fix(security): fix requests, pygments; risk-accept langchain-core (ENG-13418)

[andriy-sudo]

Vulnerability Fixes

Package	Old	New	Advisory	CVSS	Status
requests	2.32.5	2.33.1	GHSA-gc5v-m9x4-r6x2	MEDIUM	✅ Fixed
pygments	2.19.2	2.20.0	GHSA-5239-wwwm-4pmq	LOW	✅ Fixed
langchain-core	0.3.83	—	GHSA-qh6h-p6c9-ff54 / CVE-2026-34070	HIGH	⚠️ Risk accepted — see below

langchain-core risk acceptance rationale

The fix for GHSA-qh6h-p6c9-ff54 requires langchain-core >= 1.2.22, a major version upgrade from our current ^0.3.15 constraint. This upgrade is blocked because langchain-community 0.3.x (also a direct dependency) hard-constrains langchain-core<1.0.0. The stable 1.x line for langchain-community is not yet available (only 1.0.0a1 alpha exists).

Mitigation tracked in osv-scanner.toml until 2026-04-27 (SLA deadline). The load_prompt/load_prompt_from_config legacy APIs flagged by this CVE are not used in this integration package.

Also removes the stale GHSA-5239-wwwm-4pmq ignore — pygments 2.20.0 ships the fix.

Closes Dependabot alerts #38 (requests), #40 (Pygments).

Linear: ENG-13418

Changelog impact summary

Package	Old	New	Classification	Key changes
requests	2.32.5	2.33.1	Patch/security	Security fix for GHSA-gc5v-m9x4-r6x2; no API changes.
pygments	2.19.2	2.20.0	Patch/security	Fixes catastrophic backtracking in AdlLexer GUID/ID patterns (the ReDoS fix). Adds Rell lexer. No breaking changes.

[coderabbitai]

📝 Walkthrough

Walkthrough

The pull request updates dependency declarations and security vulnerability configurations. In langchain/pyproject.toml, two runtime dependencies are added: requests (>=2.33.0) and pygments (>=2.20.0). In osv-scanner.toml, the ignored vulnerabilities entry is updated, replacing the previously tracked vulnerability identifier with a new one, adjusting the expiration timestamp, and updating the associated reason text to reference a high-severity path traversal issue in langchain-core.

🚥 Pre-merge checks | ✅ 2

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly summarizes the main changes: fixing security vulnerabilities in requests and pygments, and risk-accepting langchain-core with a ticket reference.
Description check	✅ Passed	The description provides comprehensive details on vulnerability fixes, version upgrades, rationale for risk acceptance, and references to tracking issues.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch andriy/ENG-13418-fix-langchain-core-cve

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@osv-scanner.toml`:
- Line 8: Update the ignoreUntil TOML entry to a later date (e.g., add several
months) to extend the mitigation window by changing the ignoreUntil value;
additionally, add notes in the repository (e.g., SECURITY.md or a new
docs/mitigation-plan.md) documenting a concrete mitigation plan with milestones
for upgrading langchain-core and langchain-community, and add an interim
monitoring step (e.g., a CI check or alert) that scans for accidental usage of
the vulnerable APIs before the new deadline; reference the existing ignoreUntil
key and the affected packages langchain-core and langchain-community when making
the changes.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 9bffd7b6-254c-41d4-b6d1-98a34164a4ec

📥 Commits

Reviewing files that changed from the base of the PR and between d8a086e and 37b8a69.

⛔ Files ignored due to path filters (1)

• langchain/poetry.lock is excluded by !**/*.lock

📒 Files selected for processing (2)

• langchain/pyproject.toml
• osv-scanner.toml

[andriy-sudo]

@hongjingzhou — SPOC review request. Reviewer assignment API returned empty (team-access-only repo). Please review and approve when ready.