browser-use 0.6.1 → 0.7.0

package/README.md

@@ -125,23 +125,24 @@ npx browser-use --mcp
 
 ## 🔌 LLM Providers
 
-| Provider          | Import                        | Vision | Notes                                         |
-| ----------------- | ----------------------------- | ------ | --------------------------------------------- |
-| **OpenAI**        | `browser-use/llm/openai`      | ✅     | Default provider, reasoning models (o1/o3/o4) |
-| **Anthropic**     | `browser-use/llm/anthropic`   | ✅     | Prompt caching support                        |
-| **Google Gemini** | `browser-use/llm/google`      | ✅     | Extended thinking support                     |
-| **Azure OpenAI**  | `browser-use/llm/azure`       | ✅     | Enterprise deployment                         |
-| **AWS Bedrock**   | `browser-use/llm/aws`         | ✅     | Claude via AWS                                |
-| **Groq**          | `browser-use/llm/groq`        | ❌     | Fastest inference                             |
-| **Ollama**        | `browser-use/llm/ollama`      | ❌     | Local/self-hosted models                      |
-| **DeepSeek**      | `browser-use/llm/deepseek`    | ❌     | Cost-effective                                |
-| **OpenRouter**    | `browser-use/llm/openrouter`  | Varies | Multi-model routing                           |
-| **Mistral**       | `browser-use/llm/mistral`     | Varies | Mistral models                                |
-| **Cerebras**      | `browser-use/llm/cerebras`    | ❌     | Fast inference                                |
-| **Browser Use**   | `browser-use/llm/browser-use` | Varies | Hosted Browser Use LLM                        |
-| **LiteLLM**       | `browser-use/llm/litellm`     | Varies | OpenAI-compatible LiteLLM gateway             |
-| **OCI Raw**       | `browser-use/llm/oci-raw`     | Varies | Oracle Cloud Generative AI                    |
-| **Vercel**        | `browser-use/llm/vercel`      | Varies | Vercel AI Gateway / routed models             |
+| Provider          | Import                        | Vision | Notes                                           |
+| ----------------- | ----------------------------- | ------ | ----------------------------------------------- |
+| **OpenAI**        | `browser-use/llm/openai`      | ✅     | Default provider, reasoning models (o1/o3/o4)   |
+| **Codex**         | `browser-use/llm/codex`       | ✅     | Experimental ChatGPT/Codex OAuth provider       |
+| **Anthropic**     | `browser-use/llm/anthropic`   | ✅     | Prompt caching support                          |
+| **Google Gemini** | `browser-use/llm/google`      | ✅     | Extended thinking support                       |
+| **Azure OpenAI**  | `browser-use/llm/azure`       | ✅     | Enterprise deployment                           |
+| **AWS Bedrock**   | `browser-use/llm/aws`         | ✅     | Claude via AWS                                  |
+| **Groq**          | `browser-use/llm/groq`        | ❌     | Fastest inference                               |
+| **Ollama**        | `browser-use/llm/ollama`      | ❌     | Local/self-hosted models                        |
+| **DeepSeek**      | `browser-use/llm/deepseek`    | ❌     | Cost-effective                                  |
+| **OpenRouter**    | `browser-use/llm/openrouter`  | Varies | Multi-model routing                             |
+| **Mistral**       | `browser-use/llm/mistral`     | Varies | Mistral models                                  |
+| **Cerebras**      | `browser-use/llm/cerebras`    | ❌     | Fast inference                                  |
+| **Browser Use**   | `browser-use/llm/browser-use` | Varies | Hosted Browser Use LLM                          |
+| **LiteLLM**       | `browser-use/llm/litellm`     | Varies | OpenAI-compatible LiteLLM gateway               |
+| **OCI Raw**       | `browser-use/llm/oci-raw`     | Varies | Oracle Cloud Generative AI                      |
+| **Vercel**        | `browser-use/llm/vercel`      | Varies | Vercel AI Gateway / routed models               |
 
 <details>
 <summary>Provider examples</summary>
@@ -171,6 +172,11 @@ const llm = new ChatOllama('llama3', 'http://localhost:11434');
 
 // OpenAI Reasoning Models
 const llm = new ChatOpenAI({ model: 'o3-mini', reasoningEffort: 'medium' });
+
+// Codex OAuth provider (experimental)
+// First run: npx browser-use auth codex login
+import { ChatCodex } from 'browser-use/llm/codex';
+const codexLlm = new ChatCodex({ model: 'gpt-5.5' });
 ```
 
 </details>
@@ -359,7 +365,7 @@ Core MCP tools include `retry_with_browser_use_agent`, `browser_navigate`, `brow
 - **Sensitive Data Masking** — Credentials are automatically masked in logs and LLM context
 - **Domain Restrictions** — Lock browser navigation to trusted domains
 - **Domain-scoped Secrets** — Credentials are only injected on matching domains
-- **Hard Safety Gate** — `sensitive_data` requires `allowed_domains` by default
+- **Sensitive Data Warning** — Browser-Use warns when `sensitive_data` is used without `allowed_domains`
 - **Chromium Sandbox** — Enabled by default for production security
 
 ```typescript

package/dist/actor/element.js

@@ -18,7 +18,14 @@ export class Element {
         if (!locator?.hover) {
             return;
         }
-        await locator.hover({ timeout: 5000 });
+        const page = await this.browser_session.get_current_page();
+        await this.browser_session.validate_page_after_action(page);
+        try {
+            await locator.hover({ timeout: 5000 });
+        }
+        finally {
+            await this.browser_session.validate_page_after_action(page);
+        }
     }
     async get_attribute(name) {
         return this.node.attributes?.[name] ?? null;
@@ -28,7 +35,14 @@ export class Element {
         if (!locator?.boundingBox) {
             return null;
         }
-        return locator.boundingBox();
+        const page = await this.browser_session.get_current_page();
+        await this.browser_session.validate_page_after_action(page);
+        try {
+            return await locator.boundingBox();
+        }
+        finally {
+            await this.browser_session.validate_page_after_action(page);
+        }
     }
     async select_option(values) {
         const list = Array.isArray(values) ? values : [values];
@@ -41,6 +55,13 @@ export class Element {
         if (!locator?.evaluate) {
             throw new Error('Element evaluate is unavailable for this node');
         }
-        return locator.evaluate(page_function, ...args);
+        const page = await this.browser_session.get_current_page();
+        await this.browser_session.validate_page_after_action(page);
+        try {
+            return await locator.evaluate(page_function, ...args);
+        }
+        finally {
+            await this.browser_session.validate_page_after_action(page);
+        }
     }
 }

package/dist/actor/mouse.js

@@ -20,20 +20,38 @@ export class Mouse {
         if (!page?.mouse?.move) {
             return;
         }
-        await page.mouse.move(x, y);
+        await this.browser_session.validate_page_after_action(page);
+        try {
+            await page.mouse.move(x, y);
+        }
+        finally {
+            await this.browser_session.validate_page_after_action(page);
+        }
     }
     async down(options = {}) {
         const page = await this._page();
         if (!page?.mouse?.down) {
             return;
         }
-        await page.mouse.down({ button: options.button ?? 'left' });
+        await this.browser_session.validate_page_after_action(page);
+        try {
+            await page.mouse.down({ button: options.button ?? 'left' });
+        }
+        finally {
+            await this.browser_session.validate_page_after_action(page);
+        }
     }
     async up(options = {}) {
         const page = await this._page();
         if (!page?.mouse?.up) {
             return;
         }
-        await page.mouse.up({ button: options.button ?? 'left' });
+        await this.browser_session.validate_page_after_action(page);
+        try {
+            await page.mouse.up({ button: options.button ?? 'left' });
+        }
+        finally {
+            await this.browser_session.validate_page_after_action(page);
+        }
     }
 }

package/dist/actor/page.js

@@ -1,5 +1,6 @@
 import { Element } from './element.js';
 import { Mouse } from './mouse.js';
+const buildExpression = (source, args) => `(${source})(${args.map((arg) => JSON.stringify(arg)).join(',')})`;
 export class Page {
     browser_session;
     _mouse = null;
@@ -21,11 +22,23 @@ export class Page {
     }
     async get_url() {
         const page = await this._currentPage();
-        return typeof page.url === 'function' ? page.url() : '';
+        await this.browser_session.validate_page_after_action(page);
+        try {
+            return typeof page.url === 'function' ? page.url() : '';
+        }
+        finally {
+            await this.browser_session.validate_page_after_action(page);
+        }
     }
     async get_title() {
         const page = await this._currentPage();
-        return typeof page.title === 'function' ? page.title() : '';
+        await this.browser_session.validate_page_after_action(page);
+        try {
+            return typeof page.title === 'function' ? page.title() : '';
+        }
+        finally {
+            await this.browser_session.validate_page_after_action(page);
+        }
     }
     async goto(url, options = {}) {
         await this.browser_session.navigate_to(url, {
@@ -47,16 +60,19 @@ export class Page {
     }
     async evaluate(page_function, ...args) {
         const page = await this._currentPage();
-        if (typeof page_function === 'function') {
-            return page.evaluate(page_function, ...args);
+        await this.browser_session.validate_page_after_action(page);
+        try {
+            if (typeof page_function === 'function') {
+                return await page.evaluate(page_function, ...args);
+            }
+            if (args.length === 0) {
+                return await page.evaluate(page_function);
+            }
+            return await page.evaluate(buildExpression(page_function, args));
         }
-        if (args.length === 0) {
-            return page.evaluate(page_function);
+        finally {
+            await this.browser_session.validate_page_after_action(page);
         }
-        const expression = `(${page_function})(${args
-            .map((arg) => JSON.stringify(arg))
-            .join(',')})`;
-        return page.evaluate(expression);
     }
     async screenshot(options = {}) {
         return this.browser_session.take_screenshot(options.full_page ?? false);
@@ -69,7 +85,13 @@ export class Page {
         if (!page.setViewportSize) {
             return;
         }
-        await page.setViewportSize({ width, height });
+        await this.browser_session.validate_page_after_action(page);
+        try {
+            await page.setViewportSize({ width, height });
+        }
+        finally {
+            await this.browser_session.validate_page_after_action(page);
+        }
     }
     async get_element_by_index(index) {
         const node = await this.browser_session.get_dom_element_by_index(index);

package/dist/agent/gif.js

@@ -6,6 +6,29 @@ import { createLogger } from '../logging-config.js';
 import { PLACEHOLDER_4PX_SCREENSHOT } from '../browser/views.js';
 import { is_new_tab_page } from '../utils.js';
 const logger = createLogger('browser_use.agent.gif');
+const chmodPrivateFile = (filePath) => {
+    if (process.platform === 'win32') {
+        return;
+    }
+    try {
+        fs.chmodSync(filePath, 0o600);
+    }
+    catch {
+        /* best effort */
+    }
+};
+const ensurePrivateDirectoryIfCreated = async (dirPath) => {
+    const existed = fs.existsSync(dirPath);
+    await fs.promises.mkdir(dirPath, { recursive: true, mode: 0o700 });
+    if (!existed && process.platform !== 'win32') {
+        try {
+            await fs.promises.chmod(dirPath, 0o700);
+        }
+        catch {
+            /* best effort */
+        }
+    }
+};
 export const decode_unicode_escapes_to_utf8 = (text) => {
     if (!text.includes('\\u')) {
         return text;
@@ -186,10 +209,11 @@ export const create_history_gif = async (task, history, { output_path = 'agent_h
     const canvas = createCanvas(width, height);
     const ctx = canvas.getContext('2d');
     const encoder = new GIFEncoder(width, height);
-    await fs.promises.mkdir(path.dirname(path.resolve(output_path)), {
-        recursive: true,
+    const resolvedOutputPath = path.resolve(output_path);
+    await ensurePrivateDirectoryIfCreated(path.dirname(resolvedOutputPath));
+    const writeStream = fs.createWriteStream(resolvedOutputPath, {
+        mode: 0o600,
     });
-    const writeStream = fs.createWriteStream(path.resolve(output_path));
     encoder.createReadStream().pipe(writeStream);
     encoder.start();
     encoder.setRepeat(0);
@@ -233,5 +257,6 @@ export const create_history_gif = async (task, history, { output_path = 'agent_h
         writeStream.on('finish', resolve);
         writeStream.on('error', reject);
     });
+    chmodPrivateFile(resolvedOutputPath);
     logger.info(`Created GIF at ${output_path}`);
 };

package/dist/agent/message-manager/service.js

@@ -1,4 +1,5 @@
 import { ContentPartTextParam, SystemMessage, UserMessage, } from '../../llm/messages.js';
+import { redactSensitiveDataFromString, } from '../views.js';
 import { AgentMessagePrompt } from '../prompts.js';
 import { MessageManagerState, HistoryItem } from './views.js';
 import { match_url_with_domain_pattern } from '../../utils.js';
@@ -336,28 +337,7 @@ export class MessageManager {
         if (!this.sensitiveData) {
             return message;
         }
-        const replaceSensitive = (value) => {
-            const placeholders = {};
-            for (const [keyOrDomain, content] of Object.entries(this.sensitiveData)) {
-                if (content && typeof content === 'object' && !Array.isArray(content)) {
-                    for (const [k, v] of Object.entries(content)) {
-                        if (v)
-                            placeholders[k] = v;
-                    }
-                }
-                else if (typeof content === 'string') {
-                    placeholders[keyOrDomain] = content;
-                }
-            }
-            if (!Object.keys(placeholders).length) {
-                return value;
-            }
-            let updated = value;
-            for (const [key, val] of Object.entries(placeholders)) {
-                updated = updated.replaceAll(val, `<secret>${key}</secret>`);
-            }
-            return updated;
-        };
+        const replaceSensitive = (value) => redactSensitiveDataFromString(value, this.sensitiveData ?? null);
         if (typeof message.content === 'string') {
             message.content = replaceSensitive(message.content);
         }

package/dist/agent/message-manager/utils.js

@@ -1,5 +1,17 @@
 import fs from 'node:fs';
 import path from 'node:path';
+const chmodPrivateFile = (filePath) => {
+    if (process.platform !== 'win32') {
+        fs.chmodSync(filePath, 0o600);
+    }
+};
+const ensurePrivateDirectoryIfCreated = async (dirPath) => {
+    const existed = fs.existsSync(dirPath);
+    await fs.promises.mkdir(dirPath, { recursive: true, mode: 0o700 });
+    if (!existed && process.platform !== 'win32') {
+        await fs.promises.chmod(dirPath, 0o700);
+    }
+};
 const serializeResponse = (response) => {
     if (!response) {
         return '';
@@ -34,7 +46,8 @@ const formatConversation = (messages, response) => {
 };
 export const saveConversation = async (inputMessages, response, target, encoding = 'utf-8') => {
     const targetPath = path.resolve(target);
-    await fs.promises.mkdir(path.dirname(targetPath), { recursive: true });
+    await ensurePrivateDirectoryIfCreated(path.dirname(targetPath));
     const payload = formatConversation(inputMessages, response);
-    await fs.promises.writeFile(targetPath, payload, { encoding });
+    await fs.promises.writeFile(targetPath, payload, { encoding, mode: 0o600 });
+    chmodPrivateFile(targetPath);
 };

package/dist/agent/message-manager/views.d.ts

@@ -1,12 +1,12 @@
 import type { Message } from '../../llm/messages.js';
 export declare class HistoryItem {
-    step_number: number | null;
-    evaluation_previous_goal: string | null;
-    memory: string | null;
-    next_goal: string | null;
-    action_results: string | null;
-    error: string | null;
-    system_message: string | null;
+    readonly step_number: number | null;
+    readonly evaluation_previous_goal: string | null;
+    readonly memory: string | null;
+    readonly next_goal: string | null;
+    readonly action_results: string | null;
+    readonly error: string | null;
+    readonly system_message: string | null;
     constructor(step_number?: number | null, evaluation_previous_goal?: string | null, memory?: string | null, next_goal?: string | null, action_results?: string | null, error?: string | null, system_message?: string | null);
     to_string(): string;
 }

package/dist/agent/message-manager/views.js

@@ -17,6 +17,7 @@ export class HistoryItem {
         if (this.error && this.system_message) {
             throw new Error('Cannot have both error and system_message at the same time');
         }
+        Object.freeze(this);
     }
     to_string() {
         const stepStr = this.step_number != null ? 'step' : 'step_unknown';

package/dist/agent/prompts.d.ts

@@ -62,6 +62,9 @@ export declare class AgentMessagePrompt {
     constructor(init: AgentMessagePromptInit);
     private extractPageStatistics;
     private browserStateDescription;
+    private currentDateString;
+    private userRequestDescription;
+    private stepMetaDescription;
     private agentStateDescription;
     private resizeScreenshotForLlm;
     get_user_message(use_vision?: boolean): UserMessage;

package/dist/agent/prompts.js

@@ -268,20 +268,30 @@ ${recentEventsText}${closedPopupsText}${pdfMessage}Interactive elements${truncat
 ${elementsText}
 `;
     }
-    agentStateDescription() {
-        const todoContents = this.fileSystem.get_todo_contents();
-        const todoText = todoContents || '[empty todo.md, fill it when applicable]';
+    currentDateString() {
         const now = new Date();
         const pad = (value) => String(value).padStart(2, '0');
-        const dateString = `${now.getFullYear()}-${pad(now.getMonth() + 1)}-${pad(now.getDate())}`;
+        return `${now.getFullYear()}-${pad(now.getMonth() + 1)}-${pad(now.getDate())}`;
+    }
+    userRequestDescription() {
+        return `<user_request>
+${this.task ?? ''}
+</user_request>
+
+`;
+    }
+    stepMetaDescription() {
         let stepInfoDescription = this.stepInfo != null
             ? `Step${this.stepInfo.step_number + 1} maximum:${this.stepInfo.max_steps}\n`
             : '';
-        stepInfoDescription += `Today:${dateString}`;
-        let agentState = `<user_request>
-${this.task ?? ''}
-</user_request>
-<file_system>
+        stepInfoDescription += `Today:${this.currentDateString()}`;
+        return `<step_info>${stepInfoDescription}</step_info>
+`;
+    }
+    agentStateDescription() {
+        const todoContents = this.fileSystem.get_todo_contents();
+        const todoText = todoContents || '[empty todo.md, fill it when applicable]';
+        let agentState = `<file_system>
 ${this.fileSystem.describe()}
 </file_system>
 <todo_contents>
@@ -298,8 +308,6 @@ ${this.planDescription}
             agentState += `<sensitive_data>${this.sensitiveData}</sensitive_data>
 `;
         }
-        agentState += `<step_info>${stepInfoDescription}</step_info>
-`;
         if (this.availableFilePaths?.length) {
             agentState += `<available_file_paths>${this.availableFilePaths.join('\n')}
 Use with absolute paths</available_file_paths>
@@ -337,7 +345,8 @@ Use with absolute paths</available_file_paths>
             this.browserState.tabs.length === 1) {
             use_vision = false;
         }
-        let stateDescription = `<agent_history>
+        let stateDescription = this.userRequestDescription();
+        stateDescription += `<agent_history>
 ${(this.agentHistoryDescription ?? '').trim()}
 </agent_history>
 
@@ -366,6 +375,7 @@ ${this.pageFilteredActions}
         if (this.unavailableSkillsInfo) {
             stateDescription += `\n${this.unavailableSkillsInfo}\n`;
         }
+        stateDescription += this.stepMetaDescription();
         stateDescription = sanitize_surrogates(stateDescription);
         const hasReadStateImages = this.readStateImages.length > 0;
         if ((use_vision === true && this.screenshots.length > 0) ||

package/dist/agent/service.d.ts

@@ -15,7 +15,7 @@ import type { StructuredOutputParser } from './views.js';
 import { ScreenshotService } from '../screenshots/service.js';
 import { ProductTelemetry } from '../telemetry/service.js';
 import { type SkillService } from '../skills/index.js';
-export declare const log_response: (response: AgentOutput, registry?: Controller<any>, logInstance?: import("../logging-config.js").Logger) => void;
+export declare const log_response: (response: AgentOutput, registry?: Controller<any>, logInstance?: import("../logging-config.js").Logger, sensitive_data?: Record<string, string | Record<string, string>> | null) => void;
 type ControllerContext = unknown;
 type AgentHookFunc<Context, AgentStructuredOutput> = (agent: Agent<Context, AgentStructuredOutput>) => Promise<void> | void;
 interface RerunHistoryOptions {
@@ -162,6 +162,7 @@ export declare class Agent<Context = ControllerContext, AgentStructuredOutput =
     private _url_shortening_limit;
     private skill_service;
     private _skills_registered;
+    private _redactSensitiveText;
     constructor(params: AgentConstructorParams<Context, AgentStructuredOutput>);
     private _normalizeMessageCompactionSetting;
     private _createSessionIdWithAgentSuffix;
@@ -243,6 +244,7 @@ export declare class Agent<Context = ControllerContext, AgentStructuredOutput =
      * Initially only include actions with no filters
      */
     private _setup_action_models;
+    private _filter_cookies_for_domain_policy;
     private _register_skills_as_actions;
     private _get_unavailable_skills_info;
     /**
@@ -263,7 +265,13 @@ export declare class Agent<Context = ControllerContext, AgentStructuredOutput =
     multi_act(actions: Array<Record<string, Record<string, unknown>>>, options?: {
         check_for_new_elements?: boolean;
         signal?: AbortSignal | null;
+        action_timeout?: number | null;
     }): Promise<ActionResult[]>;
+    private _shouldPropagateActionError;
+    private _isConnectionLikeError;
+    private _formatActionExecutionError;
+    private _actionResultFromBrowserError;
+    private _actionResultFromRegistryTimeout;
     private _generate_rerun_summary;
     private _execute_ai_step;
     rerun_history(history: AgentHistoryList, options?: RerunHistoryOptions): Promise<ActionResult[]>;