chore(deps): bump pinecone from 5.4.2 to 9.1.0

[dependabot]

Bumps pinecone from 5.4.2 to 9.1.0.

Release notes

Sourced from pinecone's releases.

9.1.0

Release v9.1.0

v9.1.0 is the retry-resilience release. It overhauls how the SDK behaves under throttling: decorrelated jitter on every transport, plus automatic per-host concurrency back-off that shrinks in-flight bulk requests during a 429 storm and recovers as pressure eases. A new RateLimitError lets callers catch throttling distinctly, and a dedicated retries guide documents the full model. Secondary changes round out GrpcIndex parity with the REST clients and restore the v8 search(query={...}) request shape.

---

Highlights

• Decorrelated jitter on every transport. REST (sync and async) and gRPC now use AWS-style decorrelated jitter for retry backoff, so many clients throttled at the same moment no longer retry in lockstep.
• Automatic concurrency back-off under throttling. Bulk operations self-tune downward when the backend rate-limits a host and recover as throttling subsides — an AIMD control loop, per host, with no new knobs to configure.
• Bounded multi-namespace fan-out. AsyncIndex.query_namespaces no longer fires one unbounded request per namespace — a common cause of self-inflicted 429 storms. It's now capped at 10 in-flight.
• RateLimitError for HTTP 429. Rate-limit responses raise a dedicated pinecone.errors.RateLimitError, so you can catch throttling distinctly from other server errors.
• New retries guide at docs/guides/retries.md — defaults, jitter math, the adaptive-concurrency ceiling, and the limits of in-process retries under multi-process / serverless deployment.
• GrpcIndex parity with the REST clients. query_namespaces, query_namespaces_async, fetch_by_metadata, and the full bulk-import API now exist on GrpcIndex, so switching to grpc=True for throughput no longer loses functionality.
• Community contribution — search(query={...}) syntax from v8 has been restored. Thanks to @​pragnyanramtha, the single-argument request-body form that v9.0.x rejected works again on Index, AsyncIndex, and GrpcIndex.

---

Retry & resilience

Decorrelated jitter

REST and gRPC retries now use decorrelated jitter — each delay is drawn from a window that grows with the previous delay, capped at max_wait. This replaces the previous fixed full-jitter backoff and spreads retries from many clients across time instead of bunching them at the same instant. See the retries guide for the exact formula and defaults.

Automatic concurrency back-off

Bulk operations now self-tune their concurrency under throttling. When the backend rate-limits a host (HTTP 429/503, or gRPC RESOURCE_EXHAUSTED), the SDK reduces the number of in-flight requests it allows to that host, then recovers after a streak of successes — the same AIMD (additive-increase / multiplicative-decrease) approach used by TCP congestion control. It's per host, automatic, and requires no configuration; max_concurrency remains the ceiling the SDK tunes beneath.

RateLimitError

HTTP 429 responses now raise RateLimitError, a subclass of ApiError, so throttling can be caught distinctly from other server errors:

from pinecone.errors import RateLimitError
try:
pc.indexes.describe("my-index")
except RateLimitError:
# back off and retry, or surface to your orchestrator
...

Exported from pinecone.errors and the top-level pinecone namespace; a RateLimitException alias matches the existing exception-naming pattern.

Observability

The retry and concurrency layers emit namespaced log records with consistent key=value fields, so you can diagnose throttling from logs without adding instrumentation:

• pinecone._internal.http_client — DEBUG on each throttled retry attempt (status, host, attempt N/total, computed delay).

... (truncated)

Commits

• bb1304e release: 9.1.0
• 620933a chore(deps): bump idna from 3.11 to 3.15 in the uv group across 1 directory (...
• b0f1887 docs(retries): stop surfacing Retry-After / grpc-retry-pushback-ms
• 559ce7e revert(backcompat): drop DeprecationWarning on search(query=...)
• 366bb10 test(integration): add opt-in retry smoke test for quota-limited upserts
• 56d0e16 test(retry): add Hypothesis fuzz tests for Retry-After parsing; fix parser bugs
• 9fe9f9d fix(adaptive): bound _AdaptiveLimiterRegistry with LRU eviction at 256 entries
• 41ea434 feat(observability): log throttle events and AIMD transitions at INFO/DEBUG
• 17431f7 test(retry): add bulk-path regression tests under quota-starved backend (DX-0...
• 27d34cd test(retry): add gRPC storm simulation test and enable cross-transport parity...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)