Upgrade google-adk from 1.18.0 to 1.28.1.#6172
Upgrade google-adk from 1.18.0 to 1.28.1.#6172nick-nlb merged 3 commits intodatacommonsorg:masterfrom
Conversation
Note that this resulted in a number of dependency upgrades, including one which resulted in setuptools being dropped as the dependency tree. We also explicitly restore it at a version that allows us to run our test suites.
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request addresses a security vulnerability by upgrading the google-adk library. To support this change, a series of cascading dependency updates were performed to ensure system compatibility and stability. Additionally, specific constraints were applied to the test environment to maintain consistent test execution. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request updates several core dependencies in server/pyproject.toml, including fastapi, google-adk, google-auth, google-cloud-aiplatform, google-genai, pydantic, and typing-extensions, and adds a version constraint for setuptools in the test suite. The reviewer recommends updating server/requirements.txt to match these changes and adding documentation to explain the setuptools version pin.
… to explain the restrictive pinning of setuptools.
# Highlights - [Vis Tools] Delete old, old Map Tool by @juliawu in #6165, #6168 and #6170 - Update webdriver recordings by @nick-nlb in #6169 - [v0/v1 migration] Replace /v1/variable/search by @nick-nlb in #6140 - [Ranking Page][Ranking Tile] Add pagination to the ranking tile by @juliawu in #6147 - Upgrade google-adk from 1.18.0 to 1.28.1. by @nick-nlb in #6172 - Bump setuptools from 66.1.1 to 78.1.1 in /server by https://github.com/dependabot[bot] in #6173 - # Resources - REMOVE BEFORE MERGING - Diff links to help with writing highlights: - Mixer: datacommonsorg/mixer@f8a47a4...00b8206 - Import: datacommonsorg/import@1e14cdc...fced75e - Website changes are listed on this page. - If you're unsure what affects custom DC, please message the team.
2 participants
Description
The pinned version of
google-adkhad a security vulnerability. This PR upgrades that library, along with other libraries that needed to be upgrade as part of the dependency cascade.Notes
This resulted in a number of dependency upgrades (visible in the updated
pyproject.tomlfile. I upgraded the minimal number of libraries possible to allow us to updategoogle-adk.One of the updates
setuptoolsbeing dropped as the dependency tree. This is explicitly restored at a version that allows us to run our test suites.