fcakyon/upgrade-stripe
plugins/stripe-skills/skills/upgrade-stripe/SKILL.md
Guide for upgrading Stripe API versions and SDKs
$ install --global
skillsauthnpx skillsauth add fcakyon/claude-codex-settings upgrade-stripeInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 4, 2026, 8:28 PM4.6s1 file scanned
SKILL.md
- name:
- upgrade-stripe
- description:
- Guide for upgrading Stripe API versions and SDKs
- license:
- MIT
The latest Stripe API version is 2026-03-25.dahlia - use this version when upgrading unless the user specifies a different target version.
Upgrading Stripe Versions
This guide covers upgrading Stripe API versions, server-side SDKs, Stripe.js, and mobile SDKs.
Understanding Stripe API Versioning
Stripe uses date-based API versions (e.g., 2026-03-25.dahlia, 2025-08-27.basil, 2024-12-18.acacia). Your account’s API version determines request/response behavior.
Types of Changes
Backward-Compatible Changes (don’t require code updates):
- New API resources
- New optional request parameters
- New properties in existing responses
- Changes to opaque string lengths (e.g., object IDs)
- New webhook event types
Breaking Changes (require code updates):
- Field renames or removals
- Behavioral modifications
- Removed endpoints or parameters
Review the API Changelog for all changes between versions.
Server-Side SDK Versioning
See SDK Version Management for details.
Dynamically-Typed Languages (Ruby, Python, PHP, Node.js)
These SDKs offer flexible version control:
Global Configuration:
import stripe
stripe.api_version = '2026-03-25.dahlia'
Stripe.api_version = '2026-03-25.dahlia'
const stripe = require('stripe')('sk_test_xxx', {
apiVersion: '2026-03-25.dahlia'
});
Per-Request Override:
stripe.Customer.create(
email="[email protected]",
stripe_version='2026-03-25.dahlia'
)
Strongly-Typed Languages (Java, Go, .NET)
These use a fixed API version matching the SDK release date. Don’t set a different API version for strongly-typed languages because response objects might not match the strong types in the SDK. Instead, update the SDK to target a new API version.
Best Practice
Always specify the API version you’re integrating against in your code instead of relying on your account’s default API version:
// Good: Explicit version
const stripe = require('stripe')('sk_test_xxx', {
apiVersion: '2026-03-25.dahlia'
});
// Avoid: Relying on account default
const stripe = require('stripe')('sk_test_xxx');
Stripe.js Versioning
See Stripe.js Versioning for details.
Stripe.js uses an evergreen model with major releases (Acacia, Basil, Clover, Dahlia) on a biannual basis.
Loading Versioned Stripe.js
Via Script Tag:
<script src="https://js.stripe.com/dahlia/stripe.js"></script>
Via npm:
npm install @stripe/stripe-js
Major npm versions correspond to specific Stripe.js versions.
API Version Pairing
Each Stripe.js version automatically pairs with its corresponding API version. For instance:
- Dahlia Stripe.js uses
2026-03-25.dahliaAPI - Acacia Stripe.js uses
2024-12-18.acaciaAPI
You can’t override this association.
Migrating from v3
- Identify your current API version in code
- Review the changelog for relevant changes
- Consider gradually updating your API version before switching Stripe.js versions
- Stripe continues supporting v3 indefinitely
Mobile SDK Versioning
See Mobile SDK Versioning for details.
iOS and Android SDKs
Both platforms follow semantic versioning (MAJOR.MINOR.PATCH):
- MAJOR: Breaking API changes
- MINOR: New functionality (backward-compatible)
- PATCH: Bug fixes (backward-compatible)
New features and fixes release only on the latest major version. Upgrade regularly to access improvements.
React Native SDK
Uses a different model (0.x.y schema):
- Minor version changes (x): Breaking changes AND new features
- Patch updates (y): Critical bug fixes only
Backend Compatibility
All mobile SDKs work with any Stripe API version you use on your backend unless documentation specifies otherwise.
Upgrade Checklist
- Review the API Changelog for changes between your current and target versions
- Check Upgrades Guide for migration guidance
- Update server-side SDK package version (e.g.,
npm update stripe,pip install --upgrade stripe) - Update the
apiVersionparameter in your Stripe client initialization - Test your integration against the new API version using the
Stripe-Versionheader - Update webhook handlers to handle new event structures
- Update Stripe.js script tag or npm package version if needed
- Update mobile SDK versions in your package manager if needed
- Store Stripe object IDs in databases that accommodate up to 255 characters (case-sensitive collation)
Testing API Version Changes
Use the Stripe-Version header to test your code against a new version without changing your default:
curl https://api.stripe.com/v1/customers \
-u sk_test_xxx: \
-H "Stripe-Version: 2026-03-25.dahlia"
Or in code:
const stripe = require('stripe')('sk_test_xxx', {
apiVersion: '2026-03-25.dahlia' // Test with new version
});
Important Notes
- Your webhook listener should handle unfamiliar event types gracefully
- Test webhooks with the new version structure before upgrading
- Breaking changes are tagged by affected product areas (Payments, Billing, Connect, etc.)
- Multiple API versions coexist simultaneously, enabling staged adoption
Related Skills
fcakyon/setup
tools
VerifiedTrustedCommunity
This skill should be used when user asks to "set up overleaf", "configure overleaf cookie", "overleaf auth failed", "overleaf 401", "overleaf session expired", "overleaf unauthorized", or needs to install or refresh their Overleaf session cookie for the overleaf-skills plugin.
674SKILL.mdUpdated May 10, 2026
fcakyon/review-overleaf
documentation
VerifiedTrustedCommunity
This skill should be used when user asks to "fetch overleaf review comments", "address overleaf reviews", "apply overleaf comments", "review my overleaf paper", "sync overleaf feedback to local", "what comments are on my overleaf doc", or wants to act on Overleaf reviewer feedback in a local git-tracked LaTeX repo.
658SKILL.mdUpdated May 3, 2026
fcakyon/dokploy-deploy
tools
VerifiedTrustedCommunity
This skill should be used when user asks to "deploy with Dokploy", "use Dokploy Cloud", "manage self-hosted Dokploy", "deploy Docker Compose on Dokploy", "manage Dokploy databases", "configure Dokploy domains", or "look up Dokploy CLI commands".
654SKILL.mdUpdated Apr 26, 2026
fcakyon/stripe-best-practices
development
VerifiedTrustedCommunity
Guides Stripe integration decisions — API selection (Checkout Sessions vs PaymentIntents), Connect platform setup (Accounts v2, controller properties), billing/subscriptions, Treasury financial accounts, integration surfaces (Checkout, Payment Element), migrating from deprecated Stripe APIs, and security best practices (API key management, restricted keys, webhooks, OAuth). Use when building, modifying, or reviewing any Stripe integration — including accepting payments, building marketplaces, integrating Stripe, processing payments, setting up subscriptions, creating connected accounts, or implementing secure key handling.
645SKILL.mdUpdated Apr 4, 2026