[Snyk] Security upgrade @langchain/textsplitters from 0.0.3 to 0.1.0

[graymalkin77]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• extensions/confluence/package.json
• extensions/confluence/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Deserialization of Untrusted Data SNYK-JS-LANGCHAINCORE-14563113	853

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Deserialization of Untrusted Data

[Copilot]

Pull request overview

Security update to fix a critical deserialization vulnerability by upgrading @langchain/textsplitters from version 0.0.3 to 0.1.0 in the confluence extension.

• Addresses critical security vulnerability SNYK-JS-LANGCHAINCORE-14563113 with severity score of 853
• Updates @langchain/textsplitters dependency to patched version

Files not reviewed (1)

• extensions/confluence/package-lock.json: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[graymalkin77]

This upgrade to version 0.1.0 is part of the first stable release of the LangChain.js framework, which introduced significant architectural changes and a new versioning policy. [5, 7]

According to LangChain's policy, a minor version bump at this stage (0.0.x → 0.1.x) signals breaking changes. [7] This release involved separating core functionality into the @langchain/core package, which may affect imports and dependencies.

Recommendation: This upgrade requires careful testing. Review your text splitter implementations for compatibility with the new package structure and refer to LangChain's v0.1.0 migration guides.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[graymalkin77]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.