Skip to content

harness-sdk

v1.33.0 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 2mo AI Agents & Assistants
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

agentic agentic-ai agents ai anthropic autonomous-agents
+13 more
bedrock genai litellm llama llm machine-learning mcp multi-agent-systems ollama openai opentelemetry python strands-agents

Affected surfaces

deps

Summary

AI summary

Hard pins litellm<=1.82.6 to mitigate a supply chain attack

Full changelog

Pins litellm<=1.82.6 to supply chain attack - S​upply Chain Attack in litellm 1.82.8 on PyPI

What's Changed

  • fix: summarization conversation manager sometimes returns empty response by @Unshure in https://github.com/strands-agents/sdk-python/pull/1947
  • fix: remove agent from swarm test to get more consistency out of it by @Unshure in https://github.com/strands-agents/sdk-python/pull/1946
  • fix: CRITICAL: Hard pin litellm<=1.82.6 to mitigate supply chain attack by @udaymehta in https://github.com/strands-agents/sdk-python/pull/1961

New Contributors

  • @udaymehta made their first contribution in https://github.com/strands-agents/sdk-python/pull/1961

Full Changelog: https://github.com/strands-agents/sdk-python/compare/v1.32.0...v1.33.0

Security Fixes

  • Hard pin litellm<=1.82.6 to mitigate supply chain attack (see https://futuresearch.ai/blog/litellm-pypi-supply-chain-attack/)
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track harness-sdk

Get notified when new releases ship.

Sign up free

About harness-sdk

A model-driven approach to building AI agents in just a few lines of code.

All releases →

Related context

Beta — feedback welcome: [email protected]