1. LangGraphDeprecatedSinceV10 — from langgraph.constants import Send
The trustcall library internally imports Send from langgraph.constants , which was moved to langgraph.types in LangGraph V1.0. You can simply ignore it for now but would recommend to create a issue here: GitHub - hinthornw/trustcall: Tenacious tool calling built on LangGraph · GitHub, asking to updates the imports at line 46 of trustcall/_base.py
2. RuntimeWarning — psycopg_pool AsyncConnectionPool
This warning is coming from psycopg, can you try updating psycopg to v3.3.3 and see if that resolves.
3. InsecureKeyLengthWarning — JWT HMAC key too short (most critical)
Your application is using a JWT secret key that is only 8 bytes long (e.g., something like "mysecret"). For SHA512 (HS512), mandates a minimum key length of 512 bits (64 bytes). An 8-byte key is cryptographically weak and makes your tokens trivially bruteforceable.
Fix: Generate a strong secret key of at least 64 bytes:
import secrets
# Generate a 64-byte (512-bit) URL-safe secret
print(secrets.token_hex(64)) # 128 hex chars = 64 bytes
I am assuming you are using the above as your JWT Secret Key in your custom authentication to decode the access token that is passed in the Authorisation header or using a 8 byte key somewhere else in your JWT authentication. Once you update to using a strong secret key of at least 64 bytes, you won’t get this warning hopefully.