Merge pull request #1 from langchain-ai/fix/security-alerts-2026-04-21

fix: patch 7 security alerts (medium + low severity)
This commit is contained in:
John Kennedy
2026-04-20 23:55:53 -07:00
committed by GitHub
+8 -4
View File
@@ -1,10 +1,14 @@
langchain-core>=0.3.66
langchain-core>=1.2.28
langchain>=1.0.0
langgraph>=1.0.0
langsmith>=0.3.0
langchain-openai>=0.3.0
langsmith>=0.7.31
langchain-openai>=1.1.14
langgraph-cli[inmem]>=0.2.0
deepagents>=0.3.0
python-dotenv>=1.0.0
requests>=2.31.0
langgraph-api>=0.7.0
langgraph-api>=0.7.0
# Security pins for transitive dependencies (GHSA-p423-j2cm-9vmq, GHSA-m959-cc7f-wv43,
# GHSA-w828-4qhx-vxx3, GHSA-q5f5-3gjm-7mfm). Remove once parent packages pin patched floors.
cryptography>=46.0.7
anthropic>=0.87.0