chore(deps): update dependency langchain-community to v0.2.19 [security] #117

renovate-bot · 2025-05-28T09:12:40Z

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
langchain-community (changelog)	`==0.2.12` -> `==0.2.19`

GitHub Vulnerability Alerts

CVE-2024-8309

A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in multi-tenant security environments, and data integrity issues. Attackers can create, update, or delete nodes and relationships without proper authorization, extract sensitive data, disrupt services, access data across different tenants, and compromise the integrity of the database.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

dpebot · 2025-05-28T09:12:45Z

/gcbrun

dpebot · 2025-05-28T23:04:48Z

/gcbrun

dpebot · 2025-05-29T05:16:01Z

/gcbrun

dpebot · 2025-05-29T13:24:03Z

/gcbrun

dpebot · 2025-05-29T23:30:13Z

/gcbrun

dpebot · 2025-05-30T06:08:19Z

/gcbrun

dpebot · 2025-05-30T18:37:55Z

/gcbrun

dpebot · 2025-05-31T01:40:32Z

/gcbrun

dpebot · 2025-05-31T11:23:10Z

/gcbrun

dpebot · 2025-05-31T18:20:27Z

/gcbrun

dpebot · 2025-06-01T01:37:56Z

/gcbrun

dpebot · 2025-06-01T09:47:04Z

/gcbrun

dpebot · 2025-06-01T16:33:16Z

/gcbrun

dpebot · 2025-07-12T03:24:06Z

/gcbrun

dpebot · 2025-07-12T10:55:14Z

/gcbrun

dpebot · 2025-07-12T17:29:09Z

/gcbrun

dpebot · 2025-07-13T00:50:37Z

/gcbrun

dpebot · 2025-07-13T11:14:34Z

/gcbrun

dpebot · 2025-07-13T18:33:34Z

/gcbrun

dpebot · 2025-07-14T02:53:11Z

/gcbrun

dpebot · 2025-07-14T11:07:08Z

/gcbrun

dpebot · 2025-07-15T00:10:54Z

/gcbrun

dpebot · 2025-07-15T06:09:09Z

/gcbrun

dpebot · 2025-07-15T16:47:08Z

/gcbrun

dpebot · 2025-07-16T01:50:28Z

/gcbrun

dpebot · 2025-07-16T13:56:59Z

/gcbrun

dpebot · 2025-07-17T01:47:07Z

/gcbrun

dpebot · 2025-07-17T12:26:11Z

/gcbrun

renovate-bot requested review from a team as code owners May 28, 2025 09:12

blunderbuss-gcf bot assigned PingXie May 28, 2025

product-auto-label bot added the api: redis Issues related to the googleapis/langchain-google-memorystore-redis-python API. label May 28, 2025

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 4f326ff to ad142af Compare May 28, 2025 23:04

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from ad142af to 926dcc4 Compare May 29, 2025 05:15

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 926dcc4 to 2445254 Compare May 29, 2025 13:23

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 2445254 to 4e1e101 Compare May 29, 2025 23:30

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 4e1e101 to 7281f40 Compare May 30, 2025 06:08

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 7281f40 to 1656901 Compare May 30, 2025 18:37

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 1656901 to 9f56426 Compare May 31, 2025 01:40

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 9f56426 to 638da1e Compare May 31, 2025 11:23

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 638da1e to 1d36c35 Compare May 31, 2025 18:20

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 1d36c35 to 60cef87 Compare June 1, 2025 01:37

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 60cef87 to 42f071b Compare June 1, 2025 09:47

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 42f071b to b08b378 Compare June 1, 2025 16:33

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from b08b378 to 2803e56 Compare June 2, 2025 00:31

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 20558da to 7f240ad Compare July 12, 2025 10:55

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 7f240ad to fa52308 Compare July 12, 2025 17:28

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from fa52308 to 132d4f0 Compare July 13, 2025 00:50

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 132d4f0 to 0b9f675 Compare July 13, 2025 11:14

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 0b9f675 to 497dd19 Compare July 13, 2025 18:33

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 497dd19 to 7c90374 Compare July 14, 2025 02:53

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 7c90374 to b783c6b Compare July 14, 2025 11:06

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from b783c6b to 682da98 Compare July 15, 2025 00:10

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 682da98 to 25e4be3 Compare July 15, 2025 06:08

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 25e4be3 to e71e35e Compare July 15, 2025 16:46

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from e71e35e to 2b6b54b Compare July 16, 2025 01:50

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 2b6b54b to 22ee248 Compare July 16, 2025 13:56

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 22ee248 to 39e9f5e Compare July 17, 2025 01:46

chore(deps): update dependency langchain-community to v0.2.19 [security]

39e1f2b

renovate-bot force-pushed the renovate/pypi-langchain-community-vulnerability branch from 39e9f5e to 39e1f2b Compare July 17, 2025 12:26

chore(deps): update dependency langchain-community to v0.2.19 [security] #117

Are you sure you want to change the base?

chore(deps): update dependency langchain-community to v0.2.19 [security] #117

Uh oh!

Conversation

renovate-bot commented May 28, 2025

GitHub Vulnerability Alerts

CVE-2024-8309

Configuration

Uh oh!

dpebot commented May 28, 2025

Uh oh!

dpebot commented May 28, 2025

Uh oh!

dpebot commented May 29, 2025

Uh oh!

dpebot commented May 29, 2025

Uh oh!

dpebot commented May 29, 2025

Uh oh!

dpebot commented May 30, 2025

Uh oh!

dpebot commented May 30, 2025

Uh oh!

dpebot commented May 31, 2025

Uh oh!

dpebot commented May 31, 2025

Uh oh!

dpebot commented May 31, 2025

Uh oh!

dpebot commented Jun 1, 2025

Uh oh!

dpebot commented Jun 1, 2025

Uh oh!

dpebot commented Jun 1, 2025

Uh oh!

dpebot commented Jul 12, 2025

Uh oh!

dpebot commented Jul 12, 2025

Uh oh!

dpebot commented Jul 12, 2025

Uh oh!

dpebot commented Jul 13, 2025

Uh oh!

dpebot commented Jul 13, 2025

Uh oh!

dpebot commented Jul 13, 2025

Uh oh!

dpebot commented Jul 14, 2025

Uh oh!

dpebot commented Jul 14, 2025

Uh oh!

dpebot commented Jul 15, 2025

Uh oh!

dpebot commented Jul 15, 2025

Uh oh!

dpebot commented Jul 15, 2025

Uh oh!

dpebot commented Jul 16, 2025

Uh oh!

dpebot commented Jul 16, 2025

Uh oh!

dpebot commented Jul 17, 2025

Uh oh!

dpebot commented Jul 17, 2025

Uh oh!

Uh oh!