chore(deps): update dependency browser-use to v0.1.45 [security] #168

renovate · 2025-05-05T22:22:13Z

This PR contains the following updates:

Package	Change	Age	Confidence
browser-use	`==0.1.23` -> `==0.1.45`

GitHub Vulnerability Alerts

CVE-2025-47241

Summary

During a manual source code review, ARIMLABS.AI researchers identified that the browser_use module includes an embedded whitelist functionality to restrict URLs that can be visited. This restriction is enforced during agent initialization. However, it was discovered that these measures can be bypassed, leading to severe security implications.

Details

File: browser_use/browser/context.py

The BrowserContextConfig class defines an allowed_domains list, which is intended to limit accessible domains. This list is checked in the _is_url_allowed() method before navigation:

@&#8203;dataclass
class BrowserContextConfig:
    """
    [STRIPPED]
    """
    cookies_file: str | None = None
    minimum_wait_page_load_time: float = 0.5
    wait_for_network_idle_page_load_time: float = 1
    maximum_wait_page_load_time: float = 5
    wait_between_actions: float = 1

    disable_security: bool = True

    browser_window_size: BrowserContextWindowSize = field(default_factory=lambda: {'width': 1280, 'height': 1100})
    no_viewport: Optional[bool] = None

    save_recording_path: str | None = None
    save_downloads_path: str | None = None
    trace_path: str | None = None
    locale: str | None = None
    user_agent: str = (
        'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36'
    )

    highlight_elements: bool = True
    viewport_expansion: int = 500
    allowed_domains: list[str] | None = None
    include_dynamic_attributes: bool = True

    _force_keep_context_alive: bool = False

The _is_url_allowed() method is responsible for checking whether a given URL is permitted:

def _is_url_allowed(self, url: str) -> bool:
    """Check if a URL is allowed based on the whitelist configuration."""
    if not self.config.allowed_domains:
        return True

    try:
        from urllib.parse import urlparse

        parsed_url = urlparse(url)
        domain = parsed_url.netloc.lower()

        # Remove port number if present
        if ':' in domain:
            domain = domain.split(':')[0]

        # Check if domain matches any allowed domain pattern
        return any(
            domain == allowed_domain.lower() or domain.endswith('.' + allowed_domain.lower())
            for allowed_domain in self.config.allowed_domains
        )
    except Exception as e:
        logger.error(f'Error checking URL allowlist: {str(e)}')
        return False

The core issue stems from the line domain = domain.split(':')[0], which allows an attacker to manipulate basic authentication credentials by providing a username:password pair. By replacing the username with a whitelisted domain, the check can be bypassed, even though the actual domain remains different.

Proof of Concept (PoC)

Set allowed_domains to ['example.com'] and use the following URL:

https://example.com:pass@localhost:8080

This allows bypassing all whitelist controls and accessing restricted internal services.

Impact

Affected all users relying on this functionality for security.
Potential for unauthorized enumeration of localhost services and internal networks.
Ability to bypass domain whitelisting, leading to unauthorized browsing.

Release Notes

browser-use/browser-use (browser-use)

`v0.1.45`

Compare Source

What's Changed

✨Add NEW interactive CLI like claude code for browser-use by @pirate in #1559
💔 BREAKING CHANGE: BrowserWindowContextSize object removed, switch to flat attrs instead. sorry for the trouble!
change: BrowserContextConfig(window_size=BrowserWindowContextSize(width=1280, height=900)
to: flat BrowserContextConfig(window_width=1280, window_height=900), used for viewport as well when no_viewport=False
in #1557
🔒 fix security issue with url parsing of allowed_domains by @pirate in #1561
_ _
fix(eval): update GOOGLE_API_KEY comment to GEMINI_API_KEY by @morugu in #1554
Fix: Make viewport_expansion=-1 parameter work properly to include all page elements by @pyoneerC in #1552
refactor: add caching for client rects and improve highlight cleanup logic by @satya-nutella in #1551
fix: add cursor:pointer handling in buildDomTree and update test URLs to handle expander icons by @satya-nutella in #1502
removing the browser channel from the _setup_browser in browser.py by @pmajor74 in #1538
Improve anti-bot fingerprint detection, should work with cloudflare sites and google logins now
Lowering the z-index by @os1rix in #1545
Support Azure OpenAI API GPT-4 by @pyoneerC in #1532
Ensure contenteditable fields are interactable by @edwardysun in #1548
Add Google Sheets support directly in main controller by @pirate in #1550

New Contributors

@morugu made their first contribution in #1554
@satya-nutella made their first contribution in #1551
@pmajor74 made their first contribution in #1538

Full Changelog: browser-use/browser-use@0.1.43...0.1.45

`v0.1.43`

Compare Source

What's Changed

Revise README.md to enhance clarity and organization of features, inc… by @MagMueller in #1540
Add unit tests for controller actions that automatically run on CI by @Anirudha619 in #1518
Add pyupgrade to automatically upgrade python syntax over time by @pirate in #1544
Fix: Terminal reset sequence when exiting with Ctrl+C by @pyoneerC in #1534
Fix faiss-cpu by @Dev-Khant in #1546

New Contributors

@pyoneerC made their first contribution in #1534

Full Changelog: browser-use/browser-use@0.1.42...0.1.43

`v0.1.42`

Compare Source

What's Changed

release 0.1.41 officially by @pirate in #1401
Fix: newlines in attribute values by @edwardysun in #1413
fix: Make memory module optional for Python 3.13 compatibility by @lynnzc in #1418
Mem0: Embedder config for different LLMs by @Dev-Khant in #1388
fix: update version retrieval method to use importlib.metadata by @zacka026 in #1427
change GOOGLE_API_KEY to GEMINI_API_KEY. by @EnzoFanAccount in #1435
Add anti bot detection via patchright by @neo773 in #857
fix(agent): Add max steps error to agent history #439 by @Shyanil in #834
Update Inconsistent AzureOpenAI env variables by @qkfang in #1417
Add grok example, update doc, and upgrade Grok model in eval by @dha-aa in #1424
Fix linter issues with new MemoryConfig changes and vector_store_path by @pirate in #1440
Fix #1376 change action name in test_core_functionality.py by @Anirudha619 in #1441
Add extended system prompt capability for planner by @mathisarends-viadee in #1281
Improve eval tool by @Alezander9 in #1416
Fixs #1442 : 'AgentSettings' object has no attribute 'enable_memory' by @Anirudha619 in #1443
Use ainvoke for async LLM call in extract_content by @Haskely in #1313
fix: update example_tool_call to use click_element_by_index action by @lynnzc in #1432
Connect eval tool by @Alezander9 in #1421
Fix merge conflict indentation change causing duplicate lines by @pirate in #1447
Simplify self._verify_llm_connection() on init by @pirate in #1448
Add new force_new_context=True flag so that custom context config can be applied when connecting to existing browsers by @kalil0321 in #1412
Detect blocking synchronous commands in asyncio code by @cclauss in #1310
ruff rule FAST002: FastAPI dependency without Annotated by @cclauss in #1451
Fix: Ensure first element is correctly indexed in sibling list by @shivamkhatri in #1369
chore: replace playwright with patchright by @lynnzc in #1452
fix: set highlight div backgroundColor to transparent by @youngjuning in #1414
Follow XDG Base Directory Specification to store telemetry_user_id by @louiskhub in #1309
remove dead _verification_task code by @pirate in #1454
Update mem0ai as a dependency in pyproject.toml by @deshraj in #1449
minor fixes when starting Ollama model by @paul2048 in #1455
fix status code when checking if chrome browser is already running by @prenit-wankhede in #1480
Fix RuntimeError: no running event loop by @Anirudha619 in #1456
Alllow providing chrome_remote_debugging_port in browser config. Fix launching user provided chrome browser. by @prenit-wankhede in #1482
Optionally disable mem0 telemetry by @vfdev-5 in #1470
Fix(agent): Robustly handle empty LLM actions to ensure ParaBank functionality (#1476) by @Shyanil in #1495
Added Contribution Guide Page in development Page by @unaisshemim in #1493
fix gif chinese display 修复gif中文显示异常 by @Ekac00 in #1478
Improve Github Actions CI tests issue #1444 by @dha-aa in #1462
prevent github actions from running twice for each commit by @pirate in #1496
eval: adding o4 mini support by @Parth220 in #1515
Added support for gemma instruction-tuned models by @KamilU01 in #1257
fix linter by @pirate in #1524
fix: error in done action when using sensitive_data with custom output_model by @BohdanPetryshyn in #1510
Fix browser_window_size not changing window size in non-headless mode by @sandeepsalwan1 in #1472
feat: Add Playwright script generation from agent history by @RogelioRichmanAstronaut in #1437
Fix: Allow user-provided no_viewport setting in browser sizing by @sandeepsalwan1 in #1528
Track errors by @MagMueller in #1530
Feature/source tracking by @MagMueller in #1531

New Contributors

@edwardysun made their first contribution in #1413
@Dev-Khant made their first contribution in #1388
@EnzoFanAccount made their first contribution in #1435
@neo773 made their first contribution in #857
@Shyanil made their first contribution in #834
@qkfang made their first contribution in #1417
@Anirudha619 made their first contribution in #1441
@Haskely made their first contribution in #1313
@kalil0321 made their first contribution in #1412
@shivamkhatri made their first contribution in #1369
@youngjuning made their first contribution in #1414
@louiskhub made their first contribution in #1309
@paul2048 made their first contribution in #1455
@prenit-wankhede made their first contribution in #1480
@vfdev-5 made their first contribution in #1470
@unaisshemim made their first contribution in #1493
@Ekac00 made their first contribution in #1478
@KamilU01 made their first contribution in #1257
@BohdanPetryshyn made their first contribution in #1510
@sandeepsalwan1 made their first contribution in #1472
@RogelioRichmanAstronaut made their first contribution in #1437

Full Changelog: browser-use/browser-use@0.1.41...0.1.42

`v0.1.41`

Compare Source

Better browser launching, more elements detected, improved logging, config, and much more...

🚀 Thank you all so much who worked on this massive release!
We appreciate all of your contributions and this was a massive effort by many people. Every day the library's capabilities and opportunities grow, and it just keeps getting better as more people show up to help! Thanks for bearing with us catching up with some of these PRs, we got such a flood of attention that it will take us a little while to fully catch up.

.

🛠️ What's Changed

Add flexible system prompt customization options by @MagMueller in #840
Create README.md by @D-Yuva in #831
Updated the incorrect redirecting link for Langchain Models by @Varun270 in #829
build: add repository url to pypi definition by @iloveitaly in #790
docs: expanded browser config example by @iloveitaly in #806
Update real-browser.mdx by @NinoRisteski in #848
Update docs: google_search → search_google by @Strajk in #851
feat: Add Wikipedia navigation example from banana to quantum mechanics by @MagMueller in #854
Fix cookies and nav-bar buttons by @MagMueller in #855
Fix reddit by @MagMueller in #866
Revert extraction layer to previous state to include text again corre… by @MagMueller in #868
Works for immo24 by @MagMueller in #884
Update README.md by @MagMueller in #908
[EASY] Update example in examples/models/claude-3.7-sonnet.py by @dsomel21 in #909
Update quickstart.mdx by @NinoRisteski in #904
Fix:mutable default argument. by @shudaizi1989 in #901
Fixed typo by @Eshwar1212-maker in #898
DeepSeek R1 Distill Support by @codenoid in #996
Separated internal output model from suplied model, and fixed a parsi… by @guybensimhon1 in #959
Update isContentEditable handling to check readonly and disabled attr… by @guybensimhon1 in #937
Fixed typo in browser-settings.mdx, and made external providers a link by @guybensimhon1 in #1039
fix: convert xpath with colons in element names by @cloudcarver in #1038
Eval: Add Grok eval by @siddhantsomani in #1036
Update README.md by @MagMueller in #1102
Add Google Sheets support by automating keyboard shortcuts by @pirate in #1101
Improve: Add dynamic font sizing for large task displays in GIFs by @Anshdeep-Singh in #1096
fix: Update markdownify from 0.14.1 to 1.1.0 to resolve text spacing issues by @lynnzc in #1083
fix: cast element id to string in buildDomTree.js by @KazuhitoT in #1081
Update browser-settings.mdx by @jochen-testingbot in #1075
fix(headless): support headless for real chrome by @laundry2 in #1065
docs: Update agent-settings.mdx by @Anshdeep-Singh in #1103
Feature - Add multibrowser support by @noggies in #950
fix: close httpx connections to avoid memory leaks by @adamdelezuch89 in #895
Fixed missing text input detection in DOM parsing by @KalharPandya in #1043
fix: empty interacted element in history when interacted index is 0 by @NvRom in #1015
Feature to save webpage as PDF to given path by @ml5ah in #1095
Ignore LangChainBetaWarning by @SmartManoj in #1113
Add specific Playwright installation commands by @SmartManoj in #1112
fix import by @SmartManoj in #1111
fix: allow callback to be sync functions by @DarkPhoenix2704 in #1109
Simplify browser setup by @SmartManoj in #1108
fix: swaped the langchain bedrock function by @nicolasdickenmann in #1000
feat: Add browser context options for mobile simulation, geolocation, permissions and timezone settings by @hao-cyber in #1058
Support QwQ-32b by @vonjackustc in #1054
Update quickstart.mdx to use uv by @mikegehard in #1041
Efficient Detection of Interactive Elements using computed cursor style by @Rahul-Sharma-1729 in #1031
fix: Move HTTPX client cleanup from agent to browser close by @lynnzc in #1122
Bugfix: error when trying to create empty dir. by @cheewba in #998
Bugfix: in case if node element has a shadow dom, all other children are not processed by @cheewba in #997
Fixed allowed_domains restriction feature by @niranjandasMM in #1119
Set WindowsProactorEventLoopPolicy for streamlit by @SmartManoj in #1129
Typo examples/shopping.py by @onurkanbakirci in #1125
Open cross-origin iframes in a new tab to avoid needing --disable-web-security by @pirate in #1114
Fixes for tab selection on startup by @pirate in #1141
#544 issue resolved , used chrometabs api by @SwapnilSonker in #633
Fixed the screenshot flickering issue by @PaperBoardOfficial in #740
Update supported-models.mdx by @deanyxu in #1142
Enhance dropdown by @SmartManoj in #933
Fix special case for viewport expansion in visibility check by @Zhen3r in #953
Devops - Removed hatch by @pabshazon in #1035
Add n8n integration documentation for Browser Use by @hoangnb24 in #897
Update Documentation: Clarify the Distinction Between browser-use’s Browser and Playwright’s Browser by @pppp606 in #739
HAR file recording by @jlogtenberg in #967
Added missing env variables in .env.example by @ml5ah in #1145
fix error: name 'browser_class' is not defined by @vikingden8 in #1147
Fix the simple.py example imports by @pirate in #1149
Fix: Explicitly Add google-api-core to Dependencies by @pppp606 in #1027
fix: update hatch build includes for correct package structure by @lynnzc in #1154
Disable opening cross-origin iframes in new tabs for now by @pirate in #1161
Add support for asking the agent to close tabs by @pirate in #1162
Exclude extensions from current tab detection and fix follow_up_tasks example by @pirate in #1163
Fix error when checking cdp url for firefoxness by @pirate in #1164
Clicking by xpath, css selector or text by @jersobh in #1127
Fallback when LLM doesn't produce expected tool call format by @YonderUrik in #736
Improve error logging for LLM API calls and missing env variables by @ml5ah in #1146
Improve chrome launch flags, chrome-in-docker support, anti-fingerprinting, and deterministic rendering by @pirate in #1133
Add dolphin browser driver support by @ProphetDiceBot in #1046
Fix: Corrected typo in telemetry logging by @SpaceGlit in #920
Kill spawned chrome subprocess group on browser.close() when keep_alive=False by @pirate in #1177
Verify LLM API keys work on startup and add Ctrl+C error handling by @pirate in #1178
Adding pre and post step hooks to allow developers to extend Agent.step() with custom behavior by @carlosplanchon in #1028
Refactor ctrl-c handling to separate class by @pirate in #1179
Make the context in extract_content action smaller by @mkuts12 in #981
Add "wait_for_element" capability. by @jersobh in #515
add env var to SKIP_LLM_API_KEY_VERIFICATION on cloud by @pirate in #1181
Improve click by text handling by @jersobh in #1173
Add support for registering actions that should only apply to some pages e.g. *.example.com by @pirate in #1182
Fix: Unable to Retrieve Interactive Elements Bound with addEventListener by @Jonathanqjs in #932
Add windows support to ctrl+C handling by @pirate in #1192
Linter fixes by @pirate in #1196
Improve dev setup docs, manage dev with uv, and run ruff linter on entire codebase by @pirate in #1188
Adding lifecycle hooks section to the docs. by @carlosplanchon in #1197
Bump langchain-google-genai version to fix POLLER errors by @pirate in #1198
pre-commit run pre-commit-hooks --all-files by @cclauss in #891
add pre-commit as a dev dependency by @pirate in #1199
Update and rename ci.yml to lint.yml by @pirate in #1200
Add more pre-commit-hooks and fix invalid jsons by @pirate in #1201
skip broken pytest by @pirate in #1202
Ruff formatting and fixes for entire codebase by @pirate in #1204
Support for reasoning models o1, o1-mini, etc for planner LLM by @ml5ah in #1166
pre-commit run --all-files and pytest by @cclauss in #1210
feat: Update GitHub Actions workflow and documentation for branching … by @achatap in #1189
add the html download feature by @ai-naymul in #1117
Fix KeyError for some models on startup by @pirate in #1220
Log active LLM models on agent startup by @federicovilla55 in #1219
Add support for procedural memory for running agents for longer tasks using mem0 by @deshraj in #1205
fixed logged in state by @PaperBoardOfficial in #1226
fix planner getting current page by @pirate in #1228
Fix pydantic issue causing browser config to be overwritten by @pirate in #1232
add anthropic RateLimitError to list of defined rate limit errors by @Alezander9 in #1230
added active_tab state management by @PaperBoardOfficial in #1221
Add Retry Handling to Bedrock by @dheerajoruganty in #1231
pre-commit run -a (again) by @cclauss in #1214
Ignore signal registration errors in environments that dont support signals by @pirate in #1233
Add example of getting 2FA code from 1password by @pirate in #1234
add rebrowser and creepjs to stealth tests by @pirate in #1235
Fix typos discovered by codespell by @cclauss in #1216
Add http_credentials to browser context. by @b0rgcube in #893
added drag drop action by @PaperBoardOfficial in #1208
Docs: Update system prompt customization documentation by @pppp606 in #1252
Fix custom-functions.mdx confusion by @oswy-cpu in #1256
Fix: Remove unnecessary await from _verified_api_keys by @BurnyCoder in #1259
Fix: resolve undefined response variable in Deepseek model raw tool calling by @zsjie in #1269
Fix Azure OpenAI example by disabling memory feature by @mathisarends-viadee in #1279
Make default config safer by only exposing CDP on localhost and keeping browser security enabled by @pirate in #1288
fix: increment consecutive_failure on every step error by @john-rtr in #1277
[bug][multi_act] Detect index change caused by page change in multi_act by @AlinJiang in #945
Fix: Add sameSite cookie validation and auto-correction by @dipfocus in #1045
custom browser addition by @lorenss-m in #1290
Update extraction branch by @gregpr07 in #1296
Migrate ProxySettings & BrowserContextWindowSize to pydantic models + fix bugs where code was expecting dicts by @pirate in #1300
[Mem0] Fix issue related to memory not working with other llms expect OpenAI LLMs by @deshraj in #1333
Fix failing tests in test_browser.py by @soeffing in #1330
Fix prompt variable syntax: replace {{max_actions}} with {max_actions} by @koreng-nimble in #1342
Ensure element handle is visible before trying to scroll into view by @LarsenCundric in #1339
Heavy improvements to extraction layer by @gregpr07 in #1323
evals: more models for evals by @Parth220 in #1372
Fix check_env_variables NoneType has no .strip() error by @pirate in #1383
Fix: incorrect config type in BrowserContext instantiation by @azhengzz in #1379
Fix AgentHookFunc type by @Alezander9 in #1370
Update Cloud Docs - Add structured output example by @LarsenCundric in #1394
Add new evaluation script by @Alezander9 in #1395
add grok api key variable by @dha-aa in #1302
Add Novita AI example and documentation by @jasonhp in #1391
add langchain-deepseek as a dependency by @os1rix in #1345
Fix deepseek example: Replace ChatOpenAI with ChatDeepSeek by @azhengzz in #1348
Fix non-alphabet character rendering issues in gif picture by @asasasasasbc in #1368
Fixed the project requirements - Added sentence-transformers in pyproject.toml by @predator4hack in #1364
fix config merging between BrowserConfig and BrowserContextConfig in Browser.new_context by @pirate in #1396
Add logging of total tokens used to facilitate cost calculation by @pppp606 in #973
update example tool call by @Alezander9 in #1229
Assign playwright if successful start prior to browser initialization by @zacka026 in #1352
Fix web_voyager_agent.py example by @soeffing in #1347
Improve _verify_llm_connection logging on startup by @pirate in #1398
auto-disable use_vision for deepseek models by @pirate in #1399

New Contributors

@Varun270 made their first contribution in #829
@iloveitaly made their first contribution in #790
@Strajk made their first contribution in #851
@dsomel21 made their first contribution in #909
@shudaizi1989 made their first contribution in #901
@Eshwar1212-maker made their first contribution in #898
@codenoid made their first contribution in #996
@guybensimhon1 made their first contribution in #959
@cloudcarver made their first contribution in #1038
@siddhantsomani made their first contribution in #1036
@pirate made their first contribution in #1101
@Anshdeep-Singh made their first contribution in #1096
@lynnzc made their first contribution in #1083
[@KazuhitoT](https://redi

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

codesandbox · 2025-05-05T22:22:17Z

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders

Open Preview

bolt-new-by-stackblitz · 2025-05-05T22:22:17Z

Run & review this pull request in StackBlitz Codeflow.

sourcery-ai · 2025-05-05T22:22:19Z

Reviewer's Guide

This pull request updates the browser-use dependency from version 0.1.23 to 0.1.45 by modifying the requirements.txt file. This update addresses a security vulnerability (CVE-2025-47241) in the allowed_domains feature.

Class Diagram: Update to BrowserContextConfig in browser-use v0.1.45

classDiagram
    class BrowserContextConfig_Old {
        <<Deprecated v0.1.45>>
        +browser_window_size: BrowserContextWindowSize
        +allowed_domains: list[str] | None
        +...
    }
    note for BrowserContextConfig_Old "Represents the configuration before v0.1.45"

    class BrowserContextConfig_New {
        <<Introduced v0.1.45>>
        +window_width: int
        +window_height: int
        +allowed_domains: list[str] | None
        +...
    }
    note for BrowserContextConfig_New "Represents the configuration from v0.1.45 onwards.\nSecurity fix applied to allowed_domains logic."

File-Level Changes

Change	Details	Files
Updated `browser-use` dependency to version 0.1.45.	Modified the version constraint in `requirements.txt`. Incorporated security fix for CVE-2025-47241 related to URL parsing bypass in `allowed_domains`. Introduced breaking change: `BrowserWindowContextSize` object removed, replaced by flat attributes `window_width` and `window_height` in `BrowserContextConfig`. Included various other features, bug fixes, and refactoring from `browser-use` versions 0.1.24 through 0.1.45 (refer to release notes for details).	`apps/browser-agent/requirements.txt`

Tips and commands

Interacting with Sourcery

Trigger a new review: Comment @sourcery-ai review on the pull request.
Continue discussions: Reply directly to Sourcery's review comments.
Generate a GitHub issue from a review comment: Ask Sourcery to create an
issue from a review comment by replying to it. You can also reply to a
review comment with @sourcery-ai issue to create an issue from it.
Generate a pull request title: Write @sourcery-ai anywhere in the pull
request title to generate a title at any time. You can also comment
@sourcery-ai title on the pull request to (re-)generate the title at any time.
Generate a pull request summary: Write @sourcery-ai summary anywhere in
the pull request body to generate a PR summary at any time exactly where you
want it. You can also comment @sourcery-ai summary on the pull request to
(re-)generate the summary at any time.
Generate reviewer's guide: Comment @sourcery-ai guide on the pull
request to (re-)generate the reviewer's guide at any time.
Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
pull request to resolve all Sourcery comments. Useful if you've already
addressed all the comments and don't want to see them anymore.
Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
request to dismiss all existing Sourcery reviews. Especially useful if you
want to start fresh with a new review - don't forget to comment
@sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

Enable or disable review features such as the Sourcery-generated pull request
summary, the reviewer's guide, and others.
Change the review language.
Add, remove or edit custom review instructions.
Adjust other review settings.

Getting Help

Contact our support team for questions or feedback.
Visit our documentation for detailed guides and information.
Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

chore(deps): update dependency browser-use to v0.1.45 [security]

13e9e76

pull-request-size bot added the size/XS label May 5, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): update dependency browser-use to v0.1.45 [security] #168

chore(deps): update dependency browser-use to v0.1.45 [security] #168

Uh oh!

renovate bot commented May 5, 2025 •

edited

Loading

Uh oh!

codesandbox bot commented May 5, 2025

Uh oh!

bolt-new-by-stackblitz bot commented May 5, 2025

Uh oh!

sourcery-ai bot commented May 5, 2025 •

edited

Loading

Interacting with Sourcery

Customizing Your Experience

Getting Help

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

chore(deps): update dependency browser-use to v0.1.45 [security] #168

Are you sure you want to change the base?

chore(deps): update dependency browser-use to v0.1.45 [security] #168

Uh oh!

Conversation

renovate bot commented May 5, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

GitHub Vulnerability Alerts

CVE-2025-47241

Summary

Details

Proof of Concept (PoC)

Impact

Release Notes

v0.1.45

What's Changed

New Contributors

v0.1.43

What's Changed

New Contributors

v0.1.42

What's Changed

New Contributors

v0.1.41

Better browser launching, more elements detected, improved logging, config, and much more...

🛠️ What's Changed

New Contributors

Configuration

Uh oh!

codesandbox bot commented May 5, 2025

Review or Edit in CodeSandbox

Uh oh!

bolt-new-by-stackblitz bot commented May 5, 2025

Uh oh!

sourcery-ai bot commented May 5, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Reviewer's Guide

Class Diagram: Update to BrowserContextConfig in browser-use v0.1.45

File-Level Changes

Interacting with Sourcery

Customizing Your Experience

Getting Help

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

renovate bot commented May 5, 2025 •

edited

Loading

`v0.1.45`

`v0.1.43`

`v0.1.42`

`v0.1.41`

sourcery-ai bot commented May 5, 2025 •

edited

Loading