fix(deps): update dependency @anthropic-ai/sdk to v0.27.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@anthropic-ai/sdk	0.26.1 -> 0.27.0

---

Release Notes

anthropics/anthropic-sdk-typescript (@​anthropic-ai/sdk)

v0.27.0

Full Changelog: sdk-v0.26.1...sdk-v0.27.0

Features

• client: add support for browser usage (#​504) (93c5f16)

Documentation

• readme: update formatting and clarity for CORS flag (9cb2c35)

---

Configuration

📅 Schedule: Branch creation - "* 0-4 * * 3" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

anthropic debug - [puLL-Merge] - anthropics/anthropic-sdk-typescript@sdk-v0.26.1..sdk-v0.27.0

Description

This PR updates the Anthropic TypeScript SDK to version 0.27.0, adding support for browser usage and improving documentation. The main changes include introducing a new dangerouslyAllowBrowser option to allow client-side use of the library, updating the README with more detailed explanations about browser usage risks, and making necessary adjustments to the client code to accommodate these changes.

Changes

Changes

1. .release-please-manifest.json:

   • Updated the version number from 0.26.1 to 0.27.0.

2. CHANGELOG.md:

   • Added entry for version 0.27.0 with details about new features and documentation updates.

3. README.md:

   • Added information about web browser runtime support.
   • Included a detailed explanation of the risks associated with enabling browser support and scenarios where it might be acceptable.

4. package.json:

   • Updated the version number to 0.27.0.

5. src/index.ts:

   • Added a new dangerouslyAllowBrowser option to the ClientOptions interface.
   • Updated the constructor to check for this option before throwing an error in browser environments.
   • Added a new header anthropic-dangerous-direct-browser-access when dangerouslyAllowBrowser is set to true.

6. src/version.ts:

   • Updated the VERSION constant to 0.27.0.

Security Hotspots

1. The introduction of the dangerouslyAllowBrowser option could potentially lead to security risks if misused. While the SDK provides warnings and documentation about the dangers, users might still enable this option without fully understanding the implications, potentially exposing their API credentials in client-side code.

Possible Issues

1. The error message in src/index.ts mentions a "TODO: link!" which should be replaced with an actual link to more detailed documentation about browser usage risks and best practices.

2. The new header anthropic-dangerous-direct-browser-access is added when dangerouslyAllowBrowser is true, but it's not clear how this header is used or processed on the server side. This might need additional documentation or implementation details.

[github-actions]

bedrock debug - [puLL-Merge] - anthropics/anthropic-sdk-typescript@sdk-v0.26.1..sdk-v0.27.0

Description

This PR introduces support for browser usage of the Anthropic SDK, along with version updates and documentation improvements. It adds a new dangerouslyAllowBrowser option to enable browser support, which is disabled by default for security reasons.

Possible Issues

1. The new dangerouslyAllowBrowser option could be misused, potentially exposing API credentials in client-side code if not handled carefully.

Security Hotspots

1. The dangerouslyAllowBrowser option in src/index.ts allows the SDK to run in browser environments, which could expose API credentials if not used properly.

Changes

Changes

1. .release-please-manifest.json:

   • Updated version to 0.27.0

2. CHANGELOG.md:

   • Added entry for version 0.27.0
   • Documented new feature for browser support and README updates

3. README.md:

   • Added information about browser support and the dangerouslyAllowBrowser option
   • Included a warning about the risks of using the SDK in browser environments
   • Provided examples of when using the option might be less risky

4. package.json:

   • Updated version to 0.27.0

5. src/index.ts:

   • Added dangerouslyAllowBrowser option to ClientOptions interface
   • Updated constructor to check for dangerouslyAllowBrowser option
   • Modified error message when running in browser-like environment
   • Added a header anthropic-dangerous-direct-browser-access when dangerouslyAllowBrowser is true

6. src/version.ts:

   • Updated version to 0.27.0

The main changes revolve around adding browser support with appropriate warnings and safeguards. The PR also includes version bumps and documentation updates to reflect these changes.