github/langchain
1
0
Fork 0
mirror of https://github.com/hwchase17/langchain.git synced 2026-06-09 10:17:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,692 Commits 1,164 Branches 1,270 Tags
22f78afb0a57a6793f263644d3ccb91a13dbc9ad
Commit Graph

8 Commits

Author SHA1 Message Date
Mason Daugherty
555bdfbade chore: add comment explaining pygments>=2.20.0 (#36570) 2026-04-06 15:07:07 -04:00
John Kennedy
0f4f3f74c8 chore: pygments>=2.20.0 across all packages (CVE-2026-4539) (#36385) 
## Summary

Bumps `pygments` to `>=2.20.0` across all 21 affected packages to
address [CVE-2026-4539](https://github.com/advisories/GHSA-XXXX) — ReDoS
via inefficient GUID regex in Pygments.

- **Severity:** Low
- **Fixed in:** 2.20.0 (was 2.19.2)
- **Change:** Added `pygments>=2.20.0` to `constraint-dependencies` in
`[tool.uv]` for each package, then ran `uv lock --upgrade-package
pygments` to regenerate lock files.

Closes Dependabot alerts #3435–#3455.

## Release Note
Patch deps

### Test Plan
 - [x] CI Green 🙏

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-30 23:26:59 -04:00
Mason Daugherty
342d8bdef2 release(openrouter): 0.2.1 (#36348) 2026-03-29 20:50:14 -04:00
Mason Daugherty
90d015c841 release(openrouter): 0.2.0 (#36227) 2026-03-25 11:02:26 -04:00
Mason Daugherty
1778b082ec chore(partners): bump langchain-core min to 1.2.21 (#36183) 
Bump the minimum `langchain-core` dependency to `>=1.2.21` across all 14
partner packages in the monorepo. Aligns partner lower bounds with the
latest core release so consumers pick up recent fixes (notably the
`ModelProfile` schema drift fix from core 1.2.21).
 2026-03-23 19:39:35 -04:00
Mason Daugherty
23f3f59081 release(openrouter): 0.1.0 (#35560) 2026-03-04 15:37:38 -05:00
Mason Daugherty
04ec7ff8ff chore(openrouter): bump core ver, silence warning (#35231) 2026-02-15 02:42:36 -05:00
Mason Daugherty
f9fd7be695 feat(openrouter): add langchain-openrouter provider package (#35211) 
Add a first-party `langchain-openrouter` partner package
(`ChatOpenRouter`) that wraps the official `openrouter` Python SDK,
providing native support for OpenRouter-specific features that
`ChatOpenAI` intentionally does not handle.

Also adds scope-clarifying docstrings to `ChatOpenAI` / `BaseChatOpenAI`
warning users away from using `base_url` overrides with third-party
providers.

---

Closes #31325
Closes #32967
Closes #32977
Closes #32981
Closes #33643
Closes #33757
Closes #34056
Closes #34797
Closes #34962

Supersedes #33902, #34867 (thank you @elonfeng and @okamototk for your
initial work on this!)

---

Bugs with upstream sdk:
- https://github.com/OpenRouterTeam/python-sdk/issues/38
- https://github.com/OpenRouterTeam/python-sdk/issues/51
- https://github.com/OpenRouterTeam/python-sdk/issues/52
 2026-02-15 02:09:13 -05:00