RepoJournal
Anthropic

@anthropics

Claude SDKs and developer tooling

Pick a date

  1. Fri 1 may
  2. Sat 2 may
  3. Sun 3 may
  4. Mon 4 may
  5. Tue 5 may
  6. Wed 6 may
  7. Thu 7 may
  8. Fri 8 may
  9. Sat 9 may
  10. Sun 10 may
  11. Tue 12 may
  12. Wed 13 may
  13. Thu 14 may
  14. Sat 16 may
  15. Sun 17 may
  16. Tue 19 may
  17. Wed 20 may
  18. Thu 21 may
  19. Sat 23 may
  20. Mon 25 may
  21. Tue 26 may
  22. Thu 28 may
  23. Fri 29 may
  24. Sat 30 may
  25. Sun 31 may
  26. Mon 1 jun
  27. Mon 8 jun
  28. Tue 9 jun
  29. Today 10 jun

The Wire · Showcase

ANTHROPIC KILLS STATIC API KEYS ACROSS THE STACK

By RepoJournal · Filed · About Anthropic

Every major Anthropic repository has switched from long-lived API key secrets to Workload Identity Federation, eliminating the attack surface that's haunted CI/CD pipelines for years.

The shift is coordinated across five repositories: claude-agent-sdk-python [1], claude-code-action [2], claude-code [3], claude-agent-sdk-typescript [4], and their supporting codebases. Each now exchanges GitHub's OIDC token for short-lived Claude API credentials at runtime, meaning no static secret lives in repository settings anymore. This is infrastructure-grade security work, the kind that makes senior engineers sleep better. The claude-code v2.1.149 release [5] adds the `/usage` command with per-category breakdowns (skills, subagents, plugins, MCP-server costs) and keyboard navigation for diff views. Agent SDK versions 0.3.150 [7] and 0.3.149 [8] shipped in sync, with the latter fixing an environment variable regression that was dropping `CLAUDE_AGENT_SDK_VERSION` from subprocess contexts. Claude Code v2.1.150 [6] landed with infrastructure improvements. The federation rollout is complete across all automation workflows; there's no half-measure here.

Action items

References

  1. [1] Use workload identity federation for Claude auth in CI workflows (#984) anthropics/claude-agent-sdk-python
  2. [2] Use workload identity federation for Claude auth in CI workflows ↗ anthropics/claude-code-action
  3. [3] Use workload identity federation for Claude auth in CI workflows ↗ anthropics/claude-code
  4. [4] Use workload identity federation for Claude auth in issue triage ↗ anthropics/claude-agent-sdk-typescript
  5. [5] v2.1.149 ↗ anthropics/claude-code
  6. [6] v2.1.150 ↗ anthropics/claude-code
  7. [7] v0.3.150 ↗ anthropics/claude-agent-sdk-typescript
  8. [8] v0.3.149 ↗ anthropics/claude-agent-sdk-typescript

FAQ

What changed in Anthropic on May 23, 2026?
Every major Anthropic repository has switched from long-lived API key secrets to Workload Identity Federation, eliminating the attack surface that's haunted CI/CD pipelines for years.
What should Anthropic teams do about it?
Review your own CI/CD workflows for static API keys and plan migration to workload identity federation • Update claude-agent-sdk-python to 0.2.87 and claude-agent-sdk-typescript to 0.3.150 • Verify your enterprise claude-code instance supports the new allowAllClaudeAiMcps managed setting if you're using cloud MCP connectors
Which Anthropic repositories shipped on May 23, 2026?
anthropics/claude-agent-sdk-python, anthropics/claude-code-action, anthropics/claude-code, anthropics/claude-agent-sdk-typescript

Related across the cluster

For your repos

The showcase is a teaser.
Your wire is the product.

Same engine. Different stack. Below: what changes when the wire is yours.

Showcase wire

  • 14 famous open source orgs
  • One wire per day
  • Public, generic
  • Read on the web, when you remember

Your wire

  • Up to 1,500 of your repos - orgs, deps, vendors
  • Morning and evening briefs
  • Action items routed to your team
  • Slack delivery, email, breaking-news CVE alerts

Want a hands-on demo first? Ask a current user for an invite link.