chore(deps): bump langsmith from 0.7.22 to 0.8.0

[dependabot]

Bumps langsmith from 0.7.22 to 0.8.0.

Release notes

Sourced from langsmith's releases.

v0.8.0

What's Changed

• feat(js,py): JS 0.6.0, Py 0.8.0 by @​jacoblee93 in langchain-ai/langsmith-sdk#2831
• release(js): 0.6.0 by @​jacoblee93 in langchain-ai/langsmith-sdk#2832
• release(py): 0.8.0 by @​jacoblee93 in langchain-ai/langsmith-sdk#2833

Full Changelog: langchain-ai/langsmith-sdk@v0.7.38...v0.8.0

v0.7.38

What's Changed

• feat(js): add tracing of opencode by @​dqbd in langchain-ai/langsmith-sdk#2776
• chore(js): Remove types/uuid by @​jacoblee93 in langchain-ai/langsmith-sdk#2814
• docs(sandbox): document default idle TTL of 10 minutes by @​DanielKneipp in langchain-ai/langsmith-sdk#2788
• ci(py): Bump pytest timeout to 2m by @​jacoblee93 in langchain-ai/langsmith-sdk#2815
• chore(deps-dev): bump the js-minor-and-patch group across 1 directory with 4 updates by @​dependabot[bot] in langchain-ai/langsmith-sdk#2803
• chore(deps): update sphinx-autobuild requirement from >=2024 to >=2024.10.3 in /python by @​dependabot[bot] in langchain-ai/langsmith-sdk#2809
• chore(deps): update myst-nb requirement from >=1.1.1 to >=1.4.0 in /python by @​dependabot[bot] in langchain-ai/langsmith-sdk#2810
• chore(deps-dev): bump types-pyyaml from 6.0.12.20250915 to 6.0.12.20260408 in /python by @​dependabot[bot] in langchain-ai/langsmith-sdk#2812
• chore(deps-dev): bump @​langchain/openai from 0.5.18 to 0.6.17 in /js by @​dependabot[bot] in langchain-ai/langsmith-sdk#2806
• chore(deps): bump the py-minor-and-patch group across 1 directory with 18 updates by @​dependabot[bot] in langchain-ai/langsmith-sdk#2808
• feat(py): Adds strands OTEL exporter by @​jacoblee93 in langchain-ai/langsmith-sdk#2817
• chore(js): Switch to oxfmt and oxlint by @​jacoblee93 in langchain-ai/langsmith-sdk#2819
• fix(py): fix RunTree ValidationError when inputs or outputs is a Pydantic BaseModel by @​QuentinBrosse in langchain-ai/langsmith-sdk#2820
• chore: add apac support by @​joaquin-borggio-lc in langchain-ai/langsmith-sdk#2821
• fix(js): Pull Claude Agent SDK subagent runs from transcript, add tool span for subagents, merge message blocks by id by @​jacoblee93 in langchain-ai/langsmith-sdk#2816
• release(js): 0.5.26 by @​jacoblee93 in langchain-ai/langsmith-sdk#2824
• release(py): 0.7.38 by @​jacoblee93 in langchain-ai/langsmith-sdk#2825

Full Changelog: langchain-ai/langsmith-sdk@v0.7.37...v0.7.38

v0.7.37

What's Changed

• perf(js): Offload serialize to worker thread at flush time by @​jacoblee93 in langchain-ai/langsmith-sdk#2781
• release(js): 0.5.24 by @​emil-lc in langchain-ai/langsmith-sdk#2790
• chore(js): Fix perf test flagging by @​jacoblee93 in langchain-ai/langsmith-sdk#2792
• feat(js,python): Adds hub model config and provider to schemas by @​jacoblee93 in langchain-ai/langsmith-sdk#2793
• fix(js): minor test improvements by @​christian-bromann in langchain-ai/langsmith-sdk#2429
• fix(js): Include auth headers on info requests by @​jacoblee93 in langchain-ai/langsmith-sdk#2800
• release(js): 0.5.25 by @​jacoblee93 in langchain-ai/langsmith-sdk#2801
• fix(python): flush both tracing_queue and compressed_traces in flush() by @​angus-langchain in langchain-ai/langsmith-sdk#2796
• chore(deps): bump postcss from 8.5.8 to 8.5.10 in /js/internal/environment_tests/test-exports-vite in the npm_and_yarn group across 1 directory by @​dependabot[bot] in langchain-ai/langsmith-sdk#2791
• chore(deps-dev): bump google-adk from 1.10.0 to 1.28.1 in /python by @​dependabot[bot] in langchain-ai/langsmith-sdk#2794
• fix(python): flush pending traces during Client.cleanup() by @​angus-langchain in langchain-ai/langsmith-sdk#2799
• fix(py): Fix concurrency for multiple Claude Agent SDK sessions by @​jacoblee93 in langchain-ai/langsmith-sdk#2795
• release(py): 0.7.37 by @​jacoblee93 in langchain-ai/langsmith-sdk#2802

Full Changelog: langchain-ai/langsmith-sdk@v0.7.36...v0.7.37

... (truncated)

Commits

• cf01c87 release(py): 0.8.0 (#2833)
• fd049c8 release(js): 0.6.0 (#2832)
• 092a886 feat(js,py): JS 0.6.0, Py 0.8.0 (#2831)
• ff180c0 release(py): 0.7.38 (#2825)
• d9de3ca release(js): 0.5.26 (#2824)
• 1428394 fix(js): Pull Claude Agent SDK subagent runs from transcript, add tool span f...
• 838e957 chore: add apac support (#2821)
• 003f22a fix(py): fix RunTree ValidationError when inputs or outputs is a Pydantic Bas...
• 8f5ef27 chore(js): Switch to oxfmt and oxlint (#2819)
• 9873633 feat(py): Adds strands OTEL exporter (#2817)
• Additional commits viewable in compare view

[claude]

LGTM — transitive dependency lock-file bump; langsmith is not directly imported by langfuse.

Extended reasoning...

Overview

This is a Dependabot-generated PR bumping langsmith from 0.7.22 to 0.8.0 in uv.lock only. It also includes a metadata tweak from uv itself: exclude-newer switched to a no-op sentinel value with a comment noting backwards compatibility for relative exclude-newer-span values.

Security risks

None apparent. langsmith is a transitive dependency (pulled in via langchain) and is not directly imported by langfuse — the only repo reference is the string literal "langsmith:hidden" used as a tag in the langchain CallbackHandler. The upgrade includes maintenance fixes and additive features (strands OTEL exporter, Pydantic input/output fix, Claude Agent SDK concurrency fix); nothing in the release notes appears security-sensitive.

Level of scrutiny

Low. This is a routine, mechanical bot dependency bump touching only uv.lock. No runtime code, no public API, no security-sensitive surfaces are affected.

Other factors

The exclude-newer lockfile metadata change looks unusual at first glance but is a known no-op marker emitted by recent uv versions; the inline comment in the lock confirms the intent. CI on the PR will exercise the langchain integration test paths.