From b56d2ead6b974aae9f05dd8bcba2c1c4be688b93 Mon Sep 17 00:00:00 2001
From: Brett Christensen <brett.christensen@rea-group.com>
Date: Mon, 15 Dec 2025 19:57:09 +1100
Subject: [PATCH] chore(deps): update langgraph-checkpoint to 3.0.1 to fix
 CVE-2025-64439 (python 3.10+ only)

---
 pyproject.toml   | 24 +++++++++++++++---------
 requirements.txt | 11 +++++++----
 2 files changed, 22 insertions(+), 13 deletions(-)

diff --git a/pyproject.toml b/pyproject.toml
index a381a1c4..4de0b606 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -9,14 +9,16 @@ authors = [
     {name = "Google LLC", email = "googleapis-packages@google.com"}
 ]
 dependencies = [
-    "google-cloud-alloydb-connector[asyncpg]>=1.2.0, <2.0.0",
+    "google-cloud-alloydb-connector[asyncpg]>=1.0.0, <2.0.0; python_version >= '3.10'",
+    "google-cloud-alloydb-connector[asyncpg]>=1.0.0, <1.11.0; python_version == '3.9'",
     "google-cloud-storage>=2.18.2, <4.0.0",
     "numpy>=1.24.4, <3.0.0; python_version >= '3.11'",
     "numpy>=1.24.4, <=2.2.6; python_version == '3.10'",
-    "numpy>=1.24.4, <=2.0.2; python_version <= '3.9'",
+    "numpy>=1.24.4, <=2.0.2; python_version == '3.9'",
     "langchain-postgres>=0.0.16",
-    "langgraph-checkpoint>=2.0.9, <3.0.0",
-    "aiohttp>=3.12.15, <4.0.0",
+    "langgraph-checkpoint>=2.1.2, <3.0.0; python_version == '3.9'",
+    "langgraph-checkpoint>=3.0.1, <4.0.0; python_version >= '3.10'",
+    "aiohttp>=3.13.2, <4.0.0",
 ]
 
 classifiers = [
@@ -41,21 +43,25 @@ Changelog = "https://github.com/googleapis/langchain-google-alloydb-pg-python/bl
 
 [project.optional-dependencies]
 langgraph = [
-    "langgraph-checkpoint>=2.0.9, <3.0.0"
+    "langgraph-checkpoint>=2.1.2, <3.0.0; python_version == '3.9'",
+    "langgraph-checkpoint>=3.0.1, <4.0.0; python_version >= '3.10'"
 ]
 test = [
     "black[jupyter]==25.9.0",
     "isort==6.1.0; python_version == '3.9'",
     "isort==7.0.0; python_version >= '3.10'",
-    "langgraph==0.6.10",
-    "mypy==1.18.2",
-    "pytest-asyncio==0.26.0",
+    "langgraph==0.6.11; python_version == '3.9'",
+    "langgraph==1.0.5; python_version >= '3.10'",
+    "mypy==1.19.1",
+    "pytest-asyncio==0.23.3; python_version == '3.9'",
+    "pytest-asyncio==1.3.0; python_version >= '3.10'",
     "pytest==8.4.2",
     "pytest-cov==7.0.0",
     "pytest-depends==1.0.1",
     "Pillow==11.3.0; python_version == '3.9'",
     "Pillow==12.0.0; python_version >= '3.10'",
-    "langchain-tests==0.3.22"
+    "langchain-tests==0.3.22; python_version == '3.9'",
+    "langchain-tests==1.1.0; python_version >= '3.10'"
 ]
 
 
diff --git a/requirements.txt b/requirements.txt
index 00c722d3..b5edf137 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,7 +1,10 @@
-google-cloud-alloydb-connector[asyncpg]==1.9.1
-google-cloud-storage==3.4.1
+google-cloud-alloydb-connector[asyncpg]>=1.0.0,<1.11.0; python_version == "3.9"
+google-cloud-alloydb-connector[asyncpg]>=1.11.0,<2.0.0; python_version >= "3.10"
+google-cloud-storage>=2.18.2,<4.0.0
 numpy==2.3.4; python_version >= "3.11"
 numpy==2.2.6; python_version == "3.10"
 numpy==2.0.2; python_version <= "3.9"
-langgraph==0.6.10
-langchain-postgres==0.0.16
+langchain-postgres>=0.0.16
+langgraph-checkpoint>=2.1.2,<3.0.0; python_version == "3.9"
+langgraph-checkpoint>=3.0.1,<4.0.0; python_version >= "3.10"
+aiohttp>=3.13.2,<4.0.0