fix: update mem0 and qdrant dependencies

[erichare]

Summary

• Upgrade the mem0 optional extra to mem0ai 2.0.2+ and qdrant-client 1.12.0+
• Update Mem0 read paths to use filters for user scoping with the mem0 2.x API
• Add regression coverage for search and get_all using filters

Validation

• uv run pytest src/backend/tests/unit/components/bundles/mem0/test_mem0_component.py
• uv run ruff check src/lfx/src/lfx/components/mem0/mem0_chat_memory.py src/backend/tests/unit/components/bundles/mem0/test_mem0_component.py
• uv lock --check
• git diff --check

Summary by CodeRabbit

• Chores
  • Updated Mem0 AI dependency to version 2.0.2+
  • Updated Qdrant client dependency to version 1.12.0+
  • Enhanced memory component compatibility with Mem0 2.x API

[coderabbitai]

Walkthrough

This PR upgrades mem0ai from 0.1.34 to 2.0.2+, updates qdrant-client to 1.12.0–1.x, and migrates Mem0MemoryComponent.build_search_results() to use Mem0 2.x's filter-based user scoping API. Test coverage validates the new filter-based search() and get_all() calls.

Changes

Mem0 2.x library upgrade

Layer / File(s)	Summary
Dependency version updates src/backend/base/pyproject.toml, src/lfx/src/lfx/_assets/component_index.json	mem0ai upgraded to >=2.0.2,<3.0.0 and qdrant-client to >=1.12.0,<2.0.0; component index metadata reflects new versions and updates file hash.
Mem0 2.x filter-based API migration src/lfx/src/lfx/components/mem0/mem0_chat_memory.py, src/lfx/src/lfx/_assets/component_index.json	build_search_results() now passes user scoping via filters={"user_id": user_id} to both memory.search() and memory.get_all() instead of as direct arguments; embedded component code in index mirrors this change.
Mem0 2.x API test coverage src/backend/tests/unit/components/bundles/mem0/test_mem0_component.py	Imports Mock and adds two new unit tests validating that build_search_results() invokes Mem0 APIs with the correct filter parameter and metadata structure.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• langflow-ai/langflow#13053: Updates src/backend/base/pyproject.toml optional dependency versions for qdrant and mem0 extras with similar version constraints.

Suggested labels

lgtm

Suggested reviewers

• Adam-Aghili
• ogabrielluiz

🚥 Pre-merge checks | ✅ 7 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Test Quality And Coverage	⚠️ Warning	Tests validate the new filter behavior but lack critical edge case coverage: no tests for None/empty user_id (flagged in review), exception handling, or error conditions.	Add tests for falsy user_id, exception handling in build_search_results, and error conditions when memory operations fail.
Test File Naming And Structure	⚠️ Warning	Test file follows naming and pytest structure correctly but lacks edge case coverage. Missing tests for None/empty user_id (flagged in review), exception handling, and empty results.	Add tests for None/empty user_id scenarios, exception handling in search/get_all, and empty result sets to provide comprehensive coverage as required by custom check.

✅ Passed checks (7 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title concisely and clearly identifies the main change: updating mem0 and qdrant dependencies to newer versions, which aligns with all the modifications across the changeset.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Test Coverage For New Implementations	✅ Passed	PR includes two new regression tests for mem0 2.x filter-based user scoping, follows test_*.py convention, uses proper mocks, and test assertions match implementation code precisely.
Excessive Mock Usage Warning	✅ Passed	Mock usage is minimal and appropriate: 1 Mock per test for external mem0.Memory dependency. Tests verify API signature changes in Mem0 2.x integration, not excessive or obscuring core logic.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/mem0-2-qdrant-cve

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

✅ Test Coverage Advisor

No source changes detected without accompanying tests. Thanks for keeping coverage up! 🎉

Advisory check only — never blocks merge.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 55.61%. Comparing base (dd87310) to head (cda213f).
⚠️ Report is 1 commits behind head on release-1.10.0.

Additional details and impacted files

@@                Coverage Diff                 @@
##           release-1.10.0   #13292      +/-   ##
==================================================
+ Coverage           55.57%   55.61%   +0.04%     
==================================================
  Files                2178     2178              
  Lines              205682   205657      -25     
  Branches            31089    29436    -1653     
==================================================
+ Hits               114309   114384      +75     
+ Misses              90053    89954      -99     
+ Partials             1320     1319       -1     

Flag	Coverage Δ
backend	60.28% <ø> (+1.25%)	⬆️
frontend	55.48% <ø> (-0.23%)	⬇️
lfx	51.71% <ø> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.
see 214 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/lfx/src/lfx/_assets/component_index.json`:
- Line 92004: In build_search_results, add an early guard that checks if
self.user_id is falsy and avoid calling mem0_memory.search or get_all with
filters containing a null user_id; instead log a warning (using logger.warning)
and return an empty/neutral Data result appropriate for build_search_results (so
callers don’t get null-scoped Mem0 results). Update build_search_results (and
its interaction with ingest_data if needed) to perform this check before
constructing filters or calling mem0_memory.search/get_all.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 19db78ef-e630-4008-9b55-4c3d86760d2c

📥 Commits

Reviewing files that changed from the base of the PR and between cf3c2d3 and cda213f.

⛔ Files ignored due to path filters (2)

• src/backend/base/uv.lock is excluded by !**/*.lock
• uv.lock is excluded by !**/*.lock

📒 Files selected for processing (4)

• src/backend/base/pyproject.toml
• src/backend/tests/unit/components/bundles/mem0/test_mem0_component.py
• src/lfx/src/lfx/_assets/component_index.json
• src/lfx/src/lfx/components/mem0/mem0_chat_memory.py

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🌐 Web query:

For mem0ai 2.x, what is the behavior of Memory.search() and Memory.get_all() when filters={"user_id": None} (or when user_id is omitted)? Does it return unscoped/all-user memories?

💡 Result:

In mem0ai 2.x (OSS “Memory” SDK), the documented behavior is that entity scoping is done via the filters object; passing entity IDs as top-level kwargs is rejected, and reads are “scoped by filters”.[1][2][3] 1) If filters={"user_id": None} - The docs state that entity IDs must be passed inside filters and reads return memories “scoped by filters”.[1][2][3] - However, the specific case of filters with user_id=None (or JSON null) is not explicitly documented as returning “all-user/unscoped” memories. The platform feature page instead describes “implicit null scoping”: records where other primary entities are null are treated specially, and wildcards behave differently than null-only values.[3] - Therefore, based on the documented entity-scoping model, filters={"user_id": None} should not be interpreted as “unscoped/all users”; it would target the null-valued user scope (i.e., records created with user_id null / absent), not every user.[3] 2) If user_id is omitted from filters - The docs describe filters-based scoping but do not say that omitting user_id means “return all users”.[2][3] - The entity-scoped-memory feature page explains that records are partitioned by primary entity and that “wildcards” ("") are required to include broader sets; it contrasts wildcard behavior with null-only scoping and gives examples of constructing broader joins using OR and wildcards.[3] - So, omitting user_id is best treated as “use the default scoping behavior for your entity identifiers”, which is not equivalent to all-user retrieval; to retrieve broader sets you’d need explicit wildcard logic (e.g., user_id="") as described by the feature docs.[3] Practical conclusion - No: filters={"user_id": None} is not documented to return unscoped/all-user memories; it aligns with “null scoping” rather than “no scope”.[3] - Also not: omitting user_id is not documented to automatically mean “all-user”; if you want all users, you should use the documented wildcard mechanism in the filters (e.g., "user_id": "*") or an OR-based broadening pattern, rather than relying on null/omitted behavior.[3]

Citations:

• 1: https://docs.mem0.ai/api-reference/memory/search-memories
• 2: https://docs.mem0.ai/api-reference/memory/get-memories
• 3: https://docs.mem0.ai/platform/features/entity-scoped-memory

---

Avoid querying Mem0 when user_id is missing in build_search_results.

build_search_results always calls mem0_memory.search/get_all with filters={"user_id": user_id}; when self.user_id is empty/None, Mem0’s “entity scoping” via filters will apply “null scoping” (targeting only null/absent user_id records, not all users), leading to incorrect/unexpected results. Add an early guard before calling search()/get_all() when user_id is falsy.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/lfx/src/lfx/_assets/component_index.json` at line 92004, In
build_search_results, add an early guard that checks if self.user_id is falsy
and avoid calling mem0_memory.search or get_all with filters containing a null
user_id; instead log a warning (using logger.warning) and return an
empty/neutral Data result appropriate for build_search_results (so callers don’t
get null-scoped Mem0 results). Update build_search_results (and its interaction
with ingest_data if needed) to perform this check before constructing filters or
calling mem0_memory.search/get_all.

[github-actions]

Frontend Unit Test Coverage Report

Coverage Summary

Lines	Statements	Branches	Functions
	39.73% (50433/126937)	68.37% (6868/10044)	39.13% (1140/2913)

Unit Test Results

Tests	Skipped	Failures	Errors	Time
4404	0 💤	0 ❌	0 🔥	11m 32s ⏱️