John Kennedy eabbff949b fix: patch 8 security alerts (medium + low severity)
Add minimum version constraints for vulnerable direct and transitive
dependencies surfaced by Dependabot. Since requirements.txt was unpinned
prior to this change, the effective install version was already whatever
the resolver picked — these floors guarantee the patched versions.

Resolves:
- GHSA-r7w7-9xr2-qq2r (langchain-openai)
- GHSA-rr7j-v2q5-chgv (langsmith)
- CVE-2026-40087 / GHSA-926x-3r5x-gfhw (langchain-core)
- CVE-2026-39892 / GHSA-p423-j2cm-9vmq (cryptography)
- CVE-2026-34073 / GHSA-m959-cc7f-wv43 (cryptography)
- CVE-2026-34452 / GHSA-w828-4qhx-vxx3 (anthropic)
- CVE-2026-34450 / GHSA-q5f5-3gjm-7mfm (anthropic)
- CVE-2026-4539 / GHSA-5239-wwwm-4pmq (Pygments)
2026-04-21 06:53:57 +00:00
2025-11-05 11:07:56 -08:00
2025-11-06 16:00:38 -08:00
2025-11-07 13:23:47 -08:00
S
Description
stateful deepagents demo
58 KiB
Languages
Jupyter Notebook 100%