akari-bot Update dependency langchain to v0.1.0 [SECURITY]

Update dependency langchain to v0.1.0 [SECURITY]

Open renovate[bot] opened this issue 1 year ago • 0 comments

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
langchain	`==0.0.276` -> `==0.1.0`

GitHub Vulnerability Alerts

CVE-2023-39631

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library.

Patches: Released in v.0.0.308. numexpr dependency is optional for langchain.

CVE-2023-36281

An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via the via the a json file to the load_prompt parameter. This is related to __subclasses__ or a template.

CVE-2023-46229

LangChain before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server.

CVE-2023-39659

An issue in langchain langchain-ai before version 0.0.325 allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component.

In Langchain before 0.0.329, prompt injection allows an attacker to force the service to retrieve data from an arbitrary URL, essentially providing SSRF and potentially injecting content into downstream tasks.

CVE-2024-0243

With the following crawler configuration:

from bs4 import BeautifulSoup as Soup

url = "https://example.com"
loader = RecursiveUrlLoader(
    url=url, max_depth=2, extractor=lambda x: Soup(x, "html.parser").text 
)
docs = loader.load()

An attacker in control of the contents of https://example.com could place a malicious HTML file in there with links like "https://example.completely.different/my_file.html" and the crawler would proceed to download that file as well even though prevent_outside=True.

https://github.com/langchain-ai/langchain/blob/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22/libs/community/langchain_community/document_loaders/recursive_url_loader.py#L51-L51

Resolved in https://github.com/langchain-ai/langchain/pull/15559

CVE-2024-28088

LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypasses the intended behavior of loading configurations only from the hwchase17/langchain-hub GitHub repository. The outcome can be disclosure of an API key for a large language model online service, or remote code execution.

CVE-2024-3571

langchain-ai/langchain is vulnerable to path traversal due to improper limitation of a pathname to a restricted directory ('Path Traversal') in its LocalFileStore functionality. An attacker can leverage this vulnerability to read or write files anywhere on the filesystem, potentially leading to information disclosure or remote code execution. The issue lies in the handling of file paths in the mset and mget methods, where user-supplied input is not adequately sanitized, allowing directory traversal sequences to reach unintended directories.

Release Notes

langchain-ai/langchain (langchain)

Full Changelog: https://github.com/langchain-ai/langchain/compare/v0.0.354...v0.1.0

`v0.0.354`

Compare Source

What's Changed

Improve markdown list parser by @nfcampos in https://github.com/langchain-ai/langchain/pull/15295
[core] add test for json parser by @hwchase17 in https://github.com/langchain-ai/langchain/pull/15297
community[patch]: Release 0.0.7 by @baskaryan in https://github.com/langchain-ai/langchain/pull/15320
langchain: Exclude non-utf8 file from loader since it causes an error in the code_understanding example by @Tchotchke in https://github.com/langchain-ai/langchain/pull/15324
langchain: minor changes to StuffDocumentsChain._get_inputs by @romainfd in https://github.com/langchain-ai/langchain/pull/15321
Upgrades the Tongyi LLM and ChatTongyi Model by @liushuaikobe in https://github.com/langchain-ai/langchain/pull/14793
Update vectorstore_retriever_memory.mdx by @kellyelton in https://github.com/langchain-ai/langchain/pull/15275
community: corrected typo in .readthedocs.yaml by @piyuple in https://github.com/langchain-ai/langchain/pull/15309
core: Update messages/init.py to account for AIMessageChunk which breaks message history runnable. by @jonnolen in https://github.com/langchain-ai/langchain/pull/15327
Patch: improve check openai version by @chyroc in https://github.com/langchain-ai/langchain/pull/15301
[documentation] documentation revamp by @hwchase17 in https://github.com/langchain-ai/langchain/pull/15281
Delete V1 tracer and refactor tracer tests to core by @agola11 in https://github.com/langchain-ai/langchain/pull/15326
Propagate context vars in all classes/methods by @nfcampos in https://github.com/langchain-ai/langchain/pull/15329
Catch type errors in dumps/dumpd by @nfcampos in https://github.com/langchain-ai/langchain/pull/15336
Community: Newlines before bullets in IPYNB files (Vectara) by @ofermend in https://github.com/langchain-ai/langchain/pull/15330
docs: cleanup rag use case by @baskaryan in https://github.com/langchain-ai/langchain/pull/15284
docs: revamp redirects by @baskaryan in https://github.com/langchain-ai/langchain/pull/15366
community:qianfan endpoint support init params & remove useless params definition by @danielhjz in https://github.com/langchain-ai/langchain/pull/15381
Update Multi_modal_RAG.ipynb by @naveentnj in https://github.com/langchain-ai/langchain/pull/15378
docs(ollama): Fix Documentation in CallbackManager, missing ]) by @yhzhu99 in https://github.com/langchain-ai/langchain/pull/15380
[docs] update agent cookbook lcel by @hwchase17 in https://github.com/langchain-ai/langchain/pull/15349
Docs: Fix spelling and grammar on Concepts page by @donovanmuller in https://github.com/langchain-ai/langchain/pull/15364
Langchain: Fix quickstart doc code not working by @AhmedHathout in https://github.com/langchain-ai/langchain/pull/15352
Docs: add param comment for tracing_v2_enabled by @chyroc in https://github.com/langchain-ai/langchain/pull/15308
Documentation: Update playwright documentation for langchain version >= 0.0.351 by @abhishek9909 in https://github.com/langchain-ai/langchain/pull/15260
fix(minor): added missing **kwargs parameter to chroma query function by @joel-teratis in https://github.com/langchain-ai/langchain/pull/14919
feat: mask api_key for konko by @chyroc in https://github.com/langchain-ai/langchain/pull/14010
Add missing comment char "#" before Load in chain.py for the rag-pinecone-rerank template by @samuelpath in https://github.com/langchain-ai/langchain/pull/15209
ci: upgrade actions by @purificant in https://github.com/langchain-ai/langchain/pull/15114
community:Lazy load wikipedia dump file by @cjaniake in https://github.com/langchain-ai/langchain/pull/15111
docs: updated document for 'Return Source Documents' Functionality by @cyai in https://github.com/langchain-ai/langchain/pull/15106
fix: call correct stream method in ollama by @David-Kristek in https://github.com/langchain-ai/langchain/pull/15104
Langchain: Fix typo in documentation by @GauravWaghmare in https://github.com/langchain-ai/langchain/pull/15124
Update LLaMA2_sql_chat.ipynb by @naveentnj in https://github.com/langchain-ai/langchain/pull/15379
[docs] update toolkit docs by @hwchase17 in https://github.com/langchain-ai/langchain/pull/15294
Feat add volcano embedding by @lujingxuansc in https://github.com/langchain-ai/langchain/pull/14693
community: Integration of New Chat Model Based on ChatGLM3 via ZhipuAI API by @linancn in https://github.com/langchain-ai/langchain/pull/15105
Refactor: use SecretStr for GPTRouter chat-model by @chyroc in https://github.com/langchain-ai/langchain/pull/15101
Refactor: use SecretStr for palm chat-model by @chyroc in https://github.com/langchain-ai/langchain/pull/15100
Refactor: use SecretStr for edenai embeddings by @chyroc in https://github.com/langchain-ai/langchain/pull/15092
Refactor: use SecretStr for embaas embeddings by @chyroc in https://github.com/langchain-ai/langchain/pull/15091
Refactor: use SecretStr for llm_rails embeddings by @chyroc in https://github.com/langchain-ai/langchain/pull/15090
Update regex in output parser by @sharrajesh in https://github.com/langchain-ai/langchain/pull/15082
Added more filtering options to pgvector vectorstore by @savoiepe in https://github.com/langchain-ai/langchain/pull/14852
Restore self message sent before OSX 12 Monterey by @idvorkin in https://github.com/langchain-ai/langchain/pull/14818
docs microsoft pages sort order fix by @leo-gan in https://github.com/langchain-ai/langchain/pull/14771
Add AstraDB document loader by @cbornet in https://github.com/langchain-ai/langchain/pull/14747
Added: docs Headers to Steam Tool notebook steps by @muntaqamahmood in https://github.com/langchain-ai/langchain/pull/14749
python-lint by @joshuasundance-swca in https://github.com/langchain-ai/langchain/pull/14689
Update _retrieve_ref inside json_schema.py to include an isdigit() check by @pareshchiramel in https://github.com/langchain-ai/langchain/pull/14745
fix: syntax error in function docs by @Undertone0809 in https://github.com/langchain-ai/langchain/pull/14641
Enhancement on feature/yaml output parser by @TomTom101 in https://github.com/langchain-ai/langchain/pull/14674
Fixing the Issue with DashScopeEmbeddings Handling More than 25 Rows of Data by @xu-xiang in https://github.com/langchain-ai/langchain/pull/14662
Fix for openai multi tools input format. by @themrzmaster in https://github.com/langchain-ai/langchain/pull/14653
add api_base to _client_params (community version of #14393) by @DavidLMS in https://github.com/langchain-ai/langchain/pull/14644
GITLAB_URL should take default https://gitlab.com instead of error by @manjunathshiva in https://github.com/langchain-ai/langchain/pull/14638
WatsonxLLM updates/enhancements by @MateuszOssGit in https://github.com/langchain-ai/langchain/pull/14598
Langchain_community: Small Fix when loading facebook messages by @keenborder786 in https://github.com/langchain-ai/langchain/pull/15358
Update gpt4all.mdx doc by @169 in https://github.com/langchain-ai/langchain/pull/15392
infra: remove path filter on check_diffs by @efriis in https://github.com/langchain-ai/langchain/pull/15418
Calculate trace_id and dotted_order client side by @agola11 in https://github.com/langchain-ai/langchain/pull/15351
docs: fix agents index links by @baskaryan in https://github.com/langchain-ai/langchain/pull/15419
docs: fix modelio index links by @baskaryan in https://github.com/langchain-ai/langchain/pull/15421
langchain[patch], experimental[patch]: replace langchain.schema imports by @baskaryan in https://github.com/langchain-ai/langchain/pull/15410
Fetch runnable config from context var inside runnable lambda and runnable generator by @nfcampos in https://github.com/langchain-ai/langchain/pull/15334
docs, community[patch], experimental[patch], langchain[patch], cli[pa… by @baskaryan in https://github.com/langchain-ai/langchain/pull/15412
Use tz-aware utc datetimes in tracer by @nfcampos in https://github.com/langchain-ai/langchain/pull/15187
add get prompts method by @hwchase17 in https://github.com/langchain-ai/langchain/pull/15425
docs, experimenta[patch], langchain[patch], community[patch]: update storage imports by @baskaryan in https://github.com/langchain-ai/langchain/pull/15429
refactor utils by @leo-gan in https://github.com/langchain-ai/langchain/pull/15432
docs Microsoft platform page update by @leo-gan in https://github.com/langchain-ai/langchain/pull/15420
added fix for key error: doc_id by @suhas-kotaki in https://github.com/langchain-ai/langchain/pull/15428
core:adds tests for partial_variables by @dkajtoch in https://github.com/langchain-ai/langchain/pull/15427
Remove unused _get_python_repl by @169 in https://github.com/langchain-ai/langchain/pull/15389
langchain[patch], experimental[patch], docs: update tools imports by @baskaryan in https://github.com/langchain-ai/langchain/pull/15433
Fix: fix Bing Search empty result exception, fix #15384 by @chyroc in https://github.com/langchain-ai/langchain/pull/15387
SQLDatabase drop the column names in the result. by @dudub12 in https://github.com/langchain-ai/langchain/pull/15361
Fixed minor type in self_query.ipynb by @aqibamir in https://github.com/langchain-ai/langchain/pull/15196
community: Semanticscholar tool to search 200M+ scientific articles by @shauryr in https://github.com/langchain-ai/langchain/pull/15151
Refactor: use SecretStr for tongyi chat-model by @chyroc in https://github.com/langchain-ai/langchain/pull/15102
Use args option in jaguar so it takes more options in similarity search by @fserv in https://github.com/langchain-ai/langchain/pull/15080
feat: add Google BigQueryVectorSearch in vectorstore by @ashleyxuu in https://github.com/langchain-ai/langchain/pull/14829
langchain[patch], docs: update agent toolkit imports by @baskaryan in https://github.com/langchain-ai/langchain/pull/15434
docs: together ai updates by @efriis in https://github.com/langchain-ai/langchain/pull/15435
Milvus allows to store metadata as json field by @mokeyish in https://github.com/langchain-ai/langchain/pull/14636
Fix failing serpapi response processing for Google Maps API by @LoopKarma in https://github.com/langchain-ai/langchain/pull/14817
Add the collection_description parameter to Milvus by @mokeyish in https://github.com/langchain-ai/langchain/pull/14524
core: update json output parser by @apisani1 in https://github.com/langchain-ai/langchain/pull/15079
Support score_threshold in SupabaseVectorStore similarity search by @codehound42 in https://github.com/langchain-ai/langchain/pull/14439
Improvement: Allow passing parameters to the underlying es_client. Closes: #14403 by @169 in https://github.com/langchain-ai/langchain/pull/14435
adding vectorstore_kwarg attribute to search_similarity function by @amaleki2 in https://github.com/langchain-ai/langchain/pull/14604
Fix Bedrock broad error catching by @JuR-0 in https://github.com/langchain-ai/langchain/pull/14398
update LanguageModelInput from List to Sequence by @alan910127 in https://github.com/langchain-ai/langchain/pull/14405
refactor: Qdrant async improvements by @Anush008 in https://github.com/langchain-ai/langchain/pull/14492
[Improvement] Evals: Add git info by @hinthornw in https://github.com/langchain-ai/langchain/pull/15446
fixed a dependency duplicate by @leo-gan in https://github.com/langchain-ai/langchain/pull/15444
cleanup getting started by @hwchase17 in https://github.com/langchain-ai/langchain/pull/15450
feat: new integration wasm_chat by @apepkuss in https://github.com/langchain-ai/langchain/pull/14787
Add option to preserve headers in MarkdownHeaderTextSplitter by @finnless in https://github.com/langchain-ai/langchain/pull/14433
Fix llms.Mlflow example by @harupy in https://github.com/langchain-ai/langchain/pull/14386
Patch: improve type hint by @chyroc in https://github.com/langchain-ai/langchain/pull/15451
Remove unused Params by @harupy in https://github.com/langchain-ai/langchain/pull/14385
langchain[patch], experimental[patch]: update utilities imports by @baskaryan in https://github.com/langchain-ai/langchain/pull/15438
core[patch]: Release 0.1.5 by @baskaryan in https://github.com/langchain-ai/langchain/pull/15480
infra: add minimum deps pre release check by @baskaryan in https://github.com/langchain-ai/langchain/pull/15485
community[patch]: Release 0.0.8 by @baskaryan in https://github.com/langchain-ai/langchain/pull/15481
infra: fix min deps test by @baskaryan in https://github.com/langchain-ai/langchain/pull/15486
community[patch]: bump core version >=0.1.5,<0.2 by @baskaryan in https://github.com/langchain-ai/langchain/pull/15488
infra: update community test min reqs by @baskaryan in https://github.com/langchain-ai/langchain/pull/15490
langchain[patch]: Release 0.0.354 by @baskaryan in https://github.com/langchain-ai/langchain/pull/15482
langchain[patch]: bump community >=0.0.8,<0.1 by @baskaryan in https://github.com/langchain-ai/langchain/pull/15492

New Contributors

@Tchotchke made their first contribution in https://github.com/langchain-ai/langchain/pull/15324
@romainfd made their first contribution in https://github.com/langchain-ai/langchain/pull/15321
@liushuaikobe made their first contribution in https://github.com/langchain-ai/langchain/pull/14793
@kellyelton made their first contribution in https://github.com/langchain-ai/langchain/pull/15275
@piyuple made their first contribution in https://github.com/langchain-ai/langchain/pull/15309
@jonnolen made their first contribution in https://github.com/langchain-ai/langchain/pull/15327
@naveentnj made their first contribution in https://github.com/langchain-ai/langchain/pull/15378
@yhzhu99 made their first contribution in https://github.com/langchain-ai/langchain/pull/15380
@donovanmuller made their first contribution in https://github.com/langchain-ai/langchain/pull/15364
@AhmedHathout made their first contribution in https://github.com/langchain-ai/langchain/pull/15352
@abhishek9909 made their first contribution in https://github.com/langchain-ai/langchain/pull/15260
@joel-teratis made their first contribution in https://github.com/langchain-ai/langchain/pull/14919
@purificant made their first contribution in https://github.com/langchain-ai/langchain/pull/15114
@cjaniake made their first contribution in https://github.com/langchain-ai/langchain/pull/15111
@David-Kristek made their first contribution in https://github.com/langchain-ai/langchain/pull/15104
@GauravWaghmare made their first contribution in https://github.com/langchain-ai/langchain/pull/15124
@sharrajesh made their first contribution in https://github.com/langchain-ai/langchain/pull/15082
@savoiepe made their first contribution in https://github.com/langchain-ai/langchain/pull/14852
@pareshchiramel made their first contribution in https://github.com/langchain-ai/langchain/pull/14745
@xu-xiang made their first contribution in https://github.com/langchain-ai/langchain/pull/14662
@themrzmaster made their first contribution in https://github.com/langchain-ai/langchain/pull/14653
@DavidLMS made their first contribution in https://github.com/langchain-ai/langchain/pull/14644
@manjunathshiva made their first contribution in https://github.com/langchain-ai/langchain/pull/14638
@suhas-kotaki made their first contribution in https://github.com/langchain-ai/langchain/pull/15428
@dkajtoch made their first contribution in https://github.com/langchain-ai/langchain/pull/15427
@aqibamir made their first contribution in https://github.com/langchain-ai/langchain/pull/15196
@ashleyxuu made their first contribution in https://github.com/langchain-ai/langchain/pull/14829
@mokeyish made their first contribution in https://github.com/langchain-ai/langchain/pull/14636
@LoopKarma made their first contribution in https://github.com/langchain-ai/langchain/pull/14817
@apisani1 made their first contribution in https://github.com/langchain-ai/langchain/pull/15079
@codehound42 made their first contribution in https://github.com/langchain-ai/langchain/pull/14439
@amaleki2 made their first contribution in https://github.com/langchain-ai/langchain/pull/14604
@JuR-0 made their first contribution in https://github.com/langchain-ai/langchain/pull/14398
@alan910127 made their first contribution in https://github.com/langchain-ai/langchain/pull/14405
@apepkuss made their first contribution in https://github.com/langchain-ai/langchain/pull/14787

Full Changelog: https://github.com/langchain-ai/langchain/compare/v0.0.353...v0.0.354

`v0.0.353`

Compare Source

What's Changed

community[patch]: Add param "task" to Databricks LLM to work around serialization of transform_output_fn by @liangz1 in https://github.com/langchain-ai/langchain/pull/14933
docs: links by @efriis in https://github.com/langchain-ai/langchain/pull/14940
Vectara summarization by @efriis in https://github.com/langchain-ai/langchain/pull/14970
Feature/Add LLMs Integration For Oracle Cloud Infrastructure(OCI) Data Science Model Deployment Endpoint by @mingkang111 in https://github.com/langchain-ai/langchain/pull/14250
infra: pr template update by @baskaryan in https://github.com/langchain-ai/langchain/pull/14963
docs alibaba cloud by @leo-gan in https://github.com/langchain-ai/langchain/pull/14772
core(minor): Implement stream and astream for RunnableBranch by @qtangs in https://github.com/langchain-ai/langchain/pull/14805
core[patch]: update langchain-core runtime library name by @chyroc in https://github.com/langchain-ai/langchain/pull/14884
Add Ollama multi-modal templates by @rlancemartin in https://github.com/langchain-ai/langchain/pull/14868
community[patch]: Fix typo in class Docstring (#14982) by @yacine555 in https://github.com/langchain-ai/langchain/pull/14982
community[patch]: support momento vector index filter expressions by @malandis in https://github.com/langchain-ai/langchain/pull/14978
community[patch]: JaguarHttpClient conditional import by @fserv in https://github.com/langchain-ai/langchain/pull/14985
Update multi-modal template README.md by @rlancemartin in https://github.com/langchain-ai/langchain/pull/14991
Update multi-modal multi-vector template README.md by @rlancemartin in https://github.com/langchain-ai/langchain/pull/14992
Update Gemini template README.md by @rlancemartin in https://github.com/langchain-ai/langchain/pull/14993
Update Ollama multi-modal template README.md by @rlancemartin in https://github.com/langchain-ai/langchain/pull/14994
Update Ollama multi-modal multi-vector template README.md by @rlancemartin in https://github.com/langchain-ai/langchain/pull/14995
TEMPLATES: Update README.md by @eltociear in https://github.com/langchain-ai/langchain/pull/15013
community: fix for surrealdb client 0.3.2 update + store and retrieve metadata by @lalanikarim in https://github.com/langchain-ai/langchain/pull/14997
fixed wrong link in documentation by @Yanni8 in https://github.com/langchain-ai/langchain/pull/14999
changed default for VertexAIEmbeddings by @lkuligin in https://github.com/langchain-ai/langchain/pull/14614
Jacob/add hf chat wrapper by @jacoblee93 in https://github.com/langchain-ai/langchain/pull/14736
infra: api docs build order by @efriis in https://github.com/langchain-ai/langchain/pull/15018
Implement streaming for xml output parser by @nfcampos in https://github.com/langchain-ai/langchain/pull/14984
Implement streaming for all list output parsers by @nfcampos in https://github.com/langchain-ai/langchain/pull/14981
core[patch]: Release 0.1.3 by @baskaryan in https://github.com/langchain-ai/langchain/pull/15022
community[patch]: Release 0.0.6 by @baskaryan in https://github.com/langchain-ai/langchain/pull/15023
Add option to make messages placeholder optional by @nfcampos in https://github.com/langchain-ai/langchain/pull/15031
Move json and xml parsers to core by @nfcampos in https://github.com/langchain-ai/langchain/pull/15026
infra: Fix test filesystem paths incompatible with windows by @rancomp in https://github.com/langchain-ai/langchain/pull/14388
Azure DocumentIntelligenceLoader/Parser support update with latest SDK by @zifeiq in https://github.com/langchain-ai/langchain/pull/14389
Community: Fix generation_config not setting properly for DeepSparse by @mgoin in https://github.com/langchain-ai/langchain/pull/15036
langchain(patch): Restrict paths in LocalFileStore cache by @eyurtsev in https://github.com/langchain-ai/langchain/pull/15065
Add Runnable.get_graph() to get a graph representation of a Runnable by @nfcampos in https://github.com/langchain-ai/langchain/pull/15040
book reference by @leo-gan in https://github.com/langchain-ai/langchain/pull/15072
Refactor: use SecretStr for jina embeddings by @chyroc in https://github.com/langchain-ai/langchain/pull/15068
Refactor: use SecretStr for minimax embeddings by @chyroc in https://github.com/langchain-ai/langchain/pull/15067
add defaults for tavily by @hwchase17 in https://github.com/langchain-ai/langchain/pull/15075
Fix: fix partners name typo in tests by @chyroc in https://github.com/langchain-ai/langchain/pull/15066
fix: correct spelling mistakes of "seperate, intialise, pre-defined" by @rancomp in https://github.com/langchain-ai/langchain/pull/14647
Improve: remove extra spaces in get_from_env error by @chyroc in https://github.com/langchain-ai/langchain/pull/15064
corrected outdated link by @gsajko in https://github.com/langchain-ai/langchain/pull/15053
Community: Adds ability to pass a Config to the boto3 client used by Bedrock by @blanehoneycutt-addepar in https://github.com/langchain-ai/langchain/pull/15029
community: refactor Baseten integration with new API endpoints & docs by @philipkiely-baseten in https://github.com/langchain-ai/langchain/pull/15017
Update youtube_transcript.ipynb by @sidsarasvati in https://github.com/langchain-ai/langchain/pull/15015
docs/docs/get_started: fixing typos in quickstart.mdx by @SatinWukerORIG in https://github.com/langchain-ai/langchain/pull/15025
community: add args_schema to GmailSendMessage by @ccurme in https://github.com/langchain-ai/langchain/pull/14973
core(minor): Allow explicit types for ChatMessageHistory adds by @Sypherd in https://github.com/langchain-ai/langchain/pull/14967
Update arxiv.py with get_summaries_as_docs inside of Arxivloader by @ArchanGhosh in https://github.com/langchain-ai/langchain/pull/14953
Add support Vertex AI Gemini uses a public image URL by @itok01 in https://github.com/langchain-ai/langchain/pull/14949
Don't reassign chunk_type by @coreyb42 in https://github.com/langchain-ai/langchain/pull/14923
[community]: Elasticsearch chat history encoding by @istrebitel-1 in https://github.com/langchain-ai/langchain/pull/15055
Nc/dec22/runnable graph lambda by @nfcampos in https://github.com/langchain-ai/langchain/pull/15078
Improve graph repr for runnable passthrough and itemgetter by @nfcampos in https://github.com/langchain-ai/langchain/pull/15083
add multitenancy by @hwchase17 in https://github.com/langchain-ai/langchain/pull/15176
Corrected an grammatical mistake by @ShorthillsAI in https://github.com/langchain-ai/langchain/pull/15163
Oxford comma, consistent with format elsewhere by @bquast in https://github.com/langchain-ai/langchain/pull/15167
Patch: improve ollama 404 api error message, fix #15147 by @chyroc in https://github.com/langchain-ai/langchain/pull/15156
community: correct spelling mistakes of "Suffle" and "reporoducibility" by @pzarfos in https://github.com/langchain-ai/langchain/pull/15172
[core] print ascii by @hwchase17 in https://github.com/langchain-ai/langchain/pull/15179
docs: Update dependencies installation cell in steam toolkit by @KallieLev in https://github.com/langchain-ai/langchain/pull/15148
community: Async Ollama + ChatOllama by @shroominic in https://github.com/langchain-ai/langchain/pull/15169
[core] langauge model like by @hwchase17 in https://github.com/langchain-ai/langchain/pull/15180
langchain[minor]: Add stuff docs runnable by @baskaryan in https://github.com/langchain-ai/langchain/pull/15178
[core: minor] fix getters by @hwchase17 in https://github.com/langchain-ai/langchain/pull/15181
Fix runnable vistitor for funcs without pos args by [@nfcampos](https

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

Oct 05 '23 13:10 renovate[bot]

akari-bot
akari-bot copied to clipboard

Update dependency langchain to v0.1.0 [SECURITY]

GitHub Vulnerability Alerts

CVE-2023-39631

CVE-2023-36281

CVE-2023-46229

CVE-2023-39659

CVE-2023-32786

CVE-2024-0243

CVE-2024-28088

CVE-2024-3571

Release Notes

`v0.1.0`

What's Changed

New Contributors

`v0.0.354`

What's Changed

New Contributors

`v0.0.353`

What's Changed

Configuration

akari-bot akari-bot copied to clipboard

Update dependency langchain to v0.1.0 [SECURITY]

GitHub Vulnerability Alerts

Release Notes

What's Changed

New Contributors

What's Changed

New Contributors

What's Changed

Configuration

akari-bot
akari-bot copied to clipboard