Skip to content

chore(deps): bump the npm-minor-patch group across 1 directory with 2 updates#20

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/npm-minor-patch-8054ee2999
Closed

chore(deps): bump the npm-minor-patch group across 1 directory with 2 updates#20
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/npm-minor-patch-8054ee2999

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github May 11, 2026
edited
Loading

Bumps the npm-minor-patch group with 2 updates in the / directory: @anthropic-ai/claude-agent-sdk and yaml.

Updates @anthropic-ai/claude-agent-sdk from 0.1.77 to 0.2.141

Release notes

Sourced from @​anthropic-ai/claude-agent-sdk's releases.

v0.2.141

What's changed

  • TaskCreateInput, TaskCreateOutput, TaskGetInput, TaskGetOutput, TaskUpdateInput, TaskUpdateOutput, TaskListInput, and TaskListOutput types are now exported from @anthropic-ai/claude-agent-sdk/sdk-tools and included in the ToolInputSchemas/ToolOutputSchemas unions
  • Aligned @anthropic-ai/sdk dependency to ^0.93.0

Update

npm install @anthropic-ai/claude-agent-sdk@0.2.141
# or
yarn add @anthropic-ai/claude-agent-sdk@0.2.141
# or
pnpm add @anthropic-ai/claude-agent-sdk@0.2.141
# or
bun add @anthropic-ai/claude-agent-sdk@0.2.141

v0.2.140

What's changed

  • Updated to parity with Claude Code v2.1.140

Update

npm install @anthropic-ai/claude-agent-sdk@0.2.140
# or
yarn add @anthropic-ai/claude-agent-sdk@0.2.140
# or
pnpm add @anthropic-ai/claude-agent-sdk@0.2.140
# or
bun add @anthropic-ai/claude-agent-sdk@0.2.140

v0.2.139

What's changed

  • Updated to parity with Claude Code v2.1.139

Update

npm install @anthropic-ai/claude-agent-sdk@0.2.139
# or
yarn add @anthropic-ai/claude-agent-sdk@0.2.139
# or
pnpm add @anthropic-ai/claude-agent-sdk@0.2.139
# or
bun add @anthropic-ai/claude-agent-sdk@0.2.139
</tr></table>

... (truncated)

Changelog

Sourced from @​anthropic-ai/claude-agent-sdk's changelog.

0.2.141

  • TaskCreateInput, TaskCreateOutput, TaskGetInput, TaskGetOutput, TaskUpdateInput, TaskUpdateOutput, TaskListInput, and TaskListOutput types are now exported from @anthropic-ai/claude-agent-sdk/sdk-tools and included in the ToolInputSchemas/ToolOutputSchemas unions
  • Aligned @anthropic-ai/sdk dependency to ^0.93.0

0.2.140

  • Updated to parity with Claude Code v2.1.140

0.2.139

  • Updated to parity with Claude Code v2.1.139

0.2.138

  • Updated to parity with Claude Code v2.1.138

0.2.137

  • Updated to parity with Claude Code v2.1.137

0.2.136

  • Added resolveSettings() (alpha) to inspect effective merged settings without spawning the Claude CLI; reads MDM (plist/HKLM/HKCU) for parity with CLI startup
  • Deprecated TodoWrite tool — future versions will switch to Task tools (TaskCreate, TaskGet, TaskUpdate, TaskList)

0.2.135

  • Updated to parity with Claude Code v2.1.135

0.2.134

  • Updated to parity with Claude Code v2.1.134

0.2.133

  • Deprecated the unstable V2 session API (unstable_v2_createSession / unstable_v2_resumeSession / unstable_v2_prompt) — use query() instead
  • Deprecated passing 'Skill' in allowedTools — use the skills option instead
  • Updated to parity with Claude Code v2.1.133

0.2.132

  • Documented applyFlagSettings() in the TypeScript Agent SDK reference and added support for null on top-level keys to clear flag-settings overrides
  • Updated to parity with Claude Code v2.1.132

0.2.131

  • Updated to parity with Claude Code v2.1.131

0.2.130

... (truncated)

Commits

Updates yaml from 2.8.3 to 2.9.0

Release notes

Sourced from yaml's releases.

v2.9.0

The changes here are really only patches, but I'm releasing this as a minor version to note a small change to the documentation of parseDocument() and parseAllDocuments(): I've removed the claim that they'll "never throw".

It remains the case that practically all non-malicious inputs will be handled without emitting an error, but there is a decent chance that code paths remain where e.g. a RangeError due to call stack exhaustion can be triggered by malicious inputs. Up to now, I've considered these as security vulnerabilities, and in fact it's the only category of error for which yaml CVEs have been issued so far.

Starting from this release, I'll be considering such errors as bugs, but not vulnerabilities. I do welcome people and/or LLMs looking for them, but please report them as normal issues rather than suspected security vulnerabilities. This also applies to previously undiscovered bugs in earlier releases.

  • fix: Avoid calling Array.prototype.push.apply() with large source array
  • fix(lexer): Avoid recursive calls that may exhaust the call stack

v2.8.4

  • Disable alias resolution with maxAliasCount:0 (#677)
  • Handle invalid unicode escapes (e1a1a77)
  • Apply minFractionDigits only to decimal strings (#676)
Commits
  • ddb21b0 2.9.0
  • 167365b docs: Clarify that not all errors can be avoided
  • 6eca2a7 fix: Avoid calling Array.prototype.push.apply() with large source array
  • 0543cd5 fix(lexer): Avoid recursive calls that may exhaust the call stack
  • ccdf743 2.8.4
  • f625789 fix: Disable alias resolution with maxAliasCount:0 (#677)
  • e1a1a77 fix: Handle invalid unicode escapes
  • a163ea0 style: Satify Prettier
  • b2a5a6c fix: Apply minFractionDigits only to decimal strings (#676)
  • 93c951b chore: Bump JSR version to v2.8.3 (#673)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 11, 2026
@dependabot
chore(deps): bump the npm-minor-patch group across 1 directory with 2…
dc0a8e9 
… updates

Bumps the npm-minor-patch group with 2 updates in the / directory: [@anthropic-ai/claude-agent-sdk](https://github.com/anthropics/claude-agent-sdk-typescript) and [yaml](https://github.com/eemeli/yaml).


Updates `@anthropic-ai/claude-agent-sdk` from 0.1.77 to 0.2.141
- [Release notes](https://github.com/anthropics/claude-agent-sdk-typescript/releases)
- [Changelog](https://github.com/anthropics/claude-agent-sdk-typescript/blob/main/CHANGELOG.md)
- [Commits](https://github.com/anthropics/claude-agent-sdk-typescript/commits/v0.2.141)

Updates `yaml` from 2.8.3 to 2.9.0
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](eemeli/yaml@v2.8.3...v2.9.0)

---
updated-dependencies:
- dependency-name: "@anthropic-ai/claude-agent-sdk"
  dependency-version: 0.2.138
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
- dependency-name: yaml
  dependency-version: 2.8.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(deps): bump the npm-minor-patch group with 2 updates chore(deps): bump the npm-minor-patch group across 1 directory with 2 updates May 14, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/npm-minor-patch-8054ee2999 branch from 5128098 to dc0a8e9 Compare May 14, 2026 09:21
@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github May 18, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 18, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/npm-minor-patch-8054ee2999 branch May 18, 2026 02:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants