chore(deps): bump the all-dependencies group with 4 updates

[dependabot]

Bumps the all-dependencies group with 4 updates: cryptography, google-cloud-aiplatform, openai and sentence-transformers.

Updates cryptography from 46.0.3 to 46.0.4

Changelog

Sourced from cryptography's changelog.

46.0.4 - 2026-01-27

* `Dropped support for win_arm64 wheels`_.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.5.
.. _v46-0-3:

Commits

• e6f44fc bump for 46.0.4 and drop win arm64 due to CI issues (#14217)
• See full diff in compare view

Updates google-cloud-aiplatform from 1.134.0 to 1.135.0

Release notes

Sourced from google-cloud-aiplatform's releases.

v1.135.0

1.135.0 (2026-01-27)

Features

• Add ComputationBasedMetricSpec to support metrics like EXACT_MATCH, BLEU, and ROUGE in EvaluationRun configurations. (9d32dd5)
• Add autoscaling_target_dcgm_fi_dev_gpu_util, autoscaling_target_vllm_gpu_cache_usage_perc, autoscaling_target_vllm_num_requests_waiting options in model deployment on Endpoint & Model classes. (0179aa5)
• Add optimize and launch_optimization_job methods to prompts module (044c3fa)
• List all Model Garden models (54260fd)
• RAG - Add Serverless and Spanner modes in preview. (79da831)
• Remove experimental warning from sandboxes and add specific warning for non-code execution sandboxes. (7d31d13)
• Update the v1 service definition to add embedding_metadata. (8f5bfc5)

Documentation

• Update prompt optimizer code in readme to use methods from prompts module (4636507)

Changelog

Sourced from google-cloud-aiplatform's changelog.

1.135.0 (2026-01-27)

Features

• Add ComputationBasedMetricSpec to support metrics like EXACT_MATCH, BLEU, and ROUGE in EvaluationRun configurations. (9d32dd5)
• Add autoscaling_target_dcgm_fi_dev_gpu_util, autoscaling_target_vllm_gpu_cache_usage_perc, autoscaling_target_vllm_num_requests_waiting options in model deployment on Endpoint & Model classes. (0179aa5)
• Add optimize and launch_optimization_job methods to prompts module (044c3fa)
• List all Model Garden models (54260fd)
• RAG - Add Serverless and Spanner modes in preview. (79da831)
• Remove experimental warning from sandboxes and add specific warning for non-code execution sandboxes. (7d31d13)
• Update the v1 service definition to add embedding_metadata. (8f5bfc5)

Documentation

• Update prompt optimizer code in readme to use methods from prompts module (4636507)

Commits

• 6843d32 chore(main): release 1.135.0 (#6272)
• b7fde37 chore: Validate run_name in Vertex Tensorboard profile uploader.
• 54260fd feat: list all Model Garden models
• 4636507 docs: Update prompt optimizer code in readme to use methods from prompts module
• 7d31d13 feat: Remove experimental warning from sandboxes and add specific warning for...
• 79da831 feat: RAG - Add Serverless and Spanner modes in preview.
• 044c3fa feat: Add optimize and launch_optimization_job methods to prompts module
• 2ad5a2e chore: Fix failing flaky tests
• 0179aa5 feat: Add autoscaling_target_dcgm_fi_dev_gpu_util, autoscaling_target_vllm_gp...
• 888c408 chore: Look up the agent engine specific env var for location if available
• Additional commits viewable in compare view

Updates openai from 2.15.0 to 2.16.0

Release notes

Sourced from openai's releases.

v2.16.0

2.16.0 (2026-01-27)

Full Changelog: v2.15.0...v2.16.0

Features

• api: api update (b97f9f2)
• api: api updates (9debcc0)
• client: add support for binary request streaming (49561d8)

Bug Fixes

• api: mark assistants as deprecated (0419cbc)

Chores

• ci: upgrade actions/github-script (5139f13)
• internal: update actions/checkout version (f276714)

Documentation

• examples: update Azure Realtime sample to use v1 API (#2829) (3b31981)

Changelog

Sourced from openai's changelog.

2.16.0 (2026-01-27)

Full Changelog: v2.15.0...v2.16.0

Features

• api: api update (b97f9f2)
• api: api updates (9debcc0)
• client: add support for binary request streaming (49561d8)

Bug Fixes

• api: mark assistants as deprecated (0419cbc)

Chores

• ci: upgrade actions/github-script (5139f13)
• internal: update actions/checkout version (f276714)

Documentation

• examples: update Azure Realtime sample to use v1 API (#2829) (3b31981)

Commits

• dc68b90 release: 2.16.0
• c7f70bd fix videos
• eaab2f5 feat(api): api updates
• d167d14 docs(examples): update Azure Realtime sample to use v1 API (#2829)
• 8be9907 fix breaking change detection with deprecations
• dc93407 fix helper
• d499f4f fix(api): mark assistants as deprecated
• f424d7b chore(ci): upgrade actions/github-script
• 84e0c1d Update README models to gpt-5.2
• 3d93d66 codegen metadata
• Additional commits viewable in compare view

Updates sentence-transformers from 5.2.0 to 5.2.2

Release notes

Sourced from sentence-transformers's releases.

v5.2.2 - Replace mandatory requests dependency with optional httpx dependency

This patch release replaces mandatory requests dependency with an optional httpx dependency.

Install this version with

# Training + Inference
pip install sentence-transformers[train]==5.2.2
Inference only, use one of:
pip install sentence-transformers==5.2.2
pip install sentence-transformers[onnx-gpu]==5.2.2
pip install sentence-transformers[onnx]==5.2.2
pip install sentence-transformers[openvino]==5.2.2

Transformers v5 Support

Transformers v5.0 and its required huggingface_hub versions have dropped support of requests in favor of httpx. The former was also used in sentence-transformers, but not listed explicitly as a dependency. This patch removes the use of requests in favor of httpx, although it's now optional and not automatically imported. This should also save some import time.

Importing Sentence Transformers should now not crash if requests is not installed.

All Changes

• [deps] Replace requests dependency with optional httpx dependency by @​tomaarsen (huggingface/sentence-transformers#3618)

Full Changelog: huggingface/sentence-transformers@v5.2.1...v5.2.2

v5.2.1 - Joint Transformers v4 and v5 compatibility

This patch release adds support for the full Transformers v5 release.

Install this version with

# Training + Inference
pip install sentence-transformers[train]==5.2.1
Inference only, use one of:
pip install sentence-transformers==5.2.1
pip install sentence-transformers[onnx-gpu]==5.2.1
pip install sentence-transformers[onnx]==5.2.1
pip install sentence-transformers[openvino]==5.2.1

Transformers v5 Support

Sentence Transformers v5.2.0 already introduced support for the Transformers v5.0 release candidates, but this release is adding support for the full release. The intention is to maintain backward compatibility with v4.x. The library includes dual CI testing for both version for now, allowing users to upgrade to the newest Transformers features when ready. In future versions, Sentence Transformers may start requiring Transformers v5.0 or higher.

All Changes

• Introduce compatibility with transformers 5.0.0rc01 by @​tomaarsen (huggingface/sentence-transformers#3597)
• Specify numpy manually in dependencies, as it's directly used/imported by @​tomaarsen (huggingface/sentence-transformers#3608)
• Expand test suite to full transformers v5 by @​tomaarsen (huggingface/sentence-transformers#3615)

... (truncated)

Commits

• f7f7506 Release v5.2.2
• c78ecf3 [deps] Replace requests dependency with optional httpx dependency (#3618)
• 18ec0d6 Release v5.2.1
• 9db10fe [compat] Expand test suite to full transformers v5 (#3615)
• a1ed1ef Specify numpy manually in dependencies, as it's directly used/imported (#3608)
• 08cada0 docs: fix typo in custom models: reemain -> remain (#3596)
• 2366203 Introduce compatibility with transformers 5.0.0rc01 (#3597)
• 631b085 Merge branch 'main' into v5.2-release
• 0277f4b Turn mine_hard_negatives into a clickable link in index.rst (#3593)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions