chore(deps): bump js-yaml from 3.14.1 to 3.14.2 in /site in the npm_and_yarn group across 1 directory #1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…envoyproxy#1494) **Description** - ai gateway mutating webhook should default failurePolicy to Fail **Related Issues/PRs (if applicable)** fixes: envoyproxy#1493 **Special notes for reviewers (if applicable)** Signed-off-by: googs1025 <[email protected]>
**Description** fix: envoyproxy#1485 **Related Issues/PRs (if applicable)** **Special notes for reviewers (if applicable)** Signed-off-by: googs1025 <[email protected]>
… a tool call (envoyproxy#1486) **Description** Finish reason should be tool calls if the model returns a tool call response. In vertex api, there is no tool call finish reason, thus need a work around to make it compatible. --------- Signed-off-by: yxia216 <[email protected]> Co-authored-by: Dan Sun <[email protected]>
…oxy#1491) **Description** This decouples backendauth & headermutator packages from extproc specifics. As we are looking to migrate to dynamic modules, this is a necessary refactoring work to make the code as reusable as possible. **Related Issues/PRs (if applicable)** Preliminary for envoyproxy#90 --------- Signed-off-by: Takeshi Yoneda <[email protected]>
…tificates (envoyproxy#1504) **Description** Removes the hardcoded webhook certificate when cert-manager is not configured and uses the Helm cert functions [1] to generate it, so that the right namespace is used in the certificate DNS names. **Related Issues/PRs (if applicable)** Fixes envoyproxy#1502 Fixes: envoyproxy#1363 **Special notes for reviewers (if applicable)** N/A 1: https://helm.sh/docs/chart_template_guide/function_list#cryptographic-and-security-functions Signed-off-by: Ignasi Barrera <[email protected]>
**Description** Fixes a small issue that happened in standalone mode and the discovery of BackendTLS policies for the MCPRoute security configuration. In the controller code we're using `gwapiv1` in all reconcilers and the controller-runtime Client. That client is typed and works with the specific version. The fakeClient used in standalone mode, populated the BackendTLSPolicy as `gwapiv1alpha3`, causing the controller code to not find it. We could change the controller code and make sure all operations that use the `client.Client` from teh controller runtime account for all versions, but that would be a lot of repeated code, and the controller consistently uses `gwapiv1` everywhere, so I think it is OK to jsut fix the standalone mode to initialize its fakeClient with the right version (note that we can still "read any version from the YAML file", as we generically unmarshal to `Unstructured`; it's just a matter of how we populate the data in the fakeClient).. **Related Issues/PRs (if applicable)** N/A **Special notes for reviewers (if applicable)** N/A Signed-off-by: Ignasi Barrera <[email protected]>
**Description** Previously when MCPRoute being reconciled, the controller assumed that all the parentRefs are local, which was a bug for cross-namespace use cases. This fixes the bug which existed in the syncGateawy function of MCPRoute controller. **Related Issues / PRs** Fixes envoyproxy#1483 --------- Signed-off-by: Hritik003 <[email protected]>
**Description** Resolves envoyproxy#1478 Signed-off-by: Takeshi Yoneda <[email protected]>
…ic req (envoyproxy#1508) **Description** This commit adds support for dereferencing JSON schema `$ref` references in tool parameters for the OpenAI to GCP Anthropic translator. When OpenAI tool definitions contain JSON schemas with `$ref` pointers, these references are now automatically resolved before the schema is converted to Anthropic's format. Signed-off-by: Sukumar Gaonkar <[email protected]>
…nvoyproxy#1516) **Description** This reverts commit ae516a1 due to a bug found in an end user test. The fix seems straightforward, but we are nearing the release v0.4, so reverting it is the best way to go for now Signed-off-by: Takeshi Yoneda <[email protected]>
… availability (envoyproxy#1512) **Description** older GCP models (model < 2.5, eg gemini-flash-2.0) do not support the ParametersJsonSchema field for tool parameters. Instead, they require the Parameters field to be converted to gemini specific schema. This PR ensures that the correct schema format is used based on the model version. --------- Signed-off-by: Sukumar Gaonkar <[email protected]> Co-authored-by: Dan Sun <[email protected]>
**Description** v0.4 Release notes **Related Issues/PRs (if applicable)** N/A **Special notes for reviewers (if applicable)** @envoyproxy/ai-gateway-maintainers, please review the release notes for accuracy --------- Signed-off-by: Erica Hughberg <[email protected]> Signed-off-by: Takeshi Yoneda <[email protected]> Co-authored-by: Takeshi Yoneda <[email protected]>
…y#1519) **Description** This aligns the OpenInference embeddings data capture with the final specification I worked upstream to complete. https://github.com/Arize-ai/openinference/tree/main/spec **Related Issues/PRs (if applicable)** Arize-ai/openinference#2238 **Special notes for reviewers (if applicable)** Thanks very much @axiomofjoy from Arize who spent a lot of think time on this on the other side, helping to balance the desire to have things documented (for external implementations like this) with the practical realities of Eval UX I'm less familiar with. Signed-off-by: Adrian Cole <[email protected]>
…erence (envoyproxy#1520) **Description** updates image generation request tracing to match latest OpenInference - Span name changed to ImagesResponse - Add output.mime_type and output.value attributes - Remove llm.model_name from request attributes (now in invocation_parameters) - Fix missing RecordResponse call in translator **Related Issues/PRs (if applicable)** envoyproxy#1519 Signed-off-by: Adrian Cole <[email protected]> Co-authored-by: Ignasi Barrera <[email protected]>
…tool calls are not all in the same chunk (envoyproxy#1524) **Description** In envoyproxy#1468, tool call index in stream mode for gemini models is based on the assumption that all tool calls are in the same chunk. This is not true. Thus, we still need a global index to track. **Related Issues/PRs (if applicable)** --------- Signed-off-by: yxia216 <[email protected]>
**Description** v0.4.0 has just been released! --------- Signed-off-by: Takeshi Yoneda <[email protected]>
**Description** Adds missing links to external types. **Related Issues/PRs (if applicable)** Fixes envoyproxy#1523 **Special notes for reviewers (if applicable)** N/A Signed-off-by: Ignasi Barrera <[email protected]>
…y#1528) **Description** https://aigateway.envoyproxy.io/docs/0.3/getting-started/prerequisites has error in the doc mentioning v0.3.0 version for envoy gateway helm chart, it needs to be 1.5.0 instead **Related Issues/PRs (if applicable)** N/A **Special notes for reviewers (if applicable)** N/A --------- Signed-off-by: Deepak Deore <[email protected]>
**Description** GCP global region endpoint is different from regional endpoint. Current PR is to handle GCP global region to avoid segfault. Related PR: envoyproxy#752 --------- Signed-off-by: Xiaolin Lin <[email protected]> Signed-off-by: Dan Sun <[email protected]> Co-authored-by: Dan Sun <[email protected]>
…nvoyproxy#1501) **Description** Now that EG has merged the patch that allows using `localhost` in Backends when running in standalone mode, we can remove the uses of `.nip.io` we were using to overcome the limitation when proxying local Ollama LLMs or local MCP servers. I've verified all Docker guides we had as well as all ollama configs and everything works as expected (cc @codefromthecrypt) **Related Issues/PRs (if applicable)** envoyproxy/gateway#7427 **Special notes for reviewers (if applicable)** This requires upgrading to the latest EG from main (the change hasn't yet been cherry-picked to the 1.6 release branch). Opening as a draft to avoid bumping the EG dependency beyond 1.6 until we release. Signed-off-by: Ignasi Barrera <[email protected]> Signed-off-by: Ignasi Barrera <[email protected]>
**Description** Parameterize the common variables to make the versioning process less error-prone. Now we can centralize variables in the `_vars.json` file that will be copied to each versioned doc, and have the documentation just reference those variables. I've only applied it in the "next" version; I don't think it's worth applying it back to existing versioned docs. **Related Issues/PRs (if applicable)** Related to: envoyproxy#1528 **Special notes for reviewers (if applicable)** N/A --------- Signed-off-by: Ignasi Barrera <[email protected]>
…1532) **Description** The compiled binaries report the Git SHA in the version. For example, the `v0.4.0` downloaded CLI prints this: ``` $ ./aigw-darwin-arm64 version Envoy AI Gateway CLI: ad5f75e ``` This is not particularly useful to users, so this change updates how versions are encoded in the binary: ``` # Binary compiled from a tag -> version is just the name of the tag: $ ./aigw-darwin-arm64 version Envoy AI Gateway CLI: 0.4.0 # Binary is compiled from a non-tag commit -> version shows the SHA, the closest tag and the number of commits ahead of that tag: $ ./aigw-darwin-arm64 version Envoy AI Gateway CLI: c662744 (v0.4.0, +8) ``` Users insterested in the exact Git SHA can still get it with: ``` $ go version -m ./aigw-darwin-arm64 | grep vcs build vcs=git build vcs.revision=c662744d6485424945d41d044797e3883c91605a build vcs.time=2025-11-11T14:24:44Z build vcs.modified=false ``` **Related Issues/PRs (if applicable)** N/A **Special notes for reviewers (if applicable)** N/A Signed-off-by: Ignasi Barrera <[email protected]>
**Description**
In MCP, resource read requests do not include the name; just the
resource URI:
```json
{
"jsonrpc": "2.0",
"id": 2,
"method": "resources/read",
"params": {
"uri": "file:///project/src/main.rs"
}
}
```
When returning the list of available resources, we were returning the
backend encoded in the resource names, like:
```json
{
"jsonrpc": "2.0",
"id": 1,
"result": {
"resources": [
{
"uri": "file:///project/src/main.rs",
"name": "backend__main.rs",
"title": "Rust Software Application Main File",
"description": "Primary application entry point",
"mimeType": "text/x-rust"
}
],
"nextCursor": "next-page-cursor"
}
}
```
However, when MCP clients perform the `resources/read` operation, they
only send the URL, and there was not enough information there to decide
what backend the request should be routed to.
In this PR, I'm proposing to encode the backend in the resource URI
scheme part, like:
```json
"uri": "backend+file:///project/src/main.rs",
```
The spec allows for custom schemas [1].
I've considered other approaches, like generating URIs like:
`aigw://backend/<encoded original URI>`, but an important thing to take
into account is that **we can't do that for resource template URIs**, as
they'll be parameterized like `file://files/{id}.txt`, and clients are
expected to be able to simply perform variable substitution on those
URLs. This means that we need to cleanly preserve the original URI
somehow, and encoding the backend in the scheme looks like a simple and
clean solution.
**Related Issues/PRs (if applicable)**
Fixes envoyproxy#1530
**Special notes for reviewers (if applicable)**
~~Opening the PR as a draft for early feedback. I still need to run some
more tests.~~
Something important I noticed while developing this is that our MCP
extproc tests were hardcoding some of the conventions in the calls we
made to the server, preventing the detection of this issue. In this PR I
also change the tests to use the outputs from the server, so that the
entire interactions are consistent and don't make any assumptions.
1:
https://modelcontextprotocol.io/specification/2025-06-18/server/resources#custom-uri-schemes
---------
Signed-off-by: Ignasi Barrera <[email protected]>
…yproxy#1511) **Description** > Added customizable configuration capabilities for objectSelector and namespaceSelector in MutatingWebhookConfiguration. This prevents Pods from being managed by multiple ai-gateway-controllers. Related PR: envoyproxy#1510 --------- Signed-off-by: misakazhou <[email protected]>
**Description**
Opening as a draft to get early feedback.
When running in standalone mode, it allows running and proxying `stdio`
MCP servers. This PR only supports defining the servers in the
`servers.json` format, as for now, we don't want to introduce new nouns
for a feature that does not apply to Kubernetes.
With this change, the CLI can be started with a file like the following:
```
aigw run --mcp-json '{
"mcpServers": {
"everything": {
"command": "npx",
"args": ["-y","@modelcontextprotocol/server-everything"]
},
"filesystem": {
"command": "npx",
"args": ["-y","@modelcontextprotocol/server-filesystem"]
}
}
}'
```
**Related Issues/PRs (if applicable)**
Depends on envoyproxy/gateway#7427 for a clean
implementation.
**Special notes for reviewers (if applicable)**
N/A
---------
Signed-off-by: Ignasi Barrera <[email protected]>
Signed-off-by: Ignasi Barrera <[email protected]>
…y#1539) **Description** This adds tracing support for cohere v2 rerank endpoint and follows the semantics mentioned for rerank in https://github.com/Arize-ai/openinference/blob/main/spec/semantic_conventions.md --------- Signed-off-by: ayush <[email protected]>
**Description** As @mathetake pointed out, the test function in envoyproxy#1524 is quite wrong. @mathetake fixed some in envoyproxy#1507, but there is still one bug: I did not insert "\n\n" in the string `gcpToolCallsChunk`, thus, it just parsed out one gcp chunk, which makes the test meaningless (it's to test across chunks). Really sorry for the mistake in the tests! --------- Signed-off-by: yxia216 <[email protected]> Co-authored-by: Ignasi Barrera <[email protected]>
**Description** Support route-level body mutation for top-level field. route level body mutation is useful when have heterogeneous cloud-provider backends support same model but with slightly different request body fields to override esp OpenAI's `service_tier` field **Related Issues/PRs (if applicable)** Close envoyproxy#1481 --------- Signed-off-by: Xiaolin Lin <[email protected]> Co-authored-by: Dan Sun <[email protected]>
**Description** The translators shouldn't have to be tied with ext_proc APIs since it's none of their concerns. This commit decouples the translator package from them so that we can easily use them in dynamic modules too. **Related Issues/PRs (if applicable)** Preparation for envoyproxy#90 --------- Signed-off-by: Takeshi Yoneda <[email protected]>
…yproxy#1540) **Description** This moves the non-extproc related packages (extproc and bodymutator) out of internal/extproc directory into directly under internal dir. **Related Issues/PRs (if applicable)** Preparation for envoyproxy#90 Signed-off-by: Takeshi Yoneda <[email protected]>
**Description** This upgrades the EG version used in CI to v1.6.0 from v1.6.0-rc1. Signed-off-by: Takeshi Yoneda <[email protected]>
Bumps the npm_and_yarn group with 1 update in the /site directory: [js-yaml](https://github.com/nodeca/js-yaml). Updates `js-yaml` from 3.14.1 to 3.14.2 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@3.14.1...3.14.2) --- updated-dependencies: - dependency-name: js-yaml dependency-version: 3.14.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 1 update in the /site directory: js-yaml.
Updates
js-yamlfrom 3.14.1 to 3.14.2Changelog
Sourced from js-yaml's changelog.
... (truncated)
Commits
9963d363.14.2 released10d3c8edist rebuild5278870fix prototype pollution in merge (<<) (#731)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.