Anthropic SDK 0.105.1 and 0.105.2: PyPI Trusted Publishing Hotfix

Anthropic shipped two patch releases on May 29, 2026 — v0.105.1 and v0.105.2 — within hours of each other. Both are CI plumbing fixes with zero consumer-facing behavioral changes. The short version: a missing id-token: write permission in the GitHub Actions publish job broke PyPI Trusted Publishing mid-flight, and v0.105.2 is the corrected artifact. If you are on v0.105.0 or v0.105.2, you are fine.

What Triggered Back-to-Back Patches on May 29

v0.105.0 shipped on May 28, 2026, adding the claude-opus-4-8 model constant and three developer-facing API additions to the Anthropic Python SDK . Within 24 hours, the team cut v0.105.1 with a single internal commit: migrate the PyPI publish workflow to Trusted Publishing (OIDC) . The change had no effect on library consumers — it only touched how the package reaches PyPI.

The problem: Trusted Publishing via OIDC requires the GitHub Actions job to explicitly declare id-token: write in its permissions block. v0.105.1 added the OIDC configuration but omitted that grant. The publish step broke immediately. The same day, @dtmeadows-ant opened PR #1837, which spans 5 changed files and adds the missing permission, producing v0.105.2 . v0.105.2 is the authoritative published artifact for the 0.105.x series.

PyPI Trusted Publishing and the OIDC Credential Shift

PyPI Trusted Publishing replaces long-lived API tokens with short-lived OIDC identity tokens minted by GitHub Actions at publish time . No persistent secret sits in the repository or environment — the token exists only for the duration of the publish job, then expires. For any project that depends on the Anthropic SDK, this reduces the supply-chain attack surface that comes with a stolen or rotated PyPI token.

Anthropic's release automation runs through the Stainless code-generation bot (@stainless-app[bot]). The v0.105.1 commit was migrating that bot's PyPI authentication path from token-based to OIDC. A valid OIDC-based publish job requires two explicit additions in the CI spec: an environment: pypi declaration (which ties the job to a named environment configured on PyPI's side) and permissions: id-token: write in the job block (which instructs GitHub Actions to mint and expose an OIDC token to the runner). The first was present; the second was not .

"Trusted publishing is the most secure way to publish to PyPI from automation. It removes the need to store long-lived credentials anywhere, because the token is minted on-demand from the OIDC provider's identity claims." — PyPI Trusted Publishers documentation

The fix is minimal — a one-liner permissions addition in the workflow YAML — but its absence is a hard blocker: GitHub Actions will not expose an OIDC token to a job that does not explicitly request write access, and PyPI will reject an upload that lacks a valid token. The rapid turnaround from v0.105.1 to v0.105.2 reflects how tight the feedback loop is when a CI step fails immediately on a publish attempt.

Why v0.105.1 Does Not Appear in Your pip History

v0.105.1 is absent from the pypi.org release listing. The most likely explanation: the publish job either failed before the upload completed, or the artifact was yanked before it could be indexed. In practice, pip install anthropic==0.105.1 returns "No matching distribution found" in most environments .

PyPI distinguishes between yanked releases (hidden from the default resolver but still installable if pinned explicitly) and deleted releases (unresolvable under any circumstances). The practical outcome here is the same in either case: do not pin anthropic==0.105.1. If any lockfile, Docker layer, or requirements file captured that version during the brief window on May 29, replace it with anthropic==0.105.2 before deploying. v0.105.2 is the complete, correctly uploaded artifact for this patch series .

Opus 4.8 Behavioral Constraints Worth Handling

The SDK changes are inert, but claude-opus-4-8 itself introduces several breaking-adjacent behaviors. The most immediate: temperature, top_p, and top_k at non-default values return HTTP 400 . Any existing wrapper that sets sampling parameters against Opus 4.7 and targets Opus 4.8 without stripping those fields will fail on the first request.

Effort defaults to high across all surfaces, including the Messages API and Claude Code. Wrappers that relied on a lower implicit default will see increased latency and cost. Set effort explicitly if your application has latency or cost constraints. Refusal categories now appear in stop_details when the model declines a request, which enables application-level routing on refusal type rather than catching an opaque stop reason .

"Opus 4.8 adaptive thinking fires per-turn only when the request requires it — significantly reducing wasted reasoning tokens compared to Opus 4.7 at the same effort level." — Anthropic Platform Release Notes

Prompt cache minimum is lowered to 1,024 tokens . Shorter system prompts now qualify for caching without artificial padding — a small but useful change for applications with compact instructions.

Adaptive Reasoning and the Fast Preview Tier

Adaptive thinking in Opus 4.8 fires per-turn only when the request actually requires it, rather than always reasoning at a fixed depth . In practice this reduces wasted reasoning overhead on simpler turns within an agentic loop — a meaningful cost and latency improvement for workflows that mix light and heavy tasks in the same session.

Fast preview is a research-preview tier available on the Claude API only. It runs at approximately 2.5× standard speed, priced at $10/$50 per million input/output tokens — three times cheaper than Fast mode was on prior models . Standard pricing is unchanged at $5/$25 per million tokens. Fast preview is not available on Claude.ai or other surfaces.

Benchmark deltas versus Opus 4.7: agentic coding 64.3% → 69.2%, multidisciplinary reasoning with tools 54.7% → 57.9%, knowledge work score 1,753 → 1,890, agentic financial analysis 51.5% → 53.9% . These improvements are in the model, not the SDK — they apply regardless of which SDK version you use, as long as you are calling claude-opus-4-8.

How to Confirm You Are on v0.105.2

Run pip show anthropic. The Version field must read 0.105.2. Any environment showing 0.105.1 holds an unreliable artifact — reinstall.

Pin explicitly in your dependency file:

# requirements.txt
anthropic==0.105.2

# pyproject.toml
anthropic = "==0.105.2"

Verify your lock file reflects this before deploying. No application code changes are required — consumer-facing behavior is identical to v0.105.0 . Re-lock and rebuild any Docker images or virtual environments that may have captured a 0.105.1 reference during the brief publish window on May 29.

Frequently Asked Questions

Do I need to change any code when upgrading from 0.105.0 to 0.105.2?

No code changes are required. v0.105.1 and v0.105.2 only modify the CI publish workflow — neither alters library behavior, public API surface, or model interactions. Consumer-facing behavior of the SDK is identical to v0.105.0. The only action needed is confirming your environment resolves to 0.105.2 rather than the broken 0.105.1 artifact.

Why is v0.105.1 missing from PyPI?

The GitHub Actions publish job in v0.105.1 was missing the id-token: write permission required for OIDC-based Trusted Publishing. This caused the publish step to fail before or immediately after upload. PyPI never fully indexed the artifact. Running pip install anthropic==0.105.1 will return "No matching distribution found" in most environments. Pin to anthropic==0.105.2 instead.

What is PyPI Trusted Publishing and why does it matter?

PyPI Trusted Publishing is an OIDC-based mechanism that eliminates long-lived API secrets from the package publishing workflow. Instead of storing a PyPI token in a repository secret, the CI job requests a short-lived identity token from GitHub Actions at publish time — that token is scoped, expires after the job, and is never written to disk or logs. For downstream consumers, this reduces the risk of a supply-chain compromise triggered by a stolen or leaked PyPI credential in the Anthropic SDK's release pipeline.

What happens if I pass temperature or top_p to claude-opus-4-8?

The API returns HTTP 400 immediately. This is the same restriction that applied to Opus 4.7. The model does not accept non-default values for temperature, top_p, or top_k. Remove those parameters from any request body that targets claude-opus-4-8. If your code passes them conditionally, add an explicit guard on model name before the request is dispatched.

Is the Fast preview available through the Python SDK on 0.105.2?

Yes — the SDK supports Fast preview as of v0.105.0, and v0.105.2 carries the same support. However, Fast preview is a Claude API-only feature in its current research state. It is not available on Claude.ai or other surfaces. If you are calling the model through a third-party integration or Claude.ai, Fast preview will not be accessible regardless of SDK version.

What to Watch Next

The two hotfixes resolve cleanly — there is no lingering instability in the 0.105.x series. v0.105.2 is stable and correctly published. The OIDC migration itself is complete; future releases from @stainless-app[bot] will use Trusted Publishing without repeating this issue.

The higher-priority item for most developers is the Opus 4.8 behavioral constraints: sampling parameter restrictions and the high effort default are the most likely sources of unexpected failures or cost spikes in existing integrations. Audit any wrapper that sets temperature, top_p, or top_k, and decide explicitly whether you want effort: "high" or a lower value before switching to the new model constant.

Fast preview pricing at $10/$50 per million tokens — three times cheaper than the prior Fast tier — makes it worth evaluating for latency-sensitive agentic pipelines on the Claude API. Monitor Anthropic's release notes for when Fast preview exits research state and becomes generally available across surfaces.

Last updated: 2026-05-29. Based on the v0.105.2 release on GitHub, the Anthropic platform release notes, and PyPI registry state as of May 29, 2026.