browser-use

What's Changed

• another big cli update by @ShawnPana in https://github.com/browser-use/browser-use/pull/4514
• fix: security and correctness issues found in #4514 review by @sauravpanda in https://github.com/browser-use/browser-use/pull/4590
• fix: upgrade aiohttp to 3.13.4 to patch memory exhaustion vulnerability by @sauravpanda in https://github.com/browser-use/browser-use/pull/4596
• fix: upgrade requests to 2.33.0 to patch temp-file path-traversal vulnerability by @sauravpanda in https://github.com/browser-use/browser-use/pull/4597
• fix: add per-session auth token to daemon socket by @sauravpanda in https://github.com/browser-use/browser-use/pull/4598
• improve model docs by @laithrw in https://github.com/browser-use/browser-use/pull/4616
• fix: prevent KeyError in load_from_dict and IndexError in final_result by @r266-tech in https://github.com/browser-use/browser-use/pull/4464
• fix: use setattr for LLM ainvoke patching to avoid pydantic crash by @laithrw in https://github.com/browser-use/browser-use/pull/4641
• fix: guard against missing stdin in MCP stdio server startup by @laithrw in https://github.com/browser-use/browser-use/pull/4642
• chore: update browser-use-sdk from 2.0.15 to 3.4.2 by @sauravpanda in https://github.com/browser-use/browser-use/pull/4644
• Improve OSS-to-cloud conversion: UTM tracking, better error messages, and cloud nudges by @Alezander9 in https://github.com/browser-use/browser-use/pull/4646
• Add per-link utm_medium slugs to README cloud links by @Alezander9 in https://github.com/browser-use/browser-use/pull/4653
• fix(#4631): clear dom cache after scroll to prevent stale extract data by @laithrw in https://github.com/browser-use/browser-use/pull/4658
• fix asyncio.get_event_loop for python 3.14 compat by @laithrw in https://github.com/browser-use/browser-use/pull/4659
• fix sensitive_data redaction order to prevent substring leaks by @laithrw in https://github.com/browser-use/browser-use/pull/4660
• fix pagination classifier to prioritize semantic labels over glyph syms by @laithrw in https://github.com/browser-use/browser-use/pull/4661
• fix: handle BrokenPipeError gracefully when MCP client disconnects by @laithrw in https://github.com/browser-use/browser-use/pull/4663
• prefer Playwright chromium over sys Chrome by default by @laithrw in https://github.com/browser-use/browser-use/pull/4664
• close alias for BrowserSession stop by @laithrw in https://github.com/browser-use/browser-use/pull/4665
• ci: pin stale workflow action by @grtninja in https://github.com/browser-use/browser-use/pull/4656
• improve connect failure UX: fix chrome://inspect link and add fallbac… by @ShawnPana in https://github.com/browser-use/browser-use/pull/4678
• fix: add utf-8 encoding to Local State file read in list_chrome_profiles by @voidborne-d in https://github.com/browser-use/browser-use/pull/4690
• fix input clear fallbacks and clarify clear-then-type behavior by @laithrw in https://github.com/browser-use/browser-use/pull/4692
• Fix: Catch TypeError during lmnr import to prevent CLI startup crash (#4046) by @AtharvaJaiswal005 in https://github.com/browser-use/browser-use/pull/4104
• Add record start/stop CLI command for session video capture by @sauravpanda in https://github.com/browser-use/browser-use/pull/4710
• fix(tools): enforce per-action timeout to prevent hung event handlers by @sauravpanda in https://github.com/browser-use/browser-use/pull/4711
• Bump pillow to 12.2.0 (CVE-2026-40192) by @sauravpanda in https://github.com/browser-use/browser-use/pull/4713
• Bump pypdf to 6.10.2 (CVE-2026-40260) by @sauravpanda in https://github.com/browser-use/browser-use/pull/4714
• Bump aiohttp to 3.13.4 (CVE-2026-34515) by @sauravpanda in https://github.com/browser-use/browser-use/pull/4715
• docs: fix malformed HTML attributes in README picture/img tags by @abhicris in https://github.com/browser-use/browser-use/pull/4712
• fix(element): redact sensitive values in fill() debug logging by @Will-hxw in https://github.com/browser-use/browser-use/pull/4736
• fix(schema): remove unreachable 'type' key from validation fields list by @Will-hxw in https://github.com/browser-use/browser-use/pull/4734
• docs: update issue template setup and docs links by @Ankit-Kotnala in https://github.com/browser-use/browser-use/pull/4746
• Find more recent versions of Playwright-installed Chromium for Mac/ARM users by @alisha in https://github.com/browser-use/browser-use/pull/4680
• fix: remove dead code 'type' from second elif branch in optimize_schema() by @kuishou68 in https://github.com/browser-use/browser-use/pull/4704
• fix: preserve partial action results when mid-batch action fails by @toller892 in https://github.com/browser-use/browser-use/pull/4770
• fix: survive AX tree iframe detach in DOM extraction (#4778) by @sauravpanda in https://github.com/browser-use/browser-use/pull/4797
• fix(BrowserError): drop trailing 'during: None' when no event is attached by @LarsenCundric in https://github.com/browser-use/browser-use/pull/4787
• fix: handle locked Chrome profile copies by @duyua9 in https://github.com/browser-use/browser-use/pull/4810
• fix: handle multi-character upper/lower in CDP typing by @LarsenCundric in https://github.com/browser-use/browser-use/pull/4818
• fix: respect proxy_country_code=None to disable proxy in cloud mode by @LarsenCundric in https://github.com/browser-use/browser-use/pull/4861
• patched python-dotenv by @sauravpanda in https://github.com/browser-use/browser-use/pull/4863
• fix(mcp): default retry_with_browser_use_agent allowed_domains to None by @sauravpanda in https://github.com/browser-use/browser-use/pull/4864
• fix(tools): contain upload_file path inside FileSystem dir by @sauravpanda in https://github.com/browser-use/browser-use/pull/4865
• fix(security): canonicalize non-standard IPv4 forms in block_ip_addresses by @sauravpanda in https://github.com/browser-use/browser-use/pull/4866
• fix(downloads): sanitize attacker-controlled filenames and verify containment by @sauravpanda in https://github.com/browser-use/browser-use/pull/4867
• Bump version from 0.12.6 to 0.12.7 by @sauravpanda in https://github.com/browser-use/browser-use/pull/4869

New Contributors

• @r266-tech made their first contribution in https://github.com/browser-use/browser-use/pull/4464
• @grtninja made their first contribution in https://github.com/browser-use/browser-use/pull/4656
• @voidborne-d made their first contribution in https://github.com/browser-use/browser-use/pull/4690
• @AtharvaJaiswal005 made their first contribution in https://github.com/browser-use/browser-use/pull/4104
• @abhicris made their first contribution in https://github.com/browser-use/browser-use/pull/4712
• @Will-hxw made their first contribution in https://github.com/browser-use/browser-use/pull/4736
• @Ankit-Kotnala made their first contribution in https://github.com/browser-use/browser-use/pull/4746
• @alisha made their first contribution in https://github.com/browser-use/browser-use/pull/4680
• @kuishou68 made their first contribution in https://github.com/browser-use/browser-use/pull/4704
• @toller892 made their first contribution in https://github.com/browser-use/browser-use/pull/4770
• @duyua9 made their first contribution in https://github.com/browser-use/browser-use/pull/4810

Full Changelog: https://github.com/browser-use/browser-use/compare/0.12.6...0.12.7