LangChain

Name: LangChain
Rating: 2.49 (1 reviews)
Author: LangChain

#4326 · by LangChain

framework

2.49/ 5.00

cautionBeta

Jun 18, 2026 at 11:03 AM6 signals analysedNo manual reviews · fully automated

Trust Signal Breakdown

high23 sub-signals across 6 dimensions

CVEs, dependency health, and supply chain integrity

3 of 3 sub-signals with data

Known CVEs40%3.5

24 CVE(s) found — 0 unpatched

via OSV.dev

Dependency Health30%5.0

5 dependencies (minimal)

via npm / PyPI

Supply Chain30%4.8

33 transitive CVEs found (penalty: -0.25)

via npm provenance

Uptime, latency, error rates, and incident history

4 of 4 sub-signals with data

Uptime35%5.0

100.00% over 1000 checks

via Health checks

Response Latency25%4.0

p99: 348ms, p50: 131ms

via Health checks

Error Rate20%5.0

0.00% error rate (0/1000)

via Health checks

Incident History20%3.0

2 incidents in last 90 days

via Incidents table

Commit recency, release cadence, issue response, CI/CD

4 of 4 sub-signals with data

Commit Recency30%5.0

via GitHub

Release Cadence25%5.0

via GitHub

Issue Response20%5.0

via GitHub

CI/CD Presence25%5.0

via GitHub Actions

Downloads, stars, dependents, and growth trajectory

3 of 4 sub-signals with data

Download Volume43%5.0

81,425,648 weekly downloads

via npm / PyPI

GitHub Stars36%5.0

139,582 stars

via GitHub

Dependent Packagesno data—

Weight redistributed to sub-signals with data

Growth Trend21%5.0

+2768.8% week-over-week

via npm

License, documentation, security policy, changelog

4 of 4 sub-signals with data

Open Source30%5.0

Public repo with OSI-approved license (mit)

via GitHub

Documentation25%4.0

Good README (>2000 bytes with examples)

via GitHub

Security Policy20%5.0

SECURITY.md inherited from org .github repo

via GitHub

Changelog25%4.0

Releases exist but no CHANGELOG.md

via GitHub

Track record, org maturity, community standing

4 of 4 sub-signals with data

Track Record30%4.5

Internal: 4.0 (14 services), External: 4.5 (19966 followers, 48452 stars)

via Fabric index

Org Maturity30%4.5

Organization, 3.3 years old

via GitHub

Community Standing20%5.0

243 public repositories

via GitHub

Cross-Platform20%5.0

Present on 3 platform(s): github, npm, pypi

via Registry scan

About this score

Scored across 23 sub-signals in 6 dimensionsScoring engine v1 (beta) — actively being expandedPhase 1: Core sub-signal architecture (live)Phase 2: Permission scope & expanded collection (in progress)

Trust AssessmentAI Assessment

LangChain is a TypeScript framework published by LangChain under MIT license for building LLM-powered applications through composable components and third-party integrations. The package shows strong adoption with 54.2M weekly downloads and active maintenance from 8 maintainers, though 22 historical CVEs indicate the framework has required ongoing security attention. The minimal dependency footprint of 5 packages reduces supply chain exposure, making this a widely-trusted choice for AI application development.

Generated by Fabric AI · Mar 4, 2026 at 10:50 PM

Service Health (30d)

100.00%

p50: 131ms · p99: 348ms

Avg Latency

143ms

averaged across 30d health checks

Weekly Downloads

—

no package registry data

Incidents & Alertslast 90 days

Jun 18Trust score decreased by 0.502.49