MLflow 2.14.2 is a patch release that includes several important bug fixes and documentation enhancements.
Bug fixes:
[Models] Fix an issue with requirements inference error handling when disabling the default warning-only behavior (#12547, @B-Step62)
[Models] Fix dependency inference issues with Transformers models saved with the unified API llm/v1/xxx task definitions. (#12551, @B-Step62)
[Models / Databricks] Fix an issue with MLlfow log_model introduced in MLflow 2.13.0 that causes Databricks DLT service to crash in some situations (#12514, @WeichenXu123)
[Models] Fix an output data structure issue with the predict_stream implementation for LangChain AgentExecutor and other non-Runnable chains (#12518, @B-Step62)
[Tracking] Fix an issue with the predict_proba inference method in the sklearn flavor when loading an sklearn pipeline object as pyfunc (#12554, @WeichenXu123)
[Tracking] Fix an issue with the Tracing implementation where other services usage of OpenTelemetry would activate MLflow tracing and cause errors (#12457, @B-Step62)
[Tracking / Databricks] Correct an issue when running dependency inference in Databricks that can cause duplicate dependency entries to be logged (#12493, @sunishsheth2009)
Documentation updates:
[Docs] Add documentation and guides for the MLflow tracing schema (#12521, @BenWilson2)
MLflow 2.14.0 includes several major features and improvements that we're very excited to announce!
Major features:
MLflow Tracing: Tracing is powerful tool designed to enhance your ability to monitor, analyze, and debug GenAI applications by allowing you to inspect the intermediate outputs generated as your application handles a request. This update comes with an automatic LangChain integration to make it as easy as possible to get started, but we've also implemented high-level fluent APIs, and low-level client APIs for users who want more control over their trace instrumentation. For more information, check out the guide in our docs!
Unity Catalog Integration: The MLflow Deployments server now has an integration with Unity Catalog, allowing you to leverage registered functions as tools for enhancing your chat application. For more information, check out this guide!
OpenAI Autologging: Autologging support has now been added for the OpenAI model flavor. With this feature, MLflow will automatically log a model upon calling the OpenAI API. Each time a request is made, the inputs and outputs will be logged as artifacts. Check out the guide for more information!
MLflow 2.14.2 is a patch release that includes several important bug fixes and documentation enhancements.
Bug fixes:
[Models] Fix an issue with requirements inference error handling when disabling the default warning-only behavior (#12547, @B-Step62)
[Models] Fix dependency inference issues with Transformers models saved with the unified API llm/v1/xxx task definitions. (#12551, @B-Step62)
[Models / Databricks] Fix an issue with MLlfow log_model introduced in MLflow 2.13.0 that causes Databricks DLT service to crash in some situations (#12514, @WeichenXu123)
[Models] Fix an output data structure issue with the predict_stream implementation for LangChain AgentExecutor and other non-Runnable chains (#12518, @B-Step62)
[Tracking] Fix an issue with the predict_proba inference method in the sklearn flavor when loading an sklearn pipeline object as pyfunc (#12554, @WeichenXu123)
[Tracking] Fix an issue with the Tracing implementation where other services usage of OpenTelemetry would activate MLflow tracing and cause errors (#12457, @B-Step62)
[Tracking / Databricks] Correct an issue when running dependency inference in Databricks that can cause duplicate dependency entries to be logged (#12493, @sunishsheth2009)
Documentation updates:
[Docs] Add documentation and guides for the MLflow tracing schema (#12521, @BenWilson2)
MLflow 2.14.0 includes several major features and improvements that we're very excited to announce!
Major features:
MLflow Tracing: Tracing is powerful tool designed to enhance your ability to monitor, analyze, and debug GenAI applications by allowing you to inspect the intermediate outputs generated as your application handles a request. This update comes with an automatic LangChain integration to make it as easy as possible to get started, but we've also implemented high-level fluent APIs, and low-level client APIs for users who want more control over their trace instrumentation. For more information, check out the guide in our docs!
Unity Catalog Integration: The MLflow Deployments server now has an integration with Unity Catalog, allowing you to leverage registered functions as tools for enhancing your chat application. For more information, check out this guide!
OpenAI Autologging: Autologging support has now been added for the OpenAI model flavor. With this feature, MLflow will automatically log a model upon calling the OpenAI API. Each time a request is made, the inputs and outputs will be logged as artifacts. Check out the guide for more information!
... (truncated)
Commits
20c31eb Run python3 dev/update_mlflow_versions.py pre-release ... (#12566)
To provide a more stable migration for custom HTTPAdapters impacted
by the CVE changes in 2.32.0, we've renamed _get_connection to
a new public API, get_connection_with_tls_context. Existing custom
HTTPAdapters will need to migrate their code to use this new API.
get_connection is considered deprecated in all versions of Requests>=2.32.0.
A minimal (2-line) example has been provided in the linked PR to ease
migration, but we strongly urge users to evaluate if their custom adapter
is subject to the same issue described in CVE-2024-35195. (#6710)
v2.32.1
2.32.1 (2024-05-20)
Bugfixes
Add missing test certs to the sdist distributed on PyPI.
verify=True now reuses a global SSLContext which should improve
request time variance between first and subsequent requests. It should
also minimize certificate load time on Windows systems when using a Python
version built with OpenSSL 3.x. (#6667)
Requests now supports optional use of character detection
(chardet or charset_normalizer) when repackaged or vendored.
This enables pip and other projects to minimize their vendoring
surface area. The Response.text() and apparent_encoding APIs
will default to utf-8 if neither library is present. (#6702)
Bugfixes
Fixed bug in length detection where emoji length was incorrectly
calculated in the request content-length. (#6589)
Fixed deserialization bug in JSONDecodeError. (#6629)
Fixed bug where an extra leading / (path separator) could lead
urllib3 to unnecessarily reparse the request URI. (#6644)
To provide a more stable migration for custom HTTPAdapters impacted
by the CVE changes in 2.32.0, we've renamed _get_connection to
a new public API, get_connection_with_tls_context. Existing custom
HTTPAdapters will need to migrate their code to use this new API.
get_connection is considered deprecated in all versions of Requests>=2.32.0.
A minimal (2-line) example has been provided in the linked PR to ease
migration, but we strongly urge users to evaluate if their custom adapter
is subject to the same issue described in CVE-2024-35195. (#6710)
2.32.1 (2024-05-20)
Bugfixes
Add missing test certs to the sdist distributed on PyPI.
verify=True now reuses a global SSLContext which should improve
request time variance between first and subsequent requests. It should
also minimize certificate load time on Windows systems when using a Python
version built with OpenSSL 3.x. (#6667)
Requests now supports optional use of character detection
(chardet or charset_normalizer) when repackaged or vendored.
This enables pip and other projects to minimize their vendoring
surface area. The Response.text() and apparent_encoding APIs
will default to utf-8 if neither library is present. (#6702)
Bugfixes
Fixed bug in length detection where emoji length was incorrectly
calculated in the request content-length. (#6589)
Fixed deserialization bug in JSONDecodeError. (#6629)
Fixed bug where an extra leading / (path separator) could lead
urllib3 to unnecessarily reparse the request URI. (#6644)
urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.
Thank you for your support.
Changes
Added the Proxy-Authorization header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect.
Allowed passing negative integers as amt to read methods of http.client.HTTPResponse as an alternative to None. (#3122)
Fixed return types representing copying actions to use typing.Self. (#3363)
Added the Proxy-Authorization header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect.
Allowed passing negative integers as amt to read methods of http.client.HTTPResponse as an alternative to None. ([#3122](https://github.com/urllib3/urllib3/issues/3122) <https://github.com/urllib3/urllib3/issues/3122>__)
Fixed return types representing copying actions to use typing.Self. ([#3363](https://github.com/urllib3/urllib3/issues/3363) <https://github.com/urllib3/urllib3/issues/3363>__)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/getindata/kedro-azureml/network/alerts).
Bumps the pip group with 8 updates:
2.12.1
2.14.2
1.16.0
1.16.1
2024.2.2
2024.7.4
21.2.0
22.0.0
2.31.0
2.32.2
4.66.2
4.66.3
2.2.1
2.2.2
3.18.1
3.19.1
Updates
mlflow
from 2.12.1 to 2.14.2Release notes
Sourced from mlflow's releases.
... (truncated)
Changelog
Sourced from mlflow's changelog.
... (truncated)
Commits
20c31eb
Runpython3 dev/update_mlflow_versions.py pre-release ...
(#12566)5b95867
fix reversione1d5f97
Update get_trace() fluent API to fetch trace from backend too (#12311)b0cb71d
Revert "Databricks SDK doc / error message improvement (#12552)"a3f9024
Skip conversational tests for transformers dev (#12310)b9956d4
Refactor@trace_disabled
implementation (#12285)d742cef
Updatepyfunc_serve_and_score_model
to kill process after scoring (#12409)3462aa0
Pin xgboost for FLAML (#12432)0d6086d
Documentcode_paths
limitation when loading multiple models (#12471)e9bf530
Use editable install in autoformat workflow (#12497)Updates
azure-identity
from 1.16.0 to 1.16.1Release notes
Sourced from azure-identity's releases.
Commits
6a07fc9
[Identity] Fix device code tests (#35846)e16a704
[Identity] Add Azure Arc key validation checksUpdates
certifi
from 2024.2.2 to 2024.7.4Commits
bd81538
2024.07.04 (#295)06a2cbf
Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294)13bba02
Bump actions/checkout from 4.1.6 to 4.1.7 (#293)e8abcd0
Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#292)124f4ad
2024.06.02 (#291)c2196ce
--- (#290)fefdeec
Bump actions/checkout from 4.1.4 to 4.1.5 (#289)3c5fb15
Bump actions/download-artifact from 4.1.6 to 4.1.7 (#286)4a9569a
Bump actions/checkout from 4.1.2 to 4.1.4 (#287)1fc8086
Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#288)Updates
gunicorn
from 21.2.0 to 22.0.0Release notes
Sourced from gunicorn's releases.
Commits
f63d59e
bump to 22.04ac81e0
Merge pull request #3175 from e-kwsm/typo401cecf
Merge pull request #3179 from dhdaines/exclude-eventlet-03600243ec3
fix(deps): exclude eventlet 0.36.0628a0bc
chore: fix typos88fc4a4
Merge pull request #3131 from pajod/patch-py12-rebaseddeae2fc
CI: back off the agressive timeoutf470382
docs: promise 3.12 compat5e30bfa
add changelog to project.urls (updated for PEP621)481c3f9
remove setup.cfg - overridden by pyproject.tomlUpdates
requests
from 2.31.0 to 2.32.2Release notes
Sourced from requests's releases.
... (truncated)
Changelog
Sourced from requests's changelog.
... (truncated)
Commits
88dce9d
v2.32.2c98e4d1
Merge pull request #6710 from nateprewitt/api_rename92075b3
Add deprecation warningaa1461b
Move _get_connection to get_connection_with_tls_context970e8ce
v2.32.1d6ebc4a
v2.32.09a40d12
Avoid reloading root certificates to improve concurrent performance (#6667)0c030f7
Merge pull request #6702 from nateprewitt/no_char_detection555b870
Allow character detection dependencies to be optional in post-packaging stepsd6dded3
Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-testUpdates
tqdm
from 4.66.2 to 4.66.3Release notes
Sourced from tqdm's releases.
Commits
4e613f8
Merge pull request from GHSA-g7vv-2v7x-gj9pb53348c
cli: eval safetyUpdates
urllib3
from 2.2.1 to 2.2.2Release notes
Sourced from urllib3's releases.
Changelog
Sourced from urllib3's changelog.
Commits
27e2a5c
Release 2.2.2 (#3406)accff72
Merge pull request from GHSA-34jh-p97f-mpxf34be4a5
Pin CFFI to a new release candidate instead of a Git commit (#3398)da41058
Bump browser-actions/setup-chrome from 1.6.0 to 1.7.1 (#3399)b07a669
Bump github/codeql-action from 2.13.4 to 3.25.6 (#3396)b8589ec
Measure coverage with v4 of artifact actions (#3394)f3bdc55
Allow triggering CI manually (#3391)5239265
Fix HTTP version in debug log (#3316)b34619f
Bump actions/checkout to 4.1.4 (#3387)9961d14
Bump browser-actions/setup-chrome from 1.5.0 to 1.6.0 (#3386)Updates
zipp
from 3.18.1 to 3.19.1Changelog
Sourced from zipp's changelog.
Commits
6d1cb72
Finalizefd604bd
Merge pull request #120 from jaraco/bugfix/119-malformed-pathsc18417e
Add news fragment.58115d2
Employ SanitizedNames in CompleteDirs. Fixes broken test.564fcc1
Add SanitizedNames mixin.79a309f
Add some assertions about malformed paths.2d015c2
Merge https://github.com/jaraco/skeletona595a0f
Rename extras to align with core metadata spec.608f90a
Finalize3a22d72
Merge pull request #118 from jaraco/feature/is-symlinkDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show