From 72e4ace0bbe12ecb3b7cd3cf9ff946ce3225f9a6 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 17 Jun 2026 06:25:27 +0000 Subject: [PATCH] Version Packages --- .changeset/audit-advisory-bumps.md | 19 --------------- .changeset/blocked-message-status.md | 19 --------------- examples/nextjs-basic/CHANGELOG.md | 7 ++++++ examples/nextjs-basic/package.json | 2 +- examples/node-basic/CHANGELOG.md | 7 ++++++ examples/node-basic/package.json | 2 +- packages/cli/CHANGELOG.md | 36 ++++++++++++++++++++++++++++ packages/cli/package.json | 2 +- packages/sdk/CHANGELOG.md | 18 ++++++++++++++ packages/sdk/package.json | 2 +- 10 files changed, 72 insertions(+), 42 deletions(-) delete mode 100644 .changeset/audit-advisory-bumps.md delete mode 100644 .changeset/blocked-message-status.md diff --git a/.changeset/audit-advisory-bumps.md b/.changeset/audit-advisory-bumps.md deleted file mode 100644 index fd1e5da..0000000 --- a/.changeset/audit-advisory-bumps.md +++ /dev/null @@ -1,19 +0,0 @@ ---- -"@senderkit/cli": patch ---- - -Resolve `pnpm audit` advisories by bumping vulnerable transitive dependencies. - -- **`hono`** → `>=4.12.25` (pnpm override). Pulled in at runtime via - `@modelcontextprotocol/sdk`; clears 5 advisories (GHSA-wwfh-h76j-fc44, - GHSA-j6c9-x7qj-28xf, GHSA-rv63-4mwf-qqc2, GHSA-wgpf-jwqj-8h8p, - GHSA-88fw-hqm2-52qc). -- **`js-yaml`** → `>=4.2.0` (pnpm override). Dev-only, via `@changesets/cli` - (GHSA-h67p-54hq-rp68). -- **`vite`** → `^8.0.16`, pinned as a direct devDependency in the three - test packages. Dev-only, via `vitest` (GHSA-fx2h-pf6j-xcff, - GHSA-v6wh-96g9-6wx3). An override alone doesn't move it because `vite` is - both a dependency and a peerDependency of `vitest`, so the version is pinned - where the peer is consumed instead. - -`pnpm audit --audit-level=moderate` now reports no known vulnerabilities. diff --git a/.changeset/blocked-message-status.md b/.changeset/blocked-message-status.md deleted file mode 100644 index 733072b..0000000 --- a/.changeset/blocked-message-status.md +++ /dev/null @@ -1,19 +0,0 @@ ---- -"@senderkit/sdk": minor -"@senderkit/cli": patch ---- - -Add the `blocked` message status introduced by the outbound abuse scanner. - -senderkit-app now runs outbound anti-phishing detection over email and SMS -content. A flagged send is halted and the message lands in a new terminal -`blocked` state with a human-readable `blockedReason`. This brings the SDK, -CLI, and MCP surface back in lockstep with the app's `messageStatusEnum`. - -- **`MESSAGE_STATUSES`** now includes `blocked` (between `opted_out` and - `canceled`), mirroring the app enum. The `senderkit_messages_list.status` - MCP/CLI filter is a strict `z.enum(MESSAGE_STATUSES)`, so before this change - it rejected `status: "blocked"` as invalid input — callers can now filter for - blocked messages. -- **`Message.blockedReason`** is documented on the message type (optional - `string | null`), alongside a note that `blocked` is set by the abuse scanner. diff --git a/examples/nextjs-basic/CHANGELOG.md b/examples/nextjs-basic/CHANGELOG.md index 8f4b322..ec3deff 100644 --- a/examples/nextjs-basic/CHANGELOG.md +++ b/examples/nextjs-basic/CHANGELOG.md @@ -1,5 +1,12 @@ # @senderkit-examples/nextjs-basic +## 0.0.11 + +### Patch Changes + +- Updated dependencies [1fe3c66] + - @senderkit/sdk@0.10.0 + ## 0.0.10 ### Patch Changes diff --git a/examples/nextjs-basic/package.json b/examples/nextjs-basic/package.json index 8503357..d32d2c1 100644 --- a/examples/nextjs-basic/package.json +++ b/examples/nextjs-basic/package.json @@ -1,6 +1,6 @@ { "name": "@senderkit-examples/nextjs-basic", - "version": "0.0.10", + "version": "0.0.11", "private": true, "scripts": { "dev": "next dev", diff --git a/examples/node-basic/CHANGELOG.md b/examples/node-basic/CHANGELOG.md index c8511d1..74b269c 100644 --- a/examples/node-basic/CHANGELOG.md +++ b/examples/node-basic/CHANGELOG.md @@ -1,5 +1,12 @@ # @senderkit-examples/node-basic +## 0.0.11 + +### Patch Changes + +- Updated dependencies [1fe3c66] + - @senderkit/sdk@0.10.0 + ## 0.0.10 ### Patch Changes diff --git a/examples/node-basic/package.json b/examples/node-basic/package.json index a77b317..ee4f389 100644 --- a/examples/node-basic/package.json +++ b/examples/node-basic/package.json @@ -1,6 +1,6 @@ { "name": "@senderkit-examples/node-basic", - "version": "0.0.10", + "version": "0.0.11", "private": true, "type": "module", "scripts": { diff --git a/packages/cli/CHANGELOG.md b/packages/cli/CHANGELOG.md index bd1b450..537540c 100644 --- a/packages/cli/CHANGELOG.md +++ b/packages/cli/CHANGELOG.md @@ -1,5 +1,41 @@ # @senderkit/cli +## 0.6.3 + +### Patch Changes + +- 505e36c: Resolve `pnpm audit` advisories by bumping vulnerable transitive dependencies. + - **`hono`** → `>=4.12.25` (pnpm override). Pulled in at runtime via + `@modelcontextprotocol/sdk`; clears 5 advisories (GHSA-wwfh-h76j-fc44, + GHSA-j6c9-x7qj-28xf, GHSA-rv63-4mwf-qqc2, GHSA-wgpf-jwqj-8h8p, + GHSA-88fw-hqm2-52qc). + - **`js-yaml`** → `>=4.2.0` (pnpm override). Dev-only, via `@changesets/cli` + (GHSA-h67p-54hq-rp68). + - **`vite`** → `^8.0.16`, pinned as a direct devDependency in the three + test packages. Dev-only, via `vitest` (GHSA-fx2h-pf6j-xcff, + GHSA-v6wh-96g9-6wx3). An override alone doesn't move it because `vite` is + both a dependency and a peerDependency of `vitest`, so the version is pinned + where the peer is consumed instead. + + `pnpm audit --audit-level=moderate` now reports no known vulnerabilities. + +- 1fe3c66: Add the `blocked` message status introduced by the outbound abuse scanner. + + senderkit-app now runs outbound anti-phishing detection over email and SMS + content. A flagged send is halted and the message lands in a new terminal + `blocked` state with a human-readable `blockedReason`. This brings the SDK, + CLI, and MCP surface back in lockstep with the app's `messageStatusEnum`. + - **`MESSAGE_STATUSES`** now includes `blocked` (between `opted_out` and + `canceled`), mirroring the app enum. The `senderkit_messages_list.status` + MCP/CLI filter is a strict `z.enum(MESSAGE_STATUSES)`, so before this change + it rejected `status: "blocked"` as invalid input — callers can now filter for + blocked messages. + - **`Message.blockedReason`** is documented on the message type (optional + `string | null`), alongside a note that `blocked` is set by the abuse scanner. + +- Updated dependencies [1fe3c66] + - @senderkit/sdk@0.10.0 + ## 0.6.2 ### Patch Changes diff --git a/packages/cli/package.json b/packages/cli/package.json index b85c6f3..32a4a7c 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -1,6 +1,6 @@ { "name": "@senderkit/cli", - "version": "0.6.2", + "version": "0.6.3", "description": "SenderKit command-line interface and MCP server — send notifications and inspect templates/messages from your terminal or AI assistant.", "license": "MIT", "homepage": "https://github.com/senderkit/senderkit-sdk#readme", diff --git a/packages/sdk/CHANGELOG.md b/packages/sdk/CHANGELOG.md index 712c5ac..18e10c5 100644 --- a/packages/sdk/CHANGELOG.md +++ b/packages/sdk/CHANGELOG.md @@ -1,5 +1,23 @@ # @senderkit/sdk +## 0.10.0 + +### Minor Changes + +- 1fe3c66: Add the `blocked` message status introduced by the outbound abuse scanner. + + senderkit-app now runs outbound anti-phishing detection over email and SMS + content. A flagged send is halted and the message lands in a new terminal + `blocked` state with a human-readable `blockedReason`. This brings the SDK, + CLI, and MCP surface back in lockstep with the app's `messageStatusEnum`. + - **`MESSAGE_STATUSES`** now includes `blocked` (between `opted_out` and + `canceled`), mirroring the app enum. The `senderkit_messages_list.status` + MCP/CLI filter is a strict `z.enum(MESSAGE_STATUSES)`, so before this change + it rejected `status: "blocked"` as invalid input — callers can now filter for + blocked messages. + - **`Message.blockedReason`** is documented on the message type (optional + `string | null`), alongside a note that `blocked` is set by the abuse scanner. + ## 0.9.0 ### Minor Changes diff --git a/packages/sdk/package.json b/packages/sdk/package.json index 2db1c07..bd2268a 100644 --- a/packages/sdk/package.json +++ b/packages/sdk/package.json @@ -1,6 +1,6 @@ { "name": "@senderkit/sdk", - "version": "0.9.0", + "version": "0.10.0", "description": "Official TypeScript SDK for SenderKit — notification infrastructure for modern SaaS apps.", "license": "MIT", "homepage": "https://github.com/senderkit/senderkit-sdk#readme",