Skip to content

fix: resolve npm audit vulnerabilities and update Anthropic SDK to v0.78#45

Open
0xAxiom wants to merge 1 commit intomainfrom
fix/security-audit-and-anthropic-sdk-update
Open

fix: resolve npm audit vulnerabilities and update Anthropic SDK to v0.78#45
0xAxiom wants to merge 1 commit intomainfrom
fix/security-audit-and-anthropic-sdk-update

Conversation

@0xAxiom
Copy link
Owner

@0xAxiom 0xAxiom commented Feb 25, 2026

What

  • Fix 2 npm audit vulnerabilities (1 moderate, 1 high) in minimatch dependency
  • Update @anthropic-ai/sdk from v0.32.1 to v0.78.0 in CLI package

Why

  • npm audit reported 1 moderate and 1 high severity vulnerability via minimatch
  • The Anthropic SDK was 46 minor versions behind, missing bug fixes and new model support
  • The CLI uses standard messages.create and messages.stream APIs which are stable across versions

Tested

  • All 252 tests passing (npx vitest run)
  • npm audit now reports 0 vulnerabilities
  • SDK API surface used is unchanged

@0xAxiom
fix: resolve npm audit vulnerabilities and update @anthropic-ai/sdk t…
5355f1b 
…o v0.78

- Fix 2 vulnerabilities (1 moderate, 1 high) in minimatch via npm audit fix
- Update @anthropic-ai/sdk from 0.32.1 to 0.78.0 in CLI package
- All 252 tests passing
@0xAxiom 0xAxiom requested a review from MeltedMindz as a code owner February 25, 2026 01:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MeltedMindz MeltedMindz Awaiting requested review from MeltedMindz MeltedMindz is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@0xAxiom