Skip to content

Merge main into 1.0-dev #623

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
lkawka wants to merge 29 commits into
base: 1.0-dev
Choose a base branch
from
Open

Merge main into 1.0-dev #623

lkawka wants to merge 29 commits into from

Conversation

@lkawka
Copy link
Member

@lkawka lkawka commented Jan 16, 2026

Description

Thank you for opening a Pull Request!
Before submitting your PR, there are a few things you can do to make sure it goes smoothly:

  • Follow the CONTRIBUTING Guide.
  • Make your Pull Request title in the https://www.conventionalcommits.org/ specification.
    • Important Prefixes for release-please:
      • fix: which represents bug fixes, and correlates to a SemVer patch.
      • feat: represents a new feature, and correlates to a SemVer minor.
      • feat!:, or fix!:, refactor!:, etc., which represent a breaking change (indicated by the !) and will result in a SemVer major.
  • Ensure the tests and linter pass (Run bash scripts/format.sh from the repository root to format)
  • Appropriate docs were updated (if necessary)

Fixes #<issue_number_goes_here> 🦕

sokoliva and others added 21 commits November 21, 2025 12:53
@sokoliva
fix: Ensure metadata propagation for Task ToProto and FromProto
fc31d03 
… conversion (#557)

The `metadata` dictionary is now correctly propagated in both the
`ToProto` (types.Task to a2a_pb2.Task) and `FromProto` (a2a_pb2.Task to
types.Task) conversion utilities.

Release-As:0.3.16

Fixes #541 🦕
@a2a-bot
chore(main): release 0.3.16 (#562)
dbc73e8 
🤖 I have created a release *beep* *boop*
---


##
[0.3.16](v0.3.15...v0.3.16)
(2025-11-21)


### Bug Fixes

* Ensure metadata propagation for `Task` `ToProto` and `FromProto`
conversion ([#557](#557))
([fc31d03](fc31d03))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
@TadakiAsechi @tadaki0601 @holtskinner
feat(client): allow specifying history_length via call-site `Messag…
53bbf7a 
…eSendConfiguration` in `BaseClient.send_message` (#500)

## Description
This PR implements the client-side enhancement described in #499.
It allows callers to specify `history_length` (and other message
configuration options)
directly via the optional configuration parameter in
`BaseClient.send_message`,
complementing the server-side support added in #497.

### Summary of Changes
- Added optional argument `configuration: MessageSendConfiguration |
None` to `BaseClient.send_message`.
- When provided, merges call-site configuration with `ClientConfig`
defaults.
- Allows partial overrides (e.g., setting `historyLength` only).
- Updated docstrings to reflect the new parameter behavior.
- Added unit tests covering both non-streaming and streaming scenarios.

### Motivation
Previously, `BaseClient.send_message` built `MessageSendConfiguration`
internally from `ClientConfig`,
but `ClientConfig` does not include `history_length`.
This prevented clients from specifying it on a per-call basis, unlike
`get_task`,
which already supports `history_length` via `TaskQueryParams`.
After this change, client behavior becomes consistent across both
methods.

### Related Issues
Fixes #499
Complements #497 (server-side historyLength support)

Release-As: 0.3.17

---------

Co-authored-by: tadaki <tadaki.asechi@gmail.com>
Co-authored-by: Holt Skinner <13262395+holtskinner@users.noreply.github.com>
Co-authored-by: TadakiAsechi <tadaki.asechi@icould.com>
Co-authored-by: TadakiAsechi <tadaki.asechi@iclould.com>
@a2a-bot
chore(main): release 0.3.17 (#565)
7e121e0 
🤖 I have created a release *beep* *boop*
---


##
[0.3.17](v0.3.16...v0.3.17)
(2025-11-24)


### Features

* **client:** allow specifying `history_length` via call-site
`MessageSendConfiguration` in `BaseClient.send_message`
([53bbf7a](53bbf7a))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
@ShishirRmc
fix: return updated agent_card in JsonRpcTransport.get_card() (#552)
0ce239e 
## Fixes #551 

### Changes
- Fixed `JsonRpcTransport.get_card()` to return the newly fetched
authenticated extended card instead of the stale card

### Details
Changed line from `return card` to `return self.agent_card` to ensure
the method returns the updated card after fetching the authenticated
extended version.

This aligns the JsonRpcTransport behavior with RestTransport's correct
implementation.

### Testing
- Verified the fix matches RestTransport's pattern
- Confirmed internal state and return value are now consistent

Release-As: 0.3.18
@a2a-bot
chore(main): release 0.3.18 (#567)
213d9f8 
🤖 I have created a release *beep* *boop*
---


##
[0.3.18](v0.3.17...v0.3.18)
(2025-11-24)


### Bug Fixes

* return updated `agent_card` in `JsonRpcTransport.get_card()`
([#552](#552))
([0ce239e](0ce239e))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
@sokoliva
fix(jsonrpc, rest): extensions support in get_card methods in `js…
847f18e 
…on-rpc` and `rest` transports (#564)

`Headers` are now updated with `extensions` before the `get_agent_card`
call which has headers as input parameters.

- [x] Follow the [`CONTRIBUTING`
Guide](https://github.com/a2aproject/a2a-python/blob/main/CONTRIBUTING.md).
- [x] Make your Pull Request title in the
<https://www.conventionalcommits.org/> specification.
- Important Prefixes for
[release-please](https://github.com/googleapis/release-please):
- `fix:` which represents bug fixes, and correlates to a
[SemVer](https://semver.org/) patch.
- `feat:` represents a new feature, and correlates to a SemVer minor.
- `feat!:`, or `fix!:`, `refactor!:`, etc., which represent a breaking
change (indicated by the `!`) and will result in a SemVer major.

Fixes #504 🦕

Release-As: 0.3.19
@a2a-bot
chore(main): release 0.3.19 (#568)
3bfbea9 
🤖 I have created a release *beep* *boop*
---


##
[0.3.19](v0.3.18...v0.3.19)
(2025-11-25)


### Bug Fixes

* **jsonrpc, rest:** `extensions` support in `get_card` methods in
`json-rpc` and `rest` transports
([#564](#564))
([847f18e](847f18e))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
@lkawka
fix: Improve streaming errors handling (#576)
7ea7475 
# Description

Refine error management for the streaming operation. Previously, errors
were converted into stream parts, resulting in the loss of status info.
The updated logic now first verifies if the request was successful; if
it failed, a client error is returned, preserving the relevant status
information.

- [x] Follow the [`CONTRIBUTING`
Guide](https://github.com/a2aproject/a2a-python/blob/main/CONTRIBUTING.md).
- [x] Make your Pull Request title in the
<https://www.conventionalcommits.org/> specification.
- Important Prefixes for
[release-please](https://github.com/googleapis/release-please):
- `fix:` which represents bug fixes, and correlates to a
[SemVer](https://semver.org/) patch.
- `feat:` represents a new feature, and correlates to a SemVer minor.
- `feat!:`, or `fix!:`, `refactor!:`, etc., which represent a breaking
change (indicated by the `!`) and will result in a SemVer major.
- [x] Ensure the tests and linter pass (Run `bash scripts/format.sh`
from the repository root to format)
- [x] Appropriate docs were updated (if necessary)

Fixes #502  🦕
@a2a-bot
chore(main): release 0.3.20 (#577)
174d58d 
🤖 I have created a release *beep* *boop*
---


##
[0.3.20](v0.3.19...v0.3.20)
(2025-12-03)


### Bug Fixes

* Improve streaming errors handling
([#576](#576))
([7ea7475](7ea7475))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
@didier-durand @gemini-code-assist
docs: Fixing typos (#586)
5fea21f 
# Description

Just fixing various typos discovered while reading code of the repo: see
commit diffs for details

Cheers

Didier

- [X] Follow the [`CONTRIBUTING`
Guide](https://github.com/a2aproject/a2a-python/blob/main/CONTRIBUTING.md).
- [X] Make your Pull Request title in the
<https://www.conventionalcommits.org/> specification.
- [X] Ensure the tests and linter pass (Run `bash scripts/format.sh`
from the repository root to format)
- [X] Appropriate docs were updated (if necessary)

Fixes #<issue_number_goes_here> 🦕

N/A

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
@sokoliva
feat: Implement Agent Card Signing and Verification per Spec (#581)
8a76730 
This PR introduces digital signatures for Agent Cards to ensure
authenticity and integrity, adhering to the A2A specification for [Agent
Card Signing (Section
8.4).](https://a2a-protocol.org/latest/specification/#84-agent-card-signing)

## Changes:
- Implement `Canonicalization` Logic (`src/a2a/utils/signing.py`)
- Add `Signing` and `Verification` Utilities
(`src/a2a/utils/signing.py`):
- `create_agent_card_signer` which generates an `agent_card_signer` for
signing `AgentCards`
- `create_signature_verifier` which generates a `signature_verifier` for
verification of `AgentCard` signatures
- Enable signature verification support for `json-rpc`, `rest` and
`gRPC` transports
- Add Protobuf Conversion for Signatures
(`src/a2a/utils/proto_utils.py`) ensuring `AgentCardSignature` can be
serialized and deserialized for gRPC transport
- Add related tests:
   - integration tests for fetching signed cards from the Server
   - unit tests for signing util
   - unit tests for protobuf conversions 



- [x] Follow the [`CONTRIBUTING`
Guide](https://github.com/a2aproject/a2a-python/blob/main/CONTRIBUTING.md).
- [x] Make your Pull Request title in the
<https://www.conventionalcommits.org/> specification.
- Important Prefixes for
[release-please](https://github.com/googleapis/release-please):
- `fix:` which represents bug fixes, and correlates to a
[SemVer](https://semver.org/) patch.
- `feat:` represents a new feature, and correlates to a SemVer minor.
- `feat!:`, or `fix!:`, `refactor!:`, etc., which represent a breaking
change (indicated by the `!`) and will result in a SemVer major.
- [x] Ensure the tests and linter pass (Run `bash scripts/format.sh`
from the repository root to format)
- [x] Appropriate docs were updated (if necessary)

Release-As: 0.3.21
@didier-durand
chore: Fixing typos (final round) (#588)
090ca9c 
# Description

Read further and discovered this additional (and final) set of typos
@a2a-bot
chore(main): release 0.3.21 (#587)
03fa4c2 
🤖 I have created a release *beep* *boop*
---


##
[0.3.21](v0.3.20...v0.3.21)
(2025-12-12)


### Documentation

* Fixing typos
([#586](#586))
([5fea21f](5fea21f))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
@chenweiyang0204
feat: Add custom ID generators to SimpleRequestContextBuilder (#594)
04bcafc 
# Description

This change allows passing custom `task_id_generator` and
`context_id_generator` functions to the `SimpleRequestContextBuilder`.

This provides flexibility in how task and context IDs are generated,
defaulting to the previous behavior if no generators are provided.

Thank you for opening a Pull Request!
Before submitting your PR, there are a few things you can do to make
sure it goes smoothly:

- [x] Follow the [`CONTRIBUTING`
Guide](https://github.com/a2aproject/a2a-python/blob/main/CONTRIBUTING.md).
- [x] Make your Pull Request title in the
<https://www.conventionalcommits.org/> specification.
- Important Prefixes for
[release-please](https://github.com/googleapis/release-please):
- `fix:` which represents bug fixes, and correlates to a
[SemVer](https://semver.org/) patch.
- `feat:` represents a new feature, and correlates to a SemVer minor.
- `feat!:`, or `fix!:`, `refactor!:`, etc., which represent a breaking
change (indicated by the `!`) and will result in a SemVer major.
- [x] Ensure the tests and linter pass (Run `bash scripts/format.sh`
from the repository root to format)
- [x] Appropriate docs were updated (if necessary)

Fixes #<issue_number_goes_here> 🦕
@didier-durand @lkawka
test: adding 2 additional tests to user.py (#595)
e12ca42 
# Description

Adding 2 more tests to user.py to improve build code coverage

- [X] Follow the [`CONTRIBUTING`
Guide](https://github.com/a2aproject/a2a-python/blob/main/CONTRIBUTING.md).
- [X] Make your Pull Request title in the
<https://www.conventionalcommits.org/> specification.
- [X] Ensure the tests and linter pass (Run `bash scripts/format.sh`
from the repository root to format)
- [N/A] Appropriate docs were updated (if necessary)

Fixes #<issue_number_goes_here> 🦕

N/A

---------

Co-authored-by: Lukasz Kawka <luk.kawka@gmail.com>
@didier-durand @lkawka
test: adding 21 tests for client/card_resolver.py (#592)
3deecc4 
# Description

Adding 21 tests for client/card_resolver.py

They all pass:

```
========================= test session starts ==============================
collecting ... collected 21 items

tests/client/test_card_resolver.py::TestA2ACardResolverInit::test_init_with_defaults PASSED [  4%]
tests/client/test_card_resolver.py::TestA2ACardResolverInit::test_init_with_custom_path PASSED [  9%]
tests/client/test_card_resolver.py::TestA2ACardResolverInit::test_init_strips_leading_slash_from_agent_card_path PASSED [ 14%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_success_default_path PASSED [ 19%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_success_custom_path PASSED [ 23%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_strips_leading_slash_from_relative_path PASSED [ 28%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_with_http_kwargs PASSED [ 33%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_root_path PASSED [ 38%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_http_status_error PASSED [ 42%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_json_decode_error PASSED [ 47%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_request_error PASSED [ 52%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_validation_error PASSED [ 57%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_logs_success PASSED [ 61%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_none_relative_path PASSED [ 66%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_empty_string_relative_path PASSED [ 71%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_different_status_codes[400] PASSED [ 76%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_different_status_codes[401] PASSED [ 80%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_different_status_codes[403] PASSED [ 85%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_different_status_codes[500] PASSED [ 90%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_different_status_codes[502] PASSED [ 95%]
tests/client/test_card_resolver.py::TestGetAgentCard::test_get_agent_card_returns_agent_card_instance PASSED [100%]

======================== 21 passed, 2 warnings in 0.11s ========================
```

- [X] Follow the [`CONTRIBUTING`
Guide](https://github.com/a2aproject/a2a-python/blob/main/CONTRIBUTING.md).
- [X] Make your Pull Request title in the
<https://www.conventionalcommits.org/> specification.
- [X] Ensure the tests and linter pass (Run `bash scripts/format.sh`
from the repository root to format)
- [N/A ] Appropriate docs were updated (if necessary)

Fixes #<issue_number_goes_here> 🦕

N/A

---------

Co-authored-by: Lukasz Kawka <luk.kawka@gmail.com>
@sokoliva
refactor: Move agent card signature verification into `A2ACardResolve…
6fa6a6c 
…r` (#593)

# Description

Previously, the `JSON-RPC` and `REST` protocols verified agent card
signatures after calling `A2ACardResolver.get_agent_card`. This change
moves the signature verification logic inside the
`A2ACardResolver.get_agent_card` method and adds a unit test to test_card_resolver.py


Thank you for opening a Pull Request!
Before submitting your PR, there are a few things you can do to make
sure it goes smoothly:

- [x] Follow the [`CONTRIBUTING`
Guide](https://github.com/a2aproject/a2a-python/blob/main/CONTRIBUTING.md).
- [x] Make your Pull Request title in the
<https://www.conventionalcommits.org/> specification.
- Important Prefixes for
[release-please](https://github.com/googleapis/release-please):
- `fix:` which represents bug fixes, and correlates to a
[SemVer](https://semver.org/) patch.
- `feat:` represents a new feature, and correlates to a SemVer minor.
- `feat!:`, or `fix!:`, `refactor!:`, etc., which represent a breaking
change (indicated by the `!`) and will result in a SemVer major.
- [x] Ensure the tests and linter pass (Run `bash scripts/format.sh`
from the repository root to format)
- [x] Appropriate docs were updated (if necessary)
@a2a-bot
chore(main): release 0.3.22 (#599)
86c6759 
🤖 I have created a release *beep* *boop*
---


##
[0.3.22](v0.3.21...v0.3.22)
(2025-12-16)


### Features

* Add custom ID generators to `SimpleRequestContextBuilder`
([#594](#594))
([04bcafc](04bcafc))


### Code Refactoring

* Move agent card signature verification into `A2ACardResolver`
([6fa6a6c](6fa6a6c))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
@didier-durand @gemini-code-assist @lkawka
test: adding 13 tests for id_generator.py (#591)
df78a94 
# Description

Adding 13 tests for server/tasks/id_generator.py

They all pass:

```
============================= test session starts ==============================
collecting ... collected 13 items

tests/server/tasks/test_id_generator.py::TestIDGeneratorContext::test_context_creation_with_all_fields PASSED [  7%]
tests/server/tasks/test_id_generator.py::TestIDGeneratorContext::test_context_creation_with_defaults PASSED [ 15%]
tests/server/tasks/test_id_generator.py::TestIDGeneratorContext::test_context_creation_with_partial_fields[kwargs0-task_123-None] PASSED [ 23%]
tests/server/tasks/test_id_generator.py::TestIDGeneratorContext::test_context_creation_with_partial_fields[kwargs1-None-context_456] PASSED [ 30%]
tests/server/tasks/test_id_generator.py::TestIDGeneratorContext::test_context_mutability PASSED [ 38%]
tests/server/tasks/test_id_generator.py::TestIDGeneratorContext::test_context_validation PASSED [ 46%]
tests/server/tasks/test_id_generator.py::TestIDGeneratorContext::TestIDGenerator::test_cannot_instantiate_abstract_class PASSED [ 53%]
tests/server/tasks/test_id_generator.py::TestIDGeneratorContext::TestIDGenerator::test_subclass_must_implement_generate PASSED [ 61%]
tests/server/tasks/test_id_generator.py::TestIDGeneratorContext::TestIDGenerator::test_valid_subclass_implementation PASSED [ 69%]
tests/server/tasks/test_id_generator.py::TestUUIDGenerator::test_generate_returns_string PASSED [ 76%]
tests/server/tasks/test_id_generator.py::TestUUIDGenerator::test_generate_produces_unique_ids PASSED [ 84%]
tests/server/tasks/test_id_generator.py::TestUUIDGenerator::test_generate_works_with_various_contexts[none_context] PASSED [ 92%]
tests/server/tasks/test_id_generator.py::TestUUIDGenerator::test_generate_works_with_various_contexts[empty_context] PASSED [100%]

============================== 13 passed in 0.04s ==============================
```

- [X] Follow the [`CONTRIBUTING`
Guide](https://github.com/a2aproject/a2a-python/blob/main/CONTRIBUTING.md).
- [X] Make your Pull Request title in the
<https://www.conventionalcommits.org/> specification.
- [X] Ensure the tests and linter pass (Run `bash scripts/format.sh`
from the repository root to format)
- [N/A] Appropriate docs were updated (if necessary)

Fixes #<issue_number_goes_here> 🦕

N/A

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Lukasz Kawka <luk.kawka@gmail.com>
@dependabot @lkawka
chore(deps): bump the github-actions group across 1 directory with 4 …
cb7cdb3 
…updates (#603)

Bumps the github-actions group with 4 updates in the / directory:
[actions/checkout](https://github.com/actions/checkout),
[actions/upload-artifact](https://github.com/actions/upload-artifact),
[actions/download-artifact](https://github.com/actions/download-artifact)
and
[peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).

Updates `actions/checkout` from 5 to 6
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>v6-beta by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2298">actions/checkout#2298</a></li>
<li>update readme/changelog for v6 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2311">actions/checkout#2311</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v5.0.0...v6.0.0">https://github.com/actions/checkout/compare/v5.0.0...v6.0.0</a></p>
<h2>v6-beta</h2>
<h2>What's Changed</h2>
<p>Updated persist-credentials to store the credentials under
<code>$RUNNER_TEMP</code> instead of directly in the local git
config.</p>
<p>This requires a minimum Actions Runner version of <a
href="https://github.com/actions/runner/releases/tag/v2.329.0">v2.329.0</a>
to access the persisted credentials for <a
href="https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action">Docker
container action</a> scenarios.</p>
<h2>v5.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v5...v5.0.1">https://github.com/actions/checkout/compare/v5...v5.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v6.0.0</h2>
<ul>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
</ul>
<h2>v5.0.1</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<h2>v5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>v4.3.1</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li>
</ul>
<h2>v4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8"><code>8e8c483</code></a>
Clarify v6 README (<a
href="https://redirect.github.com/actions/checkout/issues/2328">#2328</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1"><code>033fa0d</code></a>
Add worktree support for persist-credentials includeIf (<a
href="https://redirect.github.com/actions/checkout/issues/2327">#2327</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5"><code>c2d88d3</code></a>
Update all references from v5 and v4 to v6 (<a
href="https://redirect.github.com/actions/checkout/issues/2314">#2314</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3"><code>1af3b93</code></a>
update readme/changelog for v6 (<a
href="https://redirect.github.com/actions/checkout/issues/2311">#2311</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e"><code>71cf226</code></a>
v6-beta (<a
href="https://redirect.github.com/actions/checkout/issues/2298">#2298</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e"><code>069c695</code></a>
Persist creds to a separate file (<a
href="https://redirect.github.com/actions/checkout/issues/2286">#2286</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493"><code>ff7abcd</code></a>
Update README to include Node.js 24 support details and requirements (<a
href="https://redirect.github.com/actions/checkout/issues/2248">#2248</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/checkout/compare/v5...v6">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/upload-artifact` from 5 to 6
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<h2>v6 - What's new</h2>
<blockquote>
<p>[!IMPORTANT]
actions/upload-artifact@v6 now runs on Node.js 24 (<code>runs.using:
node24</code>) and requires a minimum Actions Runner version of 2.327.1.
If you are using self-hosted runners, ensure they are updated before
upgrading.</p>
</blockquote>
<h3>Node.js 24</h3>
<p>This release updates the runtime to Node.js 24. v5 had preliminary
support for Node.js 24, however this action was by default still running
on Node.js 20. Now this action by default will run on Node.js 24.</p>
<h2>What's Changed</h2>
<ul>
<li>Upload Artifact Node 24 support by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/719">actions/upload-artifact#719</a></li>
<li>fix: update <code>@​actions/artifact</code> for Node.js 24 punycode
deprecation by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/744">actions/upload-artifact#744</a></li>
<li>prepare release v6.0.0 for Node.js 24 support by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/745">actions/upload-artifact#745</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0">https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f"><code>b7c566a</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/745">#745</a>
from actions/upload-artifact-v6-release</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b"><code>e516bc8</code></a>
docs: correct description of Node.js 24 support in README</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/ddc45ed9bca9b38dbd643978d88e3981cdc91415"><code>ddc45ed</code></a>
docs: update README to correct action name for Node.js 24 support</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/615b319bd27bb32c3d64dca6b6ed6974d5fbe653"><code>615b319</code></a>
chore: release v6.0.0 for Node.js 24 support</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/017748b48f8610ca8e6af1222f4a618e84a9c703"><code>017748b</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/744">#744</a>
from actions/fix-storage-blob</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/38d4c7997f5510fcc41fc4aae2a6b97becdbe7fc"><code>38d4c79</code></a>
chore: rebuild dist</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/7d27270e0cfd253e666c44abac0711308d2d042f"><code>7d27270</code></a>
chore: add missing license cache files for <code>@​actions/core</code>,
<code>@​actions/io</code>, and mi...</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/5f643d3c9475505ccaf26d686ffbfb71a8387261"><code>5f643d3</code></a>
chore: update license files for <code>@​actions/artifact</code><a
href="https://github.com/5"><code>@​5</code></a>.0.1 dependencies</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/1df1684032c88614064493e1a0478fcb3583e1d0"><code>1df1684</code></a>
chore: update package-lock.json with <code>@​actions/artifact</code><a
href="https://github.com/5"><code>@​5</code></a>.0.1</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/b5b1a918401ee270935b6b1d857ae66c85f3be6f"><code>b5b1a91</code></a>
fix: update <code>@​actions/artifact</code> to ^5.0.0 for Node.js 24
punycode fix</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/upload-artifact/compare/v5...v6">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/download-artifact` from 6 to 7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0</h2>
<h2>v7 - What's new</h2>
<blockquote>
<p>[!IMPORTANT]
actions/download-artifact@v7 now runs on Node.js 24 (<code>runs.using:
node24</code>) and requires a minimum Actions Runner version of 2.327.1.
If you are using self-hosted runners, ensure they are updated before
upgrading.</p>
</blockquote>
<h3>Node.js 24</h3>
<p>This release updates the runtime to Node.js 24. v6 had preliminary
support for Node 24, however this action was by default still running on
Node.js 20. Now this action by default will run on Node.js 24.</p>
<h2>What's Changed</h2>
<ul>
<li>Update GHES guidance to include reference to Node 20 version by <a
href="https://github.com/patrikpolyak"><code>@​patrikpolyak</code></a>
in <a
href="https://redirect.github.com/actions/download-artifact/pull/440">actions/download-artifact#440</a></li>
<li>Download Artifact Node24 support by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/415">actions/download-artifact#415</a></li>
<li>fix: update <code>@​actions/artifact</code> to fix Node.js 24
punycode deprecation by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/451">actions/download-artifact#451</a></li>
<li>prepare release v7.0.0 for Node.js 24 support by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/452">actions/download-artifact#452</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/patrikpolyak"><code>@​patrikpolyak</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/440">actions/download-artifact#440</a></li>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/415">actions/download-artifact#415</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v6.0.0...v7.0.0">https://github.com/actions/download-artifact/compare/v6.0.0...v7.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/37930b1c2abaa49bbe596cd826c3c89aef350131"><code>37930b1</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/452">#452</a>
from actions/download-artifact-v7-release</li>
<li><a
href="https://github.com/actions/download-artifact/commit/72582b9e0acd370909e83fa4a1fd0fca3ad452d8"><code>72582b9</code></a>
doc: update readme</li>
<li><a
href="https://github.com/actions/download-artifact/commit/0d2ec9d4cbcefe257d822f108de2a1f15f8da9f6"><code>0d2ec9d</code></a>
chore: release v7.0.0 for Node.js 24 support</li>
<li><a
href="https://github.com/actions/download-artifact/commit/fd7ae8fda6dc16277a9ffbc91cdb0eedf156e912"><code>fd7ae8f</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/451">#451</a>
from actions/fix-storage-blob</li>
<li><a
href="https://github.com/actions/download-artifact/commit/d484700543354b15886d6a52910cf61b7f1d2b27"><code>d484700</code></a>
chore: restore minimatch.dep.yml license file</li>
<li><a
href="https://github.com/actions/download-artifact/commit/03a808050efe42bb6ad85281890afd4e4546672c"><code>03a8080</code></a>
chore: remove obsolete dependency license files</li>
<li><a
href="https://github.com/actions/download-artifact/commit/56fe6d904b0968950f8b68ea17774c54973ed5e2"><code>56fe6d9</code></a>
chore: update <code>@​actions/artifact</code> license file to 5.0.1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/8e3ebc4ab4d2e095e5eb44ba1a4a53b6b03976ad"><code>8e3ebc4</code></a>
chore: update package-lock.json with <code>@​actions/artifact</code><a
href="https://github.com/5"><code>@​5</code></a>.0.1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/1e3c4b4d4906c98ab57453c24efefdf16c078044"><code>1e3c4b4</code></a>
fix: update <code>@​actions/artifact</code> to ^5.0.0 for Node.js 24
punycode fix</li>
<li><a
href="https://github.com/actions/download-artifact/commit/458627d354794c71bc386c8d5839d20b5885fe2a"><code>458627d</code></a>
chore: use local <code>@​actions/artifact</code> package for Node.js 24
testing</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/download-artifact/compare/v6...v7">compare
view</a></li>
</ul>
</details>
<br />

Updates `peter-evans/create-pull-request` from 7 to 8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's
releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v8.0.0</h2>
<h2>What's new in v8</h2>
<ul>
<li>Requires <a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions
Runner v2.327.1</a> or later if you are using a self-hosted runner for
Node 24 support.</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>chore: Update checkout action version to v6 by <a
href="https://github.com/yonas"><code>@​yonas</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4258">peter-evans/create-pull-request#4258</a></li>
<li>Update actions/checkout references to <a
href="https://github.com/v6"><code>@​v6</code></a> in docs by <a
href="https://github.com/Copilot"><code>@​Copilot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4259">peter-evans/create-pull-request#4259</a></li>
<li>feat: v8 by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4260">peter-evans/create-pull-request#4260</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/yonas"><code>@​yonas</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4258">peter-evans/create-pull-request#4258</a></li>
<li><a href="https://github.com/Copilot"><code>@​Copilot</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4259">peter-evans/create-pull-request#4259</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v7.0.11...v8.0.0">https://github.com/peter-evans/create-pull-request/compare/v7.0.11...v8.0.0</a></p>
<h2>Create Pull Request v7.0.11</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: restrict remote prune to self-hosted runners by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4250">peter-evans/create-pull-request#4250</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v7.0.10...v7.0.11">https://github.com/peter-evans/create-pull-request/compare/v7.0.10...v7.0.11</a></p>
<h2>Create Pull Request v7.0.10</h2>
<p>⚙️ Fixes an issue where updating a pull request failed when targeting
a forked repository with the same owner as its parent.</p>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump the github-actions group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4235">peter-evans/create-pull-request#4235</a></li>
<li>build(deps-dev): bump prettier from 3.6.2 to 3.7.3 in the npm group
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4240">peter-evans/create-pull-request#4240</a></li>
<li>fix: provider list pulls fallback for multi fork same owner by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4245">peter-evans/create-pull-request#4245</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/obnyis"><code>@​obnyis</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4064">peter-evans/create-pull-request#4064</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v7.0.9...v7.0.10">https://github.com/peter-evans/create-pull-request/compare/v7.0.9...v7.0.10</a></p>
<h2>Create Pull Request v7.0.9</h2>
<p>⚙️ Fixes an <a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4228">incompatibility</a>
with the recently released <code>actions/checkout@v6</code>.</p>
<h2>What's Changed</h2>
<ul>
<li>~70 dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>docs: fix workaround description about <code>ready_for_review</code>
by <a href="https://github.com/ybiquitous"><code>@​ybiquitous</code></a>
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3939">peter-evans/create-pull-request#3939</a></li>
<li>Docs: <code>add-paths</code> default behavior by <a
href="https://github.com/joeflack4"><code>@​joeflack4</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3928">peter-evans/create-pull-request#3928</a></li>
<li>docs: update to create-github-app-token v2 by <a
href="https://github.com/Goooler"><code>@​Goooler</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4063">peter-evans/create-pull-request#4063</a></li>
<li>Fix compatibility with actions/checkout@v6 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4230">peter-evans/create-pull-request#4230</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/joeflack4"><code>@​joeflack4</code></a>
made their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3928">peter-evans/create-pull-request#3928</a></li>
<li><a href="https://github.com/Goooler"><code>@​Goooler</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4063">peter-evans/create-pull-request#4063</a></li>
<li><a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4230">peter-evans/create-pull-request#4230</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/98357b18bf14b5342f975ff684046ec3b2a07725"><code>98357b1</code></a>
feat: v8 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4260">#4260</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/41c0e4b7899a4a0922bf899d64c5f25738cfe356"><code>41c0e4b</code></a>
Update actions/checkout references to <a
href="https://github.com/v6"><code>@​v6</code></a> in docs (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4259">#4259</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/994332de4c8124517167807167073cf397678768"><code>994332d</code></a>
chore: Update checkout action version to v6 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4258">#4258</a>)</li>
<li>See full diff in <a
href="https://github.com/peter-evans/create-pull-request/compare/v7...v8">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lukasz Kawka <luk.kawka@gmail.com>
@lkawka lkawka requested a review from a team as a code owner January 16, 2026 10:29
@gemini-code-assist
Copy link
Contributor

gemini-code-assist bot commented Jan 16, 2026

Summary of Changes

Hello @lkawka, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the security and flexibility of the A2A SDK by introducing agent card signing and verification, allowing clients to cryptographically validate the authenticity of agent metadata. It also refines client-side message sending with per-call configuration options and improves server-side request context management through customizable ID generation. Additionally, several minor bug fixes and documentation improvements contribute to overall stability and clarity.

Highlights

  • Agent Card Signing & Verification: Implemented JSON Web Signature (JWS) based signing and verification for Agent Cards, enhancing security and trust in agent interactions. This includes a new signing.py module, PyJWT dependency, and integration across client transports and card resolution logic.
  • Per-Call Message Configuration: Added the ability to override message sending behavior (e.g., history length, blocking, accepted output modes) on a per-call basis in BaseClient.send_message, providing greater flexibility for client interactions.
  • Custom ID Generation: Introduced an IDGenerator interface and a UUIDGenerator implementation, allowing for customizable task and context ID generation within the SimpleRequestContextBuilder on the server side.
  • Improved Error Handling: Enhanced streaming error handling in JSON-RPC and REST transports to more effectively catch and propagate httpx.HTTPStatusError exceptions, leading to more robust client-server communication.
Ignored Files
  • Ignored by pattern: .github/workflows/** (5)
    • .github/workflows/linter.yaml
    • .github/workflows/python-publish.yml
    • .github/workflows/stale.yaml
    • .github/workflows/unit-tests.yml
    • .github/workflows/update-a2a-types.yml
  • Ignored by pattern: CHANGELOG.md (1)
    • CHANGELOG.md
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Jan 16, 2026
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a major feature for agent card signing and verification using JWT, along with several other improvements. The changes include adding a new signing utility, updating dependencies, and modifying client transports and factories to support signature verification. Additionally, there are enhancements to configuration handling, error management in streaming, and several minor typo and grammar fixes. The new functionality is well-tested with new unit and integration tests.

My review includes a critical fix for a potential data loss bug in the new canonicalization helper function and several minor suggestions for typo fixes and code cleanup.

src/a2a/utils/helpers.py
cleaned_dict: dict[Any, Any] = {
k: _clean_empty(v) for k, v in d.items()
}
return {k: v for k, v in cleaned_dict.items() if v}
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

The condition if v to filter dictionary values will incorrectly remove falsy values such as 0 or False. This could lead to unintended data loss during canonicalization. To fix this, you should explicitly check if the value is not None.

Suggested change
return {k: v for k, v in cleaned_dict.items() if v}
return {k: v for k, v in cleaned_dict.items() if v is not None}

src/a2a/utils/helpers.py
return {k: v for k, v in cleaned_dict.items() if v}
if isinstance(d, list):
cleaned_list: list[Any] = [_clean_empty(v) for v in d]
return [v for v in cleaned_list if v]
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

Similar to the dictionary filtering, the condition if v for list filtering will incorrectly remove falsy values like 0 or False. This should be changed to if v is not None to avoid data loss.

Suggested change
return [v for v in cleaned_list if v]
return [v for v in cleaned_list if v is not None]

Gemini.md

## How to run all tests
1. If dependencies are not installed install them using following command
1. If dependencies are not installed, install them using the following command
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

low

This change adds a comma for better readability, which is a good grammatical correction.

tests/utils/test_signing.py
Comment on lines +1 to +11
from a2a.types import (
AgentCard,
AgentCapabilities,
AgentSkill,
)
from a2a.types import (
AgentCard,
AgentCapabilities,
AgentSkill,
AgentCardSignature,
)
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

low

The imports from a2a.types are duplicated. You can combine them into a single block for better readability.

from a2a.types import (
    AgentCard,
    AgentCapabilities,
    AgentSkill,
    AgentCardSignature,
)

ishymko and others added 5 commits January 20, 2026 10:24
@ishymko
ci: disable automatic PRs for spec updates (#628)
fdbf22f 
# Description

Currently it creates a lot of noise from broken PRs:
https://github.com/a2aproject/a2a-python/pulls/a2a-bot.

While we're migrating to 1.0 spec we're not benefiting from this
automation. `workflow_dispatch` (manual run) is still available.
@ishymko
ci: fix not committed uv.lock and use uv sync --locked (#637)
1b361b5 
# Description

Doing `uv sync` now updates `uv.lock` with `pyjwt` added in #581. Commit
updated file and update CI to fail on inconsistent `uv.lock` via
`--locked`.

Tested via
e6df935:
[failed CI
run](https://github.com/a2aproject/a2a-python/actions/runs/21206882696/job/61005414117?pr=637).
@ishymko @github-advanced-security @holtskinner
ci: run mandatory and capabilities TCK tests for JSON-RPC transport (#…
6e26ae1 
…638)

# Description

Run TCK tests with `mandatory` and `capabilities` categories for
JSON-RPC transport (GRPC and REST fail at the moment).

Re #639

---------

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: Holt Skinner <13262395+holtskinner@users.noreply.github.com>
@dependabot @ishymko
chore(deps): bump virtualenv from 20.32.0 to 20.36.1 (#634)
c7a3de8 
Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.32.0 to
20.36.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/virtualenv/releases">virtualenv's
releases</a>.</em></p>
<blockquote>
<h2>20.36.1</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>release 20.36.0 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/3011">pypa/virtualenv#3011</a></li>
<li>fix: resolve TOCTOU vulnerabilities in app_data and lock directory
creation by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/3013">pypa/virtualenv#3013</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/virtualenv/compare/20.36.0...20.36.1">https://github.com/pypa/virtualenv/compare/20.36.0...20.36.1</a></p>
<h2>20.36.0</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>release 20.35.3 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2981">pypa/virtualenv#2981</a></li>
<li>fix: Prevent NameError when accessing _DISTUTILS_PATCH during file
ov… by <a href="https://github.com/gracetyy"><code>@​gracetyy</code></a>
in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2982">pypa/virtualenv#2982</a></li>
<li>Upgrade pip and fix 3.15 picking old wheel by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2989">pypa/virtualenv#2989</a></li>
<li>release 20.35.4 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2990">pypa/virtualenv#2990</a></li>
<li>fix: wrong path on migrated venv by <a
href="https://github.com/sk1234567891"><code>@​sk1234567891</code></a>
in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2996">pypa/virtualenv#2996</a></li>
<li>test_too_many_open_files: assert on <code>errno.EMFILE</code>
instead of <code>strerror</code> by <a
href="https://github.com/pltrz"><code>@​pltrz</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/3001">pypa/virtualenv#3001</a></li>
<li>fix: update filelock dependency version to 3.20.1 to fix CVE
CVE-2025-68146 by <a
href="https://github.com/pythonhubdev"><code>@​pythonhubdev</code></a>
in <a
href="https://redirect.github.com/pypa/virtualenv/pull/3002">pypa/virtualenv#3002</a></li>
<li>fix: resolve EncodingWarning in tox upgrade environment by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/3007">pypa/virtualenv#3007</a></li>
<li>Fix Interpreter discovery bug wrt. Microsoft Store shortcut using
Latin-1 by <a
href="https://github.com/rahuldevikar"><code>@​rahuldevikar</code></a>
in <a
href="https://redirect.github.com/pypa/virtualenv/pull/3006">pypa/virtualenv#3006</a></li>
<li>Add support for PEP 440 version specifiers in the
<code>--python</code> flag. by <a
href="https://github.com/rahuldevikar"><code>@​rahuldevikar</code></a>
in <a
href="https://redirect.github.com/pypa/virtualenv/pull/3008">pypa/virtualenv#3008</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/gracetyy"><code>@​gracetyy</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2982">pypa/virtualenv#2982</a></li>
<li><a
href="https://github.com/sk1234567891"><code>@​sk1234567891</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2996">pypa/virtualenv#2996</a></li>
<li><a href="https://github.com/pltrz"><code>@​pltrz</code></a> made
their first contribution in <a
href="https://redirect.github.com/pypa/virtualenv/pull/3001">pypa/virtualenv#3001</a></li>
<li><a
href="https://github.com/pythonhubdev"><code>@​pythonhubdev</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/virtualenv/pull/3002">pypa/virtualenv#3002</a></li>
<li><a
href="https://github.com/rahuldevikar"><code>@​rahuldevikar</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/virtualenv/pull/3006">pypa/virtualenv#3006</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/virtualenv/compare/20.35.3...20.36.0">https://github.com/pypa/virtualenv/compare/20.35.3...20.36.0</a></p>
<h2>20.35.4</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>release 20.35.3 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2981">pypa/virtualenv#2981</a></li>
<li>fix: Prevent NameError when accessing _DISTUTILS_PATCH during file
ov… by <a href="https://github.com/gracetyy"><code>@​gracetyy</code></a>
in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2982">pypa/virtualenv#2982</a></li>
<li>Upgrade pip and fix 3.15 picking old wheel by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2989">pypa/virtualenv#2989</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/gracetyy"><code>@​gracetyy</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2982">pypa/virtualenv#2982</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/virtualenv/compare/20.35.3...20.35.4">https://github.com/pypa/virtualenv/compare/20.35.3...20.35.4</a></p>
<h2>20.35.3</h2>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's
changelog</a>.</em></p>
<blockquote>
<h2>v20.36.1 (2026-01-09)</h2>
<p>Bugfixes - 20.36.1</p>
<pre><code>- Fix TOCTOU vulnerabilities in app_data and lock directory
creation that could be exploited via symlink attacks - reported by
:user:`tsigouris007`, fixed by :user:`gaborbernat`. (:issue:`3013`)
<h2>v20.36.0 (2026-01-07)</h2>
<p>Features - 20.36.0
</code></pre></p>
<ul>
<li>Add support for PEP 440 version specifiers in the
<code>--python</code> flag. Users can now specify Python versions using
operators like <code>&gt;=</code>, <code>&lt;=</code>, <code>~=</code>,
etc. For example: <code>virtualenv --python=&quot;&gt;=3.12&quot;
myenv</code> <code>. (:issue:</code>2994`)</li>
</ul>
<h2>v20.35.4 (2025-10-28)</h2>
<p>Bugfixes - 20.35.4</p>
<pre><code>- Fix race condition in ``_virtualenv.py`` when file is
overwritten during import, preventing ``NameError`` when
``_DISTUTILS_PATCH`` is accessed - by :user:`gracetyy`. (:issue:`2969`)
- Upgrade embedded wheels:
<ul>
<li>pip to <code>25.3</code> from <code>25.2</code>
(:issue:<code>2989</code>)</li>
</ul>
<h2>v20.35.3 (2025-10-10)</h2>
<p>Bugfixes - 20.35.3
</code></pre></p>
<ul>
<li>Accept RuntimeError in <code>test_too_many_open_files</code>, by
:user:<code>esafak</code> (:issue:<code>2935</code>)</li>
</ul>
<h2>v20.35.2 (2025-10-10)</h2>
<p>Bugfixes - 20.35.2</p>
<pre><code>- Revert out changes related to the extraction of the
discovery module - by :user:`gaborbernat`. (:issue:`2978`)
<h2>v20.35.1 (2025-10-09)</h2>
<p>Bugfixes - 20.35.1
</code></pre></p>
<ul>
<li>Patch get_interpreter to handle missing cache and app_data - by
:user:<code>esafak</code> (:issue:<code>2972</code>)</li>
<li>Fix backwards incompatible changes to <code>PythonInfo</code> - by
:user:<code>gaborbernat</code>. (:issue:<code>2975</code>)</li>
</ul>
<h2>v20.35.0 (2025-10-08)</h2>
<p>Features - 20.35.0</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/virtualenv/commit/d0ad11d1146e81ea74d2461be9653f1da9cf3fd1"><code>d0ad11d</code></a>
release 20.36.1</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/dec4cec5d16edaf83a00a658f32d1e032661cebc"><code>dec4cec</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/virtualenv/issues/3013">#3013</a>
from gaborbernat/fix-sec</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/5fe5d38beb1273b489591a7b444f1018af2edf0a"><code>5fe5d38</code></a>
release 20.36.0 (<a
href="https://redirect.github.com/pypa/virtualenv/issues/3011">#3011</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/9719376addaa710b61d9ed013774fa26f6224b4e"><code>9719376</code></a>
release 20.36.0</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/0276db6fcf8849c519d75465f659b12aefb2acd8"><code>0276db6</code></a>
Add support for PEP 440 version specifiers in the <code>--python</code>
flag. (<a
href="https://redirect.github.com/pypa/virtualenv/issues/3008">#3008</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/4f900c29044e17812981b5b98ddce45604858b7f"><code>4f900c2</code></a>
Fix Interpreter discovery bug wrt. Microsoft Store shortcut using
Latin-1 (<a
href="https://redirect.github.com/pypa/virtualenv/issues/3">#3</a>...</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/13afcc62a3444d0386c8031d0a62277a8274ab07"><code>13afcc6</code></a>
fix: resolve EncodingWarning in tox upgrade environment (<a
href="https://redirect.github.com/pypa/virtualenv/issues/3007">#3007</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/31b5d31581df3e3a7bbc55e52568b26dd01b0d57"><code>31b5d31</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2997">#2997</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/7c284221b4751388801355fc6ebaa2abe60427bd"><code>7c28422</code></a>
fix: update filelock dependency version to 3.20.1 to fix CVE
CVE-2025-68146 (...</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/365628c544cd5498fbf0a3b6c6a8c1f41d25a749"><code>365628c</code></a>
test_too_many_open_files: assert on <code>errno.EMFILE</code> instead of
<code>strerror</code> (<a
href="https://redirect.github.com/pypa/virtualenv/issues/3001">#3001</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/virtualenv/compare/20.32.0...20.36.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=uv&previous-version=20.32.0&new-version=20.36.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/a2aproject/a2a-python/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ivan Shymko <vana.shimko@gmail.com>
@holtskinner
docs: Update README to include Code Wiki badge
2698cc0
ishymko and others added 3 commits January 22, 2026 17:45
@ishymko @holtskinner
fix: do not crash on SSE comment line (#636)
3dcb847 
# Description

The cause is florimondmanca/httpx-sse#35:
using comments among events with `id` field causes `httpx-sse` to emit
an event with empty data.

Although according to [the standard (item
2)](https://html.spec.whatwg.org/multipage/server-sent-events.html#dispatchMessage)
empty `buffer` shouldn't produce an event, with the way how `httpx-sse`
API is defined it may still be reasonable to emit an object with just
`retry` field for instance so that consumer could handle it. [The
standard](https://html.spec.whatwg.org/multipage/server-sent-events.html#event-stream-interpretation)
defines `retry` field handling outside of events dispatching, so in the
context of this library it's up to the client (see
[here](https://github.com/florimondmanca/httpx-sse?tab=readme-ov-file#handling-reconnections)).
That being said, even if comment handling bug is fixed, it still makes
sense to add this check against `data` field unconditionally without any
TODOs.

Tested by mocking one level lower to put `httpx-sse` under test as well
as it's an integration issue.

Fixes #540

---------

Co-authored-by: Holt Skinner <13262395+holtskinner@users.noreply.github.com>
@holtskinner
ci: Change uv dependabot to group all updates into single PR
0cf670d
@dependabot
chore(deps): bump the all group with 27 updates (#642)
12fd75c 
Bumps the all group with 27 updates:

| Package | From | To |
| --- | --- | --- |
| [httpx-sse](https://github.com/florimondmanca/httpx-sse) | `0.4.1` |
`0.4.3` |
| [pydantic](https://github.com/pydantic/pydantic) | `2.11.7` | `2.12.5`
|
| [protobuf](https://github.com/protocolbuffers/protobuf) | `5.29.5` |
`6.33.4` |
| [google-api-core](https://github.com/googleapis/python-api-core) |
`2.25.1` | `2.29.0` |
| [fastapi](https://github.com/fastapi/fastapi) | `0.116.1` | `0.128.0`
|
| [sse-starlette](https://github.com/sysid/sse-starlette) | `3.0.2` |
`3.2.0` |
| [starlette](https://github.com/Kludex/starlette) | `0.47.2` | `0.50.0`
|
| [cryptography](https://github.com/pyca/cryptography) | `45.0.5` |
`46.0.3` |
| [grpcio](https://github.com/grpc/grpc) | `1.74.0` | `1.76.0` |
| [grpcio-tools](https://github.com/grpc/grpc) | `1.71.2` | `1.74.0` |
| [grpcio-reflection](https://grpc.io) | `1.71.2` | `1.74.0` |
|
[opentelemetry-api](https://github.com/open-telemetry/opentelemetry-python)
| `1.36.0` | `1.39.1` |
|
[opentelemetry-sdk](https://github.com/open-telemetry/opentelemetry-python)
| `1.36.0` | `1.39.1` |
|
[datamodel-code-generator](https://github.com/koxudaxi/datamodel-code-generator)
| `0.32.0` | `0.53.0` |
| [mypy](https://github.com/python/mypy) | `1.17.1` | `1.19.1` |
| [pytest](https://github.com/pytest-dev/pytest) | `8.4.1` | `9.0.2` |
| [pytest-asyncio](https://github.com/pytest-dev/pytest-asyncio) |
`1.1.0` | `1.3.0` |
| [pytest-cov](https://github.com/pytest-dev/pytest-cov) | `6.2.1` |
`7.0.0` |
| [pytest-mock](https://github.com/pytest-dev/pytest-mock) | `3.14.1` |
`3.15.1` |
| [ruff](https://github.com/astral-sh/ruff) | `0.12.8` | `0.14.13` |
|
[uv-dynamic-versioning](https://github.com/ninoseki/uv-dynamic-versioning)
| `0.8.2` | `0.13.0` |
| [types-protobuf](https://github.com/typeshed-internal/stub_uploader) |
`6.30.2.20250703` | `6.32.1.20251210` |
| [types-requests](https://github.com/typeshed-internal/stub_uploader) |
`2.32.4.20250611` | `2.32.4.20260107` |
| [pre-commit](https://github.com/pre-commit/pre-commit) | `4.2.0` |
`4.5.1` |
| [pyupgrade](https://github.com/asottile/pyupgrade) | `3.20.0` |
`3.21.2` |
| [trio](https://github.com/python-trio/trio) | `0.30.0` | `0.32.0` |
| [uvicorn](https://github.com/Kludex/uvicorn) | `0.38.0` | `0.40.0` |

Updates `httpx-sse` from 0.4.1 to 0.4.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/florimondmanca/httpx-sse/releases">httpx-sse's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.4.3</h2>
<h2>0.4.3 - 2025-10-10</h2>
<h3>Fixed</h3>
<ul>
<li>Fix performance issue introduced by the improved line parsing from
release 0.4.2. (Pull <a
href="https://redirect.github.com/florimondmanca/httpx-sse/issues/40">#40</a>)</li>
</ul>
<h2>Version 0.4.2</h2>
<h2>0.4.2 - 2025-10-07</h2>
<h3>Fixed</h3>
<ul>
<li>Fix incorrect newline parsing that was not compliant with SSE spec.
(Pull <a
href="https://redirect.github.com/florimondmanca/httpx-sse/issues/37">#37</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/florimondmanca/httpx-sse/blob/master/CHANGELOG.md">httpx-sse's
changelog</a>.</em></p>
<blockquote>
<h2>0.4.3 - 2025-10-10</h2>
<h3>Fixed</h3>
<ul>
<li>Fix performance issue introduced by the improved line parsing from
release 0.4.2. (Pull <a
href="https://redirect.github.com/florimondmanca/httpx-sse/issues/40">#40</a>)</li>
</ul>
<h2>0.4.2 - 2025-10-07</h2>
<h3>Fixed</h3>
<ul>
<li>Fix incorrect newline parsing that was not compliant with SSE spec.
(Pull <a
href="https://redirect.github.com/florimondmanca/httpx-sse/issues/37">#37</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/florimondmanca/httpx-sse/commit/e8fcd9e159066185963ffb9fa29efb8ba2ca84bf"><code>e8fcd9e</code></a>
Version 0.4.3 (<a
href="https://redirect.github.com/florimondmanca/httpx-sse/issues/41">#41</a>)</li>
<li><a
href="https://github.com/florimondmanca/httpx-sse/commit/6339349ef44add55654daf58776e753554a8dbd6"><code>6339349</code></a>
Update CHANGELOG.md</li>
<li><a
href="https://github.com/florimondmanca/httpx-sse/commit/4787b4f846cf24c75980611b026e5d60213cd2df"><code>4787b4f</code></a>
Refactor _splitlines_sse to improve efficiency (<a
href="https://redirect.github.com/florimondmanca/httpx-sse/issues/40">#40</a>)</li>
<li><a
href="https://github.com/florimondmanca/httpx-sse/commit/c3dd81af12687f5243243223ac1a89d47c0cf9f6"><code>c3dd81a</code></a>
Version 0.4.2 (<a
href="https://redirect.github.com/florimondmanca/httpx-sse/issues/39">#39</a>)</li>
<li><a
href="https://github.com/florimondmanca/httpx-sse/commit/6297588229e0a213f170101516e41102d7c7647a"><code>6297588</code></a>
Changelog for Version 0.4.2</li>
<li><a
href="https://github.com/florimondmanca/httpx-sse/commit/1ccc0958f5786fe66c0d220ef53e70ddb2158e1b"><code>1ccc095</code></a>
SSE spec compliant line parsing (<a
href="https://redirect.github.com/florimondmanca/httpx-sse/issues/37">#37</a>)</li>
<li>See full diff in <a
href="https://github.com/florimondmanca/httpx-sse/compare/0.4.1...0.4.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `pydantic` from 2.11.7 to 2.12.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/releases">pydantic's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.5 2025-11-26</h2>
<h2>v2.12.5 (2025-11-26)</h2>
<p>This is the fifth 2.12 patch release, addressing an issue with the
<code>MISSING</code> sentinel and providing several documentation
improvements.</p>
<p>The next 2.13 minor release will be published in a couple weeks, and
will include a new <em>polymorphic serialization</em> feature addressing
the remaining unexpected changes to the <em>serialize as any</em>
behavior.</p>
<ul>
<li>Fix pickle error when using <code>model_construct()</code> on a
model with <code>MISSING</code> as a default value by <a
href="https://github.com/ornariece"><code>@​ornariece</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12522">#12522</a>.</li>
<li>Several updates to the documentation by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a>.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic/compare/v2.12.4...v2.12.5">https://github.com/pydantic/pydantic/compare/v2.12.4...v2.12.5</a></p>
<h2>v2.12.4 2025-11-05</h2>
<h2>v2.12.4 (2025-11-05)</h2>
<p>This is the fourth 2.12 patch release, fixing more regressions, and
reverting a change in the <code>build()</code> method
of the <a
href="https://docs.pydantic.dev/latest/api/networks/"><code>AnyUrl</code>
and Dsn types</a>.</p>
<p>This patch release also fixes an issue with the serialization of IP
address types, when <code>serialize_as_any</code> is used. The next
patch release
will try to address the remaining issues with <em>serialize as any</em>
behavior by introducing a new <em>polymorphic serialization</em>
feature, that
should be used in most cases in place of <em>serialize as any</em>.</p>
<ul>
<li>
<p>Fix issue with forward references in parent <code>TypedDict</code>
classes by <a href="https://github.com/Viicos"><code>@​Viicos</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12427">#12427</a>.</p>
<p>This issue is only relevant on Python 3.14 and greater.</p>
</li>
<li>
<p>Exclude fields with <code>exclude_if</code> from JSON Schema required
fields by <a href="https://github.com/Viicos"><code>@​Viicos</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12430">#12430</a></p>
</li>
<li>
<p>Revert URL percent-encoding of credentials in the
<code>build()</code> method of the <a
href="https://docs.pydantic.dev/latest/api/networks/"><code>AnyUrl</code>
and Dsn types</a> by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1833">pydantic-core#1833</a>.</p>
<p>This was initially considered as a bugfix, but caused regressions and
as such was fully reverted. The next release will include
an opt-in option to percent-encode components of the URL.</p>
</li>
<li>
<p>Add type inference for IP address types by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1868">pydantic-core#1868</a>.</p>
<p>The 2.12 changes to the <code>serialize_as_any</code> behavior made
it so that IP address types could not properly serialize to JSON.</p>
</li>
<li>
<p>Avoid getting default values from defaultdict by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1853">pydantic-core#1853</a>.</p>
<p>This fixes a subtle regression in the validation behavior of the <a
href="https://docs.python.org/3/library/collections.html#collections.defaultdict"><code>collections.defaultdict</code></a>
type.</p>
</li>
<li>
<p>Fix issue with field serializers on nested typed dictionaries by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1879">pydantic-core#1879</a>.</p>
</li>
<li>
<p>Add more <code>pydantic-core</code> builds for the three-threaded
version of Python 3.14 by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1864">pydantic-core#1864</a>.</p>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic/compare/v2.12.3...v2.12.4">https://github.com/pydantic/pydantic/compare/v2.12.3...v2.12.4</a></p>
<h2>v2.12.3 2025-10-17</h2>
<h2>v2.12.3 (2025-10-17)</h2>
<h3>What's Changed</h3>
<p>This is the third 2.13 patch release, fixing issues related to the
<code>FieldInfo</code> class, and reverting a change to the supported <a
href="https://docs.pydantic.dev/latest/concepts/validators/#model-validators"><em>after</em>
model validator</a> function signatures.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/blob/main/HISTORY.md">pydantic's
changelog</a>.</em></p>
<blockquote>
<h2>v2.12.5 (2025-11-26)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.5">GitHub
release</a></p>
<p>This is the fifth 2.12 patch release, addressing an issue with the
<code>MISSING</code> sentinel and providing several documentation
improvements.</p>
<p>The next 2.13 minor release will be published in a couple weeks, and
will include a new <em>polymorphic serialization</em> feature addressing
the remaining unexpected changes to the <em>serialize as any</em>
behavior.</p>
<ul>
<li>Fix pickle error when using <code>model_construct()</code> on a
model with <code>MISSING</code> as a default value by <a
href="https://github.com/ornariece"><code>@​ornariece</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12522">#12522</a>.</li>
<li>Several updates to the documentation by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a>.</li>
</ul>
<h2>v2.12.4 (2025-11-05)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.4">GitHub
release</a></p>
<p>This is the fourth 2.12 patch release, fixing more regressions, and
reverting a change in the <code>build()</code> method
of the <a
href="https://docs.pydantic.dev/latest/api/networks/"><code>AnyUrl</code>
and Dsn types</a>.</p>
<p>This patch release also fixes an issue with the serialization of IP
address types, when <code>serialize_as_any</code> is used. The next
patch release
will try to address the remaining issues with <em>serialize as any</em>
behavior by introducing a new <em>polymorphic serialization</em>
feature, that
should be used in most cases in place of <em>serialize as any</em>.</p>
<ul>
<li>
<p>Fix issue with forward references in parent <code>TypedDict</code>
classes by <a href="https://github.com/Viicos"><code>@​Viicos</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12427">#12427</a>.</p>
<p>This issue is only relevant on Python 3.14 and greater.</p>
</li>
<li>
<p>Exclude fields with <code>exclude_if</code> from JSON Schema required
fields by <a href="https://github.com/Viicos"><code>@​Viicos</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12430">#12430</a></p>
</li>
<li>
<p>Revert URL percent-encoding of credentials in the
<code>build()</code> method
of the <a
href="https://docs.pydantic.dev/latest/api/networks/"><code>AnyUrl</code>
and Dsn types</a> by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1833">pydantic-core#1833</a>.</p>
<p>This was initially considered as a bugfix, but caused regressions and
as such was fully reverted. The next release will include
an opt-in option to percent-encode components of the URL.</p>
</li>
<li>
<p>Add type inference for IP address types by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1868">pydantic-core#1868</a>.</p>
<p>The 2.12 changes to the <code>serialize_as_any</code> behavior made
it so that IP address types could not properly serialize to JSON.</p>
</li>
<li>
<p>Avoid getting default values from defaultdict by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1853">pydantic-core#1853</a>.</p>
<p>This fixes a subtle regression in the validation behavior of the <a
href="https://docs.python.org/3/library/collections.html#collections.defaultdict"><code>collections.defaultdict</code></a>
type.</p>
</li>
<li>
<p>Fix issue with field serializers on nested typed dictionaries by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1879">pydantic-core#1879</a>.</p>
</li>
<li>
<p>Add more <code>pydantic-core</code> builds for the three-threaded
version of Python 3.14 by <a
href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1864">pydantic-core#1864</a>.</p>
</li>
</ul>
<h2>v2.12.3 (2025-10-17)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.3">GitHub
release</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pydantic/pydantic/commit/bd2d0dd0137dfa1a8fdff2529b9dfb1547980150"><code>bd2d0dd</code></a>
Prepare release v2.12.5</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/7d0302ec7ec2cf115de3450a615522875bdd8b56"><code>7d0302e</code></a>
Document security implications when using
<code>create_model()</code></li>
<li><a
href="https://github.com/pydantic/pydantic/commit/e9ef980def726b6f59b6c495ddc9dc259a0228db"><code>e9ef980</code></a>
Fix typo in Standard Library Types documentation</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/f2c20c00c265a31a13c48f9bae923a87c829952e"><code>f2c20c0</code></a>
Add <code>pydantic-docs</code> dev dependency, make use of versioning
blocks</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/a76c1aa26f2d64a3fd080ac515d80832689197e8"><code>a76c1aa</code></a>
Update documentation about JSON Schema</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/8cbc72ca489891e574fba45238ee8bd4f8e719a2"><code>8cbc72c</code></a>
Add documentation about custom <code>__init__()</code></li>
<li><a
href="https://github.com/pydantic/pydantic/commit/99eba599069da137b3f708ffa74627f2b456ba73"><code>99eba59</code></a>
Add additional test for <code>FieldInfo.get_default()</code></li>
<li><a
href="https://github.com/pydantic/pydantic/commit/c71076988e507ea93844c77c3bf0bbb85a5716af"><code>c710769</code></a>
Special case <code>MISSING</code> sentinel in
<code>smart_deepcopy()</code></li>
<li><a
href="https://github.com/pydantic/pydantic/commit/20a9d771c210fd77d52366ac923258c4c199727f"><code>20a9d77</code></a>
Do not delete mock validator/serializer in
<code>rebuild_dataclass()</code></li>
<li><a
href="https://github.com/pydantic/pydantic/commit/c86515a3a8f2120148fab2eaedd3bc45925779d0"><code>c86515a</code></a>
Update parts of the model and <code>revalidate_instances</code>
documentation</li>
<li>Additional commits viewable in <a
href="https://github.com/pydantic/pydantic/compare/v2.11.7...v2.12.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `protobuf` from 5.29.5 to 6.33.4
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/protocolbuffers/protobuf/commits">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-api-core` from 2.25.1 to 2.29.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/python-api-core/releases">google-api-core's
releases</a>.</em></p>
<blockquote>
<h2>google-api-core 2.29.0</h2>
<h2><a
href="https://github.com/googleapis/python-api-core/compare/v2.28.1...v2.29.0">2.29.0</a>
(2026-01-08)</h2>
<h3>Features</h3>
<ul>
<li>
<p>make parse_version_to_tuple public (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/864">#864</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/c969186f">c969186f</a>)</p>
</li>
<li>
<p>Auto enable mTLS when supported certificates are detected (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/869">#869</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/f8bf6f96">f8bf6f96</a>)</p>
</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>
<p>remove call to importlib.metadata.packages_distributions() for
py38/py39 (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/859">#859</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/628003e2">628003e2</a>)</p>
</li>
<li>
<p>Log version check errors (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/858">#858</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/6493118c">6493118c</a>)</p>
</li>
<li>
<p>flaky tests due to imprecision in floating point calculation and
performance test setup (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/865">#865</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/93404080">93404080</a>)</p>
</li>
<li>
<p>closes tailing streams in bidi classes. (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/851">#851</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/c97b3a00">c97b3a00</a>)</p>
</li>
</ul>
<h2>v2.28.1</h2>
<h2><a
href="https://github.com/googleapis/python-api-core/compare/v2.28.0...v2.28.1">2.28.1</a>
(2025-10-28)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Remove dependency on packaging and pkg_resources (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/852">#852</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/ca59a863b08a79c2bf0607f9085de1417422820b">ca59a86</a>)</li>
</ul>
<h2>v2.28.0</h2>
<h2><a
href="https://github.com/googleapis/python-api-core/compare/v2.27.0...v2.28.0">2.28.0</a>
(2025-10-24)</h2>
<h3>Features</h3>
<ul>
<li>Provide and use Python version support check (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/832">#832</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/d36e896f98a2371c4d58ce1a7a3bc1a77a081836">d36e896</a>)</li>
</ul>
<h2>v2.27.0</h2>
<h2><a
href="https://github.com/googleapis/python-api-core/compare/v2.26.0...v2.27.0">2.27.0</a>
(2025-10-22)</h2>
<h3>Features</h3>
<ul>
<li>Support for async bidi streaming apis (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/836">#836</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/95305480d234b6dd0903960db020e55125a997e0">9530548</a>)</li>
</ul>
<h2>v2.26.0</h2>
<h2><a
href="https://github.com/googleapis/python-api-core/compare/v2.25.2...v2.26.0">2.26.0</a>
(2025-10-08)</h2>
<h3>Features</h3>
<ul>
<li>Add trove classifier for Python 3.14 (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/842">#842</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/43690de33a23321d52ab856e2bf253590e1a9357">43690de</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/python-api-core/blob/main/CHANGELOG.md">google-api-core's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/googleapis/google-cloud-python/compare/google-api-core-v2.28.1...google-api-core-v2.29.0">2.29.0</a>
(2026-01-08)</h2>
<h3>Features</h3>
<ul>
<li>Auto enable mTLS when supported certificates are detected (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/869">#869</a>)
(<a
href="https://github.com/googleapis/google-cloud-python/commit/f8bf6f9610f3e0e7580f223794c3906513e1fa73">f8bf6f9610f3e0e7580f223794c3906513e1fa73</a>)</li>
<li>make parse_version_to_tuple public (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/864">#864</a>)
(<a
href="https://github.com/googleapis/google-cloud-python/commit/c969186f2b66bde1df5e25bbedc5868e27d136f9">c969186f2b66bde1df5e25bbedc5868e27d136f9</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>flaky tests due to imprecision in floating point calculation and
performance test setup (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/865">#865</a>)
(<a
href="https://github.com/googleapis/google-cloud-python/commit/93404080f853699b9217e4b76391a13525db4e3e">93404080f853699b9217e4b76391a13525db4e3e</a>)</li>
<li>remove call to importlib.metadata.packages_distributions() for
py38/py39 (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/859">#859</a>)
(<a
href="https://github.com/googleapis/google-cloud-python/commit/628003e217d9a881d24f3316aecfd48c244a73f0">628003e217d9a881d24f3316aecfd48c244a73f0</a>)</li>
<li>Log version check errors (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/858">#858</a>)
(<a
href="https://github.com/googleapis/google-cloud-python/commit/6493118cae2720696c3d0097274edfd7fe2bce67">6493118cae2720696c3d0097274edfd7fe2bce67</a>)</li>
<li>closes tailing streams in bidi classes. (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/851">#851</a>)
(<a
href="https://github.com/googleapis/google-cloud-python/commit/c97b3a004044ebf8b35c2a7ba97409d7795e11b0">c97b3a004044ebf8b35c2a7ba97409d7795e11b0</a>)</li>
</ul>
<h2><a
href="https://github.com/googleapis/python-api-core/compare/v2.28.0...v2.28.1">2.28.1</a>
(2025-10-28)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Remove dependency on packaging and pkg_resources (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/852">#852</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/ca59a863b08a79c2bf0607f9085de1417422820b">ca59a86</a>)</li>
</ul>
<h2><a
href="https://github.com/googleapis/python-api-core/compare/v2.27.0...v2.28.0">2.28.0</a>
(2025-10-24)</h2>
<h3>Features</h3>
<ul>
<li>Provide and use Python version support check (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/832">#832</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/d36e896f98a2371c4d58ce1a7a3bc1a77a081836">d36e896</a>)</li>
</ul>
<h2><a
href="https://github.com/googleapis/python-api-core/compare/v2.26.0...v2.27.0">2.27.0</a>
(2025-10-22)</h2>
<h3>Features</h3>
<ul>
<li>Support for async bidi streaming apis (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/836">#836</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/95305480d234b6dd0903960db020e55125a997e0">9530548</a>)</li>
</ul>
<h2><a
href="https://github.com/googleapis/python-api-core/compare/v2.25.2...v2.26.0">2.26.0</a>
(2025-10-08)</h2>
<h3>Features</h3>
<ul>
<li>Add trove classifier for Python 3.14 (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/842">#842</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/43690de33a23321d52ab856e2bf253590e1a9357">43690de</a>)</li>
</ul>
<h2><a
href="https://github.com/googleapis/python-api-core/compare/v2.25.1...v2.25.2">2.25.2</a>
(2025-10-01)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Deprecate credentials_file argument (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/841">#841</a>)
(<a
href="https://github.com/googleapis/python-api-core/commit/324eb7464d6ade9a8c2e413d4695bc7d7adfcb3d">324eb74</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/googleapis/python-api-core/commit/014d3def6ac4fdd5b39d5296a5aad10a546fde21"><code>014d3de</code></a>
chore: librarian release pull request: 20260108T134327Z (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/883">#883</a>)</li>
<li><a
href="https://github.com/googleapis/python-api-core/commit/2d93bd1e189a5c67d993bd78f38ee68d4e6429df"><code>2d93bd1</code></a>
tests: remove pytype nox session (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/876">#876</a>)</li>
<li><a
href="https://github.com/googleapis/python-api-core/commit/0fe0632cbf432e4ae9ef477e0719e64256a3b834"><code>0fe0632</code></a>
chore: fix mypy check (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/882">#882</a>)</li>
<li><a
href="https://github.com/googleapis/python-api-core/commit/f8bf6f9610f3e0e7580f223794c3906513e1fa73"><code>f8bf6f9</code></a>
feat: Auto enable mTLS when supported certificates are detected (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/869">#869</a>)</li>
<li><a
href="https://github.com/googleapis/python-api-core/commit/f0188c6f9c4dc2036f50fa5d8a8b9433749872d2"><code>f0188c6</code></a>
chore: update github action workflow permissions (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/875">#875</a>)</li>
<li><a
href="https://github.com/googleapis/python-api-core/commit/d211307fd5a418489837270ee4a0cdbf4ef3fe57"><code>d211307</code></a>
tests: refactor unit test nox sessions (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/873">#873</a>)</li>
<li><a
href="https://github.com/googleapis/python-api-core/commit/2196e2affabe670dd2bde448d7641084fad3d83c"><code>2196e2a</code></a>
chore: remove sync-repo-settings.yaml which is not used (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/872">#872</a>)</li>
<li><a
href="https://github.com/googleapis/python-api-core/commit/54d1d364c1ba7426ae61d623f967314174758468"><code>54d1d36</code></a>
tests: update default python runtime used in tests to 3.14 (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/870">#870</a>)</li>
<li><a
href="https://github.com/googleapis/python-api-core/commit/93404080f853699b9217e4b76391a13525db4e3e"><code>9340408</code></a>
fix: flaky tests due to imprecision in floating point calculation and
perform...</li>
<li><a
href="https://github.com/googleapis/python-api-core/commit/c969186f2b66bde1df5e25bbedc5868e27d136f9"><code>c969186</code></a>
feat: make parse_version_to_tuple public (<a
href="https://redirect.github.com/googleapis/python-api-core/issues/864">#864</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/googleapis/python-api-core/compare/v2.25.1...v2.29.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `fastapi` from 0.116.1 to 0.128.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fastapi/fastapi/releases">fastapi's
releases</a>.</em></p>
<blockquote>
<h2>0.128.0</h2>
<h3>Breaking Changes</h3>
<ul>
<li>➖ Drop support for <code>pydantic.v1</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14609">#14609</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>✅ Run performance tests only on Pydantic v2. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14608">#14608</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h2>0.127.1</h2>
<h3>Refactors</h3>
<ul>
<li>🔊 Add a custom <code>FastAPIDeprecationWarning</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14605">#14605</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Docs</h3>
<ul>
<li>📝 Add documentary to website. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14600">#14600</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Translations</h3>
<ul>
<li>🌐 Update translations for de (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14602">#14602</a>
by <a
href="https://github.com/nilslindemann"><code>@​nilslindemann</code></a>.</li>
<li>🌐 Update translations for de (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14581">#14581</a>
by <a
href="https://github.com/nilslindemann"><code>@​nilslindemann</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>🔧 Update pre-commit to use local Ruff instead of hook. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14604">#14604</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>✅ Add missing tests for code examples. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14569">#14569</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>👷 Remove <code>lint</code> job from <code>test</code> CI workflow.
PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14593">#14593</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>👷 Update secrets check. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14592">#14592</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>👷 Run CodSpeed tests in parallel to other tests to speed up CI. PR
<a
href="https://redirect.github.com/fastapi/fastapi/pull/14586">#14586</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🔨 Update scripts and pre-commit to autofix files. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14585">#14585</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h2>0.127.0</h2>
<h3>Breaking Changes</h3>
<ul>
<li>🔊 Add deprecation warnings when using <code>pydantic.v1</code>. PR
<a
href="https://redirect.github.com/fastapi/fastapi/pull/14583">#14583</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Translations</h3>
<ul>
<li>🔧 Add LLM prompt file for Korean, generated from the existing
translations. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14546">#14546</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🔧 Add LLM prompt file for Japanese, generated from the existing
translations. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14545">#14545</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>⬆️ Upgrade OpenAI model for translations to gpt-5.2. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14579">#14579</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h2>0.126.0</h2>
<h3>Upgrades</h3>
<ul>
<li>➖ Drop support for Pydantic v1, keeping short temporary support for
Pydantic v2's <code>pydantic.v1</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14575">#14575</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fastapi/fastapi/commit/8322a4445a3b25acd9b26b61192571b2d92f9bcd"><code>8322a44</code></a>
🔖 Release version 0.128.0</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/4b2cfcfd34d0b2e158a05b377426e0c8376b94de"><code>4b2cfcf</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/e3006305518a56ea35f62a31748ad26fe4356fcc"><code>e300630</code></a>
➖ Drop support for <code>pydantic.v1</code> (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14609">#14609</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/1b3bea8b6be2220cc1544653ea785d2134fcb35b"><code>1b3bea8</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/34e884156f38dff4094a7764ff895c4d4b872060"><code>34e8841</code></a>
✅ Run performance tests only on Pydantic v2 (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14608">#14608</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/cd90c78391f86f3fd06d5b327bffad9666b05b44"><code>cd90c78</code></a>
🔖 Release version 0.127.1</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/93f4dfd88b7d62bda89eb521ebd9322e357e6fff"><code>93f4dfd</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/535b5daa317a9d1d1f9a1058e57650a7beefa861"><code>535b5da</code></a>
🔊 Add a custom <code>FastAPIDeprecationWarning</code> (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14605">#14605</a>)</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/6b53786f626db95a42fd0f66afd360bab161f4b1"><code>6b53786</code></a>
📝 Update release notes</li>
<li><a
href="https://github.com/fastapi/fastapi/commit/d98f4eb56eae3155034fe631d9639d95171fb9ab"><code>d98f4eb</code></a>
🔧 Update pre-commit to use local Ruff instead of hook (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14604">#14604</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/fastapi/fastapi/compare/0.116.1...0.128.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `sse-starlette` from 3.0.2 to 3.2.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sysid/sse-starlette/releases">sse-starlette's
releases</a>.</em></p>
<blockquote>
<h2>v3.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>[feat] Allow disabling automatic draining immediately on sigterm by
<a
href="https://github.com/yuliy-openai"><code>@​yuliy-openai</code></a>
in <a
href="https://redirect.github.com/sysid/sse-starlette/pull/157">sysid/sse-starlette#157</a></li>
<li>feat: add enable_automatic_graceful_drain_mode() for re-enabling
auto… by <a href="https://github.com/sysid"><code>@​sysid</code></a> in
<a
href="https://redirect.github.com/sysid/sse-starlette/pull/158">sysid/sse-starlette#158</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/yuliy-openai"><code>@​yuliy-openai</code></a>
made their first contribution in <a
href="https://redirect.github.com/sysid/sse-starlette/pull/157">sysid/sse-starlette#157</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sysid/sse-starlette/compare/v3.1.2...v3.2.0">https://github.com/sysid/sse-starlette/compare/v3.1.2...v3.2.0</a></p>
<h2>v3.1.2</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: prevent watcher task leak by using threading.local (<a
href="https://redirect.github.com/sysid/sse-starlette/issues/152">#152</a>)
by <a href="https://github.com/sysid"><code>@​sysid</code></a> in <a
href="https://redirect.github.com/sysid/sse-starlette/pull/153">sysid/sse-starlette#153</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sysid/sse-starlette/compare/v3.1.1...v3.1.2">https://github.com/sysid/sse-starlette/compare/v3.1.1...v3.1.2</a></p>
<h2>v3.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>fix(shutdown): detect uvicorn shutdown via signal handler
introspection by <a
href="https://github.com/sysid"><code>@​sysid</code></a> in <a
href="https://redirect.github.com/sysid/sse-starlette/pull/151">sysid/sse-starlette#151</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sysid/sse-starlette/compare/v3.1.0...v3.1.1">https://github.com/sysid/sse-starlette/compare/v3.1.0...v3.1.1</a></p>
<h2>v3.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): bump actions/setup-python from 3 to 6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/sysid/sse-starlette/pull/143">sysid/sse-starlette#143</a></li>
<li>Fix Issue <a
href="https://redirect.github.com/sysid/sse-starlette/issues/149">#149</a>:
handle_exit cannot signal context-local events by <a
href="https://github.com/sysid"><code>@​sysid</code></a> in <a
href="https://redirect.github.com/sysid/sse-starlette/pull/150">sysid/sse-starlette#150</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sysid/sse-starlette/compare/v3.0.4...v3.1.0">https://github.com/sysid/sse-starlette/compare/v3.0.4...v3.1.0</a></p>
<h2>v3.0.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Add starlette to dependencies by <a
href="https://github.com/WOnder93"><code>@​WOnder93</code></a> in <a
href="https://redirect.github.com/sysid/sse-starlette/pull/147">sysid/sse-starlette#147</a></li>
<li>Maintenance: CI updates, Python 3.13 support, and packaging fixes by
<a href="https://github.com/sysid"><code>@​sysid</code></a> in <a
href="https://redirect.github.com/sysid/sse-starlette/pull/148">sysid/sse-starlette#148</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/WOnder93"><code>@​WOnder93</code></a>
made their first contribution in <a
href="https://redirect.github.com/sysid/sse-starlette/pull/147">sysid/sse-starlette#147</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sysid/sse-starlette/compare/v3.0.3...v3.0.4">https://github.com/sysid/sse-starlette/compare/v3.0.3...v3.0.4</a></p>
<h2>v3.0.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Security: Upgrade Starlette to 0.49.1 to address CVE-2025-62727 by
<a href="https://github.com/ColeMurray"><code>@​ColeMurray</code></a> in
<a
href="https://redirect.github.com/sysid/sse-starlette/pull/144">sysid/sse-starlette#144</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/ColeMurray"><code>@​ColeMurray</code></a> made
their first contribution in <a
href="https://redirect.github.com/sysid/sse-starlette/pull/144">sysid/sse-starlette#144</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sysid/sse-starlette/compare/v3.0.2...v3.0.3">https://github.com/sysid/sse-starlette/compare/v3.0.2...v3.0.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sysid/sse-starlette/commit/9101a42cb27395bb4a2700b79934809a19abfdbf"><code>9101a42</code></a>
Bump version to 3.2.0</li>
<li><a
href="https://github.com/sysid/sse-starlette/commit/c3248fcdc2512fdec7ae00512785b0bf1fb0d3b8"><code>c3248fc</code></a>
Merge pull request <a
href="https://redirect.github.com/sysid/sse-starlette/issues/158">#158</a>
from sysid/pr-157</li>
<li><a
href="https://github.com/sysid/sse-starlette/commit/c99dd676c08de8f840f65ab56252607abeaf09eb"><code>c99dd67</code></a>
Merge pull request <a
href="https://redirect.github.com/sysid/sse-starlette/issues/157">#157</a>
from yuliy-openai/optional_auto_drain</li>
<li><a
href="https://github.com/sysid/sse-starlette/commit/ed3577721b2f78775b538f79cc0e8452431c66cd"><code>ed35777</code></a>
feat: add enable_automatic_graceful_drain_mode() for re-enabling
auto-drain</li>
<li><a
href="https://github.com/sysid/sse-starlette/commit/15f26cb4163d884d813da52a95d9fb1d4bb50397"><code>15f26cb</code></a>
[feat] Allow disabling automatic draining immediately on sigterm</li>
<li><a
href="https://github.com/sysid/sse-starlette/commit/fc50af6bb26566a57c9b88b7b917234878365182"><code>fc50af6</code></a>
chore: update gitignore</li>
<li><a
href="https://github.com/sysid/sse-starlette/commit/268b3cd3029388cb09434120679e650eb1f4e76e"><code>268b3cd</code></a>
feat: add pre-commit hooks for format, lint, and mypy</li>
<li><a
href="https://github.com/sysid/sse-starlette/commit/618ac0e62caf7e15ec716197212cbe1b2a1a4254"><code>618ac0e</code></a>
Bump version to 3.1.2</li>
<li><a
href="https://github.com/sysid/sse-starlette/commit/6d68ba9484c9f32f3299bbb069b5877f1db37453"><code>6d68ba9</code></a>
Merge pull request <a
href="https://redirect.github.com/sysid/sse-starlette/issues/153">#153</a>
from sysid/fix/152_shutdown_watcher_leak</li>
<li><a
href="https://github.com/sysid/sse-starlette/commit/89faa043d16b6cbb85025068544ea4da4a17941f"><code>89faa04</code></a>
fix: prevent watcher task leak with threading.local (<a
href="https://redirect.github.com/sysid/sse-starlette/issues/152">#152</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/sysid/sse-starlette/compare/v3.0.2...v3.2.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `starlette` from 0.47.2 to 0.50.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/starlette/releases">starlette's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.50.0</h2>
<h2>Removed</h2>
<ul>
<li>Drop Python 3.9 support <a
href="https://redirect.github.com/Kludex/starlette/pull/3061">#3061</a>.</li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/starlette/compare/0.49.3...0.50.0">https://github.com/Kludex/starlette/compare/0.49.3...0.50.0</a></p>
<h2>Version 0.49.3</h2>
<h2>Fixed</h2>
<ul>
<li>Relax strictness on <code>Middleware</code> type <a
href="https://redirect.github.com/Kludex/starlette/pull/3059">#3059</a>.</li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/starlette/compare/0.49.2...0.49.3">https://github.com/Kludex/starlette/compare/0.49.2...0.49.3</a></p>
<h2>Version 0.49.2</h2>
<h2>Fixed</h2>
<ul>
<li>Ignore <code>if-modified-since</code> header if
<code>if-none-match</code> is present in <code>StaticFiles</code> <a
href="https://redirect.github.com/Kludex/starlette/pull/3044">#3044</a>.</li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/starlette/compare/0.49.1...0.49.2">https://github.com/Kludex/starlette/compare/0.49.1...0.49.2</a></p>
<h2>Version 0.49.1</h2>
<p>This release fixes a security vulnerability in the parsing logic of
the <code>Range</code> header in <code>FileResponse</code>.</p>
<p>You can view the full security advisory: <a
href="https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8">GHSA-7f5h-v6xp-fcq8</a></p>
<h2>Fixed</h2>
<ul>
<li>Optimize the HTTP ranges parsing logic <a
href="https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5">4ea6e22b489ec388d6004cfbca52dd5b147127c5</a></li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/starlette/compare/0.49.0...0.49.1">https://github.com/Kludex/starlette/compare/0.49.0...0.49.1</a></p>
<h2>Version 0.49.0</h2>
<h2>Added</h2>
<ul>
<li>Add <code>encoding</code> parameter to <code>Config</code> class <a
href="https://redirect.github.com/Kludex/starlette/pull/2996">#2996</a>.</li>
<li>Support multiple cookie headers in <code>Request.cookies</code> <a
href="https://redirect.github.com/Kludex/starlette/pull/3029">#3029</a>.</li>
<li>Use <code>Literal</code> type for <code>WebSocketEndpoint</code>
encoding values <a
href="https://redirect.github.com/Kludex/starlette/pull/3027">#3027</a>.</li>
</ul>
<h2>Changed</h2>
<ul>
<li>Do not pollute exception context in <code>Middleware</code> when
using <code>BaseHTTPMiddleware</code> <a
href="https://redirect.github.com/Kludex/starlette/pull/2976">#2976</a>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/starlette/blob/main/docs/release-notes.md">starlette's
changelog</a>.</em></p>
<blockquote>
<h2>0.50.0 (November 1, 2025)</h2>
<h4>Removed</h4>
<ul>
<li>Drop Python 3.9 support <a
href="https://redirect.github.com/Kludex/starlette/pull/3061">#3061</a>.</li>
</ul>
<h2>0.49.3 (November 1, 2025)</h2>
<p>This is the last release that supports Python 3.9, which will be
dropped in the next minor release.</p>
<h4>Fixed</h4>
<ul>
<li>Relax strictness on <code>Middleware</code> type <a
href="https://redirect.github.com/Kludex/starlette/pull/3059">#3059</a>.</li>
</ul>
<h2>0.49.2 (November 1, 2025)</h2>
<h4>Fixed</h4>
<ul>
<li>Ignore <code>if-modified-since</code> header if
<code>if-none-match</code> is present in <code>StaticFiles</code> <a
href="https://redirect.github.com/Kludex/starlette/pull/3044">#3044</a>.</li>
</ul>
<h2>0.49.1 (October 28, 2025)</h2>
<p>This release fixes a security vulnerability in the parsing logic of
the <code>Range</code> header in <code>FileResponse</code>.</p>
<p>You can view the full security advisory: <a
href="https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8">GHSA-7f5h-v6xp-fcq8</a></p>
<h4>Fixed</h4>
<ul>
<li>Optimize the HTTP ranges parsing logic <a
href="https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5">4ea6e22b489ec388d6004cfbca52dd5b147127c5</a></li>
</ul>
<h2>0.49.0 (October 28, 2025)</h2>
<h4>Added</h4>
<ul>
<li>Add <code>encoding</code> parameter to <code>Config</code> class <a
href="https://redirect.github.com/Kludex/starlette/pull/2996">#2996</a>.</li>
<li>Support multiple cookie headers in <code>Request.cookies</code> <a
href="https://redirect.github.com/Kludex/starlette/pull/3029">#3029</a>.</li>
<li>Use <code>Literal</code> type for <code>WebSocketEndpoint</code>
encoding values <a
href="https://redirect.github.com/Kludex/starlette/pull/3027">#3027</a>.</li>
</ul>
<h4>Changed</h4>
<ul>
<li>Do not pollute exception context in <code>Middleware</code> when
using <code>BaseHTTPMiddleware</code> <a
href="https://redirect.github.com/Kludex/starlette/pull/2976">#2976</a>.</li>
</ul>
<h2>0.48.0 (September 13, 2025)</h2>
<h4>Added</h4>
<ul>
<li>Add official Python 3.14 support <a
href="https://redirect.github.com/Kludex/starlette/pull/3013">#3013</a>.</li>
</ul>
<h4>Changed</h4>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Kludex/starlette/commit/4941b4a04993d087dea66e9287fe9472babee879"><code>4941b4a</code></a>
Version 0.50.0 (<a
href="https://redirect.github.com/Kludex/starlette/issues/3063">#3063</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/a0499f60a6f13b8b42381d70bafc076b6ece4eee"><code>a0499f6</code></a>
Drop support for Python 3.9 (<a
href="https://redirect.github.com/Kludex/starlette/issues/3061">#3061</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/de3ffecaeadd34612f71495374f5853edbda1bf2"><code>de3ffec</code></a>
Version 0.49.3 (<a
href="https://redirect.github.com/Kludex/starlette/issues/3062">#3062</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/c4433960ccc07289e0963df94dc5c2746f07ca1a"><code>c443396</code></a>
Relax strictness on <code>Middleware</code> type (<a
href="https://redirect.github.com/Kludex/starlette/issues/3059">#3059</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/85bf0275fbf26f5a7fef539a03bebfeb125b9ea3"><code>85bf027</code></a>
Version 0.49.2 (<a
href="https://redirect.github.com/Kludex/starlette/issues/3058">#3058</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/3d480dd7d5adf474d0736c67a2a3064e88226837"><code>3d480dd</code></a>
Ignore <code>if-modified-since</code> if <code>if-none-match</code> is
present (<a
href="https://redirect.github.com/Kludex/starlette/issues/3057">#3057</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/da0605243010715356be69693a524f2300011948"><code>da06052</code></a>
Bump the github-actions group with 3 updates (<a
href="https://redirect.github.com/Kludex/starlette/issues/3056">#3056</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/34caa9900f47b9ab5afffa5f4ee148a00940f622"><code>34caa99</code></a>
Add groups configuration for GitHub Actions (<a
href="https://redirect.github.com/Kludex/starlette/issues/3055">#3055</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/7e4b7428f273dbdc875dcd036d20804bcfc7b2ee"><code>7e4b742</code></a>
Version 0.49.1 (<a
href="https://redirect.github.com/Kludex/starlette/issues/3047">#3047</a>)</li>
<li><a
href="https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5"><code>4ea6e22</code></a>
Merge commit from fork</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/starlette/compare/0.47.2...0.50.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `cryptography` from 45.0.5 to 46.0.3
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's
changelog</a>.</em></p>
<blockquote>
<p>46.0.3 - 2025-10-15</p>
<pre><code>
* Fixed compilation when using LibreSSL 4.2.0.
<p>.. _v46-0-2:</p>
<p>46.0.2 - 2025-09-30<br />
</code></pre></p>
<ul>
<li>Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL
3.5.4.</li>
</ul>
<p>.. _v46-0-1:</p>
<p>46.0.1 - 2025-09-16</p>
<pre><code>
* Fixed an issue where users installing via ``pip`` on Python 3.14
development
  versions would not properly install a dependency.
* Fixed an issue building the free-threaded macOS 3.14 wheels.
<p>.. _v46-0-0:</p>
<p>46.0.0 - 2025-09-16<br />
</code></pre></p>
<ul>
<li><strong>BACKWARDS INCOMPATIBLE:</strong> Support for Python 3.7 has
been removed.</li>
<li>Support for OpenSSL &lt; 3.0 is deprecated and will be removed in
the next
release.</li>
<li>Support for <code>x86_64</code> macOS (including publishing wheels)
is deprecated
and will be removed in two releases. We will switch to publishing an
<code>arm64</code> only wheel for macOS.</li>
<li>Support for 32-bit Windows (including publishing wheels) is
deprecated
and will be removed in two releases. Users should move to a 64-bit
Python installation.</li>
<li>Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL
3.5.3.</li>
<li>We now build <code>ppc64le</code> <code>manylinux</code> wheels and
publish them to PyPI.</li>
<li>We now build <code>win_arm64</code> (Windows on Arm) wheels and
publish them to PyPI.</li>
<li>Added support for free-threaded Python 3.14.</li>
<li>Removed the deprecated <code>get_attribute_for_oid</code> method on
:class:<code>~cryptography.x509.CertificateSigningRequest</code>. Users
should use
:meth:<code>~cryptography.x509.Attributes.get_attribute_for_oid</code>
instead.</li>
<li>Removed the deprecated <code>CAST5</code>, <code>SEED</code>,
<code>IDEA</code>, and <code>Blowfish</code>
classes from the cipher module. These are still available in
:doc:<code>/hazmat/decrepit/index</code>.</li>
<li>In X.509, when performing a PSS signature with a SHA-3 hash, it is
now
encoded with the official NIST SHA3 OID.</li>
</ul>
<p>.. _v45-0-7:</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pyca/cryptography/commit/c0af4dd7b75921bbe9f1d41a03dbd4b64a9e3403"><code>c0af4dd</code></a>
release 46.0.3 (<a
href="https://redirect.github.com/pyca/cryptography/issues/13681">#13681</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/99efe5ad150a56efadafacaffd0e3ee319373904"><code>99efe5a</code></a>
bump version for 46.0.2 (<a
href="https://redirect.github.com/pyca/cryptography/issues/13531">#13531</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/e735cfc27502320101c130335c556394a125ba52"><code>e735cfc</code></a>
release 46.0.1 (<a
href="https://redirect.github.com/pyca/cryptography/issues/13450">#13450</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/4e457ffba43a6d87efc63c33041e2081438dd8a4"><code>4e457ff</code></a>
Explicitly specify python in mac uv build invocation (<a
href="https://redirect.github.com/pyca/cryptography/issues/13447">#13447</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/2726efdb6d67f1c90cf9c6062d9fe051965586f8"><code>2726efd</code></a>
Depend on CFFI 2.0.0 or newer on Python &gt; 3.8 (<a
href="https://redirect.github.com/pyca/cryptography/issues/13448">#13448</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/62230623d183706632c0eb7822c96ac95e3710a8"><code>6223062</code></a>
release 46.0.0 (<a
href="https://redirect.github.com/pyca/cryptography/issues/13446">#13446</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/563c4915b0931455706f761a4579c26698824eae"><code>563c491</code></a>
Update comment for pyopenssl-release tag (<a
href="https://redirect.github.com/pyca/cryptography/issues/13445">#13445</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/d2f6f7faced35b73277bc624ff496f8af696b172"><code>d2f6f7f</code></a>
Bump downstream dependencies in CI (<a
href="https://redirect.github.com/pyca/cryptography/issues/13439">#13439</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/e7ab02bd679d0b4f55d93486fe27e62554ef15d4"><code>e7ab02b</code></a>
we'll ship this with 3.5.3 why not (<a
href="https://redirect.github.com/pyca/cryptography/issues/13442">#13442</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/0b68a4bffb61202e4d4f5074cd30c2b9d15f429e"><code>0b68a4b</code></a>
Another pair of bump dependencies fix (<a
href="https://redirect.github.com/pyca/cryptography/issues/13444">#13444</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pyca/cryptography/compare/45.0.5...46.0.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `grpcio` from 1.74.0 to 1.76.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/grpc/grpc/releases">grpcio's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.76.0</h2>
<p>This is release 1.76.0 (<a
href="https://github.com/grpc/grpc/blob/master/doc/g_stands_for.md">genuine</a>)
of gRPC Core.</p>
<p>For gRPC documentation, see <a href="https://grpc.io/">grpc.io</a>.
For previous releases, see <a
href="https://github.com/grpc/grpc/releases">Releases</a>.</p>
<p>This release contains refinements, improvements, and bug fixes, with
highlights listed below.</p>
<h2>Core</h2>
<ul>
<li>Prioritize system CA over bundled CA. (<a
href="https://redirect.github.com/grpc/grpc/pull/40583">#40583</a>)</li>
<li>[event_engine] Introduce a event_engine_poller_for_python
experiment. (<a
href="https://redirect.github.com/grpc/grpc/pull/40243">#40243</a>)</li>
<li>[metrics] add grpc.lb.backend_service label. (<a
href="https://redirect.github.com/grpc/grpc/pull/40486">#40486</a>)</li>
</ul>
<h2>C#</h2>
<ul>
<li>[csharp tools] <a
href="https://redirect.github.com/grpc/grpc/issues/39374">#39374</a>
Grpc.Tools can't process file Suffix name with Upper character. (<a
href="https://redirect.github.com/grpc/grpc/pull/40072">#40072</a>)</li>
</ul>
<h2>Python</h2>
<ul>
<li>[Python] gRPC AsyncIO: Improve CompletionQueue polling performance.
(<a
href="https://redirect.github.com/grpc/grpc/pull/39993">#39993</a>)</li>
</ul>
<h2>Release v1.76.0-pre1</h2>
<p>This is a prerelease of gRPC Core 1.76.0 (genuine).</p>
<p>For gRPC documentation, see <a href="https://grpc.io/">grpc.io</a>.
For previous releases, see <a
href="https://github.com/grpc/grpc/releases">Releases</a>.</p>
<p>This prerelease contains refinements, improvements, and bug
fixes.</p>
<h2>Release v1.75.1</h2>
<p>This is release gRPC Core 1.75.1 (gemini).</p>
<p>For gRPC documentation, see <a href="https://grpc.io/">grpc.io</a>.
For previous releases, see <a
href="https://github.com/grpc/grpc/releases">Releases</a>.</p>
<p>This release contains refinements, improvements, and bug fixes.</p>
<h2>What's Changed</h2>
<h3>Python</h3>
<ul>
<li>Release grpcio wheels with Python 3.14 support (<a
href="https://redirect.github.com/grpc/grpc/issues/40403">#40403</a>)</li>
<li>Asyncio: fixes grpc shutdown race condition occurring during python
interpreter finalizations. (<a
href="https://redirect.github.com/grpc/grpc/issues/40447">#40447</a>)
<ul>
<li>This also addresses previously reported issues with empty error
message on Python interpreter exit (<code>Error in
sys.excepthook:</code>/<code>Original exception was:</code> empty): <a
href="https://redirect.github.com/grpc/grpc/issues/36655">#36655</a>, <a
href="https://redirect.github.com/grpc/grpc/issues/38679">#38679</a>, <a
href="https://redirect.github.com/grpc/grpc/issues/33342">#33342</a></li>
</ul>
</li>
<li>Python 3.14: preserve current behavior when using grpc.aio async
methods outside of a running event loop. (<a
href="https://redirect.github.com/grpc/grpc/issues/40750">#40750</a>)
<ul>
<li>Note: using async methods outside of a running event loop is <a
href="https://docs.python.org/3.14/library/asyncio-policy.html#asyncio-policies">discouraged</a>
by Python, and <strong>will be deprecated in future gRPC
releases</strong>. Please use the <a
href="https://docs.python.org/3.14/library/asyncio-runner.html#asyncio.run">asyncio.run()</a>
function (or <a
href="https://docs.python.org/3.14/library/asyncio-runner.html#asyncio.Runner">asyncio.Runner</a>
for custom loop factories). For interactive mode, use dedicated <a
href="https://docs.python.org/3/library/asyncio.html#asyncio-cli">asyncio
REPL</a>: <code>python -m asyncio</code>.</li>
</ul>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/grpc/grpc/compare/v1.75.0...v1.75.1">https://github.com/grpc/grpc/compare/v1.75.0...v1.75.1</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/grpc/grpc/commit/f5ffb68d8a2fd603dff16287e90a4ac571e1fec6"><code>f5ffb68</code></a>
[Release] Bump version to 1.76.0 (on v1.76.x branch) (<a
href="https://redirect.github.com/grpc/grpc/issues/40925">#40925</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/ffd83794b3804739c0789096155833e302ac1270"><code>ffd8379</code></a>
[Release] Bump version to 1.76.0-pre1 (on v1.76.x branch) (<a
href="https://redirect.github.com/grpc/grpc/issues/40798">#40798</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/835d394034060002262ab4e404e552ac0393a1a1"><code>835d394</code></a>
[Release] Bump core version to 51.0.0 for upcoming release (<a
href="https://redirect.github.com/grpc/grpc/issues/40784">#40784</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/de6ce7f32b1bf254d2b4c04e8872b63284632fd3"><code>de6ce7f</code></a>
[PH2] Add files for goaway support (<a
href="https://redirect.github.com/grpc/grpc/issues/40786">#40786</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/f7dd7f4b4186049d104aa2c88ad4432f58c19ede"><code>f7dd7f4</code></a>
[PH2][Trivial][CleanUp]</li>
<li><a
href="https://github.com/grpc/grpc/commit/2d40a376c7ea72602fa7bc62606324b1ff14c44f"><code>2d40a37</code></a>
[PH2][ChannelZ][ZTrace][Skeleton]</li>
<li><a
href="https://github.com/grpc/grpc/commit/83acb278bef565d8d46d6e19582eaacc86f737a3"><code>83acb27</code></a>
[build] Add Missing Dependencies for reflection_proto in Preparation for
Enab...</li>
<li><a
href="https://github.com/grpc/grpc/commit/abfe8a29d31a8ab9ff6cdda11cdfa2813cb59632"><code>abfe8a2</code></a>
[PH2] Stream list represents streams open for reads.</li>
<li><a
href="https://github.com/grpc/grpc/commit/c65d8de800aaa907b45cee54ebcd29d5b556d3ca"><code>c65d8de</code></a>
[PH2][Expt] Fix the experiment expiry</li>
<li><a
href="https://github.com/grpc/grpc/commit/755d025f16d20641155e89ecc46777e94e9e172d"><code>755d025</code></a>
Fix latent_see_test flakiness</li>
<li>Additional commits viewable in <a
href="https://github.com/grpc/grpc/compare/v1.74.0...v1.76.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `grpcio-tools` from 1.71.2 to 1.74.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/grpc/grpc/releases">grpcio-tools's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.74.0</h2>
<p>This is release 1.74.0 (<a
href="https://github.com/grpc/grpc/blob/master/doc/g_stands_for.md">gee</a>)
of gRPC Core.</p>
<p>For gRPC documentation, see <a href="https://grpc.io/">grpc.io</a>.
For previous releases, see <a
href="https://github.com/grpc/grpc/releases">Releases</a>.</p>
<p>This release contains refinements, improvements, and bug fixes, with
highlights listed below.</p>
<h2>Core</h2>
<ul>
<li>[OTel C++, Posix EE] Plumb TCP write timestamps and metrics to OTel
tracers. (<a
href="https://redirect.github.com/grpc/grpc/pull/39946">#39946</a>)</li>
<li>[event_engine] Implement fork support in Posix Event Engine. (<a
href="https://redirect.github.com/grpc/grpc/pull/38980">#38980</a>)</li>
<li>[http2] Fix GRPC_ARG_HTTP2_STREAM_LOOKAHEAD_BYTES for when BDP is
disabled. (<a
href="https://redirect.github.com/grpc/grpc/pull/39585">#39585</a>)</li>
</ul>
<h2>Objective-C</h2>
<ul>
<li>[dep] Upgrade Protobuf Version 31.1. (<a
href="https://redirect.github.com/grpc/grpc/pull/39916">#39916</a>)</li>
</ul>
<h2>PHP</h2>
<ul>
<li>[PHP] Fully qualify stdClass with global namespace. (<a
href="https://redirect.github.com/grpc/grpc/pull/39996">#39996</a>)</li>
<li>[php] Fix PHPDoc so that UnaryCall defines the proper return type.
(<a
href="https://redirect.github.com/grpc/grpc/pull/37563">#37563</a>)</li>
<li>fix typing of nullable parameters. (<a
href="https://redirect.github.com/grpc/grpc/pull/39199">#39199</a>)</li>
</ul>
<h2>Python</h2>
<ul>
<li>[EventEngine] Fix the issue with gRPC Python Client not reconnecting
in certain situations: <a
href="https://redirect.github.com/grpc/grpc/issues/38290">#38290</a>, <a
href="https://redirect.github.com/grpc/grpc/issues/39113">#39113</a>, <a
href="https://redirect.github.com/grpc/grpc/issues/39631">#39631</a>.
(<a
href="https://redirect.github.com/grpc/grpc/issues/39894">#39894</a>)</li>
<li>Fix gRPC Python docs website layout - use spaces optimally. (<a
href="https://redirect.github.com/grpc/grpc/pull/40073">#40073</a>)</li>
</ul>
<h2>Ruby</h2>
<ul>
<li>[Ruby] Add rubygems support for linux-gnu and linux-musl platforms .
(<a
href="https://redirect.github.com/grpc/grpc/pull/40174">#40174</a>)</li>
<li>[ruby] enable EE fork support. (<a
href="https://redirect.github.com/grpc/grpc/pull/39786">#39786</a>)</li>
<li>[ruby] Return nil for c functions expected to return a VALUE. (<a
href="https://redirect.github.com/grpc/grpc/pull/39214">#39214</a>)</li>
<li>[ruby] remove connectivity state watch thread, fix cancellations
from spurious signals. (<a
href="https://redirect.github.com/grpc/grpc/pull/39409">#39409</a>)</li>
<li>[ruby] Drop Ruby 3.0 support. (<a
href="https://redirect.github.com/grpc/grpc/pull/39607">#39607</a>)</li>
</ul>
<h2>Release v1.74.0-pre2</h2>
<p>This is a prerelease of gRPC Core 1.74.0 (gee).</p>
<p>For gRPC documentation, see <a href="https://grpc.io/">grpc.io</a>.
For previous releases, see <a
href="https://github.com/grpc/grpc/releases">Releases</a>.</p>
<p>This prerelease contains refinements, improvements, and bug
fixes.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/grpc/grpc/commit/3e7a4d52d257990fa5b9d80f69f4a591178d9d7c"><code>3e7a4d5</code></a>
[Release] Bump version to 1.74.0 (on v1.74.x branch) (<a
href="https://redirect.github.com/grpc/grpc/issues/40290">#40290</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/b2d32db3e1a6221c22d4a008930e1e54e45f1930"><code>b2d32db</code></a>
[Backport][v1.74.x][Python] Fix for windows distribtest (<a
href="https://redirect.github.com/grpc/grpc/issues/40241">#40241</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/a7d80a7e90729849b052c7f36456514dcd1d6752"><code>a7d80a7</code></a>
[ruby] bump timeout for ruby artifact build on 1.74.x branch (<a
href="https://redirect.github.com/grpc/grpc/issues/40230">#40230</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/2a6bf865d7000fa5e415a9e5685b2fd612b9ccc7"><code>2a6bf86</code></a>
[Release] Bump version to 1.74.0-pre2 (on v1.74.x branch) (<a
href="https://redirect.github.com/grpc/grpc/issues/40216">#40216</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/c8dcda63a8c1f91224c75e4311f847db5f42745a"><code>c8dcda6</code></a>
[Backport-to-1.74.x] Added missing useful to cf_event_engine (<a
href="https://redirect.github.com/grpc/grpc/issues/40210">#40210</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/1c64908e6b68ea0dabf62ca6d3af8a8958e6c970"><code>1c64908</code></a>
[Ruby] Add rubygems support for linux-gnu and linux-musl platforms (<a
href="https://redirect.github.com/grpc/grpc/issues/40174">#40174</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/08648d377dfd8ada795a7ad8068b48dcb24bd328"><code>08648d3</code></a>
[Backport][v1.74.x][event_engine] Fix race conditions in the timer
manager sh...</li>
<li><a
href="https://github.com/grpc/grpc/commit/5d59f8e8517bb6a5f2865be63a06b2976b105…
@github-advanced-security
Copy link
Contributor

github-advanced-security bot commented Jan 22, 2026

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

10 participants

@lkawka @sokoliva @a2a-bot @TadakiAsechi @ShishirRmc @didier-durand @chenweiyang0204 @ishymko @holtskinner