Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
langchain
Advanced tools
The langchain npm package is designed to facilitate the development of applications that leverage language models. It provides tools for chaining together different language model operations, managing prompts, and integrating with various data sources.
Prompt Management
This feature allows you to create and manage prompts easily. You can define templates and format them with dynamic data.
const { PromptTemplate } = require('langchain');
const template = new PromptTemplate('Translate the following text to French: {text}');
const prompt = template.format({ text: 'Hello, how are you?' });
console.log(prompt); // Output: Translate the following text to French: Hello, how are you?
Chaining Operations
This feature allows you to chain together multiple operations, where the output of one step becomes the input to the next.
const { Chain } = require('langchain');
const chain = new Chain();
chain.addStep(async (input) => `Step 1: ${input}`);
chain.addStep(async (input) => `Step 2: ${input}`);
chain.run('Initial Input').then(console.log); // Output: Step 2: Step 1: Initial Input
Integration with Data Sources
This feature allows you to integrate with various data sources, making it easy to fetch and use data within your language model operations.
const { DataSource } = require('langchain');
const dataSource = new DataSource('https://api.example.com/data');
dataSource.fetch().then(data => console.log(data));
The openai npm package provides a simple interface to interact with OpenAI's GPT-3 and other models. While it focuses on direct interaction with OpenAI's API, langchain offers more advanced features like prompt management and chaining operations.
The node-nlp package is a natural language processing library for Node.js. It provides tools for entity extraction, sentiment analysis, and more. While it offers a broad range of NLP functionalities, langchain is more specialized in chaining language model operations and managing prompts.
Compromise is a lightweight NLP library for Node.js. It focuses on text processing and manipulation. Compared to langchain, compromise is more about text analysis and less about chaining language model operations or managing prompts.
β‘ Building applications with LLMs through composability β‘
Looking for the Python version? Check out LangChain.
To help you ship LangChain apps to production faster, check out LangSmith. LangSmith is a unified developer platform for building, testing, and monitoring LLM applications. Fill out this form to get off the waitlist or speak with our sales team.
You can use npm, yarn, or pnpm to install LangChain.js
npm install -S langchain
or yarn add langchain
or pnpm add langchain
import { ChatOpenAI } from "langchain/chat_models/openai";
LangChain is written in TypeScript and can be used in:
LangChain is a framework for developing applications powered by language models. It enables applications that:
This framework consists of several parts.
The LangChain libraries themselves are made up of several different packages.
@langchain/core
: Base abstractions and LangChain Expression Language.@langchain/community
: Third party integrations.langchain
: Chains, agents, and retrieval strategies that make up an application's cognitive architecture.Integrations may also be split into their own compatible packages.
This library aims to assist in the development of those types of applications. Common examples of these applications include:
βQuestion Answering over specific documents
π¬ Chatbots
The main value props of the LangChain libraries are:
Off-the-shelf chains make it easy to get started. Components make it easy to customize existing chains and build new ones.
Components fall into the following modules:
π Model I/O:
This includes prompt management, prompt optimization, a generic interface for all LLMs, and common utilities for working with LLMs.
π Retrieval:
Data Augmented Generation involves specific types of chains that first interact with an external data source to fetch data for use in the generation step. Examples include summarization of long pieces of text and question/answering over specific data sources.
π€ Agents:
Agents involve an LLM making decisions about which Actions to take, taking that Action, seeing an Observation, and repeating that until done. LangChain provides a standard interface for agents, a selection of agents to choose from, and examples of end-to-end agents.
Please see here for full documentation, which includes:
As an open-source project in a rapidly developing field, we are extremely open to contributions, whether it be in the form of a new feature, improved infrastructure, or better documentation.
For detailed information on how to contribute, see here.
Please report any security issues or concerns following our security guidelines.
This is built to integrate as seamlessly as possible with the LangChain Python package. Specifically, this means all objects (prompts, LLMs, chains, etc) are designed in a way where they can be serialized and shared between languages.
FAQs
Typescript bindings for langchain
The npm package langchain receives a total of 330,587 weekly downloads. As such, langchain popularity was classified as popular.
We found that langchain demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago.Β It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.