Skip to content

ai@6.0.202

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 11 Jun 16:17
· 1028 commits to main since this release
ai@6.0.202
9ef2c3c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Patch Changes

  • 942f2f8: fix(security): re-validate tool approvals from client message history before execution

    The approval-replay path in generateText/streamText reconstructed approved tool calls from the client-supplied messages array and executed them without re-validating input against the tool's schema or re-checking that the tool actually requires approval. A client could forge an assistant message with a pre-approved tool-call part and have the server execute a tool with attacker-chosen arguments.

    The replay path now verifies the HMAC signature (when experimental_toolApprovalSecret is configured), re-validates tool-call input against the tool's input schema, and re-resolves whether the tool requires approval before execution.

  • Updated dependencies [942f2f8]

    • @ai-sdk/provider-utils@4.0.28
    • @ai-sdk/gateway@3.0.128
Assets 2
Loading