Skip to content

Update @onkernel/sdk to 0.78#122

Merged
yummybomb merged 3 commits into
mainfrom
hypeship/update-sdk-0-78
Jul 15, 2026
Merged

Update @onkernel/sdk to 0.78#122
yummybomb merged 3 commits into
mainfrom
hypeship/update-sdk-0-78

Conversation

@yummybomb

@yummybomb yummybomb commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

summary

  • update @onkernel/sdk from ^0.60.0 to ^0.78.0
  • migrate browser pool, extension, proxy, and credential-provider list calls to paginated SDK responses
  • expose limit/offset and return has_more/next_offset for those list tools
  • remove the unsupported browser-pool save_profile_changes input
  • keep the fixed browser-pools resource exhaustive by iterating all pages

This isolates the SDK migration from feature PRs that need newer SDK endpoints. It supersedes the dependency migration in #117.

verification

  • bun install --frozen-lockfile
  • bunx tsc --noEmit
  • Prettier check on changed source and package files

The lockfile's next spec normalization (16.2.6 to ^16.2.6) matches the existing package.json; the resolved Next.js version is unchanged.


Note

Medium Risk
SDK upgrade plus changed list response shapes may break agents that assumed full arrays or the removed pool field; pagination behavior is a contract change across multiple tools.

Overview
Bumps @onkernel/sdk from ^0.60.0 to ^0.78.0 (lockfile only normalizes next to ^16.2.6; resolved Next version unchanged).

List operations on browser pools, extensions, proxies, and credential providers now call the SDK’s paginated list({ limit, offset }) APIs and return results via paginatedJsonResponse with has_more / next_offset. Those tools accept shared limit / offset from paginationParams. paginatedJsonResponse forwards emptyText and other options into the uniform { items, has_more, next_offset } JSON shape.

The browser-pools:// resource still returns a full inventory by async-iterating all pages from browserPools.list(), while the list tool stays page-sized.

Browser pool create/update drops the save_profile_changes MCP input (omitted from PoolConfigParams) because the newer SDK/API no longer supports it.

manage_credentials tightens the values schema to z.record(z.string(), z.string()) for Zod/SDK alignment.

Reviewed by Cursor Bugbot for commit c02b149. Bugbot is set up for automated code reviews on this repo. Configure here.

@vercel

vercel Bot commented Jul 14, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
mcp Ready Ready Preview, Comment Jul 15, 2026 2:22pm

@socket-security

socket-security Bot commented Jul 14, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updated@​onkernel/​sdk@​0.60.0 ⏵ 0.78.082 +5100100 +199 +1100

View full report

@yummybomb yummybomb marked this pull request as ready for review July 15, 2026 14:28

@Sayan- Sayan- left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review: verifying the SDK 0.60 → 0.78 breaking-change migration

Approving. Notes on how this was verified, so a future reader can retrace it.

The concern with a bump this wide isn't whether the new code reads correctly — it's whether every breaking change was caught. Two breaks matter here: the .list() methods that returned bare arrays now return an offset-paginated PagePromise, and save_profile_changes was removed from the pool config. So the review targeted completeness.

Checked against the installed 0.78 SDK types, not the PR description:

  • browserPools.list, extensions.list, proxies.list, and credentialProviders.list all now return PagePromise<…OffsetPagination, T>, and the code consumes them via the page shape (getPaginatedItems(), has_more, next_offset). Their *ListParams extend OffsetPaginationParams, so the limit/offset inputs are real.
  • save_profile_changes is gone from the SDK entirely, so Omit<BrowserCreateConfigParams, "save_profile_changes"> and dropping the MCP input is a genuine fix.

Checked for missed call sites. Every .list() in src/ was reviewed. The other list tools (apps, browsers, profiles, api-keys, projects, auth-connections, credentials) were already on the paginated page pattern and aren't touched here — this PR migrates only the four that were still returning arrays.

tsc --noEmit is the completeness check. It passes clean. Old code returned arrays, the new SDK returns PagePromise, so any missed call site would be a type error. Zero errors means nothing stale survived.

The responses.ts change is required by the migration. paginatedJsonResponse now spreads ...options so emptyText reaches itemsJsonResponse; without it, the empty-state note for extensions/proxies would be dropped when they moved off itemsJsonResponse.

Remaining changes:

  • The browser-pools:// resource switched to for await (… of …list()), so it stays exhaustive across pages instead of relying on a single array return.
  • credentials valuesz.record(z.string(), z.string()) is the required two-arg form; the list call itself was already paginated.

Verdict: breaking changes handled completely. tsc clean, page shapes match the SDK, no missed call sites.

One nit (non-blocking): the description mentions a mocked credential-provider list test, but there's no test file in the diff and bun test finds none in the repo. The change is sound without it — either add the test or drop the line so the description matches what landed.

@yummybomb

Copy link
Copy Markdown
Contributor Author

One nit (non-blocking): the description mentions a mocked credential-provider list test, but there's no test file in the diff and bun test finds none in the repo. The change is sound without it — either add the test or drop the line so the description matches what landed.

Dropped the line in the description about the mocked credential provider list test

@yummybomb yummybomb merged commit 2258ad4 into main Jul 15, 2026
10 checks passed
@yummybomb yummybomb deleted the hypeship/update-sdk-0-78 branch July 15, 2026 17:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants