LangChain AI Updates: May 22, 2026

1. LangGraph reframes streaming around agent events rather than raw tokens

LangChain. Christian Bromann and Nick Hollon published a May 21 deep dive arguing that token-level streaming has run out of room for modern agents, and walking through a redesigned protocol that emits typed events with metadata about where in the agent tree they originated. The new model groups events into channels (messages, tools, lifecycle, values, checkpoints) and namespaces tied to subgraphs and subagents, ships a content-block message format covering text, reasoning, tool calls, usage, and multimodal payloads, and adds a projection system so clients subscribe to high-level views instead of parsing raw chunks. The post lands alongside scoped subscriptions, reconnection semantics for long-running threads, and framework bindings for React, Vue, Svelte, and Angular under the new @langchain/* SDKs, with LangGraph as the underlying runtime and Deep Agents as a primary consumer. Source

2. LangSmith Sandboxes get an Auth Proxy that keeps credentials out of agent runtimes

LangChain. Mukil Loganathan’s May 21 post details an Auth Proxy that sits on the outbound network path for LangSmith Sandboxes, injecting authentication headers at the network layer so secrets never live inside sandboxed code that could leak them via prompt injection, malicious dependencies, accidental logging, or model mistakes. Teams configure egress policies that allow specific destinations such as API endpoints, package registries, or internal services and block everything else, and the proxy supports dynamic credentials through callbacks for short-lived tokens, per-user scoping, and OAuth refresh without exposing refresh tokens to the agent. Enforcement is transparent to the runtime, so it works across languages and package managers regardless of SDK behavior, which makes it a structural answer to the credential-handling problems that have dogged code-executing agents. Source