Conversation
Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Luca Muscariello <muscariello@ieee.org> Co-authored-by: Yaroslav <yarolegovich@gmail.com> Co-authored-by: Agent2Agent (A2A) Bot <a2a-bot@google.com> Co-authored-by: agil.yolchuyev <agilyolchuyev@outlook.com> Co-authored-by: yolagil <agil@peotic.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Holt Skinner <13262395+holtskinner@users.noreply.github.com> Co-authored-by: Luca Muscariello <muscariello@ieee.org> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
…the specification (a2aproject#511) Commit: a2aproject/A2A@0a9f629 This PR introduces support for the new `tasks/list` method, including: - Automatically generated type definitions from the specification. - Complete client-side and server-side implementations. Fixes a2aproject#515 🦕 --------- Co-authored-by: lkawka <lkawka@google.com> Co-authored-by: lkawka <luk.kawka@gmail.com> Co-authored-by: Holt Skinner <13262395+holtskinner@users.noreply.github.com>
Co-authored-by: Iva Sokolaj <102302011+sokoliva@users.noreply.github.com> Co-authored-by: Agent2Agent (A2A) Bot <a2a-bot@google.com> Co-authored-by: Tadaki Asechi <127199356+TadakiAsechi@users.noreply.github.com> Co-authored-by: tadaki <tadaki.asechi@gmail.com> Co-authored-by: Holt Skinner <13262395+holtskinner@users.noreply.github.com> Co-authored-by: TadakiAsechi <tadaki.asechi@icould.com> Co-authored-by: TadakiAsechi <tadaki.asechi@iclould.com>
## Summary This PR migrates the a2a-python SDK from Pydantic-based types to protobuf-generated types, completing the upgrade to A2A v1.0. Fixes a2aproject#559 ## Breaking Changes - Replace Pydantic-based type system with protobuf types from `a2a_pb2` - Update `Part` usage from `Part(root=TextPart(text=...))` to `Part(text=...)` - Update `Role` enum from `Role.user`/`Role.agent` to `Role.ROLE_USER`/`Role.ROLE_AGENT` - Update `TaskState` enum to use `TASK_STATE_*` prefix ## Changes - Update all source files to use proto types directly from `a2a_pb2` - Replace `model_dump()` with `MessageToDict()` for JSON serialization - Replace `model_copy(deep=True)` with `CopyFrom()` for proto cloning - Add new types module with proto imports and SDK-specific extras - Add `proto_utils` module with identity conversion utilities - Fix REST handler resource name formats for push notification configs - Fix gRPC handler to use `SubscribeToTask` instead of `TaskSubscription` - Fix database task store to handle proto objects from ORM - Update all test files for proto patterns and assertions - Fix spelling check failures by updating allow list - Fix inclusive language check failures: - Replace `master` with `main` in documentation - Rename `Dummy` classes to `Mock` in tests ## Testing - **601 tests passing** - 23 tests skipped (expected - require DB connections or cryptography deps) ## Related Builds on top of PR a2aproject#556 Release-As: 1.0.0 --------- Signed-off-by: Luca Muscariello <muscariello@ieee.org> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Sam Betts <1769706+Tehsmash@users.noreply.github.com> Co-authored-by: Lukasz Kawka <luk.kawka@gmail.com> Co-authored-by: Agent2Agent (A2A) Bot <a2a-bot@google.com> Co-authored-by: Didier Durand <2927957+didier-durand@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Iva Sokolaj <102302011+sokoliva@users.noreply.github.com> Co-authored-by: Will Chen <36873565+chenweiyang0204@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
# Description Do not use `NULLS LAST` which is not available in MySQL, coalesce nulls to empty strings which will appear last in descending ordering (there are tests for this behavior already, however CI wasn't enabled for this branch). Currently `NULLS LAST` fails MySQL tests: ``` (1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'NULLS LAST, tasks.id DESC \n LIMIT 51' at line 3") ``` ([actions run](https://github.com/a2aproject/a2a-python/actions/runs/21520017047/job/62008309612?pr=651)) Enable tests run against `1.0-dev` to prevent it in the future. Re a2aproject#511 Fixes a2aproject#652 --- Mark as "refactor" for release please as it's a fix for a non-released feature, hence shouldn't get into a changelog. BEGIN_COMMIT_OVERRIDE refactor: use MySQL compatible syntax in list tasks END_COMMIT_OVERRIDE
# Conflicts: # CHANGELOG.md # tests/client/transports/test_rest_client.py # tests/utils/test_proto_utils.py
# Description Merge `main` into `1.0-dev` through an intermediate branch to resolve conflicts. Opening a PR from `main` to `1.0-dev` required pushing to `main` to resolve conflicts. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Iva Sokolaj <102302011+sokoliva@users.noreply.github.com> Co-authored-by: Agent2Agent (A2A) Bot <a2a-bot@google.com> Co-authored-by: Tadaki Asechi <127199356+TadakiAsechi@users.noreply.github.com> Co-authored-by: tadaki <tadaki.asechi@gmail.com> Co-authored-by: Holt Skinner <13262395+holtskinner@users.noreply.github.com> Co-authored-by: TadakiAsechi <tadaki.asechi@icould.com> Co-authored-by: TadakiAsechi <tadaki.asechi@iclould.com> Co-authored-by: ShishirRmc <113575088+ShishirRmc@users.noreply.github.com> Co-authored-by: Lukasz Kawka <luk.kawka@gmail.com> Co-authored-by: Didier Durand <2927957+didier-durand@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Will Chen <36873565+chenweiyang0204@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: Vinay Ramesh <vinay.r.ramesh@gmail.com>
# Description Run linter on `1.0-dev`.
This reverts commit 40613ed. Should be merged without squashing
…#665) ## Description Updates the SDK to support the A2A Protocol v1.0.0-rc specifications. ## Changes - **Protocol Update**: Updated core types, definitions, `Client`, and `Server` implementations to match Protocol v1.0.0-rc. - **Bug Fixes**: - Fixed `RestTransport` URL construction. - Resolved `pyright`, `ruff`, and `mypy` linting errors across the codebase. - Fixed import resolution issues for optional dependencies (`grpc`, `sqlalchemy`, `opentelemetry`). - **Tests**: - Fixed all failing unit and integration tests. - Added support for running PostgreSQL and MySQL integration tests (verified locally). - **Cleanup**: Removed redundant `pyrightconfig.json`. ## Testing - All unit and integration tests are passing. - Database integration tests verified locally with Docker containers (docker-compose file was used for verification but is not included in the repo). Re a2aproject#559 --------- Signed-off-by: Luca Muscariello <muscariello@ieee.org>
To resolve existing merge issues first.
Fixes a2aproject#697 (comment), bad merge in a2aproject#696. Cover "list tasks" in client-server integration tests which would prevent it. Re a2aproject#559.
Bring back `.pre-commit-config.yaml` and disabled JSCPD linter. Removal can be evaluated separately, for now bringing them back to make diff against `main` more focused. Re a2aproject#559.
Tests basic functionality with real client and server with real handlers, only agent executor is provided in test as it'd be in a real usage. Re a2aproject#559
JSON-RPC diverged a bit, update it to match other transports. Domain request handler returns `Task | Message` from `on_message_send` already. Fixes a2aproject#697 (comment). Re a2aproject#559.
According to [the spec](https://a2a-protocol.org/latest/specification/#314-list-tasks) all response fields are mandatory. Update implementation and add tests to cover. Re a2aproject#515
Active updates are happening to [A2A repo](https://github.com/a2aproject/A2A/commits/main/) currently. Switch `buf.gen.yaml` back to `main` (a2aproject#699 switched it to the 1.0 RC tag to progress with merge without regenerating files) and update code to work with the latest changes. Re a2aproject#559.
Following > The operation MUST return a Task object as the first event in the stream introduced in 1.0: https://a2a-protocol.org/latest/specification/#316-subscribe-to-task It also correctly uses `UnsupportedOperationError` as per the "Errors" section from the documentation linked above. Fixes a2aproject#675 --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
According to https://a2a-protocol.org/latest/specification/#324-history-length-semantics. It changes behavior so the fix was postponed till 1.0. After changing to proto passing `.history_length` would not work anymore due to the way how proto generated code works - optional values are still translated to language defaults to avoid `None`s, while presence should be checked via `HasField` - done in this PR. Fixes a2aproject#573 --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
# Description See [here](https://a2a-protocol.org/latest/specification/#validation-error-example) and [3.1.4. List Tasks](https://a2a-protocol.org/latest/specification/#314-list-tasks). Re a2aproject#515
## Description As per the 1.0 spec update (see [4.3.3. Push Notification Payload](https://a2a-protocol.org/latest/specification/#433-push-notification-payload)) use `StreamResponse` as push notifications payload. Fixes a2aproject#678 --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Use enum everywhere, data model uses `str` for protocol names, so custom protocols won't be constrained with the enum. Fixes a2aproject#705
- Remove custom config. - Remove 1.0-dev branch from triggers.
Set `release-type` as we removed configs in a2aproject#995.
Release-As: 1.0.0
It can not be used at the moment, will be readded after 1.0 release.
Skipped tests pass, remove the skip.
Do not run heavy jobs for docs and other unrelated changes.
# Description
This PR adds detailed documentation for migrating A2A-compliant
applications from version v0.3 to v1.0. The guide covers the transition
to full A2A Protocol v1.0 compatibility, including major architectural
shifts and developer experience improvements.
### Key Areas Covered:
* **Dependency Management**: Instructions for upgrading to
a2a-sdk>=1.0.0 using uv or pip.
* **Type System Transition**: Detailed mapping of the move from Pydantic
models to Protobuf-based classes, including the standardization of enum
values to `SCREAMING_SNAKE_CASE`.
* **Server-Side Refactoring**:
* Transition from application wrappers (A2AStarletteApplication, etc.)
to flexible route factory functions.
* Updated DefaultRequestHandler signature requiring agent_card.
* **Client Improvements**:
* New create_client() factory function replacing the legacy A2AClient
class.
* Standardization of send_message() return types to
AsyncIterator[StreamResponse].
* **Backward Compatibility**: Strategies for running v1.0 servers that
simultaneously support v0.3 clients during transition periods.
* **New Helper Utilities**: Introduction of the a2a.helpers module to
simplify object construction and data extraction.
### Why this is important:
The v1.0 release introduces several breaking changes to align with the
latest protocol specification and improve performance through Protobuf
integration. This guide is essential for existing users to successfully
navigate the upgrade path while minimizing downtime.
---------
Co-authored-by: Sampath Kumar <sam1990kumar@gmail.com>
🤖 I have created a release *beep* *boop* --- ## [1.0.0](a2aproject/a2a-python@v1.0.0-alpha.3...v1.0.0) (2026-04-20) See the [**v0.3 → v1.0 migration guide**](docs/migrations/v1_0/README.md) and changelog entries for alpha versions below. ### ⚠ BREAKING CHANGES * remove Vertex AI Task Store integration ([a2aproject#999](a2aproject#999)) ### Bug Fixes * rely on agent executor implementation for stream termination ([a2aproject#988](a2aproject#988)) ([d77cd68](a2aproject@d77cd68)) ### Documentation * add comprehensive v0.3 to v1.0 migration guide ([a2aproject#987](a2aproject#987)) ([10dea8b](a2aproject@10dea8b)) ### Miscellaneous Chores * release 1.0.0 ([530ec37](a2aproject@530ec37)) * remove Vertex AI Task Store integration ([a2aproject#999](a2aproject#999)) ([7fce2ad](a2aproject@7fce2ad)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Co-authored-by: Ivan Shymko <ishymko@google.com>
…a2aproject#1006) Currently it causes `no module named 'grpc'` when using HTTP machinery. Relevant "install and import" testing was extended to allow testing "extras" to catch this in the future.
🤖 I have created a release *beep* *boop* --- ## [1.0.1](a2aproject/a2a-python@v1.0.0...v1.0.1) (2026-04-22) ### Bug Fixes * **compat:** avoid unconditional grpc import in v0.3 context builders ([a2aproject#1006](a2aproject#1006)) ([6b46ceb](a2aproject@6b46ceb)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: Ivan Shymko <ishymko@google.com>
1. Cleanup 1.0-dev filters as the branch is removed already. 2. Remove any branch filters for workflows as a safety net if something got skipped on PR by accident. 3. Use "include" logic to make it more transparent what is the scope of each check (everything will run on `main` as per the previous item just in case the filter is wrong).
Bumps [requests](https://github.com/psf/requests) from 2.32.5 to 2.33.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/releases">requests's releases</a>.</em></p> <blockquote> <h2>v2.33.0</h2> <h2>2.33.0 (2026-03-25)</h2> <p><strong>Announcements</strong></p> <ul> <li>📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at <a href="https://redirect.github.com/psf/requests/issues/7271">#7271</a>. Give it a try, and report any gaps or feedback you may have in the issue. 📣</li> </ul> <p><strong>Security</strong></p> <ul> <li>CVE-2026-25645 <code>requests.utils.extract_zipped_paths</code> now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.</li> </ul> <p><strong>Improvements</strong></p> <ul> <li>Migrated to a PEP 517 build system using setuptools. (<a href="https://redirect.github.com/psf/requests/issues/7012">#7012</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (<a href="https://redirect.github.com/psf/requests/issues/7205">#7205</a>)</li> </ul> <p><strong>Deprecations</strong></p> <ul> <li>Dropped support for Python 3.9 following its end of support. (<a href="https://redirect.github.com/psf/requests/issues/7196">#7196</a>)</li> </ul> <p><strong>Documentation</strong></p> <ul> <li>Various typo fixes and doc improvements.</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/M0d3v1"><code>@M0d3v1</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/6865">psf/requests#6865</a></li> <li><a href="https://github.com/aminvakil"><code>@aminvakil</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/7220">psf/requests#7220</a></li> <li><a href="https://github.com/E8Price"><code>@E8Price</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/6960">psf/requests#6960</a></li> <li><a href="https://github.com/mitre88"><code>@mitre88</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/7244">psf/requests#7244</a></li> <li><a href="https://github.com/magsen"><code>@magsen</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/6553">psf/requests#6553</a></li> <li><a href="https://github.com/Rohan5commit"><code>@Rohan5commit</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/7227">psf/requests#7227</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25">https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's changelog</a>.</em></p> <blockquote> <h2>2.33.0 (2026-03-25)</h2> <p><strong>Announcements</strong></p> <ul> <li>📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at <a href="https://redirect.github.com/psf/requests/issues/7271">#7271</a>. Give it a try, and report any gaps or feedback you may have in the issue. 📣</li> </ul> <p><strong>Security</strong></p> <ul> <li>CVE-2026-25645 <code>requests.utils.extract_zipped_paths</code> now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.</li> </ul> <p><strong>Improvements</strong></p> <ul> <li>Migrated to a PEP 517 build system using setuptools. (<a href="https://redirect.github.com/psf/requests/issues/7012">#7012</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (<a href="https://redirect.github.com/psf/requests/issues/7205">#7205</a>)</li> </ul> <p><strong>Deprecations</strong></p> <ul> <li>Dropped support for Python 3.9 following its end of support. (<a href="https://redirect.github.com/psf/requests/issues/7196">#7196</a>)</li> </ul> <p><strong>Documentation</strong></p> <ul> <li>Various typo fixes and doc improvements.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761"><code>bc04dfd</code></a> v2.33.0</li> <li><a href="https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7"><code>66d21cb</code></a> Merge commit from fork</li> <li><a href="https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028"><code>8b9bc8f</code></a> Move badges to top of README (<a href="https://redirect.github.com/psf/requests/issues/7293">#7293</a>)</li> <li><a href="https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286"><code>e331a28</code></a> Remove unused extraction call (<a href="https://redirect.github.com/psf/requests/issues/7292">#7292</a>)</li> <li><a href="https://github.com/psf/requests/commit/753fd08c5eacce0aa0df73fe47e49525c67e0a29"><code>753fd08</code></a> docs: fix FAQ grammar in httplib2 example</li> <li><a href="https://github.com/psf/requests/commit/774a0b837a194ee885d4fdd9ca947900cc3daf71"><code>774a0b8</code></a> docs(socks): same block as other sections</li> <li><a href="https://github.com/psf/requests/commit/9c72a41bec8597f948c9d8caa5dc3f12273b3303"><code>9c72a41</code></a> Bump github/codeql-action from 4.33.0 to 4.34.1</li> <li><a href="https://github.com/psf/requests/commit/ebf71906798ec82f34e07d3168f8b8aecaf8a3be"><code>ebf7190</code></a> Bump github/codeql-action from 4.32.0 to 4.33.0</li> <li><a href="https://github.com/psf/requests/commit/0e4ae38f0c93d4f92a96c774bd52c069d12a4798"><code>0e4ae38</code></a> docs: exclude Response.is_permanent_redirect from API docs (<a href="https://redirect.github.com/psf/requests/issues/7244">#7244</a>)</li> <li><a href="https://github.com/psf/requests/commit/d568f47278492e630cc990a259047c67991d007a"><code>d568f47</code></a> docs: clarify Quickstart POST example (<a href="https://redirect.github.com/psf/requests/issues/6960">#6960</a>)</li> <li>Additional commits viewable in <a href="https://github.com/psf/requests/compare/v2.32.5...v2.33.0">compare view</a></li> </ul> </details> <br /> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ivan Shymko <ishymko@google.com>
Bumps [pytest](https://github.com/pytest-dev/pytest) from 9.0.2 to 9.0.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pytest-dev/pytest/releases">pytest's releases</a>.</em></p> <blockquote> <h2>9.0.3</h2> <h1>pytest 9.0.3 (2026-04-07)</h1> <h2>Bug fixes</h2> <ul> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/12444">#12444</a>: Fixed <code>pytest.approx</code> which now correctly takes into account <code>~collections.abc.Mapping</code> keys order to compare them.</p> </li> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/13634">#13634</a>: Blocking a <code>conftest.py</code> file using the <code>-p no:</code> option is now explicitly disallowed.</p> <p>Previously this resulted in an internal assertion failure during plugin loading.</p> <p>Pytest now raises a clear <code>UsageError</code> explaining that conftest files are not plugins and cannot be disabled via <code>-p</code>.</p> </li> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/13734">#13734</a>: Fixed crash when a test raises an exceptiongroup with <code>__tracebackhide__ = True</code>.</p> </li> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/14195">#14195</a>: Fixed an issue where non-string messages passed to <!-- raw HTML omitted -->unittest.TestCase.subTest()<!-- raw HTML omitted --> were not printed.</p> </li> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/14343">#14343</a>: Fixed use of insecure temporary directory (CVE-2025-71176).</p> </li> </ul> <h2>Improved documentation</h2> <ul> <li><a href="https://redirect.github.com/pytest-dev/pytest/issues/13388">#13388</a>: Clarified documentation for <code>-p</code> vs <code>PYTEST_PLUGINS</code> plugin loading and fixed an incorrect <code>-p</code> example.</li> <li><a href="https://redirect.github.com/pytest-dev/pytest/issues/13731">#13731</a>: Clarified that capture fixtures (e.g. <code>capsys</code> and <code>capfd</code>) take precedence over the <code>-s</code> / <code>--capture=no</code> command-line options in <code>Accessing captured output from a test function <accessing-captured-output></code>.</li> <li><a href="https://redirect.github.com/pytest-dev/pytest/issues/14088">#14088</a>: Clarified that the default <code>pytest_collection</code> hook sets <code>session.items</code> before it calls <code>pytest_collection_finish</code>, not after.</li> <li><a href="https://redirect.github.com/pytest-dev/pytest/issues/14255">#14255</a>: TOML integer log levels must be quoted: Updating reference documentation.</li> </ul> <h2>Contributor-facing changes</h2> <ul> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/12689">#12689</a>: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible <a href="https://app.codecov.io/gh/pytest-dev/pytest/tests">on the web interface</a>.</p> <p>-- by <code>aleguy02</code></p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pytest-dev/pytest/commit/a7d58d7a21b78581e636bbbdea13c66ad1657c1e"><code>a7d58d7</code></a> Prepare release version 9.0.3</li> <li><a href="https://github.com/pytest-dev/pytest/commit/089d98199c253d8f89a040243bc4f2aa6cd5ab22"><code>089d981</code></a> Merge pull request <a href="https://redirect.github.com/pytest-dev/pytest/issues/14366">#14366</a> from bluetech/revert-14193-backport</li> <li><a href="https://github.com/pytest-dev/pytest/commit/8127eaf4ab7f6b2fdd0dc1b38343ec97aeef05ac"><code>8127eaf</code></a> Revert "Fix: assertrepr_compare respects dict insertion order (<a href="https://redirect.github.com/pytest-dev/pytest/issues/14050">#14050</a>) (<a href="https://redirect.github.com/pytest-dev/pytest/issues/14193">#14193</a>)"</li> <li><a href="https://github.com/pytest-dev/pytest/commit/99a7e6029e7a6e8d53e5df114b1346e035370241"><code>99a7e60</code></a> Merge pull request <a href="https://redirect.github.com/pytest-dev/pytest/issues/14363">#14363</a> from pytest-dev/patchback/backports/9.0.x/95d8423bd...</li> <li><a href="https://github.com/pytest-dev/pytest/commit/ddee02a578da30dd43aedc39c1c1f1aaadfcee95"><code>ddee02a</code></a> Merge pull request <a href="https://redirect.github.com/pytest-dev/pytest/issues/14343">#14343</a> from bluetech/cve-2025-71176-simple</li> <li><a href="https://github.com/pytest-dev/pytest/commit/74eac6916fee34726cb194f16c516e96fbd29619"><code>74eac69</code></a> doc: Update training info (<a href="https://redirect.github.com/pytest-dev/pytest/issues/14298">#14298</a>) (<a href="https://redirect.github.com/pytest-dev/pytest/issues/14301">#14301</a>)</li> <li><a href="https://github.com/pytest-dev/pytest/commit/f92dee777cfdb77d1c43633d02766ddf1f07c869"><code>f92dee7</code></a> Merge pull request <a href="https://redirect.github.com/pytest-dev/pytest/issues/14267">#14267</a> from pytest-dev/patchback/backports/9.0.x/d6fa26c62...</li> <li><a href="https://github.com/pytest-dev/pytest/commit/7ee58acc8777c31ac6cf388d01addf5a414a7439"><code>7ee58ac</code></a> Merge pull request <a href="https://redirect.github.com/pytest-dev/pytest/issues/12378">#12378</a> from Pierre-Sassoulas/fix-implicit-str-concat-and-d...</li> <li><a href="https://github.com/pytest-dev/pytest/commit/37da870d37e3a2f5177cae075c7b9ae279432bf8"><code>37da870</code></a> Merge pull request <a href="https://redirect.github.com/pytest-dev/pytest/issues/14259">#14259</a> from mitre88/patch-4 (<a href="https://redirect.github.com/pytest-dev/pytest/issues/14268">#14268</a>)</li> <li><a href="https://github.com/pytest-dev/pytest/commit/c34bfa3b7acb65b594707c714f1d8461b0304eed"><code>c34bfa3</code></a> Add explanation for string context diffs (<a href="https://redirect.github.com/pytest-dev/pytest/issues/14257">#14257</a>) (<a href="https://redirect.github.com/pytest-dev/pytest/issues/14266">#14266</a>)</li> <li>Additional commits viewable in <a href="https://github.com/pytest-dev/pytest/compare/9.0.2...9.0.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/a2aproject/a2a-python/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ivan Shymko <ishymko@google.com>
Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.5 to 46.0.7. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's changelog</a>.</em></p> <blockquote> <p>46.0.7 - 2026-04-07</p> <pre><code> * **SECURITY ISSUE**: Fixed an issue where non-contiguous buffers could be passed to APIs that accept Python buffers, which could lead to buffer overflow. **CVE-2026-39892** * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.6. <p>.. _v46-0-6:</p> <p>46.0.6 - 2026-03-25<br /> </code></pre></p> <ul> <li><strong>SECURITY ISSUE</strong>: Fixed a bug where name constraints were not applied to peer names during verification when the leaf certificate contains a wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug, including those used by the Web PKI. Credit to <strong>Oleh Konko (1seal)</strong> for reporting the issue. <strong>CVE-2026-34073</strong></li> </ul> <p>.. _v46-0-5:</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pyca/cryptography/commit/622d672e429a7cff836a23c5903683dbec1901f5"><code>622d672</code></a> 46.0.7 release (<a href="https://redirect.github.com/pyca/cryptography/issues/14602">#14602</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/91d728897bdad30cd5c79a2b23e207f1f050d587"><code>91d7288</code></a> Cherry-pick <a href="https://redirect.github.com/pyca/cryptography/issues/14542">#14542</a> (<a href="https://redirect.github.com/pyca/cryptography/issues/14543">#14543</a>)</li> <li>See full diff in <a href="https://github.com/pyca/cryptography/compare/46.0.5...46.0.7">compare view</a></li> </ul> </details> <br /> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ivan Shymko <ishymko@google.com>
# Description Thank you for opening a Pull Request! Before submitting your PR, there are a few things you can do to make sure it goes smoothly: - [x] Follow the [Contribution Guide](https://github.com/a2aproject/a2a-python/blob/main/CONTRIBUTING.md). - [x] Make your Pull Request title in the <https://www.conventionalcommits.org/> specification. - Important Prefixes for [release-please](https://github.com/googleapis/release-please): - `fix:` which represents bug fixes, and correlates to a [SemVer](https://semver.org/) patch. - `feat:` represents a new feature, and correlates to a SemVer minor. - `feat!:`, or `fix!:`, `refactor!:`, etc., which represent a breaking change (indicated by the `!`) and will result in a SemVer major. - [x] Ensure the tests and linter pass (Run `bash scripts/format.sh` from the repository root to format) - [x] Appropriate docs were updated (if necessary) Fixes #<issue_number_goes_here> 🦕 --------- Co-authored-by: Iva Sokolaj <102302011+sokoliva@users.noreply.github.com> Co-authored-by: sokoliva <sokolaj@google.com>
…tibility (a2aproject#1010) # Description Replace `field.is_repeated` with `field.label == field.LABEL_REPEATED` in `proto_utils.py` to support older protobuf versions where the `is_repeated` attribute is not available on `FieldDescriptor`. # Problem When using older protobuf versions accessing `field.is_repeated` raises: `a2a.utils.errors.InternalError: 'google._upb._message.FieldDescriptor' object has no attribute 'is_repeated'` The project's declared minimum is `protobuf>=5.29.5`, `5.29.5` does not support `is_repeated`. This caused `send_message` (and other proto-validating client calls) to fail at runtime for users on older protobuf releases. The `is_repeated` property was only added to `FieldDescriptor` in newer protobuf releases (6.x), so relying on it broke compatibility with the supported version range. Although the deprecated label was already [removed in some 7.x version](https://github.com/protocolbuffers/protobuf/releases/tag/v34.0-rc1.1), 7.x version can't be resolved with the other constraints we have in the project. # Fix Use the long-standing `label` attribute and compare against `FieldDescriptor.LABEL_REPEATED`, which is available across all supported protobuf versions and is the canonical way to detect repeated fields. # Testing - `uv run pytest` passes against the supported protobuf version range.
Before: <img width="1006" height="1294" alt="image" src="https://github.com/user-attachments/assets/f855d9d0-b58f-4cd6-98de-a00d8698b93b" /> After: <img width="2054" height="1318" alt="image" src="https://github.com/user-attachments/assets/c7bb2bc4-ce35-4580-97fc-61e3578b193f" />
…ide (a2aproject#1014) # Description - Adds a new section **"Server: AgentExecutor Streaming Rules"** to the v0.3 → v1.0 migration guide, covering the breaking change introduced in a2aproject#979 where the server now strictly enforces the A2A spec rules for `message/stream`. - Documents the four `InvalidAgentResponseError` cases (mixing `Message` and `Task` events, multiple `Message`s, updates before the initial `Task`) with a clear table mapped to the actual error messages from `active_task.py`. - Provides before/after migration examples — including the message-only pattern and the full task lifecycle pattern (Task → WORKING → invoke agent → artifact → COMPLETED) — plus a quick migration checklist. - Links to the updated `helloworld/agent_executor.py` in [a2a-samples#474](a2aproject/a2a-samples#474) as a working reference. - Adds a corresponding bullet to the "Summary of Key Changes" section # Why Existing v0.3 executors that mixed `Message` and `Task` events were silently tolerated. After a2aproject#979 they fail at runtime with `InvalidAgentResponseError`, which is easy to hit and hard to diagnose without guidance. This section gives users a clear path to migrate.
…roject#1004) ## Description - [x] Follow the [`CONTRIBUTING` Guide](https://github.com/a2aproject/a2a-python/blob/main/CONTRIBUTING.md). - [x] Make your Pull Request title in the <https://www.conventionalcommits.org/> specification. - [x] Ensure the tests and linter pass (Run `bash scripts/format.sh` from the repository root to format) - [ ] Appropriate docs were updated (if necessary) --- ### Summary `proto_helpers.py` provided `new_text_message` and `new_text_artifact` for the text Part variant, but nothing for the three remaining Part types (`data`, `raw`, `url`). This PR completes the set. **The `data` case is especially awkward without a helper.** `Part.data` is `google.protobuf.Value` in the v1.0 spec, which requires a non-obvious `ParseDict` dance to construct from a plain Python value: ```python # Without helper from google.protobuf.json_format import ParseDict from google.protobuf import struct_pb2 part = Part(data=ParseDict({"answer": "hello"}, struct_pb2.Value())) # With helper part = new_data_part({"answer": "hello"}) ``` ### New helpers **Part primitives** (building blocks, mirror the existing implicit `Part(text=...)` pattern): | Helper | Part field | Accepts | |---|---|---| | `new_data_part(data)` | `data` (`google.protobuf.Value`) | Any JSON-serializable value (dict, list, str, …) | | `new_raw_part(raw, media_type, filename)` | `raw` (`bytes`) | Raw bytes with optional MIME type and filename | | `new_url_part(url, media_type, filename)` | `url` (`str`) | URL with optional MIME type and filename | **Message helpers** (mirror `new_text_message`): | Helper | Wraps | |---|---| | `new_data_message(data, role, context_id, task_id)` | `new_data_part` | | `new_raw_message(raw, media_type, filename, role, context_id, task_id)` | `new_raw_part` | | `new_url_message(url, media_type, filename, role, context_id, task_id)` | `new_url_part` | **Artifact helpers** (mirror `new_text_artifact`): | Helper | Wraps | |---|---| | `new_data_artifact(name, data, description, artifact_id)` | `new_data_part` | | `new_raw_artifact(name, raw, media_type, filename, description, artifact_id)` | `new_raw_part` | | `new_url_artifact(name, url, media_type, filename, description, artifact_id)` | `new_url_part` | ### Changes - `src/a2a/helpers/proto_helpers.py` — 9 new helper functions - `tests/helpers/test_proto_helpers.py` — tests for all new helpers (35 total, all passing) ### Reviewer feedback addressed - `new_data_part` type hint broadened from `dict[str, Any]` to `Any`, since `google.protobuf.Value` accepts any JSON-serializable value, not just dicts. Added a list-value test to cover this. Release-as: 1.0.2 --------- Co-authored-by: Sampath Kumar <sam1990kumar@gmail.com>
# Description PR extends itk cases with push_notifications compatibility tests Thank you for opening a Pull Request! Before submitting your PR, there are a few things you can do to make sure it goes smoothly: - [x] Follow the [`CONTRIBUTING` Guide](https://github.com/a2aproject/a2a-python/blob/main/CONTRIBUTING.md). - [x] Make your Pull Request title in the <https://www.conventionalcommits.org/> specification. - Important Prefixes for [release-please](https://github.com/googleapis/release-please): - `fix:` which represents bug fixes, and correlates to a [SemVer](https://semver.org/) patch. - `feat:` represents a new feature, and correlates to a SemVer minor. - `feat!:`, or `fix!:`, `refactor!:`, etc., which represent a breaking change (indicated by the `!`) and will result in a SemVer major. - [x] Ensure the tests and linter pass (Run `bash scripts/format.sh` from the repository root to format) - [x] Appropriate docs were updated (if necessary) Fixes #<issue_number_goes_here> 🦕 Co-authored-by: Krzysztof Dziedzic <dziedzick@google.com>
Co-authored-by: Copilot <copilot@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
15 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Test path trigger