Skip to content

deps(ai-assistant)(deps): Bump langchain from 0.3.27 to 0.3.28 in /ai-assistant#456

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/ai-assistant/langchain-0.3.28
Open

deps(ai-assistant)(deps): Bump langchain from 0.3.27 to 0.3.28 in /ai-assistant#456
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/ai-assistant/langchain-0.3.28

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 9, 2026

Bumps langchain from 0.3.27 to 0.3.28.

Release notes

Sourced from langchain's releases.

langchain==0.3.28

Changes since langchain==0.3.27

fix(langchain): bump minimum langchain-core to 0.3.73 (#35608) release(langchain): 0.3.28 (#35607) fix(langchain): backport patch ReDoS vulnerability in MRKL and ReAct action regex (CVE-2024-58340) (#35603) feat(core,langchain,text-splitters): (v0.3) use uuid7 for run ids (#34732) fix(core): serialization patch (#34458) feat(openai): enable stream_usage when using default base URL and client (#33296) fix(langchain): handle gpt-5 model name in init_chat_model (#33148) fix(langchain): add context_management to Anthropic chat model init (#33150) docs: more standardization (#33124) refactor(langchain): resolve pydantic deprecation warnings (#33125) docs: standardize .. code-block directive usage (#33122) chore: bump ruff version to 0.13 (#33043) fix: update method calls from dict to model_dump in Chain (#33035) chore: update pyproject.toml files, remove codespell (#33028) chore(langchain): drop cap on python version (#32974) chore: restore commented out optional deps (#32971) docs(langchain): add docstring for _load_map_reduce_chain (#32961) docs(langchain): add docstring for _load_stuff_chain (#32932) revert: "chore: remove ruff target-version" (#32895) fix(openai): ainvoke uses async _aget_response; add async tests (#32459) chore: remove ruff target-version (#32880) chore(langchain): enable ruff docstring-code-format in langchain (#32858) chore(langchain): add ruff rule BLE (#32868) chore(docs): update package READMEs (#32869) chore(langchain): add ruff rule ERA (#32867) fix(langchain): preserve supplied llm in FlareChain.from_llm (#32847) chore(langchain): add ruff rules D (except D100 and D104) (#31994) chore(langchain): add ruff rules N (#32098) chore(langchain): improve PostgreSQL Manager upsert SQLAlchemy API calls. (#32748) chore: adress pytest-asyncio deprecation warnings + other nits (#32696) chore(langchain): add mypy pydantic plugin (#32610) chore: update references to use the latest version of Claude-3.5 Sonnet (#32594) chore(langchain): add mypy warn_unreachable setting (#32529) docs: update outdated README.md content (#32540) fix(tests): add anthropic_proxy to configurable test parameters chore(langchain): select ALL rules with exclusions (#31930) feat: port various nit changes from wip-v0.4 (#32506) chore: formatting across codebase (#32466) feat(openai): minimal and verbosity (#32455) fix: use new Google model names in examples (#32288) fix: update bar_model to use the correct model version claude-3-7-sonnet-20250219 (#32284) refactor: remove references to unsupported model claude-3-sonnet-20240229 (#32281) fix(core): track within-batch deduplication in indexing num_skipped count (#32273) fix: formatting issues in docstrings (#32265) fix: devcontainer (#32260) chore(langchain): add ruff rules ARG (#32110) chore(langchain): add ruff rules TC (#31921)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
deps(ai-assistant)(deps): Bump langchain in /ai-assistant
af953d1 
Bumps [langchain](https://github.com/langchain-ai/langchain) from 0.3.27 to 0.3.28.
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain==0.3.27...langchain==0.3.28)

---
updated-dependencies:
- dependency-name: langchain
  dependency-version: 0.3.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Mar 9, 2026

Labels

The following labels could not be found: ai-assistant, python, security. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@tosin2013 tosin2013

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tosin2013