Hugging Face's logo

Spaces:
VibecoderMcSwaggins
/
DeepBoner
Paused

App Files Community
VibecoderMcSwaggins commited on
Commit
0b2f973
·
1 Parent(s): 262c4bc

fix(deps): Update urllib3 to 2.6.0 for security fixes

Browse files

- GHSA-gm62-xv2j-4w53 and GHSA-2xpw-w6gg-jr37
- Fix CompiledStateGraph type annotation (langgraph API change)

Files changed (4) hide show
  1. pyproject.toml +2 -2
  2. requirements.txt +2 -2
  3. src/agents/graph/workflow.py +1 -1
  4. uv.lock +4 -4
pyproject.toml CHANGED
@@ -36,8 +36,8 @@ dependencies = [
36
  "langchain-core>=0.3.21,<1.0",
37
  "langchain-huggingface>=0.1.2,<1.0",
38
  "langgraph-checkpoint-sqlite>=3.0.0,<4.0", # 3.0.0 required for GHSA-wwqv-p2pp-99h5 fix
39
- # Security: Pin urllib3 to fix GHSA-48p4-8xcf-vxj5 and GHSA-pq67-6m6q-mj2v
40
- "urllib3>=2.5.0",
41
  ]
42
 
43
  [project.optional-dependencies]
 
36
  "langchain-core>=0.3.21,<1.0",
37
  "langchain-huggingface>=0.1.2,<1.0",
38
  "langgraph-checkpoint-sqlite>=3.0.0,<4.0", # 3.0.0 required for GHSA-wwqv-p2pp-99h5 fix
39
+ # Security: Pin urllib3 to fix GHSA-gm62-xv2j-4w53 and GHSA-2xpw-w6gg-jr37
40
+ "urllib3>=2.6.0",
41
  ]
42
 
43
  [project.optional-dependencies]
requirements.txt CHANGED
@@ -42,8 +42,8 @@ langchain-core>=0.3.21,<1.0
42
  langchain-huggingface>=0.1.2,<1.0
43
  langgraph-checkpoint-sqlite>=3.0.0,<4.0
44
 
45
- # Security: Pin urllib3 to fix GHSA-48p4-8xcf-vxj5 and GHSA-pq67-6m6q-mj2v
46
- urllib3>=2.5.0
47
 
48
  # Multi-agent orchestration (Advanced mode) - from [magentic] optional
49
  agent-framework-core==1.0.0b251204
 
42
  langchain-huggingface>=0.1.2,<1.0
43
  langgraph-checkpoint-sqlite>=3.0.0,<4.0
44
 
45
+ # Security: Pin urllib3 to fix GHSA-gm62-xv2j-4w53 and GHSA-2xpw-w6gg-jr37
46
+ urllib3>=2.6.0
47
 
48
  # Multi-agent orchestration (Advanced mode) - from [magentic] optional
49
  agent-framework-core==1.0.0b251204
src/agents/graph/workflow.py CHANGED
@@ -25,7 +25,7 @@ def create_research_graph(
25
  llm: BaseChatModel | None = None,
26
  checkpointer: BaseCheckpointSaver[Any] | None = None,
27
  embedding_service: EmbeddingServiceProtocol | None = None,
28
- ) -> CompiledStateGraph[Any, Any, Any, Any]:
29
  """Build the research state graph.
30
 
31
  Args:
 
25
  llm: BaseChatModel | None = None,
26
  checkpointer: BaseCheckpointSaver[Any] | None = None,
27
  embedding_service: EmbeddingServiceProtocol | None = None,
28
+ ) -> CompiledStateGraph:
29
  """Build the research state graph.
30
 
31
  Args:
uv.lock CHANGED
@@ -1169,7 +1169,7 @@ requires-dist = [
1169
  { name = "structlog", specifier = ">=24.1" },
1170
  { name = "tenacity", specifier = ">=8.2" },
1171
  { name = "typer", marker = "extra == 'dev'", specifier = ">=0.9.0" },
1172
- { name = "urllib3", specifier = ">=2.5.0" },
1173
  { name = "xmltodict", specifier = ">=0.13" },
1174
  ]
1175
  provides-extras = ["dev", "magentic", "rag"]
@@ -6175,11 +6175,11 @@ wheels = [
6175
 
6176
  [[package]]
6177
  name = "urllib3"
6178
- version = "2.5.0"
6179
  source = { registry = "https://pypi.org/simple" }
6180
- sdist = { url = "https://files.pythonhosted.org/packages/15/22/9ee70a2574a4f4599c47dd506532914ce044817c7752a79b6a51286319bc/urllib3-2.5.0.tar.gz", hash = "sha256:3fc47733c7e419d4bc3f6b3dc2b4f890bb743906a30d56ba4a5bfa4bbff92760", size = 393185 }
6181
  wheels = [
6182
- { url = "https://files.pythonhosted.org/packages/a7/c2/fe1e52489ae3122415c51f387e221dd0773709bad6c6cdaa599e8a2c5185/urllib3-2.5.0-py3-none-any.whl", hash = "sha256:e6b01673c0fa6a13e374b50871808eb3bf7046c4b125b216f6bf1cc604cff0dc", size = 129795 },
6183
  ]
6184
 
6185
  [[package]]
 
1169
  { name = "structlog", specifier = ">=24.1" },
1170
  { name = "tenacity", specifier = ">=8.2" },
1171
  { name = "typer", marker = "extra == 'dev'", specifier = ">=0.9.0" },
1172
+ { name = "urllib3", specifier = ">=2.6.0" },
1173
  { name = "xmltodict", specifier = ">=0.13" },
1174
  ]
1175
  provides-extras = ["dev", "magentic", "rag"]
 
6175
 
6176
  [[package]]
6177
  name = "urllib3"
6178
+ version = "2.6.0"
6179
  source = { registry = "https://pypi.org/simple" }
6180
+ sdist = { url = "https://files.pythonhosted.org/packages/1c/43/554c2569b62f49350597348fc3ac70f786e3c32e7f19d266e19817812dd3/urllib3-2.6.0.tar.gz", hash = "sha256:cb9bcef5a4b345d5da5d145dc3e30834f58e8018828cbc724d30b4cb7d4d49f1", size = 432585 }
6181
  wheels = [
6182
+ { url = "https://files.pythonhosted.org/packages/56/1a/9ffe814d317c5224166b23e7c47f606d6e473712a2fad0f704ea9b99f246/urllib3-2.6.0-py3-none-any.whl", hash = "sha256:c90f7a39f716c572c4e3e58509581ebd83f9b59cced005b7db7ad2d22b0db99f", size = 131083 },
6183
  ]
6184
 
6185
  [[package]]