chore(deps)(deps): update openai requirement from >=2.38.0 to >=2.41.0 in /nodes/src/nodes#1154
Conversation
Updates the requirements on [openai](https://github.com/openai/openai-python) to permit the latest version. - [Release notes](https://github.com/openai/openai-python/releases) - [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md) - [Commits](openai/openai-python@v2.38.0...v2.41.0) --- updated-dependencies: - dependency-name: openai dependency-version: 2.41.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
area: nodes
dependabot
Bot
requested review from
Rod-Christensen,
jmaionchi and
stepmikhaylov
as code owners
dependabot
Bot
added
dependencies
🤖 Internal: Discord sync markerAuto-managed by the Discord notification workflow. Stores the linked Discord message ID. Do not edit or delete. |
…e path) Extends the pip ignore list with three deps that have repeatedly hit the requirement-update path and required manual audit work each time: - openai — #910 (1→2, audited May 2026; #981 was the re-roll; #1154 is the current 2.38→2.41 ask). The llm_vision_openai node has been audited per-bump because v2 changed the chat completions / responses surface. - cohere — #948 (5→6, audited May 2026; #1156 is the 6.1→7 ask). rerank_cohere needs ClientV2 + error class re-verification on each major. - redis — #949 (5→6, audited May 2026; #1155 is the 6.4→7.4 ask). memory_persistent uses the standard command surface; usually safe but warrants a smoke against a real Redis. Same pattern as the existing elasticsearch (#839) and google-genai (#857) entries — these slip past the semver-major ignore because they're requirement-update PRs (Dependabot rewriting `>=X,<Y` to a higher Y) not version-update PRs, and the semver-major ignore only catches `version-update:semver-major`. Bringing these in becomes an explicit human-driven PR per dep when the team is ready to do the audit, rather than a recurring Dependabot PR that sits in the queue every few weeks needing the same audit work.
|
Closing in favor of the consolidated monthly Dependabot bundle from #1197 (just merged). Next scheduled Dependabot run (2026-07-01) will re-roll this bump into the consolidated PR if still applicable — comment |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
Bot
deleted the
dependabot/pip/nodes/src/nodes/openai-gte-2.41.0
branch
1 participant
Updates the requirements on openai to permit the latest version.
Release notes
Sourced from openai's releases.
Changelog
Sourced from openai's changelog.
... (truncated)
Commits
2d955a1Merge pull request #3359 from openai/release-please--branches--main--changes-...519cd02release: 2.41.087e46c2feat(api): responses.moderation and chat_completions.moderationa28a3f6Merge pull request #3352 from openai/release-please--branches--main--changes-...db6ccafUpdate CHANGELOG.md2264f70release: 2.40.04d5bfdefix(api): allow setting bedrock api keys on the client directlyccef143Merge pull request #3326 from openai/codex/bedrock-responses-reviewa50ff0aFix Bedrock with_options overridesfdf4901codegen metadataDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)