chore: bump orjson from 3.11.5 to 3.11.6 in /libs/core by dependabot[bot] · Pull Request #35805 · langchain-ai/langchain

dependabot · 2026-03-12T21:35:13Z

Bumps orjson from 3.11.5 to 3.11.6.

Release notes

3.11.6

Changed

orjson now includes code licensed under the Mozilla Public License 2.0 (MPL-2.0).

Drop support for Python 3.9.

ABI compatibility with CPython 3.15 alpha 5.

Build now depends on Rust 1.89 or later instead of 1.85.

Fixed

Fix sporadic crash serializing deeply nested list of dict.

Changelog

Sourced from orjson's changelog.

3.11.6 - 2026-01-29

Changed

orjson now includes code licensed under the Mozilla Public License 2.0 (MPL-2.0).

Drop support for Python 3.9.

ABI compatibility with CPython 3.15 alpha 5.

Build now depends on Rust 1.89 or later instead of 1.85.

Fixed

Fix sporadic crash serializing deeply nested list of dict.

Commits

ec02024 3.11.6
d581687 build, clippy misc
4105b29 writer::num
62bb185 Fix sporadic crash on serializing object close
d860078 PyRef idiom refactors
343ae2f Deserializer, Utf8Buffer
7835f58 PyBytesRef and other input refactor
71e0516 PyStrRef
1096df4 MSRV 1.89
b718e75 Drop support for python3.9
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

codspeed-hq · 2026-03-12T21:38:45Z

Merging this PR will improve performance by 34.74%

⚠️

Unknown Walltime execution environment detected

Using the Walltime instrument on standard Hosted Runners will lead to inconsistent data.

For the most accurate results, we recommend using CodSpeed Macro Runners: bare-metal machines fine-tuned for performance measurement consistency.

⚡ 13 improved benchmarks
⏩ 23 skipped benchmarks¹

Performance Changes

	Mode	Benchmark	`BASE`	`HEAD`	Efficiency
⚡	WallTime	`test_async_callbacks_in_sync`	25.8 ms	19.2 ms	+34.74%
⚡	WallTime	`test_import_time[PydanticOutputParser]`	571.8 ms	485.1 ms	+17.87%
⚡	WallTime	`test_import_time[ChatPromptTemplate]`	668.1 ms	568.5 ms	+17.52%
⚡	WallTime	`test_import_time[BaseChatModel]`	556 ms	496.2 ms	+12.04%
⚡	WallTime	`test_import_time[Runnable]`	521.5 ms	462 ms	+12.87%
⚡	WallTime	`test_import_time[Document]`	196.2 ms	174.7 ms	+12.29%
⚡	WallTime	`test_import_time[HumanMessage]`	274.5 ms	244.8 ms	+12.15%
⚡	WallTime	`test_import_time[InMemoryRateLimiter]`	182.8 ms	161.3 ms	+13.3%
⚡	WallTime	`test_import_time[LangChainTracer]`	475.3 ms	421.6 ms	+12.75%
⚡	WallTime	`test_import_time[tool]`	569.9 ms	499.4 ms	+14.12%
⚡	WallTime	`test_import_time[CallbackManager]`	329.8 ms	299.8 ms	+10.03%
⚡	WallTime	`test_import_time[RunnableLambda]`	526.3 ms	460.9 ms	+14.2%
⚡	WallTime	`test_import_time[InMemoryVectorStore]`	639.9 ms	569.2 ms	+12.42%

_{Comparing dependabot/uv/libs/core/orjson-3.11.6 (541e1be) with master (69a7b9c)²}

23 benchmarks were skipped, so the baseline results were used instead. If they were deleted from the codebase, click here and archive them to remove them from the performance reports. ↩
No successful run was found on master (2bad58a) during the generation of this report, so 69a7b9c was used instead as the comparison base. There might be some changes unrelated to this pull request in this report. ↩

Bumps [orjson](https://github.com/ijl/orjson) from 3.11.5 to 3.11.6. - [Release notes](https://github.com/ijl/orjson/releases) - [Changelog](https://github.com/ijl/orjson/blob/master/CHANGELOG.md) - [Commits](ijl/orjson@3.11.5...3.11.6) --- updated-dependencies: - dependency-name: orjson dependency-version: 3.11.6 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file (e.g. `pyproject.toml` or `uv.lock`) python:uv Pull requests that update python:uv code labels Mar 12, 2026

dependabot bot requested a review from Eugene Yurtsev (eyurtsev) as a code owner March 12, 2026 21:35

github-actions bot added core `langchain-core` package issues & PRs internal size: S 50-199 LOC infra PRs made that include chores, devops, repo meta changes labels Mar 12, 2026