Bumps [pydantic-settings](https://github.com/pydantic/pydantic-settings) from 2.12.0 to 2.14.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pydantic/pydantic-settings/releases">pydantic-settings's releases</a>.</em></p> <blockquote> <h2>v2.14.2</h2> <h2>What's Changed</h2> <p>This is a security patch release.</p> <ul> <li>Prevent <code>NestedSecretsSettingsSource</code> from following symlinks outside <code>secrets_dir</code> by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/889">pydantic/pydantic-settings#889</a></li> <li>Prepare release 2.14.2 by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/890">pydantic/pydantic-settings#890</a></li> </ul> <h3>Security</h3> <p>Fixes <a href="https://github.com/pydantic/pydantic-settings/security/advisories/GHSA-4xgf-cpjx-pc3j">GHSA-4xgf-cpjx-pc3j</a>: <code>NestedSecretsSettingsSource</code> with <code>secrets_nested_subdir=True</code> could follow a symbolic link inside <code>secrets_dir</code> pointing outside it, reading out-of-tree files into settings values and bypassing the <code>secrets_dir_max_size</code> cap. Affected versions: <code>>= 2.12.0, < 2.14.2</code>.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/pydantic/pydantic-settings/compare/v2.14.1...v2.14.2">https://github.com/pydantic/pydantic-settings/compare/v2.14.1...v2.14.2</a></p> <h2>v2.14.1</h2> <h2>What's Changed</h2> <ul> <li>Bump the python-packages group with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/850">pydantic/pydantic-settings#850</a></li> <li>Bump the python-packages group with 5 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/854">pydantic/pydantic-settings#854</a></li> <li>Bump the github-actions group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/853">pydantic/pydantic-settings#853</a></li> <li>Bump the python-packages group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/856">pydantic/pydantic-settings#856</a></li> <li>Fix field named <code>cls</code> conflicting with classmethod parameter by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/858">pydantic/pydantic-settings#858</a></li> <li>Prepare release 2.14.1 by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/859">pydantic/pydantic-settings#859</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pydantic/pydantic-settings/compare/v2.14.0...v2.14.1">https://github.com/pydantic/pydantic-settings/compare/v2.14.0...v2.14.1</a></p> <h2>v2.14.0</h2> <h2>What's Changed</h2> <ul> <li>Fix parsing env vars into Optional Strict types by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/792">pydantic/pydantic-settings#792</a></li> <li>Fix RecursionError with mutually recursive models in CLI by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/794">pydantic/pydantic-settings#794</a></li> <li>Fix env_file from model_config ignored in CliApp.run() (<a href="https://redirect.github.com/pydantic/pydantic-settings/issues/795">#795</a>) by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/796">pydantic/pydantic-settings#796</a></li> <li>Update dependencies by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/798">pydantic/pydantic-settings#798</a></li> <li>Add Dependabot configuration by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/801">pydantic/pydantic-settings#801</a></li> <li>Bump samuelcolvin/check-python-version from 4.1 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/802">pydantic/pydantic-settings#802</a></li> <li>Bump actions/upload-artifact from 4 to 7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/803">pydantic/pydantic-settings#803</a></li> <li>Bump actions/checkout from 4 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/804">pydantic/pydantic-settings#804</a></li> <li>Bump astral-sh/setup-uv from 5 to 7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/805">pydantic/pydantic-settings#805</a></li> <li>Bump actions/setup-python from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/806">pydantic/pydantic-settings#806</a></li> <li>Ignore chardet and group GitHub Actions in Dependabot by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/808">pydantic/pydantic-settings#808</a></li> <li>Bump actions/download-artifact from 4 to 8 in the github-actions group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/809">pydantic/pydantic-settings#809</a></li> <li>Bump the python-packages group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/810">pydantic/pydantic-settings#810</a></li> <li>Support reading .env files from FIFOs (e.g. 1Password Environments) by <a href="https://github.com/JacobHayes"><code>@JacobHayes</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/776">pydantic/pydantic-settings#776</a></li> <li>Fix AliasChoices ignored when changing provider priority by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/813">pydantic/pydantic-settings#813</a></li> <li>fix: resolve KeyError in run_subcommand for underscore field names by <a href="https://github.com/bradykieffer"><code>@bradykieffer</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/799">pydantic/pydantic-settings#799</a></li> <li>Bump the python-packages group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/814">pydantic/pydantic-settings#814</a></li> <li>Fix <code>Literal[numeric Enum]</code> coercion for CLI and env vars by <a href="https://github.com/m9810223"><code>@m9810223</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/811">pydantic/pydantic-settings#811</a></li> <li>Fix nested discriminated unions not discovered by env/CLI providers by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/816">pydantic/pydantic-settings#816</a></li> <li>Bump the python-packages group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/820">pydantic/pydantic-settings#820</a></li> <li>CLI ensure env nested max split internally. by <a href="https://github.com/kschwab"><code>@kschwab</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/821">pydantic/pydantic-settings#821</a></li> <li>Bump the python-packages group with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/824">pydantic/pydantic-settings#824</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="d703bd717e"><code>d703bd7</code></a> Prepare release 2.14.2 (<a href="https://redirect.github.com/pydantic/pydantic-settings/issues/890">#890</a>)</li> <li><a href="e95c30bec8"><code>e95c30b</code></a> Prepare release 2.14.1 (<a href="https://redirect.github.com/pydantic/pydantic-settings/issues/859">#859</a>)</li> <li><a href="0c8734581b"><code>0c87345</code></a> Fix field named <code>cls</code> conflicting with classmethod parameter (<a href="https://redirect.github.com/pydantic/pydantic-settings/issues/858">#858</a>)</li> <li><a href="7bd0072795"><code>7bd0072</code></a> Bump the python-packages group with 2 updates (<a href="https://redirect.github.com/pydantic/pydantic-settings/issues/856">#856</a>)</li> <li><a href="b03e573d01"><code>b03e573</code></a> Bump the github-actions group with 3 updates (<a href="https://redirect.github.com/pydantic/pydantic-settings/issues/853">#853</a>)</li> <li><a href="eaa3b43493"><code>eaa3b43</code></a> Bump the python-packages group with 5 updates (<a href="https://redirect.github.com/pydantic/pydantic-settings/issues/854">#854</a>)</li> <li><a href="9f95615c24"><code>9f95615</code></a> Bump the python-packages group with 4 updates (<a href="https://redirect.github.com/pydantic/pydantic-settings/issues/850">#850</a>)</li> <li><a href="8916beeecc"><code>8916bee</code></a> Prepare release 2.14.0 (<a href="https://redirect.github.com/pydantic/pydantic-settings/issues/848">#848</a>)</li> <li><a href="39e551c091"><code>39e551c</code></a> Fix CLI descriptions lost under <code>python -OO</code> by falling back to `json_schema_...</li> <li><a href="9ed7f48ea2"><code>9ed7f48</code></a> Bump the python-packages group with 4 updates (<a href="https://redirect.github.com/pydantic/pydantic-settings/issues/847">#847</a>)</li> <li>Additional commits viewable in <a href="https://github.com/pydantic/pydantic-settings/compare/v2.12.0...v2.14.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/langchain-ai/langchain/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The agent engineering platform.
LangChain is a framework for building agents and LLM-powered applications. It helps you chain together interoperable components and third-party integrations to simplify AI application development — all while future-proofing decisions as the underlying technology evolves.
Tip
Just getting started? Check out Deep Agents — a higher-level package built on LangChain for agents that have built-in capabilites for common usage patterns such as planning, subagents, file system usage, and more.
Quickstart
uv add langchain
from langchain.chat_models import init_chat_model
model = init_chat_model("openai:gpt-5.5")
result = model.invoke("Hello, world!")
If you're looking for more advanced customization or agent orchestration, check out LangGraph, our framework for building controllable agent workflows.
For an equivalent JS/TS library, check out LangChain.js.
Tip
For developing, debugging, and deploying AI agents and LLM applications, see LangSmith.
LangChain ecosystem
While the LangChain framework can be used standalone, it also integrates seamlessly with any LangChain product, giving developers a full suite of tools when building LLM applications.
- Deep Agents — Build agents that can plan, use subagents, and leverage file systems for complex tasks
- LangGraph — Build agents that can reliably handle complex tasks with our low-level agent orchestration framework
- Integrations — Chat & embedding models, tools & toolkits, and more
- LangSmith — Agent evals, observability, and debugging for LLM apps
- LangSmith Deployment — Deploy and scale agents with a purpose-built platform for long-running, stateful workflows
Why use LangChain?
LangChain helps developers build applications powered by LLMs through a standard interface for models, embeddings, vector stores, and more.
- Real-time data augmentation — Easily connect LLMs to diverse data sources and external/internal systems, drawing from LangChain's vast library of integrations with model providers, tools, vector stores, retrievers, and more
- Model interoperability — Swap models in and out as your engineering team experiments to find the best choice for your application's needs. As the industry frontier evolves, adapt quickly — LangChain's abstractions keep you moving without losing momentum
- Rapid prototyping — Quickly build and iterate on LLM applications with LangChain's modular, component-based architecture. Test different approaches and workflows without rebuilding from scratch, accelerating your development cycle
- Production-ready features — Deploy reliable applications with built-in support for monitoring, evaluation, and debugging through integrations like LangSmith. Scale with confidence using battle-tested patterns and best practices
- Vibrant community and ecosystem — Leverage a rich ecosystem of integrations, templates, and community-contributed components. Benefit from continuous improvements and stay up-to-date with the latest AI developments through an active open-source community
- Flexible abstraction layers — Work at the level of abstraction that suits your needs — from high-level chains for quick starts to low-level components for fine-grained control. LangChain grows with your application's complexity
Resources
- Documentation — conceptual overviews and guides
- LangChain ecosystem overview — how LangChain, LangGraph, and Deep Agents fit together
- API reference — complete reference for all public classes, functions, and types
- Discussions — community forum for technical questions, ideas, and feedback
- LangChain Academy — comprehensive, free courses on LangChain libraries and products, made by the LangChain team
- Contributing Guide — how to contribute and find good first issues
- Code of Conduct — community guidelines and standards