github/OpenHands
1
0
Fork 0
mirror of https://github.com/OpenHands/OpenHands.git synced 2026-03-22 05:37:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
6,320 Commits 1,216 Branches 123 Tags
main
Commit Graph

37 Commits

Author SHA1 Message Date
aivong-openhands
2d1e9fa35b Fix CVE-2026-33123: Update pypdf to 6.9.1 (#13473) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-03-19 11:05:30 -04:00
aivong-openhands
2879e58781 Fix CVE-2026-30922: Update pyasn1 to 0.6.3 (#13452) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-03-18 16:00:06 -04:00
dependabot[bot]
26fa1185a4 chore(deps): bump mcp from 1.25.0 to 1.26.0 in the mcp-packages group (#13314) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: openhands <openhands@all-hands.dev>
Co-authored-by: aivong-openhands <ai.vong@openhands.dev>
 2026-03-17 17:44:35 -05:00
aivong-openhands
d58e12ad74 Fix CVE-2026-27962: Update authlib to 1.6.9 (#13439) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
Co-authored-by: OpenHands Bot <contact@all-hands.dev>
 2026-03-17 10:13:08 -05:00
aivong-openhands
f7ca32126f Fix CVE-2026-32597: Update pyjwt to 2.12.0 (#13405) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-03-14 09:35:56 -05:00
John-Mason P. Shackelford
0c51089ab6 Upgrade the SDK to 1.14.0 (#13398) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-13 21:07:20 -04:00
aivong-openhands
e82bf44324 Fix CVE-2025-67221: Update orjson to 3.11.6+ (#13371) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-03-13 06:58:56 -05:00
Tim O'Farrell
c1328f512d Upgrade the SDK to 1.13.0 (#13365) 2026-03-12 13:28:19 -06:00
aivong-openhands
127e611706 Fix GHSA-78cv-mqj4-43f7: Update tornado to 6.5.5 (#13362) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-03-12 13:22:39 -05:00
dependabot[bot]
7e66304746 chore(deps): bump pypdf from 6.7.5 to 6.8.0 (#13348) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-11 12:09:09 -05:00
Tim O'Farrell
c8fe39b176 Upgrading SDK to 1.12.0 (#13248) 2026-03-09 21:06:12 +07:00
aivong-openhands
cfbf29f6e8 chore: downgrade fastmcp to 2.12.4 in uv.lock (#13240) 
Co-authored-by: openhands <openhands@all-hands.dev>
Co-authored-by: OpenHands Bot <contact@all-hands.dev>
 2026-03-05 14:42:01 -06:00
aivong-openhands
42b0a89366 Fix CVE-2026-28802: Update authlib to 1.6.7 (#13229) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-03-05 08:56:47 -06:00
aivong-openhands
039e966dad update mcp to 1.25.0 in uv lock (#13231) 2026-03-05 07:42:24 -06:00
aivong-openhands
0ae9128ed7 Fix CVE-2025-69223: Update aiohttp to 3.13.3 (#13008) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-03-03 17:43:05 -06:00
dependabot[bot]
35024aeffe chore(deps): bump pypdf from 6.7.3 to 6.7.5 (#13157) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: openhands <openhands@all-hands.dev>
Co-authored-by: aivong-openhands <ai.vong@openhands.dev>
 2026-03-03 12:45:43 -06:00
aivong-openhands
a927b9dc73 Fix CVE-2023-36464 update to openhands-aci 0.3.3 to remove pypdf2 (#13142) 2026-03-03 09:19:50 -06:00
aivong-openhands
0b9fd442bd chore: update uv lock and enterprise poetry lock to replace python-jose with jwcrypto (#13105) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-03 09:19:30 -06:00
dependabot[bot]
530065dfa7 chore(deps): bump pillow from 12.1.0 to 12.1.1 in uv lock and enterprise poetry lock (#13101) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-02 13:56:13 -06:00
dependabot[bot]
8dde385843 chore(deps): bump pypdf from 6.7.2 to 6.7.3 (#13099) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-02-27 13:32:02 -06:00
dependabot[bot]
1f185173b7 chore(deps): bump pypdf to 6.7.2 (#13072) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: openhands <openhands@all-hands.dev>
Co-authored-by: aivong-openhands <ai.vong@openhands.dev>
 2026-02-27 08:35:25 -06:00
aivong-openhands
7f3af371d1 protobuf pypdf uv lock updates (#13045) 2026-02-25 14:19:16 -06:00
aivong-openhands
1421794c1b Fix CVE-2026-26007: Update cryptography to 46.0.5 (#13009) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-02-25 14:18:16 -06:00
aivong-openhands
2fc689457c Fix CVE-2026-24486: Update python-multipart to 0.0.22 (#13015) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-02-25 10:15:58 -06:00
aivong-openhands
18ab56ef4e Fix CVE-2026-23490: Update pyasn1 to 0.6.2 (#13013) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-02-25 08:06:41 -06:00
aivong-openhands
dc039d81d6 Fix CVE-2026-27199: Update werkzeug to 3.1.6 (#13028) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-02-24 18:26:28 -06:00
aivong-openhands
8e4559b14a Fix CVE-2025-61765: Update python-socketio to 5.14.0 (#13027) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-02-24 18:15:04 -06:00
aivong-openhands
a0dba6124a Fix CVE-2026-27026: Update pypdf to at least 6.7.1 (#13025) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-02-24 15:25:06 -06:00
aivong-openhands
951739f3eb Fix CVE-2025-53000: Update nbconvert to 7.17.0 (#13010) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-02-24 14:46:31 -06:00
aivong-openhands
0f1ad46a47 Fix CVE-2025-62727: Update starlette to 0.49.1 (#13016) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
Co-authored-by: Ray Myers <ray.myers@gmail.com>
 2026-02-24 10:55:32 -06:00
Tim O'Farrell
0efb1db85d Bumped SDK to 1.11.5 (#13002) 2026-02-23 09:31:31 -07:00
OpenHands Bot
cd235cc8c7 Bump SDK packages to v1.11.4 (#12839) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: openhands <openhands@all-hands.dev>
Co-authored-by: Tim O'Farrell <tofarr@gmail.com>
 2026-02-11 10:55:46 -07:00
Hiep Le
1948200762 chore: update sdk to the latest version (#12811) 2026-02-11 12:57:08 +07:00
Hiep Le
b23ab33a01 chore: update sdk to the latest version (#12762) 2026-02-06 00:25:11 +07:00
Hiep Le
25cc55e558 chore: update sdk to the latest version (#12737) 2026-02-04 01:20:13 +07:00
Hiep Le
23251a2487 fix: cannot run code locally in SaaS mode (#12465) 2026-01-16 08:42:19 -07:00
Saurya Velagapudi
169ca5aae9 UV Migration Steps 1.3-1.6: Add project dependencies and generate uv.lock (#12416) 
Co-authored-by: openhands <openhands@all-hands.dev>
Co-authored-by: Saurya <saurya@openhands.dev>
 2026-01-14 19:32:31 -07:00