Skip to content

chore(deps): bump langsmith from 0.2.15 to 0.6.0#116

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/langsmith-0.6.0
Closed

chore(deps): bump langsmith from 0.2.15 to 0.6.0#116
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/langsmith-0.6.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 13, 2026

Copy link
Copy Markdown

Bumps langsmith from 0.2.15 to 0.6.0.

Release notes

Sourced from langsmith's releases.

v0.6.0

What's Changed

Full Changelog: langchain-ai/langsmith-sdk@v0.5.2...v0.6.0

v0.6.0rc0

What's Changed

Full Changelog: langchain-ai/langsmith-sdk@v0.5.1...v0.6.0rc0

v0.5.2

What's Changed

Full Changelog: langchain-ai/langsmith-sdk@v0.5.1...v0.5.2

v0.5.1

What's Changed

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for langsmith since your current version.

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.


@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 13, 2026
@snyk-io

snyk-io Bot commented May 13, 2026

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@socket-security

socket-security Bot commented May 13, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Added@​types/​resolve@​1.20.61001007280100
Added@​types/​react@​19.2.141001007996100
Addedclsx@​1.2.11001008880100
Addedclsx@​2.1.11001009480100
Addedignore@​7.0.59910010080100
Addeddecimal.js@​10.6.09810010081100
Addedchokidar@​3.6.09810010081100
Added@​popperjs/​core@​2.11.89910010082100
Addedbraces@​3.0.310010010082100

View full report

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/langsmith-0.6.0 branch from b70e335 to 6562839 Compare May 23, 2026 16:34
@kilo-code-bot

kilo-code-bot Bot commented May 23, 2026

Copy link
Copy Markdown

Kilo Code Review could not run — your account is out of credits.

Add credits or switch to a free model to enable reviews on this change.

Bumps [langsmith](https://github.com/langchain-ai/langsmith-sdk) from 0.2.15 to 0.6.0.
- [Release notes](https://github.com/langchain-ai/langsmith-sdk/releases)
- [Commits](https://github.com/langchain-ai/langsmith-sdk/commits/v0.6.0)

---
updated-dependencies:
- dependency-name: langsmith
  dependency-version: 0.6.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/langsmith-0.6.0 branch from 6562839 to 09d9765 Compare June 2, 2026 10:34
@changeset-bot

changeset-bot Bot commented Jun 2, 2026

Copy link
Copy Markdown

⚠️ No Changeset found

Latest commit: 09d9765

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@snyk-io

snyk-io Bot commented Jun 2, 2026

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
🔚 Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@kilo-code-bot

kilo-code-bot Bot commented Jun 2, 2026

Copy link
Copy Markdown

Code Review Summary

Status: 2 Issues Found | Recommendation: Address before merge

Overview

Severity Count
CRITICAL 1
WARNING 1
SUGGESTION 0
Issue Details (click to expand)

CRITICAL

File Line Issue
references/nextjs-realtime/package.json 31 React version mismatch: The lockfile shows react was bumped from 18.3.1 to 19.1.0 for this workspace, but react-dom remains at 18.2.0. React 19 requires react-dom 19 - this mismatch will cause runtime errors like "Invalid hook call" and crashes at startup.

WARNING

File Line Issue
references/nextjs-realtime/package.json 31 Missing peer dependencies after langsmith bump: langsmith 0.6.0 introduces new peer dependencies on @opentelemetry/api, @opentelemetry/exporter-trace-otlp-proto, @opentelemetry/sdk-trace-base (all optional), and ws (optional). The lockfile shows these pulling in large transitive dependency trees (@opentelemetry/exporter-trace-otlp-proto, @opentelemetry/sdk-trace-base, ws@8.18.3). No code changes were made to handle or install these peer deps; if they are optional this may be fine, but if runtime code requires them it will silently leave tracing functionality broken.
Other Observations (not in diff)
File Line Issue
(changeset-bot) No changeset was added for this dependency bump. The changeset-bot noted this would not trigger a version bump. For a dependency bump PR, a changeset should be added to document the upgrade.
Files Reviewed (1 file + lockfile)
  • references/nextjs-realtime/package.json - 1 critical (React mismatch), 1 warning (missing peer deps)
  • pnpm-lock.yaml - Lockfile changes reviewed; extensive transitive dependency updates resulting from langsmith bump and lockfile refresh

Reviewed by step-3.7-flash-20260528 · 853,737 tokens

@dependabot @github

dependabot Bot commented on behalf of github Jun 4, 2026

Copy link
Copy Markdown
Author

Looks like langsmith is no longer a dependency, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 4, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/langsmith-0.6.0 branch June 4, 2026 16:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants