chore(deps): update python-nonmajor

[renovate-bot]

This PR contains the following updates:

Package	Change	Age	Confidence
aiohttp	==3.13.0 -> ==3.13.2
black (changelog)	==25.9.0 -> ==25.11.0
deprecated	==1.2.18 -> ==1.3.1
google-auth	==2.41.1 -> ==2.43.0
google-cloud-secret-manager (source)	==2.24.0 -> ==2.25.0
google-cloud-storage	==3.4.0 -> ==3.6.0
llama-index	==0.14.4 -> ==0.14.8
pydantic (changelog)	==2.11.10 -> ==2.12.4

---

Release Notes

aio-libs/aiohttp (aiohttp)

v3.13.2: 3.13.2

Compare Source

Bug fixes

• Fixed cookie parser to continue parsing subsequent cookies when encountering a malformed cookie that fails regex validation, such as Google's g_state cookie with unescaped quotes -- by :user:bdraco.

  Related issues and pull requests on GitHub:
  #​11632.

• Fixed loading netrc credentials from the default :file:~/.netrc (:file:~/_netrc on Windows) location when the :envvar:NETRC environment variable is not set -- by :user:bdraco.

  Related issues and pull requests on GitHub:
  #​11713, #​11714.

• Fixed WebSocket compressed sends to be cancellation safe. Tasks are now shielded during compression to prevent compressor state corruption. This ensures that the stateful compressor remains consistent even when send operations are cancelled -- by :user:bdraco.

  Related issues and pull requests on GitHub:
  #​11725.

---

v3.13.1

Compare Source

===================

Features

• Make configuration options in AppRunner also available in run_app()
  -- by :user:Cycloctane.

  Related issues and pull requests on GitHub:
  :issue:11633.

Bug fixes

• Switched to backports.zstd for Python <3.14 and fixed zstd decompression for chunked zstd streams -- by :user:ZhaoMJ.

  Note: Users who installed zstandard for support on Python <3.14 will now need to install
  backports.zstd instead (installing aiohttp[speedups] will do this automatically).

  Related issues and pull requests on GitHub:
  :issue:11623.

• Updated Content-Type header parsing to return application/octet-stream when header contains invalid syntax.
  See :rfc:9110#section-8.3-5.

  -- by :user:sgaist.

  Related issues and pull requests on GitHub:
  :issue:10889.

• Fixed Python 3.14 support when built without zstd support -- by :user:JacobHenner.

  Related issues and pull requests on GitHub:
  :issue:11603.

• Fixed blocking I/O in the event loop when using netrc authentication by moving netrc file lookup to an executor -- by :user:bdraco.

  Related issues and pull requests on GitHub:
  :issue:11634.

• Fixed routing to a sub-application added via .add_domain() not working
  if the same path exists on the parent app. -- by :user:Dreamsorcerer.

  Related issues and pull requests on GitHub:
  :issue:11673.

Packaging updates and notes for downstreams

• Moved core packaging metadata from :file:setup.cfg to :file:pyproject.toml per :pep:621
  -- by :user:cdce8p.

  Related issues and pull requests on GitHub:
  :issue:9951.

---

psf/black (black)

v25.11.0

Compare Source

Highlights

• Enable base 3.14 support (#​4804)
• Add support for the new Python 3.14 t-string syntax introduced by PEP 750 (#​4805)

Stable style

• Fix bug where comments between # fmt: off and # fmt: on were reformatted (#​4811)
• Comments containing fmt directives now preserve their exact formatting instead of
  being normalized (#​4811)

Preview style

• Move multiline_string_handling from --unstable to --preview (#​4760)
• Fix bug where module docstrings would be treated as normal strings if preceded by
  comments (#​4764)
• Fix bug where python 3.12 generics syntax split line happens weirdly (#​4777)
• Standardize type comments to form # type: <value> (#​4645)
• Fix fix_fmt_skip_in_one_liners preview feature to respect # fmt: skip for compound
  statements with semicolon-separated bodies (#​4800)

Configuration

• Add no_cache option to control caching behavior. (#​4803)

Packaging

• Releases now include arm64 Linux binaries (#​4773)

Output

• Write unchanged content to stdout when excluding formatting from stdin using pipes
  (#​4610)

Blackd

• Implemented BlackDClient. This simple python client allows to easily send formatting
  requests to blackd (#​4774)

Integrations

• Enable 3.14 base CI (#​4804)
• Enhance GitHub Action psf/black to support the required-version major-version-only
  "stability" format when using pyproject.toml (#​4770)
• Improve error message for vim plugin users. It now handles independently vim version
• Vim: Warn on unsupported Vim and Python versions independently (#​4772)
• Vim: Print the import paths when importing black fails (#​4675)
• Vim: Fix handling of virtualenvs that have a different Python version (#​4675)

laurent-laporte-pro/deprecated (deprecated)

v1.3.1

Compare Source

===================

Patch release: Packaging fix

Fixed

• Restore missing source distribution (.tar.gz) that was not included in v1.3.0.

v1.3.0

Compare Source

===================

.. note::

This release was **yanked** on PyPI due to a missing source distribution (``.tar.gz``).
See issue #​94: https://github.com/laurent-laporte-pro/deprecated/issues/94
It has been replaced by version 1.3.1.

Minor release: Parameters deprecation

Added

• Add compatibility tests and adjustments for Wrapt v2.0. See PR #​88 (musicinmybrain).

• Add experimental @deprecated_params decorator to mark function parameters as deprecated at call-time; emits warnings when deprecated parameters are used with optional messages and configurable warning categories. See PR #​93.

Documentation

• Update the Wrapt compatibility matrix to include Python 3.13 and 3.14. See PR #​91

Changed

• Limit test coverage collection to the dedicated coverage tox environment to avoid collecting coverage across all test environments and reduce cross-environment coverage noise. See PR #​92.

googleapis/google-auth-library-python (google-auth)

v2.43.0

Compare Source

Features

• Add public wrapper for _mtls_helper.check_use_client_cert which enables mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, when the MWID/X.509 cert sources detected (#​1859) Add public wrapper for check_use_client_cert which enables mTLS if
  GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, when the MWID/X.509 cert
  sources detected. Also, fix check_use_client_cert to return boolean
  value.
  Change #​1848 added the check_use_client_cert method that helps know if
  client cert should be used for mTLS connection. However, that was in a
  private class, thus, created a public wrapper of the same function so
  that it can be used by python Client Libraries. Also, updated
  check_use_client_cert to return a boolean value instead of existing
  string value for better readability and future scope.
  --------- (1535eccbff0ad8f3fd6a9775316ac8b77dca66ba)
• Enable mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, if the MWID/X.509 cert sources detected (#​1848) The Python SDK will use a hybrid approach for mTLS enablement:

• If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is set
  (either true or false), the SDK will respect that setting. This is
  necessary for test scenarios and users who need to explicitly control
  mTLS behavior.
• If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is not
  set, the SDK will automatically enable mTLS only if it detects Managed
  Workload Identity (MWID) or X.509 Workforce Identity Federation (WIF)
  certificate sources. In other cases where the variable is not set, mTLS
  will remain disabled.
  ** This change also adds the helper method check_use_client_cert and
  it's unit test, which will be used for checking the criteria for setting
  the mTLS to true
  ** This change is only for Auth-Library, other changes will be created
  for Client-Library use-cases.
  --------- (395e405b64b56ddb82ee639958c2e8056ad2e82b)

• onboard google-auth to librarian (#​1838) This PR onboards google-auth library to the Librarian system.
  Wait for
  #​1819. (c503eaa511357d7a76cc1e1f1d3a3be2dabd5bca)

v2.42.1

Compare Source

Bug Fixes

• Catch ValueError for json.loads() (#​1842) (b074cad)

v2.42.0

Compare Source

Features

• Add trust boundary support for external accounts. (#​1809) (36ecb1d)

Bug Fixes

• Read scopes from ADC json for impersoanted cred (#​1820) (62c0fc8)

googleapis/google-cloud-python (google-cloud-secret-manager)

v2.25.0: google-cloud-secret-manager: v2.25.0

Compare Source

Features

• Add support for Python 3.14 (4763aa7)

Bug Fixes

• Deprecate credentials_file argument (4763aa7)

googleapis/python-storage (google-cloud-storage)

v3.6.0

Compare Source

Features

• Add support for partial list buckets (#​1606) (92fc2b0)
• Make return_partial_success and unreachable fields public for list Bucket (#​1601) (323cddd)
• zb-experimental: Add async write object stream (5ab8103)
• zb-experimental: Add async write object stream (#​1612) (5ab8103)

Bug Fixes

• Dont pass credentials to StorageClient (#​1608) (195d644)

v3.5.0

Compare Source

Features

• experimental: Add base resumption strategy for bidi streams (#​1594) (5fb85ea)
• experimental: Add checksum for bidi reads operation (#​1566) (93ce515)
• experimental: Add read resumption strategy (#​1599) (5d5e895)
• experimental: Handle BidiReadObjectRedirectedError for bidi reads (#​1600) (71b0f8a)
• Indicate that md5 is used as a CRC (#​1522) (961536c)
• Provide option to update user_agent (#​1596) (02f1451)

Bug Fixes

• Deprecate credentials_file argument (74415a2)
• Flaky system tests for resumable_media (#​1592) (7fee3dd)
• Make download_ranges compatible with asyncio.create_task(..) (#​1591) (faf8b83)
• Make download_ranges compatible with asyncio.create_task(..) (#​1591) (faf8b83)
• Redact sensitive data from OTEL traces and fix env var parsing (#​1553) (a38ca19)
• Redact sensitive data from OTEL traces and fix env var parsing (#​1553) (a38ca19)
• Use separate header object for each upload in Transfer Manager MPU (#​1595) (0d867bd)

v3.4.1

Compare Source

Bug Fixes

• Fixes #​1561 by adding an option to specify the entire object checksum for resumable uploads via the upload_from_string, upload_from_file, and upload_from_filename methods (acb918e)

run-llama/llama_index (llama-index)

v0.14.8

Compare Source

llama-index-core [0.14.8]

• Fix ReActOutputParser getting stuck when "Answer:" contains "Action:" (#​20098)
• Add buffer to image, audio, video and document blocks (#​20153)
• fix(agent): Handle multi-block ChatMessage in ReActAgent (#​20196)
• Fix/20209 (#​20214)
• Preserve Exception in ToolOutput (#​20231)
• fix weird pydantic warning (#​20235)

llama-index-embeddings-nvidia [0.4.2]

• docs: Edit pass and update example model (#​20198)

llama-index-embeddings-ollama [0.8.4]

• Added a test case (no code) to check the embedding through an actual connection to a Ollama server (after checking that the ollama server exists) (#​20230)

llama-index-llms-anthropic [0.10.2]

• feat(llms/anthropic): Add support for RawMessageDeltaEvent in streaming (#​20206)
• chore: remove unsupported models (#​20211)

llama-index-llms-bedrock-converse [0.11.1]

• feat: integrate bedrock converse with tool call block (#​20099)
• feat: Update model name extraction to include 'jp' region prefix and … (#​20233)

llama-index-llms-google-genai [0.7.3]

• feat: google genai integration with tool block (#​20096)
• fix: non-streaming gemini tool calling (#​20207)
• Add token usage information in GoogleGenAI chat additional_kwargs (#​20219)
• bug fix google genai stream_complete (#​20220)

llama-index-llms-nvidia [0.4.4]

• docs: Edit pass and code example updates (#​20200)

llama-index-llms-openai [0.6.8]

• FixV2: Correct DocumentBlock type for OpenAI from 'input_file' to 'file' (#​20203)
• OpenAI v2 sdk support (#​20234)

llama-index-llms-upstage [0.6.5]

• OpenAI v2 sdk support (#​20234)

llama-index-packs-streamlit-chatbot [0.5.2]

• OpenAI v2 sdk support (#​20234)

llama-index-packs-voyage-query-engine [0.5.2]

• OpenAI v2 sdk support (#​20234)

llama-index-postprocessor-nvidia-rerank [0.5.1]

• docs: Edit pass (#​20199)

llama-index-readers-web [0.5.6]

• feat: Add ScrapyWebReader Integration (#​20212)
• Update Scrapy dependency to 2.13.3 (#​20228)

llama-index-readers-whisper [0.3.0]

• OpenAI v2 sdk support (#​20234)

llama-index-storage-kvstore-postgres [0.4.3]

• fix: Ensure schema creation only occurs if it doesn't already exist (#​20225)

llama-index-tools-brightdata [0.2.1]

• docs: add api key claim instructions (#​20204)

llama-index-tools-mcp [0.4.3]

• Added test case for issue 19211. No code change (#​20201)

llama-index-utils-oracleai [0.3.1]

• Update llama-index-core dependency to 0.12.45 (#​20227)

llama-index-vector-stores-lancedb [0.4.2]

• fix: FTS index recreation bug on every LanceDB query (#​20213)

v0.14.7

Compare Source

llama-index-core [0.14.7]

• Feat/serpex tool integration (#​20141)
• Fix outdated error message about setting LLM (#​20157)
• Fixing some recently failing tests (#​20165)
• Fix: update lock to latest workflow and fix issues (#​20173)
• fix: ensure full docstring is used in FunctionTool (#​20175)
• fix api docs build (#​20180)

llama-index-embeddings-voyageai [0.5.0]

• Updating the VoyageAI integration (#​20073)

llama-index-llms-anthropic [0.10.0]

• feat: integrate anthropic with tool call block (#​20100)

llama-index-llms-bedrock-converse [0.10.7]

• feat: Add support for Bedrock Guardrails streamProcessingMode (#​20150)
• bedrock structured output optional force (#​20158)

llama-index-llms-fireworks [0.4.5]

• Update FireworksAI models (#​20169)

llama-index-llms-mistralai [0.9.0]

• feat: mistralai integration with tool call block (#​20103)

llama-index-llms-ollama [0.9.0]

• feat: integrate ollama with tool call block (#​20097)

llama-index-llms-openai [0.6.6]

• Allow setting temp of gpt-5-chat (#​20156)

llama-index-readers-confluence [0.5.0]

• feat(confluence): make SVG processing optional to fix pycairo install… (#​20115)

llama-index-readers-github [0.9.0]

• Add GitHub App authentication support (#​20106)

llama-index-retrievers-bedrock [0.5.1]

• Fixing some recently failing tests (#​20165)

llama-index-tools-serpex [0.1.0]

• Feat/serpex tool integration (#​20141)
• add missing toml info (#​20186)

llama-index-vector-stores-couchbase [0.6.0]

• Add Hyperscale and Composite Vector Indexes support for Couchbase vector-store (#​20170)

v0.14.6

Compare Source

llama-index-core [0.14.6]

• Add allow_parallel_tool_calls for non-streaming (#​20117)
• Fix invalid use of field-specific metadata (#​20122)
• update doc for SemanticSplitterNodeParser (#​20125)
• fix rare cases when sentence splits are larger than chunk size (#​20147)

llama-index-embeddings-bedrock [0.7.0]

• Fix BedrockEmbedding to support Cohere v4 response format (#​20094)

llama-index-embeddings-isaacus [0.1.0]

• feat: Isaacus embeddings integration (#​20124)

llama-index-embeddings-oci-genai [0.4.2]

• Update OCI GenAI cohere models (#​20146)

llama-index-llms-anthropic [0.9.7]

• Fix double token stream in anthropic llm (#​20108)
• Ensure anthropic content delta only has user facing response (#​20113)

llama-index-llms-baseten [0.1.7]

• add GLM (#​20121)

llama-index-llms-helicone [0.1.0]

• integrate helicone to llama-index (#​20131)

llama-index-llms-oci-genai [0.6.4]

• Update OCI GenAI cohere models (#​20146)

llama-index-llms-openai [0.6.5]

• chore: openai vbump (#​20095)

llama-index-readers-imdb-review [0.4.2]

• chore: Update selenium dependency in imdb-review reader (#​20105)

llama-index-retrievers-bedrock [0.5.0]

• feat(bedrock): add async support for AmazonKnowledgeBasesRetriever (#​20114)

llama-index-retrievers-superlinked [0.1.3]

• Update README.md (#​19829)

llama-index-storage-kvstore-postgres [0.4.2]

• fix: Replace raw SQL string interpolation with proper SQLAlchemy parameterized APIs in PostgresKVStore (#​20104)

llama-index-tools-mcp [0.4.3]

• Fix BasicMCPClient resource signatures (#​20118)

llama-index-vector-stores-postgres [0.7.1]

• Add GIN index support for text array metadata in PostgreSQL vector store (#​20130)

v0.14.5

Compare Source

llama-index-core [0.14.5]

• Remove debug print (#​20000)
• safely initialize RefDocInfo in Docstore (#​20031)
• Add progress bar for multiprocess loading (#​20048)
• Fix duplicate node positions when identical text appears multiple times in document (#​20050)
• chore: tool call block - part 1 (#​20074)

llama-index-instrumentation [0.4.2]

• update instrumentation package metadata (#​20079)

llama-index-llms-anthropic [0.9.5]

• ✨ feat(anthropic): add prompt caching model validation utilities (#​20069)
• fix streaming thinking/tool calling with anthropic (#​20077)
• Add haiku 4.5 support (#​20092)

llama-index-llms-baseten [0.1.6]

• Baseten provider Kimi K2 0711, Llama 4 Maverick and Llama 4 Scout Model APIs deprecation (#​20042)

llama-index-llms-bedrock-converse [0.10.5]

• feat: List Claude Sonnet 4.5 as a reasoning model (#​20022)
• feat: Support global cross-region inference profile prefix (#​20064)
• Update utils.py for opus 4.1 (#​20076)
• 4.1 opus bedrockconverse missing in funcitoncalling models (#​20084)
• Add haiku 4.5 support (#​20092)

llama-index-llms-fireworks [0.4.4]

• Add Support for Custom Models in Fireworks LLM (#​20023)
• fix(llms/fireworks): Cannot use Fireworks Deepseek V3.1-20006 issue (#​20028)

llama-index-llms-oci-genai [0.6.3]

• Add support for xAI models in OCI GenAI (#​20089)

llama-index-llms-openai [0.6.4]

• Gpt 5 pro addition (#​20029)
• fix collecting final response with openai responses streaming (#​20037)
• Add support for GPT-5 models in utils.py (JSON_SCHEMA_MODELS) (#​20045)
• chore: tool call block - part 1 (#​20074)

llama-index-llms-sglang [0.1.0]

• Added Sglang llm integration (#​20020)

llama-index-readers-gitlab [0.5.1]

• feat(gitlab): add pagination params for repository tree and issues (#​20052)

llama-index-readers-json [0.4.2]

• vbump the JSON reader (#​20039)

llama-index-readers-web [0.5.5]

• fix: ScrapflyReader Pydantic validation error (#​19999)

llama-index-storage-chat-store-dynamodb [0.4.2]

• bump dynamodb chat store deps (#​20078)

llama-index-tools-mcp [0.4.2]

• 🐛 fix(tools/mcp): Fix dict type handling and reference resolution in … (#​20082)

llama-index-tools-signnow [0.1.0]

• feat(signnow): SignNow mcp tools integration (#​20057)

llama-index-tools-tavily-research [0.4.2]

• feat: Add Tavily extract function for URL content extraction (#​20038)

llama-index-vector-stores-azurepostgresql [0.2.0]

• Add hybrid search to Azure PostgreSQL integration (#​20027)

llama-index-vector-stores-milvus [0.9.3]

• fix: Milvus get_field_kwargs() (#​20086)

llama-index-vector-stores-opensearch [0.6.2]

• fix(opensearch): Correct version check for efficient filtering (#​20067)

llama-index-vector-stores-qdrant [0.8.6]

• fix(qdrant): Allow async-only initialization with hybrid search (#​20005)

pydantic/pydantic (pydantic)

v2.12.4

Compare Source

v2.12.3

Compare Source

GitHub release

What's Changed

This is the third 2.13 patch release, fixing issues related to the FieldInfo class, and reverting a change to the supported
after model validator function signatures.

• Raise a warning when an invalid after model validator function signature is raised by @​Viicos in #​12414.
  Starting in 2.12.0, using class methods for after model validators raised an error, but the error wasn't raised concistently. We decided
  to emit a deprecation warning instead.
• Add FieldInfo.asdict() method, improve documentation around FieldInfo by @​Viicos in #​12411.
  This also add back support for mutations on FieldInfo classes, that are reused as Annotated metadata. However, note that this is still
  not a supported pattern. Instead, please refer to the added example in the documentation.

The blog post section on changes was also updated to document the changes related to serialize_as_any.

v2.12.2

Compare Source

GitHub release

What's Changed

Fixes

• Release a new pydantic-core version, as a corrupted CPython 3.10 manylinux2014_aarch64 wheel got uploaded (pydantic-core#1843).
• Fix issue with recursive generic models with a parent model class by @​Viicos in #​12398

v2.12.1

Compare Source

GitHub release

What's Changed

This is the first 2.12 patch release, addressing most (but not all yet) regressions from the initial 2.12.0 release.

Fixes

• Do not evaluate annotations when inspecting validators and serializers by @​Viicos in #​12355
• Make sure None is converted as NoneType in Python 3.14 by @​Viicos in #​12370
• Backport V1 runtime warning when using Python 3.14 by @​Viicos in #​12367
• Fix error message for invalid validator signatures by @​Viicos in #​12366
• Populate field name in ValidationInfo for validation of default value by @​Viicos in pydantic-core#1826
• Encode credentials in MultiHostUrl builder by @​willswire in pydantic-core#1829
• Respect field serializers when using serialize_as_any serialization flag by @​davidhewitt in pydantic-core#1829
• Fix various RootModel serialization issues by @​davidhewitt in pydantic-core#1836

New Contributors

• @​willswire made their first contribution in pydantic-core#1829

v2.12.0

Compare Source

GitHub release

What's Changed

This is the final 2.12 release. It features the work of 20 external contributors and provides useful new features, along with initial Python 3.14 support.
Several minor changes (considered non-breaking changes according to our versioning policy)
are also included in this release. Make sure to look into them before upgrading.

Note that Pydantic V1 is not compatible with Python 3.14 and greater.

Changes (see the alpha and beta releases for additional changes since 2.11):

Packaging

• Update V1 copy to v1.10.24 by @​Viicos in #​12338

New Features

• Add extra parameter to the validate functions by @​anvilpete in #​12233
• Add exclude_computed_fields serialization option by @​Viicos in #​12334
• Add preverse_empty_path URL options by @​Viicos in #​12336
• Add union_format parameter to JSON Schema generation by @​Viicos in #​12147
• Add __qualname__ parameter for create_model by @​Atry in #​12001

Fixes

• Do not try to infer name from lambda definitions in pipelines API by @​Viicos in #​12289
• Use proper namespace for functions in TypeAdapter by @​Viicos in #​12324
• Use Any for context type annotation in TypeAdapter by @​inducer in #​12279
• Expose FieldInfo in pydantic.fields.__all__ by @​Viicos in #​12339
• Respect validation_alias in @validate_call by @​Viicos in #​12340
• Use Any as context annotation in plugin API by @​Viicos in #​12341
• Use proper stacklevel in warnings when possible by @​Viicos in #​12342

New Contributors

• @​anvilpete made their first contribution in #​12233
• @​JonathanWindell made their first contribution in #​12327
• @​inducer made their first contribution in #​12279
• @​Atry made their first contribution in #​12001

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[anubhav756]

/gcbrun

[anubhav756]

/gcbrun

[anubhav756]

/gcbrun

[anubhav756]

/gbrun

[anubhav756]

/gcbrun

[anubhav756]

/gcbrun

[anubhav756]

/gcbrun

[anubhav756]

/gcbrun

[anubhav756]

/gcbrun