chore(deps): bump the all-dependencies group in /python/agents/software-bug-assistant with 3 updates

[dependabot]

Bumps the all-dependencies group in /python/agents/software-bug-assistant with 3 updates: google-adk, python-dotenv and toolbox-core.

Updates google-adk from 1.3.0 to 1.15.1

Release notes

Sourced from google-adk's releases.

Release 1.15.1

1.15.1 (2025-09-26)

Bug Fixes

• Fix the deployment failure for Agent Engine (e172811)

Release 1.15.0

1.15.0 (2025-09-24)

Features

• [Core]
  • Adding the ContextFilterPlugin (a06bf27)
  • Adds plugin to save artifacts for issue #2176 (657369c)
  • Expose log probs of candidates in LlmResponse (f7bd3c1)
• [Context Caching]
  • Support context caching (c66245a)

    • Support explicit context caching auto creation and lifecycle management.

      Usage: App(root_agent=..., plugins=..., context_cache_config=...)

  • Support non-text content in static instruction (61213ce)
  • Support static instructions (9be9cc2)

    • Support static instruction that won't change, put at the beginning of the instruction. Static instruction support inline_data and file_data as contents. Dynamic instruction moved to the end of LlmRequest, increasing prefix caching matching size.

      Usage: LlmAgent(model=...,static_instruction =types.Content(parts=...), ... )

• [Telemetry]
  • Add --otel_to_cloud experimental support (1ae0b82, b131268, 7870480)
  • Add GenAI Instrumentation if --otel_to_cloud is enabled (cee365a)
  • Support standard OTel env variables for exporter endpoints (f157b2e)
  • Temporarily disable Cloud Monitoring integration in --otel_to_cloud (3b80337)
• [Services]
  • Add endpoint to generate memory from session (2595824)
• [Tools]
  • Add Google Maps Grounding Tool to ADK (6b49391)
  • MCP: Initialize tool_name_prefix in MCPToolse (86dea5b)
• [Evals]
  • Data model for storing App Details and data model for steps (01923a9)
  • Adds Rubric based final response evaluator (5a485b0)
  • Populate AppDetails to each Invocation (d486795)
• [Samples]
  • Make the bigquery sample agent run with ADC out-of-the-box (10cf377)

Bug Fixes

... (truncated)

Changelog

Sourced from google-adk's changelog.

1.15.1 (2025-09-26)

Bug Fixes

• Fix the deployment failure for Agent Engine (e172811)

1.15.0 (2025-09-24)

Features

• [Core]
  • Adding the ContextFilterPlugin (a06bf27)
  • Adds plugin to save artifacts for issue #2176 (657369c)
  • Expose log probs of candidates in LlmResponse (f7bd3c1)
• [Context Caching]
  • Support context caching (c66245a)

    • Support explicit context caching auto creation and lifecycle management.

      Usage: App(root_agent=..., plugins=..., context_cache_config=...)

  • Support non-text content in static instruction (61213ce)
  • Support static instructions (9be9cc2)

    • Support static instruction that won't change, put at the beginning of the instruction. Static instruction support inline_data and file_data as contents. Dynamic instruction moved to the end of LlmRequest, increasing prefix caching matching size.

      Usage: LlmAgent(model=...,static_instruction =types.Content(parts=...), ... )

• [Telemetry]
  • Add --otel_to_cloud experimental support (1ae0b82, b131268, 7870480)
  • Add GenAI Instrumentation if --otel_to_cloud is enabled (cee365a)
  • Support standard OTel env variables for exporter endpoints (f157b2e)
  • Temporarily disable Cloud Monitoring integration in --otel_to_cloud (3b80337)
• [Services]
  • Add endpoint to generate memory from session (2595824)
• [Tools]
  • Add Google Maps Grounding Tool to ADK (6b49391)
  • MCP: Initialize tool_name_prefix in MCPToolse (86dea5b)
• [Evals]
  • Data model for storing App Details and data model for steps (01923a9)
  • Adds Rubric based final response evaluator (5a485b0)
  • Populate AppDetails to each Invocation (d486795)
• [Samples]
  • Make the bigquery sample agent run with ADC out-of-the-box (10cf377)

Bug Fixes

• Close runners after running eval (86ee6e3)
• Filter out thought parts when saving agent output to state (632bf8b)

... (truncated)

Commits

• e172811 fix: unbreak client closed errors when using vertexai session service
• da6f1d3 chore: Release ADK 1.15.0
• 2c75293 feat: Skip running a workflow agent if it has no sub-agents
• b2b80e7 feat: Pause invocations on long running function calls for resumable apps
• dd1ffad chore: Update google-genai version constraint
• 8b08175 feat: Add core checkpointing primitive for base agent
• b5a65fb chore: Remove the too-detailed edge case descriptions for resumability
• 839d2e4 feat: Define an AgentState to be used for resuming agent invocation
• 1589fcd chore: Replace github HTTP URIs with GCS HTTP URIs in static non-text content...
• e7528ae feat(otel): adjust telemetry to follow OTLP 1.37 GenAI semconv
• Additional commits viewable in compare view

Updates python-dotenv from 1.1.0 to 1.1.1

Release notes

Sourced from python-dotenv's releases.

v1.1.1

What's Changed

• fix: ensure find_dotenv work reliably on python 3.13 by @​theskumar in theskumar/python-dotenv#563
• fix(cli): issue with execvpe on Windows by @​wrongontheinternet in theskumar/python-dotenv#566

New Contributors

• @​wrongontheinternet made their first contribution in theskumar/python-dotenv#566

Full Changelog: theskumar/python-dotenv@v1.1.0...v1.1.1

Changelog

Sourced from python-dotenv's changelog.

[1.1.1] - 2025-06-24

Fixed

• CLI: Ensure find_dotenv work reliably on python 3.13 by [@​theskumar] in #563
• CLI: revert the use of execvpe on Windows by [@​wrongontheinternet] in #566

Commits

• 16e660d Bump version: 1.1.0 → 1.1.1
• 667e82f update changelog
• 9d85edb fix(cli): issue with execvpe on Windows (#566)
• 8411987 fix: ensure find_dotenv work reliably on python 3.13 (#563)
• 01f8997 docs update
• See full diff in compare view

Updates toolbox-core from 0.1.0 to 0.5.2

Release notes

Sourced from toolbox-core's releases.

toolbox-core: v0.5.2

0.5.2 (2025-09-22)

Miscellaneous Chores

• deps: update python-nonmajor (#372) (d915624)

toolbox-core: v0.5.1

0.5.1 (2025-09-17)

Bug Fixes

• toolbox-core: Use typing.Annotated for reliable parameter descriptions instead of docstrings (#371) (eb76680)

Documentation

• Update langgraph sample in toolbox-core (#366) (fe35082)

Miscellaneous Chores

• Remove redundant test for test_add_auth_token_getter_unused_token (#347) (dccaf1b)
• Remove duplicate header check during initialization (#357) (888170b)

toolbox-core: v0.5.0

0.5.0 (2025-08-19)

⚠ BREAKING CHANGES

• core: Use ValueError for missing 'items' in array parameters (#325)

Features

• core: Add support for map parameter type (#324) (6455ae3)

Bug Fixes

• add optional clock_skew parameter to token helpers (#333) (aa0664f)
• core: Use ValueError for missing 'items' in array parameters (#325) (b43409e)

Documentation

• Enhance DEVELOPER.md for improved contribution guidelines (#316) (1d2be43)

... (truncated)

Commits

• 281b9b4 chore: release main (#373)
• 30a3ea9 Revert "fix(toolbox-core): Use typing.Annotated for reliable parameter descri...
• d915624 chore(deps): update python-nonmajor (#372)
• 4862720 chore: release main (#343)
• b473a2b chore(deps): update dependency pytest-cov to v7 (#361)
• c3e8ff6 chore(deps): update python-nonmajor (#368)
• eb76680 fix(toolbox-core): Use typing.Annotated for reliable parameter descriptions i...
• fe35082 docs: Update langgraph sample in toolbox-core (#366)
• d9f9c02 chore(deps): update python-nonmajor (#367)
• 734c624 test(core): add test for overriding client header by the auth token getter (#...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: python. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml