Bump the uv group across 2 directories with 5 updates

[dependabot]

Bumps the uv group with 4 updates in the / directory: jupyterlab, jupyter-server, langchain-core and mistune.
Bumps the uv group with 2 updates in the /mcp_server directory: langchain-core and python-multipart.

Updates jupyterlab from 4.5.2 to 4.5.7

Release notes

Sourced from jupyterlab's releases.

v4.5.7

4.5.7

(Full Changelog)

Security patches

• CVE-2026-42557 GHSA-mqcg-5x36-vfcg
• CVE-2026-42266 GHSA-37w4-hwhx-4rc4
• CVE-2026-40171 GHSA-rch3-82jr-f9w9

Bugs fixed

• Video and Audio Content Providers: Fix JupyterLite support #18652 (@​martinRenou)
• Fix notebook hang when dropping cells #18808 (@​MUFFANUJ)
• Fix Contextual Help keyboard shortcut reliability and menu Help functionality #18747 (@​itsmejay80)
• Fix focusing input element when opening a dialog from Command Palette #18735 (@​Carreau)
• Fix native context menu blocked even when context menu is suppressed #18753 (@​utsav-develops)
• Fix flaky toolbar item placement in popup #18618 (@​filipeoliveira05)
• Update terminal default font family to honor macOS system-wide ui-monospace #18647 (@​flaviomartins)

Maintenance and upkeep improvements

• Fix linting issue #18819 (@​krassowski)
• Fix syntax for Python 3.9 on 4.5.x branch #18817 (@​krassowski)
• Remove unused CodeMirror v5 CSS rule #18785 (@​Carreau)
• Remove unused CSS rule forgotten after CodeMirror migration #18763 (@​Carreau)
• Remove unused progress bar CSS rule in execution indicator #18759 (@​Carreau)
• Remove dead .jp-VariableRenderer-TrustButton CSS rule #18762 (@​Carreau)
• Remove used .jp-Cell-Placeholder CSS rules #18761 (@​Carreau)

Documentation improvements

• Fix name of option for extension manager implementation in docs #18788 (@​krassowski)
• Remove 4.5.0 announcement from docs #18740 (@​krassowski)

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See our definition of contributors.

(GitHub contributors page for this release)

@​Carreau (activity) | @​filipeoliveira05 (activity) | @​flaviomartins (activity) | @​itsmejay80 (activity) | @​jtpio (activity) | @​krassowski (activity) | @​martinRenou (activity) | @​MUFFANUJ (activity) | @​utsav-develops (activity)

v4.5.6

4.5.6

... (truncated)

Commits

• f514041 [ci skip] Publish 4.5.7
• 66fe9ad Backport PR #18652 on branch 4.5.x (Video and Audio Content Providers: Fix Ju...
• f4455fa Fix syntax for Python 3.9 on 4.5.x branch (#18817)
• d2322b5 Backport PR #18819 on branch 4.5.x (Fix linting issue) (#18820)
• 5d9cb8c Merge commit from fork
• 1de120b Merge commit from fork
• 6926100 Backport PR #18808 on branch 4.5.x (Fix notebook hang when dropping cells) (#...
• 67e6e88 Backport PR #18647 on branch 4.5.x (Update default font family to honor macOS...
• bf21eb9 Backport PR #18747 on branch 4.5.x (Fix Contextual Help keyboard shortcut rel...
• 73cafa5 Backport PR #18788 on branch 4.5.x (Fix name of option for extension manager ...
• Additional commits viewable in compare view

Updates jupyter-server from 2.17.0 to 2.18.0

Release notes

Sourced from jupyter-server's releases.

v2.18.0

2.18.0

(Full Changelog)

Security patches

• CVE-2026-40110 GHSA-24qx-w28j-9m6p
• CVE-2025-61669 GHSA-qh7q-6qm3-653w
• CVE-2026-40934 GHSA-5mrq-x3x5-8v8f
• CVE-2026-35397 GHSA-5789-5fc7-67v3

API and Breaking Changes

• Add query param to sanitize HTML in GET /nbconvert/html #1618 (@​Yann-P, @​Carreau)

Enhancements made

• Update handlers.py to fix ioloop blockers(sync file operations) #1617 (@​zolyfarkas-fb, @​Carreau)
• Add resolvePath API for resolving kernel-relative paths #1331 (@​krassowski, @​Carreau, @​blink1073)

Bugs fixed

• Move check origin into a util function and add it to websocket #1630 (@​Carreau, @​Yann-P)
• Fix flaky test_restart_kernel by unsticking nudge() after port-changing restart #1628 (@​Carreau, @​claude, @​krassowski)
• Try to fix flaky test "test_restart_kernel" #1625 (@​Carreau)
• Fix potential unraisable pytest error #1624 (@​Carreau)
• fix: use %s placeholders in HTTPError to prevent Tornado from doubling % in gateway URLs #1620 (@​terminalchai, @​krassowski, @​ptch314)
• Fix three file descriptor leaks in kernel connection lifecycle (#1506) #1619 (@​tonyx93, @​Carreau)
• Use web.HTTPError for kernel restart failures #1616 (@​YDawn, @​Carreau)
• Handle EADDRINUSE and EACCES in _bind_http_server_tcp #1613 (@​YDawn, @​Zsailer, @​minrk)
• Use st_birthtime for file created timestamp on macOS/BSD #1594 (@​ktaletsk, @​krassowski, @​minrk)
• Fix double write when refusing hidden files in contents handler #1585 (@​Krish-876, @​minrk)
• Close all sockets in _find_http_port explicitly #1584 (@​MaryushSoroka, @​minrk)
• Fix writing on remote file systems with attribute cache #1574 (@​krassowski, @​Zsailer)
• Add IdentityProvider.cookie_secret_hook #1569 (@​emin63, @​minrk)
• fix context pollution #1561 (@​dualc, @​Zsailer)
• Fix gateway cookie handling #1558 (@​kevin-bates, @​RRosio, @​lresende, @​minrk)
• fix connection exception cause high cpu load #1484 (@​dualc, @​lresende, @​minrk)

Maintenance and upkeep improvements

• Start to test on Python 3.13 and 3.14 #1623 (@​Carreau)
• Bump actions/create-github-app-token from 2 to 3 in the actions group across 1 directory #1621 (@​Carreau)
• Bump brace-expansion from 1.1.12 to 1.1.13 #1615 (@​minrk)
• Fix package spec for jupytext #1614 (@​krassowski, @​Zsailer)
• chore: update pre-commit hooks #1607 (@​minrk)
• try to fix ci on windows #1600 (@​minrk, @​krassowski)
• run prerelease tests on 3.14 #1599 (@​minrk)
• Pin sphinx to an older version (<9) to fix docs #1597 (@​krassowski, @​minrk)

... (truncated)

Changelog

Sourced from jupyter-server's changelog.

2.18.0

(Full Changelog)

API and Breaking Changes

• Add query param to sanitize HTML in GET /nbconvert/html #1618 (@​Yann-P, @​Carreau)

Enhancements made

• Update handlers.py to fix ioloop blockers(sync file operations) #1617 (@​zolyfarkas-fb, @​Carreau)
• Avoid redundant call to _get_os_path in _dir_model #1547 (@​joeyutong, @​vidartf)
• Allow specifying extra params to scrub from logs #1538 (@​jtpio, @​Zsailer, @​vidartf)
• Add a logger to the ExtensionPoint API #1523 (@​Zsailer, @​vidartf)
• Allow user to update identity values #1518 (@​brichet, @​minrk)
• If ServerApp.ip is ipv6 use [::1] as local_url #1495 (@​manics, @​afshin)
• Better error message when starting kernel for session. #1478 (@​Carreau, @​davidbrochart, @​krassowski, @​minrk)
• Add a traitlet to disable recording HTTP request metrics #1472 (@​yuvipanda, @​Zsailer)
• prometheus: Expose 3 activity metrics #1471 (@​yuvipanda, @​Zsailer)
• Add prometheus info metrics listing server extensions + versions #1470 (@​yuvipanda, @​Zsailer)
• Add prometheus metric with version information #1467 (@​yuvipanda, @​Zsailer)
• Don't hide .so,.dylib files by default #1457 (@​nokados, @​krassowski, @​minrk, @​vidartf)
• Better hash format error message #1442 (@​fcollonval, @​Zsailer)
• Removing excessive logging from reading local files #1420 (@​lresende, @​kevin-bates)
• Add async start hook to ExtensionApp API #1417 (@​Zsailer, @​Darshan808, @​bollwyvl, @​fcollonval, @​krassowski)
• Do not include token in dashboard link, when available #1406 (@​minrk, @​blink1073)
• Add an option to have authentication enabled for all endpoints by default #1392 (@​krassowski, @​Wh1isper, @​blink1073, @​bollwyvl, @​minrk, @​yuvipanda)
• websockets: add configurations for ping interval and timeout #1391 (@​oliver-sanders, @​blink1073)
• log extension import time at debug level unless it's actually slow #1375 (@​minrk, @​Zsailer, @​yuvipanda)
• Add support for async Authorizers (part 2) #1374 (@​Zsailer, @​blink1073)
• Support async Authorizers #1373 (@​Zsailer, @​blink1073)
• Support get file(notebook) md5 #1363 (@​Wh1isper, @​blink1073, @​bollwyvl, @​krassowski)
• Update kernel env to reflect changes in session #1354 (@​blink1073, @​Carreau, @​krassowski)
• Add resolvePath API for resolving kernel-relative paths #1331 (@​krassowski, @​Carreau, @​blink1073)

Bugs fixed

• Move check origin into a util function and add it to websocket #1630 (@​Carreau, @​Yann-P)
• Fix flaky test_restart_kernel by unsticking nudge() after port-changing restart #1628 (@​Carreau, @​claude, @​krassowski)
• Try to fix flaky test "test_restart_kernel" #1625 (@​Carreau)
• Fix potential unraisable pytest error #1624 (@​Carreau)
• fix: use %s placeholders in HTTPError to prevent Tornado from doubling % in gateway URLs #1620 (@​terminalchai, @​krassowski, @​ptch314)
• Fix three file descriptor leaks in kernel connection lifecycle (#1506) #1619 (@​tonyx93, @​Carreau)
• Use web.HTTPError for kernel restart failures #1616 (@​YDawn, @​Carreau)
• Handle EADDRINUSE and EACCES in _bind_http_server_tcp #1613 (@​YDawn, @​Zsailer, @​minrk)
• Use st_birthtime for file created timestamp on macOS/BSD #1594 (@​ktaletsk, @​krassowski, @​minrk)
• Fix double write when refusing hidden files in contents handler #1585 (@​Krish-876, @​minrk)
• Close all sockets in _find_http_port explicitly #1584 (@​MaryushSoroka, @​minrk)
• Fix writing on remote file systems with attribute cache #1574 (@​krassowski, @​Zsailer)
• Add IdentityProvider.cookie_secret_hook #1569 (@​emin63, @​minrk)

... (truncated)

Commits

• 0ceed45 Publish 2.18.0
• 49b3439 Move check origin into a util function and add it to websocket (#1630)
• e2e08c8 Add test case for bad next URL format
• 624d6c0 Delete outdated patch code
• d825b93 Apply suggestion from @​minrk
• 789fed0 patch open redirect in /login
• 2ee51ec fix(CVE-2026-35397): path traversal when target dir starts with root dir
• 057869a Fix allow_origin_pat to do full matching instead of prefix matching
• 4862199 Add resolvePath API for resolving kernel-relative paths
• e31d514 Bump actions/create-github-app-token from 2 to 3 in the actions group across ...
• Additional commits viewable in compare view

Updates langchain-core from 1.3.0 to 1.3.3

Release notes

Sourced from langchain-core's releases.

langchain-core==1.3.3

Changes since langchain-core==1.3.2

release(core): 1.3.3 (#37198) fix(core): set deprecation since to 1.3.3 to match release (#37200) fix(core, langchain): harden load() against untrusted manifests (#37197) chore: bump notebook from 7.5.0 to 7.5.6 in /libs/core (#37109) chore: bump types-pyyaml from 6.0.12.20250915 to 6.0.12.20260408 in /libs/core (#37129) fix(core): preserve structured inputs on tool runs in tracers (#37108) release(perplexity): 1.2.0 (#37091) chore(docs): update x handle references (#37081) fix(core): make removal optional in warn_deprecated (#37056) fix(core): validate batch_size in _batch and _abatch to prevent infinite loop (#36663) chore(core): mark stream_v2/astream_v2 as beta (#36992)

langchain-core==1.3.2

Changes since langchain-core==1.3.1

release(core): 1.3.2 (#36990) feat(core): add content-block-centric streaming (v2) (#36834)

langchain-core==1.3.1

Changes since langchain-core==1.3.0

release(core): 1.3.1 (#36972) feat(core): allow _format_output to pass through list of ToolOutputMixin instances (#36963) chore: bump nbconvert from 7.17.0 to 7.17.1 in /libs/core (#36923) feat(core): Update inheritance behavior for tracer metadata for special keys (#36900) chore: bump langsmith from 0.7.13 to 0.7.31 in /libs/core (#36813)

Commits

• 5039dfe release(core): 1.3.3 (#37198)
• 55a7707 fix(core): set deprecation since to 1.3.3 to match release (#37200)
• c979c61 fix(core, langchain): harden load() against untrusted manifests (#37197)
• d703110 docs: update README.md (#37190)
• 4d50a2a ci(infra): run pre-release checks before TestPyPI publish (#37194)
• 9bd730e fix(fireworks): require api_key in FireworksEmbeddings (#37193)
• f475f41 release(mistralai): 1.1.4 (#37191)
• 7dbff48 fix(mistralai): strip non-wire keys from ToolMessage (#37188)
• 913816c release(fireworks): 1.3.1 (#37189)
• 4498d3d fix(fireworks): strip non-wire keys from ToolMessage text content blocks (#...
• Additional commits viewable in compare view

Updates mistune from 3.2.0 to 3.2.1

Release notes

Sourced from mistune's releases.

v3.2.1

   🐞 Bug Fixes

• Resolve Windows compatibility issues in file inclusion and tests  -  by @​Yuki9814 (25471)
• Escape html text  -  by @​lepture (a3cb6)
• Update link reference  -  by @​lepture (85eb5)
• Handle escaped dollar signs in inline math  -  by @​saschabuehrle in lepture/mistune#370 (7bd57)
• Escape id of toc  -  by @​lepture (04880)
• Escape id of headings  -  by @​lepture (28556)
• Remove double-encoding of image alt text  -  by @​lawrence3699 (0d6f3)
• Escape xml for math plugin  -  by @​lepture (5fa09)
• Use strict regex for image's height and width  -  by @​lepture (8d0cb)

    View changes on GitHub

Changelog

Sourced from mistune's changelog.

Version 3.2.1

Released on May 3, 2026

• Escape link in render_toc_ul.
• Escape text in math plugin.
• Fix regex for math plugin.
• Escape heading's ID attribute.
• Fix LINK_TITLE_RE to prevent DoS.
• Escape class attribute for admonition directive.
• Remove double-encoding of image alt text.
• Escape class attribute for image directive.
• Fix width/height attribute for image directive.

Commits

• 067f908 chore: release 3.2.1
• bf55030 Merge pull request #438 from saschabuehrle/fix/issue-370
• 8d0cb75 fix: use strict regex for image's height and width
• 5fa092e fix: escape xml for math plugin
• 71ec947 Merge pull request #440 from lawrence3699/fix/image-alt-double-encoding
• 0d6f3d8 fix: remove double-encoding of image alt text
• 2855622 fix: escape id of headings
• 04880a0 fix: escape id of toc
• 7bd5709 fix: handle escaped dollar signs in inline math (fixes #370)
• 85eb54f fix: update link reference
• Additional commits viewable in compare view

Updates langchain-core from 1.3.0 to 1.3.3

Release notes

Sourced from langchain-core's releases.

langchain-core==1.3.3

Changes since langchain-core==1.3.2

release(core): 1.3.3 (#37198) fix(core): set deprecation since to 1.3.3 to match release (#37200) fix(core, langchain): harden load() against untrusted manifests (#37197) chore: bump notebook from 7.5.0 to 7.5.6 in /libs/core (#37109) chore: bump types-pyyaml from 6.0.12.20250915 to 6.0.12.20260408 in /libs/core (#37129) fix(core): preserve structured inputs on tool runs in tracers (#37108) release(perplexity): 1.2.0 (#37091) chore(docs): update x handle references (#37081) fix(core): make removal optional in warn_deprecated (#37056) fix(core): validate batch_size in _batch and _abatch to prevent infinite loop (#36663) chore(core): mark stream_v2/astream_v2 as beta (#36992)

langchain-core==1.3.2

Changes since langchain-core==1.3.1

release(core): 1.3.2 (#36990) feat(core): add content-block-centric streaming (v2) (#36834)

langchain-core==1.3.1

Changes since langchain-core==1.3.0

release(core): 1.3.1 (#36972) feat(core): allow _format_output to pass through list of ToolOutputMixin instances (#36963) chore: bump nbconvert from 7.17.0 to 7.17.1 in /libs/core (#36923) feat(core): Update inheritance behavior for tracer metadata for special keys (#36900) chore: bump langsmith from 0.7.13 to 0.7.31 in /libs/core (#36813)

Commits

• 5039dfe release(core): 1.3.3 (#37198)
• 55a7707 fix(core): set deprecation since to 1.3.3 to match release (#37200)
• c979c61 fix(core, langchain): harden load() against untrusted manifests (#37197)
• d703110 docs: update README.md (#37190)
• 4d50a2a ci(infra): run pre-release checks before TestPyPI publish (#37194)
• 9bd730e fix(fireworks): require api_key in FireworksEmbeddings (#37193)
• f475f41 release(mistralai): 1.1.4 (#37191)
• 7dbff48 fix(mistralai): strip non-wire keys from ToolMessage (#37188)
• 913816c release(fireworks): 1.3.1 (#37189)
• 4498d3d fix(fireworks): strip non-wire keys from ToolMessage text content blocks (#...
• Additional commits viewable in compare view

Updates python-multipart from 0.0.26 to 0.0.27

Release notes

Sourced from python-multipart's releases.

Version 0.0.27

What's Changed

• Pass parse offsets via constructors by @​Kludex in Kludex/python-multipart#268
• Add multipart header limits by @​Kludex in Kludex/python-multipart#267

Full Changelog: Kludex/python-multipart@0.0.26...0.0.27

Changelog

Sourced from python-multipart's changelog.

0.0.27 (2026-04-27)

• Add multipart header limits #267.
• Pass parse offsets via constructors #268.

Commits

• 6d1d689 Version 0.0.27 (#272)
• 0b10220 Run CI on main branch pull requests (#271)
• 3e64f5f Add multipart header limits (#267)
• eb109cc Pass parse offsets via constructors (#268)
• 78e29ab Bump pytest from 9.0.2 to 9.0.3 (#266)
• b2ddd09 fuzz: Enhance fuzzing capabilities with new chunked and boundary tests (#264)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Superseded by #2.