@langchain/langgraph
LangGraph
51
Versions
MIT
License
No
Install Scripts
Verified
Provenance
Supply chain provenance
Status for the latest visible version.
SLSA provenance attestation
npm registry signatures
No source commit
Maintainers
hwchase17jacoblee93basprouleric_langchainandrewnguonlydavidduongmaddyadamssam_noyeslangchain-securityandy-langchainrcasuphntrlchristian-bromann
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| phantom-deps | phantom-dep:langchain | AI (phantom-deps): Langchain is a core dependency re-exported by this wrapper; phantom-dep pattern is expected for orchestration libraries. | ai | |
| phantom-deps | phantom-dep:zod | AI (phantom-deps): Zod is a direct dependency used in type validation; phantom-dep pattern is expected for schema libraries in wrapper packages. | ai | |
| phantom-deps | phantom-dep:@langchain/community | AI (phantom-deps): Same-org scoped dependency used in examples/config; phantom-dep pattern is expected in monorepo-style ecosystems. | ai | |
| phantom-deps | phantom-dep:@langchain/openai | AI (phantom-deps): Same-org scoped dependency used in examples/config; phantom-dep pattern is expected in monorepo-style ecosystems. | ai | |
| dependencies | unvetted-dep:double-ended-queue | AI (dependencies): double-ended-queue is a well-known, stable utility package with no security concerns; safe for use as a dependency in this package. | ai | |
| dependencies | unvetted-dep:@langchain/langgraph-checkpoint-sqlite | AI (dependencies): First-party sibling package from the same LangChain/LangGraph monorepo, published by the same trusted maintainer team. | ai | |
| provenance | publisher-changed | AI (provenance): davidduong is a known LangChain team publisher (714 days, 207 approved). Legitimate maintainer rotation within the langchain-ai org. | ai | |
| provenance | no-provenance | AI (provenance): Established LangChain package; lack of Sigstore provenance is a known gap for this package family, not a security indicator. | ai | |
| source-diff | encoded-string-file:dist/hash.js | AI (source-diff): The long hex string is the well-known XXH3 secret key constant, used by the xxHash hashing algorithm implementation. This is a legitimate cryptographic constant, not a malicious payload. | ai | |
| source-diff | encoded-string-file:dist/hash.cjs | AI (source-diff): The long hex string is the XXH3 hashing algorithm's secret/seed constant — a standard cryptographic constant used in the XXH3 implementation. Not a malicious payload. | ai | |
| publish-pattern | new-deps-added | AI (publish-pattern): @standard-schema/spec is a legitimate, widely-used schema interface package pinned to 1.1.0; consistent with LangGraph's schema validation support direction. | ai | |
| provenance | missing-githead | AI (provenance): Package has SLSA provenance attestation via Sigstore, which is a stronger integrity signal. Missing gitHead reflects a CI pipeline change, not a malicious publish. | ai | |
| maintainer-change | maintainer-added | AI (maintainer-change): Maintainer change is within the langchain-ai org; hntrl is a known LangChain contributor. Legitimate transition, not a takeover. | ai | |
| maintainer-change | maintainer-removed | AI (maintainer-change): benjamincburns removal is part of a legitimate org-level maintainer transition within langchain-ai. | ai | |
| dependencies | unvetted-dep:@langchain/langgraph-sdk | AI (dependencies): First-party LangChain sibling package published by the same org; expected dependency for langgraph ecosystem packages. | ai | |
| dependencies | unvetted-dep:@langchain/langgraph-checkpoint | AI (dependencies): First-party LangChain sibling package published by the same org; expected dependency for langgraph ecosystem packages. | ai |
Versions (showing 51 of 173)
| Version | Deps | Published |
|---|---|---|
| 1.3.2 | 5 / 26 | |
| 1.3.1 | 5 / 26 | |
| 1.3.0 | 5 / 26 | |
| 1.2.9 | 4 / 26 | |
| 1.2.8 | 4 / 26 | |
| 1.2.7 | 4 / 26 | |
| 1.2.6 | 4 / 35 | |
| 1.2.5 | 4 / 35 | |
| 1.2.4 | 4 / 35 | |
| 1.2.3 | 4 / 35 | |
| 1.2.2 | 4 / 35 | |
| 1.2.1 | 4 / 35 | |
| 1.2.0 | 4 / 35 | |
| 1.1.5 | 4 / 35 | |
| 1.1.4 | 4 / 35 | |
| 1.1.3 | 4 / 35 | |
| 1.1.2 | 4 / 35 | |
| 1.1.1 | 3 / 36 | |
| 1.1.0 | 3 / 36 | |
| 1.0.15 | 3 / 35 | |
| 1.0.14 | 3 / 35 | |
| 1.0.13 | 3 / 37 | |
| 1.0.12 | 3 / 37 | |
| 1.0.7 | 3 / 37 | |
| 1.0.6 | 3 / 37 | |
| 1.0.5 | 3 / 37 | |
| 1.0.4 | 3 / 37 | |
| 1.0.3 | 3 / 37 | |
| 1.0.2 | 3 / 37 | |
| 1.0.1 | 3 / 37 | |
| 1.0.0 | 3 / 37 | |
| 0.4.9 | 4 / 38 | |
| 0.4.8 | 4 / 38 | |
| 0.4.7 | 4 / 38 | |
| 0.4.6 | 4 / 38 | |
| 0.4.5 | 4 / 38 | |
| 0.4.4 | 4 / 38 | |
| 0.4.3 | 4 / 38 | |
| 0.4.2 | 4 / 38 | |
| 0.4.1 | 4 / 38 | |
| 0.4.0 | 4 / 38 | |
| 0.3.12 | 4 / 37 | |
| 0.3.11 | 4 / 37 | |
| 0.3.10 | 4 / 37 | |
| 0.3.9 | 4 / 37 | |
| 0.3.8 | 4 / 37 | |
| 0.3.7 | 4 / 37 | |
| 0.3.6 | 4 / 36 | |
| 0.3.5 | 4 / 36 | |
| 0.3.4 | 4 / 36 | |
| 0.3.3 | 4 / 36 |
v1.3.2
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.3.1
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.3.0
1 finding
INFO
Has SLSA provenance attestation
provenance
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.