtered %d excluded/disabled blocks)", + len(blocks), + _TARGET_RESULTS, + query, + len(results) - len(blocks), + ) if not blocks: return NoResultsResponse( diff --git a/autogpt_platform/backend/backend/api/features/chat/tools/find_block_test.py b/autogpt_platform/backend/backend/api/features/chat/tools/find_block_test.py new file mode 100644 index 0000000000..0f3d4cbfa5 --- /dev/null +++ b/autogpt_platform/backend/backend/api/features/chat/tools/find_block_test.py @@ -0,0 +1,139 @@ +"""Tests for block filtering in FindBlockTool.""" + +from unittest.mock import AsyncMock, MagicMock, patch + +import pytest + +from backend.api.features.chat.tools.find_block import ( + COPILOT_EXCLUDED_BLOCK_IDS, + COPILOT_EXCLUDED_BLOCK_TYPES, + FindBlockTool, +) +from backend.api.features.chat.tools.models import BlockListResponse +from backend.data.block import BlockType + +from ._test_data import make_session + +_TEST_USER_ID = "test-user-find-block" + + +def make_mock_block( + block_id: str, name: str, block_type: BlockType, disabled: bool = False +): + """Create a mock block for testing.""" + mock = MagicMock() + mock.id = block_id + mock.name = name + mock.description = f"{name} description" + mock.block_type = block_type + mock.disabled = disabled + mock.input_schema = MagicMock() + mock.input_schema.jsonschema.return_value = {"properties": {}, "required": []} + mock.input_schema.get_credentials_fields.return_value = {} + mock.output_schema = MagicMock() + mock.output_schema.jsonschema.return_value = {} + mock.categories = [] + return mock + + +class TestFindBlockFiltering: + """Tests for block filtering in FindBlockTool.""" + + def test_excluded_block_types_contains_expected_types(self): + """Verify COPILOT_EXCLUDED_BLOCK_TYPES contains all graph-only types.""" + assert BlockType.INPUT in COPILOT_EXCLUDED_BLOCK_TYPES + assert BlockType.OUTPUT in COPILOT_EXCLUDED_BLOCK_TYPES + assert BlockType.WEBHOOK in COPILOT_EXCLUDED_BLOCK_TYPES + assert BlockType.WEBHOOK_MANUAL in COPILOT_EXCLUDED_BLOCK_TYPES + assert BlockType.NOTE in COPILOT_EXCLUDED_BLOCK_TYPES + assert BlockType.HUMAN_IN_THE_LOOP in COPILOT_EXCLUDED_BLOCK_TYPES + assert BlockType.AGENT in COPILOT_EXCLUDED_BLOCK_TYPES + + def test_excluded_block_ids_contains_smart_decision_maker(self): + """Verify SmartDecisionMakerBlock is in COPILOT_EXCLUDED_BLOCK_IDS.""" + assert "3b191d9f-356f-482d-8238-ba04b6d18381" in COPILOT_EXCLUDED_BLOCK_IDS + + @pytest.mark.asyncio(loop_scope="session") + async def test_excluded_block_type_filtered_from_results(self): + """Verify blocks with excluded BlockTypes are filtered from search results.""" + session = make_session(user_id=_TEST_USER_ID) + + # Mock search returns an INPUT block (excluded) and a STANDARD block (included) + search_results = [ + {"content_id": "input-block-id", "score": 0.9}, + {"content_id": "standard-block-id", "score": 0.8}, + ] + + input_block = make_mock_block("input-block-id", "Input Block", BlockType.INPUT) + standard_block = make_mock_block( + "standard-block-id", "HTTP Request", BlockType.STANDARD + ) + + def mock_get_block(block_id): + return { + "input-block-id": input_block, + "standard-block-id": standard_block, + }.get(block_id) + + with patch( + "backend.api.features.chat.tools.find_block.unified_hybrid_search", + new_callable=AsyncMock, + return_value=(search_results, 2), + ): + with patch( + "backend.api.features.chat.tools.find_block.get_block", + side_effect=mock_get_block, + ): + tool = FindBlockTool() + response = await tool._execute( + user_id=_TEST_USER_ID, session=session, query="test" + ) + + # Should only return the standard block, not the INPUT block + assert isinstance(response, BlockListResponse) + assert len(response.blocks) == 1 + assert response.blocks[0].id == "standard-block-id" + + @pytest.mark.asyncio(loop_scope="session") + async def test_excluded_block_id_filtered_from_results(self): + """Verify SmartDecisionMakerBlock is filtered from search results.""" + session = make_session(user_id=_TEST_USER_ID) + + smart_decision_id = "3b191d9f-356f-482d-8238-ba04b6d18381" + search_results = [ + {"content_id": smart_decision_id, "score": 0.9}, + {"content_id": "normal-block-id", "score": 0.8}, + ] + + # SmartDecisionMakerBlock has STANDARD type but is excluded by ID + smart_block = make_mock_block( + smart_decision_id, "Smart Decision Maker", BlockType.STANDARD + ) + normal_block = make_mock_block( + "normal-block-id", "Normal Block", BlockType.STANDARD + ) + + def mock_get_block(block_id): + return { + smart_decision_id: smart_block, + "normal-block-id": normal_block, + }.get(block_id) + + with patch( + "backend.api.features.chat.tools.find_block.unified_hybrid_search", + new_callable=AsyncMock, + return_value=(search_results, 2), + ): + with patch( + "backend.api.features.chat.tools.find_block.get_block", + side_effect=mock_get_block, + ): + tool = FindBlockTool() + response = await tool._execute( + user_id=_TEST_USER_ID, session=session, query="decision" + ) + + # Should only return normal block, not SmartDecisionMakerBlock + assert isinstance(response, BlockListResponse) + assert len(response.blocks) == 1 + assert response.blocks[0].id == "normal-block-id" diff --git a/autogpt_platform/backend/backend/api/features/chat/tools/run_block.py b/autogpt_platform/backend/backend/api/features/chat/tools/run_block.py index 51bb2c0575..590f81ff23 100644 --- a/autogpt_platform/backend/backend/api/features/chat/tools/run_block.py +++ b/autogpt_platform/backend/backend/api/features/chat/tools/run_block.py @@ -8,6 +8,10 @@ from typing import Any from pydantic_core import PydanticUndefined from backend.api.features.chat.model import ChatSession +from backend.api.features.chat.tools.find_block import ( + COPILOT_EXCLUDED_BLOCK_IDS, + COPILOT_EXCLUDED_BLOCK_TYPES, +) from backend.data.block import get_block from backend.data.execution import ExecutionContext from backend.data.model import CredentialsMetaInput @@ -212,6 +216,19 @@ class RunBlockTool(BaseTool): session_id=session_id, ) + # Check if block is excluded from CoPilot (graph-only blocks) + if ( + block.block_type in COPILOT_EXCLUDED_BLOCK_TYPES + or block.id in COPILOT_EXCLUDED_BLOCK_IDS + ): + return ErrorResponse( + message=( + f"Block '{block.name}' cannot be run directly in CoPilot. " + "This block is designed for use within graphs only." + ), + session_id=session_id, + ) + logger.info(f"Executing block {block.name} ({block_id}) for user {user_id}") creds_manager = IntegrationCredentialsManager() diff --git a/autogpt_platform/backend/backend/api/features/chat/tools/run_block_test.py b/autogpt_platform/backend/backend/api/features/chat/tools/run_block_test.py new file mode 100644 index 0000000000..2aae45e875 --- /dev/null +++ b/autogpt_platform/backend/backend/api/features/chat/tools/run_block_test.py @@ -0,0 +1,106 @@ +"""Tests for block execution guards in RunBlockTool.""" + +from unittest.mock import MagicMock, patch + +import pytest + +from backend.api.features.chat.tools.models import ErrorResponse +from backend.api.features.chat.tools.run_block import RunBlockTool +from backend.data.block import BlockType + +from ._test_data import make_session + +_TEST_USER_ID = "test-user-run-block" + + +def make_mock_block( + block_id: str, name: str, block_type: BlockType, disabled: bool = False +): + """Create a mock block for testing.""" + mock = MagicMock() + mock.id = block_id + mock.name = name + mock.block_type = block_type + mock.disabled = disabled + mock.input_schema = MagicMock() + mock.input_schema.jsonschema.return_value = {"properties": {}, "required": []} + mock.input_schema.get_credentials_fields_info.return_value = [] + return mock + + +class TestRunBlockFiltering: + """Tests for block execution guards in RunBlockTool.""" + + @pytest.mark.asyncio(loop_scope="session") + async def test_excluded_block_type_returns_error(self): + """Attempting to execute a block with excluded BlockType returns error.""" + session = make_session(user_id=_TEST_USER_ID) + + input_block = make_mock_block("input-block-id", "Input Block", BlockType.INPUT) + + with patch( + "backend.api.features.chat.tools.run_block.get_block", + return_value=input_block, + ): + tool = RunBlockTool() + response = await tool._execute( + user_id=_TEST_USER_ID, + session=session, + block_id="input-block-id", + input_data={}, + ) + + assert isinstance(response, ErrorResponse) + assert "cannot be run directly in CoPilot" in response.message + assert "designed for use within graphs only" in response.message + + @pytest.mark.asyncio(loop_scope="session") + async def test_excluded_block_id_returns_error(self): + """Attempting to execute SmartDecisionMakerBlock returns error.""" + session = make_session(user_id=_TEST_USER_ID) + + smart_decision_id = "3b191d9f-356f-482d-8238-ba04b6d18381" + smart_block = make_mock_block( + smart_decision_id, "Smart Decision Maker", BlockType.STANDARD + ) + + with patch( + "backend.api.features.chat.tools.run_block.get_block", + return_value=smart_block, + ): + tool = RunBlockTool() + response = await tool._execute( + user_id=_TEST_USER_ID, + session=session, + block_id=smart_decision_id, + input_data={}, + ) + + assert isinstance(response, ErrorResponse) + assert "cannot be run directly in CoPilot" in response.message + + @pytest.mark.asyncio(loop_scope="session") + async def test_non_excluded_block_passes_guard(self): + """Non-excluded blocks pass the filtering guard (may fail later for other reasons).""" + session = make_session(user_id=_TEST_USER_ID) + + standard_block = make_mock_block( + "standard-id", "HTTP Request", BlockType.STANDARD + ) + + with patch( + "backend.api.features.chat.tools.run_block.get_block", + return_value=standard_block, + ): + tool = RunBlockTool() + response = await tool._execute( + user_id=_TEST_USER_ID, + session=session, + block_id="standard-id", + input_data={}, + ) + + # Should NOT be an ErrorResponse about CoPilot exclusion + # (may be other errors like missing credentials, but not the exclusion guard) + if isinstance(response, ErrorResponse): + assert "cannot be run directly in CoPilot" not in response.message diff --git a/autogpt_platform/backend/backend/data/execution_queue_test.py b/autogpt_platform/backend/backend/data/execution_queue_test.py index ffe0fb265b..7a76adfe05 100644 --- a/autogpt_platform/backend/backend/data/execution_queue_test.py +++ b/autogpt_platform/backend/backend/data/execution_queue_test.py @@ -3,8 +3,6 @@ import queue import threading -import pytest - from backend.data.execution import ExecutionQueue