Change8

langchain-core==1.0.7

Breaking Changes
📦 langchainView on GitHub →
2 breaking🐛 2 fixes🔧 3 symbols

Summary

This release focuses on security hardening by restricting template engine functionality and improving input variable validation for f-string templates.

⚠️ Breaking Changes

  • Restricted functionality supported by jinja2 and mustache templates to mitigate security risks (GHSA-6qv9-48xg-fc7f).
  • Stricter validation for input variables in f-string templates may cause previously loose templates to fail validation.

Migration Steps

  1. Review f-string templates to ensure all input variables are correctly defined and validated.
  2. Audit jinja2 and mustache templates for usage of complex logic that may now be restricted.

🐛 Bug Fixes

  • Fixed validation logic for input variables in f-string templates.
  • Addressed security vulnerability GHSA-6qv9-48xg-fc7f by restricting template engine capabilities.

🔧 Affected Symbols

PromptTemplatejinja2mustache