Skip to content

chore(deps): resolve dependabot security alerts#502

Merged
Abhijeet Prasad (AbhiPrasad) merged 1 commit into
mainfrom
abhi-fix-dependabot-security-alerts
Jun 9, 2026
Merged

chore(deps): resolve dependabot security alerts#502
Abhijeet Prasad (AbhiPrasad) merged 1 commit into
mainfrom
abhi-fix-dependabot-security-alerts

Conversation

@AbhiPrasad

@AbhiPrasad Abhijeet Prasad (AbhiPrasad) commented Jun 8, 2026

Copy link
Copy Markdown
Member

Bump vulnerable transitive dependency resolutions for aiohttp, starlette, and pydantic-ai in the SDK and deprecated ADK integration locks.

Remove CrewAI from the shared lint environment to avoid its vulnerable chromadb transitive dependency, while keeping CrewAI integration coverage on its dedicated nox session.

@AbhiPrasad
fix(deps): resolve dependabot security alerts
d6cb79f 
Bump vulnerable transitive dependency resolutions for aiohttp, starlette, and pydantic-ai in the SDK and deprecated ADK integration locks.

Remove CrewAI from the shared lint environment to avoid its vulnerable chromadb transitive dependency, while keeping CrewAI integration coverage on its dedicated nox session.
@AbhiPrasad Abhijeet Prasad (AbhiPrasad) merged commit 4dd3ee7 into main Jun 9, 2026
82 checks passed
@AbhiPrasad Abhijeet Prasad (AbhiPrasad) deleted the abhi-fix-dependabot-security-alerts branch June 9, 2026 13:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@realark Andrew Kent (realark) realark approved these changes

@viadezo1er Cedric / ViaDézo1er (viadezo1er) viadezo1er approved these changes

@lforst Luca Forstner (lforst) Awaiting requested review from lforst

Assignees

@AbhiPrasad Abhijeet Prasad (AbhiPrasad)

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@AbhiPrasad @realark @viadezo1er