Commit Graph

1743 Commits

Author SHA1 Message Date
Christophe Bornet
fc956c8680 style(core): fix style in langchain_core/_security (#38189)
Co-authored-by: Mason Daugherty <mason@langchain.dev>
2026-06-16 11:40:50 -04:00
Nick Hollon
221f934f9d fix(core): preserve usage token details in v3 streaming events (#38021)
`stream_events(version="v3")` / `astream_events(version="v3")` drops
`input_token_details` and `output_token_details` from the usage metadata
on the assembled message and the `on_llm_end` payload: the conversion to
the protocol `UsageInfo` shape copied only the flat token counts.

Providers fold cached tokens into `input_tokens` and break them out in
`input_token_details`, so tracers (e.g. LangSmith) price every input
token at the uncached rate on the v3 path, inflating reported cost for
prompt-cached runs (cache reads bill at roughly a tenth of the base
input rate). The v2 events path and `astream` aggregation preserve the
details and report correctly; reasoning-token breakdowns in
`output_token_details` are lost the same way.

The detail breakdowns now live on the wire type itself:
`input_token_details` / `output_token_details` were added to `UsageInfo`
in `langchain-protocol` 0.0.17 (alongside `InputTokenDetails` /
`OutputTokenDetails`), so core imports `UsageInfo` directly instead of
carrying a local subclass. The v3 usage accumulator threads the details
through end to end, shallow-copying the nested dicts (`_isolate_usage`)
so later accumulator mutation cannot leak into already-emitted events.
Since native provider converters share `build_message_finish`, this also
covers provider-native v3 streams.

Verified against a live claude-sonnet-4-6 call with a cached prompt: v3
`on_llm_end` usage now matches v2, with `cache_read` / `cache_creation`
intact. Requires `langchain-protocol>=0.0.17` (core pin bumped
accordingly).
2026-06-16 10:04:55 -04:00
Christophe Bornet
afff89a9f7 fix(core): disallow_any_generics (#38156)
Co-authored-by: Mason Daugherty <github@mdrxy.com>
2026-06-15 09:46:29 -04:00
Christophe Bornet
62f255980d chore(core): add mypy warn_unreachable (#38109)
Enables mypy's `warn_unreachable` rule for `langchain-core`, bringing it
in line with the other strict libraries in the monorepo. Previously this
rule was intentionally disabled by a code comment, because under mypy
2.x it false-flags intentional defensive runtime checks — most notably
the SSRF / IP-policy guards in `langchain_core/_security/` — as
unreachable.

This PR resolves all of those warnings without deleting or
blanket-ignoring the defensive guards, so contributors get
unreachable-code coverage going forward and accidental dead code is
caught in CI.

The bulk of the change is mechanical: a targeted `# type:
ignore[unreachable]` on each defensive `else`/error branch that mypy
considers unreachable but that we deliberately keep as a runtime guard
against unexpected input. A few changes are more substantive and worth a
closer look:

- **`coro_with_context` (`runnables/utils.py`) — behavior change on
Python < 3.11.** The pre-3.11 path is rewritten to always route through
`context.run(asyncio.create_task, coro)`, so the supplied context is
reliably propagated to the task. Previously, on 3.10 the helper returned
the bare coroutine (run in the caller's context) when
`create_task=False`, and dropped the context entirely when
`create_task=True`. The new behavior matches 3.11+. The `create_task`
parameter is now inert but retained for signature compatibility. All
callers `await` the result, so returning a `Task` rather than a
coroutine is transparent.
- **`_create_template_from_message_type` (`prompts/chat.py`) — signature
widening.** This private helper's `template` parameter now accepts
`bool` inside the list, accurately reflecting the existing `["{var}",
is_optional]` placeholder form. No public-API impact.
- **`PydanticOutputFunctionsParser`
(`output_parsers/openai_functions.py`).** The `pydantic_schema` field is
typed as `TypeBaseModel` (which covers both v1 and v2 model classes,
unlike the prior annotation), and the `args_only` parse path now
dispatches explicitly on `BaseModel` vs `BaseModelV1` rather than
duck-typing via `hasattr`. This also yields clearer errors for
unsupported / dict schemas.
- **`_security/_policy.py`.** Loop variables are renamed so mypy can
narrow their types, which lets the old `# type: ignore[assignment]`
comments be dropped. The IP-blocklist logic is unchanged.

---------

Co-authored-by: Mason Daugherty <mason@langchain.dev>
Co-authored-by: Mason Daugherty <github@mdrxy.com>
2026-06-14 17:05:48 -04:00
Mason Daugherty
63cc1f4e7d docs: refresh README installation and resources (#38119)
README installation examples now use `uv add` consistently, matching the
repo's `uv`-based Python workflow. The top-level README also gets a
cleaner quickstart and resource section with current links for docs,
community, learning, and contribution guidance.

## Changes
- Replaced `pip install` snippets with `uv add` across package quick
install docs, including the Hugging Face extras and
`sentence-transformers` upgrade examples.
- Updated the top-level quickstart to show only `uv add langchain` and
refreshed the example model to `openai:gpt-5.5`.
- Pointed the LangGraph orchestration link at the LangGraph GitHub
repository.
- Consolidated top-level documentation and additional-resource links
under a single `Resources` section covering docs, ecosystem overview,
API reference, discussions, Academy, contributing, and the Code of
Conduct.
- Added LangChain Academy and Code of Conduct links to package README
resource sections.
2026-06-12 17:38:22 -04:00
Mason Daugherty
86ce95afc2 test(core,langchain): update tests for explicit deserialization allowlists (#38118)
Core serialization tests now opt into the object allowlists they rely on
instead of assuming default deserialization permits core objects.
Compatibility tests that intentionally exercise deprecated runnable
streaming and history APIs also suppress the expected deprecation
warnings so they can keep covering those legacy paths cleanly.

## Changes
- Updated serialization and prompt round-trip tests to pass
`allowed_objects="core"` or targeted allowlists when loading
`AIMessage`, prompt templates, structured prompts, runnable maps, and
related core objects.
- Adjusted secret-injection regression coverage to keep testing
`secrets_from_env=True` behavior while explicitly allowing core
deserialization paths.
- Tightened prompt deserialization rejection tests so attribute-access
payloads are loaded only through the specific prompt-template allowlist
needed to reach validation.
- Added module-level warning filters around legacy runnable
compatibility coverage for `astream_log`,
`astream_events(version="v1")`, and `RunnableWithMessageHistory`.
- Bumped the `langchain` package's minimum `langgraph` dependency from
`1.2.4` to `1.2.5`.

## Testing
- Updated unit tests across core serialization, prompt, fake chat model,
runnable history, and runnable event coverage.
2026-06-12 16:49:14 -04:00
dependabot[bot]
7bae1118c2 chore: bump tornado from 6.5.5 to 6.5.6 in /libs/core (#38115)
Bumps [tornado](https://github.com/tornadoweb/tornado) from 6.5.5 to
6.5.6.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst">tornado's
changelog</a>.</em></p>
<blockquote>
<h1>Release notes</h1>
<p>.. toctree::
:maxdepth: 2</p>
<p>releases/v6.5.7
releases/v6.5.6
releases/v6.5.5
releases/v6.5.4
releases/v6.5.3
releases/v6.5.2
releases/v6.5.1
releases/v6.5.0
releases/v6.4.2
releases/v6.4.1
releases/v6.4.0
releases/v6.3.3
releases/v6.3.2
releases/v6.3.1
releases/v6.3.0
releases/v6.2.0
releases/v6.1.0
releases/v6.0.4
releases/v6.0.3
releases/v6.0.2
releases/v6.0.1
releases/v6.0.0
releases/v5.1.1
releases/v5.1.0
releases/v5.0.2
releases/v5.0.1
releases/v5.0.0
releases/v4.5.3
releases/v4.5.2
releases/v4.5.1
releases/v4.5.0
releases/v4.4.3
releases/v4.4.2
releases/v4.4.1
releases/v4.4.0
releases/v4.3.0
releases/v4.2.1
releases/v4.2.0
releases/v4.1.0
releases/v4.0.2
releases/v4.0.1
releases/v4.0.0
releases/v3.2.2
releases/v3.2.1</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="aba2569f7e"><code>aba2569</code></a>
Merge pull request <a
href="https://redirect.github.com/tornadoweb/tornado/issues/3626">#3626</a>
from bdarnell/fixes-656</li>
<li><a
href="a24b260e0d"><code>a24b260</code></a>
httpclient_test: Accept an additional error message variant</li>
<li><a
href="a74240a702"><code>a74240a</code></a>
Release notes and version bump for 6.5.6.</li>
<li><a
href="e8fc7edb23"><code>e8fc7ed</code></a>
simple_httpclient: Strip auth headers on cross-origin redirects</li>
<li><a
href="96dc88c2a0"><code>96dc88c</code></a>
speedups: validate mask length</li>
<li><a
href="ff808b33ad"><code>ff808b3</code></a>
http1connection: Enforce max_body_size in _GzipMessageDelegate</li>
<li><a
href="ede4e37f93"><code>ede4e37</code></a>
auth: Correctly parse check_authentication response</li>
<li><a
href="1c178bef88"><code>1c178be</code></a>
Remove obsolete curl force_timeout workaround</li>
<li><a
href="c99d55bb6c"><code>c99d55b</code></a>
Replace deprecated pycurl IOCTLFUNCTION callback with SEEKFUNCTION</li>
<li><a
href="27614316ef"><code>2761431</code></a>
Merge pull request <a
href="https://redirect.github.com/tornadoweb/tornado/issues/3587">#3587</a>
from bdarnell/fix-link</li>
<li>Additional commits viewable in <a
href="https://github.com/tornadoweb/tornado/compare/v6.5.5...v6.5.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tornado&package-manager=uv&previous-version=6.5.5&new-version=6.5.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-12 15:04:00 -04:00
Mason Daugherty
4108c0738c release(core): 1.4.7 (#38111)
Bumps `langchain-core` to `1.4.7` for the next patch release and updates
downstream minimum `langchain-core` requirements so package locks
resolve against the new core version.

This also refreshes the runnable snapshots that embed `lc_versions`
metadata so the version consistency check continues to validate
checked-in artifacts.

Validated with `python libs/core/scripts/check_version.py`, `uv lock
--check` across package lockfiles, and the core runnable tests that own
the updated snapshots with local LangSmith tracing env disabled.
2026-06-12 14:54:25 -04:00
Mason Daugherty
8837163917 fix(core,partners): rename package version trace metadata (#38110)
Package-version trace metadata now uses the LangChain-owned
`metadata["lc_versions"]` convention instead of the user-owned
`metadata["versions"]` key. Metadata merging is narrowed so only
`lc_versions` accumulates nested package-version entries, while generic
nested metadata keeps normal last-writer-wins behavior.

## Changes
- Renamed `BaseLanguageModel._add_version()` trace metadata from
`versions` to `lc_versions`, including docstrings and the non-dict
replacement warning.
- Scoped `_merge_metadata_dicts()` nested-map accumulation to only
`lc_versions`; duplicate package entries remain last-writer-wins and
`lc_versions` mappings are copied defensively.
- Preserved user-owned `metadata["versions"]` semantics by keeping it
out of package-version tracking and generic nested metadata merging.
- Updated runnable snapshots and partner package metadata assertions
across Anthropic, DeepSeek, Fireworks, Groq, Hugging Face, MistralAI,
Ollama, OpenAI, OpenRouter, Perplexity, and xAI to expect `lc_versions`.

## Testing
- Added/adjusted core tests for `lc_versions` accumulation, duplicate
package overwrite behavior, non-dict `lc_versions` replacement,
defensive copying, and `metadata["versions"]` last-writer-wins behavior.
- Ran focused core and partner metadata tests plus Ruff checks for
changed areas.
2026-06-12 14:26:32 -04:00
Christophe Bornet
0392b6bae4 fix(core): fix Pydantic v1 support in tools/runnable (#33698)
`BaseTool.args_schema` is documented as accepting a Pydantic v1 model,
but several code paths assumed v2 and raised when handed a v1 schema
(e.g. an `AttributeError` from calling
`model_json_schema()`/`model_fields` on a v1 model). This affected
anyone using a v1 `args_schema`, and anyone composing runnables whose
input/output schema is a v1 model.

This PR makes the tool/runnable schema-derivation code version-agnostic.

## Type contract

`TypeBaseModel` (and `PydanticBaseModel`) now include
`pydantic.v1.BaseModel`, so the type honestly reflects what tools and
runnables already accept at runtime. The public schema accessors
(`Runnable.get_input_schema`/`get_output_schema` and the
`input_schema`/`output_schema` properties) return `TypeBaseModel`.

## Version-agnostic helpers

Added to `langchain_core.utils.pydantic`, each dispatching on the
model's Pydantic version so callers don't have to:

- `model_json_schema(model)` — JSON schema for either version.
- `model_validate(model, obj)` — validation for either version.
- `get_fields(model)` — field map for either version (existing helper,
now used consistently).

Internally, direct `.model_json_schema()` / `.model_fields` calls are
replaced with these helpers (or with `get_input_jsonschema()` /
`get_output_jsonschema()`).

## Behavior change worth a close look

When deriving a schema from a v1 model (in `RunnableParallel`,
`RunnableAssign`, and `RunnableSequence` output schemas), a **required**
v1 field is now correctly carried over as required. Previously the v1
path read the field's `default` — which is `None` for a required v1
field — and silently turned required fields into optional/nullable ones;
`default_factory` fields were dropped entirely. The new
`_get_schema_field_definition` helper translates a v1 `ModelField`
faithfully (required → `...`, factory preserved) and dispatches
explicitly on the field type.

---------

Co-authored-by: Mason Daugherty <mason@langchain.dev>
Co-authored-by: Mason Daugherty <github@mdrxy.com>
2026-06-12 00:18:49 -04:00
Mason Daugherty
5d20596d73 style(core,langchain,langchain-classic,partners): replace double backticks in docstrings (#38095)
Standardizes inline code markup in Python docstrings and comments by
replacing Sphinx-style double backticks with single-backtick Markdown.
The cleanup keeps existing code fences intact while aligning inline
references with the repo's docstring convention.

## Changes
- Converted inline code references in core prompt-loading docs and
LangSmith tracer comments, including `..`, `allow_dangerous_paths`, and
inheritable metadata keys.
- Normalized agent-related docstrings and comments around
`wrap_model_call`, `ExtendedModelResponse`, `Command`,
`create_structured_chat_agent`, and `DockerExecutionPolicy`.
- Updated partner package docstrings for inline references such as
`json_schema`, `ToolCall`, `apply_patch_call_output`, OpenRouter content
block keys, and Perplexity tool-call serialization.
- Cleaned test and helper docstrings that referenced command separators,
fake `resource` modules, stream event names, and xdist rate-limit
environment variables.
2026-06-12 00:17:26 -04:00
Mason Daugherty
05cc55f1bc release(core): 1.4.6 (#38061) 2026-06-11 02:58:40 -04:00
Mason Daugherty
948f6cc58c feat(core,partners): add package version tracking to tracing metadata (#35295)
Following on the heels of #35293

TODO:
- Packages outside of this repo (e.g. LiteLLM, Nvidia, Google, AWS)

---

## Summary

Surface partner package versions in `metadata.versions` on LangSmith
traces. Mirrors the JS SDK's `_addVersion()` pattern
([langchainjs#10106](https://github.com/langchain-ai/langchainjs/pull/10106)).

Each model constructor records its package version via `_add_version()`
on `BaseLanguageModel`. The version dict accumulates through the class
hierarchy — `langchain-core` is added in
`BaseLanguageModel.model_post_init`, `langchain-openai` in
`BaseChatOpenAI._set_openai_chat_version`, and each leaf partner in its
uniquely-named `model_validator`. Traces end up with:

```json
{
  "metadata": {
    "versions": {
      "langchain-core": "1.4.5",
      "langchain-openai": "1.3.0",
      "langchain-xai": "1.2.2"
    }
  }
}
```

### Changes

- `BaseLanguageModel._add_version(pkg, version)` — appends to
`self.metadata["versions"]`; accepts any `Mapping` type; emits a warning
if a non-mapping value is found and replaced
- `BaseLanguageModel.model_post_init` — adds `langchain-core` version;
calls `super()` for MRO safety
- `_merge_metadata_dicts` — one-level-deep (non-recursive) merge for
nested dict metadata keys
- `CallbackManager.add_metadata` — uses `_merge_metadata_dicts` instead
of flat `dict.update()` so nested metadata dicts (like `versions`)
coexist rather than clobber
- `merge_configs` — uses `_merge_metadata_dicts` for config merging

**Partners:**
- Each now calls `self._add_version("langchain-<pkg>", __version__)`

### Design decisions

- **Constructor-based, not `_get_ls_params`-based** — versions flow
through `self.metadata` (local metadata on traces), not through
`LangSmithParams`. This matches JS and makes child-class version
inheritance automatic (no merge/clobber issues).
- **`versions` is local (non-inheritable) metadata** — `self.metadata`
is passed to `CallbackManager.configure` as `local_metadata`
(`add_metadata(..., inherit=False)`), so `versions` is attached **once
per chat-model run** and is **not** propagated to child runs or
duplicated onto every streaming chunk. This is intentionally the
opposite of the inheritable-per-chunk metadata that #36588 was reducing
for performance — `versions` does not regress that path.
- **`add_metadata` deep-merge is a correctness fix, not just for
versions** — previously `add_metadata`/`merge_configs` did a flat
top-level `dict.update`/spread, so any nested metadata dict baked into a
config (e.g. via `.with_config({"metadata": {...}})`) would be wholly
replaced when a caller also passed `metadata`. `_merge_metadata_dicts`
merges one level deep so user-provided `config.metadata.versions` and
model-set `versions` coexist instead of clobbering. The merge runs once
per `configure` (not per chunk), so it is off the streaming hot path.
- **One level deep only** — `_merge_metadata_dicts` is deliberately
*not* a recursive deep merge; values nested more than one level are
last-writer-wins. This covers the `versions` case without the
ambiguity/cost of arbitrary-depth merging.
- **Warn on non-dict `metadata["versions"]`** — if a user sets
`metadata={"versions": "some-string"}`, `_add_version` emits a warning
and replaces the value with the version dict rather than silently
discarding user data or crashing. This is a soft breaking change for
anyone who previously stored non-dict values at this key.

### Follow-ups (tracked separately, out of scope here)

- JS `mergeConfigs` still flat-spreads nested metadata, so
`metadata.versions` can still clobber on the JS side until an equivalent
deep-merge lands.

---

Made by [Open SWE](https://openswe.vercel.app)

---------

Co-authored-by: open-swe[bot] <open-swe@users.noreply.github.com>
2026-06-11 02:23:19 -04:00
Mason Daugherty
86428c63ac fix(core,openai): normalize v1 streamed tool calls (#35983)
OpenAI Chat Completions streaming has a v1 normalization gap when tool
calls are streamed.

When users opt into `output_version="v1"`, `.content_blocks` is expected
to be the normalized cross-provider view of the message. For OpenAI Chat
Completions streams, though, chunks still carry raw string `content`
plus side-channel `tool_call_chunks` / `tool_calls`.

Practically, an OpenAI stream chunk can look like this internally:

```python
AIMessageChunk(
    content="",
    tool_call_chunks=[
        {
            "name": "get_weather",
            "args": '{"location": "SF"}',
            "id": "call_123",
            "index": 0,
            "type": "tool_call_chunk",
        }
    ],
    response_metadata={"model_provider": "openai", "output_version": "v1"},
)
```

That is not already-normalized v1 content like this:

```python
AIMessageChunk(
    content=[
        {
            "type": "tool_call_chunk",
            "name": "get_weather",
            "args": '{"location": "SF"}',
            "id": "call_123",
            "index": 0,
        }
    ],
)
```

Because `.content_blocks` currently short-circuits solely on
`output_version="v1"`, it can return the raw string/empty list directly
instead of running the OpenAI translator that incorporates
`tool_call_chunks` / `tool_calls` into normalized v1 blocks.

In practice, a streamed OpenAI tool call can be parsed successfully into
`tool_calls`, but still be missing from the final aggregated
`.content_blocks`. Downstream code that consumes the v1 block interface
then sees no `tool_call` block and must know to inspect OpenAI-specific
chunk fields instead.

User story:

> As a LangChain user streaming OpenAI Chat Completions with bound tools
and `output_version="v1"`, I need the final aggregated message's
`.content_blocks` to include normalized `tool_call` blocks, so that code
written against the v1 content-block interface handles streamed tool
calls consistently across providers.

Expected final aggregated view:

```python
message.content_blocks == [
    {
        "type": "tool_call",
        "name": "get_weather",
        "args": {"location": "SF"},
        "id": "call_123",
    }
]
```

Root causes:

1. The usage-only Chat Completions chunk uses `content=[]` in v1 mode
while normal streaming chunks use `content=""`, creating inconsistent
content types during chunk aggregation.
2. `AIMessage.content_blocks` and `AIMessageChunk.content_blocks` treat
any `output_version="v1"` message as already-normalized, even when
`content` is still raw string content from Chat Completions.
3. Content-bearing OpenAI stream chunks do not carry
`output_version="v1"`, so the final merged chunk may not reliably take
the v1 normalization path.

Changes:

- Keep usage-only Chat Completions chunks as `content=""` instead of
overriding to `[]`, so streaming chunks merge consistently.
- Propagate `output_version="v1"` to content-bearing chunks.
- Only short-circuit v1 `.content_blocks` when `content` is already a
list of blocks; otherwise fall through to the provider translator.
- Add regression tests covering string-content v1 fallback, usage-only
chunk content consistency, and streamed tool calls appearing as
normalized final v1 blocks.
2026-06-11 00:51:50 -04:00
Christophe Bornet
1de100f278 chore(infra): bump mypy to 2.1 and unify type-check config across the monorepo (#36470)
Originally a narrow bump of mypy to `1.20` in four packages. Expanded to
get the whole monorepo onto a single, current mypy and a consistent
type-check configuration, so contributors no longer hit different mypy
versions and divergent behavior depending on which package they touch.

### What changed

- **Unified the mypy pin to `>=2.1.0,<2.2.0`** in every mypy-using
package (6 libs + 14 partners), replacing the previously scattered pins
(`1.10`/`1.17`/`1.18`/`1.19`/`1.20`, with assorted upper bounds).
- **Unified the `[tool.mypy]` base per tier:**
- libs: `plugins = ["pydantic.mypy"]`, `strict = true`,
`enable_error_code = "deprecated"`, `warn_unreachable = true`
  - partners: `disallow_untyped_defs = true`
- Normalized style (`disallow_untyped_defs = "True"` string → bool,
quote/key consistency).
- **Fixed the 20 real errors** mypy 2.1 surfaces: `redundant-cast` from
improved narrowing (`core`, `langchain-classic`), a `var-annotated` for
`_LOGGED`, a return-type widening in `langchain-groq`'s
`_convert_from_v1_to_groq` (it can legitimately return a bare `str`),
and stale `type-arg`/`unused-ignore` in `langchain-model-profiles`
tests.

### Deliberate non-uniformity (documented inline in the relevant
`pyproject.toml`s)

Going fully byte-identical would surface ~196 additional errors that are
*not* real bugs, so two settings are kept package-appropriate:

- **`warn_unreachable`** is enabled on every strict lib **except
`core`**, where it false-flags intentional defensive code — including
the SSRF / IP-policy guards in `_security/` — as unreachable.
- **`pydantic.mypy` plugin** is used only on `anthropic` and
`perplexity` (their code is authored against it and reports ~99/~132
errors without it). It is *not* added to the other partners, where it
only flags the public alias constructor API (e.g. `ChatGroq(model=...)`)
in tests rather than finding bugs.
- **`ollama`** is left on its `ty` type checker; it does not use mypy.

---------

Co-authored-by: Mason Daugherty <github@mdrxy.com>
2026-06-11 00:24:59 -04:00
Mason Daugherty
030ec6010b release(core): 1.4.5 (#38056) 2026-06-10 22:49:27 -04:00
Mason Daugherty
43880362d8 feat(standard-tests): validate tool call chunks during streaming (#34707)
As a LangChain user streaming a tool-calling model, I expect each
streamed chunk to expose structured `tool_call_chunk` content blocks so
I can render or process tool calls live, instead of waiting for the
final aggregated message.

This adds `tool_call_streaming` to `ModelProfile` and uses it in the
standard chat-model tool-calling tests. When a model profile opts in,
`test_tool_calling` and `test_tool_calling_async` now validate that at
least one streamed chunk includes a `tool_call_chunk` block via
`content_blocks`, while preserving the existing final-message
validation.

This keeps the contract profile-gated so providers can opt in once their
streaming chunk shape is verified. This PR opts in the providers
verified by smoke testing with straightforward profile coverage: OpenAI,
Anthropic, Fireworks, HuggingFace, OpenRouter, DeepSeek, and xAI. The
generated profile artifacts are refreshed so runtime profiles expose the
new capability flag.

Perplexity Responses also passed the smoke test, but its current profile
data is for the `sonar` family while the Responses smoke path used a
routed model string. That profile strategy is left as follow-up.
MistralAI currently streams `.tool_call_chunks`, but its content-block
translator exposes a complete `tool_call` block instead of
`tool_call_chunk`, so it also stays out of this flag until that
integration is fixed.
2026-06-10 22:29:02 -04:00
Mason Daugherty
7cc9d0c84d fix(core): async tracer on_chat_model_start fallback in sync context (#35233)
Fixes #30870

When an `AsyncBaseTracer` with `_schema_format="original"` (the default)
is used with sync `llm.invoke()`, the `on_chat_model_start` to
`on_llm_start` fallback doesn't fire. The async handler returns a
coroutine instead of raising `NotImplementedError` synchronously, so it
bypasses the existing fallback logic and lands in `_run_coros`, which
only logs the error generically.

This fallback already works for sync handlers in sync context and async
handlers in async context. This PR closes the gap for async handlers in
sync context.
2026-06-10 22:15:29 -04:00
Mason Daugherty
6b9e22dbbc fix(langchain): tighten structured output model fallbacks (#38042)
Provider-native structured output fallback detection now uses bounded
model-name patterns instead of broad substring checks, reducing false
positives for unrelated model IDs. The model examples and test fixtures
across OpenAI/OpenRouter-facing code were refreshed around current
OpenAI model families while preserving shipped defaults.

## Changes
- Tightened `FALLBACK_MODELS_WITH_STRUCTURED_OUTPUT` from loose string
fragments to regex patterns, with `_supports_provider_strategy` matching
full model-name segments instead of arbitrary substrings.
- Expanded structured-output fallback coverage for newer OpenAI,
Anthropic, and xAI/Grok model families, including `gpt-5.x`, newer
Claude 4/5-style names, and `grok-build`.
- Reused `_attempt_infer_model_provider` in provider tool search routing
so `_provider_from_model_name` follows the same provider inference
behavior as `init_chat_model`.
- Suppressed irrelevant provider-inference deprecation warnings during
provider tool search registry lookup.
- Refreshed OpenAI, Azure OpenAI, OpenRouter, core metadata, and example
model references from older fixtures like `gpt-4`, `gpt-4o`, `o1`, and
`o4-mini` to current test/profile models such as `gpt-5.5`,
`gpt-5-nano`, and `gpt-4.1-mini`.
- Removed outdated OpenAI test assumptions around legacy `o1` behavior
and narrowed legacy structured-output checks to explicitly legacy model
names.
2026-06-10 21:18:14 -04:00
Mason Daugherty
8ac91e3f5f hotfix(core): bump lockfile(s) (#38032) 2026-06-10 17:05:23 -04:00
Mason Daugherty
2e832c23d4 release(core): 1.4.4 (#38031) 2026-06-10 17:02:02 -04:00
Mason Daugherty
f89f4c5afe fix(core): support content block tokens in callbacks (#34739)
Supersedes #34727
Closes #30703

Related:
* langchain-ai/langchain-google#1460
* langchain-ai/langchain-google#1501

Fixing this at the `langchain-core` callback layer instead of
normalizing inside individual provider integrations, so structured
streaming content is preserved consistently.

---

Models are increasingly streaming structured content blocks instead of
plain text tokens. For example, Gemini 3 can stream text as
content-block lists, and Anthropic/tool-use flows can also produce
non-text message content. Today those values already reach
`on_llm_new_token`, but the callback API still advertises `token: str`,
which makes custom callbacks, tracers, and streaming helpers assume
every streamed value is text.

User story: as a LangChain user building a streaming callback for chat
models with tool calls, reasoning/thinking blocks, or provider-specific
structured content, I need `on_llm_new_token` to accept the same content
shape that chat model chunks can actually emit, so my callback can
observe the stream without providers flattening or dropping non-text
data.

Fixing this in `langchain-core` makes the existing runtime behavior
explicit at the shared callback boundary. Normalizing content blocks
inside each provider would duplicate logic, produce inconsistent
behavior across integrations, and in some cases lose required provider
metadata such as Gemini thought signatures.

## Changes

- Update the callback contract so streamed tokens can be either plain
text or structured content blocks
- Carry structured streamed content through tracing and event/log
streaming paths without forcing provider data into text too early
- Keep built-in text-oriented streaming callbacks working by converting
structured tokens only at the display/queue boundary
- Drop the now-incorrect `cast("str", ...)` on streamed content in
`BaseChatModel` so the producer side matches the widened callback
signature instead of asserting a string it doesn't always have (no
runtime change — `cast` is erased)
- Align Anthropic and Mistral content typing with the structured content
shapes already used by chat model messages
- Update callback tests to reflect that not every streamed value is text

## Compatibility

No runtime behavior change: no producer emits anything it wasn't already
emitting, and widening a parameter type is safe for existing callers and
handlers that pass or receive `str`. The one caveat is downstream code
that subclasses a callback handler or tracer and overrides
`on_llm_new_token` with a `token: str` annotation — under strict type
checking that override is now narrower than the base and will be flagged
as incompatible with the supertype. Such code still runs unchanged; the
fix is to widen the annotation to match.
2026-06-10 16:59:08 -04:00
Christophe Bornet
720dfd3b09 chore(core): improve typing of Runnable __or__ (#34530)
`Runnable.__or__`, `Runnable.__ror__`, and their `RunnableSequence` and
`StructuredPrompt` overrides previously erased composition types: the
right-hand operand was typed `Runnable[Any, Other]`, so piping two
runnables together always produced `RunnableSerializable[Input, Any]`.
Type information was lost at every `|`, which is why chains so often
needed a `chain: Runnable = ...` annotation just to recover usable
inference.

This adds `@overload`s so the `Output` of one step flows into the
`Input` of the next and the composed result carries the real `Output`
type through. `Runnable[int, str] | Runnable[str, float]` now infers
`RunnableSerializable[int, float]` instead of `[int, Any]`.
`coerce_to_runnable` gains overloads so a `Mapping` resolves to
`RunnableParallel` while everything else stays a `Runnable`. As a
knock-on effect, dozens of now-unnecessary `: Runnable` annotations were
dropped from the test suite.

Runtime behavior is unchanged — this is a typing-only change.

## Impact on type-checked code

Most users will simply get better inference. Two changes can require a
small adjustment if you run a type checker (`mypy`, `pyright`):

### Stricter operand matching in `|`

The right-hand side of `|` is now typed `Runnable[Output, Other]` rather
than `Runnable[Any, Other]`, so the right operand's declared **input**
must match the left operand's **output**. This is more accurate, but it
surfaces a common pattern that was previously silent: piping a step that
outputs a plain `dict` into a step whose declared input is a more
specific type (for example a `TypedDict`). It still works at runtime;
the checker now reports an `[operator]` error.

If you hit this, narrow the boundary with a `cast` (or an explicit
annotation):

```python
from typing import Any, cast

from langchain_core.runnables import Runnable

# upstream outputs a dict; downstream declares a narrower input type
chain = cast("Runnable[Any, MyInput]", upstream) | downstream
```

### `list` → `Sequence` on `RunnableEach` / `map()`

`Runnable.map()` and the `invoke` / `ainvoke` methods of `RunnableEach`
now accept `Sequence[Input]` instead of `list[Input]`. Callers are
unaffected — a `list` is a `Sequence`, and tuples or other sequences now
type-check too. The only thing to adjust: if you **subclass**
`RunnableEach` (or `RunnableEachBase`) and override these methods with a
`list[...]` parameter, widen the annotation to `Sequence[...]` so the
override stays compatible with the base signature.

---------

Co-authored-by: Mason Daugherty <github@mdrxy.com>
2026-06-10 16:16:03 -04:00
Christophe Bornet
a063ec26dd chore(core): fix some any generics (#34545)
Co-authored-by: Mason Daugherty <github@mdrxy.com>
2026-06-10 15:32:14 -04:00
Mason Daugherty
8bc96308d0 fix(core): accept sequence tool error content (#38005)
`handle_tool_error` callables can now return structured message content
as any valid sequence, not just a mutable `list`. Valid structured
sequences are normalized to the `ToolMessage` content shape at the tool
output boundary, while invalid content still falls back to
stringification.

## Changes
- Widened `ToolExceptionHandlerOutput` from `list[str | dict[str, Any]]`
to `Sequence[MessageContentBlock]` so handlers returning `list[dict[str,
Any]]` or tuple content blocks type-check cleanly.
- Added `_normalize_message_content` to validate structured message
content and convert valid non-string sequences to the `list` shape
expected by `ToolMessage`.
- Preserved existing stringification behavior for invalid structured
content blocks instead of treating failed normalization as `None`.
- Removed the now-unused `_is_message_content_type` helper; output
formatting validates content directly through
`_normalize_message_content`.
2026-06-09 22:35:33 -04:00
Mason Daugherty
0f1b291f42 fix(core): type structured tool error handler output (#38003)
`handle_tool_error` callables can already return structured message
content at runtime, but the public typing only allowed strings. The tool
error handling API now reflects the existing output formatting path,
including clearer docs for how handled errors become
`ToolMessage(status="error")` results.
2026-06-09 21:18:19 -04:00
Mason Daugherty
ac18ef5871 docs(core): document multimodal handling in get_buffer_string (#37994)
Clarifies how `get_buffer_string` treats multimodal message content
across output formats. The docs now make the default prefix format's
text-only behavior explicit and point users to XML when they need
structured multimodal block representations.

This behavior may change in future iterations
2026-06-09 17:28:44 -04:00
Mason Daugherty
c15cfe21b6 release(core): 1.4.3 (#37991) 2026-06-09 16:27:57 -04:00
Nidhi Rajani
0f45b2c285 feat(openai): support apply_patch built-in tool (#37157)
[Docs](https://github.com/langchain-ai/docs/pull/4370)

Fixes #37031

Adds support for OpenAI Responses API `apply_patch` built-in tool.

This PR:
- Adds `apply_patch` to the OpenAI well-known tools list so
`bind_tools([{"type": "apply_patch"}])` works.
- Preserves `apply_patch_call` and `apply_patch_call_output` items when
converting OpenAI Responses API outputs into LangChain
`AIMessage.content`.
- Preserves the same item types in streaming `AIMessageChunk`
conversion.
- Supports round-trip input conversion for `apply_patch_call` and
`apply_patch_call_output`.
- Adds unit tests for core tool passthrough, non-streaming conversion,
streaming conversion, and round-trip input conversion.

## Testing

- `cd libs/core && uv run --group test pytest
tests/unit_tests/utils/test_function_calling.py -k "apply_patch" -vv`
- `cd libs/partners/openai && uv run --group test pytest
tests/unit_tests/chat_models/test_base.py -k "apply_patch" -vv`
- `cd libs/core && uv run --all-groups ruff check
langchain_core/utils/function_calling.py
tests/unit_tests/utils/test_function_calling.py`
- `cd libs/partners/openai && uv run --all-groups ruff check
langchain_openai/chat_models/base.py
tests/unit_tests/chat_models/test_base.py`

---------

Co-authored-by: Mason Daugherty <github@mdrxy.com>
Co-authored-by: Mason Daugherty <mason@langchain.dev>
2026-06-09 16:13:37 -04:00
Mason Daugherty
e096992984 release(core): 1.4.2 (#37968) 2026-06-08 14:16:11 -04:00
Christophe Bornet
74c23741b0 feat(core): deprecate problematic dict() method (#31685)
`dict()` is a problematic method name as it clashes with the builtin
`dict` used as a type annotation.
This PR replaces it with an `asdict` method (inspired by dataclasses).
It also fixes a few places where `dict` must be replaced by
`builtins.dict` until the `dict()` method is removed.

---------

Co-authored-by: Mason Daugherty <github@mdrxy.com>
2026-06-08 14:11:05 -04:00
Mason Daugherty
a401351e12 release(core): 1.4.1 (#37922) 2026-06-05 10:49:33 -04:00
Mason Daugherty
053c368ba4 fix(core): remove Bedrock prevalidation from load (#37909)
Removes the built-in Bedrock class init validator from `load` so Bedrock
kwargs such as `base_url` and `endpoint_url` are no longer specially
rejected during deserialization.

This keeps provider-specific SSRF policy out of core; callers should
continue to avoid untrusted manifests or use restrictive
`allowed_objects`.

Verified with `make format`, `make lint`, and the focused serialization
load unit tests.

AI-assisted contribution by Open SWE.

Made by [Open SWE](https://openswe.vercel.app)

---------

Co-authored-by: open-swe[bot] <215916821+open-swe[bot]@users.noreply.github.com>
2026-06-05 10:46:57 -04:00
Mason Daugherty
586bcd46a1 docs(core): expand and link ModelProfile docstrings (#37904)
Rewrote the `ModelProfile` docstrings to point readers at canonical
docs. The class docstring now explains how profiles are accessed and
where the data comes from, and several terse field docstrings gain a
one-line clarification or a link to the relevant guide.
2026-06-04 15:43:22 -04:00
Mason Daugherty
133887180e release(anthropic): 1.4.4 (#37757) 2026-05-28 16:17:11 -04:00
Mason Daugherty
95c6a8aa76 chore(core): bump uuid-utils to 0.16.0 (#37699)
Refresh `langchain-core`'s lockfile so the dev/CI environment resolves
`uuid-utils` to a release that ships free-threading wheels (`cp313t`,
`cp314t`). Unblocks `pip install` on Python 3.14 free-threaded builds —
previously the lock pinned `0.14.1`, which had no FT wheel and forced an
sdist build. Related to #34870.
2026-05-26 16:38:34 +00:00
Mason Daugherty
aef86c476d chore(infra): bump langchain-tests floor to 1.1.9 (#37610)
Bumps the `langchain-tests` minimum across the monorepo from `1.0.0` to
`1.1.9` and adds a partner-level `Makefile` so partner lockfiles can be
regenerated in one command, matching the existing convention under
`libs/`.
2026-05-21 13:36:22 -05:00
Mason Daugherty
ebc1880444 release(standard-tests): 1.1.9 (#37609) 2026-05-21 13:22:16 -05:00
dependabot[bot]
8cead6b77a chore: bump idna from 3.11 to 3.15 in /libs/core (#37539)
Bumps [idna](https://github.com/kjd/idna) from 3.11 to 3.15.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/kjd/idna/blob/master/HISTORY.md">idna's
changelog</a>.</em></p>
<blockquote>
<h2>3.15 (2026-05-12)</h2>
<ul>
<li>Enforce DNS-length cap on individual labels early in
<code>check_label</code>,
short-circuiting contextual-rule processing for oversized input
while staying compatible with UTS 46 usage.</li>
<li>Tidy core helpers: hoist bidi category sets to module-level
frozensets (avoiding per-codepoint list construction), simplify
length checks, and reuse the shared <code>_unicode_dots_re</code> from
<code>idna.core</code> in the codec module.</li>
<li>Use <code>raise ... from err</code> for proper exception chaining
and
switch internal string formatting to f-strings.</li>
<li>Allow <code>flit_core</code> 4.x in the build backend.</li>
<li>Expand the ruff lint set (flake8-bugbear, flake8-simplify,
pyupgrade, perflint) and apply the surfaced fixes; pin lint CI
to Python 3.14.</li>
<li>Add Dependabot configuration for GitHub Actions.</li>
<li>Convert README and HISTORY from reStructuredText to Markdown.</li>
<li>Reference CVE-2026-45409 for the 3.14 advisory in place of the
initial GHSA identifier.</li>
</ul>
<p>Thanks to Felix Yan, Stan Ulbrych, and metsw24-max for
contributions to this release.</p>
<h2>3.14 (2026-05-10)</h2>
<ul>
<li>Removed opportunity to process long inputs into quadratic
time by rejecting oversize inputs up-front. Closes a bypass
of the CVE-2024-3651 mitigation. [CVE-2026-45409]</li>
</ul>
<p>Thanks to Stan Ulbrych for reporting the issue.</p>
<h2>3.13 (2026-04-22)</h2>
<ul>
<li>Correct classification error for codepoint U+A7F1</li>
</ul>
<h2>3.12 (2026-04-21)</h2>
<ul>
<li>Update to Unicode 17.0.0.</li>
<li>Issue a deprecation warning for the transitional argument.</li>
<li>Added lazy-loading to provide some performance improvements.</li>
<li>Removed vestiges of code related to Python 2 support, including
segmentation of data structures specific to Jython.</li>
</ul>
<p>Thanks to Rodrigo Nogueira for contributions to this release.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="af30a092e1"><code>af30a09</code></a>
Release 3.15</li>
<li><a
href="30314d4628"><code>30314d4</code></a>
Pre-release 3.15rc0</li>
<li><a
href="05d4b219aa"><code>05d4b21</code></a>
Merge pull request <a
href="https://redirect.github.com/kjd/idna/issues/237">#237</a> from
kjd/convert-docs-to-markdown</li>
<li><a
href="2987fdba19"><code>2987fdb</code></a>
Convert README and HISTORY from reStructuredText to Markdown</li>
<li><a
href="59fa8002d5"><code>59fa800</code></a>
Merge pull request <a
href="https://redirect.github.com/kjd/idna/issues/236">#236</a> from
kjd/dependabot/github_actions/actions-f3e34333ea</li>
<li><a
href="def69834ce"><code>def6983</code></a>
Merge branch 'master' into
dependabot/github_actions/actions-f3e34333ea</li>
<li><a
href="bbd8004a79"><code>bbd8004</code></a>
Merge pull request <a
href="https://redirect.github.com/kjd/idna/issues/234">#234</a> from
StanFromIreland/patch-1</li>
<li><a
href="edd07c0502"><code>edd07c0</code></a>
Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions
group</li>
<li><a
href="5557db030c"><code>5557db0</code></a>
Merge branch 'master' into patch-1</li>
<li><a
href="f11746cf49"><code>f11746c</code></a>
Merge pull request <a
href="https://redirect.github.com/kjd/idna/issues/235">#235</a> from
StanFromIreland/patch-2</li>
<li>Additional commits viewable in <a
href="https://github.com/kjd/idna/compare/v3.11...v3.15">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=uv&previous-version=3.11&new-version=3.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-19 14:33:58 -05:00
Mason Daugherty
abd9d4ce31 ci(infra): harden Dependabot version-bound preservation (#37510)
Dependabot has been stripping upper/lower bounds from internal
`langchain-*` deps in partner `pyproject.toml` files (e.g. #37288
reduced `langchain-core>=1.3.2,<2.0.0` to bare `langchain-core`). Locks
down the config so bumps preserve existing specifiers, and restores the
bounds it already mangled across the monorepo.

## Changes
- Add `versioning-strategy: increase` to every `uv` ecosystem block in
`.github/dependabot.yml` so future bumps move the lower bound in place
instead of rewriting the constraint.
- Ignore workspace-internal packages (`langchain-core`, `langchain`,
`langchain-classic`, `langchain-text-splitters`, `langchain-tests`,
`langchain-model-profiles`) on every `uv` block — these are editable
installs from local paths and their published constraints are
hand-curated for release, not Dependabot's to bump.
- Restore stripped bounds across all `libs/` packages — runtime
`dependencies` and every dep group (`test`, `dev`, `test_integration`,
`typing`, `lint`) — to `>=1.4.0,<2.0.0` for `langchain-core` and
`>=1.0.0,<2.0.0` for the other internal packages.
2026-05-18 17:24:19 -05:00
Mason Daugherty
c7daed8c0f hotfix: bump lockfiles (#37508) 2026-05-18 16:18:26 -05:00
Mason Daugherty
764db7afab docs(core): note override for _get_ls_params (#37503) 2026-05-18 14:00:26 -05:00
Mason Daugherty
6c091564ac chore(core,langchain,openai): refresh stale OpenAI model references (#37487) 2026-05-18 01:06:42 -05:00
dependabot[bot]
ca4823eb7a chore: bump langsmith from 0.7.31 to 0.8.0 in /libs/core (#37395)
Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from
0.7.31 to 0.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/langchain-ai/langsmith-sdk/releases">langsmith's
releases</a>.</em></p>
<blockquote>
<h2>v0.8.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat(js,py): JS 0.6.0, Py 0.8.0 by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2831">langchain-ai/langsmith-sdk#2831</a></li>
<li>release(js): 0.6.0 by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2832">langchain-ai/langsmith-sdk#2832</a></li>
<li>release(py): 0.8.0 by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2833">langchain-ai/langsmith-sdk#2833</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.38...v0.8.0">https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.38...v0.8.0</a></p>
<h2>v0.7.38</h2>
<h2>What's Changed</h2>
<ul>
<li>feat(js): add tracing of opencode by <a
href="https://github.com/dqbd"><code>@​dqbd</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2776">langchain-ai/langsmith-sdk#2776</a></li>
<li>chore(js): Remove types/uuid by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2814">langchain-ai/langsmith-sdk#2814</a></li>
<li>docs(sandbox): document default idle TTL of 10 minutes by <a
href="https://github.com/DanielKneipp"><code>@​DanielKneipp</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2788">langchain-ai/langsmith-sdk#2788</a></li>
<li>ci(py): Bump pytest timeout to 2m by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2815">langchain-ai/langsmith-sdk#2815</a></li>
<li>chore(deps-dev): bump the js-minor-and-patch group across 1
directory with 4 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2803">langchain-ai/langsmith-sdk#2803</a></li>
<li>chore(deps): update sphinx-autobuild requirement from &gt;=2024 to
&gt;=2024.10.3 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2809">langchain-ai/langsmith-sdk#2809</a></li>
<li>chore(deps): update myst-nb requirement from &gt;=1.1.1 to
&gt;=1.4.0 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2810">langchain-ai/langsmith-sdk#2810</a></li>
<li>chore(deps-dev): bump types-pyyaml from 6.0.12.20250915 to
6.0.12.20260408 in /python by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2812">langchain-ai/langsmith-sdk#2812</a></li>
<li>chore(deps-dev): bump <code>@​langchain/openai</code> from 0.5.18 to
0.6.17 in /js by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2806">langchain-ai/langsmith-sdk#2806</a></li>
<li>chore(deps): bump the py-minor-and-patch group across 1 directory
with 18 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2808">langchain-ai/langsmith-sdk#2808</a></li>
<li>feat(py): Adds strands OTEL exporter by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2817">langchain-ai/langsmith-sdk#2817</a></li>
<li>chore(js): Switch to oxfmt and oxlint by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2819">langchain-ai/langsmith-sdk#2819</a></li>
<li>fix(py): fix RunTree ValidationError when inputs or outputs is a
Pydantic BaseModel by <a
href="https://github.com/QuentinBrosse"><code>@​QuentinBrosse</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2820">langchain-ai/langsmith-sdk#2820</a></li>
<li>chore: add apac support by <a
href="https://github.com/joaquin-borggio-lc"><code>@​joaquin-borggio-lc</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2821">langchain-ai/langsmith-sdk#2821</a></li>
<li>fix(js): Pull Claude Agent SDK subagent runs from transcript, add
tool span for subagents, merge message blocks by id by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2816">langchain-ai/langsmith-sdk#2816</a></li>
<li>release(js): 0.5.26 by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2824">langchain-ai/langsmith-sdk#2824</a></li>
<li>release(py): 0.7.38 by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2825">langchain-ai/langsmith-sdk#2825</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.37...v0.7.38">https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.37...v0.7.38</a></p>
<h2>v0.7.37</h2>
<h2>What's Changed</h2>
<ul>
<li>perf(js): Offload serialize to worker thread at flush time by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2781">langchain-ai/langsmith-sdk#2781</a></li>
<li>release(js): 0.5.24 by <a
href="https://github.com/emil-lc"><code>@​emil-lc</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2790">langchain-ai/langsmith-sdk#2790</a></li>
<li>chore(js): Fix perf test flagging by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2792">langchain-ai/langsmith-sdk#2792</a></li>
<li>feat(js,python): Adds hub model config and provider to schemas by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2793">langchain-ai/langsmith-sdk#2793</a></li>
<li>fix(js): minor test improvements by <a
href="https://github.com/christian-bromann"><code>@​christian-bromann</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2429">langchain-ai/langsmith-sdk#2429</a></li>
<li>fix(js): Include auth headers on info requests by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2800">langchain-ai/langsmith-sdk#2800</a></li>
<li>release(js): 0.5.25 by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2801">langchain-ai/langsmith-sdk#2801</a></li>
<li>fix(python): flush both tracing_queue and compressed_traces in
flush() by <a
href="https://github.com/angus-langchain"><code>@​angus-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2796">langchain-ai/langsmith-sdk#2796</a></li>
<li>chore(deps): bump postcss from 8.5.8 to 8.5.10 in
/js/internal/environment_tests/test-exports-vite in the npm_and_yarn
group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2791">langchain-ai/langsmith-sdk#2791</a></li>
<li>chore(deps-dev): bump google-adk from 1.10.0 to 1.28.1 in /python by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2794">langchain-ai/langsmith-sdk#2794</a></li>
<li>fix(python): flush pending traces during Client.cleanup() by <a
href="https://github.com/angus-langchain"><code>@​angus-langchain</code></a>
in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2799">langchain-ai/langsmith-sdk#2799</a></li>
<li>fix(py): Fix concurrency for multiple Claude Agent SDK sessions by
<a href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in
<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2795">langchain-ai/langsmith-sdk#2795</a></li>
<li>release(py): 0.7.37 by <a
href="https://github.com/jacoblee93"><code>@​jacoblee93</code></a> in <a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/pull/2802">langchain-ai/langsmith-sdk#2802</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.36...v0.7.37">https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.36...v0.7.37</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cf01c873d5"><code>cf01c87</code></a>
release(py): 0.8.0 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2833">#2833</a>)</li>
<li><a
href="fd049c8464"><code>fd049c8</code></a>
release(js): 0.6.0 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2832">#2832</a>)</li>
<li><a
href="092a8866c4"><code>092a886</code></a>
feat(js,py): JS 0.6.0, Py 0.8.0 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2831">#2831</a>)</li>
<li><a
href="ff180c0423"><code>ff180c0</code></a>
release(py): 0.7.38 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2825">#2825</a>)</li>
<li><a
href="d9de3ca801"><code>d9de3ca</code></a>
release(js): 0.5.26 (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2824">#2824</a>)</li>
<li><a
href="1428394831"><code>1428394</code></a>
fix(js): Pull Claude Agent SDK subagent runs from transcript, add tool
span f...</li>
<li><a
href="838e957d80"><code>838e957</code></a>
chore: add apac support (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2821">#2821</a>)</li>
<li><a
href="003f22a768"><code>003f22a</code></a>
fix(py): fix RunTree ValidationError when inputs or outputs is a
Pydantic Bas...</li>
<li><a
href="8f5ef27c2d"><code>8f5ef27</code></a>
chore(js): Switch to oxfmt and oxlint (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2819">#2819</a>)</li>
<li><a
href="9873633c9f"><code>9873633</code></a>
feat(py): Adds strands OTEL exporter (<a
href="https://redirect.github.com/langchain-ai/langsmith-sdk/issues/2817">#2817</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/langchain-ai/langsmith-sdk/compare/v0.7.31...v0.8.0">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-15 17:22:32 -07:00
Nick Hollon
3802938f1c fix(core): accept Serializable constructor-envelope wire shape in _convert_to_message (#37456) 2026-05-15 15:34:04 -07:00
Nick Hollon
f42d80ca1c fix(core): preserve chunk additional_kwargs across v3 stream assembly (#37435)
The v3 streaming path drops `additional_kwargs` from per-chunk
`AIMessageChunk`s during assembly: `chunks_to_events` emits no event
field for them, and `ChatModelStream._assemble_message` constructs the
final `AIMessage` without an `additional_kwargs` argument. Non-streaming
`ainvoke` returns the provider message unchanged, so streaming and
non-streaming diverge for any provider that uses `additional_kwargs` to
carry data outside the typed protocol blocks.

## How this surfaces

The concrete failure mode is Gemini's
`__gemini_function_call_thought_signatures__` — a per-tool-call
signature blob the Google GenAI integration places in
`additional_kwargs`, keyed by `tool_call_id`. Gemini requires that
signature on follow-up turns to replay the prior thought trace; without
it, multi-turn streaming flows lose thought continuity (and may
regenerate thinking, charging additional reasoning tokens, or in some
cases refuse). Other providers that use `additional_kwargs` (e.g. older
`function_call` accumulators, custom routing metadata) hit the same gap;
the fix is intentionally provider-agnostic.

## Fix

Provider-agnostic, two seams:

- `_compat_bridge` accumulates `msg.additional_kwargs` across chunks
with `merge_dicts` (matching `AIMessageChunk`'s own merge semantics for
fields that accumulate, like `function_call`) and emits the merged dict
on the `message-finish` event as an off-spec extension. The bridge
already uses one such extension (`metadata` on `MessageFinishData`);
this PR follows the same pattern for `additional_kwargs`.
- `ChatModelStream._finish` reads the new field; `_assemble_message`
threads it onto the final `AIMessage` only when non-empty, preserving
today's behavior of leaving `additional_kwargs` empty when no provider
data needs to ride on it.
2026-05-14 11:19:45 -07:00
Nick Hollon
649d82f206 fix(core): preserve reasoning blocks alongside tool_call in v3 stream (#37434)
Closes #37420

---

`stream_events(version="v3")` (and the `astream_events` async twin)
silently dropped reasoning content from the final assembled `AIMessage`
whenever the same message also produced a tool_call. The bug reproduces
against Gemini 2.5 Pro with `include_thoughts=True`: reasoning streams
correctly through `ChatModelStream.reasoning`, but the persisted message
in the final graph state carries only the `tool_call` block.

## Root cause

`_iter_protocol_blocks` in the compat bridge groups per-chunk content
blocks by source-side identifier. When a provider doesn't supply an
`index` field on its content blocks — which the Google GenAI translator
does not for either `reasoning` or `tool_call` blocks — the bridge falls
back to positional `i` as the bucket key. Because Gemini typically emits
one block per chunk, every reasoning chunk and the later tool_call chunk
all key to `0`, and the type mismatch trips `_accumulate`'s
self-contained `else` branch. That branch clears accumulated reasoning
state and replaces it with the incoming tool_call, so reasoning never
reaches `content-block-finish`.

## Fix

When a block has no source-side `index`, key it by `("__lc_no_index__",
block_type, positional_i)` instead of bare `i`. Same-type chunks at the
same position still share a bucket and merge cleanly (streaming text and
reasoning unchanged); different-type chunks at the same position now
occupy distinct wire blocks and both reach `content-block-finish`.
Providers that supply explicit indices (Anthropic, OpenAI Responses) are
unaffected.

## Verification

Unit-tested at the compat-bridge layer for both sync
(`chunks_to_events`) and async (`achunks_to_events`) paths.

Verified live against Gemini 2.5 Pro `gemini-2.5-pro` with
`thinking_budget=2048`, `include_thoughts=True`, and a single
`get_weather` tool. Pre-fix:
`final_state.messages[tool_calling_ai_message].content == [{type:
tool_call, ...}]`. Post-fix: `[..., {type: reasoning, reasoning: "..."},
{type: tool_call, ...}]`, matching the shape `ainvoke` returns on the
same input.
2026-05-14 11:11:30 -07:00
dependabot[bot]
e8ca09d54e chore: bump jupyter-server from 2.17.0 to 2.18.0 in /libs/core (#37354)
Bumps [jupyter-server](https://github.com/jupyter-server/jupyter_server)
from 2.17.0 to 2.18.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jupyter-server/jupyter_server/releases">jupyter-server's
releases</a>.</em></p>
<blockquote>
<h2>v2.18.0</h2>
<h2>2.18.0</h2>
<p>(<a
href="https://github.com/jupyter-server/jupyter_server/compare/v2.17.0...49b34392feaa97735b3b777e3baf8f22f2a14ed8">Full
Changelog</a>)</p>
<h3>Security patches</h3>
<ul>
<li>CVE-2026-40110 <a
href="https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-24qx-w28j-9m6p">https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-24qx-w28j-9m6p</a></li>
<li>CVE-2025-61669 <a
href="https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-qh7q-6qm3-653w">https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-qh7q-6qm3-653w</a></li>
<li>CVE-2026-40934 <a
href="https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-5mrq-x3x5-8v8f">https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-5mrq-x3x5-8v8f</a></li>
<li>CVE-2026-35397 <a
href="https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-5789-5fc7-67v3">https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-5789-5fc7-67v3</a></li>
</ul>
<h3>API and Breaking Changes</h3>
<ul>
<li>Add query param to sanitize HTML in GET /nbconvert/html <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1618">#1618</a>
(<a href="https://github.com/Yann-P"><code>@​Yann-P</code></a>, <a
href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
</ul>
<h3>Enhancements made</h3>
<ul>
<li>Update handlers.py to fix ioloop blockers(sync file operations) <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1617">#1617</a>
(<a
href="https://github.com/zolyfarkas-fb"><code>@​zolyfarkas-fb</code></a>,
<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Add resolvePath API for resolving kernel-relative paths <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1331">#1331</a>
(<a href="https://github.com/krassowski"><code>@​krassowski</code></a>,
<a href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/blink1073"><code>@​blink1073</code></a>)</li>
</ul>
<h3>Bugs fixed</h3>
<ul>
<li>Move check origin into a util function and add it to websocket <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1630">#1630</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/Yann-P"><code>@​Yann-P</code></a>)</li>
<li>Fix flaky test_restart_kernel by unsticking nudge() after
port-changing restart <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1628">#1628</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/claude"><code>@​claude</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
<li>Try to fix flaky test &quot;test_restart_kernel&quot; <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1625">#1625</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Fix potential unraisable pytest error <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1624">#1624</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>fix: use %s placeholders in HTTPError to prevent Tornado from
doubling % in gateway URLs <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1620">#1620</a>
(<a
href="https://github.com/terminalchai"><code>@​terminalchai</code></a>,
<a href="https://github.com/krassowski"><code>@​krassowski</code></a>,
<a href="https://github.com/ptch314"><code>@​ptch314</code></a>)</li>
<li>Fix three file descriptor leaks in kernel connection lifecycle (<a
href="https://redirect.github.com/jupyter-server/jupyter_server/issues/1506">#1506</a>)
<a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1619">#1619</a>
(<a href="https://github.com/tonyx93"><code>@​tonyx93</code></a>, <a
href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Use web.HTTPError for kernel restart failures <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1616">#1616</a>
(<a href="https://github.com/YDawn"><code>@​YDawn</code></a>, <a
href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Handle EADDRINUSE and EACCES in _bind_http_server_tcp <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1613">#1613</a>
(<a href="https://github.com/YDawn"><code>@​YDawn</code></a>, <a
href="https://github.com/Zsailer"><code>@​Zsailer</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>Use st_birthtime for file created timestamp on macOS/BSD <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1594">#1594</a>
(<a href="https://github.com/ktaletsk"><code>@​ktaletsk</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>Fix double write when refusing hidden files in contents handler <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1585">#1585</a>
(<a href="https://github.com/Krish-876"><code>@​Krish-876</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>Close all sockets in _find_http_port explicitly <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1584">#1584</a>
(<a
href="https://github.com/MaryushSoroka"><code>@​MaryushSoroka</code></a>,
<a href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>Fix writing on remote file systems with attribute cache <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1574">#1574</a>
(<a href="https://github.com/krassowski"><code>@​krassowski</code></a>,
<a href="https://github.com/Zsailer"><code>@​Zsailer</code></a>)</li>
<li>Add IdentityProvider.cookie_secret_hook <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1569">#1569</a>
(<a href="https://github.com/emin63"><code>@​emin63</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>fix context pollution <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1561">#1561</a>
(<a href="https://github.com/dualc"><code>@​dualc</code></a>, <a
href="https://github.com/Zsailer"><code>@​Zsailer</code></a>)</li>
<li>Fix gateway cookie handling <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1558">#1558</a>
(<a
href="https://github.com/kevin-bates"><code>@​kevin-bates</code></a>, <a
href="https://github.com/RRosio"><code>@​RRosio</code></a>, <a
href="https://github.com/lresende"><code>@​lresende</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>fix connection exception cause high cpu load <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1484">#1484</a>
(<a href="https://github.com/dualc"><code>@​dualc</code></a>, <a
href="https://github.com/lresende"><code>@​lresende</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
</ul>
<h3>Maintenance and upkeep improvements</h3>
<ul>
<li>Start to test on Python 3.13 and 3.14 <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1623">#1623</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Bump actions/create-github-app-token from 2 to 3 in the actions
group across 1 directory <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1621">#1621</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Bump brace-expansion from 1.1.12 to 1.1.13 <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1615">#1615</a>
(<a href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>Fix package spec for jupytext <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1614">#1614</a>
(<a href="https://github.com/krassowski"><code>@​krassowski</code></a>,
<a href="https://github.com/Zsailer"><code>@​Zsailer</code></a>)</li>
<li>chore: update pre-commit hooks <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1607">#1607</a>
(<a href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>try to fix ci on windows <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1600">#1600</a>
(<a href="https://github.com/minrk"><code>@​minrk</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
<li>run prerelease tests on 3.14 <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1599">#1599</a>
(<a href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>Pin sphinx to an older version (&lt;9) to fix docs <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1597">#1597</a>
(<a href="https://github.com/krassowski"><code>@​krassowski</code></a>,
<a href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jupyter-server/jupyter_server/blob/main/CHANGELOG.md">jupyter-server's
changelog</a>.</em></p>
<blockquote>
<h2>2.18.0</h2>
<p>(<a
href="https://github.com/jupyter-server/jupyter_server/compare/v2.9.1...49b34392feaa97735b3b777e3baf8f22f2a14ed8">Full
Changelog</a>)</p>
<h3>API and Breaking Changes</h3>
<ul>
<li>Add query param to sanitize HTML in GET /nbconvert/html <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1618">#1618</a>
(<a href="https://github.com/Yann-P"><code>@​Yann-P</code></a>, <a
href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
</ul>
<h3>Enhancements made</h3>
<ul>
<li>Update handlers.py to fix ioloop blockers(sync file operations) <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1617">#1617</a>
(<a
href="https://github.com/zolyfarkas-fb"><code>@​zolyfarkas-fb</code></a>,
<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Avoid redundant call to <code>_get_os_path</code> in
<code>_dir_model</code> <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1547">#1547</a>
(<a href="https://github.com/joeyutong"><code>@​joeyutong</code></a>, <a
href="https://github.com/vidartf"><code>@​vidartf</code></a>)</li>
<li>Allow specifying extra params to scrub from logs <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1538">#1538</a>
(<a href="https://github.com/jtpio"><code>@​jtpio</code></a>, <a
href="https://github.com/Zsailer"><code>@​Zsailer</code></a>, <a
href="https://github.com/vidartf"><code>@​vidartf</code></a>)</li>
<li>Add a logger to the ExtensionPoint API <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1523">#1523</a>
(<a href="https://github.com/Zsailer"><code>@​Zsailer</code></a>, <a
href="https://github.com/vidartf"><code>@​vidartf</code></a>)</li>
<li>Allow user to update identity values <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1518">#1518</a>
(<a href="https://github.com/brichet"><code>@​brichet</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>If ServerApp.ip is ipv6 use [::1] as local_url <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1495">#1495</a>
(<a href="https://github.com/manics"><code>@​manics</code></a>, <a
href="https://github.com/afshin"><code>@​afshin</code></a>)</li>
<li>Better error message when starting kernel for session. <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1478">#1478</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/davidbrochart"><code>@​davidbrochart</code></a>,
<a href="https://github.com/krassowski"><code>@​krassowski</code></a>,
<a href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>Add a traitlet to disable recording HTTP request metrics <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1472">#1472</a>
(<a href="https://github.com/yuvipanda"><code>@​yuvipanda</code></a>, <a
href="https://github.com/Zsailer"><code>@​Zsailer</code></a>)</li>
<li>prometheus: Expose 3 activity metrics <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1471">#1471</a>
(<a href="https://github.com/yuvipanda"><code>@​yuvipanda</code></a>, <a
href="https://github.com/Zsailer"><code>@​Zsailer</code></a>)</li>
<li>Add prometheus info metrics listing server extensions + versions <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1470">#1470</a>
(<a href="https://github.com/yuvipanda"><code>@​yuvipanda</code></a>, <a
href="https://github.com/Zsailer"><code>@​Zsailer</code></a>)</li>
<li>Add prometheus metric with version information <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1467">#1467</a>
(<a href="https://github.com/yuvipanda"><code>@​yuvipanda</code></a>, <a
href="https://github.com/Zsailer"><code>@​Zsailer</code></a>)</li>
<li>Don't hide .so,.dylib files by default <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1457">#1457</a>
(<a href="https://github.com/nokados"><code>@​nokados</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>, <a
href="https://github.com/vidartf"><code>@​vidartf</code></a>)</li>
<li>Better hash format error message <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1442">#1442</a>
(<a href="https://github.com/fcollonval"><code>@​fcollonval</code></a>,
<a href="https://github.com/Zsailer"><code>@​Zsailer</code></a>)</li>
<li>Removing excessive logging from reading local files <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1420">#1420</a>
(<a href="https://github.com/lresende"><code>@​lresende</code></a>, <a
href="https://github.com/kevin-bates"><code>@​kevin-bates</code></a>)</li>
<li>Add async start hook to ExtensionApp API <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1417">#1417</a>
(<a href="https://github.com/Zsailer"><code>@​Zsailer</code></a>, <a
href="https://github.com/Darshan808"><code>@​Darshan808</code></a>, <a
href="https://github.com/bollwyvl"><code>@​bollwyvl</code></a>, <a
href="https://github.com/fcollonval"><code>@​fcollonval</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
<li>Do not include token in dashboard link, when available <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1406">#1406</a>
(<a href="https://github.com/minrk"><code>@​minrk</code></a>, <a
href="https://github.com/blink1073"><code>@​blink1073</code></a>)</li>
<li>Add an option to have authentication enabled for all endpoints by
default <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1392">#1392</a>
(<a href="https://github.com/krassowski"><code>@​krassowski</code></a>,
<a href="https://github.com/Wh1isper"><code>@​Wh1isper</code></a>, <a
href="https://github.com/blink1073"><code>@​blink1073</code></a>, <a
href="https://github.com/bollwyvl"><code>@​bollwyvl</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>, <a
href="https://github.com/yuvipanda"><code>@​yuvipanda</code></a>)</li>
<li>websockets: add configurations for ping interval and timeout <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1391">#1391</a>
(<a
href="https://github.com/oliver-sanders"><code>@​oliver-sanders</code></a>,
<a
href="https://github.com/blink1073"><code>@​blink1073</code></a>)</li>
<li>log extension import time at debug level unless it's actually slow
<a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1375">#1375</a>
(<a href="https://github.com/minrk"><code>@​minrk</code></a>, <a
href="https://github.com/Zsailer"><code>@​Zsailer</code></a>, <a
href="https://github.com/yuvipanda"><code>@​yuvipanda</code></a>)</li>
<li>Add support for async Authorizers (part 2) <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1374">#1374</a>
(<a href="https://github.com/Zsailer"><code>@​Zsailer</code></a>, <a
href="https://github.com/blink1073"><code>@​blink1073</code></a>)</li>
<li>Support async Authorizers <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1373">#1373</a>
(<a href="https://github.com/Zsailer"><code>@​Zsailer</code></a>, <a
href="https://github.com/blink1073"><code>@​blink1073</code></a>)</li>
<li>Support get file(notebook) md5 <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1363">#1363</a>
(<a href="https://github.com/Wh1isper"><code>@​Wh1isper</code></a>, <a
href="https://github.com/blink1073"><code>@​blink1073</code></a>, <a
href="https://github.com/bollwyvl"><code>@​bollwyvl</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
<li>Update kernel env to reflect changes in session <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1354">#1354</a>
(<a href="https://github.com/blink1073"><code>@​blink1073</code></a>, <a
href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
<li>Add resolvePath API for resolving kernel-relative paths <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1331">#1331</a>
(<a href="https://github.com/krassowski"><code>@​krassowski</code></a>,
<a href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/blink1073"><code>@​blink1073</code></a>)</li>
</ul>
<h3>Bugs fixed</h3>
<ul>
<li>Move check origin into a util function and add it to websocket <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1630">#1630</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/Yann-P"><code>@​Yann-P</code></a>)</li>
<li>Fix flaky test_restart_kernel by unsticking nudge() after
port-changing restart <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1628">#1628</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>, <a
href="https://github.com/claude"><code>@​claude</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>)</li>
<li>Try to fix flaky test &quot;test_restart_kernel&quot; <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1625">#1625</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Fix potential unraisable pytest error <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1624">#1624</a>
(<a href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>fix: use %s placeholders in HTTPError to prevent Tornado from
doubling % in gateway URLs <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1620">#1620</a>
(<a
href="https://github.com/terminalchai"><code>@​terminalchai</code></a>,
<a href="https://github.com/krassowski"><code>@​krassowski</code></a>,
<a href="https://github.com/ptch314"><code>@​ptch314</code></a>)</li>
<li>Fix three file descriptor leaks in kernel connection lifecycle (<a
href="https://redirect.github.com/jupyter-server/jupyter_server/issues/1506">#1506</a>)
<a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1619">#1619</a>
(<a href="https://github.com/tonyx93"><code>@​tonyx93</code></a>, <a
href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Use web.HTTPError for kernel restart failures <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1616">#1616</a>
(<a href="https://github.com/YDawn"><code>@​YDawn</code></a>, <a
href="https://github.com/Carreau"><code>@​Carreau</code></a>)</li>
<li>Handle EADDRINUSE and EACCES in _bind_http_server_tcp <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1613">#1613</a>
(<a href="https://github.com/YDawn"><code>@​YDawn</code></a>, <a
href="https://github.com/Zsailer"><code>@​Zsailer</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>Use st_birthtime for file created timestamp on macOS/BSD <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1594">#1594</a>
(<a href="https://github.com/ktaletsk"><code>@​ktaletsk</code></a>, <a
href="https://github.com/krassowski"><code>@​krassowski</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>Fix double write when refusing hidden files in contents handler <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1585">#1585</a>
(<a href="https://github.com/Krish-876"><code>@​Krish-876</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>Close all sockets in _find_http_port explicitly <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1584">#1584</a>
(<a
href="https://github.com/MaryushSoroka"><code>@​MaryushSoroka</code></a>,
<a href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
<li>Fix writing on remote file systems with attribute cache <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1574">#1574</a>
(<a href="https://github.com/krassowski"><code>@​krassowski</code></a>,
<a href="https://github.com/Zsailer"><code>@​Zsailer</code></a>)</li>
<li>Add IdentityProvider.cookie_secret_hook <a
href="https://redirect.github.com/jupyter-server/jupyter_server/pull/1569">#1569</a>
(<a href="https://github.com/emin63"><code>@​emin63</code></a>, <a
href="https://github.com/minrk"><code>@​minrk</code></a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0ceed45a80"><code>0ceed45</code></a>
Publish 2.18.0</li>
<li><a
href="49b34392fe"><code>49b3439</code></a>
Move check origin into a util function and add it to websocket (<a
href="https://redirect.github.com/jupyter-server/jupyter_server/issues/1630">#1630</a>)</li>
<li><a
href="e2e08c845d"><code>e2e08c8</code></a>
Add test case for bad next URL format</li>
<li><a
href="624d6c0daf"><code>624d6c0</code></a>
Delete outdated patch code</li>
<li><a
href="d825b93d9c"><code>d825b93</code></a>
Apply suggestion from <a
href="https://github.com/minrk"><code>@​minrk</code></a></li>
<li><a
href="789fed081a"><code>789fed0</code></a>
patch open redirect in /login</li>
<li><a
href="2ee51eccf3"><code>2ee51ec</code></a>
fix(CVE-2026-35397): path traversal when target dir starts with root
dir</li>
<li><a
href="057869a327"><code>057869a</code></a>
Fix allow_origin_pat to do full matching instead of prefix matching</li>
<li><a
href="4862199a0f"><code>4862199</code></a>
Add resolvePath API for resolving kernel-relative paths</li>
<li><a
href="e31d51406d"><code>e31d514</code></a>
Bump actions/create-github-app-token from 2 to 3 in the actions group
across ...</li>
<li>Additional commits viewable in <a
href="https://github.com/jupyter-server/jupyter_server/compare/v2.17.0...v2.18.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jupyter-server&package-manager=uv&previous-version=2.17.0&new-version=2.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-11 14:48:54 -07:00
dependabot[bot]
9b6af7fad8 chore: bump mistune from 3.1.4 to 3.2.1 in /libs/core (#37353)
Bumps [mistune](https://github.com/lepture/mistune) from 3.1.4 to 3.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/lepture/mistune/releases">mistune's
releases</a>.</em></p>
<blockquote>
<h2>v3.2.1</h2>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li>Resolve Windows compatibility issues in file inclusion and tests  - 
by <a href="https://github.com/Yuki9814"><code>@​Yuki9814</code></a> <a
href="https://github.com/lepture/mistune/commit/2547102"><!-- raw HTML
omitted -->(25471)<!-- raw HTML omitted --></a></li>
<li>Escape html text  -  by <a
href="https://github.com/lepture"><code>@​lepture</code></a> <a
href="https://github.com/lepture/mistune/commit/a3cb6e5"><!-- raw HTML
omitted -->(a3cb6)<!-- raw HTML omitted --></a></li>
<li>Update link reference  -  by <a
href="https://github.com/lepture"><code>@​lepture</code></a> <a
href="https://github.com/lepture/mistune/commit/85eb54f"><!-- raw HTML
omitted -->(85eb5)<!-- raw HTML omitted --></a></li>
<li>Handle escaped dollar signs in inline math  -  by <a
href="https://github.com/saschabuehrle"><code>@​saschabuehrle</code></a>
in <a
href="https://redirect.github.com/lepture/mistune/issues/370">lepture/mistune#370</a>
<a href="https://github.com/lepture/mistune/commit/7bd5709"><!-- raw
HTML omitted -->(7bd57)<!-- raw HTML omitted --></a></li>
<li>Escape id of toc  -  by <a
href="https://github.com/lepture"><code>@​lepture</code></a> <a
href="https://github.com/lepture/mistune/commit/04880a0"><!-- raw HTML
omitted -->(04880)<!-- raw HTML omitted --></a></li>
<li>Escape id of headings  -  by <a
href="https://github.com/lepture"><code>@​lepture</code></a> <a
href="https://github.com/lepture/mistune/commit/2855622"><!-- raw HTML
omitted -->(28556)<!-- raw HTML omitted --></a></li>
<li>Remove double-encoding of image alt text  -  by <a
href="https://github.com/lawrence3699"><code>@​lawrence3699</code></a>
<a href="https://github.com/lepture/mistune/commit/0d6f3d8"><!-- raw
HTML omitted -->(0d6f3)<!-- raw HTML omitted --></a></li>
<li>Escape xml for math plugin  -  by <a
href="https://github.com/lepture"><code>@​lepture</code></a> <a
href="https://github.com/lepture/mistune/commit/5fa092e"><!-- raw HTML
omitted -->(5fa09)<!-- raw HTML omitted --></a></li>
<li>Use strict regex for image's height and width  -  by <a
href="https://github.com/lepture"><code>@​lepture</code></a> <a
href="https://github.com/lepture/mistune/commit/8d0cb75"><!-- raw HTML
omitted -->(8d0cb)<!-- raw HTML omitted --></a></li>
</ul>
<h5>    <a
href="https://github.com/lepture/mistune/compare/v3.2.0...v3.2.1">View
changes on GitHub</a></h5>
<h2>v3.2.0</h2>
<h3>   🚀 Features</h3>
<ul>
<li>Support footnotes that start on the next line.  -  by <a
href="https://github.com/kylechui"><code>@​kylechui</code></a> <a
href="https://github.com/lepture/mistune/commit/2677e2d"><!-- raw HTML
omitted -->(2677e)<!-- raw HTML omitted --></a></li>
<li>Properly handle code blocks inside footnotes.  -  by <a
href="https://github.com/kylechui"><code>@​kylechui</code></a> <a
href="https://github.com/lepture/mistune/commit/0516c9e"><!-- raw HTML
omitted -->(0516c)<!-- raw HTML omitted --></a></li>
<li>Support python 3.14  -  by <a
href="https://github.com/lepture"><code>@​lepture</code></a> <a
href="https://github.com/lepture/mistune/commit/7e0eb65"><!-- raw HTML
omitted -->(7e0eb)<!-- raw HTML omitted --></a></li>
</ul>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li>Render ref links and footnotes in footnotes.  -  by <a
href="https://github.com/lepture"><code>@​lepture</code></a> <a
href="https://github.com/lepture/mistune/commit/bd90e44"><!-- raw HTML
omitted -->(bd90e)<!-- raw HTML omitted --></a></li>
<li>Render ref links in TOC.  -  by <a
href="https://github.com/lemon24"><code>@​lemon24</code></a> <a
href="https://github.com/lepture/mistune/commit/a0a0148"><!-- raw HTML
omitted -->(a0a01)<!-- raw HTML omitted --></a></li>
<li>Update typing for mypy upgrades  -  by <a
href="https://github.com/lepture"><code>@​lepture</code></a> <a
href="https://github.com/lepture/mistune/commit/8d49cba"><!-- raw HTML
omitted -->(8d49c)<!-- raw HTML omitted --></a></li>
<li>Render correct html for footnotes  -  by <a
href="https://github.com/lepture"><code>@​lepture</code></a> <a
href="https://github.com/lepture/mistune/commit/9b62204"><!-- raw HTML
omitted -->(9b622)<!-- raw HTML omitted --></a></li>
</ul>
<h5>    <a
href="https://github.com/lepture/mistune/compare/v3.1.4...v3.2.0">View
changes on GitHub</a></h5>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/lepture/mistune/blob/main/docs/changes.rst">mistune's
changelog</a>.</em></p>
<blockquote>
<h2>Version 3.2.1</h2>
<p><strong>Released on May 3, 2026</strong></p>
<ul>
<li>Escape link in <code>render_toc_ul</code>.</li>
<li>Escape text in math plugin.</li>
<li>Fix regex for math plugin.</li>
<li>Escape heading's ID attribute.</li>
<li>Fix <code>LINK_TITLE_RE</code> to prevent DoS.</li>
<li>Escape class attribute for admonition directive.</li>
<li>Remove double-encoding of image alt text.</li>
<li>Escape class attribute for image directive.</li>
<li>Fix width/height attribute for image directive.</li>
</ul>
<h2>Version 3.2.0</h2>
<p><strong>Released on Dec 23, 2025</strong></p>
<ul>
<li>Announce supports for python 3.14</li>
<li>Fix footnotes plugins for code blocks, ref links, blockquote and
etc.</li>
<li>Fix ref links in TOC.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="067f908610"><code>067f908</code></a>
chore: release 3.2.1</li>
<li><a
href="bf5503067a"><code>bf55030</code></a>
Merge pull request <a
href="https://redirect.github.com/lepture/mistune/issues/438">#438</a>
from saschabuehrle/fix/issue-370</li>
<li><a
href="8d0cb7539a"><code>8d0cb75</code></a>
fix: use strict regex for image's height and width</li>
<li><a
href="5fa092e305"><code>5fa092e</code></a>
fix: escape xml for math plugin</li>
<li><a
href="71ec9477eb"><code>71ec947</code></a>
Merge pull request <a
href="https://redirect.github.com/lepture/mistune/issues/440">#440</a>
from lawrence3699/fix/image-alt-double-encoding</li>
<li><a
href="0d6f3d8502"><code>0d6f3d8</code></a>
fix: remove double-encoding of image alt text</li>
<li><a
href="2855622d7f"><code>2855622</code></a>
fix: escape id of headings</li>
<li><a
href="04880a004c"><code>04880a0</code></a>
fix: escape id of toc</li>
<li><a
href="7bd5709671"><code>7bd5709</code></a>
fix: handle escaped dollar signs in inline math (fixes <a
href="https://redirect.github.com/lepture/mistune/issues/370">#370</a>)</li>
<li><a
href="85eb54ff17"><code>85eb54f</code></a>
fix: update link reference</li>
<li>Additional commits viewable in <a
href="https://github.com/lepture/mistune/compare/v3.1.4...v3.2.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=mistune&package-manager=uv&previous-version=3.1.4&new-version=3.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/langchain-ai/langchain/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-11 14:48:48 -07:00
Nick Hollon
da380bccf8 chore(infra): merge v1.4 into master (#37350) 2026-05-11 11:39:25 -07:00