Bump mlflow from 3.11.1 to 3.12.0 by dependabot[bot] · Pull Request #64 · VectorInstitute/inspect-mlflow

dependabot · 2026-05-05T18:48:45Z

Bumps mlflow from 3.11.1 to 3.12.0.

Release notes

v3.12.0rc0

We're excited to announce MLflow 3.12.0rc0, which brings powerful new capabilities for agent developers:

Major New Features:

Automatic Tracing for more AI Coding Assistants: First-class tracing for Claude Code, Codex, Qwen Code, and Gemini CLI, now distributed as standalone TypeScript-based plugins installable as CLI binaries. Drop one into your CLI of choice and capture every prompt, tool call, and turn out-of-the-box. (#22338, #22410, #22411, #22409, #22853, @B-Step62, @kriscon-db)

OpenClaw Tracing Plugin: New TypeScript-based tracing plugin for OpenClaw. Install via npm and get full automatic tracing of OpenClaw sessions, no SDK changes required. Captures every prompt, tool call, and response across the session, allowing you to inspect agent behavior directly in the MLflow UI. (#22717)

AI Gateway Guardrails: Add safety checks to any agent endpoint with the new Guardrail base class and JudgeGuardrail implementation. Configure pre-LLM and post-LLM guardrails directly from the Gateway endpoint editor, with full DB persistence, REST API, and gateway-level execution. Protect production agents from unsafe inputs and outputs without writing wrapper code. Tracing spans for guardrail execution are included. (#21964, #21960, #21962, #22306, #22360, #22577, #22581, #22767, @TomeHirata)

Multimodal Trace Attachments: Trace agents that handle images, audio, and files, and view them directly in the MLflow UI. Click-to-expand image modals, inline rendering in span Details and Timeline views, audio playback, multi-part chat normalization for Gemini and OpenAI Responses API, and size guards for large media so the UI stays responsive. (#22465, #22461, #22451, #22462, #22466, #22460, #22449, #22450, #22574, #22575, #21783, @kriscon-db)

mlflow.diffusers Flavor: New first-class flavor for diffusion models. Save and serve LoRA adapters for image-generation pipelines with the same mlflow.<flavor>.log_model ergonomics as PyTorch or Transformers. (#22253, @Rasaboun)

Stay tuned for the full release, which will include even more features and bug fixes.

To try out this release candidate, please run:

`pip install mlflow==3.12.0rc0`

Changelog

Sourced from mlflow's changelog.

3.12.0 (2026-05-04)

MLflow 3.12.0 includes several major features and improvements

Major New Features

🖼️ Multimodal Tracing: Users can now store multimodal content in tracing spans as artifact attachments instead of inline binary data. We've also patched the UI to support the new mlflow-attachment:// style URI, with rich rendering available for PDFs, audio, and images.

🤖 Codex, Gemini, Qwen coding agent tracing support: Similar to our Claude Code tracing integration, we've now added support for the Codex, Gemini, and Qwen coding agent platforms as well!

🛡️ Gateway guardrails: You can now set guardrails on your gateway endpoints to prevent unsafe or non-compliant model inputs and outputs. Try it out in the MLflow UI!

⚡ Trace table pagination: The traces tab is now paginated, rather than fetching all traces up to a limit of 1000. This improves initial load time, and makes the page feel more responsive overall.

Breaking Changes

[Scoring] Deprecate enable_mlserver in pyfunc serving backend (#22994, @B-Step62)

Other Assorted Features & Improvements:

[UI] Add coding agents section to AI Gateway quick start (#23006, @TomeHirata)

[Tracing] feat: record caller in gateway traces from request headers (#22926, @TomeHirata)

[] Run guardrails on passthrough endpoints; skip response_format for non-chat payloads (#22856, @TomeHirata)

[] Gateway: preserve client auth header for subscription-based CLI tools (claude-cli, Codex-Desktop, GeminiCLI) (#22915, @TomeHirata)

[Tracing] Expose Codex and Qwen Code hooks as installable CLI binaries (#22853, @kriscon-db)

[Tracking / UI] Add Portkey as a supported AI Gateway provider (#22830, @sairavuri-sudo)

[Tracking] Cache successful basic-auth credential checks to eliminate per-request PBKDF2 (#22817, @PattaraS)

[] Add last_updated_at field to model catalog entries (#22838, @copilot-swe-agent)

[Evaluation] Enable third-party scorer registration in OSS MLflow (#22634, @smoorjani)

[] Add platform-side telemetry fields to Gateway invocation and budget events (#22557, @PattaraS)

[Tracing] Auto-start SQL warehouse before V4/V5 MLflow tracing calls (#22798, @artjen)

[Tracing] Migrate Claude Code tracing to TypeScript-based plugin for simpler installation and runtime handling. (#22338, @B-Step62)

[Tracing] Add TypeScript Qwen Code tracing via Stop hook (#22411, @kriscon-db)

[] Support model_kwargs in DeepEval scorers for LLM parameter control (#22494, @debu-sinha)

[] Add Application Default Credentials auth mode for Vertex AI gateway (#22754, @harupy)

[UI] Reorganize Settings into section-based routing with sub-sidebar navigation (#22743, @serena-ruan)

[Tracing] Add TypeScript Codex CLI tracing via notify hook (#22410, @kriscon-db)

[Tracing / UI] Add Share button to trace detail view (#22608, @alkispoly-db)

[Docs / Models] Add mlflow.diffusers flavor for diffusion model LoRA adapters (#22253, @Rasaboun)

[Tracing] Add size limit for trace attachments (#22575, @kriscon-db)

[Tracing] Add GeminiCliTranslator for Gemini CLI OTLP span type mapping (#22409, @kriscon-db)

[Tracing] Add JSON OTLP encoding support for trace ingestion (#22408, @kriscon-db)

[Tracing] Extract service.name from OTLP resource attributes for usage telemetry (#22407, @kriscon-db)

[Tracing] Add MLflow tracing spans to guardrail execution in gateway (#22581, @TomeHirata)

[Tracing / UI] Add rendering size guards for large media content (#22574, @kriscon-db)

[Tracking] #21037 Add presigned upload URL endpoint for S3 artifact uploads (#21039, @henishborad)

[UI] Add Guardrails tab to endpoint editor (#22360, @TomeHirata)

[UI] Add click-to-expand modal for trace attachment images (#22461, @kriscon-db)

[UI] Enhance Gateway quick start cards with logos, multi-model options, and compact variant (#22513, @xq-yin)

[Tracing] Add @mlflow/vercel for better Vercel AI SDK tracing in Databricks UC (#22105, @dbrx-euirim)

[UI] [UI] Refactor API keys page: bulk delete, inline drawer editing, consistent list pattern (#22485, @xq-yin)

[] Add Guardrail base class and JudgeGuardrail implementation (#21964, @TomeHirata)

[Tracing] Add multimodal demo traces with synthetic image and audio data (#22465, @kriscon-db)

... (truncated)

Commits

75b30ca Bump version to 3.12.0 (#23065)
263031c Redact presigned URL credentials in urllib3 retry logs (#22995)
725bcda Add coding agents section to AI Gateway quick start (#23006)
7eebae8 Deprecate enable_mlserver in pyfunc serving backend (#22994)
8464081 Restore expandable max height of params/metrics boxes on run details page (#2...
2640035 Fix assessment logging silently dropped in distributed tracing (#22963)
f3fed29 [UI] Restore visible label on trace assessments pane toggle (#22978)
e57e2d2 Add hint and benchmark for issue detection cost (#22919)
390a57e Filter _list_budget_windows results by active workspace when request is wor...
cdbba9a Track telemetry event when user sends a message in the Assistant chat panel (...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [mlflow](https://github.com/mlflow/mlflow) from 3.11.1 to 3.12.0. - [Release notes](https://github.com/mlflow/mlflow/releases) - [Changelog](https://github.com/mlflow/mlflow/blob/master/CHANGELOG.md) - [Commits](mlflow/mlflow@v3.11.1...v3.12.0) --- updated-dependencies: - dependency-name: mlflow dependency-version: 3.12.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels May 5, 2026

amrit110 force-pushed the dependabot/uv/mlflow-3.12.0 branch from d0cda4d to b29be65 Compare May 6, 2026 00:52

amrit110 merged commit 0d70425 into main May 6, 2026
1 check passed

amrit110 deleted the dependabot/uv/mlflow-3.12.0 branch May 6, 2026 00:53

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump mlflow from 3.11.1 to 3.12.0#64

Bump mlflow from 3.11.1 to 3.12.0#64
amrit110 merged 1 commit intomainfrom
dependabot/uv/mlflow-3.12.0

dependabot Bot commented on behalf of github May 5, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github May 5, 2026

v3.12.0rc0

3.12.0 (2026-05-04)

Major New Features

Breaking Changes

Other Assorted Features & Improvements:

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant