@langchain/openai logo

@langchain/openai

#3 · by LangChain
framework
4.65/ 5.00
trustedBeta
Mar 20, 2026 at 6:15 AM6 signals analysedNo manual reviews · fully automated
Trust Signal Breakdown
high23 sub-signals across 6 dimensions

CVEs, dependency health, and supply chain integrity

3 of 3 sub-signals with data

Known CVEs40%5.0

No known CVEs

via OSV.dev

Dependency Health30%5.0

3 dependencies (minimal)

via npm / PyPI

Supply Chain30%4.8

8 transitive CVEs found (penalty: -0.22)

via npm provenance

Uptime, latency, error rates, and incident history

4 of 4 sub-signals with data

Uptime35%4.5

99.80% over 1000 checks

via Health checks

Response Latency25%4.0

p99: 349ms, p50: 133ms

via Health checks

Error Rate20%4.0

0.20% error rate (2/1000)

via Health checks

Incident History20%2.0

4 incidents in last 90 days

via Incidents table

Commit recency, release cadence, issue response, CI/CD

4 of 4 sub-signals with data

Commit Recency30%5.0

via GitHub

Release Cadence25%5.0

via GitHub

Issue Response20%2.0

via GitHub

CI/CD Presence25%5.0

via GitHub Actions

Downloads, stars, dependents, and growth trajectory

3 of 4 sub-signals with data

Download Volume43%5.0

14,300,846 weekly downloads

via npm / PyPI

GitHub Stars36%5.0

17,261 stars

via GitHub

Dependent Packagesno data

Weight redistributed to sub-signals with data

Growth Trend21%5.0

+434.5% week-over-week

via npm

License, documentation, security policy, changelog

4 of 4 sub-signals with data

Open Source30%5.0

Public repo with OSI-approved license (mit)

via GitHub

Documentation25%5.0

Docs site present with comprehensive README (>2000 bytes + examples)

via GitHub

Security Policy20%5.0

SECURITY.md inherited from org .github repo

via GitHub

Changelog25%4.0

Releases exist but no CHANGELOG.md

via GitHub

Track record, org maturity, community standing

4 of 4 sub-signals with data

Track Record30%5.0

Internal: 5.0 (14 services), External: 4.5 (17186 followers, 38582 stars)

via Fabric index

Org Maturity30%4.5

Organization, 3.1 years old

via GitHub

Community Standing20%5.0

230 public repositories

via GitHub

Cross-Platform20%5.0

Present on 3 platform(s): github, npm, pypi

via Registry scan

About this score
Scored across 23 sub-signals in 6 dimensionsScoring engine v1 (beta) — actively being expandedPhase 1: Core sub-signal architecture (live)Phase 2: Permission scope & expanded collection (in progress)
Trust AssessmentAI Assessment

@langchain/openai is an MIT-licensed npm package by LangChain that provides OpenAI SDK integrations for LangChain.js, with 14.5M weekly downloads and 12 maintainers. The package shows strong operational stability with 100% uptime and zero known vulnerabilities across its minimal dependency tree of 3 packages. The only notable consideration is ensuring version alignment with @langchain/core across other LangChain packages to avoid runtime conflicts.

Generated by Fabric AI · Mar 4, 2026 at 10:51 PM

Service Health (30d)
99.80%
p50: 133ms · p99: 349ms
Avg Latency
148ms
averaged across 30d health checks
Weekly Downloads
14.3M+435%
npm + PyPI weekly
Transparency & Compliance5/5 passed
Open Source CodePublic repository on GitHub
OSI LicenseLicensed under MIT
DocumentationREADME with examples/code blocks
SECURITY.mdSecurity policy published
API DocumentationOpenAPI spec or docs directory found
Incidents & Alertslast 90 days
Mar 4Trust score increased by 1.624.86
Mar 1Trust score decreased by 1.243.24
Feb 25Trust score increased by 1.134.48
Feb 21@langchain/openai added to Trust Index2.69
Showing 4 of 4 events
Score History90 snapshots
5.003.752.501.250.00
Feb 21Feb 28
Community & Ecosystemadoption signals
14.3M
Weekly Downloads
npm + PyPI
10
Releases
on GitHub
Supply Chain & Dependenciestrust chain
js-tiktoken
npm · ^1.0.12
langchain-core
pypi · <2.0.0,>=1.2.18 · 7 CVEs3L1H2M1C
openai
pypi · <3.0.0,>=2.26.0
tiktoken
pypi · <1.0.0,>=0.7.0
zod
npm · ^3.25.76 || ^4 · 1 CVE1M
Showing 5 of 5 dependencies
Data Sources6 indexed
OSV.devCVE database · vulnerability scanning for npm & PyPI packages
GitHub APICommits, issues, releases, repo metadata, transparency checks
npm RegistryPackage metadata, weekly downloads, maintainers, dependencies
PyPIPackage metadata, weekly downloads, dependency tree
HTTP Health Checks15-min pings · uptime, latency, status monitoring
PyPI StatsDownload statistics and trends
Version Historyscore per release
VERSIONRELEASEDSCOREDELTA
langchain@1.2.35Mar 18, 20264.68
@langchain/anthropic@1.3.25Mar 18, 20264.68
@langchain/core@1.1.34Mar 18, 20264.68
langchain@1.2.34Mar 17, 20264.68
@langchain/google-webauth@2.1.26Mar 17, 20264.68
@langchain/openrouter@0.1.7Mar 17, 20264.68
Showing 6 of 10 releases

Are you the publisher?

Claim this profile to unlock deeper evaluation, real-time monitoring,
and trust signals that help agents discover your service.

Share this Trust Score

Generate a scorecard image optimised for X, LinkedIn and other social platforms.

⬇ Download Score Card