chore(deps): bump uuid and @langchain/core

[dependabot]

Removes uuid. It's no longer used after updating ancestor dependency @langchain/core. These dependencies need to be updated together.

Removes uuid

Updates @langchain/core from 1.1.38 to 1.1.48

Release notes

Sourced from @​langchain/core's releases.

@​langchain/core@​1.1.48

Patch Changes

• #10832 1b24369 Thanks @​info-arnav! - fix(core, openrouter): make CJS default re-exports callable

• #10666 2bb55b0 Thanks @​hnustwjj! - feat(openrouter): surface reasoning content as v1 standard content blocks

  convertOpenRouterResponseToBaseMessage and convertOpenRouterDeltaToBaseMessageChunk now copy OpenRouter's reasoning (flat string) and reasoning_details (structured array) fields onto additional_kwargs.reasoning_content / additional_kwargs.reasoning_details. A new ChatOpenRouterTranslator is registered in @langchain/core under the "openrouter" provider key so AIMessage.contentBlocks emits standard {type: "reasoning"} blocks alongside text and tool calls.

  Previously, reasoning text returned by reasoning-capable models routed through OpenRouter (DeepSeek R1, Minimax M2, Claude extended thinking, o-series, etc.) was silently dropped: only the reasoning_tokens count was preserved via usage_metadata. Consumers using standard content blocks (including the frontend agent UI patterns shown in the docs) could not display the model's chain of thought.

• #10918 3999fab Thanks @​christian-bromann! - fix(openai): stream custom tool calls through Responses API chunks

@​langchain/core@​1.1.47

Patch Changes

• #10906 f61b345 Thanks @​hntrl! - feat(core): add uuid v6 utility support

  Add v6 UUID generation support to @langchain/core/utils/uuid by vendoring the upstream uuidjs v6 implementation and its v1ToV6 helper, exporting v6 from the UUID utils index, and adding tests for deterministic generation, buffer/offset behavior, validation/versioning, and ordering.

• #10872 a640079 Thanks @​hntrl! - chore(deps): remove redundant @​types/uuid declarations

  Remove @types/uuid from package manifests that rely on @langchain/core/utils/uuid or do not require uuid type stubs directly, and refresh the lockfile entries accordingly.

• #10792 3682268 Thanks @​Genmin! - fix(core): apply v1 message casting after implicit streaming aggregation

• #10901 f26fc4a Thanks @​christian-bromann! - fix(testing): share fakeModel invocation state across bindTools instances

@​langchain/core@​1.1.46

Patch Changes

• #10847 1659e7d Thanks @​hntrl! - chore(core): reduce transitive dependency exposure and tighten release hygiene

  Remove direct runtime dependencies on ansi-styles, camelcase, and decamelize by inlining equivalent logic in core internals, and enable npm provenance in the release workflow.

• #10790 ef78bc6 Thanks @​Genmin! - fix(core): keep different content block types separate when merging chunks

... (truncated)

Commits

• caad091 chore: version packages (#10919)
• f4a6149 chore(deps): bump fast-uri from 3.1.0 to 3.1.2 (#10926)
• 7b12f6d chore(deps): bump protobufjs from 7.5.6 to 7.6.0 (#10930)
• 5c6c5fe chore(deps): bump ws from 5.2.4 to 8.20.0 (#10915)
• a8652ce docs: fix typos, add Ollama setup, update outdated references (#10922)
• 2bb55b0 feat(openrouter): surface reasoning as v1 standard content blocks (#10666)
• 4ecb660 fix(langchain): set name on todoListMiddleware ToolMessages (#10706)
• 20f27df fix(ibm): handle API errors in streaming responses (#10721)
• 4566873 feat(ibm): add integration test to IBM implementation (#10732)
• 6e4337f fix(aws): add claude-haiku-4 to supportedToolChoiceValuesForModel (#10743)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.