Bump org.springframework.ai:spring-ai-advisors-vector-store from 1.0.0 to 1.0.7 in /blogs/spring-ai-gcp/google

[dependabot]

Bumps org.springframework.ai:spring-ai-advisors-vector-store from 1.0.0 to 1.0.7.

Release notes

Sourced from org.springframework.ai:spring-ai-advisors-vector-store's releases.

Spring AI 1.0.7 - Bug Fixes

Spring AI 1.0.7 Release Notes

🎯 Highlights

This release includes 5 bug fixes, 6 other improvements.

⏪ Breaking Changes

• Chat memory advisors now require an explicit conversation ID to be supplied. Previously, a default or implicit ID may have been used, which could cause incorrect memory scoping across conversations. Callers must now provide a conversation ID explicitly. be48f06

⚠️ Upgrading Notes

• If you are using PromptChatMemoryAdvisor, migrate to the replacement advisor. All chat memory advisors now require an explicit conversationId to be provided — update your code to pass a conversation ID when creating or invoking chat memory advisors. be48f06

🪲 Bug Fixes

• Corrected string escaping in the Milvus vector store's doDelete method when handling ID lists, preventing potential query errors during deletion operations. 864ef81
• Resolved a misconfiguration of the ObjectMapper in the MCP server, ensuring proper JSON serialization and deserialization behavior. 436c765
• Corrected auto-configuration issues affecting MCP server and Spring WebMvc server setup. A prior incorrect fix was reverted and replaced with the proper resolution. 4b21612
• Updated integration tests for ChatClientAdvisor to supply an explicit conversation ID, aligning with the new requirement for explicit IDs in chat memory advisors. a5fb397
• Resolved a test failure in the Anthropic chat client integration test for method-invoking function callbacks. daa1b68

🔨 Dependency Upgrades

• Updated the Model Context Protocol (MCP) SDK by a significant version jump (0.10.0 → 0.18.2), incorporating many upstream improvements, new capabilities, and compatibility updates. #5958

🔩 Build Updates

• The project build now uses JDK 17.0.19, ensuring alignment with the latest LTS patch release for improved security and stability in the build environment. 1badb6f
• Spring AI starter modules have been relocated to a dedicated starters/ directory, improving the project's directory structure and organization. 36df6b9
• Project version advanced to 1.0.7-SNAPSHOT to begin the next development cycle following the 1.0.6 release. 82848f2

🙏 Contributors

Thanks to all contributors who made this release possible:

• Christian Tzolov (@​tzolov)
• Ilayaperumal Gopinathan (@​ilayaperumalg)
• Soby Chacko (@​sobychacko)
• Sébastien Deleuze (@​sdeleuze)

Spring AI 1.0.6 - Bug fixes

Spring AI 1.0.6 Release Notes

🎯 Highlights

This release focuses on stability and security improvements. Key fixes include securing the transformer model cache directory, preventing a potential DoS vulnerability via malformed PDF files, and correcting conversation memory and vector store filter handling. Dependencies are upgraded to Spring Boot 3.5.14.

🪲 Bug Fixes

• The default cache directory for transformer models is now secured with appropriate permissions to prevent unauthorized access to downloaded model files. 4881e0c
• The CosmosDB vector store's delete method now uses parameterized queries, fixing a potential issue with query construction and improving safety. b32096e
• Fixed a vulnerability where a specially crafted malformed PDF could cause excessive memory allocation, improving resilience against malicious or corrupted documents. 6a12b6f
• Properly handles the conversationId filter in VectorStoreChatMemoryAdvisor, ensuring chat memory retrieval is correctly scoped to the intended conversation. 1e8135a
• Corrects key handling in the vector store filter expression converter, ensuring filter expressions are properly translated across vector store implementations. eb763fd

... (truncated)

Commits

• 1086c3d Release version 1.0.7
• 864ef81 Fix MilvusVectorStore doDelete idList string esacping
• a5fb397 Fix ChatClientAdvisorTests to supply explicit conversation ID
• be48f06 Deprecate PromptChatMemoryAdvisor
• e1402de Require explicit conversation ID in chat memory advisors
• 436c765 Fix MCP server ObjectMapper configuration
• 23b482c Revert "Fix MCP server/WebMvc server autoconfigurations"
• 4b21612 Fix MCP server/WebMvc server autoconfigurations
• daa1b68 Fix AnthropicChatClientMethodInvokingFunctionCallbackIT
• 18c989a Upgrade MCP SDK from 0.10.0 to 0.18.2 (#5958)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.