load(
obj: Any,
*,
allowed_objects: Iterable[AllowedObject] | Literal| Name | Type | Description |
|---|---|---|
obj* | Any | The object to load. |
allowed_objects | Iterable[AllowedObject] | Literal['all', 'core'] | Default: 'core'Allowlist of classes that can be deserialized.
|
secrets_map | dict[str, str] | None | Default: None |
valid_namespaces | list[str] | None | Default: None |
secrets_from_env | bool | Default: False |
additional_import_mappings | dict[tuple[str, ...], tuple[str, ...]] | None | Default: None |
ignore_unserializable_fields | bool | Default: False |
init_validator | InitValidator | None | Default: default_init_validator |
Revive a LangChain class from a JSON object.
Use this if you already have a parsed JSON object, eg. from json.load or
orjson.loads.
Only classes in the allowlist can be instantiated. The default allowlist includes
core LangChain types (messages, prompts, documents, etc.). See
langchain_core.load.mapping for the full list.
This function instantiates Python objects and can trigger side effects
during deserialization. Never call load() on data from an untrusted
or unauthenticated source. See the module-level security model
documentation for details and best practices.
Example:
from langchain_core.load import load, dumpd
from langchain_core.messages import AIMessage
msg = AIMessage(content="Hello")
data = dumpd(msg)
# Deserialize using default allowlist
loaded = load(data)
# Or with explicit allowlist
loaded = load(data, allowed_objects=[AIMessage])
# Or extend defaults with additional mappings
loaded = load(
data,
additional_import_mappings={
("my_pkg", "MyClass"): ("my_pkg", "module", "MyClass"),
},
)A map of secrets to load.
Only include the specific secrets the serialized object requires.
If a secret is not found in the map, it will be loaded from the environment
if secrets_from_env is True.
Additional namespaces (modules) to allow during deserialization, beyond the default trusted namespaces.
Whether to load secrets from the environment.
A crafted payload can name arbitrary environment variables in its
secret fields, so enabling this on untrusted data can leak
sensitive values. Keep this False (the default) unless the
serialized data is fully trusted.
A dictionary of additional namespace mappings.
You can use this to override default mappings or add new mappings.
When allowed_objects is None (using defaults), paths from these
mappings are also added to the allowed class paths.
Whether to ignore unserializable fields.
Optional callable to validate kwargs before instantiation.
If provided, this function is called with (class_path, kwargs) where
class_path is the class path tuple and kwargs is the kwargs dict.
The validator should raise an exception if the object should not be
deserialized, otherwise return None.
Defaults to default_init_validator which blocks jinja2 templates.