chore(deps): bump the production-dependencies group across 1 directory with 22 updates by dependabot[bot] · Pull Request #190 · reqcore-inc/reqcore

dependabot · 2026-05-25T05:23:26Z

Bumps the production-dependencies group with 18 updates in the / directory:

Package	From	To
@ai-sdk/anthropic	`3.0.74`	`3.0.79`
@ai-sdk/google	`3.0.67`	`3.0.79`
@ai-sdk/openai	`3.0.58`	`3.0.65`
@aws-sdk/client-s3	`3.1041.0`	`3.1053.0`
@better-auth/sso	`1.6.9`	`1.6.11`
@nuxtjs/i18n	`10.3.0`	`10.4.0`
@nuxtjs/mdc	`0.21.1`	`0.22.0`
@opentelemetry/api-logs	`0.216.0`	`0.218.0`
@opentelemetry/exporter-logs-otlp-http	`0.216.0`	`0.218.0`
@opentelemetry/sdk-logs	`0.216.0`	`0.218.0`
@posthog/nuxt	`1.7.21`	`1.7.42`
@tailwindcss/vite	`4.2.4`	`4.3.0`
ai	`6.0.174`	`6.0.191`
better-sqlite3	`12.9.0`	`12.10.0`
nodemailer	`8.0.7`	`8.0.8`
nuxt	`4.4.4`	`4.4.6`
resend	`6.12.2`	`6.12.3`
zod	`4.4.2`	`4.4.3`

Updates @ai-sdk/anthropic from 3.0.74 to 3.0.79

Release notes

Sourced from @ai-sdk/anthropic's releases.

@ai-sdk/anthropic@3.0.79

Patch Changes

d61a788: Handle errors from anthropic websearch tool

Changelog

Sourced from @ai-sdk/anthropic's changelog.

3.0.79

Patch Changes

d61a788: Handle errors from anthropic websearch tool

3.0.78

Patch Changes

6e28d25: fix(anthropic): propagate toModelOutput providerOption to anthropic tool results

3.0.77

Patch Changes

d53314d: feat(anthropic): add the new advisor tool

3.0.76

Patch Changes

Updated dependencies [f591416]

@ai-sdk/provider-utils@4.0.27

3.0.75

Patch Changes

3f06680: Remove stale effort-2025-11-24 beta header — the extended thinking effort parameter is GA and no longer requires the beta flag. Vertex AI's strict validator was actively rejecting requests with this header.

Commits

7ebba33 Version Packages (#15557)
d61a788 Backport: Handle errors in anthropic's web search tool (#15555)
2e7664b Version Packages (#15315)
6e28d25 Backport: fix(anthropic): propagate toModelOutput providerOption to anthropic...
d37fb1f Version Packages (#15202)
d53314d Backport: feat(anthropic): add the new advisor tool (#15203)
e3ccdb5 Version Packages (#15094)
74a7a20 Version Packages (#15012)
3f06680 Backport: fix(anthropic): remove stale effort-2025-11-24 beta header (#15011)
See full diff in compare view

Updates @ai-sdk/google from 3.0.67 to 3.0.79

Release notes

Sourced from @ai-sdk/google's releases.

@ai-sdk/google@3.0.79

Patch Changes

cfa0cb2: feat(provider/google): support Google search grounding when using generateImage with Gemini

@ai-sdk/google@3.0.78

Patch Changes

cf63828: fix(google): read serviceTier from usageMetadata.serviceTier in both generate and stream paths

The previous implementation read serviceTier from the x-gemini-service-tier response header, which is only populated on non-streaming responses. Gemini streaming includes the value in usageMetadata.serviceTier on every chunk, so providerMetadata.google.serviceTier was always null for streams. Read from usageMetadata for both paths instead.

Changelog

Sourced from @ai-sdk/google's changelog.

3.0.79

Patch Changes

cfa0cb2: feat(provider/google): support Google search grounding when using generateImage with Gemini

3.0.78

Patch Changes

cf63828: fix(google): read serviceTier from usageMetadata.serviceTier in both generate and stream paths

The previous implementation read serviceTier from the x-gemini-service-tier response header, which is only populated on non-streaming responses. Gemini streaming includes the value in usageMetadata.serviceTier on every chunk, so providerMetadata.google.serviceTier was always null for streams. Read from usageMetadata for both paths instead.

3.0.77

Patch Changes

0f9f9bf: feat(google): read serviceTier from x-gemini-service-tier response header in Gemini API and use PayGo for Vertex

3.0.76

Patch Changes

f259bd1: fix(google): fix streaming tool call args

756fec1: feat(provider/google): add gemini-3.5-flash

3.0.75

Patch Changes

ab15576: feat(google): update Interactions API implementation to cater for upstream breaking changes coming May 26

3.0.74

Patch Changes

3ca0daa: fix(provider/google): support functionCall.id when returned by Gemini API and provide matching functionResponse.id

3.0.73

Patch Changes

bb1eb98: feat(google): add fileData support to embedding model

3.0.72

... (truncated)

Commits

fc83fa3 Version Packages (#15532)
cfa0cb2 Backport: feat(provider/google): support Google search grounding when using `...
93ad540 Version Packages (#15489)
cf63828 Backport: fix(google): read serviceTier from usageMetadata in stream + genera...
a15eda9 Version Packages (#15473)
0f9f9bf Backport: fix(google): read serviceTier from x-gemini-service-tier response h...
b9241af Backport: feat(provider/google): add support for managed agents in the Intera...
e33b836 Version Packages (#15440)
f259bd1 Backport: fix(google): fix streaming tool call args (#15442)
756fec1 Backport: feat(provider/google): add gemini-3.5-flash (#15436)
Additional commits viewable in compare view

Updates @ai-sdk/openai from 3.0.58 to 3.0.65

Release notes

Sourced from @ai-sdk/openai's releases.

@ai-sdk/openai@3.0.65

Patch Changes

eb52378: fix(openai): skip passing reasoning items when using previous response id

Changelog

Sourced from @ai-sdk/openai's changelog.

3.0.65

Patch Changes

eb52378: fix(openai): skip passing reasoning items when using previous response id

3.0.64

Patch Changes

b7ed8bd: feat(openai): add opt-in pass-through for unsupported file media types

3.0.63

Patch Changes

Updated dependencies [f591416]

@ai-sdk/provider-utils@4.0.27

3.0.62

Patch Changes

65edcca: feat: add allowedTools provider option for OpenAI Responses

3.0.61

Patch Changes

b93f9b4: feat(provider/openai): forward imageDetail providerOptions on tool-result image content

3.0.60

Patch Changes

6dcd8e6: feat(openai): add GPT-5.5 chat model IDs

3.0.59

Patch Changes

38966ab: fix(openai, openai-compatible): only send null content for assistant messages with tool calls

Commits

1a3ec6d Version Packages (#15513)
eb52378 Backport: fix(openai): skip passing reasoning items when using previous respo...
2e7664b Version Packages (#15315)
b7ed8bd Backport: feat(openai): add opt-in pass-through for unsupported file media ty...
e3ccdb5 Version Packages (#15094)
bf9de31 Version Packages (#15046)
65edcca Backport: feat(openai): add allowedTools provider option for Responses (#15044)
ee37690 Version Packages (#15020)
b93f9b4 Backport: feat(provider/openai): forward imageDetail providerOptions on tool-...
c706111 Version Packages (#14971)
Additional commits viewable in compare view

Updates @aws-sdk/client-s3 from 3.1041.0 to 3.1053.0

Release notes

Sourced from @aws-sdk/client-s3's releases.

v3.1053.0

3.1053.0(2026-05-22)

Documentation Changes

client-gameliftstreams: Added new Gen6 stream classes based on the EC2 G6e instance family. These classes are designed for streaming high-fidelity, graphically demanding games and applications that benefit from additional GPU memory and performance. (bf88fa50)

New Features

clients: update client endpoints as of 2026-05-22 (3518814a)

client-appconfig: Adding new BDD representation of endpoint ruleset (e757a915)

client-repostspace: Adding new BDD representation of endpoint ruleset (15fec74b)

client-ivs-realtime: Adding new BDD representation of endpoint ruleset (adeea78b)

client-cloudcontrol: Adding new BDD representation of endpoint ruleset (2e7ef3bf)

client-tnb: Adding new BDD representation of endpoint ruleset (f07457cb)

client-sso-oidc: Adding new BDD representation of endpoint ruleset (2e909d25)

client-s3vectors: Adding new BDD representation of endpoint ruleset (4071f1a4)

client-internetmonitor: Adding new BDD representation of endpoint ruleset (117e04a9)

client-freetier: Adding new BDD representation of endpoint ruleset (e3cf14a2)

client-oam: Adding new BDD representation of endpoint ruleset (5a30b722)

client-forecastquery: Adding new BDD representation of endpoint ruleset (ada5ae32)

client-customer-profiles: Adding new BDD representation of endpoint ruleset (9de89c10)

client-migration-hub-refactor-spaces: Adding new BDD representation of endpoint ruleset (a4e5e7ba)

client-controltower: Adding new BDD representation of endpoint ruleset (b99b7a18)

client-databrew: Adding new BDD representation of endpoint ruleset (4a1bcdb9)

client-b2bi: Adding new BDD representation of endpoint ruleset (66bb63d1)

client-simspaceweaver: Adding new BDD representation of endpoint ruleset (c6617b6d)

client-emr-containers: Adding new BDD representation of endpoint ruleset (e99cccbd)

client-bcm-recommended-actions: Adding new BDD representation of endpoint ruleset (45477f08)

client-forecast: Adding new BDD representation of endpoint ruleset (5964d82b)

client-neptunedata: Adding new BDD representation of endpoint ruleset (418745d5)

client-qconnect: Added guardrail assessment results to inference spans in the ListSpans API. You can now see which AI Guardrail policies were evaluated, whether content was blocked or masked, and per-policy details for each Bedrock Converse call (0213a862)

client-bcm-pricing-calculator: Adding new BDD representation of endpoint ruleset (69e44c0d)

client-panorama: Adding new BDD representation of endpoint ruleset (d227732b)

client-license-manager-user-subscriptions: Adding new BDD representation of endpoint ruleset (7fd5d202)

client-partnercentral-account: Adding new BDD representation of endpoint ruleset (ad88edbb)

client-schemas: Adding new BDD representation of endpoint ruleset (d8835cfc)

client-pi: Added ListPerformanceAnalysisReportRecommendations API to retrieve recommendations for a performance analysis report. Added analysis configuration support to CreatePerformanceAnalysisReport for enhanced analysis types such as vacuum analysis. (b09c19bf)

client-outposts: Adding new BDD representation of endpoint ruleset (6e7917a6)

client-frauddetector: Adding new BDD representation of endpoint ruleset (9c130d58)

client-network-firewall: Adding new BDD representation of endpoint ruleset (963a1286)

client-geo-places: Adding new BDD representation of endpoint ruleset (965ac97a)

client-sesv2: Adding new BDD representation of endpoint ruleset (6f1bd2e8)

client-bedrock-agent-runtime: Adding new BDD representation of endpoint ruleset (7ac37e3a)

client-rbin: Adding new BDD representation of endpoint ruleset (5e73fd45)

client-codestar-notifications: Adding new BDD representation of endpoint ruleset (d95ca14c)

client-application-signals: Adding new BDD representation of endpoint ruleset (38a20bfa)

client-ec2: The ModifyInstanceAttribute API now supports modification of EnclaveOptions for the instance as a typed parameter. (bc91aa62)

client-marketplace-discovery: Adding new BDD representation of endpoint ruleset (45132960)

client-notificationscontacts: Adding new BDD representation of endpoint ruleset (e9ca97ab)

... (truncated)

Changelog

Sourced from @aws-sdk/client-s3's changelog.

3.1053.0 (2026-05-22)

Note: Version bump only for package @aws-sdk/client-s3

3.1052.0 (2026-05-21)

Note: Version bump only for package @aws-sdk/client-s3

3.1051.0 (2026-05-20)

Note: Version bump only for package @aws-sdk/client-s3

3.1050.0 (2026-05-19)

Note: Version bump only for package @aws-sdk/client-s3

3.1049.0 (2026-05-18)

Bug Fixes

client-sts: update imports to new module locations (#8025) (be183b6)

3.1048.0 (2026-05-15)

Note: Version bump only for package @aws-sdk/client-s3

... (truncated)

Commits

ef69ea6 Publish v3.1053.0
443d6be Publish v3.1052.0
0d6242d chore(codegen): update @smithy dependencies (#8038)
b825c13 Publish v3.1051.0
bdc9fc6 Publish v3.1050.0
04d52f3 Publish v3.1049.0
be183b6 fix(client-sts): update imports to new module locations (#8025)
313813d Publish v3.1048.0
1af9047 chore(codegen): updated import sources for aws-sdk core (#8015)
eabae7d chore(codegen): sync for browser bundle fixes (#8022)
Additional commits viewable in compare view

Updates @better-auth/sso from 1.6.9 to 1.6.11

Release notes

Sourced from @better-auth/sso's releases.

v1.6.11

better-auth

Bug Fixes

Added an error code to the change-email-disabled response to help clients identify the rejection reason (#8948)

Fixed access-control role statement types so predefined organization roles expose only their configured permissions in TypeScript (#9507)

Fixed the anonymous plugin to correctly call onLinkAccount when email verification triggers auto sign-in (#9548)

Fixed device authorization to bind pending codes to the verifying session, preventing any authenticated user from approving or denying another user's device code (#9573)

Fixed a race condition in the magic-link plugin that allowed concurrent requests to mint multiple sessions from the same single-use token (#9572)

Fixed the oidc-provider and mcp plugins to require client_secret for confidential clients on refresh token grants and use constant-time secret comparison (#9576)

Hardened oidc-provider and mcp plugins to follow OAuth 2.1: removed "none" from advertised signing algorithms, defaulted plain PKCE off, and rejected incomplete PKCE parameters (#9575)

Fixed an invitation takeover vulnerability by enabling requireEmailVerificationOnInvitation by default and extending the verification gate to getInvitation and listUserInvitations (#9577)

For detailed changes, see CHANGELOG

@better-auth/oauth-provider

Bug Fixes

Fixed a race condition in the OAuth authorization-code grant that allowed concurrent token-exchange requests to mint multiple token sets from the same authorization code

Fixed a race condition in OAuth refresh-token rotation that allowed concurrent requests to fork refresh token families, and added a unique constraint on oauthRefreshToken.token

Fixed OAuth account linking to require a verified local email before linking an OAuth identity to a local account (#9578)

For detailed changes, see CHANGELOG

@better-auth/core

Bug Fixes

Fixed an invalid import list in the instrumentation module (#9582)

Widened advanced.ipAddress.ipv6Subnet to accept any valid IPv6 prefix length (0-128) instead of a narrow set of values (#9545)

For detailed changes, see CHANGELOG

@better-auth/scim

Bug Fixes

Fixed session cleanup to run when admin, anonymous, or SCIM operations delete a user (#9162)

Fixed generateSCIMToken to reject providerId values that collide with built-in account providers, preventing tokens from authenticating against unintended accounts (#9579)

For detailed changes, see CHANGELOG

@better-auth/sso

Bug Fixes

Fixed SSO provider registration to require an org admin or owner role, preventing any organization member from registering providers (#9220)

Fixed an SSRF vulnerability by validating user-supplied OIDC endpoint URLs against a public-routable host allowlist at provider registration and update (#9574)

... (truncated)

Changelog

Sourced from @better-auth/sso's changelog.

1.6.11

Patch Changes

#9220 86765f1 Thanks @stewartjarod! - fix(sso): require org admin role to register SSO providers

POST /sso/register previously allowed any organization member to register an SSO provider for the organization when organizationId was supplied, only checking membership and not role. This brings it in line with the other provider endpoints (get/update/delete), which go through checkProviderAccess → isOrgAdmin and restrict access to owner or admin roles.

Closes #9133.

#9574 37f60cb Thanks @gustavovalverde! - fix(sso): validate user-supplied OIDC endpoint URLs at provider registration and update

When skipDiscovery: true was passed to POST /sso/register, or any oidcConfig URL was passed to POST /sso/update-provider, the supplied authorizationEndpoint, tokenEndpoint, userInfoEndpoint, jwksEndpoint, and discoveryEndpoint values were persisted on the provider row without origin validation, then fetched server-side at OIDC callback time. An authenticated user could register or update an SSO provider with internal URLs (RFC 1918, link-local, cloud-metadata FQDNs like 169.254.169.254, loopback) and use the callback handler to coerce the server into making requests to those hosts.

Both endpoints now run user-supplied OIDC URLs through a layered gate:

URL parsing + http(s) scheme requirement

isPublicRoutableHost from @better-auth/core/utils/host (rejects loopback, RFC 1918, link-local, ULA, cloud-metadata FQDNs, multicast, broadcast, and reserved ranges per RFC 6890)

trustedOrigins allowlist as the documented escape hatch for customers running internal IdPs on private networks

A request that fails the gate is rejected with BAD_REQUEST and the new discovery_private_host error code (or discovery_invalid_url for malformed URLs / non-http(s) schemes).

Updated dependencies [0cbddb8, a26333b, 99a254a, ee93485, 5f09d56, b4bc65a, da7e50b, a1c9f3c, 23094a6, 142b86c, 1f2ff42, b0ef96f, 699b09a, e21d744]:

@better-auth/core@1.6.11

better-auth@1.6.11

1.6.10

Patch Changes

#9398 006e809 Thanks @Craga89! - fix(sso): use findSAMLProvider in spMetadata so defaultSSO providers resolve

/sso/saml2/sp/metadata was the only SAML endpoint that called adapter.findOne

... (truncated)

Commits

f41514e chore: release v1.6.11 (#9532)
37f60cb fix(sso): validate user-supplied OIDC endpoint URLs at registration and updat...
86765f1 fix(sso): require org admin role to register SSO providers (#9220)
cbb5014 chore: release v1.6.10 (#9350)
006e809 fix(sso): use findSAMLProvider in spMetadata so defaultSSO works (#9398)
See full diff in compare view

Updates @nuxtjs/i18n from 10.3.0 to 10.4.0

Release notes

Sourced from @nuxtjs/i18n's releases.

v10.4.0

   🚀 Features

First-class CDN support for lazy-loaded messages - by @Hronom and Claude Opus 4.7 (1M context) in nuxt-modules/i18n#3976 (e4d6a)

Experimental prerenderMessages option - by @BobbieGoede in nuxt-modules/i18n#3991 (8cc7c)

   🐞 Bug Fixes

Prevent silently disabling experimental.compactRoutes - by @BobbieGoede in nuxt-modules/i18n#3972 (7789f)

Compact routes prerender handling and router warnings - by @BobbieGoede in nuxt-modules/i18n#3975 (131a5)

Prevent redirection to catch-all for unlocalized routes - by @fedetorre and Federico Torresan in nuxt-modules/i18n#3911 (1cf37)

Skip path config generation for unlocalized routes - by @tatakaisun in nuxt-modules/i18n#3993 (66322)

Warn on missing vueI18n config in builds - by @tatakaisun and @BobbieGoede in nuxt-modules/i18n#3992 (26345)

    View changes on GitHub

Changelog

Sourced from @nuxtjs/i18n's changelog.

v10.4.0 (2026-05-21T13:43:10Z)

This changelog is generated by GitHub Releases

   🚀 Features

First-class CDN support for lazy-loaded messages - by @Hronom and Claude Opus 4.7 (1M context) in nuxt-modules/i18n#3976 (e4d6a)

Experimental prerenderMessages option - by @BobbieGoede in nuxt-modules/i18n#3991 (8cc7c)

   🐞 Bug Fixes

Prevent silently disabling experimental.compactRoutes - by @BobbieGoede in nuxt-modules/i18n#3972 (7789f)

Compact routes prerender handling and router warnings - by @BobbieGoede in nuxt-modules/i18n#3975 (131a5)

Prevent redirection to catch-all for unlocalized routes - by @fedetorre and Federico Torresan in nuxt-modules/i18n#3911 (1cf37)

Skip path config generation for unlocalized routes - by @tatakaisun in nuxt-modules/i18n#3993 (66322)

Warn on missing vueI18n config in builds - by @tatakaisun and @BobbieGoede in nuxt-modules/i18n#3992 (26345)

    View changes on GitHub

Commits

69d5886 release: v10.4.0
26345c1 fix: warn on missing vueI18n config in builds (#3992)
66322e5 fix: skip path config generation for unlocalized routes (#3993)
8cc7ca8 feat: experimental prerenderMessages option (#3991)
b12514f chore(deps): update dependencies (#3981)
9fe76c1 ci: fix lockfile missing fixture
1cf37d7 fix: prevent redirection to catch-all for unlocalized routes (#3911)
e4d6a5d feat: first-class CDN support for lazy-loaded messages (#3976)
16682ab chore(deps): upgrade nuxt to v4.4.4 (#3977)
a6dc098 test: improve ssg fixture process handling to reduce flakiness (#3967)
Additional commits viewable in compare view

Updates @nuxtjs/mdc from 0.21.1 to 0.22.0

Release notes

Sourced from @nuxtjs/mdc's releases.

v0.22.0

chore: upgrade deps (b3de9fc)

docs: add Comark migration guide in README (595fe77)

Changelog

Sourced from @nuxtjs/mdc's changelog.

v0.22.0

compare changes

📖 Documentation

Add Comark migration guide in README (595fe77)

🏡 Chore

Upgrade deps (b3de9fc)

❤️ Contributors

Farnabaz farnabaz@gmail.com

Commits

88b95a9 chore(release): release v0.22.0
b3de9fc chore: upgrade deps
595fe77 docs: add Comark migration guide in README
See full diff in compare view

Updates @opentelemetry/api-logs from 0.216.0 to 0.218.0

Release notes

Sourced from @opentelemetry/api-logs's releases.

experimental/v0.218.0

0.218.0

🚀 Features

feat(otlp-transformer): replace protobufjs metrics serialization with custom implementation #6625 @pichlermarc

feat(configuration): show all config validation errors, if there are multiple #6683 @trentm

feat(sdk-node): allow startNodeSDK() without an arg #6688 @trentm

🏠 Internal

refactor(sdk-logs): alias LoggerProviderConfig to LoggerProviderOptions #6691 @david-luna

refactor(sdk-logs): use Logger.enabled() within Logger.emit() implementation #6680 @david-luna

experimental/v0.217.0

0.217.0

🚀 Features

feat(otlp-transformer): replace protobufjs trace serialization with custom implementation #6625 @pichlermarc

feat(configuration): auto-generate TypeScript types from OTel declarative config JSON schema (stable v1.0.0) using json-schema-to-typescript and ajv #6533 @MikeGoldsmith

feat(configuration, sdk-node): startNodeSDK() code path now uses log_level configuration to setup a DiagConsoleLogger #6668 @trentm

Note that allowed values for log_level in a configuration YAML file are not the same set as for OTEL_LOG_LEVEL. Use log_level: trace to see all logs (equivalent of OTEL_LOG_LEVEL=ALL). Use log_level: fatal to effectively disable the SDK's internal diagnostic logger (equivalent of OTEL_LOG_LEVEL=NONE).

If log_level is not specified, a diagnostic console logger at "info" level will be setup.

An invalid YAML config file will now result in a noop OTel SDK.

🐛 Bug Fixes

fix(configuration): do not validate OTEL_CONFIG_FILE value before using it for file config #6643 @trentm

fix(configuration): improve how 'additionalProperties' in JSON schema is translated to TS types #6650 @trentm

fix(configuration): remove stripMinItems and preprocessNullArrays from validation/parsing #6657 @trentm

fix(configuration): improve handling of enums in generated types #6659 @trentm

fix(configuration): improve the technique for removing '| null' on types the JSON Schema #6662 @trentm

fix(sampler-jaeger-remote): add missing axios dep #6656 @trentm

fix(exporter-prometheus): handle malformed URLs in Prometheus exporter request handler #6674 @homanp

Commits

06ad0ea chore: prepare next release (#6703)
38ca257 feat(otlp-transformer): replace protobufjs metrics serialization with custom ...
013c600 chore: prepare next release (#6699)
b7a0c63 feat(semantic-conventions): update semantic conventions to v1.41.1 (#6695)
774143b chore(renovate): add minimumReleaseAge to config (#6697)
e0dafe0 fix(otlp-exporter-base): remove brackets from IPv6 hostname in HTTP transport...
f804c93 chore(deps): update github/codeql-action digest to 68bde55 (#6682)
95e48e7 refactor(sdk-logs): alias LoggerProviderConfig to LoggerProviderOptions (...
907b627 feat(sdk-node): allow startNodeSDK() without an arg (#6688)
0d15261 docs: Add SIG meeting info and welcoming language (#6689)
Additional commits viewable in compare view

Updates @opentelemetry/exporter-logs-otlp-http from 0.216.0 to 0.218.0

Release notes

Sourced from @opentelemetry/exporter-logs-otlp-http's releases.

experimental/v0.218.0

0.218.0

🚀 Features

feat(otlp-transformer): replace protobufjs metrics serialization with custom implementation #6625 @pichlermarc

feat(configuration): show all config validation errors, if there are multiple #6683 @trentm

feat(sdk-node): allow startNodeSDK() without an arg #6688 @trentm

🏠 Internal

refactor(sdk-logs): alias LoggerProviderConfig to LoggerProviderOptions #6691 @david-luna

refactor(sdk-logs): use Logger.enabled() within Logger.emit() implementation #6680 @david-luna

experimental/v0.217.0

0.217.0

🚀 Features

feat(otlp-transformer): replace protobufjs trace serialization with custom implementation #6625 @pichlermarc

feat(configuration): auto-generate TypeScript types from OTel declarative config JSON schema (stable v1.0.0) using json-schema-to-typescript and ajv #6533 @MikeGoldsmith

feat(configuration, sdk-node): startNodeSDK() code path now uses log_level configuration to setup a DiagConsoleLogger #6668 @trentm

Note that allowed values for log_level in a configuration YAML file are not the same set as for OTEL_LOG_LEVEL. Use log_level: trace to see all logs (equivalent of OTEL_LOG_LEVEL=ALL). Use log_level: fatal to effectively disable the SDK's internal diagnostic logger (equivalent of OTEL_LOG_LEVEL=NONE).

If log_level is not specified, a diagnostic console logger at "info" level will be setup.

An invalid YAML config file will now result in a noop OTel SDK.

🐛 Bug Fixes

fix(configuration): do not validate OTEL_CONFIG_FILE value before using it for file config #6643 @trentm

fix(configuration): improve how 'additionalProperties' in JSON schema is translated to TS types #6650 @trentm

fix(configuration): remove stripMinItems and preprocessNullArrays from validation/parsing #6657 @trentm

fix(configuration): improve handling of enums in generated types #6659 @trentm

fix(configuration): improve the technique for removing '| null' on types the JSON Schema #6662 @trentm

fix(sampler-jaeger-remote): add missing axios dep #6656 @trentm

fix(exporter-prometheus): handle malformed URLs in Prometheus exporter request handler

…y with 22 updates Bumps the production-dependencies group with 18 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@ai-sdk/anthropic](https://github.com/vercel/ai/tree/HEAD/packages/anthropic) | `3.0.74` | `3.0.79` | | [@ai-sdk/google](https://github.com/vercel/ai/tree/HEAD/packages/google) | `3.0.67` | `3.0.79` | | [@ai-sdk/openai](https://github.com/vercel/ai/tree/HEAD/packages/openai) | `3.0.58` | `3.0.65` | | [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1041.0` | `3.1053.0` | | [@better-auth/sso](https://github.com/better-auth/better-auth/tree/HEAD/packages/sso) | `1.6.9` | `1.6.11` | | [@nuxtjs/i18n](https://github.com/nuxt-modules/i18n) | `10.3.0` | `10.4.0` | | [@nuxtjs/mdc](https://github.com/nuxt-content/mdc) | `0.21.1` | `0.22.0` | | [@opentelemetry/api-logs](https://github.com/open-telemetry/opentelemetry-js) | `0.216.0` | `0.218.0` | | [@opentelemetry/exporter-logs-otlp-http](https://github.com/open-telemetry/opentelemetry-js) | `0.216.0` | `0.218.0` | | [@opentelemetry/sdk-logs](https://github.com/open-telemetry/opentelemetry-js) | `0.216.0` | `0.218.0` | | [@posthog/nuxt](https://github.com/PostHog/posthog-js/tree/HEAD/packages/nuxt) | `1.7.21` | `1.7.42` | | [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite) | `4.2.4` | `4.3.0` | | [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) | `6.0.174` | `6.0.191` | | [better-sqlite3](https://github.com/WiseLibs/better-sqlite3) | `12.9.0` | `12.10.0` | | [nodemailer](https://github.com/nodemailer/nodemailer) | `8.0.7` | `8.0.8` | | [nuxt](https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt) | `4.4.4` | `4.4.6` | | [resend](https://github.com/resend/resend-node) | `6.12.2` | `6.12.3` | | [zod](https://github.com/colinhacks/zod) | `4.4.2` | `4.4.3` | Updates `@ai-sdk/anthropic` from 3.0.74 to 3.0.79 - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/anthropic@3.0.79/packages/anthropic/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/commits/@ai-sdk/anthropic@3.0.79/packages/anthropic) Updates `@ai-sdk/google` from 3.0.67 to 3.0.79 - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/google@3.0.79/packages/google/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/commits/@ai-sdk/google@3.0.79/packages/google) Updates `@ai-sdk/openai` from 3.0.58 to 3.0.65 - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/openai@3.0.65/packages/openai/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/commits/@ai-sdk/openai@3.0.65/packages/openai) Updates `@aws-sdk/client-s3` from 3.1041.0 to 3.1053.0 - [Release notes](https://github.com/aws/aws-sdk-js-v3/releases) - [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1053.0/clients/client-s3) Updates `@better-auth/sso` from 1.6.9 to 1.6.11 - [Release notes](https://github.com/better-auth/better-auth/releases) - [Changelog](https://github.com/better-auth/better-auth/blob/main/packages/sso/CHANGELOG.md) - [Commits](https://github.com/better-auth/better-auth/commits/@better-auth/sso@1.6.11/packages/sso) Updates `@nuxtjs/i18n` from 10.3.0 to 10.4.0 - [Release notes](https://github.com/nuxt-modules/i18n/releases) - [Changelog](https://github.com/nuxt-modules/i18n/blob/main/CHANGELOG.md) - [Commits](nuxt-modules/i18n@v10.3.0...v10.4.0) Updates `@nuxtjs/mdc` from 0.21.1 to 0.22.0 - [Release notes](https://github.com/nuxt-content/mdc/releases) - [Changelog](https://github.com/nuxt-content/mdc/blob/main/CHANGELOG.md) - [Commits](nuxt-content/mdc@v0.21.1...v0.22.0) Updates `@opentelemetry/api-logs` from 0.216.0 to 0.218.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-js/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-js/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-js@experimental/v0.216.0...experimental/v0.218.0) Updates `@opentelemetry/exporter-logs-otlp-http` from 0.216.0 to 0.218.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-js/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-js/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-js@experimental/v0.216.0...experimental/v0.218.0) Updates `@opentelemetry/sdk-logs` from 0.216.0 to 0.218.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-js/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-js/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-js@experimental/v0.216.0...experimental/v0.218.0) Updates `@posthog/nuxt` from 1.7.21 to 1.7.42 - [Release notes](https://github.com/PostHog/posthog-js/releases) - [Changelog](https://github.com/PostHog/posthog-js/blob/main/packages/nuxt/CHANGELOG.md) - [Commits](https://github.com/PostHog/posthog-js/commits/@posthog/nuxt@1.7.42/packages/nuxt) Updates `@tailwindcss/vite` from 4.2.4 to 4.3.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.0/packages/@tailwindcss-vite) Updates `ai` from 6.0.174 to 6.0.191 - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/ai@6.0.191/packages/ai/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/commits/ai@6.0.191/packages/ai) Updates `better-auth` from 1.6.9 to 1.6.11 - [Release notes](https://github.com/better-auth/better-auth/releases) - [Changelog](https://github.com/better-auth/better-auth/blob/main/packages/better-auth/CHANGELOG.md) - [Commits](https://github.com/better-auth/better-auth/commits/better-auth@1.6.11/packages/better-auth) Updates `better-sqlite3` from 12.9.0 to 12.10.0 - [Release notes](https://github.com/WiseLibs/better-sqlite3/releases) - [Commits](WiseLibs/better-sqlite3@v12.9.0...v12.10.0) Updates `nodemailer` from 8.0.7 to 8.0.8 - [Release notes](https://github.com/nodemailer/nodemailer/releases) - [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md) - [Commits](nodemailer/nodemailer@v8.0.7...v8.0.8) Updates `nuxt` from 4.4.4 to 4.4.6 - [Release notes](https://github.com/nuxt/nuxt/releases) - [Commits](https://github.com/nuxt/nuxt/commits/v4.4.6/packages/nuxt) Updates `posthog-node` from 5.33.0 to 5.35.1 - [Release notes](https://github.com/PostHog/posthog-js/releases) - [Changelog](https://github.com/PostHog/posthog-js/blob/main/packages/node/CHANGELOG.md) - [Commits](https://github.com/PostHog/posthog-js/commits/posthog-node@5.35.1/packages/node) Updates `resend` from 6.12.2 to 6.12.3 - [Release notes](https://github.com/resend/resend-node/releases) - [Commits](resend/resend-node@v6.12.2...v6.12.3) Updates `tailwindcss` from 4.2.4 to 4.3.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.0/packages/tailwindcss) Updates `vue` from 3.5.33 to 3.5.34 - [Release notes](https://github.com/vuejs/core/releases) - [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md) - [Commits](vuejs/core@v3.5.33...v3.5.34) Updates `zod` from 4.4.2 to 4.4.3 - [Release notes](https://github.com/colinhacks/zod/releases) - [Commits](colinhacks/zod@v4.4.2...v4.4.3) --- updated-dependencies: - dependency-name: "@ai-sdk/anthropic" dependency-version: 3.0.79 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: "@ai-sdk/google" dependency-version: 3.0.79 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: "@ai-sdk/openai" dependency-version: 3.0.65 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: "@aws-sdk/client-s3" dependency-version: 3.1053.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@better-auth/sso" dependency-version: 1.6.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: "@nuxtjs/i18n" dependency-version: 10.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@nuxtjs/mdc" dependency-version: 0.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@opentelemetry/api-logs" dependency-version: 0.218.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@opentelemetry/exporter-logs-otlp-http" dependency-version: 0.218.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@opentelemetry/sdk-logs" dependency-version: 0.218.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@posthog/nuxt" dependency-version: 1.7.42 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: "@tailwindcss/vite" dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: ai dependency-version: 6.0.191 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: better-auth dependency-version: 1.6.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: better-sqlite3 dependency-version: 12.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: nodemailer dependency-version: 8.0.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: nuxt dependency-version: 4.4.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: posthog-node dependency-version: 5.35.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: resend dependency-version: 6.12.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: tailwindcss dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: vue dependency-version: 3.5.34 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: zod dependency-version: 4.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

railway-app · 2026-05-25T05:23:36Z

🚅 Deployed to the reqcore-pr-190 environment in applirank

Service	Status	Web	Updated (UTC)
applirank	❌ Build Failed (View Logs)		May 25, 2026 at 5:24 am

dependabot Bot added the dependencies Pull requests that update a dependency file label May 25, 2026

railway-app Bot had a problem deploying to applirank / reqcore-pr-190 May 25, 2026 05:23 Failure

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the production-dependencies group across 1 directory with 22 updates#190

chore(deps): bump the production-dependencies group across 1 directory with 22 updates#190
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-dependencies-a9bcb00d73

dependabot Bot commented on behalf of github May 25, 2026 •

edited

Loading

Uh oh!

railway-app Bot commented May 25, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 25, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

@​ai-sdk/anthropic@​3.0.79

Patch Changes

3.0.79

Patch Changes

3.0.78

Patch Changes

3.0.77

Patch Changes

3.0.76

Patch Changes

3.0.75

Patch Changes

@​ai-sdk/google@​3.0.79

Patch Changes

@​ai-sdk/google@​3.0.78

Patch Changes

3.0.79

Patch Changes

3.0.78

Patch Changes

3.0.77

Patch Changes

3.0.76

Patch Changes

3.0.75

Patch Changes

3.0.74

Patch Changes

3.0.73

Patch Changes

3.0.72

@​ai-sdk/openai@​3.0.65

Patch Changes

3.0.65

Patch Changes

3.0.64

Patch Changes

3.0.63

Patch Changes

3.0.62

Patch Changes

3.0.61

Patch Changes

3.0.60

Patch Changes

3.0.59

Patch Changes

v3.1053.0

3.1053.0(2026-05-22)

Documentation Changes

New Features

3.1053.0 (2026-05-22)

3.1052.0 (2026-05-21)

3.1051.0 (2026-05-20)

3.1050.0 (2026-05-19)

3.1049.0 (2026-05-18)

Bug Fixes

3.1048.0 (2026-05-15)

v1.6.11

better-auth

Bug Fixes

@better-auth/oauth-provider

Bug Fixes

@better-auth/core

Bug Fixes

@better-auth/scim

Bug Fixes

@better-auth/sso

Bug Fixes

1.6.11

Patch Changes

1.6.10

Patch Changes

v10.4.0

🚀 Features

🐞 Bug Fixes

View changes on GitHub

dependabot Bot commented on behalf of github May 25, 2026 •

edited

Loading

`@ai-sdk/anthropic@3`.0.79

`@ai-sdk/google@3`.0.79

`@ai-sdk/google@3`.0.78

`@ai-sdk/openai@3`.0.65

`better-auth`

`@better-auth/oauth-provider`

`@better-auth/core`

`@better-auth/scim`

`@better-auth/sso`

railway-app Bot commented May 25, 2026 •

edited

Loading