This release adds 1 notable feature for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+11 more
Affected surfaces
ReleasePort's take
Moderate signallangchain-fireworks 1.4.0 adds ContextOverflowError handling for overlong prompts and requires migration to fireworks-ai 1.x SDK. Dependency updates for idna, langsmith, requests, urllib3, and langchain-core are included.
Why it matters: Upgrade to 1.4.0 and add ContextOverflowError handling to code. Migrate to fireworks-ai 1.x SDK; dependency updates maintain compatibility.
Summary
AI summaryFixed prompt-too-long by raising ContextOverflowError.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Feature | Medium |
migrate to `fireworks-ai` 1.x SDK migrate to `fireworks-ai` 1.x SDK Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high |
— |
| Dependency | Medium |
bump idna from 3.10 to 3.15 in /libs/partners/fireworks bump idna from 3.10 to 3.15 in /libs/partners/fireworks Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low |
— |
| Dependency | Medium |
bump langsmith from 0.7.31 to 0.8.0 in /libs/partners/fireworks bump langsmith from 0.7.31 to 0.8.0 in /libs/partners/fireworks Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low |
— |
| Dependency | Medium |
bump requests from 2.33.1 to 2.34.0 in /libs/partners/fireworks bump requests from 2.33.1 to 2.34.0 in /libs/partners/fireworks Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low |
— |
| Dependency | Medium |
bump urllib3 from 2.6.3 to 2.7.0 in /libs/partners/fireworks bump urllib3 from 2.6.3 to 2.7.0 in /libs/partners/fireworks Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low |
— |
| Dependency | Medium |
bump langchain-core from 1.3.2 to 1.3.3 in /libs/partners/fireworks bump langchain-core from 1.3.2 to 1.3.3 in /libs/partners/fireworks Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low |
— |
| Performance | Medium |
harden Dependabot version-bound preservation harden Dependabot version-bound preservation Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low |
— |
| Bugfix | Medium |
raise `ContextOverflowError` on prompt-too-long raise `ContextOverflowError` on prompt-too-long Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high |
— |
Full changelog
Changes since langchain-fireworks==1.3.1
release(fireworks): 1.4.0 (#37582)
feat(fireworks): migrate to fireworks-ai 1.x SDK (#37581)
chore(model-profiles): refresh model profile data (#37574)
chore: bump idna from 3.10 to 3.15 in /libs/partners/fireworks (#37527)
ci(infra): harden Dependabot version-bound preservation (#37510)
fix(fireworks): raise ContextOverflowError on prompt-too-long (#37458)
chore: bump langsmith from 0.7.31 to 0.8.0 in /libs/partners/fireworks (#37404)
chore: bump requests from 2.33.1 to 2.34.0 in /libs/partners/fireworks (#37355)
chore: bump urllib3 from 2.6.3 to 2.7.0 in /libs/partners/fireworks (#37339)
chore: bump langchain-core from 1.3.2 to 1.3.3 in /libs/partners/fireworks (#37279)
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
Related context
Related tools
Earlier breaking changes
- vlangchain-core==1.4.0 Deletes schema items marked for removal in schemas.py
- vlangchain-core==1.4.0 Deletes function_calling.py utils marked for removal
- vlangchain-core==1.4.0 Deletes get_relevant_documents function from API
- vlangchain-core==1.4.0 Deletes pydantic_v1 module entirely from codebase
- vlangchain-core==1.4.0 Deletes BaseMemory module, moved to langchain-classic
Beta — feedback welcome: [email protected]