chore: bump the minor-and-patch group with 3 updates

[dependabot]

Bumps the minor-and-patch group with 3 updates: litellm, mem0ai and pytest-cov.

Updates litellm from 1.82.4 to 1.82.6

Release notes

Sourced from litellm's releases.

litellm-v1.81.14.pre-call-hook-fix.dev

What's Changed

• feat: show proxy url in ModelHub by @​janfrederickk in BerriAI/litellm#21660
• fix(bedrock): correct modelInput format for Converse API batch models by @​hztBUAA in BerriAI/litellm#21656
• fix: only tag selected deployment in access group creation by @​hztBUAA in BerriAI/litellm#21655
• feat(proxy): add custom favicon support by @​hztBUAA in BerriAI/litellm#21653
• fix(bedrock): prevent double UUID in create_file S3 key by @​hztBUAA in BerriAI/litellm#21650
• feat(semantic-cache): support configurable vector dimensions by @​hztBUAA in BerriAI/litellm#21649
• fix(utils): normalize camelCase thinking param keys to snake_case by @​Chesars in BerriAI/litellm#21762
• feat: add optional digest mode for Slack alert types by @​dkindlund in BerriAI/litellm#21683
• [Docs] store_model_in_db Release Docs by @​yuneng-jiang in BerriAI/litellm#21863
• Litellm dev 02 19 2026 p2 by @​krrishdholakia in BerriAI/litellm#21871
• fix(budget): fix timezone config lookup and replace hardcoded timezone map with ZoneInfo by @​LeeJuOh in BerriAI/litellm#21754
• fix: add missing return type annotations to iterator protocol methods in streaming_handler by @​WhoisMonesh in BerriAI/litellm#21750
• Add gollem Go agent framework cookbook example by @​trevorprater in BerriAI/litellm#21747
• fix: avoid mutating caller-owned dicts in SpendUpdateQueue aggregation by @​themavik in BerriAI/litellm#21742
• fix(vertex_ai): enable context-1m-2025-08-07 beta header by @​edwiniac in BerriAI/litellm#21870
• Revert "fix(vertex_ai): enable context-1m-2025-08-07 beta header" by @​krrishdholakia in BerriAI/litellm#21876
• fix: enable context-1m-2025-08-07 beta header for vertex_ai provider by @​stakeswky in BerriAI/litellm#21867
• Guardrail Policy Versioning by @​krrishdholakia in BerriAI/litellm#21862
• docs: add OpenClaw integration tutorial by @​Chesars in BerriAI/litellm#21605
• Litellm fix langfuse otel trace v2 by @​Harshit28j in BerriAI/litellm#21309
• fix(bedrock): encode model arns for OpenAI compatible bedrock imported models by @​ta-stripe in BerriAI/litellm#21701
• feat(bedrock): support optional regional STS endpoint in role assumption by @​ta-stripe in BerriAI/litellm#21640
• fix: ensure arrival_time is set before calculating queue time by @​Harshit28j in BerriAI/litellm#21918
• merge main in oss 22 02 by @​Sameerlite in BerriAI/litellm#21924
• merge main in oss 21 02 by @​Sameerlite in BerriAI/litellm#21926
• Add Noma guardrails v2 based on custom guardrails by @​TomAlon in BerriAI/litellm#21400
• Litellm dev 02 19 2026 p2 (#21871) by @​krrishdholakia in BerriAI/litellm#21872
• State management fixes for CheckBatchCost by @​ephrimstanley in BerriAI/litellm#21921
• Fix: Anthropic model wildcard access issue by @​Sameerlite in BerriAI/litellm#21917
• Litellm oss staging 02 22 2026 by @​krrishdholakia in BerriAI/litellm#21877
• Litellm oss staging 02 21 2026 by @​krrishdholakia in BerriAI/litellm#21786
• fix model cost map for anthropic fast and inference_geo by @​Sameerlite in BerriAI/litellm#21904
• Add Priority PayGo cost tracking gemini/vertex ai by @​Sameerlite in BerriAI/litellm#21909
• fix(tests): fix StopIteration in prisma self-heal cooldown test by @​jquinter in BerriAI/litellm#21938
• fix(tests): use absolute path for model_prices JSON validation test by @​jquinter in BerriAI/litellm#21939
• docs: add Google GenAI SDK tutorial (JS & Python) by @​Chesars in BerriAI/litellm#21885
• docs(ui): add pre-PR checklist to UI contributing guide by @​Chesars in BerriAI/litellm#21886
• feat: Litellm network mock by @​ryan-crabbe in BerriAI/litellm#21942
• Guardrail Monitor - measure guardrail reliability in prod by @​krrishdholakia in BerriAI/litellm#21944
• fix(tests): add INCOMPLETE to interactions status enum expected values by @​jquinter in BerriAI/litellm#21943
• feat: Singapore guardrail policies (PDPA + MAS AI Risk Management) by @​ron-zhong in BerriAI/litellm#21948
• Add OpenAI Agents SDK tutorial with LiteLLM Proxy to docs by @​Arindam200 in BerriAI/litellm#21221
• fix(tests): make RPM limit test sequential to fix race condition by @​jquinter in BerriAI/litellm#21937
• docs: add performance & reliability section to v1.81.14 release notes by @​ryan-crabbe in BerriAI/litellm#21950
• feat(videos): add variant parameter to video content download by @​nielei3 in BerriAI/litellm#21955
• Revert duplicate issue checker to text-based matching by @​ryan-crabbe in BerriAI/litellm#21961
• [Feature] UI - Blog Dropdown in Navbar by @​yuneng-jiang in BerriAI/litellm#21859
• fix(videos): pass api_key from litellm_params to video remix handlers by @​nielei3 in BerriAI/litellm#21965

... (truncated)

Commits

• See full diff in compare view

Updates mem0ai from 1.0.6 to 1.0.7

Release notes

Sourced from mem0ai's releases.

v1.0.7

What's Changed

• docs: add MiroFish integration and swarm memory cookbook documentation by @​kartik-mem0 in mem0ai/mem0#4373
• chore: remove the integration/mirofish path from docs by @​kartik-mem0 in mem0ai/mem0#4399
• fix(ollama): pass tools to client.chat and parse tool_calls from response by @​sxu75374 in mem0ai/mem0#4176
• fix(oss): normalize malformed LLM fact output before embedding by @​amahuli03 in mem0ai/mem0#4224
• refactor: improve Ollama embedder, normalize model names, add error handling, update tests by @​kartik-mem0 in mem0ai/mem0#4403
• fix: pass encoding_format='float' in OpenAI embeddings for proxy compatibility by @​AtharvaJaiswal005 in mem0ai/mem0#4058
• fix: forward tools parameter to Gemini API in GoogleLLM (#4380) by @​DhilipBinny in mem0ai/mem0#4386
• fix(ts-sdk): externalize all peerDependencies in tsup config by @​kartik-mem0 in mem0ai/mem0#4408
• feat(openclaw): improve extraction quality with noise filtering, deduplication, and better instructions by @​utkarsh240799 in mem0ai/mem0#4302
• fix(docs): add redirect rules for legacy and moved documentation pages by @​whysosaket in mem0ai/mem0#4413
• fix(reranker): support nested llm config in LLMReranker for non-OpenAI providers by @​kartik-mem0 in mem0ai/mem0#4405
• fix: add LLM provider detection and defaults to memory config by @​kartik-mem0 in mem0ai/mem0#4400
• fix: preserve http_auth in _safe_deepcopy_config for OpenSearch (#3580) by @​utkarsh240799 in mem0ai/mem0#4418
• replace hardcoded US/Pacific timezone references with timezone.utc by @​amahuli03 in mem0ai/mem0#4404
• fix: handle control characters in LLM JSON responses by @​utkarsh240799 in mem0ai/mem0#4420
• feat(test): integration test for ts-sdk by @​kartik-mem0 in mem0ai/mem0#4395
• chore: delete obsolete e2e tests by @​kartik-mem0 in mem0ai/mem0#4419
• fix: handle truncated code blocks in removeCodeBlocks function by @​kartik-mem0 in mem0ai/mem0#4421
• refactor: fix webhook create/update serialization, add payload types, and MEMORY_CATEGORIZED event by @​kartik-mem0 in mem0ai/mem0#4429
• fix: wrap vector and payload in lists for Langchain.update by @​kartik-mem0 in mem0ai/mem0#4446
• fix: prevent embedding corruption in Valkey and Redis when vector is None (#4336) by @​DhilipBinny in mem0ai/mem0#4362
• Improve SEO metadata across documentation pages by @​mintlify[bot] in mem0ai/mem0#4447
• feat: add optional API key authentication to REST API server by @​utkarsh240799 in mem0ai/mem0#4442
• fix: raise ValueError when deleting nonexistent memory by @​kartik-mem0 in mem0ai/mem0#4455
• feat: add MiniMax LLM provider (#4132) by @​Himanshu-Sangshetti in mem0ai/mem0#4431
• fix: add missing _parse_response to AzureOpenAIStructuredLLM by @​mvanhorn in mem0ai/mem0#4434
• feat: add Apache AGE graph store support by @​utkarsh240799 in mem0ai/mem0#4448
• fix: use toCamelCase in redis get method for the payload by @​Failfail2603 in mem0ai/mem0#3172
• Fix: add pgvector support to NodeJS OSS VectorStoreFactory (fixes #3491) by @​veeceey in mem0ai/mem0#3997

New Contributors

• @​sxu75374 made their first contribution in mem0ai/mem0#4176
• @​AtharvaJaiswal005 made their first contribution in mem0ai/mem0#4058
• @​mintlify[bot] made their first contribution in mem0ai/mem0#4447
• @​Himanshu-Sangshetti made their first contribution in mem0ai/mem0#4431
• @​mvanhorn made their first contribution in mem0ai/mem0#4434
• @​Failfail2603 made their first contribution in mem0ai/mem0#3172
• @​veeceey made their first contribution in mem0ai/mem0#3997

Full Changelog: mem0ai/mem0@v1.0.6...v1.0.7

Changelog

Sourced from mem0ai's changelog.

---

title: "Product Updates" description: "Latest releases, bug fixes, and improvements for the Mem0 Python and TypeScript SDKs." mode: "wide"

Bug Fixes:

• Core: Fixed control characters in LLM JSON responses causing parse failures (#4420)
• Core: Replaced hardcoded US/Pacific timezone references with timezone.utc (#4404)
• Core: Preserved http_auth in _safe_deepcopy_config for OpenSearch (#4418)
• Core: Normalized malformed LLM fact output before embedding (#4224)
• Embeddings: Pass encoding_format='float' in OpenAI embeddings for proxy compatibility (#4058)
• LLMs: Fixed Ollama to pass tools to client.chat and parse tool_calls from response (#4176)
• Reranker: Support nested LLM config in LLMReranker for non-OpenAI providers (#4405)
• Vector Stores: Cast vector_distance to float in Redis search (#4377)

Improvements:

• Embeddings: Improved Ollama embedder with model name normalization and error handling (#4403)

Bug Fixes:

• Telemetry: Fixed telemetry vector store initialization still running when MEM0_TELEMETRY is disabled (#4351)
• Core: Removed destructive vector_store.reset() call from delete_all() that was wiping the entire vector store instead of deleting only the target memories (#4349)
• OSS: OllamaLLM now respects the configured URL instead of always falling back to localhost (#4320)
• Core: Fixed KeyError when LLM omits the entities key in tool call response (#4313)
• Prompts: Ensured JSON instruction is included in prompts when using json_object response format (#4271)
• Core: Fixed incorrect database parameter handling (#3913)

Dependencies:

• Updated LangChain dependencies to v1.0.0 (#4353)
• Bumped protobuf dependency to 5.29.6 and extended upper bound to <7.0.0 (#4326)

... (truncated)

Commits

• 30661ab Fix: add pgvector support to NodeJS OSS VectorStoreFactory (fixes #3491) (#3997)
• 7ad5d6f fix: use toCamelCase in redis get method for the payload (#3172)
• 305ce7b feat: add Apache AGE graph store support (#4448)
• 4437c3e fix: add missing _parse_response to AzureOpenAIStructuredLLM (#4434)
• 54bdbde feat: add MiniMax LLM provider (#4132) (#4431)
• 2b95583 fix: raise ValueError when deleting nonexistent memory (#4455)
• 2520edb feat: add optional API key authentication to REST API server (#4442)
• f05e50d Improve SEO metadata across documentation pages (#4447)
• 401754c fix: prevent embedding corruption in Valkey and Redis when vector is None (#4...
• 7303890 fix: wrap vector and payload in lists for Langchain.update (#4446)
• Additional commits viewable in compare view

Updates pytest-cov from 7.0.0 to 7.1.0

Changelog

Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)

• Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.

• Improve handling of ResourceWarning from sqlite3.

  The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.

  With this fix one can suppress ResourceWarning from sqlite3 from command line::

  pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

• Various improvements to documentation. Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and "vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>. Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.

• Fixed some assertions in tests. Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.

• Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

Commits

• 66c8a52 Bump version: 7.0.0 → 7.1.0
• f707662 Make the examples use pypy 3.11.
• 6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
• 8ebf20b Update changelog.
• 861d30e Remove the backup context manager - shouldn't be needed since coverage 5.0, ...
• fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
• 78c9c4e Only run the 3.9 on older deps.
• 4849a92 Punctuation.
• 197c35e Update changelog and hopefully I don't forget to publish release again :))
• 14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 2 package(s) with unknown licenses.

See the Details below.

License Issues

uv.lock

Package	Version	License	Issue Type
litellm	1.82.6	Null	Unknown License
pytest-cov	7.1.0	Null	Unknown License

Allowed Licenses:

MIT, MIT-0, Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC, MPL-2.0, PSF-2.0, Unlicense, 0BSD, CC0-1.0, Python-2.0, Python-2.0.1, LicenseRef-scancode-free-unknown, LicenseRef-scancode-protobuf, LicenseRef-scancode-google-patent-license-golang, ZPL-2.1, LGPL-2.0-only, LGPL-2.1-only, LGPL-3.0-only, LGPL-3.0-or-later, BlueOak-1.0.0

Excluded from license check:

pkg:pypi/mem0ai@1.0.5, pkg:pypi/numpy@2.4.3, pkg:pypi/qdrant-client@1.17.0, pkg:pypi/posthog@7.9.12, pkg:npm/@img/sharp-wasm32@0.33.5, pkg:npm/@img/sharp-win32-ia32@0.33.5, pkg:npm/@img/sharp-win32-x64@0.33.5

OpenSSF Scorecard

Package	Version	Score	Details
pip/litellm	1.82.6	Unknown	Unknown
pip/mem0ai	1.0.7	Unknown	Unknown
pip/pytest-cov	7.1.0	Unknown	Unknown

Scanned Files

• uv.lock

[Aureliolo]

Changelog reviewed (litellm 1.82.4->1.82.6, mem0ai 1.0.6->1.0.7, pytest-cov 7.0.0->7.1.0). mem0ai fixes are beneficial -- malformed LLM output normalization, control character handling, UTC timezone fix. pytest-cov fixes coverage computation consistency (relevant for --cov-fail-under). All tests pass.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.26%. Comparing base (7887257) to head (afe6939).
⚠️ Report is 5 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #734   +/-   ##
=======================================
  Coverage   92.26%   92.26%           
=======================================
  Files         573      573           
  Lines       29608    29608           
  Branches     2868     2868           
=======================================
  Hits        27318    27318           
  Misses       1810     1810           
  Partials      480      480           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.