From 3c9365dfd946216dddbf8a370b35756289a5455a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Feb 2026 06:23:39 +0000 Subject: [PATCH 1/6] chore(deps): bump fast-xml-parser and @google-cloud/storage in /docs/en/getting-started/quickstart/js/adk (#2434) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) and [@google-cloud/storage](https://github.com/googleapis/nodejs-storage). These dependencies needed to be updated together. Updates `fast-xml-parser` from 4.5.3 to 5.3.5
Release notes

Sourced from fast-xml-parser's releases.

v5.3.5

What's Changed

New Contributors

Full Changelog: https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.4...v5.3.5

fix: handle HTML numeric and hex entities when out of range

No release notes provided.

bug fix and performance improvements

Replace Buffer with Uint8Array

Support EMPTY and ANY with ELEMENT in DOCTYPE

Full Changelog: https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.2.4...v5.2.4

upgrade to ESM module and fixing value parsing issues

Full Changelog: https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md

Summary update on all the previous releases from v4.2.4

Note: Release section in not updated frequently. Please check CHANGELOG or Tags for latest release information.

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

5.3.5 / 2026-02-08

5.3.4 / 2026-01-30

5.3.3 / 2025-12-12

5.3.2 / 2025-11-14

5.3.1 / 2025-11-03

5.3.0 / 2025-10-03

5.2.5 / 2025-06-08

5.2.4 / 2025-06-06

5.2.3 / 2025-05-11

5.2.2 / 2025-05-05

5.2.1 / 2025-04-22

5.2.0 / 2025-04-03

5.1.0 / 2025-04-02

... (truncated)

Commits

Updates `@google-cloud/storage` from 7.18.0 to 7.19.0
Release notes

Sourced from @​google-cloud/storage's releases.

v7.19.0

7.19.0 (2026-02-05)

Features

Bug Fixes

Changelog

Sourced from @​google-cloud/storage's changelog.

7.19.0 (2026-02-05)

Features

Bug Fixes

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/googleapis/genai-toolbox/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .../quickstart/js/adk/package-lock.json | 81 +++++++++++++------ 1 file changed, 58 insertions(+), 23 deletions(-) diff --git a/docs/en/getting-started/quickstart/js/adk/package-lock.json b/docs/en/getting-started/quickstart/js/adk/package-lock.json index 84bc88e40a..9bcbc4080d 100644 --- a/docs/en/getting-started/quickstart/js/adk/package-lock.json +++ b/docs/en/getting-started/quickstart/js/adk/package-lock.json @@ -18,6 +18,7 @@ "resolved": "https://registry.npmjs.org/@google-cloud/paginator/-/paginator-5.0.2.tgz", "integrity": "sha512-DJS3s0OVH4zFDB1PzjxAsHqJT6sKVbRwwML0ZBP9PbU7Yebtu/7SWMRzvO2J3nUi9pRNITCfu4LJeooM2w4pjg==", "license": "Apache-2.0", + "peer": true, "dependencies": { "arrify": "^2.0.0", "extend": "^3.0.2" @@ -31,6 +32,7 @@ "resolved": "https://registry.npmjs.org/@google-cloud/projectify/-/projectify-4.0.0.tgz", "integrity": "sha512-MmaX6HeSvyPbWGwFq7mXdo0uQZLGBYCwziiLIGq5JVX+/bdI3SAq6bP98trV5eTWfLuvsMcIC1YJOF2vfteLFA==", "license": "Apache-2.0", + "peer": true, "engines": { "node": ">=14.0.0" } @@ -40,15 +42,17 @@ "resolved": "https://registry.npmjs.org/@google-cloud/promisify/-/promisify-4.0.0.tgz", "integrity": "sha512-Orxzlfb9c67A15cq2JQEyVc7wEsmFBmHjZWZYQMUyJ1qivXyMwdyNOs9odi79hze+2zqdTtu1E19IM/FtqZ10g==", "license": "Apache-2.0", + "peer": true, "engines": { "node": ">=14" } }, "node_modules/@google-cloud/storage": { - "version": "7.18.0", - "resolved": "https://registry.npmjs.org/@google-cloud/storage/-/storage-7.18.0.tgz", - "integrity": "sha512-r3ZwDMiz4nwW6R922Z1pwpePxyRwE5GdevYX63hRmAQUkUQJcBH/79EnQPDv5cOv1mFBgevdNWQfi3tie3dHrQ==", + "version": "7.19.0", + "resolved": "https://registry.npmjs.org/@google-cloud/storage/-/storage-7.19.0.tgz", + "integrity": "sha512-n2FjE7NAOYyshogdc7KQOl/VZb4sneqPjWouSyia9CMDdMhRX5+RIbqalNmC7LOLzuLAN89VlF2HvG8na9G+zQ==", "license": "Apache-2.0", + "peer": true, "dependencies": { "@google-cloud/paginator": "^5.0.0", "@google-cloud/projectify": "^4.0.0", @@ -56,7 +60,7 @@ "abort-controller": "^3.0.0", "async-retry": "^1.3.3", "duplexify": "^4.1.3", - "fast-xml-parser": "^4.4.1", + "fast-xml-parser": "^5.3.4", "gaxios": "^6.0.2", "google-auth-library": "^9.6.3", "html-entities": "^2.5.2", @@ -75,6 +79,7 @@ "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", "license": "MIT", + "peer": true, "bin": { "uuid": "dist/bin/uuid" } @@ -97,7 +102,6 @@ "resolved": "https://registry.npmjs.org/@google/genai/-/genai-1.14.0.tgz", "integrity": "sha512-jirYprAAJU1svjwSDVCzyVq+FrJpJd5CSxR/g2Ga/gZ0ZYZpcWjMS75KJl9y71K1mDN+tcx6s21CzCbB2R840g==", "license": "Apache-2.0", - "peer": true, "dependencies": { "google-auth-library": "^9.14.2", "ws": "^8.18.0" @@ -136,7 +140,6 @@ "resolved": "https://registry.npmjs.org/@modelcontextprotocol/sdk/-/sdk-1.17.5.tgz", "integrity": "sha512-QakrKIGniGuRVfWBdMsDea/dx1PNE739QJ7gCM41s9q+qaCYTHCdsIBXQVVXry3mfWAiaM9kT22Hyz53Uw8mfg==", "license": "MIT", - "peer": true, "dependencies": { "ajv": "^6.12.6", "content-type": "^1.0.5", @@ -299,6 +302,7 @@ "resolved": "https://registry.npmjs.org/@tootallnate/once/-/once-2.0.0.tgz", "integrity": "sha512-XCuKFP5PS55gnMVu3dty8KPatLqUoy/ZYzDzAGCQ8JNFCkLXzmI7vNHCR+XpbZaMWQK/vQubr7PkYq8g470J/A==", "license": "MIT", + "peer": true, "engines": { "node": ">= 10" } @@ -307,13 +311,15 @@ "version": "0.12.5", "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.5.tgz", "integrity": "sha512-hWtVTC2q7hc7xZ/RLbxapMvDMgUnDvKvMOpKal4DrMyfGBUfB1oKaZlIRr6mJL+If3bAP6sV/QneGzF6tJjZDg==", - "license": "MIT" + "license": "MIT", + "peer": true }, "node_modules/@types/node": { "version": "24.10.1", "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.1.tgz", "integrity": "sha512-GNWcUTRBgIRJD5zj+Tq0fKOJ5XZajIiBroOF0yvj2bSU1WvNdYS/dn9UxwsujGW4JX06dnHyjV2y9rRaybH0iQ==", "license": "MIT", + "peer": true, "dependencies": { "undici-types": "~7.16.0" } @@ -323,6 +329,7 @@ "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.13.tgz", "integrity": "sha512-FGJ6udDNUCjd19pp0Q3iTiDkwhYup7J8hpMW9c4k53NrccQFFWKRho6hvtPPEhnXWKvukfwAlB6DbDz4yhH5Gg==", "license": "MIT", + "peer": true, "dependencies": { "@types/caseless": "*", "@types/node": "*", @@ -335,6 +342,7 @@ "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.5.tgz", "integrity": "sha512-jqdObeR2rxZZbPSGL+3VckHMYtu+f9//KXBsVny6JSX/pa38Fy+bGjuG8eW/H6USNQWhLi8Num++cU2yOCNz4A==", "license": "MIT", + "peer": true, "dependencies": { "asynckit": "^0.4.0", "combined-stream": "^1.0.8", @@ -352,6 +360,7 @@ "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", "license": "MIT", + "peer": true, "engines": { "node": ">= 0.6" } @@ -361,6 +370,7 @@ "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", "license": "MIT", + "peer": true, "dependencies": { "mime-db": "1.52.0" }, @@ -372,13 +382,15 @@ "version": "4.0.5", "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.5.tgz", "integrity": "sha512-/Ad8+nIOV7Rl++6f1BdKxFSMgmoqEoYbHRpPcx3JEfv8VRsQe9Z4mCXeJBzxs7mbHY/XOZZuXlRNfhpVPbs6ZA==", - "license": "MIT" + "license": "MIT", + "peer": true }, "node_modules/abort-controller": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/abort-controller/-/abort-controller-3.0.0.tgz", "integrity": "sha512-h8lQ8tacZYnR3vNQTgibj+tODHI5/+l06Au2Pcriv/Gmet0eaj4TwWH41sO9wnHDiQsEj19q0drzdWdeAHtweg==", "license": "MIT", + "peer": true, "dependencies": { "event-target-shim": "^5.0.0" }, @@ -453,6 +465,7 @@ "resolved": "https://registry.npmjs.org/arrify/-/arrify-2.0.1.tgz", "integrity": "sha512-3duEwti880xqi4eAMN8AyR4a0ByT90zoYdLlevfrvU43vb0YZwZVfxOgxWrLXXXpyugL0hNZc9G6BiB5B3nUug==", "license": "MIT", + "peer": true, "engines": { "node": ">=8" } @@ -462,6 +475,7 @@ "resolved": "https://registry.npmjs.org/async-retry/-/async-retry-1.3.3.tgz", "integrity": "sha512-wfr/jstw9xNi/0teMHrRW7dsz3Lt5ARhYNZ2ewpadnhaIp5mbALhOAP+EAdsC7t4Z6wqsDVv9+W6gm1Dk9mEyw==", "license": "MIT", + "peer": true, "dependencies": { "retry": "0.13.1" } @@ -754,6 +768,7 @@ "resolved": "https://registry.npmjs.org/duplexify/-/duplexify-4.1.3.tgz", "integrity": "sha512-M3BmBhwJRZsSx38lZyhE53Csddgzl5R7xGJNk7CVddZD6CcmwMCH8J+7AprIrQKH7TonKxaCjcv27Qmf+sQ+oA==", "license": "MIT", + "peer": true, "dependencies": { "end-of-stream": "^1.4.1", "inherits": "^2.0.3", @@ -802,6 +817,7 @@ "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", "license": "MIT", + "peer": true, "dependencies": { "once": "^1.4.0" } @@ -871,6 +887,7 @@ "resolved": "https://registry.npmjs.org/event-target-shim/-/event-target-shim-5.0.1.tgz", "integrity": "sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ==", "license": "MIT", + "peer": true, "engines": { "node": ">=6" } @@ -901,7 +918,6 @@ "resolved": "https://registry.npmjs.org/express/-/express-5.1.0.tgz", "integrity": "sha512-DT9ck5YIRU+8GYzzU5kT3eHGA5iL+1Zd0EutOmTE9Dtk+Tvuzd23VBU+ec7HPNSTxXYO55gPV/hq4pSBJDjFpA==", "license": "MIT", - "peer": true, "dependencies": { "accepts": "^2.0.0", "body-parser": "^2.2.0", @@ -973,9 +989,9 @@ "license": "MIT" }, "node_modules/fast-xml-parser": { - "version": "4.5.3", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.5.3.tgz", - "integrity": "sha512-RKihhV+SHsIUGXObeVy9AXiBbFwkVk7Syp8XgwN5U3JV416+Gwp/GO9i0JYKmikykgz/UHRrrV4ROuZEo/T0ig==", + "version": "5.3.5", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.3.5.tgz", + "integrity": "sha512-JeaA2Vm9ffQKp9VjvfzObuMCjUYAp5WDYhRYL5LrBPY/jUDlUtOvDfot0vKSkB9tuX885BDHjtw4fZadD95wnA==", "funding": [ { "type": "github", @@ -983,8 +999,9 @@ } ], "license": "MIT", + "peer": true, "dependencies": { - "strnum": "^1.1.1" + "strnum": "^2.1.2" }, "bin": { "fxparser": "src/cli/cli.js" @@ -1333,7 +1350,8 @@ "url": "https://patreon.com/mdevils" } ], - "license": "MIT" + "license": "MIT", + "peer": true }, "node_modules/http-errors": { "version": "2.0.0", @@ -1365,6 +1383,7 @@ "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-5.0.0.tgz", "integrity": "sha512-n2hY8YdoRE1i7r6M0w9DIw5GgZN0G25P8zLCRQ8rjXtTU3vsNFBI/vWK/UIeE6g5MUUz6avwAPXmL6Fy9D/90w==", "license": "MIT", + "peer": true, "dependencies": { "@tootallnate/once": "2", "agent-base": "6", @@ -1379,6 +1398,7 @@ "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", "license": "MIT", + "peer": true, "dependencies": { "debug": "4" }, @@ -1555,6 +1575,7 @@ "resolved": "https://registry.npmjs.org/mime/-/mime-3.0.0.tgz", "integrity": "sha512-jSCU7/VB1loIWBZe14aEYHU/+1UMEHoaO7qxCOVJOw9GgH72VAWppxNcjU+x9a2k3GSIBXNKxXQFqRvvZ7vr3A==", "license": "MIT", + "peer": true, "bin": { "mime": "cli.js" }, @@ -1715,6 +1736,7 @@ "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", "license": "MIT", + "peer": true, "dependencies": { "yocto-queue": "^0.1.0" }, @@ -1856,6 +1878,7 @@ "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==", "license": "MIT", + "peer": true, "dependencies": { "inherits": "^2.0.3", "string_decoder": "^1.1.1", @@ -1870,6 +1893,7 @@ "resolved": "https://registry.npmjs.org/retry/-/retry-0.13.1.tgz", "integrity": "sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg==", "license": "MIT", + "peer": true, "engines": { "node": ">= 4" } @@ -1879,6 +1903,7 @@ "resolved": "https://registry.npmjs.org/retry-request/-/retry-request-7.0.2.tgz", "integrity": "sha512-dUOvLMJ0/JJYEn8NrpOaGNE7X3vpI5XlZS/u0ANjqtcZVKnIxP7IgCFwrKTxENw29emmwug53awKtaMm4i9g5w==", "license": "MIT", + "peer": true, "dependencies": { "@types/request": "^2.48.8", "extend": "^3.0.2", @@ -2107,6 +2132,7 @@ "resolved": "https://registry.npmjs.org/stream-events/-/stream-events-1.0.5.tgz", "integrity": "sha512-E1GUzBSgvct8Jsb3v2X15pjzN1tYebtbLaMg+eBOUOAxgbLoSbT2NS91ckc5lJD1KfLjId+jXJRgo0qnV5Nerg==", "license": "MIT", + "peer": true, "dependencies": { "stubs": "^3.0.0" } @@ -2115,13 +2141,15 @@ "version": "1.0.3", "resolved": "https://registry.npmjs.org/stream-shift/-/stream-shift-1.0.3.tgz", "integrity": "sha512-76ORR0DO1o1hlKwTbi/DM3EXWGf3ZJYO8cXX5RJwnul2DEg2oyoZyjLNoQM8WsvZiFKCRfC1O0J7iCvie3RZmQ==", - "license": "MIT" + "license": "MIT", + "peer": true }, "node_modules/string_decoder": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==", "license": "MIT", + "peer": true, "dependencies": { "safe-buffer": "~5.2.0" } @@ -2223,28 +2251,31 @@ } }, "node_modules/strnum": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/strnum/-/strnum-1.1.2.tgz", - "integrity": "sha512-vrN+B7DBIoTTZjnPNewwhx6cBA/H+IS7rfW68n7XxC1y7uoiGQBxaKzqucGUgavX15dJgiGztLJ8vxuEzwqBdA==", + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/strnum/-/strnum-2.1.2.tgz", + "integrity": "sha512-l63NF9y/cLROq/yqKXSLtcMeeyOfnSQlfMSlzFt/K73oIaD8DGaQWd7Z34X9GPiKqP5rbSh84Hl4bOlLcjiSrQ==", "funding": [ { "type": "github", "url": "https://github.com/sponsors/NaturalIntelligence" } ], - "license": "MIT" + "license": "MIT", + "peer": true }, "node_modules/stubs": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/stubs/-/stubs-3.0.0.tgz", "integrity": "sha512-PdHt7hHUJKxvTCgbKX9C1V/ftOcjJQgz8BZwNfV5c4B6dcGqlpelTbJ999jBGZ2jYiPAwcX5dP6oBwVlBlUbxw==", - "license": "MIT" + "license": "MIT", + "peer": true }, "node_modules/teeny-request": { "version": "9.0.0", "resolved": "https://registry.npmjs.org/teeny-request/-/teeny-request-9.0.0.tgz", "integrity": "sha512-resvxdc6Mgb7YEThw6G6bExlXKkv6+YbuzGg9xuXxSgxJF7Ozs+o8Y9+2R3sArdWdW8nOokoQb1yrpFB0pQK2g==", "license": "Apache-2.0", + "peer": true, "dependencies": { "http-proxy-agent": "^5.0.0", "https-proxy-agent": "^5.0.0", @@ -2261,6 +2292,7 @@ "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", "license": "MIT", + "peer": true, "dependencies": { "debug": "4" }, @@ -2273,6 +2305,7 @@ "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==", "license": "MIT", + "peer": true, "dependencies": { "agent-base": "6", "debug": "4" @@ -2314,7 +2347,8 @@ "version": "7.16.0", "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.16.0.tgz", "integrity": "sha512-Zz+aZWSj8LE6zoxD+xrjh4VfkIG8Ya6LvYkZqtUQGJPZjYl53ypCaUwWqo7eI0x66KBGeRo+mlBEkMSeSZ38Nw==", - "license": "MIT" + "license": "MIT", + "peer": true }, "node_modules/unpipe": { "version": "1.0.0", @@ -2338,7 +2372,8 @@ "version": "1.0.2", "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==", - "license": "MIT" + "license": "MIT", + "peer": true }, "node_modules/uuid": { "version": "9.0.1", @@ -2525,6 +2560,7 @@ "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==", "license": "MIT", + "peer": true, "engines": { "node": ">=10" }, @@ -2537,7 +2573,6 @@ "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz", "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==", "license": "MIT", - "peer": true, "funding": { "url": "https://github.com/sponsors/colinhacks" } From 7f88caa985b20ed3ec6486935466d8871e132349 Mon Sep 17 00:00:00 2001 From: manuka rahul <96047526+rahulpinto19@users.noreply.github.com> Date: Tue, 10 Feb 2026 13:34:22 +0000 Subject: [PATCH 2/6] docs: fix broken links (#2440) Fix broken links --------- Co-authored-by: Twisha Bansal <58483338+twishabansal@users.noreply.github.com> --- docs/en/how-to/connect-ide/postgres_mcp.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/en/how-to/connect-ide/postgres_mcp.md b/docs/en/how-to/connect-ide/postgres_mcp.md index 44e3e09ade..7d778c6a4d 100644 --- a/docs/en/how-to/connect-ide/postgres_mcp.md +++ b/docs/en/how-to/connect-ide/postgres_mcp.md @@ -32,7 +32,7 @@ to expose your developer assistant tools to a Postgres instance: {{< notice tip >}} This guide can be used with [AlloyDB -Omni](https://cloud.google.com/alloydb/omni/current/docs/overview). +Omni](https://cloud.google.com/alloydb/omni/docs/overview). {{< /notice >}} ## Set up the database @@ -40,10 +40,10 @@ Omni](https://cloud.google.com/alloydb/omni/current/docs/overview). 1. Create or select a PostgreSQL instance. * [Install PostgreSQL locally](https://www.postgresql.org/download/) - * [Install AlloyDB Omni](https://cloud.google.com/alloydb/omni/current/docs/quickstart) + * [Install AlloyDB Omni](https://cloud.google.com/alloydb/omni/docs/quickstart) 1. Create or reuse [a database - user](https://cloud.google.com/alloydb/omni/current/docs/database-users/manage-users) + user](https://docs.cloud.google.com/alloydb/omni/containers/current/docs/database-users/manage-users) and have the username and password ready. ## Install MCP Toolbox From 1664a69dfd2789bc7fc63cd0aebc9ca5dbc81672 Mon Sep 17 00:00:00 2001 From: Twisha Bansal <58483338+twishabansal@users.noreply.github.com> Date: Tue, 10 Feb 2026 22:11:02 +0530 Subject: [PATCH 3/6] docs: add pre/post processing docs for langchain python (#2378) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## Description Trigger has been tested corresponding to local changes. Latest successful run: https://pantheon.corp.google.com/cloud-build/builds;region=global/1c37031f-95f1-4c6c-9ef8-0452277599d5?e=13802955&mods=-autopush_coliseum&project=toolbox-testing-438616 Note: After merging, update python pre and post processing sample testing trigger. ## PR Checklist > Thank you for opening a Pull Request! Before submitting your PR, there are a > few things you can do to make sure it goes smoothly: - [x] Make sure you reviewed [CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md) - [ ] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose) before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea - [ ] Ensure the tests and linter pass - [ ] Code coverage does not decrease (if any source code was changed) - [ ] Appropriate docs were updated (if necessary) - [ ] Make sure to add `!` if this involve a breaking change 🛠️ Fixes # --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Yuan Teoh <45984206+Yuan325@users.noreply.github.com> Co-authored-by: Averi Kitsch --- .../py.integration.cloudbuild.yaml | 57 +++++++++ docs/en/samples/pre_post_processing/_index.md | 54 ++++++++ docs/en/samples/pre_post_processing/python.md | 40 ++++++ .../pre_post_processing/python/__init__.py | 19 +++ .../pre_post_processing/python/agent_test.py | 51 ++++++++ .../python/langchain/agent.py | 116 ++++++++++++++++++ .../python/langchain/requirements.txt | 3 + 7 files changed, 340 insertions(+) create mode 100644 .ci/sample_tests/pre_post_processing/py.integration.cloudbuild.yaml create mode 100644 docs/en/samples/pre_post_processing/_index.md create mode 100644 docs/en/samples/pre_post_processing/python.md create mode 100644 docs/en/samples/pre_post_processing/python/__init__.py create mode 100644 docs/en/samples/pre_post_processing/python/agent_test.py create mode 100644 docs/en/samples/pre_post_processing/python/langchain/agent.py create mode 100644 docs/en/samples/pre_post_processing/python/langchain/requirements.txt diff --git a/.ci/sample_tests/pre_post_processing/py.integration.cloudbuild.yaml b/.ci/sample_tests/pre_post_processing/py.integration.cloudbuild.yaml new file mode 100644 index 0000000000..5844226428 --- /dev/null +++ b/.ci/sample_tests/pre_post_processing/py.integration.cloudbuild.yaml @@ -0,0 +1,57 @@ +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +steps: + - name: "${_IMAGE}" + id: "py-pre-post-processing-test" + entrypoint: "bash" + args: + - -c + - | + set -ex + chmod +x .ci/sample_tests/run_tests.sh + .ci/sample_tests/run_tests.sh + env: + - "CLOUD_SQL_INSTANCE=${_CLOUD_SQL_INSTANCE}" + - "GCP_PROJECT=${_GCP_PROJECT}" + - "DATABASE_NAME=${_DATABASE_NAME}" + - "DB_USER=${_DB_USER}" + - "TARGET_ROOT=${_TARGET_ROOT}" + - "TARGET_LANG=${_TARGET_LANG}" + - "TABLE_NAME=${_TABLE_NAME}" + - "SQL_FILE=${_SQL_FILE}" + - "AGENT_FILE_PATTERN=${_AGENT_FILE_PATTERN}" + secretEnv: ["TOOLS_YAML_CONTENT", "GOOGLE_API_KEY", "DB_PASSWORD"] + +availableSecrets: + secretManager: + - versionName: projects/${_GCP_PROJECT}/secrets/${_TOOLS_YAML_SECRET}/versions/5 + env: "TOOLS_YAML_CONTENT" + - versionName: projects/${_GCP_PROJECT_NUMBER}/secrets/${_API_KEY_SECRET}/versions/latest + env: "GOOGLE_API_KEY" + - versionName: projects/${_GCP_PROJECT}/secrets/${_DB_PASS_SECRET}/versions/latest + env: "DB_PASSWORD" + +timeout: 1200s + +substitutions: + _TARGET_LANG: "python" + _IMAGE: "gcr.io/google.com/cloudsdktool/cloud-sdk:537.0.0" + _TARGET_ROOT: "docs/en/samples/pre_post_processing/python" + _TABLE_NAME: "hotels_py_pre_post_processing" + _SQL_FILE: ".ci/sample_tests/setup_hotels.sql" + _AGENT_FILE_PATTERN: "agent.py" + +options: + logging: CLOUD_LOGGING_ONLY \ No newline at end of file diff --git a/docs/en/samples/pre_post_processing/_index.md b/docs/en/samples/pre_post_processing/_index.md new file mode 100644 index 0000000000..6fcf570027 --- /dev/null +++ b/docs/en/samples/pre_post_processing/_index.md @@ -0,0 +1,54 @@ +--- +title: "Pre- and Post- Processing" +type: docs +weight: 1 +description: > + Intercept and modify interactions between the agent and its tools either before or after a tool is executed. +--- + +Pre- and post- processing allow developers to intercept and modify interactions between the agent and its tools or the user. + +{{< notice note >}} + +These capabilities are typically features of **orchestration frameworks** (like LangChain, LangGraph, or Agent Builder) rather than the Toolbox SDK itself. However, Toolbox tools are designed to fully leverage these framework capabilities to support robust, secure, and compliant agent architectures. + +{{< /notice >}} + +## Types of Processing + +### Pre-processing + +Pre-processing occurs before a tool is executed or an agent processes a message. Key types include: + +- **Input Sanitization & Redaction**: Detecting and masking sensitive information (like PII) in user queries or tool arguments to prevent it from being logged or sent to unauthorized systems. +- **Business Logic Validation**: Verifying that the proposed action complies with business rules (e.g., ensuring a requested hotel stay does not exceed 14 days, or checking if a user has sufficient permission). +- **Security Guardrails**: Analyzing inputs for potential prompt injection attacks or malicious payloads. + +### Post-processing + +Post-processing occurs after a tool has executed or the model has generated a response. Key types include: + +- **Response Enrichment**: Injecting additional data into the tool output that wasn't part of the raw API response (e.g., calculating loyalty points earned based on the booking value). +- **Output Formatting**: Transforming raw data (like JSON or XML) into a more human-readable or model-friendly format to improve the agent's understanding. +- **Compliance Auditing**: Logging the final outcome of transactions, including the original request and the result, to a secure audit trail. + +## Processing Scopes + +While processing logic can be applied at various levels (Agent, Model, Tool), this guide primarily focuses on **Tool Level** processing, which is most relevant for granular control over tool execution. + +### Tool Level (Primary Focus) + +Wraps individual tool executions. This is best for logic specific to a single tool or a set of tools. + +- **Scope**: Intercepts the raw inputs (arguments) to a tool and its outputs. +- **Use Cases**: Argument validation, output formatting, specific privacy rules for sensitive tools. + +### Other Levels + +It is helpful to understand how tool-level processing differs from other scopes: + +- **Model Level**: Intercepts individual calls to the LLM (prompts and responses). Unlike tool-level, this applies globally to all text sent/received, making it better for global PII redaction or token tracking. +- **Agent Level**: Wraps the high-level execution loop (e.g., a "turn" in the conversation). Unlike tool-level, this envelopes the entire turn (user input to final response), making it suitable for session management or end-to-end auditing. + + +## Samples diff --git a/docs/en/samples/pre_post_processing/python.md b/docs/en/samples/pre_post_processing/python.md new file mode 100644 index 0000000000..1c4311f487 --- /dev/null +++ b/docs/en/samples/pre_post_processing/python.md @@ -0,0 +1,40 @@ +--- +title: "Python" +type: docs +weight: 1 +description: > + How to add pre- and post- processing to your Agents using Python. +--- + +## Prerequisites + +This tutorial assumes that you have set up Toolbox with a basic agent as described in the [local quickstart](../../getting-started/local_quickstart.md). + +This guide demonstrates how to implement these patterns in your Toolbox applications. + +## Implementation + +{{< tabpane persist=header >}} +{{% tab header="ADK" text=true %}} +Coming soon. +{{% /tab %}} +{{% tab header="Langchain" text=true %}} +The following example demonstrates how to use `ToolboxClient` with LangChain's middleware to implement pre- and post- processing for tool calls. + +```py +{{< include "python/langchain/agent.py" >}} +``` + +You can also add model-level (`wrap_model`) and agent-level (`before_agent`, `after_agent`) hooks to intercept messages at different stages of the execution loop. See the [LangChain Middleware documentation](https://docs.langchain.com/oss/python/langchain/middleware/custom#wrap-style-hooks) for details on these additional hook types. +{{% /tab %}} +{{< /tabpane >}} + +## Results + +The output should look similar to the following. Note that exact responses may vary due to the non-deterministic nature of LLMs and differences between orchestration frameworks. + +``` +AI: Booking Confirmed! You earned 500 Loyalty Points with this stay. + +AI: Error: Maximum stay duration is 14 days. +``` diff --git a/docs/en/samples/pre_post_processing/python/__init__.py b/docs/en/samples/pre_post_processing/python/__init__.py new file mode 100644 index 0000000000..f5b7c1bfd2 --- /dev/null +++ b/docs/en/samples/pre_post_processing/python/__init__.py @@ -0,0 +1,19 @@ +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# This file makes the 'pre_post_processing/python' directory a Python package. + +# You can include any package-level initialization logic here if needed. +# For now, this file is empty. diff --git a/docs/en/samples/pre_post_processing/python/agent_test.py b/docs/en/samples/pre_post_processing/python/agent_test.py new file mode 100644 index 0000000000..36c5b8e27d --- /dev/null +++ b/docs/en/samples/pre_post_processing/python/agent_test.py @@ -0,0 +1,51 @@ +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import asyncio +import importlib +import os +from pathlib import Path + +import pytest + +ORCH_NAME = os.environ.get("ORCH_NAME") +module_path = f"python.{ORCH_NAME}.agent" +agent = importlib.import_module(module_path) + +GOLDEN_KEYWORDS = [ + "AI:", + "Loyalty Points", + "POLICY CHECK: Intercepting 'update-hotel'", +] + +# --- Execution Tests --- +class TestExecution: + """Test framework execution and output validation.""" + + @pytest.fixture(scope="function") + def script_output(self, capsys): + """Run the agent function and return its output.""" + asyncio.run(agent.main()) + return capsys.readouterr() + + def test_script_runs_without_errors(self, script_output): + """Test that the script runs and produces no stderr.""" + assert script_output.err == "", f"Script produced stderr: {script_output.err}" + + def test_keywords_in_output(self, script_output): + """Test that expected keywords are present in the script's output.""" + output = script_output.out + print(f"\nAgent Output:\n{output}\n") + missing_keywords = [kw for kw in GOLDEN_KEYWORDS if kw not in output] + assert not missing_keywords, f"Missing keywords in output: {missing_keywords}" diff --git a/docs/en/samples/pre_post_processing/python/langchain/agent.py b/docs/en/samples/pre_post_processing/python/langchain/agent.py new file mode 100644 index 0000000000..5e174943a7 --- /dev/null +++ b/docs/en/samples/pre_post_processing/python/langchain/agent.py @@ -0,0 +1,116 @@ +import asyncio +from datetime import datetime + +from langchain.agents import create_agent +from langchain.agents.middleware import wrap_tool_call +from langchain_core.messages import ToolMessage +from langchain_google_vertexai import ChatVertexAI +from toolbox_langchain import ToolboxClient + +system_prompt = """ + You're a helpful hotel assistant. You handle hotel searching, booking and + cancellations. When the user searches for a hotel, mention it's name, id, + location and price tier. Always mention hotel ids while performing any + searches. This is very important for any operations. For any bookings or + cancellations, please provide the appropriate confirmation. Be sure to + update checkin or checkout dates if mentioned by the user. + Don't ask for confirmations from the user. +""" + + +# Pre processing +@wrap_tool_call +async def enforce_business_rules(request, handler): + """ + Business Logic Validation: + Enforces max stay duration (e.g., max 14 days). + """ + tool_call = request.tool_call + name = tool_call["name"] + args = tool_call["args"] + + print(f"POLICY CHECK: Intercepting '{name}'") + + if name == "update-hotel": + if "checkin_date" in args and "checkout_date" in args: + try: + start = datetime.fromisoformat(args["checkin_date"]) + end = datetime.fromisoformat(args["checkout_date"]) + duration = (end - start).days + + if duration > 14: + print("BLOCKED: Stay too long") + return ToolMessage( + content="Error: Maximum stay duration is 14 days.", + tool_call_id=tool_call["id"], + ) + except ValueError: + pass # Ignore invalid date formats + + # PRE: Code here runs BEFORE the tool execution + + # EXEC: Execute the tool (or next middleware) + result = await handler(request) + + # POST: Code here runs AFTER the tool execution + return result + + +# Post processing +@wrap_tool_call +async def enrich_response(request, handler): + """ + Post-Processing & Enrichment: + Adds loyalty points information to successful bookings. + Standardizes output format. + """ + # PRE: Code here runs BEFORE the tool execution + + # EXEC: Execute the tool (or next middleware) + result = await handler(request) + + # POST: Code here runs AFTER the tool execution + if isinstance(result, ToolMessage): + content = str(result.content) + tool_name = request.tool_call["name"] + + if tool_name == "book-hotel" and "Error" not in content: + loyalty_bonus = 500 + result.content = f"Booking Confirmed!\n You earned {loyalty_bonus} Loyalty Points with this stay.\n\nSystem Details: {content}" + + return result + + +async def main(): + async with ToolboxClient("http://127.0.0.1:5000") as client: + tools = await client.aload_toolset("my-toolset") + model = ChatVertexAI(model="gemini-2.5-flash") + agent = create_agent( + system_prompt=system_prompt, + model=model, + tools=tools, + # add any pre and post processing methods + middleware=[enforce_business_rules, enrich_response], + ) + + user_input = "Book hotel with id 3." + response = await agent.ainvoke( + {"messages": [{"role": "user", "content": user_input}]} + ) + + print("-" * 50) + last_ai_msg = response["messages"][-1].content + print(f"AI: {last_ai_msg}") + + # Test Pre-processing + print("-" * 50) + user_input = "Update my hotel with id 3 with checkin date 2025-01-18 and checkout date 2025-01-20" + response = await agent.ainvoke( + {"messages": [{"role": "user", "content": user_input}]} + ) + last_ai_msg = response["messages"][-1].content + print(f"AI: {last_ai_msg}") + + +if __name__ == "__main__": + asyncio.run(main()) diff --git a/docs/en/samples/pre_post_processing/python/langchain/requirements.txt b/docs/en/samples/pre_post_processing/python/langchain/requirements.txt new file mode 100644 index 0000000000..5638e0c108 --- /dev/null +++ b/docs/en/samples/pre_post_processing/python/langchain/requirements.txt @@ -0,0 +1,3 @@ +langchain==1.2.6 +langchain-google-vertexai==3.2.2 +toolbox-langchain==0.5.8 \ No newline at end of file From 4fb5b34a5a7d84a6b3e02cb8494672ea1da7eba6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Feb 2026 17:04:04 +0000 Subject: [PATCH 4/6] chore(deps): bump axios from 1.12.2 to 1.13.5 in /docs/en/getting-started/quickstart/js/genkit (#2442) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [axios](https://github.com/axios/axios) from 1.12.2 to 1.13.5.
Release notes

Sourced from axios's releases.

v1.13.5

Release 1.13.5

Highlights

  • Security: Fixed a potential Denial of Service issue involving the __proto__ key in mergeConfig. (PR #7369)
  • Bug fix: Resolved an issue where AxiosError could be missing the status field on and after v1.13.3. (PR #7368)

Changes

Security

  • Fix Denial of Service via __proto__ key in mergeConfig. (PR #7369)

Fixes

  • Fix/5657. (PR #7313)
  • Ensure status is present in AxiosError on and after v1.13.3. (PR #7368)

Features / Improvements

  • Add input validation to isAbsoluteURL. (PR #7326)
  • Refactor: bump minor package versions. (PR #7356)

Documentation

  • Clarify object-check comment. (PR #7323)
  • Fix deprecated Buffer constructor usage and README formatting. (PR #7371)

CI / Maintenance

  • Chore: fix issues with YAML. (PR #7355)
  • CI: update workflow YAMLs. (PR #7372)
  • CI: fix run condition. (PR #7373)
  • Dev deps: bump karma-sourcemap-loader from 0.3.8 to 0.4.0. (PR #7360)
  • Chore(release): prepare release 1.13.5. (PR #7379)

New Contributors

Full Changelog: https://github.com/axios/axios/compare/v1.13.4...v1.13.5

v1.13.4

Overview

The release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.

Full Changelog: v1.13.3...v1.13.4

What's New in v1.13.4

Bug Fixes

  • fix: issues with version 1.13.3 (#7352) (ee90dfc)
    • Fixed issues discovered in v1.13.3 release

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

1.13.3 (2026-01-20)

Bug Fixes

  • http2: Use port 443 for HTTPS connections by default. (#7256) (d7e6065)
  • interceptor: handle the error in the same interceptor (#6269) (5945e40)
  • main field in package.json should correspond to cjs artifacts (#5756) (7373fbf)
  • package.json: add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (#5754) (b89217e)
  • silentJSONParsing=false should throw on invalid JSON (#7253) (#7257) (7d19335)
  • turn AxiosError into a native error (#5394) (#5558) (1c6a86d)
  • types: add handlers to AxiosInterceptorManager interface (#5551) (8d1271b)
  • types: restore AxiosError.cause type from unknown to Error (#7327) (d8233d9)
  • unclear error message is thrown when specifying an empty proxy authorization (#6314) (6ef867e)

Features

Reverts

  • Revert "fix: silentJSONParsing=false should throw on invalid JSON (#7253) (#7…" (#7298) (a4230f5), closes #7253 #7 #7298
  • deps: bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (#7334) (2d6ad5e)

Contributors to this release

... (truncated)

Commits
  • 29f7542 chore(release): prepare release 1.13.5 (#7379)
  • 431c3a3 ci: fix run condition (#7373)
  • 9ff3a78 ci: update ymls (#7372)
  • 265b712 docs: fix deprecated Buffer constructor and formatting issues in README (#7371)
  • 475e75a feat: add input validation to isAbsoluteURL (#7326)
  • 28c7215 fix: Denial of Service via proto Key in mergeConfig (#7369)
  • 04cf019 docs: clarify object check comment (#7323)
  • 696fa75 fix: status is missing in AxiosError on and after v1.13.3 (#7368)
  • 569f028 fix: added a option to choose between legacy and the new request/response int...
  • 44b7c9f chore(deps-dev): bump karma-sourcemap-loader (#7360)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for axios since your current version.


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=1.12.2&new-version=1.13.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/googleapis/genai-toolbox/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .../quickstart/js/genkit/package-lock.json | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/docs/en/getting-started/quickstart/js/genkit/package-lock.json b/docs/en/getting-started/quickstart/js/genkit/package-lock.json index 1b00f903e3..cdb5744245 100644 --- a/docs/en/getting-started/quickstart/js/genkit/package-lock.json +++ b/docs/en/getting-started/quickstart/js/genkit/package-lock.json @@ -3351,13 +3351,13 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, "node_modules/axios": { - "version": "1.12.2", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.12.2.tgz", - "integrity": "sha512-vMJzPewAlRyOgxV2dU0Cuz2O8zzzx9VYtbJOaBgXFeLc4IV/Eg50n4LowmehOOR61S8ZMpc2K5Sa7g6A4jfkUw==", + "version": "1.13.5", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.5.tgz", + "integrity": "sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==", "license": "MIT", "dependencies": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.4", + "follow-redirects": "^1.15.11", + "form-data": "^4.0.5", "proxy-from-env": "^1.1.0" } }, @@ -4248,9 +4248,10 @@ } }, "node_modules/form-data": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.4.tgz", - "integrity": "sha512-KrGhL9Q4zjj0kiUt5OO4Mr/A/jlI2jDYs5eHBpYHPcBEVSiipAvn2Ko2HnPe20rmcuuvMHNdZFp+4IlGTMF0Ow==", + "version": "4.0.5", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.5.tgz", + "integrity": "sha512-8RipRLol37bNs2bhoV67fiTEvdTrbMUYcFTiy3+wuuOnUog2QBHCZWXDRijWQfAkhBj2Uf5UnVaiWwA5vdd82w==", + "license": "MIT", "dependencies": { "asynckit": "^0.4.0", "combined-stream": "^1.0.8", From 6e8255476a74e16ba6f3a05a9c00898abe88b701 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Feb 2026 09:43:28 -0800 Subject: [PATCH 5/6] chore(deps): bump langsmith from 0.4.3 to 0.5.0 in /docs/en/getting-started/quickstart/js/langchain (#2438) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from 0.4.3 to 0.5.0.
Release notes

Sourced from langsmith's releases.

v0.5.0

What's Changed

Full Changelog: https://github.com/langchain-ai/langsmith-sdk/compare/v0.4.60...v0.5.0

v0.4.60

What's Changed

New Contributors

Full Changelog: https://github.com/langchain-ai/langsmith-sdk/compare/v0.4.59...v0.4.60

v0.4.59

What's Changed

Full Changelog: https://github.com/langchain-ai/langsmith-sdk/compare/v0.4.58...v0.4.59

v0.4.58

What's Changed

Full Changelog: https://github.com/langchain-ai/langsmith-sdk/compare/v0.4.57...v0.4.58

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for langsmith since your current version.


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=langsmith&package-manager=npm_and_yarn&previous-version=0.4.3&new-version=0.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/googleapis/genai-toolbox/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .../quickstart/js/langchain/package-lock.json | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/docs/en/getting-started/quickstart/js/langchain/package-lock.json b/docs/en/getting-started/quickstart/js/langchain/package-lock.json index a52001ef13..c71fb84620 100644 --- a/docs/en/getting-started/quickstart/js/langchain/package-lock.json +++ b/docs/en/getting-started/quickstart/js/langchain/package-lock.json @@ -18,7 +18,8 @@ "node_modules/@cfworker/json-schema": { "version": "4.1.1", "resolved": "https://registry.npmjs.org/@cfworker/json-schema/-/json-schema-4.1.1.tgz", - "integrity": "sha512-gAmrUZSGtKc3AiBL71iNWxDsyUC5uMaKKGdvzYsBoTW/xi42JQHl7eKV2OYzCUqvc+D2RCcf7EXY2iCyFIk6og==" + "integrity": "sha512-gAmrUZSGtKc3AiBL71iNWxDsyUC5uMaKKGdvzYsBoTW/xi42JQHl7eKV2OYzCUqvc+D2RCcf7EXY2iCyFIk6og==", + "peer": true }, "node_modules/@google/generative-ai": { "version": "0.24.1", @@ -225,6 +226,7 @@ "version": "5.2.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", "integrity": "sha512-Cxwpt2SfTzTtXcfOlzGEee8O+c+MmUgGrNiBcXnuWxuFJHe6a5Hz7qwhwe5OgaSYI0IJvkLqWX1ASG+cJOkEiA==", + "peer": true, "engines": { "node": ">=10" }, @@ -308,6 +310,7 @@ "version": "6.3.0", "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", "integrity": "sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==", + "peer": true, "engines": { "node": ">=10" }, @@ -420,6 +423,7 @@ "version": "1.2.0", "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz", "integrity": "sha512-z2S+W9X73hAUUki+N+9Za2lBlun89zigOyGrsax+KUQ6wKW4ZoWpEYBkGhQjwAjjDCkWxhY0VKEhk8wzY7F5cA==", + "peer": true, "engines": { "node": ">=0.10.0" } @@ -821,6 +825,7 @@ "version": "1.0.21", "resolved": "https://registry.npmjs.org/js-tiktoken/-/js-tiktoken-1.0.21.tgz", "integrity": "sha512-biOj/6M5qdgx5TKjDnFT1ymSpM5tbd3ylwDtrQvFQSu0Z7bBYko2dF+W/aUkXUPuk6IVpRxk/3Q2sHOzGlS36g==", + "peer": true, "dependencies": { "base64-js": "^1.5.1" } @@ -873,9 +878,9 @@ } }, "node_modules/langsmith": { - "version": "0.4.3", - "resolved": "https://registry.npmjs.org/langsmith/-/langsmith-0.4.3.tgz", - "integrity": "sha512-vuBAagBZulXj0rpZhUTxmHhrYIBk53z8e2Q8ty4OHVkahN4ul7Im3OZxD9jsXZB0EuncK1xRYtY8J3BW4vj1zw==", + "version": "0.5.2", + "resolved": "https://registry.npmjs.org/langsmith/-/langsmith-0.5.2.tgz", + "integrity": "sha512-CfkcQsiajtTWknAcyItvJsKEQdY2VgDpm6U8pRI9wnM07mevnOv5EF+RcqWGwx37SEUxtyi2RXMwnKW8b06JtA==", "license": "MIT", "dependencies": { "@types/uuid": "^10.0.0", @@ -969,6 +974,7 @@ "version": "4.2.0", "resolved": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz", "integrity": "sha512-71ippSywq5Yb7/tVYyGbkBggbU8H3u5Rz56fH60jGFgr8uHwxs+aSKeqmluIVzM0m0kB7xQjKS6qPfd0b2ZoqQ==", + "peer": true, "bin": { "mustache": "bin/mustache" } @@ -1407,7 +1413,6 @@ "version": "3.25.76", "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz", "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==", - "peer": true, "funding": { "url": "https://github.com/sponsors/colinhacks" } From 1f8019c50a06d65553abd93da833b6dba09c612b Mon Sep 17 00:00:00 2001 From: Anubhav Dhawan Date: Wed, 11 Feb 2026 00:15:00 +0530 Subject: [PATCH 6/6] docs(adk): align quickstart script with other orchestrations (#2423) This brings the ADK Python quickstart sample up to par with the other orchestrations in the guidance, removing the need for special test handling. --- docs/en/getting-started/local_quickstart.md | 2 +- .../quickstart/python/adk/quickstart.py | 44 ++++++++++++++++++- .../quickstart/python/quickstart_test.py | 26 +++++------ docs/en/how-to/deploy_adk_agent.md | 13 +++--- 4 files changed, 60 insertions(+), 25 deletions(-) diff --git a/docs/en/getting-started/local_quickstart.md b/docs/en/getting-started/local_quickstart.md index 9049082a01..414156f672 100644 --- a/docs/en/getting-started/local_quickstart.md +++ b/docs/en/getting-started/local_quickstart.md @@ -115,7 +115,7 @@ pip install google-genai 1. Update `my_agent/agent.py` with the following content to connect to Toolbox: ```py - {{< include "quickstart/python/adk/quickstart.py" >}} + {{< regionInclude "quickstart/python/adk/quickstart.py" "quickstart" >}} ```
diff --git a/docs/en/getting-started/quickstart/python/adk/quickstart.py b/docs/en/getting-started/quickstart/python/adk/quickstart.py index 477ced578d..42a72fa38e 100644 --- a/docs/en/getting-started/quickstart/python/adk/quickstart.py +++ b/docs/en/getting-started/quickstart/python/adk/quickstart.py @@ -1,6 +1,21 @@ +# [START quickstart] +import asyncio + from google.adk import Agent from google.adk.apps import App +from google.adk.runners import InMemoryRunner from google.adk.tools.toolbox_toolset import ToolboxToolset +from google.genai.types import Content, Part + +prompt = """ +You're a helpful hotel assistant. You handle hotel searching, booking and +cancellations. When the user searches for a hotel, mention it's name, id, +location and price tier. Always mention hotel ids while performing any +searches. This is very important for any operations. For any bookings or +cancellations, please provide the appropriate confirmation. Be sure to +update checkin or checkout dates if mentioned by the user. +Don't ask for confirmations from the user. +""" # TODO(developer): update the TOOLBOX_URL to your toolbox endpoint toolset = ToolboxToolset( @@ -8,10 +23,35 @@ toolset = ToolboxToolset( ) root_agent = Agent( - name='root_agent', + name='hotel_assistant', model='gemini-2.5-flash', - instruction="You are a helpful AI assistant designed to provide accurate and useful information.", + instruction=prompt, tools=[toolset], ) app = App(root_agent=root_agent, name="my_agent") +# [END quickstart] + +queries = [ + "Find hotels in Basel with Basel in its name.", + "Can you book the Hilton Basel for me?", + "Oh wait, this is too expensive. Please cancel it and book the Hyatt Regency instead.", + "My check in dates would be from April 10, 2024 to April 19, 2024.", +] + +async def main(): + runner = InMemoryRunner(app=app) + session = await runner.session_service.create_session( + app_name=app.name, user_id="test_user" + ) + + for query in queries: + print(f"\nUser: {query}") + user_message = Content(parts=[Part.from_text(text=query)]) + + async for event in runner.run_async(user_id="test_user", session_id=session.id, new_message=user_message): + if event.is_final_response() and event.content and event.content.parts: + print(f"Agent: {event.content.parts[0].text}") + +if __name__ == "__main__": + asyncio.run(main()) diff --git a/docs/en/getting-started/quickstart/python/quickstart_test.py b/docs/en/getting-started/quickstart/python/quickstart_test.py index eb46bee1f8..b6c6e3a8a8 100755 --- a/docs/en/getting-started/quickstart/python/quickstart_test.py +++ b/docs/en/getting-started/quickstart/python/quickstart_test.py @@ -41,31 +41,29 @@ def golden_keywords(): class TestExecution: """Test framework execution and output validation.""" + _cached_output = None + @pytest.fixture(scope="function") def script_output(self, capsys): """Run the quickstart function and return its output.""" - - # TODO: Add better validation for ADK once we have a way to capture its - # output. - if ORCH_NAME == "adk": - return quickstart.app.root_agent.name - else: + if TestExecution._cached_output is None: asyncio.run(quickstart.main()) - - return capsys.readouterr() + out, err = capsys.readouterr() + TestExecution._cached_output = (out, err) + + class Output: + def __init__(self, out, err): + self.out = out + self.err = err + + return Output(*TestExecution._cached_output) def test_script_runs_without_errors(self, script_output): """Test that the script runs and produces no stderr.""" - if ORCH_NAME == "adk": - return assert script_output.err == "", f"Script produced stderr: {script_output.err}" def test_keywords_in_output(self, script_output, golden_keywords): """Test that expected keywords are present in the script's output.""" - - if ORCH_NAME == "adk": - assert script_output == "root_agent" - return output = script_output.out missing_keywords = [kw for kw in golden_keywords if kw not in output] assert not missing_keywords, f"Missing keywords in output: {missing_keywords}" diff --git a/docs/en/how-to/deploy_adk_agent.md b/docs/en/how-to/deploy_adk_agent.md index 973d84dfe6..cc247d4831 100644 --- a/docs/en/how-to/deploy_adk_agent.md +++ b/docs/en/how-to/deploy_adk_agent.md @@ -83,15 +83,12 @@ Toolbox instead of the local address. 2. Open your agent file (`my_agent/agent.py`). -3. Update the `ToolboxSyncClient` initialization to use your Cloud Run URL. +3. Update the `ToolboxToolset` initialization to point to your Cloud Run service URL. Replace the existing initialization code with the following: - {{% alert color="info" %}} -Since Cloud Run services are secured by default, you also need to provide an -authentication token. + {{% alert color="info" title="Note" %}} +Since Cloud Run services are secured by default, you also need to provide a workload identity. {{% /alert %}} - Replace your existing client initialization code with the following: - ```python from google.adk import Agent from google.adk.apps import App @@ -132,14 +129,14 @@ app = App(root_agent=root_agent, name="my_agent") Run the deployment command: ```bash -make backend +make deploy ``` This command will build your agent's container image and deploy it to Vertex AI. ## Step 6: Test your Deployment -Once the deployment command (`make backend`) completes, it will output the URL +Once the deployment command (`make deploy`) completes, it will output the URL for the Agent Engine Playground. You can click on this URL to open the Playground in your browser and start chatting with your agent to test the tools.