github/langchain
1
0
Fork 0
mirror of https://github.com/hwchase17/langchain.git synced 2026-02-21 06:33:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6a07b3acdadf3ef16ffa9d7b9dc25f73388cd5f8
langchain/libs
History
Yi Liu 6a07b3acda fix(core): correct misleading jinja2 sandboxing comment (#35183) 
## Summary
- The inline comment at `langchain_core/prompts/string.py:67-69`
incorrectly states that `SandboxedEnvironment` "blocks ALL
attribute/method access" and that "only simple variable lookups like
`{{variable}}` are allowed."
- In reality, Jinja2's `SandboxedEnvironment` only blocks access to
dunder attributes (`__class__`, `__globals__`, etc.) to prevent sandbox
escapes. Regular attribute access like `{{obj.content}}` and method
calls remain allowed.
- This misleading comment was left behind when a
`_RestrictedSandboxedEnvironment` class was reverted in commit
395c8d0bd4. Updated to accurately describe the actual behavior.

## Why this matters
The comment could mislead developers into trusting partially-untrusted
templates, believing attribute access is blocked when it is not. The
function's docstring already correctly warns against untrusted
templates.

## Test plan
- [ ] No behavioral change — comment-only fix
- [ ] Verified `SandboxedEnvironment` behavior matches updated comment

> This PR was authored with the help of AI tools.
2026-02-16 23:17:22 -05:00
..
core
fix(core): correct misleading jinja2 sandboxing comment (#35183)
2026-02-16 23:17:22 -05:00
langchain
chore: bump the langchain-deps group across 3 directories with 8 updates (#35257)
2026-02-16 23:11:50 -05:00
langchain_v1
chore: bump the langchain-deps group across 3 directories with 8 updates (#35257)
2026-02-16 23:11:50 -05:00
model-profiles
chore: bump the other-deps group across 3 directories with 2 updates (#35255)
2026-02-16 23:12:12 -05:00
partners
docs(openai): more nits (#35277)
2026-02-16 23:10:31 -05:00
standard-tests
chore: bump the other-deps group across 3 directories with 2 updates (#35255)
2026-02-16 23:12:12 -05:00
text-splitters
chore: bump the other-deps group across 3 directories with 2 updates (#35255)
2026-02-16 23:12:12 -05:00
Makefile
feat(infra): add CI check for out of date lockfiles (#34397)
2025-12-16 22:23:25 -05:00
README.md
chore: add more informative README for libs/ (#33339)
2025-10-07 17:13:45 +00:00

README.md

Packages

Important

View all LangChain integrations packages

This repository is structured as a monorepo, with various packages located in this libs/ directory. Packages to note in this directory include:

core/             # Core primitives and abstractions for langchain
langchain/        # langchain-classic
langchain_v1/     # langchain
partners/         # Certain third-party providers integrations (see below)
standard-tests/   # Standardized tests for integrations
text-splitters/   # Text splitter utilities

(Each package contains its own README.md file with specific details about that package.)

Integrations (partners/)

The partners/ directory contains a small subset of third-party provider integrations that are maintained directly by the LangChain team. These include, but are not limited to:

Most integrations have been moved to their own repositories for improved versioning, dependency management, collaboration, and testing. This includes packages from popular providers such as Google and AWS. Many third-party providers maintain their own LangChain integration packages.

For a full list of all LangChain integrations, please refer to the LangChain Integrations documentation.

Reference in New Issue View Git Blame Copy Permalink