Home/langserve/Trust report

Trust and health report

langserve - trust report

Sourced, dated trust signals - maintenance label posture, repository provenance, and security scan status. Not a composite safety grade.

GraphCanon updated today · GitHub synced 1d

Maintenance

Recency and activity heuristics from public GitHub metadata (maintenance label, momentum); methodology: github_public_v1.

Archived8% signal

last push 66d ago · last release 8mo

Provenance

Repository identity and fork provenance (github_public_v1).

Security scan

Dependency advisory security scan when a lockfile is present. Not a full code audit.

Status
No lockfile
Last scan
1d
Scanner
none

Method and caveats:these are sourced, dated heuristics from public GitHub data and optional dependency scans. A status like "no criticals found on 2026-07-11" is not a guarantee of safety. Read the full trust methodology · JSON report at /api/graphcanon/tools/langchain-ai-langserve/trust.

Common questions

Is langserve maintained?
langserve is archived on GitHub. GraphCanon treats archived repositories as dormant regardless of past activity.
Is langserve safe to use?
Last scanned 1d (none profile). Status: No lockfile. Absence of findings in our scan is not a security guarantee - see trust methodology for scope limits. GraphCanon does not certify langserve as safe - review maintenance, provenance, and scan findings on this page before adopting.
Is langserve a fork?
No. langserve is not flagged as a fork in GitHub metadata at the time of the last refresh.
Does langserve have known security vulnerabilities?
Last scanned 1d (none profile). Status: No lockfile. Absence of findings in our scan is not a security guarantee - see trust methodology for scope limits.
How often is the langserve trust report updated?
Trust signals refresh on GitHub ingest/refresh cycles and optional dependency/MCP scans. This report was computed 1d (methodology github_public_v1).
What does GraphCanon never claim about langserve?
We never publish a composite safety grade, pen-test endorsement, or "verified secure" label for langserve. Signals are sourced heuristics with explicit limits - see trust methodology.
How does GraphCanon assess trust for langserve?
Signals are sourced from public GitHub metadata and optional dependency/MCP manifest scans, each tagged with methodology version and computed date. GraphCanon does not publish a composite safety grade. Read trust methodology for full scope and limits.