langsmith-fleet[bot] 59640469af Patch vulnerable dependencies (#112)
## Summary

Patch vulnerable Poetry dependencies reported by OSV/GitHub advisories
by adding explicit minimum safe constraints and regenerating
`libs/unstructured/poetry.lock`.

Updated constraints cover:
- `click >= 8.3.3`
- `langchain-core >= 1.3.3,<2.0.0`
- `markdown >= 3.8.1`
- `pdfminer-six >= 20251230`
- `pi-heif >= 1.3.0`
- `pillow >= 12.3.0`
- `pygments >= 2.20.0`
- `setuptools >= 83.0.0`
- `torch > 2.12.0` for the `local` extra

## Validation

- `poetry lock` using Poetry 2.4.1
- `poetry check --lock` using Poetry 2.4.1
- Queried OSV for every package/version in the regenerated lockfile; no
vulnerabilities returned

## Notes

Dependabot alerts API was not accessible from this environment (`403
Resource not accessible by integration`), so I validated against
OSV/GitHub advisory data from the lockfile instead.

Co-authored-by: Langster Security Agent <john@langchain.dev>
2026-07-15 07:37:44 +00:00
2024-09-26 15:04:13 -07:00
2026-05-18 17:45:57 -05:00
2024-09-26 15:04:13 -07:00
2024-09-26 22:28:35 +00:00

🦜🔗 LangChain Unstructured

This repository contains 1 package with Unstructured integrations with LangChain:

S
Description
No description provided
Readme MIT 28 MiB
Latest
2025-12-27 18:17:47 -05:00
Languages
Python 91.7%
Makefile 6.8%
Shell 1.5%