langchain-model-profile-bot[bot]
527fc02980
chore(model-profiles): refresh model profile data ( #35681 )
...
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.
🤖 Generated by the `refresh_model_profiles` workflow.
Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com >
2026-03-09 10:00:36 -04:00
Mohammad Mohtashim
3af0bc0141
fix(openai): update responses API model detection for pro and codex models ( #35594 )
2026-03-09 09:20:20 -04:00
langchain-model-profile-bot[bot]
e015fb2267
chore(model-profiles): refresh model profile data ( #35646 )
...
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.
🤖 Generated by the `refresh_model_profiles` workflow.
Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com >
2026-03-08 15:24:29 -04:00
ccurme
f11a105023
fix(anthropic): move _make_message_chunk_from_anthropic_event to instance method ( #35670 )
2026-03-08 14:52:07 -04:00
ccurme
fbfe4b812d
feat(openai): support tool search ( #35582 )
2026-03-08 08:53:13 -04:00
dependabot[bot]
29134dc82d
chore: bump langgraph from 1.0.8 to 1.0.10rc1 in /libs/partners/openai ( #35612 )
...
Bumps [langgraph](https://github.com/langchain-ai/langgraph ) from 1.0.8
to 1.0.10rc1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langgraph/releases ">langgraph's
releases</a>.</em></p>
<blockquote>
<h2>langgraph==1.0.10rc1</h2>
<p>Changes since 1.0.9</p>
<ul>
<li>release: Candidate (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6947 ">#6947</a>)</li>
<li>Merge commit from fork</li>
<li>chore: add tests to confirm expected subgraph persistence behavior
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6943 ">#6943</a>)</li>
<li>fix(langgraph): correct ParentCommand bubbling when checkpoint_ns
includes numeric task segments (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6864 ">#6864</a>)</li>
<li>chore: add <code>make type</code> target for type checking (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6748 ">#6748</a>)</li>
</ul>
<h2>langgraph==1.0.9</h2>
<p>Changes since 1.0.8</p>
<ul>
<li>release: langgraph + prebuilt (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6875 ">#6875</a>)</li>
<li>fix: sequential interrupt handling w/ functional API (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6863 ">#6863</a>)</li>
<li>chore: state_updated_at sort by (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6857 ">#6857</a>)</li>
<li>chore: bump orjson (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6852 ">#6852</a>)</li>
<li>chore: conformance testing (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6842 ">#6842</a>)</li>
<li>chore(deps): bump the all-dependencies group in /libs/langgraph with
6 updates (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6815 ">#6815</a>)</li>
<li>chore(deps): bump protobuf from 6.33.4 to 6.33.5 in /libs/langgraph
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6833 ">#6833</a>)</li>
<li>chore(deps): bump cryptography from 46.0.3 to 46.0.5 in
/libs/langgraph (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6837 ">#6837</a>)</li>
<li>chore(deps): bump nbconvert from 7.16.6 to 7.17.0 in /libs/langgraph
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6832 ">#6832</a>)</li>
<li>chore: server runtime type (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6774 ">#6774</a>)</li>
<li>refactor: replace bare except with BaseException in AsyncQueue (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6765 ">#6765</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a04ec5d6f0https://redirect.github.com/langchain-ai/langgraph/issues/6947 ">#6947</a>)</li>
<li><a
href="50df7d423ac4a4a46473https://redirect.github.com/langchain-ai/langgraph/issues/6943 ">#6943</a>)</li>
<li><a
href="f178eb821e48167d7fechttps://redirect.github.com/langchain-ai/langgraph/issues/6920 ">#6920</a>)</li>
<li><a
href="806878a4218087e6a42chttps://redirect.github.com/langchain-ai/langgraph/issues/6933 ">#6933</a>)</li>
<li><a
href="8fbdb14487https://redirect.github.com/langchain-ai/langgraph/issues/6932 ">#6932</a>)</li>
<li><a
href="5093802f31b89ef60b91https://redirect.github.com/langchain-ai/langgraph/issues/6880 ">#6880</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langgraph/compare/1.0.8...1.0.10rc1 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-07 00:20:12 +00:00
dependabot[bot]
bf3dca1fa6
chore: bump langgraph from 1.0.8 to 1.0.10rc1 in /libs/partners/anthropic ( #35614 )
...
Bumps [langgraph](https://github.com/langchain-ai/langgraph ) from 1.0.8
to 1.0.10rc1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langgraph/releases ">langgraph's
releases</a>.</em></p>
<blockquote>
<h2>langgraph==1.0.10rc1</h2>
<p>Changes since 1.0.9</p>
<ul>
<li>release: Candidate (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6947 ">#6947</a>)</li>
<li>Merge commit from fork</li>
<li>chore: add tests to confirm expected subgraph persistence behavior
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6943 ">#6943</a>)</li>
<li>fix(langgraph): correct ParentCommand bubbling when checkpoint_ns
includes numeric task segments (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6864 ">#6864</a>)</li>
<li>chore: add <code>make type</code> target for type checking (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6748 ">#6748</a>)</li>
</ul>
<h2>langgraph==1.0.9</h2>
<p>Changes since 1.0.8</p>
<ul>
<li>release: langgraph + prebuilt (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6875 ">#6875</a>)</li>
<li>fix: sequential interrupt handling w/ functional API (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6863 ">#6863</a>)</li>
<li>chore: state_updated_at sort by (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6857 ">#6857</a>)</li>
<li>chore: bump orjson (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6852 ">#6852</a>)</li>
<li>chore: conformance testing (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6842 ">#6842</a>)</li>
<li>chore(deps): bump the all-dependencies group in /libs/langgraph with
6 updates (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6815 ">#6815</a>)</li>
<li>chore(deps): bump protobuf from 6.33.4 to 6.33.5 in /libs/langgraph
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6833 ">#6833</a>)</li>
<li>chore(deps): bump cryptography from 46.0.3 to 46.0.5 in
/libs/langgraph (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6837 ">#6837</a>)</li>
<li>chore(deps): bump nbconvert from 7.16.6 to 7.17.0 in /libs/langgraph
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6832 ">#6832</a>)</li>
<li>chore: server runtime type (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6774 ">#6774</a>)</li>
<li>refactor: replace bare except with BaseException in AsyncQueue (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6765 ">#6765</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a04ec5d6f0https://redirect.github.com/langchain-ai/langgraph/issues/6947 ">#6947</a>)</li>
<li><a
href="50df7d423ac4a4a46473https://redirect.github.com/langchain-ai/langgraph/issues/6943 ">#6943</a>)</li>
<li><a
href="f178eb821e48167d7fechttps://redirect.github.com/langchain-ai/langgraph/issues/6920 ">#6920</a>)</li>
<li><a
href="806878a4218087e6a42chttps://redirect.github.com/langchain-ai/langgraph/issues/6933 ">#6933</a>)</li>
<li><a
href="8fbdb14487https://redirect.github.com/langchain-ai/langgraph/issues/6932 ">#6932</a>)</li>
<li><a
href="5093802f31b89ef60b91https://redirect.github.com/langchain-ai/langgraph/issues/6880 ">#6880</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langgraph/compare/1.0.8...1.0.10rc1 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-07 00:12:49 +00:00
dependabot[bot]
576ee9d409
chore: bump langgraph from 1.0.8 to 1.0.10rc1 in /libs/partners/huggingface ( #35613 )
...
Bumps [langgraph](https://github.com/langchain-ai/langgraph ) from 1.0.8
to 1.0.10rc1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langgraph/releases ">langgraph's
releases</a>.</em></p>
<blockquote>
<h2>langgraph==1.0.10rc1</h2>
<p>Changes since 1.0.9</p>
<ul>
<li>release: Candidate (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6947 ">#6947</a>)</li>
<li>Merge commit from fork</li>
<li>chore: add tests to confirm expected subgraph persistence behavior
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6943 ">#6943</a>)</li>
<li>fix(langgraph): correct ParentCommand bubbling when checkpoint_ns
includes numeric task segments (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6864 ">#6864</a>)</li>
<li>chore: add <code>make type</code> target for type checking (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6748 ">#6748</a>)</li>
</ul>
<h2>langgraph==1.0.9</h2>
<p>Changes since 1.0.8</p>
<ul>
<li>release: langgraph + prebuilt (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6875 ">#6875</a>)</li>
<li>fix: sequential interrupt handling w/ functional API (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6863 ">#6863</a>)</li>
<li>chore: state_updated_at sort by (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6857 ">#6857</a>)</li>
<li>chore: bump orjson (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6852 ">#6852</a>)</li>
<li>chore: conformance testing (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6842 ">#6842</a>)</li>
<li>chore(deps): bump the all-dependencies group in /libs/langgraph with
6 updates (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6815 ">#6815</a>)</li>
<li>chore(deps): bump protobuf from 6.33.4 to 6.33.5 in /libs/langgraph
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6833 ">#6833</a>)</li>
<li>chore(deps): bump cryptography from 46.0.3 to 46.0.5 in
/libs/langgraph (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6837 ">#6837</a>)</li>
<li>chore(deps): bump nbconvert from 7.16.6 to 7.17.0 in /libs/langgraph
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6832 ">#6832</a>)</li>
<li>chore: server runtime type (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6774 ">#6774</a>)</li>
<li>refactor: replace bare except with BaseException in AsyncQueue (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6765 ">#6765</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a04ec5d6f0https://redirect.github.com/langchain-ai/langgraph/issues/6947 ">#6947</a>)</li>
<li><a
href="50df7d423ac4a4a46473https://redirect.github.com/langchain-ai/langgraph/issues/6943 ">#6943</a>)</li>
<li><a
href="f178eb821e48167d7fechttps://redirect.github.com/langchain-ai/langgraph/issues/6920 ">#6920</a>)</li>
<li><a
href="806878a4218087e6a42chttps://redirect.github.com/langchain-ai/langgraph/issues/6933 ">#6933</a>)</li>
<li><a
href="8fbdb14487https://redirect.github.com/langchain-ai/langgraph/issues/6932 ">#6932</a>)</li>
<li><a
href="5093802f31b89ef60b91https://redirect.github.com/langchain-ai/langgraph/issues/6880 ">#6880</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langgraph/compare/1.0.8...1.0.10rc1 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-06 16:12:14 -08:00
langchain-model-profile-bot[bot]
3241d6429f
chore(model-profiles): refresh model profile data ( #35593 )
...
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.
🤖 Generated by the `refresh_model_profiles` workflow.
Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com >
2026-03-06 10:14:14 -05:00
ccurme
7a4cc3ec32
fix(anthropic): update integration test ( #35577 )
2026-03-05 14:36:03 -05:00
Jason Meng
f698b43b9a
fix(openai): avoid PydanticSerializationUnexpectedValue for structured output ( #35543 )
2026-03-04 21:46:46 -05:00
Mohammad Mohtashim
3101794dde
feat(groq): Strict Mode for Groq ( #35029 )
2026-03-04 21:35:09 -05:00
Roli Bosch
fb31c91076
fix(anthropic): drop forced tool_choice when thinking is enabled ( #35544 )
2026-03-04 21:09:48 -05:00
Mason Daugherty
c8f394208b
fix(openrouter): include role in sdk model_construct for min dep compat ( #35562 )
...
Fix `_wrap_messages_for_sdk` stripping `role` before `model_construct` —
on `openrouter==0.6.0` (minimum dep), the SDK models don't auto-populate
a default `role`, so `model_dump()` omitted it entirely, causing
`KeyError: 'role'` in pre-release checks.
2026-03-04 16:05:30 -05:00
Mason Daugherty
23f3f59081
release(openrouter): 0.1.0 ( #35560 )
2026-03-04 15:37:38 -05:00
Mason Daugherty
e91da86efe
feat(openrouter): add streaming token usage support ( #35559 )
...
Streaming token usage was silently dropped for `ChatOpenRouter`. Both
`_stream` and `_astream` skipped any SSE chunk without a `choices` array
— which is exactly the shape OpenRouter uses for the final
usage-reporting chunk. This meant `usage_metadata` was never populated
on streamed responses, causing downstream consumers (like the Deep
Agents CLI) to show "unknown" model with 0 tokens.
## Changes
- Add `stream_usage: bool = True` field to `ChatOpenRouter`, which
passes `stream_options: {"include_usage": True}` to the OpenRouter API
when streaming — matching the pattern already established in
`langchain-openai`'s `BaseChatOpenAI`
- Handle usage-only chunks (no `choices`, just `usage`) in both
`_stream` and `_astream` by emitting a `ChatGenerationChunk` with
`usage_metadata` via `_create_usage_metadata`, instead of silently
`continue`-ing past them
2026-03-04 15:35:30 -05:00
Mason Daugherty
e50625e7c3
feat(fireworks,groq,openrouter): add standard model property ( #35542 )
...
Add a `model` property to `ChatFireworks`, `ChatGroq`, and
`ChatOpenRouter` that returns `model_name`. These partners use
Pydantic's `Field(alias="model")` on `model_name`, which means
`instance.model` doesn't work as a read accessor after construction — it
raises an `AttributeError` or returns the field descriptor. `ChatOpenAI`
already has this property; this brings the remaining in-repo partners to
parity.
2026-03-03 17:28:46 -05:00
Mason Daugherty
6b37ad43dd
docs(groq): generalize vision models ref ( #35536 )
2026-03-03 10:37:28 -05:00
Mason Daugherty
d2c86df128
fix(huggingface): switch integration test provider to together ( #35525 )
...
Switch the `TestHuggingFaceEndpoint` serverless inference provider from
`sambanova` to `together` for `Llama-3.3-70B-Instruct`. Sambanova
doesn't support `tool_choice: "any"` (needed by
`test_structured_few_shot_examples` and
`test_unicode_tool_call_integration`) and doesn't return
`usage_metadata` in streaming responses.
2026-03-02 13:40:58 -05:00
Mason Daugherty
ac9295761a
fix(huggingface): resolve huggingface-hub 1.x compat ( #35524 )
...
- Switch `TestHuggingFaceEndpoint` from `Llama-4-Maverick` +
`fireworks-ai` to `Llama-3.3-70B-Instruct` + `sambanova` — Maverick is
no longer routed to Fireworks in hub 1.x
- Switch `test_stream_usage` provider from `nebius` to `scaleway` for
`gemma-3-27b-it` — same provider routing change
2026-03-02 12:29:05 -05:00
Mason Daugherty
6d39b72892
fix(huggingface): bump transformers and sentence-transformers lower bounds ( #35522 )
...
Bump `transformers` and `sentence-transformers` lower bounds in
`langchain-huggingface` to resolve a dependency conflict with
`huggingface-hub` 1.x. The existing constraints allowed
`huggingface-hub>=0.33.4,<2.0.0` (so hub 1.x is valid), but
`transformers` 4.x requires `huggingface-hub<1.0` — causing the
pre-release CI job to fail when `uv pip install --force-reinstall`
resolved hub to 1.5.0 while leaving `transformers` at 4.56.2.
Breaking change for users on transformers 4.x or
sentence-transformers<5.2.0 who install langchain-huggingface[full].
2026-03-02 10:45:06 -05:00
Hamza Kyamanywa
f84b534248
feat(openrouter): surface cost and cost_details in response_metadata ( #35461 )
...
## Description
OpenRouter returns `cost` and `cost_details` in its API response `usage`
object, providing the actual cost of each API call. Currently,
`_create_usage_metadata()` only extracts token counts and drops these
cost fields.
This PR surfaces both `cost` and `cost_details` in `response_metadata`
for both non-streaming and streaming paths, allowing users to access
actual API costs directly from the response without manual estimation
from token counts.
**Example response from OpenRouter:**
```json
{
"usage": {
"prompt_tokens": 100,
"completion_tokens": 50,
"cost": 0.000075,
"cost_details": {
"upstream_inference_cost": 0.00007745,
"upstream_inference_prompt_cost": 0.00000895,
"upstream_inference_completions_cost": 0.0000685
}
}
}
```
**After this change:**
```python
result = chat.invoke("hello")
result.response_metadata["cost"] # 0.000075
result.response_metadata["cost_details"] # {...}
```
## Changes
- **`_create_chat_result`**: Surface `cost` and `cost_details` from
`token_usage` into `response_metadata` (non-streaming)
- **`_convert_chunk_to_message_chunk`**: Same for streaming
`AIMessageChunk`
- Added `PLR0912` to `noqa` comments (new branches pushed count over
threshold)
- Added two unit tests: one verifying cost fields are present when
returned, one verifying they're absent when not in usage
## Issue
N/A — discovered while integrating OpenRouter in a production pipeline.
The cost data is already returned by the API but was being silently
dropped.
## Dependencies
None.
## Twitter handle
@hamza_kyamanywa
---------
Co-authored-by: Mason Daugherty <mason@langchain.dev >
2026-03-01 18:47:19 -05:00
Kanav Bansal
21b64e56fe
docs(chroma): clarify update_documents docstring and argument behavior ( #35409 )
...
This PR updates the update_documents docstring to accurately reflect its
batch behavior and clarify the positional mapping between ids and
documents.
No breaking changes. Documentation-only update.
2026-03-01 12:21:29 -05:00
John Kennedy
6335968237
fix(deepseek): use proper URL parsing for azure endpoint detection ( #35455 )
...
## Summary
- Fixes [CodeQL alert
#43 ](https://github.com/langchain-ai/langchain/security/code-scanning/43 )
(CWE-20: incomplete URL substring sanitization)
- Replaces `"azure.com" in url` substring check with `urlparse`-based
hostname validation to prevent bypass via crafted URLs (e.g.,
`https://evil-azure.com `, `https://example.com/azure.com `)
- Adds bypass-attempt test cases to the existing Azure endpoint
detection tests
## Why
The substring check `"azure.com" in url` matches URLs where `azure.com`
appears anywhere in the string, not just in the hostname. An
attacker-controlled endpoint like `https://evil-azure.com ` or
`https://example.com/azure.com ` would incorrectly trigger the Azure code
path. Using `urlparse` to extract and validate the hostname is the
standard fix per CodeQL guidance.
## Test plan
- [x] Existing Azure endpoint detection tests pass
- [x] New negative test cases for bypass attempts pass
- [x] `uv run pytest tests/unit_tests/test_chat_models.py -k azure` —
6/6 passing
> [!NOTE]
> This PR was authored with assistance from an AI agent (Claude Code).
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-01 12:14:48 -05:00
dependabot[bot]
dac22ced14
chore: bump langgraph-checkpoint from 3.0.0 to 4.0.0 in /libs/partners/huggingface ( #35447 )
...
Bumps [langgraph-checkpoint](https://github.com/langchain-ai/langgraph )
from 3.0.0 to 4.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langgraph/releases ">langgraph-checkpoint's
releases</a>.</em></p>
<blockquote>
<h2>langgraph-checkpoint==4.0.0</h2>
<p>Changes since checkpoint==3.0.1</p>
<ul>
<li>fix: flip default on base cache (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6677 ">#6677</a>)</li>
<li>fix(checkpoint): InMemorySaver context managers should return self
in… (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6529 ">#6529</a>)</li>
<li>fix: docstring for serializer protocol (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6525 ">#6525</a>)</li>
<li>chore: clean up some refs (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6487 ">#6487</a>)</li>
<li>chore: add <code>pyproject.toml</code> links (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6364 ">#6364</a>)</li>
</ul>
<h2>langgraph-checkpoint-postgres==3.0.4</h2>
<p>Changes since checkpointpostgres==3.0.3</p>
<ul>
<li>chore: Omit lock when using connection pool (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6734 ">#6734</a>)</li>
<li>chore(deps): upgrade dependencies with <code>uv lock
--upgrade</code> (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6671 ">#6671</a>)</li>
<li>chore: update twitter URLs (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6683 ">#6683</a>)</li>
</ul>
<h2>langgraph-checkpoint-postgres==3.0.3</h2>
<p>Changes since checkpointpostgres==3.0.2</p>
<ul>
<li>fix: flip default on base cache (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6677 ">#6677</a>)</li>
<li>docs: storage nits (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6651 ">#6651</a>)</li>
</ul>
<h2>langgraph-checkpoint-sqlite==3.0.3</h2>
<p>Changes since checkpointsqlite==3.0.2</p>
<ul>
<li>fix: aiosqlite's breaking change (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6699 ">#6699</a>)</li>
<li>chore(deps): upgrade dependencies with <code>uv lock
--upgrade</code> (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6671 ">#6671</a>)</li>
<li>chore: update twitter URLs (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6683 ">#6683</a>)</li>
</ul>
<h2>langgraph-checkpoint-postgres==3.0.2</h2>
<p>Changes since checkpointpostgres==3.0.1</p>
<ul>
<li>release(checkpoint-postgres): 3.0.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6568 ">#6568</a>)</li>
<li>chore: pgqs (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6567 ">#6567</a>)</li>
<li>fix(checkpoint-postgres): ensure vector extension is created only if
not exists (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6154 ">#6154</a>)</li>
<li>fix(checkpoint-postgres): Replace f-string SQL formatting with
parameterized queries in migration statements (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6328 ">#6328</a>)</li>
<li>chore: add <code>pyproject.toml</code> links (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6364 ">#6364</a>)</li>
<li>docs: add license files for checkpoint-sqlite and
checkpoint-postgres (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6392 ">#6392</a>)</li>
</ul>
<h2>langgraph-checkpoint-sqlite==3.0.2</h2>
<p>Changes since checkpointsqlite==3.0.1</p>
<ul>
<li>fix: flip default on base cache (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6677 ">#6677</a>)</li>
<li>docs: storage nits (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6651 ">#6651</a>)</li>
</ul>
<h2>checkpoint==3.0.1</h2>
<p>Changes since checkpoint==3.0.0</p>
<ul>
<li>chore: update ormsgpack minbound and add OPT_REPLACE_SURROGATES (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6395 ">#6395</a>)</li>
<li>fix(checkpoint): update checkpoint interface specification in README
(<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6386 ">#6386</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f91d79d0c8https://redirect.github.com/langchain-ai/langgraph/issues/6677 ">#6677</a>)</li>
<li><a
href="cb2faa7ddahttps://redirect.github.com/langchain-ai/langgraph/issues/6509 ">#6509</a>)</li>
<li><a
href="a5827c5c61https://redirect.github.com/langchain-ai/langgraph/issues/6676 ">#6676</a>)</li>
<li><a
href="5212369bd0https://redirect.github.com/langchain-ai/langgraph/issues/6674 ">#6674</a>)</li>
<li><a
href="7045a23148https://redirect.github.com/langchain-ai/langgraph/issues/6668 ">#6668</a>)</li>
<li><a
href="728db10b1fhttps://redirect.github.com/langchain-ai/langgraph/issues/6669 ">#6669</a>)</li>
<li><a
href="454af21896https://redirect.github.com/langchain-ai/langgraph/issues/6662 ">#6662</a>)</li>
<li><a
href="b4630d8452https://redirect.github.com/langchain-ai/langgraph/issues/6488 ">#6488</a>)</li>
<li><a
href="311465bbf7https://redirect.github.com/langchain-ai/langgraph/issues/6665 ">#6665</a>)</li>
<li><a
href="8ccead9560https://redirect.github.com/langchain-ai/langgraph/issues/6653 ">#6653</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langgraph/compare/checkpoint==3.0.0...checkpoint==4.0.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mason Daugherty <mason@langchain.dev >
2026-03-01 11:37:09 -05:00
langchain-model-profile-bot[bot]
e9794cca81
chore(model-profiles): refresh model profile data ( #35477 )
...
Automated refresh of model profile data for all in-monorepo partner
integrations via `langchain-profiles refresh`.
🤖 Generated by the `refresh_model_profiles` workflow.
Co-authored-by: mdrxy <61371264+mdrxy@users.noreply.github.com >
2026-03-01 11:29:37 -05:00
John Kennedy
e939c96792
fix: compaction typo ( #35467 )
...
_This PR applies 2/2 suggestions from code quality [AI
findings](https://github.com/langchain-ai/langchain/security/quality/ai-findings )._
---------
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
2026-02-27 19:30:37 +00:00
ccurme
c600b932a6
fix(openai): add test for CSV and accommodate breaking changes in file url inputs ( #35454 )
2026-02-26 13:50:39 -05:00
dependabot[bot]
4f1d2d0500
chore: bump langgraph-checkpoint from 3.0.0 to 4.0.0 in /libs/partners/openai ( #35448 )
2026-02-26 13:43:54 -05:00
dependabot[bot]
b5f71cd690
chore: bump langgraph-checkpoint from 3.0.1 to 4.0.0 in /libs/partners/anthropic ( #35450 )
...
Bumps [langgraph-checkpoint](https://github.com/langchain-ai/langgraph )
from 3.0.1 to 4.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langgraph/releases ">langgraph-checkpoint's
releases</a>.</em></p>
<blockquote>
<h2>langgraph-checkpoint==4.0.0</h2>
<p>Changes since checkpoint==3.0.1</p>
<ul>
<li>fix: flip default on base cache (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6677 ">#6677</a>)</li>
<li>fix(checkpoint): InMemorySaver context managers should return self
in… (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6529 ">#6529</a>)</li>
<li>fix: docstring for serializer protocol (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6525 ">#6525</a>)</li>
<li>chore: clean up some refs (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6487 ">#6487</a>)</li>
<li>chore: add <code>pyproject.toml</code> links (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6364 ">#6364</a>)</li>
</ul>
<h2>langgraph-checkpoint-postgres==3.0.4</h2>
<p>Changes since checkpointpostgres==3.0.3</p>
<ul>
<li>chore: Omit lock when using connection pool (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6734 ">#6734</a>)</li>
<li>chore(deps): upgrade dependencies with <code>uv lock
--upgrade</code> (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6671 ">#6671</a>)</li>
<li>chore: update twitter URLs (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6683 ">#6683</a>)</li>
</ul>
<h2>langgraph-checkpoint-postgres==3.0.3</h2>
<p>Changes since checkpointpostgres==3.0.2</p>
<ul>
<li>fix: flip default on base cache (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6677 ">#6677</a>)</li>
<li>docs: storage nits (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6651 ">#6651</a>)</li>
</ul>
<h2>langgraph-checkpoint-sqlite==3.0.3</h2>
<p>Changes since checkpointsqlite==3.0.2</p>
<ul>
<li>fix: aiosqlite's breaking change (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6699 ">#6699</a>)</li>
<li>chore(deps): upgrade dependencies with <code>uv lock
--upgrade</code> (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6671 ">#6671</a>)</li>
<li>chore: update twitter URLs (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6683 ">#6683</a>)</li>
</ul>
<h2>langgraph-checkpoint-postgres==3.0.2</h2>
<p>Changes since checkpointpostgres==3.0.1</p>
<ul>
<li>release(checkpoint-postgres): 3.0.1 (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6568 ">#6568</a>)</li>
<li>chore: pgqs (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6567 ">#6567</a>)</li>
<li>fix(checkpoint-postgres): ensure vector extension is created only if
not exists (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6154 ">#6154</a>)</li>
<li>fix(checkpoint-postgres): Replace f-string SQL formatting with
parameterized queries in migration statements (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6328 ">#6328</a>)</li>
<li>chore: add <code>pyproject.toml</code> links (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6364 ">#6364</a>)</li>
<li>docs: add license files for checkpoint-sqlite and
checkpoint-postgres (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6392 ">#6392</a>)</li>
</ul>
<h2>langgraph-checkpoint-sqlite==3.0.2</h2>
<p>Changes since checkpointsqlite==3.0.1</p>
<ul>
<li>fix: flip default on base cache (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6677 ">#6677</a>)</li>
<li>docs: storage nits (<a
href="https://redirect.github.com/langchain-ai/langgraph/issues/6651 ">#6651</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f91d79d0c8https://redirect.github.com/langchain-ai/langgraph/issues/6677 ">#6677</a>)</li>
<li><a
href="cb2faa7ddahttps://redirect.github.com/langchain-ai/langgraph/issues/6509 ">#6509</a>)</li>
<li><a
href="a5827c5c61https://redirect.github.com/langchain-ai/langgraph/issues/6676 ">#6676</a>)</li>
<li><a
href="5212369bd0https://redirect.github.com/langchain-ai/langgraph/issues/6674 ">#6674</a>)</li>
<li><a
href="7045a23148https://redirect.github.com/langchain-ai/langgraph/issues/6668 ">#6668</a>)</li>
<li><a
href="728db10b1fhttps://redirect.github.com/langchain-ai/langgraph/issues/6669 ">#6669</a>)</li>
<li><a
href="454af21896https://redirect.github.com/langchain-ai/langgraph/issues/6662 ">#6662</a>)</li>
<li><a
href="b4630d8452https://redirect.github.com/langchain-ai/langgraph/issues/6488 ">#6488</a>)</li>
<li><a
href="311465bbf7https://redirect.github.com/langchain-ai/langgraph/issues/6665 ">#6665</a>)</li>
<li><a
href="8ccead9560https://redirect.github.com/langchain-ai/langgraph/issues/6653 ">#6653</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langgraph/compare/checkpoint==3.0.1...checkpoint==4.0.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-26 02:46:51 -08:00
ccurme
4ffb584ddf
release(anthropic): 1.3.4 ( #35418 )
2026-02-24 08:51:01 -05:00
ccurme
cdb9742511
fix(anthropic): filter out common OpenAI Responses block types ( #35417 )
2026-02-24 08:45:54 -05:00
ccurme
2fa460d325
fix(anthropic): update integration tests ( #35396 )
2026-02-22 09:33:21 -05:00
ccurme
00538ff5fc
revert: add ChatAnthropicBedrockWrapper ( #35371 )
2026-02-20 15:58:35 -05:00
Mason Daugherty
be1c3fcc1d
feat(openrouter): default headers ( #35369 )
2026-02-20 14:44:06 -05:00
Mason Daugherty
ca246ddef2
fix(anthropic): replace retired model IDs in tests and docstrings ( #35365 )
...
## Summary
- Replace `claude-3-5-haiku-20241022` and `claude-3-7-sonnet-20250219`
with `claude-haiku-4-5-20251001` and `claude-sonnet-4-5-20250929`
respectively
- Both models were retired by Anthropic on February 19, 2026, causing
all anthropic integration tests to fail
- Updates integration tests, a unit test, and docstring examples in
`langchain-core`
See:
https://platform.claude.com/docs/en/docs/resources/model-deprecations
2026-02-20 13:44:15 -05:00
NITIN Madan
63f3669e12
feat(anthropic): add ChatAnthropicBedrock wrapper ( #35091 )
2026-02-20 13:06:12 -05:00
Mohammad Mohtashim
03826061be
fix(deepseek): Tool Choice to required for Azure Deployment in case specific function dict is given ( #34848 )
2026-02-20 12:50:25 -05:00
Mason Daugherty
70192690b1
fix(model-profiles): sort generated profiles by model ID for stable diffs ( #35344 )
...
- Sort model profiles alphabetically by model ID (the top-level
`_PROFILES` dictionary keys, e.g. `claude-3-5-haiku-20241022`,
`gpt-4o-mini`) before writing `_profiles.py`, so that regenerating
profiles only shows actual data changes in diffs — not random reordering
from the models.dev API response order
- Regenerate all 10 partner profile files with the new sorted ordering
2026-02-19 23:11:22 -05:00
ccurme
5362bf5666
fix(anthropic): set max input tokens based on 1m context beta header ( #35341 )
2026-02-19 21:01:49 -05:00
Mason Daugherty
4af87fd025
fix(infra): fix trailing comma regex in profile generation script ( #35333 )
...
The trailing comma regex in the profile generation script consumed the
closing `}` as part of its match, preventing nested closing braces from
getting their own trailing comma. This caused `ruff format` failures on
every generated `_profiles.py` file.
Switches to a lookahead (`(?=...)`) so the closing bracket is asserted
but not consumed, allowing each nesting level to independently receive
its trailing comma.
Fixes #35332 .
2026-02-19 13:27:02 -05:00
Mattijs Ugen
5c6f8fe0a6
fix(openai): accept valid responses that are falsy at runtime ( #35307 )
2026-02-18 21:06:43 -05:00
Christian Veenhuis
b004103721
docs(perplexity): Fix docstring of output_parsers.strip_think_tags() ( #35264 )
2026-02-17 21:45:21 -05:00
Mason Daugherty
82ae4fb6fa
chore: bump model profiles ( #35294 )
2026-02-17 20:22:07 -05:00
Mike Lambert
0d13463e7f
feat(anthropic): add User-Agent header for Anthropic API calls ( #35268 )
2026-02-17 15:59:54 -05:00
ccurme
8166e0137d
chore(anthropic): add version ( #35293 )
2026-02-17 15:49:14 -05:00
ccurme
6fe7845cd1
release(openai): 1.1.10 ( #35292 )
2026-02-17 12:55:21 -05:00
ccurme
8f1bc0d3ae
feat(openai): support automatic server-side compaction ( #35212 )
2026-02-17 10:48:52 -05:00
ccurme
32c6ab3033
fix(openai): add model property ( #35284 )
2026-02-17 10:46:49 -05:00
ccurme
4150bb513f
fix(mistralai): update test ( #35270 )
2026-02-17 09:08:14 -05:00
