Skip to content

build(deps): bump mem0ai from 0.1.117 to 2.0.12 in /sdk#3278

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/pip/sdk/mem0ai-2.0.7
Open

build(deps): bump mem0ai from 0.1.117 to 2.0.12 in /sdk#3278
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/pip/sdk/mem0ai-2.0.7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 19, 2026

Copy link
Copy Markdown

Bumps mem0ai from 0.1.117 to 2.0.12.

Release notes

Sourced from mem0ai's releases.

Mem0 Python SDK (v2.0.12)

New Features:

  • Memory (OSS): Accept text in Memory.update() and AsyncMemory.update(). data still works but is now deprecated, so prefer text in new code (#6044)

Bug Fixes:

  • Core: Coerce non-string entity IDs (user_id, agent_id, run_id) instead of crashing on .strip(), so passing an integer ID no longer raises AttributeError (#6206)
  • Core: Stop requiring langchain-core for the default async procedural memory path. The optional dependency is now only imported when you pass a custom LangChain LLM, matching the sync behavior (#6209)
  • Client: Encode dynamic URL path segments so IDs containing special characters no longer produce malformed requests (#5963)
  • LLMs: Skip temperature and top_p for newer Anthropic models that reject sampling parameters. Detection is automatic per model family and version, and the new enable_sampling_parameters config flag overrides it (#6211)
  • Vector Stores: Stop writing internal OutputData model fields as properties on Weaviate update() (#6149)
  • Vector Stores: Improve wildcard search handling in Milvus (#6187)
  • Vector Stores: Keep env-resolved Upstash Vector credentials after config validation. An env-var-only config previously passed validation and then failed to build (#5811)
  • Vector Stores: Restore the previous payload when a Neptune Analytics vector upsert fails inside update(), so a partial write can no longer leave the payload and embedding out of sync (#5824)

Changes:

  • LLMs: The Together default model is now MiniMaxAI/MiniMax-M3 (was mistralai/Mixtral-8x7B-Instruct-v0.1) (#6049)
  • LLMs: The xAI default model is now grok-4.3 (was grok-2-latest) (#6115)
  • Embeddings: The Together default embedding model is now intfloat/multilingual-e5-large-instruct at 1024 dimensions (was togethercomputer/m2-bert-80M-8k-retrieval at 768). If you use the Together embedder without pinning model, existing vectors were written at the old dimension: either re-embed them, or pin model and embedding_dims to the old values (#5989)
  • Rerankers: The Cohere default rerank model is now rerank-v3.5 (was rerank-english-v3.0) (#6055)

Security:

  • Vector Stores: Fix SQL and Cypher injection vulnerabilities in the PGVector, Azure MySQL, and Neptune providers (#4878)
  • Vector Stores: Validate Elasticsearch filter keys and values to prevent term query injection (#5980)
  • Dependencies: Require transformers>=5.3.0 to remediate GHSA-29pf-2h5f-8g72 (CVE-2026-4372) (#6110)

Mem0 Python SDK (v2.0.11)

Bug Fixes:

  • Embeddings: Guard against an embed_batch count mismatch in the OpenAI and Azure OpenAI embedders (#5966)
  • Memory: Re-raise LLM extraction failures instead of silently returning [] (#5878)
  • Vector Stores: Normalize vectors for the cosine distance strategy in FAISS (#5960)

Security:

  • Vector Stores: Validate OpenSearch filter values to prevent term query injection (#5986)
  • Vector Stores: Validate value types and escape quotes in Azure AI Search OData filters (#5983)
  • Vector Stores: Validate Databricks catalog/schema/table identifiers to prevent SQL injection (#5988)
  • Graph: Escape Neptune filter values in openCypher queries to prevent injection (#5982)

Mem0 Python SDK (v2.0.10)

New Features:

  • Client: Expose expiration_date on MemoryClient.update() and AsyncMemoryClient.update() — callers can now set or clear a memory's expiration date; None is preserved and forwarded to the API (#5874)

Bug Fixes:

  • Memory (OSS): Apply remove_code_blocks() to the LangChain path in async _create_procedural_memory so code fences are stripped consistently (#5711)
  • Rerankers: Score HuggingFace cross-encoder results with per-document sigmoid instead of set-relative min-max, preventing a single low-score document from collapsing all relevance scores to zero (#5715)
  • Core: Validate and trim entity IDs (user_id, agent_id, run_id) in delete_all() for both sync and async Memory (#5735)
  • Vector Stores: Use .get() for hash and created_at in the Redis insert() and update() paths so entity payloads that omit those fields no longer raise KeyError (#5709)
  • Memory: Fix scale-threshold notices not firing for Redis and search-engine backends by resolving col_info() signature differences and adding num_docs to the count-extraction lookup (#5687)

... (truncated)

Commits
  • 42cf18c chore: update changelog, bump SDK versions to Python 2.0.12 and TypeScript 3....
  • d89793b refactor(ts-sdk): lazy-load optional provider SDKs so importing mem0ai/oss ne...
  • 1783674 feat(vector-stores): add Databricks provider to TypeScript OSS SDK (#5824)
  • c9af559 fix(anthropic): Remove sampling parameters when using new model. (#6211)
  • f69f8dc fix(weaviate): don't write OutputData model fields as properties on update (#...
  • 28e4d81 fix(ts-sdk): re-raise LLM extraction transport failures instead of returning ...
  • 1d383c4 fix(vector-stores): improve milvus wildcard search (#6187)
  • 8488abe docs: correct custom categories, per-call custom_categories is supported (#6218)
  • 49863e9 docs: add a dedicated Memory Expiration page (#6194)
  • 770ce97 fix(core): coerce non-string entity ids instead of crashing on .strip() (#6206)
  • Additional commits viewable in compare view

@dependabot @github

dependabot Bot commented on behalf of github Jun 19, 2026

Copy link
Copy Markdown
Author

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Comment thread sdk/pyproject.toml Outdated
"paramiko>=3.4.0",
"linkup-sdk",
"mem0ai==0.1.117",
"mem0ai==2.0.7",

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

mem0ai 从 0.1.117 升级到 2.0.7 是 major version bump(从 0.x 到 2.x),这意味着 API 可能有大量不兼容变更。从 release notes 看,v2 重构了 vector store 接口、修复了大量 crash 问题。请确认项目中 mem0ai 的调用代码是否已适配 v2 API,特别是 Memory 初始化和 vector store 配置部分。

Bumps [mem0ai](https://github.com/mem0ai/mem0) from 0.1.117 to 2.0.12.
- [Release notes](https://github.com/mem0ai/mem0/releases)
- [Commits](mem0ai/mem0@0.1.117...v2.0.12)

---
updated-dependencies:
- dependency-name: mem0ai
  dependency-version: 2.0.7
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot changed the base branch from main to develop July 14, 2026 03:14
@dependabot
dependabot Bot force-pushed the dependabot/pip/sdk/mem0ai-2.0.7 branch from 42b3b70 to 6b1925c Compare July 14, 2026 03:14
@dependabot dependabot Bot changed the title chore(deps): bump mem0ai from 0.1.117 to 2.0.7 in /sdk build(deps): bump mem0ai from 0.1.117 to 2.0.12 in /sdk Jul 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant