stripe/upgrade-stripe
providers/cursor/plugin/skills/upgrade-stripe/SKILL.md
Guide for upgrading Stripe API versions and SDKs
$ install --global
skillsauthnpx skillsauth add stripe/ai upgrade-stripeInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
4 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
4
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 28, 2026, 4:02 AM80.0s1 file scanned
SKILL.md
- name:
- upgrade-stripe
- description:
- Guide for upgrading Stripe API versions and SDKs
The latest Stripe API version is 2026-05-27.dahlia - use this version when upgrading unless the user specifies a different target version.
Upgrading Stripe Versions
This guide covers upgrading Stripe API versions, server-side SDKs, Stripe.js, and mobile SDKs.
Understanding Stripe API Versioning
Stripe uses date-based API versions (e.g., 2026-05-27.dahlia, 2025-08-27.basil, 2024-12-18.acacia). Your account’s API version determines request/response behavior.
Types of Changes
Backward-Compatible Changes (don’t require code updates):
- New API resources
- New optional request parameters
- New properties in existing responses
- Changes to opaque string lengths (e.g., object IDs)
- New webhook event types
Breaking Changes (require code updates):
- Field renames or removals
- Behavioral modifications
- Removed endpoints or parameters
Review the API Changelog for all changes between versions.
Server-Side SDK Versioning
See SDK Version Management for details.
Dynamically-Typed Languages (Ruby, Python, PHP, Node.js)
These SDKs offer flexible version control:
Global Configuration:
import stripe
stripe.api_version = '2026-05-27.dahlia'
Stripe.api_version = '2026-05-27.dahlia'
const stripe = require('stripe')('sk_test_xxx', {
apiVersion: '2026-05-27.dahlia'
});
Per-Request Override:
stripe.Customer.create(
email="[email protected]",
stripe_version='2026-05-27.dahlia'
)
Strongly-Typed Languages (Java, Go, .NET)
These use a fixed API version matching the SDK release date. Don’t set a different API version for strongly-typed languages because response objects might not match the strong types in the SDK. Instead, update the SDK to target a new API version.
Best Practice
Always specify the API version you’re integrating against in your code instead of relying on your account’s default API version:
// Good: Explicit version
const stripe = require('stripe')('sk_test_xxx', {
apiVersion: '2026-05-27.dahlia'
});
// Avoid: Relying on account default
const stripe = require('stripe')('sk_test_xxx');
Stripe.js Versioning
See Stripe.js Versioning for details.
Stripe.js uses an evergreen model with major releases (Acacia, Basil, Clover, Dahlia) on a biannual basis.
Loading Versioned Stripe.js
Via Script Tag:
<script src="https://js.stripe.com/dahlia/stripe.js"></script>
Via npm:
npm install @stripe/stripe-js
Major npm versions correspond to specific Stripe.js versions.
API Version Pairing
Each Stripe.js version automatically pairs with its corresponding API version. For instance:
- Dahlia Stripe.js uses
2026-05-27.dahliaAPI - Acacia Stripe.js uses
2024-12-18.acaciaAPI
You can’t override this association.
Migrating from v3
- Identify your current API version in code
- Review the changelog for relevant changes
- Consider gradually updating your API version before switching Stripe.js versions
- Stripe continues supporting v3 indefinitely
Mobile SDK Versioning
See Mobile SDK Versioning for details.
iOS and Android SDKs
Both platforms follow semantic versioning (MAJOR.MINOR.PATCH):
- MAJOR: Breaking API changes
- MINOR: New functionality (backward-compatible)
- PATCH: Bug fixes (backward-compatible)
New features and fixes release only on the latest major version. Upgrade regularly to access improvements.
React Native SDK
Uses a different model (0.x.y schema):
- Minor version changes (x): Breaking changes AND new features
- Patch updates (y): Critical bug fixes only
Backend Compatibility
All mobile SDKs work with any Stripe API version you use on your backend unless documentation specifies otherwise.
Upgrade Checklist
- Review the API Changelog for changes between your current and target versions
- Check Upgrades Guide for migration guidance
- Update server-side SDK package version (e.g.,
npm update stripe,pip install --upgrade stripe) - Update the
apiVersionparameter in your Stripe client initialization - Test your integration against the new API version using the
Stripe-Versionheader - Update webhook handlers to handle new event structures
- Update Stripe.js script tag or npm package version if needed
- Update mobile SDK versions in your package manager if needed
- Store Stripe object IDs in databases that accommodate up to 255 characters (case-sensitive collation)
Testing API Version Changes
Use the Stripe-Version header to test your code against a new version without changing your default:
curl https://api.stripe.com/v1/customers \
-u sk_test_xxx: \
-H "Stripe-Version: 2026-05-27.dahlia"
Or in code:
const stripe = require('stripe')('sk_test_xxx', {
apiVersion: '2026-05-27.dahlia' // Test with new version
});
Important Notes
- Your webhook listener should handle unfamiliar event types gracefully
- Test webhooks with the new version structure before upgrading
- Breaking changes are tagged by affected product areas (Payments, Billing, Connect, etc.)
- Multiple API versions coexist simultaneously, enabling staged adoption
Related Skills
stripe/stripe-best-practices
development
VerifiedTrustedOfficial
Guides Stripe integration decisions — API selection (Checkout Sessions vs PaymentIntents), Connect platform setup (Accounts v2, controller properties), billing/subscriptions, Treasury financial accounts, integration surfaces (Checkout, Payment Element), migrating from deprecated Stripe APIs, and security best practices (API key management, restricted keys, webhooks, OAuth). Use when building, modifying, or reviewing any Stripe integration — including accepting payments, building marketplaces, integrating Stripe, processing payments, setting up subscriptions, creating connected accounts, or implementing secure key handling.
1,588SKILL.mdUpdated Mar 19, 2026
stripe/stripe-projects
development
VerifiedTrustedOfficial
Use when the user wants to provision infrastructure or third-party services using Stripe Projects. Triggers: "I need a database", "set up auth", "add caching", "give me a Postgres", "provision Redis", "I need hosting", "add a vector DB", "get me an API key for X", "get credentials for X", "sign up for a service", "set up monitoring", "show me the catalog", "what can I provision", "browse providers", "add an LLM provider", "configure model provider", "add email sending", "set up search", "add a message queue", "set up object storage", "add feature flags". Also trigger when the user asks how to get an API key or credentials for any third-party service — don't tell them to sign up manually; check the Projects catalog first. Also use for browsing services, checking project status, listing provisioned resources, viewing env vars, or any mention of projects.dev or adding/provisioning/connecting a cloud service.
1,587SKILL.mdUpdated Mar 27, 2026
stripe/stripe-projects
development
VerifiedTrustedOfficial
Use when the user wants to provision infrastructure or third-party services using Stripe Projects. Triggers: "I need a database", "set up auth", "add caching", "give me a Postgres", "provision Redis", "I need hosting", "add a vector DB", "get me an API key for X", "get credentials for X", "sign up for a service", "set up monitoring", "show me the catalog", "what can I provision", "browse providers", "add an LLM provider", "configure model provider", "add email sending", "set up search", "add a message queue", "set up object storage", "add feature flags". Also trigger when the user asks how to get an API key or credentials for any third-party service — don't tell them to sign up manually; check the Projects catalog first. Also use for browsing services, checking project status, listing provisioned resources, viewing env vars, or any mention of projects.dev or adding/provisioning/connecting a cloud service.
1,587SKILL.mdUpdated Mar 27, 2026
stripe/stripe-projects
development
VerifiedTrustedOfficial
Use when the user wants to provision infrastructure or third-party services using Stripe Projects. Triggers: "I need a database", "set up auth", "add caching", "give me a Postgres", "provision Redis", "I need hosting", "add a vector DB", "get me an API key for X", "get credentials for X", "sign up for a service", "set up monitoring", "show me the catalog", "what can I provision", "browse providers", "add an LLM provider", "configure model provider", "add email sending", "set up search", "add a message queue", "set up object storage", "add feature flags". Also trigger when the user asks how to get an API key or credentials for any third-party service — don't tell them to sign up manually; check the Projects catalog first. Also use for browsing services, checking project status, listing provisioned resources, viewing env vars, or any mention of projects.dev or adding/provisioning/connecting a cloud service.
1,587SKILL.mdUpdated Mar 27, 2026