Bump the pip group across 8 directories with 15 updates

[dependabot]

Bumps the pip group with 15 updates in the / directory:

Package	From	To
authlib	1.6.5	1.6.7
cryptography	45.0.7	46.0.5
fastmcp	2.12.4	2.14.0
fonttools	4.60.1	4.60.2
mcp	1.17.0	1.23.0
mlflow	3.4.0	3.5.0
nbconvert	7.16.6	7.17.0
pillow	11.3.0	12.1.1
protobuf	6.32.1	6.33.5
pyasn1	0.6.1	0.6.2
python-multipart	0.0.20	0.0.22
sqlparse	0.5.3	0.5.4
starlette	0.48.0	0.49.1
urllib3	2.5.0	2.6.3
werkzeug	3.1.1	3.1.6

Bumps the pip group with 1 update in the /mlartifacts/DecisionTree/models/m-b26910be3f4348578fb9e30b2f5b106a/artifacts directory: mlflow.
Bumps the pip group with 1 update in the /mlartifacts/DecisionTree/models/m-e07ecd69aa05424e8a13515e273b6e61/artifacts directory: mlflow.
Bumps the pip group with 1 update in the /mlartifacts/LogisticRegression/models/m-9c20ba518f15428cb4057621a9f5e0ca/artifacts directory: mlflow.
Bumps the pip group with 1 update in the /mlartifacts/LogisticRegression/models/m-e4782213a5c14e9e9cf74e7d23a36aa0/artifacts directory: mlflow.
Bumps the pip group with 1 update in the /mlartifacts/RandomForest/models/m-c54d2fda504048469ff18c6c6e7c5ae2/artifacts directory: mlflow.
Bumps the pip group with 1 update in the /mlartifacts/RandomForest/models/m-cf2fcb44ace24d47a39848b41e29774e/artifacts directory: mlflow.
Bumps the pip group with 15 updates in the /pipeline directory:

Package	From	To
authlib	1.6.5	1.6.7
cryptography	45.0.7	46.0.5
fastmcp	2.12.4	2.14.0
fonttools	4.60.1	4.60.2
mcp	1.17.0	1.23.0
mlflow	3.4.0	3.5.0
nbconvert	7.16.6	7.17.0
pillow	11.3.0	12.1.1
protobuf	6.32.1	6.33.5
pyasn1	0.6.1	0.6.2
python-multipart	0.0.20	0.0.22
sqlparse	0.5.3	0.5.4
starlette	0.48.0	0.49.1
urllib3	2.5.0	2.6.3
werkzeug	3.1.1	3.1.6

Updates authlib from 1.6.5 to 1.6.7

Release notes

Sourced from authlib's releases.

v1.6.7

Full Changelog: authlib/authlib@v1.6.6...v1.6.7

Set supported algorithms for the default jwt instance.

v1.6.6

What's Changed

• fix(ClientAuth): fix incorrect signature when Content-Type is x-www-form-urlencoded by @​shc261392 in authlib/authlib#778
• Fix: Use expires_in when expires_at is unparsable by @​bendavis78 in authlib/authlib#842
• get_jwt_config takes a client parameter. by @​azmeuk in authlib/authlib#844

New Contributors

• @​shc261392 made their first contribution in authlib/authlib#778
• @​bendavis78 made their first contribution in authlib/authlib#842

Full Changelog: authlib/authlib@v1.6.5...v1.6.6

Changelog

Sourced from authlib's changelog.

Changelog

.. meta:: :description: The full list of changes between each Authlib release.

Here you can see the full list of changes between each Authlib release.

Version 1.7.0

Unreleased

• Add support for OpenID Connect RP-Initiated Logout 1.0 <https://openid.net/specs/openid-connect-rpinitiated-1_0.html>_. See :ref:specs/rpinitiated for details. :issue:500
• Per RFC 6749 Section 3.3, the scope parameter is now optional at both authorization and token endpoints. client.get_allowed_scope() is called to determine the default scope when omitted. :issue:845
• Stop support for Python 3.9, start support Python 3.14. :pr:850
• Allow AuthorizationServerMetadata.validate() to compose with RFC extension classes.
• Fix expires_at=0 being incorrectly treated as None. :issue:530
• Allow ResourceProtector decorator to be used without parentheses. :issue:604
• Implement RFC9700 PKCE downgrade countermeasure.

Upgrade Guide: :ref:joserfc_upgrade.

Version 1.6.6

Released on Dec 12, 2025

• get_jwt_config takes a client parameter, :pr:844.
• Fix incorrect signature when Content-Type is x-www-form-urlencoded for OAuth 1.0 Client, :pr:778.
• Use expires_in in OAuth2Token when expires_at is unparsable, :pr:842.
• Always track state in session for OAuth client integrations.

Commits

• 38e872a chore: release 1.6.7
• b87c32e fix: remove "none" algorithm from default jwt instance
• bb7a315 chore: release 1.6.6
• 0a423d4 Merge pull request #844 from azmeuk/806-get-jwt-config-client
• 2808378 Merge commit from fork
• 714502a feat: get_jwt_config takes a client parameter
• 260d04e Fix: Use expires_in when expires_at is unparsable
• eb37124 Merge pull request #778 from shc261392/fix-httpx-oauth1-form-data-incorrect-s...
• 0ba9ec4 docs: fix guide on requests self signed certificate
• a2e9943 docs: indicate that #743 needs a migration
• Additional commits viewable in compare view

Updates cryptography from 45.0.7 to 46.0.5

Changelog

Sourced from cryptography's changelog.

46.0.5 - 2026-02-10

* An attacker could create a malicious public key that reveals portions of your
  private key when using certain uncommon elliptic curves (binary curves).
  This version now includes additional security checks to prevent this attack.
  This issue only affects binary elliptic curves, which are rarely used in
  real-world applications. Credit to **XlabAI Team of Tencent Xuanwu Lab and
  Atuin Automated Vulnerability Discovery Engine** for reporting the issue.
  **CVE-2026-26007**
* Support for ``SECT*`` binary elliptic curves is deprecated and will be
  removed in the next release.
.. v46-0-4:
46.0.4 - 2026-01-27

• Dropped support for win_arm64 wheels_.
• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.5.

.. _v46-0-3:

46.0.3 - 2025-10-15

* Fixed compilation when using LibreSSL 4.2.0.
.. _v46-0-2:
46.0.2 - 2025-09-30

• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.4.

.. _v46-0-1:

46.0.1 - 2025-09-16

* Fixed an issue where users installing via ``pip`` on Python 3.14 development
  versions would not properly install a dependency.
* Fixed an issue building the free-threaded macOS 3.14 wheels.
.. _v46-0-0:
46.0.0 - 2025-09-16

• BACKWARDS INCOMPATIBLE: Support for Python 3.7 has been removed.

... (truncated)

Commits

• 06e120e bump version for 46.0.5 release (#14289)
• 0eebb9d EC check key on cofactor > 1 (#14287)
• bedf6e1 fix openssl version on 46 branch (#14220)
• e6f44fc bump for 46.0.4 and drop win arm64 due to CI issues (#14217)
• c0af4dd release 46.0.3 (#13681)
• 99efe5a bump version for 46.0.2 (#13531)
• e735cfc release 46.0.1 (#13450)
• 4e457ff Explicitly specify python in mac uv build invocation (#13447)
• 2726efd Depend on CFFI 2.0.0 or newer on Python > 3.8 (#13448)
• 6223062 release 46.0.0 (#13446)
• Additional commits viewable in compare view

Updates fastmcp from 2.12.4 to 2.14.0

Release notes

Sourced from fastmcp's releases.

v2.14.0: Task and You Shall Receive

FastMCP 2.14 begins adopting the MCP 2025-11-25 specification, headlined by protocol-native background tasks that let long-running operations report progress without blocking clients. This release also graduates the OpenAPI parser to standard, adds first-class support for several new spec features, and removes deprecated APIs accumulated across the 2.x series.

Background Tasks (SEP-1686)

Long-running operations (like tool calls) normally block MCP clients until they complete. The new MCP background task protocol (SEP-1686) lets clients start operations, track progress, and retrieve results without blocking. For FastMCP users, taking advantage of this new functionality is as easy as adding task=True to any async decorator. Under the hood, it's powered by Docket, the enterprise task scheduler at the heart of Prefect Cloud that handles millions of concurrent tasks every day.

from fastmcp import FastMCP
from fastmcp.dependencies import Progress
mcp = FastMCP("MyServer")
@​mcp.tool(task=True)
async def train_model(dataset: str, progress: Progress = Progress()) -> str:
await progress.set_total(100)
for epoch in range(100):
# ... training work ...
await progress.increment()
return "Model trained successfully"

Clients that call this tool in task-augmented mode (for FastMCP clients, that merely means another task=True!) receive a task ID immediately, poll for progress updates, and fetch results when ready. Background tasks work out-of-the-box with an in-memory backend, and users can optionally provide a Redis URL for persistence, horizontal scaling, and single-digit millisecond task pickup latency. When using Redis, users can also add additional Docket workers to scale out their task processing.

Read the docs here!

OpenAPI Parser Promotion

The experimental OpenAPI parser graduates to standard. The new architecture delivers improved performance through single-pass schema processing and cleaner internal abstractions. Existing code works unchanged; users of the experimental module should update their imports.

MCP 2025-11-25 Spec Support

This release begins adopting the MCP 2025-11-25 specification. Beyond the core SDK updates, FastMCP adds first-class developer experiences for:

• SEP-1686: Background tasks with progress tracking
• SEP-1699: SSE polling and event resumability, with full AsyncKeyValue support
• SEP-1330: Multi-select enum elicitation schemas
• SEP-1034: Default values for elicitation schemas
• SEP-986: Tool name validation at registration time

As the MCP SDK continues to adopt more of the specification, FastMCP will add corresponding high-level APIs.

Breaking Changes & Cleanup

This release removes deprecated APIs accumulated across the 2.x series: BearerAuthProvider, Context.get_http_request(), the dependencies parameter, legacy resource prefix formats, and several deprecated methods. The upgrade guide provides migration paths for each.

What's Changed

... (truncated)

Changelog

Sourced from fastmcp's changelog.

---

title: "Changelog" icon: "list-check" rss: true tag: NEW

v3.0.2: Threecovery Mode II

Two community-contributed fixes: auth headers from MCP transport no longer leak through to downstream OpenAPI APIs, and background task workers now correctly receive the originating request ID. Plus a new docs example for context-aware tool factories.

Fixes 🐞

• fix: prevent MCP transport auth header from leaking to downstream OpenAPI APIs by @​stakeswky in #3262
• fix: propagate origin_request_id to background task workers by @​gfortaine in #3175

Docs 📚

• Add v3.0.1 release notes by @​jlowin in #3259
• docs: add context-aware tool factory example by @​machov in #3264

Full Changelog: v3.0.1...v3.0.2

v3.0.1: Three-covery Mode

First patch after 3.0 — mostly smoothing out rough edges discovered in the wild. The big ones: middleware state that wasn't surviving the trip to tool handlers now does, Tool.from_tool() accepts callables again, OpenAPI schemas with circular references no longer crash discovery, and decorator overloads now return the correct types in function mode. Also adds verify_id_token to OIDCProxy for providers (like some Azure AD configs) that issue opaque access tokens but standard JWT id_tokens.

Enhancements 🔧

• Add verify_id_token option to OIDCProxy by @​jlowin in #3248

Fixes 🐞

• Fix v3.0.0 changelog compare link by @​jlowin in #3223
• Fix MDX parse error in upgrade guide prompts by @​jlowin in #3227
• Fix non-serializable state lost between middleware and tools by @​jlowin in #3234
• Accept callables in Tool.from_tool() by @​jlowin in #3235
• Preserve skill metadata through provider wrapping by @​jlowin in #3237
• Fix circular reference crash in OpenAPI schemas by @​jlowin in #3245
• Fix NameError with future annotations and Context/Depends parameters by @​jlowin in #3243
• Fix ty ignore syntax in OpenAPI provider by @​jlowin in #3253
• Use max_completion_tokens instead of deprecated max_tokens in OpenAI handler by @​jlowin in #3254
• Fix ty compatibility with upgraded deps by @​jlowin in #3257
• Fix decorator overload return types for function mode by @​jlowin in #3258

Docs 📚

• Sync README with welcome.mdx, fix install count by @​jlowin in #3224
• Document dict-to-Message prompt migration in upgrade guides by @​jlowin in #3225
• Fix v2 upgrade guide: remove incorrect v1 import advice by @​jlowin in #3226

... (truncated)

Commits

• 3d6fd46 chore: remove tests/test_examples.py (#2593)
• 03b62d2 feat: handle error from the initialize middleware (#2531)
• 95e58e8 fix: preserve exception propagation through transport cleanup (#2591)
• 855e01e chore: Update SDK documentation (#2588)
• d56f55a Add smart fallback for missing access token expiry (#2587)
• d35b867 chore: Update SDK documentation (#2517)
• 080ffa5 Fix nested server mount routing for 3+ levels deep (#2586)
• 0bcd69c Remove overly restrictive MIME type validation from Resource (#2585)
• 9b41d16 Remove deprecated mount/import argument order and separator params (#2582)
• 95fb8b4 Fix proxy tool result meta attribute forwarding (#2526)
• Additional commits viewable in compare view

Updates fonttools from 4.60.1 to 4.60.2

Release notes

Sourced from fonttools's releases.

4.60.2

• Backport release Same as 4.61.0 but without "Drop support for EOL Python 3.9" change to allow downstream projects still on Python 3.9 to avail of the security fix for CVE-2025-66034 (#3994, #3999).

Changelog

Sourced from fonttools's changelog.

4.60.2 (released 2025-12-09)

• Backport release Same as 4.61.0 but without "Drop support for EOL Python 3.9" change to allow downstream projects still on Python 3.9 to avail of the security fix for CVE-2025-66034 (#3994, #3999).

4.61.0 (released 2025-11-28)

• [varLib.main]: SECURITY Only use basename(vf.filename) to prevent path traversal attacks when running fonttools varLib command, or code which invokes fonttools.varLib.main(). Fixes CVE-2025-66034, see: GHSA-768j-98cg-p3fv.
• [feaLib] Sort BaseLangSysRecords by tag (#3986).
• Drop support for EOL Python 3.9 (#3982).
• [instancer] Support --remove-overlaps for fonts with CFF2 table (#3975).
• [CFF2ToCFF] Add --remove-overlaps option (#3976).
• [feaLib] Raise an error for rsub with NULL target (#3979).
• [bezierTools] Fix logic bug in curveCurveIntersections (#3963).
• [feaLib] Error when condition sets have the same name (#3958).
• [cu2qu.ufo] skip processing empty glyphs to support sparse kerning masters (#3956).
• [unicodedata] Update to Unicode 17. Require unicodedata2 >= 17.0.0 when installed with 'unicode' extra.

Commits

• 78ba5e8 Release 4.60.2
• c3f9979 macos-13 runner is no more, use macos-15-intel
• 8016403 Revert "Merge pull request #3982 from fonttools/drop-py39"
• e691e3b Release 4.61.0
• c2d540f Update NEWS.rst
• 3859753 Update NEWS.rst
• 26eb070 black
• 5ff73af Merge commit from fork
• a696d5b varLib: only use the basename(vf.filename)
• b00bc45 varLib_test: test path traversal in variable-font filename
• Additional commits viewable in compare view

Updates mcp from 1.17.0 to 1.23.0

Release notes

Sourced from mcp's releases.

v1.23.0

Summary

This release brings us up to speed with the latest MCP spec 2025-11-25. Take a look at the latest spec as well as the release blog post.

What's Changed

• Add tests for JSON Schema 2020-12 field preservation (SEP-1613) by @​felixweinberger in modelcontextprotocol/python-sdk#1649
• Add client_secret_basic authentication support by @​jonshea in modelcontextprotocol/python-sdk#1334
• Implement SEP-1577 - Sampling With Tools by @​ochafik in modelcontextprotocol/python-sdk#1594
• SEP-1330: Elicitation Enum Schema Improvements and Standards Compliance by @​chughtapan in modelcontextprotocol/python-sdk#1246
• [auth][conformance] add conformance auth client by @​pcarleton in modelcontextprotocol/python-sdk#1640
• Implement SEP-986: Tool name validation by @​felixweinberger in modelcontextprotocol/python-sdk#1655
• fix: url for spec by @​felixweinberger in modelcontextprotocol/python-sdk#1659
• feat: implement SEP-991 URL-based client ID (CIMD) support by @​pcarleton in modelcontextprotocol/python-sdk#1652
• Update doc string on custom_route by @​pcarleton in modelcontextprotocol/python-sdk#1660
• Implement SEP-1036: URL mode elicitation for secure out-of-band interactions by @​cbcoutinho in modelcontextprotocol/python-sdk#1580
• Skip empty SSE data to avoid parsing errors by @​felixweinberger in modelcontextprotocol/python-sdk#1670
• SEP-1686: Tasks by @​maxisbey in modelcontextprotocol/python-sdk#1645
• Add on_session_created callback option by @​crondinini-ant in modelcontextprotocol/python-sdk#1710
• Add SSE polling support (SEP-1699) by @​felixweinberger in modelcontextprotocol/python-sdk#1654
• Support client_credentials flow with JWT and Basic auth by @​pcarleton in modelcontextprotocol/python-sdk#1663
• feat: backwards-compatible create_message overloads for SEP-1577 by @​felixweinberger in modelcontextprotocol/python-sdk#1713
• Auto-enable DNS rebinding protection for localhost servers by @​pcarleton (d3a184119e4479ea6a63590bc41f01dc06e3fa99)

New Contributors

• @​ochafik made their first contribution in modelcontextprotocol/python-sdk#1594

Full Changelog: modelcontextprotocol/python-sdk@v1.22.0...v1.23.0

v1.22.0

What's Changed

• feat: Pass through and expose additional parameters in ClientSessionGroup.call_tool and .connect_to_server by @​inaku-Gyan in modelcontextprotocol/python-sdk#1576
• chore: Lazy import jsonschema library by @​wuliang229 in modelcontextprotocol/python-sdk#1596
• docs: Update examples to use stateless HTTP with JSON responses by @​domdomegg in modelcontextprotocol/python-sdk#1499

New Contributors

• @​wuliang229 made their first contribution in modelcontextprotocol/python-sdk#1596

Full Changelog: modelcontextprotocol/python-sdk@v1.21.1...v1.22.0

v1.21.2

Hotfix Release

This is a hotfix release to address a critical bug in OAuth scope handling that caused failures on 401 responses.

Related:

• modelcontextprotocol/python-sdk#1630
• modelcontextprotocol/python-sdk#1632

What's Changed

... (truncated)

Commits

• d3a1841 Merge commit from fork
• fa851d9 feat: backwards-compatible create_message overloads for SEP-1577 (#1713)
• f82b0c9 Support client_credentials flow with JWT and Basic auth (#1663)
• 281fd47 Add SSE polling support (SEP-1699) (#1654)
• 2cd178a Add on_session_created callback option (#1710)
• c92bb2f SEP-1686: Tasks (#1645)
• 5983a65 Skip empty SSE data to avoid parsing errors (#1670)
• 02b7889 Implement SEP-1036: URL mode elicitation for secure out-of-band interactions ...
• 27279bc Update doc string on custom_route (#1660)
• f225013 feat: implement SEP-991 URL-based client ID (CIMD) support (#1652)
• Additional commits viewable in compare view

Updates mlflow from 3.4.0 to 3.5.0

Release notes

Sourced from mlflow's releases.

v3.5.0

MLflow 3.5.0 includes several major features and improvements!

Major Features

• 🤖 Tracing support for Claude Code SDK: MLflow now provides a tracing integration for both the Claude Code CLI and SDK! Configure the autologging integration to track your prompts, Claude's responses, tool calls, and more. Check out this doc page to get started. (#18022, @​smoorjani)
• 🎯 Flexible Prompt Optimization API: Introduced a new flexible API for prompt optimization with support for model switching and the GEPA algorithm, enabling more efficient prompt tuning with fewer rollouts. See the documentation to get started. (#18183, #18031, @​TomeHirata)
• 🎨 Enhanced UI Onboarding: Improved in-product onboarding experience with trace quickstart drawer and updated homepage guidance to help users discover MLflow's latest features. (#18098, #18187, @​B-Step62)
• 🔐 Security Middleware for Tracking Server: Added a security middleware layer to protect against DNS rebinding, CORS attacks, and other security threats. Read the documentation for configuration details. (#17910, @​BenWilson2)

Features

• [Tracing / Tracking] Add unlink_traces_from_run batch operation (#18316, @​harupy)
• [Tracing] Add batch trace link/unlink operations to DatabricksTracingRestStore (#18295, @​harupy)
• [Tracking] Claude Code SDK autologging support (#18022, @​smoorjani)
• [Tracing] Add support for reading trace configuration from environment variables (#17792, @​joelrobin18)
• [Tracking] Mistral tracing improvements (#16370, @​joelrobin18)
• [Tracking] Gemini token count tracking (#16248, @​joelrobin18)
• [Tracking] Gemini streaming support (#16249, @​joelrobin18)
• [Tracking] CrewAI token count tracking with documentation updates (#16373, @​joelrobin18)
• [Evaluation] Allow passing empty scorer list for manual result comparison (#18265, @​B-Step62)
• [Evaluation] Log assessments to DSPy evaluation traces (#18136, @​B-Step62)
• [Evaluation] Add support for trace inputs to built-in scorers (#17943, @​BenWilson2)
• [Evaluation] Add synonym handling for built-in scorers (#17980, @​BenWilson2)
• [Evaluation] Add span timing tool for Agent Judges (#17948, @​BenWilson2)
• [Evaluation] Allow disabling evaluation sample check (#18032, @​B-Step62)
• [Evaluation] Reduce verbosity of SIMBA optimizer logs when aligning judges (#17795, @​BenWilson2)
• [Evaluation] Add __repr__ method for Judges (#17794, @​BenWilson2)
• [Prompts] Add prompt registry support to MLflow webhooks (#17640, @​harupy)
• [Prompts] Prompt Registry Chat UI (#17334, @​joelrobin18)
• [UI] Delete parent and child runs together (#18052, @​joelrobin18)
• [UI] Added move to top, move to bottom for charts (#17742, @​joelrobin18)
• [Tracking] Use sampling data for run comparison to improve performance (#17645, @​lkuo)
• [Tracking] Add optional 'outputs' column for evaluation dataset records (#17735, @​WeichenXu123)
• [Tracking] Job backend execution (#17676, #18012, #18070, #18071, #18112, #18049, @​WeichenXu123)

Bug Fixes

• [Tracing] Fix parent run resolution mechanism for LangChain (#17273, @​B-Step62)
• [Tracing] Add client-side retry for get_trace to improve reliability (#18224, @​B-Step62)
• [Tracing] Fix OpenTelemetry dual export (#18163, @​B-Step62)
• [Tracing] Suppress false warnings from span logging (#18092, #18276, @​B-Step62)
• [Tracing] Fix OpenTelemetry resource attributes not propagating correctly (#18019, @​xiaosha007)
• [Tracing] Fix DSPy prompt display (#17988, @​B-Step62)
• [Tracing] Fix usage aggregation to avoid ancestor duplication (#17921, @​TomeHirata)
• [Tracing] Fix double counting in Strands tracing (#17855, @​joelrobin18)
• [Tracing] Fix to_predict_fn to handle traces without tags field (#17784, @​harupy)
• [Tracing] URL-encode trace tag keys in delete_trace_tag to prevent 404 errors (#18232, @​copilot-swe-agent)
• [Tracking] Fix Claude Code autologging inputs not displaying (#17858, @​smoorjani)
• [Tracking] Fix runs with 0-valued metrics not appearing in experiment list contour plots (#17916, @​WeichenXu123)

... (truncated)

Changelog

Sourced from mlflow's changelog.

3.5.0 (2025-10-16)

MLflow 3.5.0 includes several major features and improvements!

Major Features

• ⚙️ Job Execution Backend: Introduced a new job execution backend infrastructure for running asynchronous tasks with individual execution pools, job search capabilities, and transient error handling. (#17676, #18012, #18070, #18071, #18112, #18049, @​WeichenXu123)
• 🎯 Flexible Prompt Optimization API: Introduced a new flexible API for prompt optimization with support for model switching and the GEPA algorithm, enabling more efficient prompt tuning with fewer rollouts. See the documentation to get started. (#18183, #18031, @​TomeHirata)
• 🎨 Enhanced UI Onboarding: Improved in-product onboarding experience with trace quickstart drawer and updated homepage guidance to help users discover MLflow's latest features. (#18098, #18187, @​B-Step62)
• 🔐 Security Middleware for Tracking Server: Added a security middleware layer to protect against DNS rebinding, CORS attacks, and other security threats. Read the documentation for configuration details. (#17910, @​BenWilson2)

Features

• [Tracing / Tracking] Add unlink_traces_from_run batch operation (#18316, @​harupy)
• [Tracing] Add batch trace link/unlink operations to DatabricksTracingRestStore (#18295, @​harupy)
• [Tracking] Claude Code SDK autologging support (#18022, @​smoorjani)
• [Tracing] Add support for reading trace configuration from environment variables (#17792, @​joelrobin18)
• [Tracking] Mistral tracing improvements (#16370, @​joelrobin18)
• [Tracking] Gemini token count tracking (#16248, @​joelrobin18)
• [Tracking] Gemini streaming support (#16249, @​joelrobin18)
• [Tracking] CrewAI token count tracking with documentation updates (#16373, @​joelrobin18)
• [Evaluation] Allow passing empty scorer list for manual result comparison (#18265, @​B-Step62)
• [Evaluation] Log assessments to DSPy evaluation traces (#18136, @​B-Step62)
• [Evaluation] Add support for trace inputs to built-in scorers (#17943, @​BenWilson2)
• [Evaluation] Add synonym handling for built-in scorers (#17980, @​BenWilson2)
• [Evaluation] Add span timing tool for Agent Judges (#17948, @​BenWilson2)
• [Evaluation] Allow disabling evaluation sample check (#18032, @​B-Step62)
• [Evaluation] Reduce verbosity of SIMBA optimizer logs when aligning judges (#17795, @​BenWilson2)
• [Evaluation] Add __repr__ method for Judges (#17794, @​BenWilson2)
• [Prompts] Add prompt registry support to MLflow webhooks (#17640, @​harupy)
• [Prompts] Prompt Registry Chat UI (#17334, @​joelrobin18)
• [UI] Delete parent and child runs together (#18052, @​joelrobin18)
• [UI] Added move to top, move to bottom for charts (#17742, @​joelrobin18)
• [Tracking] Use sampling data for run comparison to improve performance (#17645, @​lkuo)
• [Tracking] Add optional 'outputs' column for evaluation dataset records (#17735, @​WeichenXu123)

Bug Fixes

• [Tracing] Fix parent run resolution mechanism for LangChain (#17273, @​B-Step62)
• [Tracing] Add client-side retry for get_trace to improve reliability (#18224, @​B-Step62)
• [Tracing] Fix OpenTelemetry dual export (#18163, @​B-Step62)
• [Tracing] Suppress false warnings from span logging (#18092, #18276, @​B-Step62)
• [Tracing] Fix OpenTelemetry resource attributes not propagating correctly (#18019, @​xiaosha007)
• [Tracing] Fix DSPy prompt display (#17988, @​B-Step62)
• [Tracing] Fix usage aggregation to avoid ancestor duplication (#17921, @​TomeHirata)
• [Tracing] Fix double counting in Strands tracing (#17855, @​joelrobin18)
• [Tracing] Fix to_predict_fn to handle traces without tags field (#17784, @​harupy)
• [Tracing] URL-encode trace tag keys in delete_trace_tag to prevent 404 errors (#18232, @​copilot-swe-agent)
• [Tracking] Fix Claude Code autologging inputs not displaying (#17858, @​smoorjani)
• [Tracking] Fix runs with 0-valued metrics not appearing in experiment list contour plots (#17916, @​WeichenXu123)

... (truncated)

Commits

• 77b2695 Run python3 dev/update_mlflow_versions.py pre-release ... (#18355)
• fc2fb36 Revert "Add atomicity to job_start API (#18226)"
• e7b2177 Revert "Fix response handling in log_spans (#18280)" (#18349)
• 5d86ffe Create set_databricks_monitoring_sql_warehouse_id API (#18346)
• 250985f Fetch config after adding first record (#18338)
• ad0aad1 Fix log_metrics slowness for get run (#18241)
• 05a0111 Increase max height of params/metrics boxes (#18306)
• 3e24457 Implement lazy logger initialization in claude_code.tracing (#18339)
• 892bed1 Add github feature requests on the GenAI doc (#18342)
• f605177 Minor comment fix for extract_retrieval_context_from_trace (#18331)
• Additional commits viewable in compare view

<...

Description has been truncated