chore(deps): dependency updates (superseded — not merged)#747
chore(deps): dependency updates (superseded — not merged)#747jason-anthropic wants to merge 1 commit into
Conversation
…alenv Fixes 15 Dependabot alerts (#1-#15) covering 14 CVEs across five previously- transitive dependencies. Each is now declared in [project.dependencies] with a >= floor matching the lockfile version, so `uv lock` pins them at or above the security-patched versions going forward: aiohttp 3.13.2 -> 3.14.1 (CVE-2025-69223..-69230) filelock 3.20.0 -> 3.24.2 (CVE-2025-68146, CVE-2026-22701) langchain-core 1.1.0 -> 1.3.3 (CVE-2025-68664) urllib3 2.5.0 -> 2.7.0 (CVE-2025-66418, -66471, -2026-21441) virtualenv 20.35.4 -> 20.39.1 (CVE-2026-22702) Every CVE package stays within its current major (virtualenv held at latest 20.x, langchain-core at the exact CVE floor) to keep the lockfile change minimal and avoid major-version breakage in dev tooling. All five CVE packages have no first-party imports except aiohttp, which is used only in 3 example/sample files via the stable aiohttp.web / ClientSession surface (unchanged between 3.13 and 3.14).
There was a problem hiding this comment.
PR Review
Recommendation: COMMENT
Summary
Security bump promoting 5 previously-transitive packages (aiohttp, filelock, langchain-core, urllib3, virtualenv) to explicit [project.dependencies] entries with >= floors that resolve 15 Dependabot alerts. No blockers; two concerns worth a look before un-drafting.
Actionable Feedback (2 items)
-
third_party/Pinecone/claude_3_rag_agent.ipynb(in the%pip installcell that pinslangchain==0.1.11,langchain-core==0.1.30,langchain-community==0.0.27,langchain-anthropic==0.1.4) — this notebook downgradeslangchain-coreto0.1.30at runtime, bypassing the new>=1.3.3project floor and re-introducing the CVE in-notebook. The 0.1.30 → 1.3.3 jump is a major-API gap, so simply un-pinning is non-trivial. Options: (a) update the notebook's pinned versions in this PR, (b) droplangchain-corefrom[project.dependencies]since only this isolated notebook with its own pins imports it, or (c) acknowledge the notebook is out-of-scope and accept the gap. -
pyproject.toml:19-23— Consider whether promotingfilelock,urllib3, andvirtualenvto direct deps is the right pattern given they have zero first-party imports.[tool.uv] constraint-dependencieswould set floors without implying the project depends on these packages directly. Not a blocker — just future-maintenance friction (next reader has to figure out why a cookbook declaresvirtualenvas a runtime dep).
Detailed Review
Verified safe
- urllib3 ↔ requests compatibility:
requests>=2.32.5declaresurllib3>=1.21.1,<3; the newurllib3==2.7.0is in range. Lock resolves cleanly. - Python version:
requires-python = ">=3.11,<3.13"clears urllib3 2.7's new Python 3.10+ floor. - aiohttp API surface: All three importing files (
tool_use/memory_demo/sample_code/api_client_v1.py,claude_agent_sdk/site_reliability_agent/examples/sre_bot_slack.py,claude_agent_sdk/site_reliability_agent/infra_setup.py) use onlyClientSession,ClientTimeout,session.get,aiohttp.ClientError, andaiohttp.webserver primitives. NoAbstractCookieJarorBaseProtocolsubclasses, so the 3.14.x additions to those ABCs are not reachable. - langchain-core API surface: Only
HumanMessageis imported in the Pinecone notebook; the symbol still exists at the 1.3.3 import path (caveat: see notebook pin issue above). - filelock / virtualenv: Zero first-party imports — pure version-floor declarations.
Code Quality
The bump pattern matches the precedent commit (42fe4f5 fix(security): bump aiohttp, filelock, langchain-core, urllib3, virtualenv) and is well-documented in the PR description with per-package risk analysis. Lock file changes are consistent (e.g., new typing-extensions aiohttp transitive, new langchain-protocol@0.0.18 / uuid-utils@0.16.2 langchain transitives).
Security
Fixes 14 CVEs across 5 packages. Floors are pinned at the minimum patched version (rather than latest), which reduces cascading dependency churn. Reasonable trade-off.
Suggestions
- Alphabetizing the new dep block (or grouping by purpose) would help future readers, but existing deps aren't strictly sorted, so this is a nit.
- Consider a code comment in
pyproject.tomlnext to the floor-only deps (filelock, virtualenv, urllib3) noting "pinned for CVE floor only — not imported" so future maintainers don't get confused when they grep and find no usages.
Positive Notes
- Thorough PR description with verified call-site analysis.
- Conservative version selection (CVE floor, not latest) for
langchain-coreandvirtualenvto minimize cascading bumps. - All bumps stay within major.
Superseded — closed without merge. Dependency updates for this repository are tracked separately.