chore(deps): bump the patches group across 1 directory with 27 updates

[dependabot]

Bumps the patches group with 27 updates in the / directory:

Package	From	To
@ai-sdk/mcp	1.0.35	1.0.41
@ai-sdk/openai-compatible	2.0.41	2.0.47
@ai-sdk/react	3.0.155	3.0.178
@headlessui/react	2.2.0	2.2.10
@opentelemetry/api	1.9.0	1.9.1
@radix-ui/react-accordion	1.2.3	1.2.12
@radix-ui/react-avatar	1.1.3	1.1.11
@radix-ui/react-collapsible	1.1.11	1.1.12
@radix-ui/react-dialog	1.1.6	1.1.15
@radix-ui/react-dropdown-menu	2.1.6	2.1.16
@radix-ui/react-hover-card	1.1.6	1.1.15
@radix-ui/react-label	2.1.2	2.1.8
@radix-ui/react-scroll-area	1.2.9	1.2.10
@radix-ui/react-select	2.2.5	2.2.6
@radix-ui/react-separator	1.1.2	1.1.8
@radix-ui/react-tabs	1.1.3	1.1.13
@react-three/fiber	9.6.0	9.6.1
@tailwindcss/postcss	4.2.0	4.2.4
ai	6.0.153	6.0.176
jsonwebtoken	9.0.2	9.0.3
katex	0.16.22	0.16.45
langfuse	3.38.4	3.38.20
livekit-server-sdk	2.15.0	2.15.2
nanoid	5.1.5	5.1.11
openai-edge	1.2.2	1.2.3
tailwindcss	4.2.0	4.2.4
use-stick-to-bottom	1.1.1	1.1.4

Updates @ai-sdk/mcp from 1.0.35 to 1.0.41

Changelog

Sourced from @​ai-sdk/mcp's changelog.

1.0.41

Patch Changes

• f591416: feat(ai): add toolMetadata for tool specific metdata
• Updated dependencies [f591416]
  • @​ai-sdk/provider-utils@​4.0.27

1.0.40

Patch Changes

• 221a984: Add resource_link content type to CallToolResultSchema and PromptMessageSchema per MCP spec. Fixes hard rejection when MCP servers return resource_link content parts with zod ≥ 4.4.x.
• 0084974: feat(mcp): deprecate name and use clientName for MCPClient

1.0.39

Patch Changes

• 7beadf0: feat(mcp): propagate the server name through dynamic tool parts
• Updated dependencies [7beadf0]
  • @​ai-sdk/provider-utils@​4.0.26

1.0.38

Patch Changes

• a727da4: chore: ensure consistent import handling and avoid import duplicates or cycles
• 5fee301: fix(mcp): prevent prototype pollution by using secureJsonParse
• Updated dependencies [a727da4]
  • @​ai-sdk/provider-utils@​4.0.25
  • @​ai-sdk/provider@​3.0.10

1.0.37

Patch Changes

• a7f3c72: trigger release for all packages after provenance setup
• Updated dependencies [a7f3c72]
  • @​ai-sdk/provider@​3.0.9
  • @​ai-sdk/provider-utils@​4.0.24

1.0.36

Patch Changes

• 9a8d276: feat(mcp): surface 'serverInfo' exposed from the MCP server

Commits

• e3ccdb5 Version Packages (#15094)
• f591416 Backport: feat(ai): add toolMetadata for tool specific metdata (#15053)
• 74a7a20 Version Packages (#15012)
• 0084974 Backport: feat(mcp): deprecate name and use clientName for MCPClient (#15003)
• 221a984 Backport: fix(@​ai-sdk/mcp): add resource_link content type to CallToolResultS...
• 8a46a3c Version Packages (#14875)
• 7beadf0 Backport: feat(mcp): propagate the server name through dynamic tool parts (#1...
• 8e650ab Version Packages (#14824)
• a727da4 backport of chore: ensure consistent import handling and avoid import duplica...
• 5fee301 backport v6: fix(mcp): prevent prototype pollution by using secureJsonParse (...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​ai-sdk/mcp since your current version.

Updates @ai-sdk/openai-compatible from 2.0.41 to 2.0.47

Changelog

Sourced from @​ai-sdk/openai-compatible's changelog.

2.0.47

Patch Changes

• Updated dependencies [f591416]
  • @​ai-sdk/provider-utils@​4.0.27

2.0.46

Patch Changes

• 38966ab: fix(openai, openai-compatible): only send null content for assistant messages with tool calls

2.0.45

Patch Changes

• 6043d24: feat(vertex): add grok models to vertex provider

2.0.44

Patch Changes

• Updated dependencies [7beadf0]
  • @​ai-sdk/provider-utils@​4.0.26

2.0.43

Patch Changes

• a727da4: chore: ensure consistent import handling and avoid import duplicates or cycles
• Updated dependencies [a727da4]
  • @​ai-sdk/provider-utils@​4.0.25
  • @​ai-sdk/provider@​3.0.10

2.0.42

Patch Changes

• a7f3c72: trigger release for all packages after provenance setup
• 408a2ad: patch - send content: null instead of empty string for tool-only assistant messages
• Updated dependencies [a7f3c72]
  • @​ai-sdk/provider@​3.0.9
  • @​ai-sdk/provider-utils@​4.0.24

Commits

• e3ccdb5 Version Packages (#15094)
• a1dddcc Version Packages (#14954)
• 38966ab backport v6: fix(openai, openai-compatible): only send null content for assis...
• 3def720 Version Packages (#14908)
• 6043d24 Backport: feat(vertex): add grok models to vertex provider (#14902)
• 8a46a3c Version Packages (#14875)
• 8e650ab Version Packages (#14824)
• a727da4 backport of chore: ensure consistent import handling and avoid import duplica...
• 77a4e05 Version Packages (#14802)
• a7f3c72 Re-enable v6 releases (#14799)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​ai-sdk/openai-compatible since your current version.

Updates @ai-sdk/react from 3.0.155 to 3.0.178

Changelog

Sourced from @​ai-sdk/react's changelog.

3.0.178

Patch Changes

• Updated dependencies [f591416]
  • @​ai-sdk/provider-utils@​4.0.27
  • ai@6.0.176

3.0.177

Patch Changes

• ai@6.0.175

3.0.176

Patch Changes

• ai@6.0.174

3.0.175

Patch Changes

• Updated dependencies [7beadf0]
  • @​ai-sdk/provider-utils@​4.0.26
  • ai@6.0.173

3.0.174

Patch Changes

• ai@6.0.172

3.0.173

Patch Changes

• a727da4: chore: ensure consistent import handling and avoid import duplicates or cycles
• Updated dependencies [48f842a]
• Updated dependencies [a727da4]
• Updated dependencies [5fee301]
  • ai@6.0.171
  • @​ai-sdk/provider-utils@​4.0.25

3.0.172

Patch Changes

• Updated dependencies [19d587a]

... (truncated)

Commits

• e3ccdb5 Version Packages (#15094)
• 3015153 Version Packages (#14960)
• 0129eb6 Version Packages (#14912)
• 8a46a3c Version Packages (#14875)
• 29c80ec Version Packages (#14868)
• 8e650ab Version Packages (#14824)
• a727da4 backport of chore: ensure consistent import handling and avoid import duplica...
• 7ab1e18 Version Packages (#14815)
• 77a4e05 Version Packages (#14802)
• a7f3c72 Re-enable v6 releases (#14799)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​ai-sdk/react since your current version.

Updates @headlessui/react from 2.2.0 to 2.2.10

Release notes

Sourced from @​headlessui/react's releases.

@​headlessui/react@​v2.2.10

Fixed

• Don’t render <Portal> while hydrating (#3825)
• Fix passing props on Fragment error due to Symbol(react.lazy) (#3873)

@​headlessui/react@​v2.2.9

Fixed

• Improve focus management in shadow DOM roots (#3794)
• Don't accidentally open the Combobox when touching the ComboboxButton while dragging on mobile (#3795)
• Ensure sibling Dialog components are scrollable on mobile (#3796)
• Infer Combobox type based on onChange handler (#3798)
• Allow home/end key default behavior inside ComboboxInput when Combobox is closed (#3798)
• Ensure interacting with a Dialog on iOS works after interacting with a disallowed area (#3801)
• Freeze Listbox values as soon as a value is selected (#3802)
• Ensure refs are forwarded when freezing data (#3390)
• Do not serialize React components into form fields (49e9e8e)

@​headlessui/react@​v2.2.8

Fixed

• Ensure we are not freezing data when the static prop is used (#3779)
• Ensure onChange types are contravariant instead of bivariant (#3781)
• Support <summary> as a focusable element inside <details> (#3389)
• Fix Maximum update depth exceeded crash when using transition prop (#3782)
• Ensure pressing Tab in the ComboboxInput, correctly syncs the input value (#3785)
• Ensure --button-width and --input-width have the latest value (#3786)
• Fix 'Invalid prop data-headlessui-state supplied to React.Fragment' warning (#3788)
• Ensure element in ref callback is always connected when rendering in a Portal (#3789)
• Ensure form state is up to date when using uncontrolled components (#3790)
• Ensure data-open on ComboboxInput is up to date (#3791)
• Ensure changing the immediate prop value on the Combobox component works as expected (#3792)

@​headlessui/react@​v2.2.7

Fixed

• Fix incorrect double invocation of menu items, listbox options and combobox options (#3766)
• Fix memory leak in SSR environment (#3767)
• Ensure programmatic .click() on MenuButton ref works (#3768)
• Don't activate hovered items while using the keyboard (#3769)

@​headlessui/react@​v2.2.6

Fixed

• Fix immediately closing Listbox by requiring some cursor movement (#3762)

@​headlessui/react@​v2.2.5

Fixed

... (truncated)

Changelog

Sourced from @​headlessui/react's changelog.

[2.2.10] - 2026-04-07

Fixed

• Don’t render <Portal> while hydrating (#3825)
• Fix passing props on Fragment error due to Symbol(react.lazy) (#3873)

[2.2.9] - 2025-09-25

Fixed

• Improve focus management in shadow DOM roots (#3794)
• Don't accidentally open the Combobox when touching the ComboboxButton while dragging on mobile (#3795)
• Ensure sibling Dialog components are scrollable on mobile (#3796)
• Infer Combobox type based on onChange handler (#3798)
• Allow home/end key default behavior inside ComboboxInput when Combobox is closed (#3798)
• Ensure interacting with a Dialog on iOS works after interacting with a disallowed area (#3801)
• Freeze Listbox values as soon as a value is selected (#3802)
• Ensure refs are forwarded when freezing data (#3390)
• Do not serialize React components into form fields (49e9e8e)

[2.2.8] - 2025-09-12

Fixed

• Ensure we are not freezing data when the static prop is used (#3779)
• Ensure onChange types are contravariant instead of bivariant (#3781)
• Support <summary> as a focusable element inside <details> (#3389)
• Fix Maximum update depth exceeded crash when using transition prop (#3782)
• Ensure pressing Tab in the ComboboxInput, correctly syncs the input value (#3785)
• Ensure --button-width and --input-width have the latest value (#3786)
• Fix 'Invalid prop data-headlessui-state supplied to React.Fragment' warning (#3788)
• Ensure element in ref callback is always connected when rendering in a Portal (#3789)
• Ensure form state is up to date when using uncontrolled components (#3790)
• Ensure data-open on ComboboxInput is up to date (#3791)
• Ensure changing the immediate prop value on the Combobox component works as expected (#3792)

[2.2.7] - 2025-07-30

Fixed

• Fix incorrect double invocation of menu items, listbox options and combobox options (#3766)
• Fix memory leak in SSR environment (#3767)
• Ensure programmatic .click() on MenuButton ref works (#3768)
• Don't activate hovered items while using the keyboard (#3769)

[2.2.6] - 2025-07-24

Fixed

... (truncated)

Commits

• d13526d 2.2.10 - @​headlessui/react
• b0dcd8f Handle props on Fragment error due to Symbol(react.lazy) (#3873)
• 7baca70 Don’t render \<Portal>s while hydrating (#3825)
• 5ef7395 Add RefProp to props (#3823)
• 589ea90 2.2.9 - @​headlessui/react
• bba75c7 update changelog
• ca536ed update changelog
• 49e9e8e do not serialize React components into form fields
• 2a647a7 Ensure refs are forwarded when freezing data (#3390)
• da2fa94 Freeze values as soon as possible (#3802)
• Additional commits viewable in compare view

Updates @opentelemetry/api from 1.9.0 to 1.9.1

Release notes

Sourced from @​opentelemetry/api's releases.

api/v1.9.1

1.9.1

🐛 (Bug Fix)

• fix(api): prioritize esnext export condition as it is more specific #5458
• fix(api): update diag consoleLogger to use original console methods to prevent infinite loop when a console instrumentation is present #6395
• fix(api): use Attributes instead of deprecated SpanAttributes in SpanOptions #6478 @​overbalance
• fix(diag): change types in DiagComponentLogger from any to unknown#5478 @​loganrosen
• fix(api): re-introduce fallback chain for global utils #6523 @​pichlermarc

🏠 (Internal)

• refactor(api): refactor to avoid circular deps by merging observable types into Metric.ts #6441 @​pichlermarc
• refactor(api): remove "export *" in favor of explicit named exports #4880 @​robbkidd
• chore: enable tsconfig isolatedModules #5697 @​legendecas
• chore: disallow constructor parameter property syntax #6187 @​legendecas
• refactor(api): remove platform-specific globalThis, use globalThis directly #6208 @​overbalance
• chore(api): mark ProxyTracerProvider as deprecated #6328 @​cjihrig
• chore: enforce import type for type-only imports via ESLint #6467 @​overbalance
• perf(api): improve isValidSpanId, isValidTraceId performance #5714 @​seemk

Changelog

Sourced from @​opentelemetry/api's changelog.

1.9.1

🐛 (Bug Fix)

• fix: avoid grpc types dependency #3551 @​flarna
• fix(otlp-proto-exporter-base): Match Accept header with Content-Type in the proto exporter #3562 @​scheler
• fix: include tracestate in export #3569 @​flarna

🏠 (Internal)

• chore: fix cross project links and missing implicitly exported types #3533 @​legendecas
• feat(sdk-metrics): add exponential histogram mapping functions #3504 @​mwear

Commits

• 279458e Release 1.9.1 / 0.35.1 (#3573)
• 4978743 fix(http): remove outgoing headers normalization (#3557)
• d1f9594 chore(deps): update dependency rimraf to v4 (#3532)
• e0abcc0 fix: remove JSON syntax error and regenerate tsconfig files (#3566)
• a90c558 fix(sdk-node): register instrumentations early (#3502)
• 5b070b8 fix: include TraceState in trace exports (#3569)
• dcb09b7 chore(deps): update dependency gh-pages to v5 (#3571)
• 3bc93a9 feat: exponential histogram - part 1 - mapping functions (#3504)
• 3670071 fix: avoid grpc types dependency (#3551)
• b5ef0e4 chore: fix proto generation (#3567)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​opentelemetry/api since your current version.

Updates @radix-ui/react-accordion from 1.2.3 to 1.2.12

Commits

• See full diff in compare view

Updates @radix-ui/react-avatar from 1.1.3 to 1.1.11

Commits

• See full diff in compare view

Updates @radix-ui/react-collapsible from 1.1.11 to 1.1.12

Commits

• See full diff in compare view

Updates @radix-ui/react-dialog from 1.1.6 to 1.1.15

Commits

• See full diff in compare view

Updates @radix-ui/react-dropdown-menu from 2.1.6 to 2.1.16

Commits

• See full diff in compare view

Updates @radix-ui/react-hover-card from 1.1.6 to 1.1.15

Commits

• See full diff in compare view

Updates @radix-ui/react-label from 2.1.2 to 2.1.8

Commits

• See full diff in compare view

Updates @radix-ui/react-scroll-area from 1.2.9 to 1.2.10

Commits

• See full diff in compare view

Updates @radix-ui/react-select from 2.2.5 to 2.2.6

Commits

• See full diff in compare view

Updates @radix-ui/react-separator from 1.1.2 to 1.1.8

Commits

• See full diff in compare view

Updates @radix-ui/react-tabs from 1.1.3 to 1.1.13

Commits

• See full diff in compare view

Updates @react-three/fiber from 9.6.0 to 9.6.1

Release notes

Sourced from @​react-three/fiber's releases.

v9.6.1

What's Changed

• fix: Seamlessly transfer interactivity state when swapping instances (#3743) by @​notrabs in pmndrs/react-three-fiber#3744

Full Changelog: pmndrs/react-three-fiber@v9.6.0...v9.6.1

Commits

• 2a52874 RELEASING: Releasing 1 package(s)
• b645741 docs(changeset): fix: Seamlessly transfer interactivity state when swapping i...
• 119668f fix: Seamlessly transfer interactivity state when swapping instances (#3744)
• 943a37e Merge pull request #3738 from pmndrs:chore/simplify-shadermaterial-demo
• 1be9504 chore: Add uniform piercing test
• 4df10c0 chore: Simplify ShaderMaterial demo
• 47d30ba chore: Move ShaderMaterial uniform notes to objects out of pitfalls
• See full diff in compare view

Updates @tailwindcss/postcss from 4.2.0 to 4.2.4

Release notes

Sourced from @​tailwindcss/postcss's releases.

v4.2.4

Fixed

• Ensure imports in @import and @plugin still resolve correctly when using Vite aliases in @tailwindcss/vite (#19947)

v4.2.3

Fixed

• Canonicalization: improve canonicalizations for tracking-* utilities by preferring non-negative utilities (e.g. -tracking-tighter → tracking-wider) (#19827)
• Fix crash due to invalid characters in candidate (exceeding valid unicode code point range) (#19829)
• Ensure query params in imports are considered unique resources when using @tailwindcss/webpack (#19723)
• Canonicalization: collapse arbitrary values into shorthand utilities (e.g. px-[1.2rem] py-[1.2rem] → p-[1.2rem]) (#19837)
• Canonicalization: collapse border-{t,b}-* into border-y-*, border-{l,r}-* into border-x-*, and border-{t,r,b,l}-* into border-* (#19842)
• Canonicalization: collapse scroll-m{t,b}-* into scroll-my-*, scroll-m{l,r}-* into scroll-mx-*, and scroll-m{t,r,b,l}-* into scroll-m-* (#19842)
• Canonicalization: collapse scroll-p{t,b}-* into scroll-py-*, scroll-p{l,r}-* into scroll-px-*, and scroll-p{t,r,b,l}-* into scroll-p-* (#19842)
• Canonicalization: collapse overflow-{x,y}-* into overflow-* (#19842)
• Canonicalization: collapse overscroll-{x,y}-* into overscroll-* (#19842)
• Read from --placeholder-color instead of --background-color for placeholder-* utilities (#19843)
• Upgrade: ensure files are not emptied out when killing the upgrade process while it's running (#19846)
• Upgrade: use config.content when migrating from Tailwind CSS v3 to Tailwind CSS v4 (#19846)
• Upgrade: never migrate files that are ignored by git (#19846)
• Add .env and .env.* to default ignored content files (#19846)
• Canonicalization: migrate overflow-ellipsis into text-ellipsis (#19849)
• Canonicalization: migrate start-full → inset-s-full, start-auto → inset-s-auto, start-px → inset-s-px, and start-<number> → inset-s-<number> as well as negative versions (#19849)
• Canonicalization: migrate end-full → inset-e-full, end-auto → inset-e-auto, end-px → inset-e-px, and end-<number> → inset-e-<number> as well as negative versions (#19849)
• Canonicalization: move the - sign inside the arbitrary value -left-[9rem] → left-[-9rem] (#19858)
• Canonicalization: move the - sign outside the arbitrary value ml-[calc(-1*var(--width))] → -ml-(--width) (#19858)
• Improve performance when scanning JSONL / NDJSON files (#19862)
• Support NODE_PATH environment variable in standalone CLI (#19617)

v4.2.2

Added

• Support Vite 8 in @tailwindcss/vite (#19790)

Fixed

• Don't crash when candidates contain prototype properties like row-constructor (#19725)
• Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• Fix crash in canonicalization step when handling utilities containing @property at-rules (e.g. shadow-sm border) (#19727)
• Skip full reload for server only modules scanned by client CSS when using @tailwindcss/vite (#19745)
• Improve canonicalization for bare values exceeding default spacing scale suggestions (e.g. w-1234 h-1234 → size-1234) (#19809)
• Fix canonicalization resulting in empty list (e.g. w-5 h-5 size-5 → '' instead of size-5) (#19812)

v4.2.1

Fixed

• Allow trailing dash in functional utility names for backwards compatibility (#19696)
• Properly detect classes containing . characters within curly braces in MDX files (#19711)

Changelog

Sourced from @​tailwindcss/postcss's changelog.

[4.2.4] - 2026-04-21

Fixed

• Ensure imports in @import and @plugin still resolve correctly when using Vite aliases in @tailwindcss/vite (#19947)

[4.2.3] - 2026-04-20

Fixed

• Canonicalization: improve canonicalization for tracking-* utilities by preferring non-negative utilities (e.g. -tracking-tighter → tracking-wider) (#19827)
• Fix crash due to invalid characters in candidate (exceeding valid unicode code point range) (#19829)
• Ensure query params in imports are considered unique resources when using @tailwindcss/webpack (#19723)
• Canonicalization: collapse arbitrary values into shorthand utilities (e.g. px-[1.2rem] py-[1.2rem] → p-[1.2rem]) (#19837)
• Canonicalization: collapse border-{t,b}-* into border-y-*, border-{l,r}-* into border-x-*, and border-{t,r,b,l}-* into border-* (#19842)
• Canonicalization: collapse scroll-m{t,b}-* into scroll-my-*, scroll-m{l,r}-* into scroll-mx-*, and scroll-m{t,r,b,l}-* into scroll-m-* (#19842)
• Canonicalization: collapse scroll-p{t,b}-* into scroll-py-*, scroll-p{l,r}-* into scroll-px-*, and scroll-p{t,r,b,l}-* into scroll-p-* (#19842)
• Canonicalization: collapse overflow-{x,y}-* into overflow-* (#19842)
• Canonicalization: collapse overscroll-{x,y}-* into overscroll-* (#19842)
• Read from --placeholder-color instead of --background-color for placeholder-* utilities (#19843)
• Upgrade: ensure files are not emptied out when killing the upgrade process while it's running (#19846)
• Upgrade: use config.content when migrating from Tailwind CSS v3 to Tailwind CSS v4 (#19846)
• Upgrade: never migrate files that are ignored by git (#19846)
• Add .env and .env.* to default ignored content files (#19846)
• Canonicalization: migrate overflow-ellipsis into text-ellipsis (#19849)
• Canonicalization: migrate start-full → inset-s-full, start-auto → inset-s-auto, start-px → inset-s-px, and start-<number> → inset-s-<number> as well as negative versions (#19849)
• Canonicalization: migrate end-full → inset-e-full, end-auto → inset-e-auto, end-px → inset-e-px, and end-<number> → inset-e-<number> as well as negative versions (#19849)
• Canonicalization: move the - sign inside the arbitrary value -left-[9rem] → left-[-9rem] (#19858)
• Canonicalization: move the - sign outside the arbitrary value ml-[calc(-1*var(--width))] → -ml-(--width) (#19858)
• Improve performance when scanning JSONL / NDJSON files (#19862)
• Support NODE_PATH environment variable in standalone CLI (#19617)

[4.2.2] - 2026-03-18

Fixed

• Don't crash when candidates contain prototype properties like row-constructor (#19725)
• Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• Fix crash in canonicalization step when handling utilities containing @property at-rules (e.g. shadow-sm border) (#19727)
• Skip full reload for server only modules scanned by client CSS when using @tailwindcss/vite (#19745)
• Add support for Vite 8 in @tailwindcss/vite (#19790)
• Improve canonicalization for bare values exceeding default spacing scale suggestions (e.g. w-1234 h-1234 → size-1234) (#19809)
• Fix canonicalization resulting in empty list (e.g. w-5 h-5 size-5 → '' instead of size-5) (#19812)
• Resolve tsconfig paths to allow for @import '@/path/to/file'; when using @tailwindcss/vite (#19803)

[4.2.1] - 2026-02-23

Fixed

• Allow trailing dash in functional utility names for backwards compatibility (#19696)

... (truncated)

Commits

• 69ad7cc 4.2.4 (#19948)
• 685c19e Fix issue around resolving paths in @tailwindcss/vite (#19947)
• 2e3fa49 4.2.3 (#19944)
• 4527123 docs(postcss): remove duplicated optimize example from README (#19938)
• aad6017 docs/fix-lightning-css-typo-postcss-readme (#19913)
• d596b0c 4.2.2 (#19821)
• faa5e88 Cleanup inconsistencies related to (regex) escapes (#19804)
• 1dce64e 4.2.1 (#19714)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​tailwindcss/postcss since your current version.

Updates ai from 6.0.153 to 6.0.176

Changelog

Sourced from ai's changelog.

6.0.176

Patch Changes

• f591416: feat(ai): add toolMetadata for tool specific metdata
• Updated dependencies [f591416]
  • @​ai-sdk/provider-utils@​4.0.27
  • @​ai-sdk/gateway@​3.0.111

6.0.175

Patch Changes

• Updated dependencies [9a88b1d]
  • @​ai-sdk/gateway@​3.0.110

6.0.174

Patch Changes

• Updated dependencies [49f6d44]
  • @​ai-sdk/gateway@​3.0.109

6.0.173

Patch Changes

• 7beadf0: feat(mcp): propagate the server name through dynamic tool parts
• Updated dependencies [7beadf0]
  • @​ai-sdk/provider-utils@​4.0.26
  • @​ai-sdk/gateway@​3.0.108

6.0.172

Patch Changes

• Updated dependencies [982af78]
  • @​ai-sdk/gateway@​3.0.107

6.0.171

Patch Changes

• 48f842a: fix(ai): enforce callOptionsSchema at runtime in ToolLoopAgent

  ToolLoopAgentSettings.callOptionsSchema was declared and documented as a runtime schema for options, but tool-loop-agent.ts never invoked it. Any invariant a developer encoded in the schema was silently bypassed at runtime, and unchecked options flowed straight into prepareCall and any instructions template that interpolated them.

  ToolLoopAgent.prepareCall now validates caller-supplied options against callOptionsSchema (when set) via safeValidateTypes, throwing InvalidArgumentError on failure before forwarding to prepareCall / generateText / streamText.

• a727da4: chore: ensure consistent import handling and avoid import duplicates or cycles

... (truncated)

Commits

• e3ccdb5 Version Packages (#15094)
• f591416 Backport: feat(ai): add toolMetadata for tool specific metdata (#15053)
• 0084974 Backport: feat(mcp): deprecate name and use clientName for MCPClient (#15003)
• 3015153 Version Packages (#14960)
• 0129eb6 Version Packages (#14912)
• 8a46a3c Version Packages (#14875)
• 7beadf0 Backport: feat(mcp): propagate the server name through dynamic tool parts (#1...
• 29c80ec Version Packages (#14868)
• 8e650ab Version Packages (#14824)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
langfuse-docs	Ready	Preview, Comment	May 15, 2026 2:05pm

[claude]

LGTM, dependabot patch-level dependency bumps.

Extended reasoning...

Overview

This PR is a Dependabot grouped patch-level update bumping 27 dependencies in package.json and the corresponding pnpm-lock.yaml. All bumps stay within the same minor version (e.g., @ai-sdk/mcp 1.0.35→1.0.39, @headlessui/react 2.2.0→2.2.10, tailwindcss 4.2.0→4.2.4, jsonwebtoken 9.0.2→9.0.3, etc.). No application code is modified.

Security risks

Patch releases are unlikely to introduce breaking changes, and several of the included patches are themselves security fixes (e.g., @ai-sdk/mcp prototype-pollution fix via secureJsonParse, jsonwebtoken jws bump). This is the langfuse-docs repository, not the core Langfuse production code, so the blast radius is limited to the marketing/docs site.

Level of scrutiny

Low. Dependabot patch-grouped bumps within a docs repo are mechanical and well-suited for shadow approval. The Vercel preview build will catch any incidental compatibility issues before deploy.

Other factors

No bugs were reported by the bug-hunting system, no outstanding reviewer comments exist, and the only timeline entry is the Vercel preview bot.