chore(deps): update dependency langchain-core to v0.3.15 [security] #85
+1
−1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
/gcbrun |
96829b0 to
2feb378
Compare
|
/gcbrun |
2feb378 to
2d24bf2
Compare
|
/gcbrun |
2d24bf2 to
94f1d72
Compare
|
/gcbrun |
94f1d72 to
8f97bcb
Compare
|
/gcbrun |
8f97bcb to
c895ca1
Compare
|
/gcbrun |
c895ca1 to
1cb6047
Compare
|
/gcbrun |
1cb6047 to
1aea5dc
Compare
|
/gcbrun |
1aea5dc to
5c13305
Compare
|
/gcbrun |
5c13305 to
9596162
Compare
|
/gcbrun |
9596162 to
9e725a3
Compare
|
/gcbrun |
9e725a3 to
6033b01
Compare
|
/gcbrun |
6033b01 to
e168155
Compare
|
/gcbrun |
e168155 to
af93972
Compare
|
/gcbrun |
cbb4d34 to
6087044
Compare
|
/gcbrun |
6087044 to
cb56ae2
Compare
|
/gcbrun |
cb56ae2 to
5f6509b
Compare
|
/gcbrun |
5f6509b to
a7ef531
Compare
|
/gcbrun |
a7ef531 to
2222c27
Compare
|
/gcbrun |
2222c27 to
05bd58f
Compare
|
/gcbrun |
05bd58f to
f9f95e8
Compare
|
/gcbrun |
f9f95e8 to
c7fe661
Compare
|
/gcbrun |
c7fe661 to
1516698
Compare
|
/gcbrun |
1516698 to
6a97331
Compare
|
/gcbrun |
6a97331 to
3f94c23
Compare
|
/gcbrun |
3f94c23 to
477419d
Compare
|
/gcbrun |
477419d to
8d64c9d
Compare
|
/gcbrun |
8d64c9d to
24cd181
Compare
|
/gcbrun |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
==0.3.6->==0.3.15GitHub Vulnerability Alerts
CVE-2024-10940
A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchain_core.prompts.ImagePromptTemplate's (and by extension langchain_core.prompts.ChatPromptTemplate's) with input variables that can read any user-specified path from the server file system. If the outputs of these prompt templates are exposed to the user, either directly or through downstream model outputs, it can lead to the exposure of sensitive information.
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Never, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.