github/langchain
1
0
Fork 0
mirror of https://github.com/hwchase17/langchain.git synced 2025-07-10 15:06:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
13,684 Commits 915 Branches 922 Tags 4.7 GiB
8aed3b61a9
Commit Graph

13684 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Christophe Bornet
8aed3b61a9
core: Bump ruff version to 0.12 (#31846) 2025-07-07 10:02:51 -04:00
Michael Li
73552883c3
cli: fix dockerfile incorrect copy (#31883) 2025-07-06 21:20:57 -04:00
m27315
013ce2c47f
huggingface: fix HuggingFaceEndpoint._astream() got multiple values for argument 'stop' (#31385) 2025-07-06 15:18:53 +00:00
CuberMessenegr
e934788ca2
docs: Fix uppercase typo in the Similarity search section (#31886) 2025-07-06 10:24:13 -04:00
Christophe Bornet
bf05229029
langchain: Add ruff rule W (#31876) 
All auto-fixes
See https://docs.astral.sh/ruff/rules/#warning-w

Co-authored-by: Chester Curme <chester.curme@gmail.com>
 2025-07-05 21:57:30 +00:00
ccurme
3f4b355eef
anthropic[patch]: pass back in citations in multi-turn conversations (#31882) 
Also adds VCR cassettes for some heavy tests.
 2025-07-05 17:33:22 -04:00
Christophe Bornet
46fe09f013
cli: Bump ruff version to 0.12 (#31864) 2025-07-05 17:15:24 -04:00
Christophe Bornet
df5cc024fd
langchain: Bump ruff version to 0.12 (#31867) 2025-07-05 17:13:55 -04:00
Christophe Bornet
a15c3e0856
text-splitters: Bump ruff version to 0.12 (#31866) 2025-07-05 17:13:08 -04:00
Christophe Bornet
e1eb3f8d6f
standard-tests: Bump ruff version to 0.12 (#31865) 2025-07-05 17:12:00 -04:00
NeatGuyCoding
64815445e4
langchain[patch]: fix a bug where now.replace(day=now.day - 1) would raise a ValueError when now.day is equal to 1 (#31878) 2025-07-05 14:54:26 -04:00
Viet Hoang
15dc684d34
docs: Integration with GreenNode Serverless AI (#31836) 2025-07-05 13:48:35 -04:00
Nithish Raghunandanan
8bdb1de006
[docs] Update couchbase provider, vector store & features list (#31719) 2025-07-05 13:34:48 -04:00
Mohammad Mohtashim
b26d2250ba
core[patch]: Int Combine when Merging Dicts (#31572) 
- **Description:** Combining the Int Types by adding them which makes
the most sense.
- **Issue:**  #31565
 2025-07-04 14:44:16 -04:00
Mason Daugherty
6a5073b227
langchain[patch]: Add bandit rules (#31818) 
Integrate Bandit for security analysis, suppress warnings for specific issues, and address potential vulnerabilities such as hardcoded passwords and SQL injection risks. Adjust documentation and formatting for clarity.
 2025-07-03 14:20:33 -04:00
ccurme
df06041eb2
docs: Anthropic search_result nits (#31855) 2025-07-03 14:12:10 -04:00
ccurme
ade642b7c5
Revert "infra: temporarily skip tests" (#31854) 
Reverts langchain-ai/langchain#31853
 2025-07-03 13:55:29 -04:00
ccurme
c9f45dc323
infra: temporarily skip tests (#31853) 
Tests failed twice with different timeout errors.
 2025-07-03 13:39:14 -04:00
ccurme
f88fff0b8a
anthropic: release 0.3.17 (#31852) 2025-07-03 13:18:43 -04:00
ccurme
7cb9388c33
Revert "infra: drop anthropic from core test matrix" (#31851) 
Reverts langchain-ai/langchain#31850
 2025-07-03 17:14:26 +00:00
ccurme
21664985c7
infra: drop anthropic from core test matrix (#31850) 
Overloaded errors blocking release. Will revert after.
 2025-07-03 12:52:25 -04:00
ccurme
b140d16696
docs: update ChatAnthropic guide (#31849) 2025-07-03 12:51:11 -04:00
ccurme
2090f85789
core: release 0.3.68 (#31848) 
Also add `search_result` to recognized tool message block types.
 2025-07-03 12:36:25 -04:00
Mason Daugherty
572020c4d8
ollama: add validate_model_on_init, catch more errors (#31784) 
* Ensure access to local model during `ChatOllama` instantiation
(#27720). This adds a new param `validate_model_on_init` (default:
`true`)
* Catch a few more errors from the Ollama client to assist users
 2025-07-03 11:07:11 -04:00
Mason Daugherty
1a3a8db3c9
docs: anthropic formatting cleanup (#31847) 
inline URLs, capitalization, code blocks
 2025-07-03 14:50:23 +00:00
Christophe Bornet
ee3709535d
text-splitters: bump spacy version to 3.8.7 (#31834) 
This allows to use spacy with Python 3.13
 2025-07-03 10:13:25 -04:00
Christophe Bornet
b8e9b4adfc
cli: Add ruff rule UP (pyupgrade) (#31843) 
See https://docs.astral.sh/ruff/rules/#pyupgrade-up
All auto-fixed

Co-authored-by: Eugene Yurtsev <eyurtsev@gmail.com>
 2025-07-03 14:12:46 +00:00
Christophe Bornet
cd7dce687a
standard-tests: Add ruff rule UP (pyupgrade) (#31842) 
See https://docs.astral.sh/ruff/rules/#pyupgrade-up
All auto-fixed
 2025-07-03 10:12:31 -04:00
Christophe Bornet
802d2bf249
text-splitters: Add ruff rule UP (pyupgrade) (#31841) 
See https://docs.astral.sh/ruff/rules/#pyupgrade-up
All auto-fixed except `typing.AbstractSet` -> `collections.abc.Set`
 2025-07-03 10:11:35 -04:00
Mason Daugherty
911b0b69ea
groq: Add service tier option to ChatGroq (#31801) 
- Allows users to select a [flex
processing](https://console.groq.com/docs/flex-processing) service tier
 2025-07-03 10:11:18 -04:00
Eugene Yurtsev
10ec5c8f02
text-splitters: 0.3.9 (#31844) 
Release langchain-text-splitters 0.3.9
 2025-07-03 10:02:35 -04:00
Eugene Yurtsev
6dca787a9d
ci: set explicit workflow permissions (#31830) 
* Set explicit workflow permissions
* Should be a no-op since we're using restricted GITHUB_TOKENs by
default
 2025-07-03 10:02:18 -04:00
Christophe Bornet
46745f91b5
core: Use parametric tests in test_openai_tools (#31839) 2025-07-03 08:43:46 -04:00
Eugene Yurtsev
181c22c512
update CODEOWNERS (#31831) 
Update CODEOWNERS
 2025-07-02 17:31:49 -04:00
Cole Murray
43eef43550
security: Remove xslt_path and harden XML parsers in HTMLSectionSplitter: package: langchain-text-splitters (#31819) 
## Summary
- Removes the `xslt_path` parameter from HTMLSectionSplitter to
eliminate XXE attack vector
- Hardens XML/HTML parsers with secure configurations to prevent XXE
attacks
- Adds comprehensive security tests to ensure the vulnerability is fixed

  ## Context
This PR addresses a critical XXE vulnerability discovered in the
HTMLSectionSplitter component. The vulnerability allowed attackers to:
- Read sensitive local files (SSH keys, passwords, configuration files)
  - Perform Server-Side Request Forgery (SSRF) attacks
  - Exfiltrate data to attacker-controlled servers

  ## Changes Made
1. **Removed `xslt_path` parameter** - This eliminates the primary
attack vector where users could supply malicious XSLT files
2. **Hardened XML parsers** - Added security configurations to prevent
XXE attacks even with the default XSLT:
     - `no_network=True` - Blocks network access
- `resolve_entities=False` - Prevents entity expansion -
`load_dtd=False` - Disables DTD processing -
`XSLTAccessControl.DENY_ALL` - Blocks all file/network I/O in XSLT
transformations

3. **Added security tests** - New test file `test_html_security.py` with
comprehensive tests for various XXE attack vectors
4. **Updated existing tests** - Modified tests that were using the
removed `xslt_path` parameter

  ## Test Plan
  - [x] All existing tests pass
  - [x] New security tests verify XXE attacks are blocked
  - [x] Code passes linting and formatting checks
  - [x] Tested with both old and new versions of lxml


Twitter handle: @_colemurray
 2025-07-02 15:24:08 -04:00
Mason Daugherty
815d11ed6a
docs: Add PR info doc (#31833) 2025-07-02 19:20:27 +00:00
Eugene Yurtsev
73fefe0295
core[path]: Use context manager for FileCallbackHandler (#31813) 
Recommend using context manager for FileCallbackHandler to avoid opening
too many file descriptors

---------

Co-authored-by: Mason Daugherty <github@mdrxy.com>
 2025-07-02 13:31:58 -04:00
ojumah20
377e5f5204
docs: Update agents.ipynb (#31820) 2025-07-02 10:42:28 -04:00
Mason Daugherty
eb12294583
langchain-xai[patch]: Add ruff bandit rules to linter (#31816) 
- Add ruff bandit rules
- Some formatting
 2025-07-01 18:59:06 +00:00
Mason Daugherty
86a698d1b6
langchain-qdrant[patch]: Add ruff bandit rules to linter (#31815) 
- Add ruff bandit rules
- Address a few s101s
- Some formatting
 2025-07-01 18:42:55 +00:00
Mason Daugherty
b03e326231
langchain-prompty[patch]: Add ruff bandit rules to linter (#31814) 
- Add ruff bandit rules
- Address some s101 assertion warnings
- Address s506 by using `yaml.safe_load()`
 2025-07-01 18:32:02 +00:00
Mason Daugherty
3190c4132f
langchain-perplexity[patch]: Add ruff bandit rules to linter (#31812) 
- Add ruff bandit rules
 2025-07-01 18:17:28 +00:00
Mason Daugherty
f30fe07620
update pyproject.toml flake8 comment (#31810) 2025-07-01 18:16:38 +00:00
Mason Daugherty
d0dce5315f
langchain-ollama[patch]: Add ruff bandit rules to linter (#31811) 
- Add ruff bandit rules
 2025-07-01 18:16:07 +00:00
Mason Daugherty
c9e1ce2966
groq: release 0.3.5 (#31809) 2025-07-01 13:21:23 -04:00
Mason Daugherty
404d8408f4
langchain-nomic[patch]: Add ruff bandit rules to linter (#31805) 
- Add ruff bandit rules
- Some formatting
 2025-07-01 11:39:11 -04:00
Mason Daugherty
0279af60b5
langchain-mistralai[patch]: Add ruff bandit rules to linter, formatting (#31803) 
- Add ruff bandit rules
- Address a s101 error
- Formatting
 2025-07-01 11:08:01 -04:00
Mason Daugherty
425ee52581
langchain-huggingface[patch]: Add ruff bandit rules to linter (#31798) 
- Add ruff bandit rules
 2025-07-01 11:07:52 -04:00
Mason Daugherty
0efaa483e4
langchain-groq[patch]: Add ruff bandit rules to linter (#31797) 
- Add ruff bandit rules
- Address s105 errors
 2025-07-01 11:07:42 -04:00
Mason Daugherty
479b6fd7c5
langchain-fireworks[patch]: Add ruff bandit rules to linter (#31796) 
- Add ruff bandit rules
- Address a s113 error
 2025-07-01 11:07:26 -04:00