[Aikido] Fix 5 critical issues in form-data, @langchain/core, @opentelemetry/auto-instrumentations-node and 3 more

[aikido-autofix]

Upgrade dependencies to fix critical HTTP Parameter Pollution (CVE-2025-7783), prompt injection/SSRF risks (CVE-2026-45134), prototype pollution (CVE-2026-40190), and streaming output redaction bypass (CVE-2026-41182).

⚠️ Incomplete breaking changes analysis (2/6 analyzed)

⚠️ Breaking changes analysis not available for: @langchain/core, @opentelemetry/auto-instrumentations-node, langchain, lerna

✅ No breaking changes from either package upgrade affect this codebase.

uuid (10.0.0 => 11.1.1):

• The uuid package is not directly imported or used anywhere in the codebase

• It exists only as a transitive dependency through langchain and @langchain/core packages

• The node version requirement change (node 16-20) is compatible with this project's requirement of node >=18

langsmith (0.2.5 => 0.6.0):

• The langsmith package is not directly imported or used anywhere in the codebase

• It exists only as a transitive dependency through langchain (^0.2.0) and @langchain/core (^0.1.56) packages

• The only reference to "langsmith" in the code is the LANGSMITH_HIDDEN_TAG constant in langfuse-langchain/src/callback.ts, which is just a string literal used for tag checking and does not interact with the langsmith package API

• None of the removed features (legacy evaluators, wrapAIModel, AI SDK exporter) are used in this codebase

• The pydantic v2 bump is irrelevant as this is a TypeScript/JavaScript project

Since both packages are only transitive dependencies and the codebase does not directly use any of their APIs or features, the breaking changes will not affect this codebase.

All breaking changes by upgrading langsmith from version 0.2.5 to 0.6.0 (CHANGELOG)

Version	Description
0.5.0	Make evaluator target function traces only trace inputs instead of nested inputs outputs reference_outputs
0.5.0	Change default ingest to multipart instead of single run
0.5.0	Omit raw HTTP info when tracing AI SDK runs
0.5.0	Remove legacy evaluators
0.5.0	Remove legacy AI SDK exporter and wrapAIModel
0.6.0	Bump pydantic to v2

✅ 5 CVEs resolved by this upgrade, including 1 critical 🚨 CVE

This PR will resolve the following CVEs:

Issue	Severity	Description
CVE-2025-7783	🚨 CRITICAL	[form-data] Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js. This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.
CVE-2026-41907	HIGH	[uuid] A buffer overflow vulnerability allows v3, v5, and v6 UUID functions to write beyond caller-provided buffer boundaries when given small buffers or large offsets, causing silent data corruption. This can lead to memory corruption and potential code execution or information disclosure.
CVE-2026-45134	HIGH	[langsmith] Prompt manifests fetched by pull methods can contain attacker-controlled LangChain objects and model configuration, enabling SSRF, prompt injection, or credential disclosure when pulling public prompts from untrusted sources. The SDK now requires explicit opt-in via a flag to pull public prompts.
CVE-2026-40190	MEDIUM	[langsmith] Incomplete prototype pollution fix in vendored lodash allows attackers to pollute Object.prototype via constructor.prototype traversal when processing data through the createAnonymizer() API, affecting all objects in the Node.js process.
CVE-2026-41182	MEDIUM	[langsmith] Output redaction controls fail to apply to streaming token events, allowing sensitive LLM output to bypass redaction and leak via run events in LangSmith. This information disclosure vulnerability affects applications relying on redaction to prevent sensitive data storage.