Bump openai-agents from 0.0.7 to 0.17.4 in /openai-agents

[dependabot]

Bumps openai-agents from 0.0.7 to 0.17.4.

Release notes

Sourced from openai-agents's releases.

v0.17.4

What's Changed

• feat: support Realtime custom voice objects by @​lionel-oai in openai/openai-agents-python#3473
• fix: #3459 add opt-in recovery for missing function tools by @​seratch in openai/openai-agents-python#3461
• fix: apply hardened http client default to MCP SSE transport by @​ioleksiuk in openai/openai-agents-python#3466
• fix: use non-None value for output in FunctionSpanData by @​rmotgi1227 in openai/openai-agents-python#3475
• fix: add missing entries to span slots by @​rmotgi1227 in openai/openai-agents-python#3483
• fix: redact invalid JSON payload in ModelBehaviorError data by @​LeSingh1 in openai/openai-agents-python#3485
• fix: export more tracing related functions & types from agents by @​rmotgi1227 in openai/openai-agents-python#3489
• fix: export MCPListToolsItem, ToolSearchCallItem, and ToolSearchOutputItem from agents by @​rmotgi1227 in openai/openai-agents-python#3490

Documentation & Other Changes

• Release 0.17.4 by @​github-actions[bot] in openai/openai-agents-python#3505

New Contributors

• @​rmotgi1227 made their first contribution in openai/openai-agents-python#3475

Full Changelog: openai/openai-agents-python@v0.17.3...v0.17.4

v0.17.3

What's Changed

• fix: keep mountpoint credentials out of sandbox commands by @​seratch in openai/openai-agents-python#3429
• fix: unify memory optional dependency import errors by @​seratch in openai/openai-agents-python#3389
• fix: guard None text in text_message_output and add output guardrail count to RunErrorDetails by @​zhoufengen in openai/openai-agents-python#3375
• fix: avoid mutating FunctionTool params_json_schema by @​ioleksiuk in openai/openai-agents-python#3382
• fix: avoid mutating codex output schema input by @​ioleksiuk in openai/openai-agents-python#3385
• fix: #3357 output schema names for Literal types by @​Aphroq in openai/openai-agents-python#3358
• fix: skip wait_for_status when Vercel sandbox is in a terminal state by @​cty-ut in openai/openai-agents-python#3410
• fix: filter hosted_tool_call types in remove_all_tools handoff filter by @​ioleksiuk in openai/openai-agents-python#3386
• fix: guard None text in ItemHelpers.extract_last_content by @​ioleksiuk in openai/openai-agents-python#3394
• fix: log exception when output guardrail raises instead of silently ignoring by @​cty-ut in openai/openai-agents-python#3411
• fix: reject relative sandbox workspace roots by @​matthewflint in openai/openai-agents-python#3422
• fix: normalize leading question marks in exposed port queries by @​matthewflint in openai/openai-agents-python#3424
• fix: #3363 honor short custom voice splitter chunks by @​Aphroq in openai/openai-agents-python#3364
• fix: runtime handling updates by @​adrianbravo-oai @​ioleksiuk in openai/openai-agents-python#3451

Documentation & Other Changes

• docs: add SDK review guidance by @​seratch in openai/openai-agents-python#3376
• docs: mark Agent.instructions as optional by @​ioleksiuk in openai/openai-agents-python#3384
• docs: translate all pages using new settings by @​seratch in openai/openai-agents-python#3392
• docs: document auto_previous_response_id by @​ioleksiuk in openai/openai-agents-python#3383
• docs: fix LiteLLM API reference redirect by @​ynachiket in openai/openai-agents-python#3444
• docs: fix duplicated word in usaspending glossary example by @​LeSingh1 in openai/openai-agents-python#3445
• chore: clean up CI jobs and update uv pin by @​seratch in openai/openai-agents-python#3400
• ci: harden release tag workflow by @​hintz-openai in openai/openai-agents-python#3399
• Release 0.17.3 by @​github-actions[bot] in openai/openai-agents-python#3417

... (truncated)

Changelog

Sourced from openai-agents's changelog.

Release process/changelog

The project follows a slightly modified version of semantic versioning using the form 0.Y.Z. The leading 0 indicates the SDK is still evolving rapidly. Increment the components as follows:

Minor (Y) versions

We will increase minor versions Y for breaking changes to any public interfaces that are not marked as beta. For example, going from 0.0.x to 0.1.x might include breaking changes.

If you don't want breaking changes, we recommend pinning to 0.0.x versions in your project.

Patch (Z) versions

We will increment Z for non-breaking changes:

• Bug fixes
• New features
• Changes to private interfaces
• Updates to beta features

Breaking change changelog

0.17.0

In this version, sandbox local source materialization keeps LocalFile.src and LocalDir.src within the materialization base_dir unless the source path is covered by Manifest.extra_path_grants. The base_dir is the SDK process current working directory when the manifest is applied; relative local sources are resolved from that directory, while absolute local sources must already be inside it or under an explicit grant. This closes a local artifact boundary issue, but it can affect applications that intentionally copy trusted host files or directories from outside that base directory into a sandbox workspace.

To migrate, grant trusted host roots at the manifest level with SandboxPathGrant, preferably as read-only when the sandbox only needs to read those files:

from pathlib import Path
from agents.sandbox import Manifest, SandboxPathGrant
from agents.sandbox.entries import Dir, LocalDir
This is an absolute host path outside the SDK process base_dir.
TRUSTED_DOCS_ROOT = Path("/opt/my-app/docs")
manifest = Manifest(
extra_path_grants=(
# This host root is outside the SDK process base_dir, so the manifest must grant it.
SandboxPathGrant(path=str(TRUSTED_DOCS_ROOT), read_only=True),
),
entries={
# No grant is needed for local sources that stay under the SDK process base_dir.
"fixtures": LocalDir(src=Path("fixtures"), description="Local test fixtures."),
# This entry reads from the granted host root and copies it into the sandbox workspace.
"docs": LocalDir(src=TRUSTED_DOCS_ROOT, description="Trusted local documents."),
# Dir creates a sandbox workspace directory; it does not read from the host filesystem.
"output": Dir(description="Generated artifacts."),
},
)
</tr></table>

... (truncated)

Commits

• 6d5b888 Release 0.17.4 (#3505)
• 9a92ea4 Support Realtime custom voice objects (#3473)
• fedc809 fix: export MCPListToolsItem, ToolSearchCallItem, and ToolSearchOutputItem fr...
• 573530f fix: export more tracing related functions & types from agents (#3489)
• 813a003 fix: redact invalid JSON payload in ModelBehaviorError data (#3485)
• eda7b51 fix: add missing entries to span slots (#3483)
• 45effb4 fix: #3459 add opt-in recovery for missing function tools (#3461)
• 9303389 fix: use non-None value for output in FunctionSpanData (#3475)
• 9514473 fix: apply hardened http client default to MCP SSE transport (#3466)
• 445ad22 docs: add SECURITY.md in the same way with openai-agents-js repo
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)