@ai-sdk/anthropic
The **[Anthropic provider](https://ai-sdk.dev/providers/ai-sdk-providers/anthropic)** for the [AI SDK](https://ai-sdk.dev/docs) contains language model support for the [Anthropic Messages API](https://docs.anthropic.com/claude/reference/messages_post).
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| semgrep | semgrep:base64-decode | AI (semgrep): Base64 decoding in this SDK is used to convert binary content (e.g., images) passed to the Anthropic API. This is standard, documented behavior for an AI provider SDK — not a malicious payload pattern. | ai | |
| provenance | publisher-changed | AI (provenance): Transition from jaredpalmer to vercel-release-bot is Vercel's standard CI/CD publish pattern; bot has 403 approved packages and 1528-day history. | ai | |
| provenance | missing-githead | AI (provenance): Consequence of moving to vercel-release-bot CI/CD pipeline; not a security concern for this well-established Vercel package. | ai | |
| npm-metadata | suspicious-initial-version | AI (npm-metadata): The @ai-sdk monorepo uses 0.0.0 as a standard placeholder version across all its packages. This is a known pattern for this publisher, not a malicious signal. | ai | |
| source-diff | large-new-source-files | AI (source-diff): 40 new files reflect major version feature growth in a public GitHub monorepo; files are source maps, bundles, and TypeScript sources — no suspicious content. | ai | |
| maintainer-change | maintainer-removed | AI (maintainer-change): jaredpalmer stepping back from active SDK maintenance is consistent with known Vercel team changes; no compromise indicators. | ai | |
| source-diff | source-size-tripled | AI (source-diff): Size increase from v1.1.7 to v3.0.59 spans two major versions with substantial feature additions; no obfuscation or injection signals present. | ai | |
| maintainer-change | maintainer-added | AI (maintainer-change): New maintainers (matheuss, matt.straka) are Vercel engineers; publisher remains vercel-release-bot. Normal team evolution, not a takeover. | ai | |
| provenance | no-provenance | AI (provenance): vercel-release-bot is a well-established publisher with 1296 approved packages; lack of Sigstore provenance is not a meaningful risk signal here. | ai | |
| dependencies | unvetted-dep:@ai-sdk/provider-utils | AI (dependencies): @ai-sdk/provider-utils is a first-party Vercel AI SDK package from the same monorepo; stable false positive for this package. | ai |
Versions (showing 100 of 298)
| Version | Deps | Published |
|---|---|---|
| 4.0.15 | 2 / 6 | |
| 4.0.14 | 2 / 6 | |
| 4.0.12 | 2 / 6 | |
| 4.0.11 | 2 / 6 | |
| 4.0.10 | 2 / 6 | |
| 4.0.9 | 2 / 6 | |
| 4.0.8 | 2 / 6 | |
| 4.0.7 | 2 / 6 | |
| 4.0.6 | 2 / 6 | |
| 4.0.5 | 2 / 6 | |
| 4.0.4 | 2 / 6 | |
| 4.0.3 | 2 / 6 | |
| 4.0.2 | 2 / 6 | |
| 4.0.1 | 2 / 6 | |
| 4.0.0 | 2 / 6 | |
| 3.0.97 | 2 / 6 | |
| 3.0.96 | 2 / 6 | |
| 3.0.95 | 2 / 6 | |
| 3.0.94 | 2 / 6 | |
| 3.0.93 | 2 / 6 | |
| 3.0.92 | 2 / 6 | |
| 3.0.91 | 2 / 6 | |
| 3.0.90 | 2 / 6 | |
| 3.0.89 | 2 / 6 | |
| 3.0.88 | 2 / 6 | |
| 3.0.87 | 2 / 6 | |
| 3.0.86 | 2 / 6 | |
| 3.0.85 | 2 / 6 | |
| 3.0.84 | 2 / 6 | |
| 3.0.83 | 2 / 6 | |
| 3.0.82 | 2 / 6 | |
| 3.0.81 | 2 / 6 | |
| 3.0.80 | 2 / 6 | |
| 3.0.79 | 2 / 6 | |
| 3.0.78 | 2 / 6 | |
| 3.0.77 | 2 / 6 | |
| 3.0.76 | 2 / 6 | |
| 3.0.75 | 2 / 6 | |
| 3.0.74 | 2 / 6 | |
| 3.0.73 | 2 / 6 | |
| 3.0.72 | 2 / 6 | |
| 3.0.71 | 2 / 6 | |
| 3.0.70 | 2 / 6 | |
| 3.0.69 | 2 / 6 | |
| 3.0.68 | 2 / 6 | |
| 3.0.67 | 2 / 6 | |
| 3.0.66 | 2 / 6 | |
| 3.0.65 | 2 / 6 | |
| 3.0.64 | 2 / 6 | |
| 3.0.63 | 2 / 6 | |
| 3.0.62 | 2 / 6 | |
| 3.0.61 | 2 / 6 | |
| 3.0.60 | 2 / 6 | |
| 3.0.59 | 2 / 6 | |
| 3.0.58 | 2 / 6 | |
| 3.0.57 | 2 / 6 | |
| 3.0.56 | 2 / 6 | |
| 3.0.55 | 2 / 6 | |
| 3.0.54 | 2 / 6 | |
| 3.0.53 | 2 / 6 | |
| 3.0.52 | 2 / 6 | |
| 3.0.51 | 2 / 6 | |
| 3.0.50 | 2 / 6 | |
| 3.0.49 | 2 / 6 | |
| 3.0.48 | 2 / 6 | |
| 3.0.47 | 2 / 6 | |
| 3.0.46 | 2 / 6 | |
| 3.0.45 | 2 / 6 | |
| 3.0.44 | 2 / 6 | |
| 3.0.43 | 2 / 6 | |
| 3.0.42 | 2 / 6 | |
| 3.0.41 | 2 / 6 | |
| 3.0.40 | 2 / 6 | |
| 3.0.39 | 2 / 6 | |
| 3.0.38 | 2 / 6 | |
| 3.0.37 | 2 / 6 | |
| 3.0.36 | 2 / 6 | |
| 3.0.35 | 2 / 6 | |
| 3.0.34 | 2 / 6 | |
| 3.0.33 | 2 / 6 | |
| 3.0.32 | 2 / 6 | |
| 3.0.31 | 2 / 6 | |
| 3.0.30 | 2 / 6 | |
| 3.0.29 | 2 / 6 | |
| 3.0.28 | 2 / 6 | |
| 3.0.27 | 2 / 6 | |
| 3.0.26 | 2 / 6 | |
| 3.0.25 | 2 / 6 | |
| 3.0.24 | 2 / 6 | |
| 3.0.23 | 2 / 6 | |
| 3.0.22 | 2 / 6 | |
| 3.0.21 | 2 / 6 | |
| 3.0.20 | 2 / 6 | |
| 3.0.19 | 2 / 6 | |
| 3.0.18 | 2 / 6 | |
| 3.0.17 | 2 / 6 | |
| 3.0.16 | 2 / 6 | |
| 3.0.15 | 2 / 6 | |
| 3.0.14 | 2 / 6 | |
| 3.0.13 | 2 / 6 |
v4.0.15
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.14
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.12
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.11
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.10
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.9
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.8
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.7
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.6
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.0.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.97
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.96
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.95
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.94
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.93
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.92
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.91
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.90
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.89
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.88
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.87
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.86
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.85
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.84
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.83
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.82
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.81
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.80
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.79
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.0.76
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.