chore(deps): bump langgraph-checkpoint from 4.0.1 to 4.1.1

[dependabot]

Bumps langgraph-checkpoint from 4.0.1 to 4.1.1.

Release notes

Sourced from langgraph-checkpoint's releases.

langgraph-checkpoint==4.1.1

Changes since checkpoint==4.1.0

• release(checkpoint): 4.1.1 (#7890)
• fix(checkpoint): restrict lc:2 envelope revival to default constructor (#7892)
• chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint (#7860)
• chore(deps): bump langsmith from 0.7.31 to 0.8.0 in /libs/checkpoint (#7784)

langgraph-checkpoint==4.1.0

Changes since checkpoint==4.1.0a4

• release: bump alpha packages to official versions (#7775)
• chore(deps): bump urllib3 from 2.6.3 to 2.7.0 in /libs/checkpoint (#7762)
• chore(deps): bump langchain-core from 1.3.2 to 1.3.3 in /libs/checkpoint (#7752)
• feat(checkpoint): force delta channel snapshot after max supersteps since last snapshot (#7746)
• fix(checkpoint): specify allowed_objects in Reviver (#7743)
• chore: remove keepset helper (#7745)
• chore(langgraph): add guide/conformance for delta channel checkpointer (#7736)
• docs(checkpoint): mark DeltaChannel and delta-history APIs as beta (#7732)
• chore(deps): bump the minor-and-patch group across 1 directory with 3 updates (#7670)
• chore: "chore: minor clean up around checkpoint and delta channel" (#7706)
• chore: minor clean up around checkpoint and delta channel (#7705)

langgraph-checkpoint==4.1.0a4

Changes since checkpoint==4.1.0a3

• release: alpha bump (a4) for langgraph, checkpoint, checkpoint-postgres (#7701)
• feat: public get_writes_history saver API + delta cadence rework (#7699)

langgraph-checkpoint==4.1.0a3

Changes since checkpoint==4.1.0a2

• release: alpha bump (a3) for langgraph, checkpoint, checkpoint-postgres (#7678)
• chore(langgraph): use two phase read to avoid unnecessary data transport (#7660)
• release: alpha for timers (#7647)
• feat(langgraph): DeltaChannel: store sentinel in blobs, reconstruct from checkpoint_writes (#7586)
• chore: dynamic push-task timeouts (#7646)
• chore: update x links to langchain_oss (#7645)
• release(checkpoint): 4.0.3 (#7625)
• fix(checkpoint): revive lc=2 JSON blobs for safe types without allowlist (#7582)

langgraph-checkpoint==4.1.0a2

Changes since checkpoint==4.1.0a1

langgraph-checkpoint==4.1.0a1

Changes since checkpoint==4.0.3

• release: alpha for timers (#7647)
• feat(langgraph): DeltaChannel: store sentinel in blobs, reconstruct from checkpoint_writes (#7586)
• chore: dynamic push-task timeouts (#7646)

... (truncated)

Commits

• d1e2ff0 release(checkpoint): 4.1.1 (#7890)
• e787af2 release(sdk-py): 0.3.15 (#7891)
• 604534e fix(sdk-py): percent-encode caller-supplied identifiers in URL paths (#7893)
• 346aa97 fix(checkpoint): restrict lc:2 envelope revival to default constructor (#7892)
• 82b3872 chore(deps): bump the uv group across 2 directories with 1 update (#7853)
• fcc4ab8 chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint (#7860)
• 701d344 chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint-postgres (#7861)
• 2c7967c chore(deps): bump idna from 3.11 to 3.15 in /libs/cli (#7865)
• bf7fec0 release(langgraph): 1.2.1 (#7883)
• 8215a9d feat(langgraph): add before_builtins opt-in for stream transformers (#7882)
• Additional commits viewable in compare view

[claude]

LGTM, transitive dependency lockfile bump from Dependabot.

Extended reasoning...

Overview

This PR is a Dependabot lockfile-only change that bumps langgraph-checkpoint from 4.0.1 to 4.1.1 in uv.lock. The package is a transitive dependency (not directly referenced anywhere in the source tree — only appears in uv.lock), pulled in by langgraph. The diff also updates the exclude-newer metadata field to a sentinel value with an explanatory comment, which is a uv-managed lock file artifact.

Security risks

None. This is a lockfile change for a transitive dependency. The new version is a minor+patch bump on the same major (4.x), with release notes showing internal fixes (lc:2 envelope revival restriction, idna/urllib3 bumps inside langgraph). No direct API surface in this repo touches langgraph_checkpoint.

Level of scrutiny

Minimal — this is the canonical 'low-risk Dependabot bump': lockfile-only, transitive dep, minor version on the same major, no source files modified. CI tests act as the safety net.

Other factors

Single-file change to uv.lock. No bug reports from the hunting system. The langfuse-python repo uses langgraph only via integration code, and this checkpoint package is a sub-dep. Safe to auto-approve.