For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Book a demoLog inStart for free
  • Overview
    • Introduction
    • How it works
    • Quickstart
    • Customer showcase
  • Working with SDKs
    • Project structure
    • Adding custom code
    • Migrating to Replay
    • Capabilities
  • Generators
      • Generating an SDK
      • Publishing to PyPI
      • Configuration
      • Adding custom code
      • Dynamic authentication
      • aiohttp support
      • Changelog
      • Customer showcase
  • Reference
    • generators.yml
Checking status...
SOC2Soc 2 Type II
© 2026 Fern • Birch Solutions, Inc., a Postman company

Documentation

SDKsDocsAsk FernCLI Reference

API Definitions

OpenAPIAsyncAPIOpenRPCgRPC

Resources

BlogSupportPricing

Company

Brand KitPrivacy PolicyTerms of Service
LogoLogo
Book a demoLog inStart for free
GeneratorsPython

Changelog

April 20, 2026
April 20, 2026

5.5.6

(fix): Escape Python reserved keywords (e.g., import, class, from) when used as subpackage names. Previously, a subpackage named after a Python keyword would produce a broken __init__.py (e.g., from .import.client import ImportClient) that fails to parse. Subpackage directories are now generated using the casings-generator’s safe_name (e.g., import_), matching how other identifiers already handle reserved keywords.

5.5.5

(fix): Raise the generated aiohttp optional-dependency lower bound from >=3.10.0,<4 to >=3.13.4,<4 and add a python = ">=3.9" marker on both aiohttp and httpx-aiohttp so the aiohttp extra is only installed on Python 3.9+ while still allowing the SDK itself to support Python 3.8. Enforces the patched minimum version for GHSA-c427-h43c-vf67 (CVE-2026-34525) at the dependency spec level.

5.5.4

(fix): Clamp the minimum Python version produced by the generator to ^3.10. Python 3.8 reached EOL in Oct 2024 and Python 3.9 in Oct 2025; many popular PyPI packages (e.g. requests >=2.33) no longer publish wheels for those versions, which causes dependency resolution to pin older, known-vulnerable releases (GHSA-gc5v-m9x4-r6x2 / CVE-2026-25645). When pyproject_python_version specifies a range that allows a version older than 3.10, the generator now logs a warning and emits python = "^3.10" in the generated pyproject.toml.

(fix): Bump the requests / types-requests dependencies used by the generated wire test suite from ^2.31.0 to ^2.33.0 to pick up the fix for GHSA-gc5v-m9x4-r6x2 (insecure temp file reuse in requests.utils.extract_zipped_paths).

(chore): Add a defensive urllib3 pin to the generated SDK’s dev dependencies that excludes the vulnerable >=2.0.0,<2.2.2 range addressed by CVE-2024-37891 (GHSA-34jh-p97f-mpxf). This prevents poetry lock from resolving to a vulnerable urllib3 even when user-supplied extra_dependencies transitively cap urllib3 (e.g. older boto3 pins whose botocore requires urllib3 < 2.1).

5.5.3

(chore): Bump generated pytest dev dependency from ^8.2.0 to ^9.0.3 for SDKs targeting Python 3.9+. This addresses CVE-2025-71176 (GHSA-6w46-j5rx-g56g), a moderate-severity issue with insecure /tmp/pytest-of-{user} handling on UNIX. Projects that still support Python 3.8 continue to use pytest ^7.4.0 since pytest 9 requires Python 3.9+.

Was this page helpful?
Edit this page
Previous

April 22, 2026

Next

April 18, 2026