Product
Introducing Repository Access Permissions and Custom Roles
Socket now supports Custom Roles and Repository Access Permissions so organizations can control who can access specific repositories and actions.
By Joe Werle - Jun 19, 2026
🚀 Socket Launch Week Day 5:Introducing Repository Access Permissions and Custom Roles.Learn more →
@mastra/langsmith
Advanced tools
This package has malicious versions linked to the ongoing "Mastra AI framework compromise" supply chain attack.
Affected versions:
@mastra/langsmith
Langsmith observability provider for Mastra - includes tracing and future observability features
@mastra/langsmith
LangSmith AI Observability exporter for Mastra applications.
Installation
npm install @mastra/langsmith
Usage
Zero-Config Setup
The exporter automatically reads credentials from environment variables:
# Required
LANGSMITH_API_KEY=lsv2_pt_...
# Optional
LANGCHAIN_PROJECT=my-project # Project name, defaults to "default"
import { LangSmithExporter } from '@mastra/langsmith';
const mastra = new Mastra({
...,
observability: {
configs: {
langsmith: {
serviceName: 'my-service',
exporters: [new LangSmithExporter()],
},
},
},
});
Explicit Configuration
You can also pass credentials directly:
import { LangSmithExporter } from '@mastra/langsmith';
const mastra = new Mastra({
...,
observability: {
configs: {
langsmith: {
serviceName: 'my-service',
exporters: [
new LangSmithExporter({
apiKey: 'lsv2_pt_...',
projectName: 'my-custom-project', // Optional
}),
],
},
},
},
});
Configuration Options
| Option | Type | Description |
|---|---|---|
apiKey | string | LangSmith API key. Defaults to LANGSMITH_API_KEY env var |
projectName | string | The name of the LangSmith project to send traces to. Overrides LANGCHAIN_PROJECT env var |
apiUrl | string | Custom LangSmith API URL (for self-hosted instances) |
client | Client | Custom LangSmith client instance |
Features
Tracing
- Automatic span mapping: Root spans become LangSmith traces
- Type-specific metadata: Extracts relevant metadata for each span type (agents, tools, workflows)
- Error tracking: Automatic error status and message tracking
- Hierarchical traces: Maintains parent-child relationships
- Event span support: Zero-duration spans for event-type traces
FAQs
Langsmith observability provider for Mastra - includes tracing and future observability features
The npm package @mastra/langsmith receives a total of 25,317 weekly downloads. As such, @mastra/langsmith popularity was classified as popular.
We found that @mastra/langsmith demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Package last updated on 19 Jun 2026
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket MCP Adds Org Alerts, Threat Feed Review, and Package Inspection
Socket MCP now lets AI assistants review org alerts, investigate threats using the Socket threat feed, and inspect package files in addition to dependency scoring.
By John Tuckner - Jun 18, 2026
Product
Socket Firewall Now Blocks Malicious VS Code and Open VSX Extensions
Socket Firewall blocks malicious VS Code and Open VSX extensions before install, protecting developers from compromised editor marketplaces.
By John Tuckner - Jun 17, 2026