Security News
Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm
Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.
By Philipp Burckhardt - Nov 14, 2025
@langchain/azure-cosmosdb
Advanced tools
@langchain/azure-cosmosdb
This package contains the Azure CosmosDB vector store integrations.
Learn more about how to use this package in the LangChain documentation:
Installation
npm install @langchain/azure-cosmosdb @langchain/core
This package, along with the main LangChain package, depends on @langchain/core.
If you are using this package with other LangChain packages, you should make sure that all of the packages depend on the same instance of @langchain/core.
You can do so by adding appropriate fields to your project's package.json like this:
{
"name": "your-project",
"version": "0.0.0",
"dependencies": {
"@langchain/core": "^0.3.0",
"@langchain/azure-cosmosdb": "^0.2.5"
},
"resolutions": {
"@langchain/core": "0.3.0"
},
"overrides": {
"@langchain/core": "0.3.0"
},
"pnpm": {
"overrides": {
"@langchain/core": "0.3.0"
}
}
}
The field you need depends on the package manager you're using, but we recommend adding a field for the common yarn, npm, and pnpm to maximize compatibility.
Usage
import { AzureCosmosDBNoSQLVectorStore } from "@langchain/azure-cosmosdb";
const store = await AzureCosmosDBNoSQLVectorStore.fromDocuments(
["Hello, World!"],
new OpenAIEmbeddings(),
{
databaseName: "langchain",
containerName: "documents",
}
);
const resultDocuments = await store.similaritySearch("hello");
console.log(resultDocuments[0].pageContent);
FAQs
Azure CosmosDB integration for LangChain.js
The npm package @langchain/azure-cosmosdb receives a total of 725 weekly downloads. As such, @langchain/azure-cosmosdb popularity was classified as not popular.
We found that @langchain/azure-cosmosdb demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 11 open source maintainers collaborating on the project.
Package last updated on 15 Sep 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PyPI Expands Trusted Publishing to GitLab Self-Managed as Adoption Passes 25 Percent
PyPI adds Trusted Publishing support for GitLab Self-Managed as adoption reaches 25% of uploads
By Sarah Gooding - Nov 14, 2025
Research
/Security News
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.
By Kirill Boychenko - Nov 12, 2025