Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions go/Dockerfile.full
Original file line number Diff line number Diff line change
Expand Up @@ -29,13 +29,15 @@ RUN --mount=type=cache,target=/var/cache/apk,rw \
apk add --no-cache \
bash git ca-certificates nodejs npm node-gyp bubblewrap python-${TOOLS_PYTHON_VERSION} libstdc++

# Keep the pinned sandbox-runtime revision, but replace its vulnerable locked lodash-es version.
# Keep the pinned sandbox-runtime revision, but replace its vulnerable locked package versions.
# Both lodash-es and shell-quote are direct dependencies of sandbox-runtime, so pinning them
# with --save-exact is the correct way to force patched versions.
RUN --mount=type=cache,target=/root/.npm \
mkdir -p /opt && \
cd /opt && \
git clone --depth 1 --revision=ef4afdef4d711ba21a507d7f7369e305f7d3dbfa https://github.com/anthropic-experimental/sandbox-runtime.git && \
cd sandbox-runtime && \
npm install --save-exact lodash-es@4.18.1 @types/lodash-es@4.17.12 && \
npm install --save-exact lodash-es@4.18.1 @types/lodash-es@4.17.12 shell-quote@1.8.4 && \
npm run build && \
Comment thread
jsonmp-k8 marked this conversation as resolved.
npm prune --omit=dev

Expand Down
2 changes: 1 addition & 1 deletion python/packages/agentsts-adk/pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ dependencies = [
"typing-extensions>=4.8.0",
"aiofiles>=24.1.0",
"anyio>=4.9.0",
"PyJWT>=2.12.0",
"PyJWT>=2.13.0",
]

[tool.uv.sources]
Expand Down
2 changes: 1 addition & 1 deletion python/packages/agentsts-core/pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ dependencies = [
"pydantic>=2.5.0",
"typing-extensions>=4.8.0",
"cryptography>=41.0.0", # For JWT handling
"PyJWT>=2.12.0", # For JWT token parsing
"PyJWT>=2.13.0", # For JWT token parsing
]

[project.optional-dependencies]
Expand Down
2 changes: 2 additions & 0 deletions python/pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,9 @@ constraint-dependencies = [
"cryptography>=48.0.0",
"jaraco-context>=6.1.0",
"mako>=1.3.12",
"pyarrow>=23.0.1",
"pyasn1>=0.6.3",
"pyjwt>=2.13.0",
"pyopenssl>=26.0.0",
"python-dotenv>=1.2.2",
"requests>=2.34.2",
Expand Down
Loading
Loading