[LangGraph] Upgrade API used for serialization to allow input of allowed_json_modules

XMLWordPrintableJSON

    • 🔵 Done
    • Python Drivers
    • Not Needed
    • None
    • None
    • None
    • None
    • None
    • None

      Context

      Describe the background behind the problem.

      Our checkpointer does not allow one to call the kwargs of langgraph.checkpoint.serde.jsonplus.JsonPlusSerializer(). In versions < 3.0, this mean that it does not allow a fallback to pickle. In versions >= 3.0, it means one cannot also defined allowed_json_modules for safe deserialization.

      Definition of done

      What must be done to consider the task complete?

      • Add these kwargs to the checkpoint constructor. Ensure they are used in the .utils module where serialization is performed.

      Pitfalls

      What should the implementer watch out for? What are the risks?
      Do not want this change to slow down the fix to the CVE.

            Assignee:
            Noah Stapp
            Reporter:
            Casey Clements
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: