Add security considerations (#11869)

Add security considerations to existing graph tools.

libs/langchain/langchain/graphs/arangodb_graph.py

@@ -4,7 +4,17 @@ from typing import Any, Dict, List, Optional
 
 
 class ArangoGraph:
-    """ArangoDB wrapper for graph operations."""
+    """ArangoDB wrapper for graph operations.
+
+    *Security note*: Make sure that the database connection uses credentials
+        that are narrowly-scoped to only include necessary permissions.
+        Failure to do so may result in data corruption or loss, since the calling
+        code may attempt commands that would result in deletion, mutation
+        of data if appropriately prompted or reading sensitive data if such
+        data is present in the database.
+        The best way to guard against such negative outcomes is to (as appropriate)
+        limit the permissions granted to the credentials used with this tool.
+    """
 
     def __init__(self, db: Any) -> None:
         """Create a new ArangoDB graph wrapper instance."""

libs/langchain/langchain/graphs/falkordb_graph.py

@@ -33,7 +33,17 @@ RETURN DISTINCT {start: src_label, type: rel_type, end: dst_label} AS output
 
 
 class FalkorDBGraph(Neo4jGraph):
-    """FalkorDB wrapper for graph operations."""
+    """FalkorDB wrapper for graph operations.
+
+    *Security note*: Make sure that the database connection uses credentials
+        that are narrowly-scoped to only include necessary permissions.
+        Failure to do so may result in data corruption or loss, since the calling
+        code may attempt commands that would result in deletion, mutation
+        of data if appropriately prompted or reading sensitive data if such
+        data is present in the database.
+        The best way to guard against such negative outcomes is to (as appropriate)
+        limit the permissions granted to the credentials used with this tool.
+    """
 
     def __init__(
         self, database: str, host: str = "localhost", port: int = 6379

libs/langchain/langchain/graphs/hugegraph.py

@@ -2,7 +2,17 @@ from typing import Any, Dict, List
 
 
 class HugeGraph:
-    """HugeGraph wrapper for graph operations"""
+    """HugeGraph wrapper for graph operations.
+
+    *Security note*: Make sure that the database connection uses credentials
+        that are narrowly-scoped to only include necessary permissions.
+        Failure to do so may result in data corruption or loss, since the calling
+        code may attempt commands that would result in deletion, mutation
+        of data if appropriately prompted or reading sensitive data if such
+        data is present in the database.
+        The best way to guard against such negative outcomes is to (as appropriate)
+        limit the permissions granted to the credentials used with this tool.
+    """
 
     def __init__(
         self,

libs/langchain/langchain/graphs/kuzu_graph.py

@@ -2,7 +2,17 @@ from typing import Any, Dict, List
 
 
 class KuzuGraph:
-    """Kùzu wrapper for graph operations."""
+    """Kùzu wrapper for graph operations.
+
+    *Security note*: Make sure that the database connection uses credentials
+        that are narrowly-scoped to only include necessary permissions.
+        Failure to do so may result in data corruption or loss, since the calling
+        code may attempt commands that would result in deletion, mutation
+        of data if appropriately prompted or reading sensitive data if such
+        data is present in the database.
+        The best way to guard against such negative outcomes is to (as appropriate)
+        limit the permissions granted to the credentials used with this tool.
+    """
 
     def __init__(self, db: Any, database: str = "kuzu") -> None:
         try:

libs/langchain/langchain/graphs/memgraph_graph.py

@@ -14,7 +14,17 @@ RETURN *
 
 
 class MemgraphGraph(Neo4jGraph):
-    """Memgraph wrapper for graph operations."""
+    """Memgraph wrapper for graph operations.
+
+    *Security note*: Make sure that the database connection uses credentials
+        that are narrowly-scoped to only include necessary permissions.
+        Failure to do so may result in data corruption or loss, since the calling
+        code may attempt commands that would result in deletion, mutation
+        of data if appropriately prompted or reading sensitive data if such
+        data is present in the database.
+        The best way to guard against such negative outcomes is to (as appropriate)
+        limit the permissions granted to the credentials used with this tool.
+    """
 
     def __init__(
         self, url: str, username: str, password: str, *, database: str = "memgraph"

libs/langchain/langchain/graphs/nebula_graph.py

@@ -17,8 +17,18 @@ RETRY_TIMES = 3
 
 
 class NebulaGraph:
-    """NebulaGraph wrapper for graph operations
+    """NebulaGraph wrapper for graph operations.
+
     NebulaGraph inherits methods from Neo4jGraph to bring ease to the user space.
+
+    *Security note*: Make sure that the database connection uses credentials
+        that are narrowly-scoped to only include necessary permissions.
+        Failure to do so may result in data corruption or loss, since the calling
+        code may attempt commands that would result in deletion, mutation
+        of data if appropriately prompted or reading sensitive data if such
+        data is present in the database.
+        The best way to guard against such negative outcomes is to (as appropriate)
+        limit the permissions granted to the credentials used with this tool.
     """
 
     def __init__(

libs/langchain/langchain/graphs/neo4j_graph.py

@@ -29,7 +29,17 @@ RETURN {start: label, type: property, end: toString(other_node)} AS output
 
 
 class Neo4jGraph:
-    """Neo4j wrapper for graph operations."""
+    """Neo4j wrapper for graph operations.
+
+    *Security note*: Make sure that the database connection uses credentials
+        that are narrowly-scoped to only include necessary permissions.
+        Failure to do so may result in data corruption or loss, since the calling
+        code may attempt commands that would result in deletion, mutation
+        of data if appropriately prompted or reading sensitive data if such
+        data is present in the database.
+        The best way to guard against such negative outcomes is to (as appropriate)
+        limit the permissions granted to the credentials used with this tool.
+    """
 
     def __init__(
         self, url: str, username: str, password: str, database: str = "neo4j"

libs/langchain/langchain/graphs/neptune_graph.py

@@ -38,6 +38,15 @@ class NeptuneGraph:
             host='<my-cluster>',
             port=8182
         )
+
+    *Security note*: Make sure that the database connection uses credentials
+        that are narrowly-scoped to only include necessary permissions.
+        Failure to do so may result in data corruption or loss, since the calling
+        code may attempt commands that would result in deletion, mutation
+        of data if appropriately prompted or reading sensitive data if such
+        data is present in the database.
+        The best way to guard against such negative outcomes is to (as appropriate)
+        limit the permissions granted to the credentials used with this tool.
     """
 
     def __init__(

libs/langchain/langchain/graphs/networkx_graph.py

@@ -47,7 +47,17 @@ def get_entities(entity_str: str) -> List[str]:
 
 
 class NetworkxEntityGraph:
-    """Networkx wrapper for entity graph operations."""
+    """Networkx wrapper for entity graph operations.
+
+    *Security note*: Make sure that the database connection uses credentials
+        that are narrowly-scoped to only include necessary permissions.
+        Failure to do so may result in data corruption or loss, since the calling
+        code may attempt commands that would result in deletion, mutation
+        of data if appropriately prompted or reading sensitive data if such
+        data is present in the database.
+        The best way to guard against such negative outcomes is to (as appropriate)
+        limit the permissions granted to the credentials used with this tool.
+    """
 
     def __init__(self, graph: Optional[Any] = None) -> None:
         """Create a new graph."""

libs/langchain/langchain/graphs/rdf_graph.py

@@ -87,13 +87,22 @@ dp_query_owl = (
 
 
 class RdfGraph:
-    """
-    RDFlib wrapper for graph operations.
+    """RDFlib wrapper for graph operations.
+
     Modes:
     * local: Local file - can be queried and changed
     * online: Online file - can only be queried, changes can be stored locally
     * store: Triple store - can be queried and changed if update_endpoint available
     Together with a source file, the serialization should be specified.
+
+    *Security note*: Make sure that the database connection uses credentials
+        that are narrowly-scoped to only include necessary permissions.
+        Failure to do so may result in data corruption or loss, since the calling
+        code may attempt commands that would result in deletion, mutation
+        of data if appropriately prompted or reading sensitive data if such
+        data is present in the database.
+        The best way to guard against such negative outcomes is to (as appropriate)
+        limit the permissions granted to the credentials used with this tool.
     """
 
     def __init__(