-
-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): bump @langchain/community and langchain #930
base: main
Are you sure you want to change the base?
Conversation
WalkthroughThe pull request modifies the Changes
Possibly related PRs
Poem
🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
dbd5b55
to
4e8c2fc
Compare
Removes [@langchain/community](https://github.com/langchain-ai/langchainjs). It's no longer used after updating ancestor dependency [langchain](https://github.com/langchain-ai/langchainjs). These dependencies need to be updated together. Removes `@langchain/community` Updates `langchain` from 0.1.32 to 0.3.5 - [Release notes](https://github.com/langchain-ai/langchainjs/releases) - [Changelog](https://github.com/langchain-ai/langchainjs/blob/main/release_workspace.js) - [Commits](langchain-ai/langchainjs@0.1.32...0.3.5) --- updated-dependencies: - dependency-name: "@langchain/community" dependency-type: indirect - dependency-name: langchain dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
4e8c2fc
to
6c05632
Compare
@coderabbitai review |
✅ Actions performedReview triggered.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 1
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
⛔ Files ignored due to path filters (1)
package-lock.json
is excluded by!**/package-lock.json
📒 Files selected for processing (1)
package.json
(1 hunks)
🔇 Additional comments (1)
package.json (1)
49-49
: Consider updating @langchain/core override.
The overrides section pins @langchain/core to ~0.2.12. Verify if this version is compatible with langchain 0.3.5 to avoid potential version conflicts.
#!/bin/bash
# Description: Check compatibility between langchain and @langchain/core versions
# Test: Check if langchain 0.3.5 specifies a dependency on @langchain/core
npm info "langchain@0.3.5" dependencies
@@ -46,7 +46,7 @@ | |||
"electron-builder": "^25.0.5", | |||
"jszip": "^3.10.1", | |||
"katex": "^0.16.11", | |||
"langchain": "^0.1.32", | |||
"langchain": "^0.3.5", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
💡 Codebase verification
Update @langchain/core override to meet peer dependency requirements
The langchain 0.3.5 upgrade requires @langchain/core >=0.2.21 but the current override pins it to ~0.2.12, which is incompatible. Please:
- Update the @langchain/core override to "~0.2.21" or higher
- Consider using "^0.2.21" instead of tilde range to allow compatible minor version updates within the <0.4.0 constraint
🔗 Analysis chain
Verify compatibility with other @langchain packages.
The major version jump from 0.1.32 to 0.3.5 suggests breaking changes. Please ensure compatibility with the following dependencies:
- @langchain/anthropic: ^0.2.3
- @langchain/cohere: ^0.0.11
- @langchain/google-genai: ^0.0.21
- @langchain/groq: ^0.1.2
- @langchain/openai: ^0.2.1
Let me generate one more verification script to check the current @langchain/core version constraint in package.json since it's a critical peer dependency.
The results will help verify if the current @langchain/core version meets the peer dependency requirement of langchain 0.3.5 (>=0.2.21 <0.4.0).
🏁 Scripts executed
The following scripts were executed for the analysis:
Script:
#!/bin/bash
# Description: Check for potential compatibility issues in the dependency tree
# Test 1: Check if there are any peer dependency warnings for langchain
npm info "langchain@0.3.5" peerDependencies
# Test 2: Check if any @langchain/* packages specify langchain as a peer dependency
for pkg in "@langchain/anthropic@0.2.3" "@langchain/cohere@0.0.11" "@langchain/google-genai@0.0.21" "@langchain/groq@0.1.2" "@langchain/openai@0.2.1"; do
echo "Checking $pkg..."
npm info "$pkg" peerDependencies
done
Length of output: 2116
Script:
#!/bin/bash
# Check current @langchain/core version constraints in package.json
rg "@langchain/core" package.json -A 1 -B 1
Length of output: 135
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Copilot reviewed 1 out of 2 changed files in this pull request and generated no suggestions.
Files not reviewed (1)
- package.json: Language not supported
Removes @langchain/community. It's no longer used after updating ancestor dependency langchain. These dependencies need to be updated together.
Removes
@langchain/community
Updates
langchain
from 0.1.32 to 0.3.5Release notes
Sourced from langchain's releases.
... (truncated)
Commits
afdad9d
Release 0.3.5 (#7088)b5b1920
feat(google-genai): Release 0.1.1 (#7087)b62c408
fix(google-genai): Type error parsing api res (#7086)14be264
fix(langchain): Fix withConfig with universal chat model (#7085)34ae98e
feat(anthropic): Release 0.3.6 (#7084)49acaec
fix: Commit yarn.lock (#7083)203c295
fix(anthropic): Release 0.3.6-rc.0 (#7082)660edbd
fix(anthropic): Fixed streaming tool calls with Anthropic (#7081)f75e99b
chore(community): Release 0.3.10 (#7073)c214740
chore(community): Bump langchain dep within community (#7071)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.
Summary by CodeRabbit
New Features
langchain
package to version^0.3.5
, potentially introducing new features and improvements.Bug Fixes