Skip to content

chore(deps)(deps): update cohere requirement from <7.0.0,>=6.1.0 to >=7.0.3,<8.0.0 in /nodes/src/nodes#1156

Closed
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/pip/nodes/src/nodes/cohere-gte-7.0.3-and-lt-8.0.0
Closed

chore(deps)(deps): update cohere requirement from <7.0.0,>=6.1.0 to >=7.0.3,<8.0.0 in /nodes/src/nodes#1156
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/pip/nodes/src/nodes/cohere-gte-7.0.3-and-lt-8.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 8, 2026

Copy link
Copy Markdown
Contributor

Updates the requirements on cohere to permit the latest version.

Release notes

Sourced from cohere's releases.

7.0.3

What's Changed

New Contributors

Full Changelog: cohere-ai/cohere-python@7.0.2...7.0.3

Commits
  • 0702df5 [fern-generated] Update SDK (#776)
  • 482ab2a fix(utils): guard against None fields in merge_embed_responses (#771)
  • 3b49748 fix(utils): guard against None entries in sum_fields_if_not_none (#773)
  • 6a49b0b [fern-generated] Update SDK (#768)
  • eaf7d15 [fern-generated] Update SDK (#767)
  • b751bc1 [fern-generated] Update SDK (#765)
  • 756b1d8 fix(oci): convert image_url to camelCase imageUrl for OCI vision requests (#761)
  • fc167c1 fix(oci): uppercase tool type field for OCI V2 API compatibility (#758)
  • b911acf fix(oci): terminate stream on finishReason — OCI does not send [DONE] (#757)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps)(deps): update cohere requirement in /nodes/src/nodes
0bc55bb 
Updates the requirements on [cohere](https://github.com/cohere-ai/cohere-python) to permit the latest version.
- [Release notes](https://github.com/cohere-ai/cohere-python/releases)
- [Commits](cohere-ai/cohere-python@6.1.0...7.0.3)

---
updated-dependencies:
- dependency-name: cohere
  dependency-version: 7.0.3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added area: nodes Pipeline node implementations and configuration dependencies Pull requests that update a dependency file labels Jun 8, 2026
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file area: nodes Pipeline node implementations and configuration labels Jun 8, 2026
@dependabot dependabot Bot mentioned this pull request Jun 8, 2026
Closed
@github-actions github-actions Bot added the module:nodes Python pipeline nodes label Jun 8, 2026
@github-actions

github-actions Bot commented Jun 8, 2026

Copy link
Copy Markdown
🤖 Internal: Discord sync marker

Auto-managed by the Discord notification workflow. Stores the linked Discord message ID. Do not edit or delete.

anandray added a commit that referenced this pull request Jun 9, 2026
@anandray
chore(ci): also ignore openai/cohere/redis (chronic requirement-updat…
34c0f57 
…e path)

Extends the pip ignore list with three deps that have repeatedly hit
the requirement-update path and required manual audit work each time:

  - openai — #910 (1→2, audited May 2026; #981 was the re-roll;
             #1154 is the current 2.38→2.41 ask). The llm_vision_openai
             node has been audited per-bump because v2 changed the chat
             completions / responses surface.
  - cohere — #948 (5→6, audited May 2026; #1156 is the 6.1→7 ask).
             rerank_cohere needs ClientV2 + error class re-verification
             on each major.
  - redis  — #949 (5→6, audited May 2026; #1155 is the 6.4→7.4 ask).
             memory_persistent uses the standard command surface;
             usually safe but warrants a smoke against a real Redis.

Same pattern as the existing elasticsearch (#839) and google-genai
(#857) entries — these slip past the semver-major ignore because
they're requirement-update PRs (Dependabot rewriting `>=X,<Y` to a
higher Y) not version-update PRs, and the semver-major ignore only
catches `version-update:semver-major`.

Bringing these in becomes an explicit human-driven PR per dep when
the team is ready to do the audit, rather than a recurring Dependabot
PR that sits in the queue every few weeks needing the same audit
work.
@anandray

anandray commented Jun 10, 2026

Copy link
Copy Markdown
Contributor

Closing in favor of the consolidated monthly Dependabot bundle from #1197 (just merged). Next scheduled Dependabot run (2026-07-01) will re-roll this bump into the consolidated PR if still applicable — comment @dependabot recreate on this closed PR if you want it back sooner under the old per-directory config (not recommended; just let the new monthly cadence pick it up).

@anandray anandray closed this Jun 10, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 10, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/pip/nodes/src/nodes/cohere-gte-7.0.3-and-lt-8.0.0 branch June 10, 2026 19:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jmaionchi jmaionchi Awaiting requested review from jmaionchi jmaionchi is a code owner

@Rod-Christensen Rod-Christensen Awaiting requested review from Rod-Christensen Rod-Christensen is a code owner

@stepmikhaylov stepmikhaylov Awaiting requested review from stepmikhaylov stepmikhaylov is a code owner

Assignees

No one assigned

Labels

area: nodes Pipeline node implementations and configuration dependencies Pull requests that update a dependency file module:nodes Python pipeline nodes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@anandray