[STG-1798] feat: support Browserbase verified sessions#1980
Merged
Conversation
🦋 Changeset detectedLatest commit: c2bde33 The changes in this PR will be included in the next version bump. This PR includes changesets to release 4 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
Contributor
✱ Stainless preview buildsThis PR will update the
|
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
No issues found across 13 files
Confidence score: 5/5
- Automated review surfaced no issues in the provided summaries.
- No files require special attention.
Architecture diagram
sequenceDiagram
participant Client
participant API as Server (v3/v4 API)
participant Core as V3 Core (Stagehand)
participant Handler as V3CuaAgentHandler
participant GoogleCUA as GoogleCUAClient
participant BBSDK as Browserbase SDK
Note over Client,BBSDK: Session Initialization Flow
Client->>API: POST /session (Start Session)
Note right of API: NEW: Validates verified, os, <br/>captcha selectors in schema
API->>Core: init(browserbaseSessionCreateParams)
Core->>Core: CHANGED: Check isVerified / isAdvancedStealth
Note right of Core: Legacy advancedStealth is now <br/>treated as an alias for verified
Core->>BBSDK: CHANGED: createSession() with ^2.10.0 features
BBSDK-->>Core: Session Metadata
Core-->>API: Session ID
API-->>Client: 200 OK
Note over Client,BBSDK: Runtime Agent Interaction (e.g., coordinate normalization)
Client->>Handler: executeAction()
Handler->>Core: get isVerified
Core-->>Handler: boolean (verified || advancedStealth)
alt NEW: Browserbase Managed Fingerprinting (isVerified)
Handler->>GoogleCUA: CHANGED: setViewport(1288, 711)
Handler->>Handler: Use STEALTH_VIEWPORT for coordinate normalization
else Standard Mode
Handler->>GoogleCUA: setViewport(configuredViewport)
Handler->>Handler: Use configured dimensions for normalization
end
Handler->>GoogleCUA: Perform action with processed coordinates
GoogleCUA-->>Handler: Result
Handler-->>Client: Action Complete
shrey150
force-pushed
the
shrey/verified-browserbase-sdk
branch
from
e908c42 to
26cb97d
Compare
shrey150
commented
Apr 8, 2026
miguelg719
approved these changes
Apr 8, 2026
This was referenced Apr 8, 2026
tkattkat
added a commit
that referenced
this pull request
Apr 9, 2026
…)" (#1987) ## Summary - Reverts PR #1822 which added `providerOptions` for extensible model auth (Bedrock/Vertex) - Removes `providerOptions` bag from model config schema, Bedrock examples, provider config, and server-side `modelClientOptions` storage/passthrough ## Note - One test from PR #1980 (`accepts verified Browserbase session settings` in `model-config-schema.test.ts`) was removed as part of this revert since the test file was originally created by #1822. That test may need to be re-added in a separate file. Made with [Cursor](https://cursor.com) <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Reverts the `providerOptions`-based model auth from #1822 (STG-1573) and restores the previous auth flow: no provider options passthrough; model auth is via the `x-model-api-key` header. - **Refactors** - Removed `providerOptions` and server-side `modelClientOptions` passthrough from core and server. - Deleted Bedrock examples and provider config; pruned related schemas and tests. - Simplified OpenAPI: removed ProviderOptions/ModelClientOptions components and helpers extracting model config from request bodies. - **Migration** - Remove `providerOptions` from all model configs and requests. - Do not send `modelClientOptions` in session start; the server ignores it. - Send model API keys via the `x-model-api-key` header; remove any `skipApiKeyFallback` usage. - If you adopted `vertex/*` names from #1822, switch to `google/*`. <sup>Written for commit 1a3bbcb. Summary will update on new commits. <a href="https://cubic.dev/pr/browserbase/stagehand/pull/1987">Review in cubic</a></sup> <!-- End of auto-generated description by cubic. -->
This was referenced Apr 10, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
@browserbasehq/sdkto^2.10.0inpackages/core,packages/server-v3, andpackages/server-v4verified,os, and custom captcha session settings to the Stagehand Browserbase session-create schema and generated OpenAPI specsadvancedStealthbehavior working by treating it as a compatibility alias for the new verified-mode checks in Stagehand internalsTesting
pnpm --filter @browserbasehq/stagehand build:esmpnpm --filter @browserbasehq/stagehand test:core -- packages/core/dist/esm/tests/unit/browserbase-session-accessors.test.js packages/core/dist/esm/tests/unit/model-config-schema.test.jspnpm --filter @browserbasehq/stagehand typecheckpnpm --filter @browserbasehq/stagehand-server-v3 typecheckpnpm --filter @browserbasehq/stagehand-server-v4 typecheckbrowserSettings.verified: trueLinear: https://linear.app/browserbase/issue/STG-1798/support-browserbase-verified-session-settings
Summary by cubic
Adds support for Browserbase Verified sessions with new session settings across Stagehand APIs and a fixed Google CUA viewport when Verified, addressing Linear STG-1798. Deprecates the
isAdvancedStealthalias in favor ofv3.isVerified, and fixes abort-signal handling to fail fast on already-aborted signals.New Features
verified,os,captchaImageSelector, andcaptchaInputSelectorto Browserbase browser settings and generated OpenAPI (v3 and v4).v3.isVerified; keepisAdvancedStealthas a deprecated, backward-compatible alias.Dependencies
@browserbasehq/sdkto^2.10.0inpackages/core,packages/server-v3, andpackages/server-v4.Written for commit c2bde33. Summary will update on new commits. Review in cubic