mirror of
https://github.com/Significant-Gravitas/AutoGPT.git
synced 2026-02-13 08:14:58 -05:00
9a8c6ad609
Bumps the production-dependencies group with 4 updates in the /autogpt_platform/autogpt_libs directory: [cryptography](https://github.com/pyca/cryptography), [fastapi](https://github.com/fastapi/fastapi), [launchdarkly-server-sdk](https://github.com/launchdarkly/python-server-sdk) and [supabase](https://github.com/supabase/supabase-py). Updates `cryptography` from 46.0.4 to 46.0.5 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's changelog</a>.</em></p> <blockquote> <p>46.0.5 - 2026-02-10</p> <pre><code> * An attacker could create a malicious public key that reveals portions of your private key when using certain uncommon elliptic curves (binary curves). This version now includes additional security checks to prevent this attack. This issue only affects binary elliptic curves, which are rarely used in real-world applications. Credit to **XlabAI Team of Tencent Xuanwu Lab and Atuin Automated Vulnerability Discovery Engine** for reporting the issue. **CVE-2026-26007** * Support for ``SECT*`` binary elliptic curves is deprecated and will be removed in the next release. <p>.. v46-0-4:<br /> </code></pre></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="06e120e682"><code>06e120e</code></a> bump version for 46.0.5 release (<a href="https://redirect.github.com/pyca/cryptography/issues/14289">#14289</a>)</li> <li><a href="0eebb9dbb6"><code>0eebb9d</code></a> EC check key on cofactor > 1 (<a href="https://redirect.github.com/pyca/cryptography/issues/14287">#14287</a>)</li> <li><a href="bedf6e186b"><code>bedf6e1</code></a> fix openssl version on 46 branch (<a href="https://redirect.github.com/pyca/cryptography/issues/14220">#14220</a>)</li> <li>See full diff in <a href="https://github.com/pyca/cryptography/compare/46.0.4...46.0.5">compare view</a></li> </ul> </details> <br /> Updates `fastapi` from 0.128.0 to 0.128.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fastapi/fastapi/releases">fastapi's releases</a>.</em></p> <blockquote> <h2>0.128.7</h2> <h3>Features</h3> <ul> <li>✨ Show a clear error on attempt to include router into itself. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14258">#14258</a> by <a href="https://github.com/JavierSanchezCastro"><code>@JavierSanchezCastro</code></a>.</li> <li>✨ Replace <code>dict</code> by <code>Mapping</code> on <code>HTTPException.headers</code>. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/12997">#12997</a> by <a href="https://github.com/rijenkii"><code>@rijenkii</code></a>.</li> </ul> <h3>Refactors</h3> <ul> <li>♻️ Simplify reading files in memory, do it sequentially instead of (fake) parallel. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14884">#14884</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> </ul> <h3>Docs</h3> <ul> <li>📝 Use <code>dfn</code> tag for definitions instead of <code>abbr</code> in docs. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14744">#14744</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> </ul> <h3>Internal</h3> <ul> <li>✅ Tweak comment in test to reference PR. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14885">#14885</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>🔧 Update LLM-prompt for <code>abbr</code> and <code>dfn</code> tags. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14747">#14747</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> <li>✅ Test order for the submitted byte Files. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14828">#14828</a> by <a href="https://github.com/valentinDruzhinin"><code>@valentinDruzhinin</code></a>.</li> <li>🔧 Configure <code>test</code> workflow to run tests with <code>inline-snapshot=review</code>. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14876">#14876</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> </ul> <h2>0.128.6</h2> <h3>Fixes</h3> <ul> <li>🐛 Fix <code>on_startup</code> and <code>on_shutdown</code> parameters of <code>APIRouter</code>. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14873">#14873</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> </ul> <h3>Translations</h3> <ul> <li>🌐 Update translations for zh (update-outdated). PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14843">#14843</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> </ul> <h3>Internal</h3> <ul> <li>✅ Fix parameterized tests with snapshots. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14875">#14875</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> </ul> <h2>0.128.5</h2> <h3>Refactors</h3> <ul> <li>♻️ Refactor and simplify Pydantic v2 (and v1) compatibility internal utils. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14862">#14862</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> </ul> <h3>Internal</h3> <ul> <li>✅ Add inline snapshot tests for OpenAPI before changes from Pydantic v2. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14864">#14864</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> </ul> <h2>0.128.4</h2> <h3>Refactors</h3> <ul> <li>♻️ Refactor internals, simplify Pydantic v2/v1 utils, <code>create_model_field</code>, better types for <code>lenient_issubclass</code>. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14860">#14860</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>♻️ Simplify internals, remove Pydantic v1 only logic, no longer needed. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14857">#14857</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>♻️ Refactor internals, cleanup unneeded Pydantic v1 specific logic. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14856">#14856</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="8f82c94de0"><code>8f82c94</code></a> 🔖 Release version 0.128.7</li> <li><a href="5bb3423205"><code>5bb3423</code></a> 📝 Update release notes</li> <li><a href="6ce5e3e961"><code>6ce5e3e</code></a> ✅ Tweak comment in test to reference PR (<a href="https://redirect.github.com/fastapi/fastapi/issues/14885">#14885</a>)</li> <li><a href="65da3dde12"><code>65da3dd</code></a> 📝 Update release notes</li> <li><a href="81f82fd955"><code>81f82fd</code></a> 🔧 Update LLM-prompt for <code>abbr</code> and <code>dfn</code> tags (<a href="https://redirect.github.com/fastapi/fastapi/issues/14747">#14747</a>)</li> <li><a href="ff721017df"><code>ff72101</code></a> 📝 Update release notes</li> <li><a href="ca76a4eba9"><code>ca76a4e</code></a> 📝 Use <code>dfn</code> tag for definitions instead of <code>abbr</code> in docs (<a href="https://redirect.github.com/fastapi/fastapi/issues/14744">#14744</a>)</li> <li><a href="1133a4594d"><code>1133a45</code></a> 📝 Update release notes</li> <li><a href="38f965985e"><code>38f9659</code></a> ✅ Test order for the submitted byte Files (<a href="https://redirect.github.com/fastapi/fastapi/issues/14828">#14828</a>)</li> <li><a href="3f1cc8f8f5"><code>3f1cc8f</code></a> 📝 Update release notes</li> <li>Additional commits viewable in <a href="https://github.com/fastapi/fastapi/compare/0.128.0...0.128.7">compare view</a></li> </ul> </details> <br /> Updates `launchdarkly-server-sdk` from 9.14.1 to 9.15.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/launchdarkly/python-server-sdk/releases">launchdarkly-server-sdk's releases</a>.</em></p> <blockquote> <h2>v9.15.0</h2> <h2><a href="https://github.com/launchdarkly/python-server-sdk/compare/9.14.1...9.15.0">9.15.0</a> (2026-02-10)</h2> <h3>Features</h3> <ul> <li>Drop support for python 3.9 (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/393">#393</a>) (<a href="5b761bd306">5b761bd</a>)</li> <li>Update ChangeSet to always require a Selector (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/405">#405</a>) (<a href="5dc4f81688">5dc4f81</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li>Add context manager for clearer, safer locks (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/396">#396</a>) (<a href="beca0fa498">beca0fa</a>)</li> <li>Address potential race condition in FeatureStore update_availability (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/391">#391</a>) (<a href="31cf4875c3">31cf487</a>)</li> <li>Allow modifying fdv2 data source options independent of main config (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/403">#403</a>) (<a href="d78079e7f3">d78079e</a>)</li> <li>Mark copy_with_new_sdk_key method as deprecated (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/353">#353</a>) (<a href="e471ccc3d5">e471ccc</a>)</li> <li>Prevent immediate polling on recoverable error (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/399">#399</a>) (<a href="da565a2dce">da565a2</a>)</li> <li>Redis store is considered initialized when <code>$inited</code> key is written (<a href="e99a27d48f">e99a27d</a>)</li> <li>Stop FeatureStoreClientWrapper poller on close (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/397">#397</a>) (<a href="468afdfef3">468afdf</a>)</li> <li>Update DataSystemConfig to accept list of synchronizers (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/404">#404</a>) (<a href="c73ad14090">c73ad14</a>)</li> <li>Update reason documentation with inExperiment value (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/401">#401</a>) (<a href="cbfc3dd887">cbfc3dd</a>)</li> <li>Update Redis to write missing <code>$inited</code> key (<a href="e99a27d48f">e99a27d</a>)</li> </ul> <hr /> <p>This PR was generated with <a href="https://github.com/googleapis/release-please">Release Please</a>. See <a href="https://github.com/googleapis/release-please#release-please">documentation</a>.</p> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/launchdarkly/python-server-sdk/blob/main/CHANGELOG.md">launchdarkly-server-sdk's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/launchdarkly/python-server-sdk/compare/9.14.1...9.15.0">9.15.0</a> (2026-02-10)</h2> <h3>⚠ BREAKING CHANGES</h3> <p><strong>Note:</strong> The following breaking changes apply only to FDv2 (Flag Delivery v2) early access features, which are not subject to semantic versioning and may change without a major version bump.</p> <ul> <li>Update ChangeSet to always require a Selector (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/405">#405</a>) (<a href="5dc4f81688">5dc4f81</a>) <ul> <li>The <code>ChangeSetBuilder.finish()</code> method now requires a <code>Selector</code> parameter.</li> </ul> </li> <li>Update DataSystemConfig to accept list of synchronizers (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/404">#404</a>) (<a href="c73ad14090">c73ad14</a>) <ul> <li>The <code>DataSystemConfig.synchronizers</code> field now accepts a list of synchronizers, and the <code>ConfigBuilder.synchronizers()</code> method accepts variadic arguments.</li> </ul> </li> </ul> <h3>Features</h3> <ul> <li>Drop support for python 3.9 (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/393">#393</a>) (<a href="5b761bd306">5b761bd</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li>Add context manager for clearer, safer locks (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/396">#396</a>) (<a href="beca0fa498">beca0fa</a>)</li> <li>Address potential race condition in FeatureStore update_availability (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/391">#391</a>) (<a href="31cf4875c3">31cf487</a>)</li> <li>Allow modifying fdv2 data source options independent of main config (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/403">#403</a>) (<a href="d78079e7f3">d78079e</a>)</li> <li>Mark copy_with_new_sdk_key method as deprecated (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/353">#353</a>) (<a href="e471ccc3d5">e471ccc</a>)</li> <li>Prevent immediate polling on recoverable error (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/399">#399</a>) (<a href="da565a2dce">da565a2</a>)</li> <li>Redis store is considered initialized when <code>$inited</code> key is written (<a href="e99a27d48f">e99a27d</a>)</li> <li>Stop FeatureStoreClientWrapper poller on close (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/397">#397</a>) (<a href="468afdfef3">468afdf</a>)</li> <li>Update reason documentation with inExperiment value (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/401">#401</a>) (<a href="cbfc3dd887">cbfc3dd</a>)</li> <li>Update Redis to write missing <code>$inited</code> key (<a href="e99a27d48f">e99a27d</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="e542f737a6"><code>e542f73</code></a> chore(main): release 9.15.0 (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/394">#394</a>)</li> <li><a href="e471ccc3d5"><code>e471ccc</code></a> fix: Mark copy_with_new_sdk_key method as deprecated (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/353">#353</a>)</li> <li><a href="5dc4f81688"><code>5dc4f81</code></a> feat: Update ChangeSet to always require a Selector (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/405">#405</a>)</li> <li><a href="f20fffeb1e"><code>f20fffe</code></a> chore: Remove dead code, clarify names, other cleanup (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/398">#398</a>)</li> <li><a href="c73ad14090"><code>c73ad14</code></a> fix: Update DataSystemConfig to accept list of synchronizers (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/404">#404</a>)</li> <li><a href="d78079e7f3"><code>d78079e</code></a> fix: Allow modifying fdv2 data source options independent of main config (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/403">#403</a>)</li> <li><a href="e99a27d48f"><code>e99a27d</code></a> chore: Support persistent data store verification in contract tests (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/402">#402</a>)</li> <li><a href="cbfc3dd887"><code>cbfc3dd</code></a> fix: Update reason documentation with inExperiment value (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/401">#401</a>)</li> <li><a href="5a1adbb2de"><code>5a1adbb</code></a> chore: Update sdk_metadata features (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/400">#400</a>)</li> <li><a href="da565a2dce"><code>da565a2</code></a> fix: Prevent immediate polling on recoverable error (<a href="https://redirect.github.com/launchdarkly/python-server-sdk/issues/399">#399</a>)</li> <li>Additional commits viewable in <a href="https://github.com/launchdarkly/python-server-sdk/compare/9.14.1...9.15.0">compare view</a></li> </ul> </details> <br /> Updates `supabase` from 2.27.2 to 2.28.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/supabase/supabase-py/releases">supabase's releases</a>.</em></p> <blockquote> <h2>v2.28.0</h2> <h2><a href="https://github.com/supabase/supabase-py/compare/v2.27.3...v2.28.0">2.28.0</a> (2026-02-10)</h2> <h3>Features</h3> <ul> <li><strong>storage:</strong> add list_v2 method to file_api client (<a href="https://redirect.github.com/supabase/supabase-py/issues/1377">#1377</a>) (<a href="259f4ad42d">259f4ad</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li><strong>auth:</strong> add missing is_sso_user, deleted_at, banned_until to User model (<a href="https://redirect.github.com/supabase/supabase-py/issues/1375">#1375</a>) (<a href="7f84a62996">7f84a62</a>)</li> <li><strong>realtime:</strong> ensure remove_channel removes channel from channels dict (<a href="https://redirect.github.com/supabase/supabase-py/issues/1373">#1373</a>) (<a href="0923314039">0923314</a>)</li> <li><strong>realtime:</strong> use pop with default in _handle_message to prevent KeyError (<a href="https://redirect.github.com/supabase/supabase-py/issues/1388">#1388</a>) (<a href="baea26f7ce">baea26f</a>)</li> <li><strong>storage3:</strong> replace print() with warnings.warn() for trailing slash notice (<a href="https://redirect.github.com/supabase/supabase-py/issues/1380">#1380</a>) (<a href="50b099fa06">50b099f</a>)</li> </ul> <h2>v2.27.3</h2> <h2><a href="https://github.com/supabase/supabase-py/compare/v2.27.2...v2.27.3">2.27.3</a> (2026-02-03)</h2> <h3>Bug Fixes</h3> <ul> <li>deprecate python 3.9 in all packages (<a href="https://redirect.github.com/supabase/supabase-py/issues/1365">#1365</a>) (<a href="cc72ed75d4">cc72ed7</a>)</li> <li>ensure storage_url has trailing slash to prevent warning (<a href="https://redirect.github.com/supabase/supabase-py/issues/1367">#1367</a>) (<a href="4267ff1345">4267ff1</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/supabase/supabase-py/blob/main/CHANGELOG.md">supabase's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/supabase/supabase-py/compare/v2.27.3...v2.28.0">2.28.0</a> (2026-02-10)</h2> <h3>Features</h3> <ul> <li><strong>storage:</strong> add list_v2 method to file_api client (<a href="https://redirect.github.com/supabase/supabase-py/issues/1377">#1377</a>) (<a href="259f4ad42d">259f4ad</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li><strong>auth:</strong> add missing is_sso_user, deleted_at, banned_until to User model (<a href="https://redirect.github.com/supabase/supabase-py/issues/1375">#1375</a>) (<a href="7f84a62996">7f84a62</a>)</li> <li><strong>realtime:</strong> ensure remove_channel removes channel from channels dict (<a href="https://redirect.github.com/supabase/supabase-py/issues/1373">#1373</a>) (<a href="0923314039">0923314</a>)</li> <li><strong>realtime:</strong> use pop with default in _handle_message to prevent KeyError (<a href="https://redirect.github.com/supabase/supabase-py/issues/1388">#1388</a>) (<a href="baea26f7ce">baea26f</a>)</li> <li><strong>storage3:</strong> replace print() with warnings.warn() for trailing slash notice (<a href="https://redirect.github.com/supabase/supabase-py/issues/1380">#1380</a>) (<a href="50b099fa06">50b099f</a>)</li> </ul> <h2><a href="https://github.com/supabase/supabase-py/compare/v2.27.2...v2.27.3">2.27.3</a> (2026-02-03)</h2> <h3>Bug Fixes</h3> <ul> <li>deprecate python 3.9 in all packages (<a href="https://redirect.github.com/supabase/supabase-py/issues/1365">#1365</a>) (<a href="cc72ed75d4">cc72ed7</a>)</li> <li>ensure storage_url has trailing slash to prevent warning (<a href="https://redirect.github.com/supabase/supabase-py/issues/1367">#1367</a>) (<a href="4267ff1345">4267ff1</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="59e338400b"><code>59e3384</code></a> chore(main): release 2.28.0 (<a href="https://redirect.github.com/supabase/supabase-py/issues/1378">#1378</a>)</li> <li><a href="baea26f7ce"><code>baea26f</code></a> fix(realtime): use pop with default in _handle_message to prevent KeyError (#...</li> <li><a href="259f4ad42d"><code>259f4ad</code></a> feat(storage): add list_v2 method to file_api client (<a href="https://redirect.github.com/supabase/supabase-py/issues/1377">#1377</a>)</li> <li><a href="50b099fa06"><code>50b099f</code></a> fix(storage3): replace print() with warnings.warn() for trailing slash notice...</li> <li><a href="0923314039"><code>0923314</code></a> fix(realtime): ensure remove_channel removes channel from channels dict (<a href="https://redirect.github.com/supabase/supabase-py/issues/1373">#1373</a>)</li> <li><a href="7f84a62996"><code>7f84a62</code></a> fix(auth): add missing is_sso_user, deleted_at, banned_until to User model (#...</li> <li><a href="57dd6e2195"><code>57dd6e2</code></a> chore(deps): bump the uv group across 1 directory with 3 updates (<a href="https://redirect.github.com/supabase/supabase-py/issues/1369">#1369</a>)</li> <li><a href="c357def670"><code>c357def</code></a> chore(main): release 2.27.3 (<a href="https://redirect.github.com/supabase/supabase-py/issues/1368">#1368</a>)</li> <li><a href="4267ff1345"><code>4267ff1</code></a> fix: ensure storage_url has trailing slash to prevent warning (<a href="https://redirect.github.com/supabase/supabase-py/issues/1367">#1367</a>)</li> <li><a href="cc72ed75d4"><code>cc72ed7</code></a> fix: deprecate python 3.9 in all packages (<a href="https://redirect.github.com/supabase/supabase-py/issues/1365">#1365</a>)</li> <li>Additional commits viewable in <a href="https://github.com/supabase/supabase-py/compare/v2.27.2...v2.28.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> <!-- greptile_comment --> <h2>Greptile Overview</h2> <details><summary><h3>Greptile Summary</h3></summary> Dependency update bumps 4 packages in the production-dependencies group, including a **critical security patch for `cryptography`** (CVE-2026-26007) that prevents malicious public key attacks on binary elliptic curves. The update also includes bug fixes for `fastapi`, `launchdarkly-server-sdk`, and `supabase`. - **cryptography** 46.0.4 → 46.0.5: patches CVE-2026-26007, deprecates SECT* binary curves - **fastapi** 0.128.0 → 0.128.7: bug fixes, improved error handling, relaxed Starlette constraint - **launchdarkly-server-sdk** 9.14.1 → 9.15.0: drops Python 3.9 support (requires >=3.10), fixes race conditions - **supabase** 2.27.2/2.27.3 → 2.28.0: realtime fixes, new User model fields The lock files correctly resolve all dependencies. Python 3.10+ requirement is already enforced in both packages. However, backend's `pyproject.toml` still specifies `launchdarkly-server-sdk = "^9.14.1"` while the lock file uses 9.15.0 (pulled from autogpt_libs dependency), creating a minor version constraint inconsistency. </details> <details><summary><h3>Confidence Score: 4/5</h3></summary> - This PR is safe to merge with one minor style suggestion - Automated dependency update with critical security patch for cryptography. All updates are backwards-compatible within semver constraints. Lock files correctly resolve all dependencies. Python 3.10+ is already enforced. Only minor issue is version constraint inconsistency in backend's pyproject.toml for launchdarkly-server-sdk, which doesn't affect functionality but should be aligned for clarity. - autogpt_platform/backend/pyproject.toml needs launchdarkly-server-sdk version constraint updated to ^9.15.0 </details> <!-- greptile_other_comments_section --> <!-- /greptile_comment --> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Otto <otto@agpt.co>
AutoGPT Libs
This is a new project to store shared functionality across different services in the AutoGPT Platform (e.g. authentication)