Bump the pip group across 4 directories with 3 updates

[dependabot]

Bumps the pip group with 1 update in the /EdgeFieldDay2025/edge-ai-car-classification/sync-sidecar directory: requests.
Bumps the pip group with 2 updates in the /edgeai/efficientnet-b3-stanford-cars/mlruns/387138003911017072/models/m-5af6dec84a924fdda55144b9ef86abdd/artifacts directory: mlflow and onnx.
Bumps the pip group with 2 updates in the /edgeai/efficientnet-b3-stanford-cars/mlruns/387138003911017072/models/m-5efb4eab983947ca98b18aadd7d74183/artifacts directory: mlflow and onnx.
Bumps the pip group with 2 updates in the /edgeai/efficientnet-b5-stanford-cars/mlruns/505550186997757802/models/m-dcb6682ff42b407a9e297fe345ca5355/artifacts directory: mlflow and onnx.

Updates requests from 2.32.4 to 2.33.0

Release notes

Sourced from requests's releases.

v2.33.0

2.33.0 (2026-03-25)

Announcements

• 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

• CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

• Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

• Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

• Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

• Various typo fixes and doc improvements.

New Contributors

• @​M0d3v1 made their first contribution in psf/requests#6865
• @​aminvakil made their first contribution in psf/requests#7220
• @​E8Price made their first contribution in psf/requests#6960
• @​mitre88 made their first contribution in psf/requests#7244
• @​magsen made their first contribution in psf/requests#6553
• @​Rohan5commit made their first contribution in psf/requests#7227

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25

v2.32.5

2.32.5 (2025-08-18)

Bugfixes

• The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

• Added support for Python 3.14.
• Dropped support for Python 3.8 following its end of support.

Changelog

Sourced from requests's changelog.

2.33.0 (2026-03-25)

Announcements

• 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

• CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

• Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

• Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

• Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

• Various typo fixes and doc improvements.

2.32.5 (2025-08-18)

Bugfixes

• The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

• Added support for Python 3.14.
• Dropped support for Python 3.8 following its end of support.

Commits

• bc04dfd v2.33.0
• 66d21cb Merge commit from fork
• 8b9bc8f Move badges to top of README (#7293)
• e331a28 Remove unused extraction call (#7292)
• 753fd08 docs: fix FAQ grammar in httplib2 example
• 774a0b8 docs(socks): same block as other sections
• 9c72a41 Bump github/codeql-action from 4.33.0 to 4.34.1
• ebf7190 Bump github/codeql-action from 4.32.0 to 4.33.0
• 0e4ae38 docs: exclude Response.is_permanent_redirect from API docs (#7244)
• d568f47 docs: clarify Quickstart POST example (#6960)
• Additional commits viewable in compare view

Updates requests from 2.32.4 to 2.33.0

Release notes

Sourced from requests's releases.

v2.33.0

2.33.0 (2026-03-25)

Announcements

• 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

• CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

• Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

• Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

• Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

• Various typo fixes and doc improvements.

New Contributors

• @​M0d3v1 made their first contribution in psf/requests#6865
• @​aminvakil made their first contribution in psf/requests#7220
• @​E8Price made their first contribution in psf/requests#6960
• @​mitre88 made their first contribution in psf/requests#7244
• @​magsen made their first contribution in psf/requests#6553
• @​Rohan5commit made their first contribution in psf/requests#7227

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25

v2.32.5

2.32.5 (2025-08-18)

Bugfixes

• The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

• Added support for Python 3.14.
• Dropped support for Python 3.8 following its end of support.

Changelog

Sourced from requests's changelog.

2.33.0 (2026-03-25)

Announcements

• 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

• CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

• Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

• Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

• Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

• Various typo fixes and doc improvements.

2.32.5 (2025-08-18)

Bugfixes

• The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

• Added support for Python 3.14.
• Dropped support for Python 3.8 following its end of support.

Commits

• bc04dfd v2.33.0
• 66d21cb Merge commit from fork
• 8b9bc8f Move badges to top of README (#7293)
• e331a28 Remove unused extraction call (#7292)
• 753fd08 docs: fix FAQ grammar in httplib2 example
• 774a0b8 docs(socks): same block as other sections
• 9c72a41 Bump github/codeql-action from 4.33.0 to 4.34.1
• ebf7190 Bump github/codeql-action from 4.32.0 to 4.33.0
• 0e4ae38 docs: exclude Response.is_permanent_redirect from API docs (#7244)
• d568f47 docs: clarify Quickstart POST example (#6960)
• Additional commits viewable in compare view

Updates mlflow from 3.5.0rc0 to 3.11.0rc1

Release notes

Sourced from mlflow's releases.

v3.11.0rc1

Stripped third-party dependencies from evaluation and AI Gateway features, replacing external provider routing with built-in implementations.

v3.11.0rc0

We're excited to announce MLflow 3.11.0rc0, which includes several notable updates:

Major New Features:

• 🔍 Automatic Issue Identification: Automatically identify quality issues in your agent with AI! Use the new "Detect Issues" button in the traces table to analyze selected traces and surface potential problems across categories like correctness, safety, and performance. Issues are linked directly to traces for easy investigation and debugging. (#21431, #21204, #21165, #21163, #21161, @​smoorjani, @​serena-ruan)
• 💰 Gateway Budget Alerts & Limits: Control your AI Gateway spending with configurable budget policies! Set spending limits by time window (daily, weekly, or monthly), receive alerts before hitting limits, and prevent runaway costs with automatic request blocking. The new budget management UI lets you track spending, configure webhooks for notifications, and monitor violations across all your gateway endpoints. (#21116, #21534, #21569, #21473, #21108, @​TomeHirata, @​copilot-swe-agent)
• 📊 Trace Graph View: Visualize complex trace hierarchies with an interactive graph view! Navigate multi-level trace structures, understand parent-child relationships at a glance, and debug complex systems more effectively with a visual representation of your trace topology. (#20607, @​joelrobin18)
• 🌐 Native OpenTelemetry GenAI Convention Support: MLflow now natively supports the OpenTelemetry GenAI Semantic Conventions for trace export! When exporting traces via OTLP with MLFLOW_ENABLE_OTEL_GENAI_SEMCONV enabled, MLflow automatically translates them to follow the OTel GenAI semantic conventions, enabling seamless integration with OTel-compatible observability platforms while preserving GenAI-specific metadata. (#21494, #21495, @​B-Step62)
• 🔧 Opencode Tracing Integration: Debug smarter with Opencode CLI integration! Track and analyze code execution flows directly from your development workflow, making it easier to identify performance bottlenecks and trace issues back to specific code paths. (#20133, @​joelrobin18)
• ⚡ UV Package Manager Support: Automatic dependency inference now supports UV! MLflow automatically detects UV projects and captures exact, locked dependencies from your lockfile when logging models, ensuring reproducible environments. (#20344, #20935, @​debu-sinha)
• 🔒 Pickle-Free Model Serialization: Enhance security with pickle-free model formats! MLflow now supports safer model serialization using torch.export and skops formats, with improved controls when MLFLOW_ALLOW_PICKLE_DESERIALIZATION=False. Comprehensive documentation guides you through migrating existing models to pickle-free formats for production deployments. (#21404, #21188, #20774, @​WeichenXu123)

Breaking Changes:

• ⚠️ TypeScript SDK Package Renaming: The MLflow TypeScript SDK packages have been renamed to use npm organization scoping. If you're using the TypeScript SDK, update your package.json dependencies and import statements: mlflow-tracing → @mlflow/core, mlflow-openai → @mlflow/openai, mlflow-anthropic → @mlflow/anthropic, mlflow-gemini → @mlflow/gemini. All packages are now at version 0.2.0. (#20792, @​B-Step62)

Stay tuned for the full release, which will be packed with even more features and bugfixes.

To try out this release candidate, please run:

pip install mlflow==3.11.0rc0

v3.10.1

MLflow 3.10.1 is a patch release that contains some minor feature enhancements, bug fixes, and documentation updates.

Features:

• [UI] Add try-it page on Gateway usage example modal (#21077, @​PattaraS)
• [UI] Filter gateway experiments from the experiment list page (#21130, @​copilot-swe-agent)

Bug fixes:

• [UI] Fix "View full dashboard" link in gateway usage tab when workspace is enabled (#21191, @​copilot-swe-agent)
• [UI] Persist AI Gateway default passphrase security banner dismissal to localStorage (#21292, @​copilot-swe-agent)
• [Evaluation] Demote unused parameters log message from WARNING to DEBUG in instructions judge (#21294, @​copilot-swe-agent)
• [UI] Clear "All" time selector when switching to overview tab (#21371, @​daniellok-db)
• [Prompts / UI] Fix Traces view in Prompts tab not being scrollable (#21282, @​TomeHirata)
• [UI] Fix judge builder instruction textarea (#21299, @​daniellok-db)
• [UI] Fix group mode to aggregate "Additional runs" as "Unassigned" group in charts (#21155, @​copilot-swe-agent)
• [UI] Fix artifact download when workspaces are enabled (#21074, @​timsolovev)
• [Tracing] Fix NOT NULL constraint on assessments.trace_id during trace export (#21348, @​dbczumar)
• [Tracking] Fix 403 Forbidden for artifact list via query param when default_permission=NO_PERMISSIONS (#21220, @​copilot-swe-agent)
• [UI] [ML-63097] Fix broken LLM judge documentation links (#21347, @​smoorjani)
• [Tracing] Fix Run Judge failed with litellm.InternalServerError: Invalid response object. (#21262, @​PattaraS)
• [Tracing / UI] Update Action menu: indentation to avoid confusion (#21266, @​PattaraS)
• [Model Registry] Fix MlflowClient.copy_model_version for the case that copy UC model across workspaces (#21212, @​WeichenXu123)

... (truncated)

Changelog

Sourced from mlflow's changelog.

CHANGELOG

3.11.1 (2026-04-07)

MLflow 3.11.1 includes several major features and improvements.

Major New Features:

• 🔍 Automatic Issue Identification: Automatically identify quality issues in your agent with AI! Use the new "Detect Issues" button in the traces table to analyze selected traces and surface potential problems across categories like correctness, safety, and performance. Issues are linked directly to traces for easy investigation and debugging. Docs (#21431, #21204, #21165, #21163, #21161, @​smoorjani, @​serena-ruan)
• 💰 Gateway Budget Alerts & Limits: Control your AI Gateway spending with configurable budget policies! Set spending limits by time window (daily, weekly, or monthly), receive alerts before hitting limits, and prevent runaway costs with automatic request blocking. The new budget management UI lets you track spending, configure webhooks for notifications, and monitor violations across all your gateway endpoints. Docs (#21116, #21534, #21569, #21473, #21108, @​TomeHirata, @​copilot-swe-agent)
• 📊 Trace Graph View: Visualize complex trace hierarchies with an interactive graph view! Navigate multi-level trace structures, understand parent-child relationships at a glance, and debug complex systems more effectively with a visual representation of your trace topology. Docs (#20607, @​joelrobin18)
• 🌐 Native OpenTelemetry GenAI Convention Support: MLflow now natively supports the OpenTelemetry GenAI Semantic Conventions for trace export! When exporting traces via OTLP with MLFLOW_ENABLE_OTEL_GENAI_SEMCONV enabled, MLflow automatically translates them to follow the OTel GenAI semantic conventions, enabling seamless integration with OTel-compatible observability platforms while preserving GenAI-specific metadata. Docs (#21494, #21495, @​B-Step62)
• 🔧 OpenCode Tracing Integration: Debug smarter with OpenCode CLI integration! Track and analyze code execution flows directly from your development workflow, making it easier to identify performance bottlenecks and trace issues back to specific code paths. Docs (#20133, @​joelrobin18)
• ⚡ Native UV Support for Model Dependencies: Automatic dependency inference now supports UV! MLflow automatically detects UV projects and captures exact, locked dependencies from your lockfile when logging models, ensuring reproducible environments. Docs (#20344, #20935, @​debu-sinha)
• 🔒 Pickle-Free Model Serialization: Enhance security with pickle-free model formats! MLflow now supports safer model serialization using torch.export and skops formats, with improved controls when MLFLOW_ALLOW_PICKLE_DESERIALIZATION=False. Comprehensive documentation guides you through migrating existing models to pickle-free formats for production deployments. Docs (#21404, #21188, #20774, @​WeichenXu123)

Breaking Changes:

• ⚠️ TypeScript SDK Package Renaming: The MLflow TypeScript SDK packages have been renamed to use npm organization scoping. If you're using the TypeScript SDK, update your package.json dependencies and import statements: mlflow-tracing → @mlflow/core, mlflow-openai → @mlflow/openai, mlflow-anthropic → @mlflow/anthropic, mlflow-gemini → @mlflow/gemini. All packages are now at version 0.2.0. (#20792, @​B-Step62)
• Remove MLFLOW_ENABLE_INCREMENTAL_SPAN_EXPORT environment variable (#22182, @​PattaraS)
• Remove litellm and gepa from genai extras (#22059, @​TomeHirata)
• Block / and : in Registered Model names (#21458, @​Bhuvan-08)

Features:

• [Evaluation] Allow MetaPromptOptimizer to work without litellm (#22233, @​TomeHirata)
• [Tracking] Update Databricks API calls to use new gRPC APIs instead of py4j APIs (#22205, @​WeichenXu123)
• [Build] Add aiohttp as a core dependency of mlflow (#22189, @​TomeHirata)
• [Evaluation] Extend _get_provider_instance with groq, deepseek, xai, openrouter, ollama, databricks, vertex_ai (#22148, @​kriscon-db)
• [UI] Move native providers to non-LiteLLM in gateway UI (#22203, @​TomeHirata)
• [Tracing / Tracking] Add trace_location parameter to create_experiment (#22075, @​dbrx-euirim)
• [Gateway] Complete Bedrock provider with Converse API support (#21999, @​TomeHirata)
• [Gateway] Add native Vertex AI gateway provider (#21998, @​TomeHirata)
• [Gateway] Add native Databricks gateway provider (#21997, @​TomeHirata)
• [Gateway] Add native Ollama gateway provider (#21995, @​TomeHirata)
• [Gateway] Add native xAI (Grok) gateway provider (#21993, @​TomeHirata)
• [Tracing] Use bulk upsert in log_spans() to eliminate per-span ORM overhead (#21954, @​harupy)
• [Tracing] Add builtin cost_per_token to remove litellm dependency for cost tracking (#22046, @​TomeHirata)
• [Evaluation] Remove LiteLLM hard dependency from the discovery pipeline and judge adapters (#21739, @​harupy)
• [Evaluation] Add pipelined predict-score execution for mlflow.genai.evaluate (#20940, @​alkispoly-db)
• [Tracing / Tracking] Default trace location table_prefix to experiment ID in set_experiment (#21815, @​danielseong1)
• [Tracking] Add default uvicorn log config with timestamps (#21838, @​harupy)
• [Tracing / UI] Add Session ID filter to GenAI traces table filter dropdown (#21794, @​daniellok-db)
• [Evaluation / UI] Add Default Credential Chain auth mode for Bedrock/SageMaker in AI Gateway (#21061, @​timsolovev)
• [UI] Add multi metric bar chart support (#21258, @​RenzoMXD)
• [Tracking] Add TCP keepalive to HTTP sessions to detect stale connections and reduce timeout hangs (#21514, @​mobaniha)
• [Evaluation] Add proxy URL support for make_judge (#21185, @​yukimori)
• [UI] Improve run group filter to use grouping criteria instead of run IDs (#21072, @​daniellok-db)
• [UI] Add tool selector to Tool Calls charts and fix dark mode/sizing (#20865, @​B-Step62)
• [UI] Graph View Traces + OpenAI (#20607, @​joelrobin18)

... (truncated)

Commits

• 2627607 update uv.lock (#22235)
• 099fe52 bump version to rc1 (#22232)
• 0e2ae1b Fix telemetry initialization and flush in job subprocesses (#22222)
• 6da4f10 Move native providers to non-LiteLLM in gateway UI (#22203)
• b934d23 Fix response parsing for older models (#22138)
• d2d92ee Remove MLFLOW_ENABLE_INCREMENTAL_SPAN_EXPORT environment variable (#22182)
• aaad8d8 Remove notification and redirect to eval run (#22175)
• 3f220eb Replace torch dependency group with requirements/torch.txt (#22192)
• 1c65d9a Edit LiteLLM mentions in docs (#22140)
• 9a328e5 Remove dynamic logs from workspace selector (#22180)
• Additional commits viewable in compare view

Updates onnx from 1.19.0 to 1.21.0

Release notes

Sourced from onnx's releases.

v1.21.0

ONNX v1.21.0 is now available with exciting new features! We would like to thank everyone who contributed to this release! Please visit onnx.ai to learn more about ONNX and associated projects.

What's Changed

Breaking Changes and Deprecations

• Remove defunct model hub integration by @​andife in onnx/onnx#7678

Spec and Operator

• Revert opset 25 version bump by @​titaiwangms in onnx/onnx#7441
• Add 2 bit support to onnx by @​vraspar in onnx/onnx#7446
• Bump opset version to 26 by @​titaiwangms in onnx/onnx#7469
• Remove enforcement to node determinism attribute by @​titaiwangms in onnx/onnx#7473
• Export functions by @​cyyever in onnx/onnx#7505
• [Reland] Cumulative Product Operator by @​titaiwangms in onnx/onnx#7400
• Fix Div integer semantics to use trunc division by @​MagellaX in onnx/onnx#7585
• Clarify DFT behavior when inverse=True and onesided=True (irfft) by @​simonbyrne in onnx/onnx#7574
• Specify 0/0 case in LpNormalization by @​titaiwangms in onnx/onnx#7618
• Clarify NonMaxSuppression IoU threshold uses strict comparison by @​Copilot in onnx/onnx#7619
• Relax model domain requirement from MUST to SHOULD by @​Copilot in onnx/onnx#7668
• Add BitCast operator for bitwise type reinterpretation by @​Copilot in onnx/onnx#7527

Reference Implementation

• Fix CenterCropPad: compare target shape with dimension, not axis index by @​Copilot in onnx/onnx#7522
• Vectorize sigmoid op implementation by @​justinchuby in onnx/onnx#7556
• Fixing verbose logging error at verbose=3 for reference_evaluator by @​rothej in onnx/onnx#7597
• Clean up reference evaluator tests by @​VedantMadane in onnx/onnx#7684

Utilities and Tools

• Add version check for test_executable_permission_check by @​andife in onnx/onnx#7511
• Fix index out of bounds in version converter adapters by @​rothej in onnx/onnx#7493
• Fix default attribute values in shape inference by @​matteosal in onnx/onnx#7602
• Fix Softmax-family shape inference for scalar inputs by @​MagellaX in onnx/onnx#7625
• Fix/merge models value info by @​MagellaX in onnx/onnx#7608
• Add version converter adapters for opset 15, 16, 17, 18 by @​alexkvitkevich in onnx/onnx#7677
• shape_inference: Validate expected size of scalar tensor in ParseData by @​skottmckay in onnx/onnx#7675

Build, CI and Tests

• Force labels in PRs by @​titaiwangms in onnx/onnx#7442
• Fix reuse by @​andife in onnx/onnx#7463
• Change precedence from 'aggregate' to 'override' for generating scripts by @​andife in onnx/onnx#7458
• a) 3.14-dev -> 3.14, b) reduce template injection thread by @​andife in onnx/onnx#7461
• Export register functions by @​cyyever in onnx/onnx#7496
• Fix Python executable detection in virtual environments by @​aoguntayo in onnx/onnx#7485
• Merged Release Workflows for Windows by @​Raghul-M in onnx/onnx#7509
• Bump nanobind to 2.10.2 by @​cyyever in onnx/onnx#7479
• Fix freebsd build by @​cyyever in onnx/onnx#7518
• Revert ONNX CMake changes by @​cyyever in onnx/onnx#7515
• Export functions used in PyTorch by @​cyyever in onnx/onnx#7524
• Export protobuf symbols by @​cyyever in onnx/onnx#7525
• Fix CMAKE_ARGS parsing for windows compatibility by @​hmaarrfk in onnx/onnx#7532
• Replace deprecated github action "test-results-action" by @​andife in onnx/onnx#7552
• Wheels for python 3.14t by @​andife in onnx/onnx#7558
• Clarify permissions comment and update dependencies install by @​andife in onnx/onnx#7577

... (truncated)

Commits

• be2b5fd Update VERSION_NUMBER to final release version (#7772)
• c751ddb Update VERSION_NUMBER to rc4 (#7759)
• 866038e [rel-1.21.0] Cherry-pick bug and security fixes for RC4 (#7737, #7751) (#7758)
• e6c12c5 update version to rc3 (#7743)
• 33afebf Cherry pick commit (#7740)
• a51ac07 update release to rc2 (#7732)
• 089fcda fix windows build ; upload (#7727)
• fbbe45b Cherry pick commits into the release branch (#7718)
• 624108e update release branch version to 1.21.0rc1 (#7714)
• b65e6e1 [Cherry-Pick] Merge commits from main for security fixes (#7688)
• Additional commits viewable in compare view

Updates mlflow from 3.5.0rc0 to 3.11.0rc1

Release notes

Sourced from mlflow's releases.

v3.11.0rc1

Stripped third-party dependencies from evaluation and AI Gateway features, replacing external provider routing with built-in implementations.

v3.11.0rc0

We're excited to announce MLflow 3.11.0rc0, which includes several notable updates:

Major New Features:

• 🔍 Automatic Issue Identification: Automatically identify quality issues in your agent with AI! Use the new "Detect Issues" button in the traces table to analyze selected traces and surface potential problems across categories like correctness, safety, and performance. Issues are linked directly to traces for easy investigation and debugging. (#21431, #21204, #21165, #21163, #21161, @​smoorjani, @​serena-ruan)
• 💰 Gateway Budget Alerts & Limits: Control your AI Gateway spending with configurable budget policies! Set spending limits by time window (daily, weekly, or monthly), receive alerts before hitting limits, and prevent runaway costs with automatic request blocking. The new budget management UI lets you track spending, configure webhooks for notifications, and monitor violations across all your gateway endpoints. (#21116, #21534, #21569, #21473, #21108, @​TomeHirata, @​copilot-swe-agent)
• 📊 Trace Graph View: Visualize complex trace hierarchies with an interactive graph view! Navigate multi-level trace structures, understand parent-child relationships at a glance, and debug complex systems more effectively with a visual representation of your trace topology. (#20607, @​joelrobin18)
• 🌐 Native OpenTelemetry GenAI Convention Support: MLflow now natively supports the OpenTelemetry GenAI Semantic Conventions for trace export! When exporting traces via OTLP with MLFLOW_ENABLE_OTEL_GENAI_SEMCONV enabled, MLflow automatically translates them to follow the OTel GenAI semantic conventions, enabling seamless integration with OTel-compatible observability platforms while preserving GenAI-specific metadata. (#21494, #21495, @​B-Step62)
• 🔧 Opencode Tracing Integration: Debug smarter with Opencode CLI integration! Track and analyze code execution flows directly from your development workflow, making it easier to identify performance bottlenecks and trace issues back to specific code paths. (#20133, @​joelrobin18)
• ⚡ UV Package Manager Support: Automatic dependency inference now supports UV! MLflow automatically detects UV projects and captures exact, locked dependencies from your lockfile when logging models, ensuring reproducible environments. (#20344, #20935, @​debu-sinha)
• 🔒 Pickle-Free Model Serialization: Enhance security with pickle-free model formats! MLflow now supports safer model serialization using torch.export and skops formats, with improved controls when MLFLOW_ALLOW_PICKLE_DESERIALIZATION=False. Comprehensive documentation guides you through migrating existing models to pickle-free formats for production deployments. (#21404, #21188, #20774, @​WeichenXu123)

Breaking Changes:

• ⚠️ TypeScript SDK Package Renaming: The MLflow TypeScript SDK packages have been renamed to use npm organization scoping. If you're using the TypeScript SDK, update your package.json dependencies and import statements: mlflow-tracing → @mlflow/core, mlflow-openai → @mlflow/openai, mlflow-anthropic → @mlflow/anthropic, mlflow-gemini → @mlflow/gemini. All packages are now at version 0.2.0. (#20792, @​B-Step62)

Stay tuned for the full release, which will be packed with even more features and bugfixes.

To try out this release candidate, please run:

pip install mlflow==3.11.0rc0

v3.10.1

MLflow 3.10.1 is a patch release that contains some minor feature enhancements, bug fixes, and documentation updates.

Features:

• [UI] Add try-it page on Gateway usage example modal (#21077, @​PattaraS)
• [UI] Filter gateway experiments from the experiment list page (#21130, @​copilot-swe-agent)

Bug fixes:

• [UI] Fix "View full dashboard" link in gateway usage tab when workspace is enabled (#21191, @​copilot-swe-agent)
• [UI] Persist AI Gateway default passphrase security banner dismissal to localStorage (#21292, @​copilot-swe-agent)
• [Evaluation] Demote unused parameters log message from WARNING to DEBUG in instructions judge (#21294, @​copilot-swe-agent)
• [UI] Clear "All" time selector when switching to overview tab (#21371, @​daniellok-db)
• [Prompts / UI] Fix Traces view in Prompts tab not being scrollable (#21282, @​TomeHirata)
• [UI] Fix judge builder instruction textarea (#21299, @​daniellok-db)
• [UI] Fix group mode to aggregate "Additional runs" as "Unassigned" group in charts (#21155, @​copilot-swe-agent)
• [UI] Fix artifact download when workspaces are enabled (#21074, @​timsolovev)
• [Tracing] Fix NOT NULL constraint on assessments.trace_id during trace export (#21348, @​dbczumar)
• [Tracking] Fix 403 Forbidden for artifact list via query param when default_permission=NO_PERMISSIONS (#21220, @​copilot-swe-agent)
• [UI] [ML-63097] Fix broken LLM judge documentation links (#21347, @​smoorjani)
• [Tracing] Fix Run Judge failed with litellm.InternalServerError: Invalid response object. (#21262, @​PattaraS)
• [Tracing / UI] Update Action menu: indentation to avoid confusion (#21266, @​PattaraS)
• [Model Registry] Fix MlflowClient.copy_model_version for the case that copy UC model across workspaces (#21212, @​WeichenXu123)

... (truncated)

Changelog

Sourced from mlflow's changelog.

CHANGELOG

3.11.1 (2026-04-07)

MLflow 3.11.1 includes several major features and improvements.

Major New Features:

• 🔍 Automatic Issue Identification: Automatically identify quality issues in your agent with AI! Use the new "Detect Issues" button in the traces table to analyze selected traces and surface potential problems across categories like correctness, safety, and performance. Issues are linked directly to traces for easy investigation and debugging. Docs (#21431, #21204, #21165, #21163, #21161, @​smoorjani, @​serena-ruan)
• 💰 Gateway Budget Alerts...

  Description has been truncated