Skip to content

feat(deps): bump the ai-sdk group with 13 updates#47

Merged
mcarvin8 merged 1 commit into
mainfrom
dependabot/npm_and_yarn/ai-sdk-9e2fba3896
Jun 17, 2026
Merged

feat(deps): bump the ai-sdk group with 13 updates#47
mcarvin8 merged 1 commit into
mainfrom
dependabot/npm_and_yarn/ai-sdk-9e2fba3896

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 17, 2026

Copy link
Copy Markdown
Contributor

Bumps the ai-sdk group with 13 updates:

Package From To
ai 6.0.195 6.0.207
@ai-sdk/amazon-bedrock 4.0.112 4.0.118
@ai-sdk/anthropic 3.0.81 3.0.85
@ai-sdk/cohere 3.0.36 3.0.39
@ai-sdk/deepseek 2.0.35 2.0.39
@ai-sdk/google 3.0.80 3.0.83
@ai-sdk/groq 3.0.39 3.0.42
@ai-sdk/mistral 3.0.37 3.0.40
@ai-sdk/openai 3.0.67 3.0.72
@ai-sdk/openai-compatible 2.0.48 2.0.51
@ai-sdk/xai 3.0.93 3.0.96
@ai-sdk/gateway 3.0.123 3.0.133
@ai-sdk/provider-utils 4.0.27 4.0.30

Updates ai from 6.0.195 to 6.0.207

Release notes

Sourced from ai's releases.

ai@6.0.207

Patch Changes

  • 779f5cd: fix(provider-utils): cancel response body on download rejection to prevent socket leak

    When a download was rejected early — because the Content-Length header exceeded the size limit, the response status was not ok, or a redirect resolved to a blocked URL — the fetch response body was left unconsumed and uncancelled. With WHATWG Fetch/undici this leaves the underlying TCP socket open instead of returning it to the connection pool, allowing an attacker-controlled origin to exhaust file descriptors and cause a denial of service. The body is now cancelled on all early-rejection paths in readResponseWithSizeLimit, download, and downloadBlob, and fetchWithValidatedRedirects cancels each redirect hop's body before following or rejecting the next hop.

  • Updated dependencies [5bfde36]

  • Updated dependencies [779f5cd]

    • @​ai-sdk/gateway@​3.0.133
    • @​ai-sdk/provider-utils@​4.0.30
Changelog

Sourced from ai's changelog.

6.0.207

Patch Changes

  • 779f5cd: fix(provider-utils): cancel response body on download rejection to prevent socket leak

    When a download was rejected early — because the Content-Length header exceeded the size limit, the response status was not ok, or a redirect resolved to a blocked URL — the fetch response body was left unconsumed and uncancelled. With WHATWG Fetch/undici this leaves the underlying TCP socket open instead of returning it to the connection pool, allowing an attacker-controlled origin to exhaust file descriptors and cause a denial of service. The body is now cancelled on all early-rejection paths in readResponseWithSizeLimit, download, and downloadBlob, and fetchWithValidatedRedirects cancels each redirect hop's body before following or rejecting the next hop.

  • Updated dependencies [5bfde36]

  • Updated dependencies [779f5cd]

    • @​ai-sdk/gateway@​3.0.133
    • @​ai-sdk/provider-utils@​4.0.30

6.0.206

Patch Changes

  • Updated dependencies [e962dda]
    • @​ai-sdk/gateway@​3.0.132

6.0.205

Patch Changes

  • Updated dependencies [6160ced]
  • Updated dependencies [c9b8abd]
    • @​ai-sdk/gateway@​3.0.131

6.0.204

Patch Changes

  • Updated dependencies [c5d4716]
    • @​ai-sdk/gateway@​3.0.130

6.0.203

Patch Changes

  • f42aa79: fix: harden download URL SSRF guard against hostname and redirect bypasses

    validateDownloadUrl and the file download helpers (downloadBlob, download) could be bypassed in several ways when handling untrusted URLs:

    • A fully-qualified hostname with a trailing dot (e.g. localhost., myhost.local.) skipped the localhost/.local blocklist.
    • IPv6 addresses that embed an IPv4 address in their last 32 bits — IPv4-compatible (::127.0.0.1), IPv4-translated (::ffff:0:127.0.0.1), and NAT64 (64:ff9b::127.0.0.1, including the 64:ff9b:1::/48 local-use prefix) — were not decoded and checked against the private IPv4 ranges.
    • Redirects were validated only after fetch had already followed them, so the request to a redirect target (e.g. an internal/metadata address) had already been issued before the check ran.
    • Several reserved/internal address ranges were not blocked: CGNAT (100.64.0.0/10, used by some cloud providers for internal traffic), benchmarking (198.18.0.0/15), IETF protocol assignments (192.0.0.0/24), the reserved 240.0.0.0/4 block (including the 255.255.255.255 broadcast address), and IPv6 site-local (fec0::/10) and multicast (ff00::/8).

    The validator now strips trailing dots before the hostname checks and fully expands IPv6 addresses to detect embedded private IPv4 targets. The download helpers now follow redirects manually (redirect: 'manual'), re-validating each hop before requesting it, so an unsafe redirect target is never fetched. When a redirect cannot be inspected because the runtime returns an opaque response, the helpers fail closed (reject the redirect) on the server; only in a real browser — where SSRF is not reachable (fetch is constrained by CORS and cannot reach a server's internal network or cloud-metadata endpoints) — is the redirect followed natively so legitimate redirected downloads keep working.

... (truncated)

Commits
  • caebb44 Version Packages (#16157)
  • 779f5cd Backport: fix(provider-utils): cancel response body on download rejection to ...
  • 5623117 Version Packages (#16134)
  • 5548672 Version Packages (#16097)
  • 63b3f60 Version Packages (#16086)
  • bae9bab Version Packages (#16026)
  • b4b575a Backport: fix(ai): redact server error details from UI message streams by def...
  • f42aa79 Backport: fix(provider-utils,ai): harden download SSRF guard against hostname...
  • 5291f7e Backport: fix: Harden stream text processing and middleware against prototype...
  • 9ef2c3c Version Packages (#15998)
  • Additional commits viewable in compare view

Updates @ai-sdk/amazon-bedrock from 4.0.112 to 4.0.118

Changelog

Sourced from @​ai-sdk/amazon-bedrock's changelog.

4.0.118

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30
    • @​ai-sdk/anthropic@​3.0.85
    • @​ai-sdk/openai@​3.0.72

4.0.117

Patch Changes

  • Updated dependencies [bfa5864]
  • Updated dependencies [f42aa79]
    • @​ai-sdk/provider-utils@​4.0.29
    • @​ai-sdk/anthropic@​3.0.84
    • @​ai-sdk/openai@​3.0.71

4.0.116

Patch Changes

  • f0b5c16: fix(provider/amazon-bedrock): detect Cohere embedding models behind cross-region inference profile ids
  • Updated dependencies [942f2f8]
    • @​ai-sdk/provider-utils@​4.0.28
    • @​ai-sdk/anthropic@​3.0.83
    • @​ai-sdk/openai@​3.0.70

4.0.115

Patch Changes

  • c97ede5: fix(provider/amazon-bedrock): extract Cohere embedding token usage from response header

4.0.114

Patch Changes

  • 2a91a17: feat(provider/anthropic): add support for claude-fable-5 and the fallbacks API parameter
  • Updated dependencies [9a55f6d]
  • Updated dependencies [2a91a17]
    • @​ai-sdk/openai@​3.0.69
    • @​ai-sdk/anthropic@​3.0.82

4.0.113

Patch Changes

  • Updated dependencies [c65c952]

... (truncated)

Commits

Updates @ai-sdk/anthropic from 3.0.81 to 3.0.85

Release notes

Sourced from @​ai-sdk/anthropic's releases.

@​ai-sdk/google@​3.0.83

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30
Changelog

Sourced from @​ai-sdk/anthropic's changelog.

3.0.85

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30

3.0.84

Patch Changes

  • Updated dependencies [bfa5864]
  • Updated dependencies [f42aa79]
    • @​ai-sdk/provider-utils@​4.0.29

3.0.83

Patch Changes

  • Updated dependencies [942f2f8]
    • @​ai-sdk/provider-utils@​4.0.28

3.0.82

Patch Changes

  • 2a91a17: feat(provider/anthropic): add support for claude-fable-5 and the fallbacks API parameter
Commits

Updates @ai-sdk/cohere from 3.0.36 to 3.0.39

Release notes

Sourced from @​ai-sdk/cohere's releases.

@​ai-sdk/cohere@​3.0.39

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30
Changelog

Sourced from @​ai-sdk/cohere's changelog.

3.0.39

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30

3.0.38

Patch Changes

  • Updated dependencies [bfa5864]
  • Updated dependencies [f42aa79]
    • @​ai-sdk/provider-utils@​4.0.29

3.0.37

Patch Changes

  • Updated dependencies [942f2f8]
    • @​ai-sdk/provider-utils@​4.0.28
Commits

Updates @ai-sdk/deepseek from 2.0.35 to 2.0.39

Release notes

Sourced from @​ai-sdk/deepseek's releases.

@​ai-sdk/deepseek@​2.0.39

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30
Changelog

Sourced from @​ai-sdk/deepseek's changelog.

2.0.39

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30

2.0.38

Patch Changes

  • Updated dependencies [bfa5864]
  • Updated dependencies [f42aa79]
    • @​ai-sdk/provider-utils@​4.0.29

2.0.37

Patch Changes

  • Updated dependencies [942f2f8]
    • @​ai-sdk/provider-utils@​4.0.28

2.0.36

Patch Changes

  • 79f0ae6: feat(azure): add deepseek model support to azure
Commits

Updates @ai-sdk/google from 3.0.80 to 3.0.83

Release notes

Sourced from @​ai-sdk/google's releases.

@​ai-sdk/google@​3.0.83

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30
Changelog

Sourced from @​ai-sdk/google's changelog.

3.0.83

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30

3.0.82

Patch Changes

  • 3258f22: fix(google): prevent prototype pollution when streaming tool args

  • bfa5864: fix: only send provider credentials to same-origin response-supplied URLs

    Several provider clients followed a URL taken from the provider's API response (a polling/status URL or a final media URL such as polling_url, urls.get, result_url, result.sample, or video.uri) and reused the authenticated headers — or appended ?key=<API_KEY> — on that request. Because the host of the response-supplied URL was never validated, the long-lived API key was sent to whatever host the response named (a CDN in the benign case, or an attacker-chosen host if the provider response was tampered with), allowing credential exfiltration.

    A new isSameOrigin helper is added to @ai-sdk/provider-utils, and the affected fetches in @ai-sdk/black-forest-labs, @ai-sdk/fireworks, @ai-sdk/replicate, @ai-sdk/gladia, @ai-sdk/fal, and @ai-sdk/google now attach credentials only when the followed URL is same-origin with the provider's configured API origin. Requests to a foreign origin are made without the credential.

  • Updated dependencies [bfa5864]

  • Updated dependencies [f42aa79]

    • @​ai-sdk/provider-utils@​4.0.29

3.0.81

Patch Changes

  • Updated dependencies [942f2f8]
    • @​ai-sdk/provider-utils@​4.0.28
Commits
  • caebb44 Version Packages (#16157)
  • bae9bab Version Packages (#16026)
  • 3258f22 Backport: fix(google): prevent prototype pollution when streaming tool args (...
  • bfa5864 Backport: fix(providers): only send credentials to same-origin response-suppl...
  • 9ef2c3c Version Packages (#15998)
  • 7aca1fc backport: chore: update TypeScript references and fix `pnpm update-references...
  • See full diff in compare view

Updates @ai-sdk/groq from 3.0.39 to 3.0.42

Release notes

Sourced from @​ai-sdk/groq's releases.

@​ai-sdk/groq@​3.0.42

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30
Changelog

Sourced from @​ai-sdk/groq's changelog.

3.0.42

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30

3.0.41

Patch Changes

  • Updated dependencies [bfa5864]
  • Updated dependencies [f42aa79]
    • @​ai-sdk/provider-utils@​4.0.29

3.0.40

Patch Changes

  • Updated dependencies [942f2f8]
    • @​ai-sdk/provider-utils@​4.0.28
Commits

Updates @ai-sdk/mistral from 3.0.37 to 3.0.40

Release notes

Sourced from @​ai-sdk/mistral's releases.

@​ai-sdk/mistral@​3.0.40

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30
Changelog

Sourced from @​ai-sdk/mistral's changelog.

3.0.40

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30

3.0.39

Patch Changes

  • Updated dependencies [bfa5864]
  • Updated dependencies [f42aa79]
    • @​ai-sdk/provider-utils@​4.0.29

3.0.38

Patch Changes

  • Updated dependencies [942f2f8]
    • @​ai-sdk/provider-utils@​4.0.28
Commits

Updates @ai-sdk/openai from 3.0.67 to 3.0.72

Release notes

Sourced from @​ai-sdk/openai's releases.

@​ai-sdk/openai@​3.0.72

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30
Changelog

Sourced from @​ai-sdk/openai's changelog.

3.0.72

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30

3.0.71

Patch Changes

  • Updated dependencies [bfa5864]
  • Updated dependencies [f42aa79]
    • @​ai-sdk/provider-utils@​4.0.29

3.0.70

Patch Changes

  • Updated dependencies [942f2f8]
    • @​ai-sdk/provider-utils@​4.0.28

3.0.69

Patch Changes

  • 9a55f6d: feat(openai): add namespaces for tool definitions

3.0.68

Patch Changes

  • c65c952: fix(openai): round-trip namespace on function_call input items

    When tool_search dispatches a deferred tool, the resulting function_call carries a namespace field identifying which deferred-tool group the model picked. [#14789](https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/14789) preserved this on the read side (providerMetadata.openai.namespace), but the write side still serialized function_call input items without namespace. Multi-step / multi-turn conversations then failed with Missing namespace for function_call '<name>'. ... Round-trip the model's function_call item with its namespace field included.

    convert-to-openai-responses-input.ts now reads namespace from providerOptions.openai.namespace (or providerMetadata.openai.namespace) on tool-call parts and includes it on the serialized function_call item, mirroring how itemId is round-tripped.

Commits

Updates @ai-sdk/openai-compatible from 2.0.48 to 2.0.51

Release notes

Sourced from @​ai-sdk/openai-compatible's releases.

@​ai-sdk/openai-compatible@​2.0.51

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30
Changelog

Sourced from @​ai-sdk/openai-compatible's changelog.

2.0.51

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30

2.0.50

Patch Changes

  • Updated dependencies [bfa5864]
  • Updated dependencies [f42aa79]
    • @​ai-sdk/provider-utils@​4.0.29

2.0.49

Patch Changes

  • Updated dependencies [942f2f8]
    • @​ai-sdk/provider-utils@​4.0.28
Commits

Updates @ai-sdk/xai from 3.0.93 to 3.0.96

Release notes

Sourced from @​ai-sdk/xai's releases.

@​ai-sdk/xai@​3.0.96

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30
    • @​ai-sdk/openai-compatible@​2.0.51
Changelog

Sourced from @​ai-sdk/xai's changelog.

3.0.96

Patch Changes

  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30
    • @​ai-sdk/openai-compatible@​2.0.51

3.0.95

Patch Changes

  • Updated dependencies [bfa5864]
  • Updated dependencies [f42aa79]
    • @​ai-sdk/provider-utils@​4.0.29
    • @​ai-sdk/openai-compatible@​2.0.50

3.0.94

Patch Changes

  • Updated dependencies [942f2f8]
    • @​ai-sdk/provider-utils@​4.0.28
    • @​ai-sdk/openai-compatible@​2.0.49
Commits

Updates @ai-sdk/gateway from 3.0.123 to 3.0.133

Release notes

Sourced from @​ai-sdk/gateway's releases.

@​ai-sdk/gateway@​3.0.133

Patch Changes

  • 5bfde36: Backport: chore(provider/gateway): update gateway model settings files
  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30
Changelog

Sourced from @​ai-sdk/gateway's changelog.

3.0.133

Patch Changes

  • 5bfde36: Backport: chore(provider/gateway): update gateway model settings files
  • Updated dependencies [779f5cd]
    • @​ai-sdk/provider-utils@​4.0.30

3.0.132

Patch Changes

  • e962dda: Backport: chore(provider/gateway): update gateway model settings files

3.0.131

Patch Changes

  • 6160ced: fix(gateway): surface provider warnings in embedding and reranking responses
  • c9b8abd: fix(provider/gateway): map forbidden error responses to GatewayForbiddenError instead of GatewayInternalServerError

3.0.130

Patch Changes

  • c5d4716: Backport: chore(provider/gateway): update gateway model settings files

3.0.129

Patch Changes

  • Updated dependencies [bfa5864]
  • Updated dependencies [f42aa79]
    • @​ai-sdk/provider-utils@​4.0.29

3.0.128

Patch Changes

  • Updated dependencies [942f2f8]
    • @​ai-sdk/provider-utils@​4.0.28

3.0.127

Patch Changes

  • 3851e29: Backport: chore(provider/gateway): update gateway model settings files
  • 2a91a17: feat(provider/anthropic): add support for claude-fable-5 and the fallbacks API parameter

3.0.126

... (truncated)

Commits
  • caebb44 Version Packages (#16157)
  • 5bfde36 Backport: chore(provider/gateway): update gateway model settings files v6 (#1...
  • 5623117 Version Packages (#16134)
  • e962dda Backport: chore(provider/gateway): update gateway model settings files v6 (#1...
  • 5548672 Version Packages (#16097)
  • c9b8abd Backport: fix(provider/gateway): map forbidden error responses to GatewayForb...
  • 6160ced Backport: fix(gateway): surface provider warnings in embedding and reranking ...
  • 63b3f60 Version Packages (#16086)
  • c5d4716 Backport: chore(provider/gateway): update gateway model settings files v6 (#1...
  • bae9bab Version Packages (#16026)
  • Additional commits viewable in compare view

Updates @ai-sdk/provider-utils from 4.0.27 to 4.0.30

Release notes

Sourced from @​ai-sdk/provider-utils's releases.

@​ai-sdk/provider-utils@​4.0.30

Patch Changes

  • 779f5cd: fix(provider-utils): cancel response body on download rejection to prevent socket leak

    When a download was rejected early — because the Content-Length header exceeded the size limit, the response status was not ok, or a redirect resolved to a blocked URL — the fetch response body was left unconsumed and uncancelled. With WHATWG Fetch/undici this leaves the underlying TCP socket open instead of returning it to the connection pool, allowing an attacker-controlled origin to exhaust file descriptors and cause a denial of service. The body is now cancelled on all early-rejection paths in readResponseWithSizeLimit, download, and downloadBlob, and fetchWithValidatedRedirects cancels each redirect hop's body before following or rejecting the next hop.

Changelog

Sourced from @​ai-sdk/provider-utils's changelog.

4.0.30

Patch Changes

  • 779f5cd: fix(provider-utils): cancel response body on download rejection to prevent socket leak

    When a download was rejected early — because the Content-Length header exceeded the size limit, the response status was not ok, or a redirect resolved to a blocked URL — the fetch response body was left unconsumed and uncancelled. With WHATWG Fetch/undici this leaves the underlying TCP socket open instead of returning it to the connection pool, allowing an attacker-controlled origin to exhaust file descriptors and cause a denial of service. The body is now cancelled on all early-rejection paths in readResponseWithSizeLimit, download, and downloadBlob, and fetchWithValidatedRedirects cancels each redirect hop's body before following or rejecting the next hop.

4.0.29

Patch Changes

  • bfa5864: fix: only send provider credentials to same-origin response-supplied URLs

    Several provider clients followed a URL taken from the provider's API response (a polling/status URL or a final media URL such as polling_url, urls.get, result_url, result.sample, or video.uri) and reused the authenticated headers — or appended ?key=<API_KEY> — on that request. Because the host of the response-supplied URL was never validated, the long-lived API key was sent to whatever host the response named (a CDN in the benign case, or an attacker-chosen host if the provider response was tampered with), allowing credential exfiltration.

    A new isSameOrigin helper is added to @ai-sdk/provider-utils, and the affected fetches in @ai-sdk/black-forest-labs, @ai-sdk/fireworks, @ai-sdk/replicate, @ai-sdk/gladia, @ai-sdk/fal, and @ai-sdk/google now attach credentials only when the followed URL is same-origin with the provider's configured API origin. Requests to a foreign origin are made without the credential.

  • f42aa79: fix: harden download URL SSRF guard against hostname and redirect bypasses

    validateDownloadUrl and the file download helpers (downloadBlob, download) could be bypassed in several ways when handling untrusted URLs:

    • A fully-qualified hostname with a trailing dot (e.g. localhost., myhost.local.) skipped the localhost/.local blocklist.
    • IPv6 addresses that embed an IPv4 address in their last 32 bits — IPv4-compatible (::127.0.0.1), IPv4-translated (::ffff:0:127.0.0.1), and NAT64 (64:ff9b::127.0.0.1, including the 64:ff9b:1::/48 local-use prefix) — were not decoded and checked against the private IPv4 ranges.
    • Redirects were validated only after fetch had already followed them, so the request to a redirect target (e.g. an internal/metadata address) had already been issued before the check ran.
    • Several reserved/internal address ranges were not blocked: CGNAT (100.64.0.0/10, used by some cloud providers for internal traffic), benchmarking (198.18.0.0/15), IETF protocol assignments (192.0.0.0/24), the reserved 240.0.0.0/4 block (including the 255.255.255.255 broadcast address), and IPv6 site-local (fec0::/10) and multicast (ff00::/8).

    The validator now strips trailing dots before the hostname checks and fully expands IPv6 addresses to detect embedded private IPv4 targets. The download helpers now follow redirects manually (redirect: 'manual'), re-validating each hop before requesting it, so an unsafe redirect target is never fetched. When a redirect cannot be inspected because the runtime returns an opaque response, the helpers fail closed (reject the redirect) on the server; only in a real browser — where SSRF is not reachable (fetch is constrained by CORS and cannot reach a server's internal network or cloud-metadata endpoints) — is the redirect followed natively so legitimate redirected downloads keep working.

4.0.28

Patch Changes

  • 942f2f8: fix(security): re-validate tool approvals from client message history before execution

    The approval-replay path in generateText/streamText reconstructed approved tool calls from the client-supplied messages array and executed them without re-validating input against the tool's schema or re-checking that the tool actually requires approval. A client could forge an assistant message with a pre-approved tool-call part and have the server execute a tool with attacker-chosen arguments.

    The replay path now verifies the HMAC signature (when experimental_toolApprovalSecret is configured), re-validates tool-call input against the tool's input schema, and re-resolves whether the tool requires approval before execution.

Commits
  • caebb44 Version Packages (#16157)
  • 779f5cd Backport: fix(provider-utils): cancel response body on download rejection to ...
  • bae9bab Version Packages (#16026)
  • bfa5864 Backport: fix(providers): only send credentials to same-origin response-suppl...
  • f42aa79 Backport: fix(provider-utils,ai): harden download SSRF guard against hostname...
  • 9ef2c3c Version Packages (#15998)
  • 942f2f8 Backport: fix(security): harden tool approval replay path against client-forg...
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
feat(deps): bump the ai-sdk group with 13 updates
91b8ba8 
Bumps the ai-sdk group with 13 updates:

| Package | From | To |
| --- | --- | --- |
| [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) | `6.0.195` | `6.0.207` |
| [@ai-sdk/amazon-bedrock](https://github.com/vercel/ai/tree/HEAD/packages/amazon-bedrock) | `4.0.112` | `4.0.118` |
| [@ai-sdk/anthropic](https://github.com/vercel/ai/tree/HEAD/packages/anthropic) | `3.0.81` | `3.0.85` |
| [@ai-sdk/cohere](https://github.com/vercel/ai/tree/HEAD/packages/cohere) | `3.0.36` | `3.0.39` |
| [@ai-sdk/deepseek](https://github.com/vercel/ai/tree/HEAD/packages/deepseek) | `2.0.35` | `2.0.39` |
| [@ai-sdk/google](https://github.com/vercel/ai/tree/HEAD/packages/google) | `3.0.80` | `3.0.83` |
| [@ai-sdk/groq](https://github.com/vercel/ai/tree/HEAD/packages/groq) | `3.0.39` | `3.0.42` |
| [@ai-sdk/mistral](https://github.com/vercel/ai/tree/HEAD/packages/mistral) | `3.0.37` | `3.0.40` |
| [@ai-sdk/openai](https://github.com/vercel/ai/tree/HEAD/packages/openai) | `3.0.67` | `3.0.72` |
| [@ai-sdk/openai-compatible](https://github.com/vercel/ai/tree/HEAD/packages/openai-compatible) | `2.0.48` | `2.0.51` |
| [@ai-sdk/xai](https://github.com/vercel/ai/tree/HEAD/packages/xai) | `3.0.93` | `3.0.96` |
| [@ai-sdk/gateway](https://github.com/vercel/ai/tree/HEAD/packages/gateway) | `3.0.123` | `3.0.133` |
| [@ai-sdk/provider-utils](https://github.com/vercel/ai/tree/HEAD/packages/provider-utils) | `4.0.27` | `4.0.30` |


Updates `ai` from 6.0.195 to 6.0.207
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/ai@6.0.207/packages/ai/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/commits/ai@6.0.207/packages/ai)

Updates `@ai-sdk/amazon-bedrock` from 4.0.112 to 4.0.118
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/amazon-bedrock@4.0.118/packages/amazon-bedrock/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/commits/@ai-sdk/amazon-bedrock@4.0.118/packages/amazon-bedrock)

Updates `@ai-sdk/anthropic` from 3.0.81 to 3.0.85
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/anthropic@3.0.85/packages/anthropic/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/commits/@ai-sdk/anthropic@3.0.85/packages/anthropic)

Updates `@ai-sdk/cohere` from 3.0.36 to 3.0.39
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/cohere@3.0.39/packages/cohere/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/commits/@ai-sdk/cohere@3.0.39/packages/cohere)

Updates `@ai-sdk/deepseek` from 2.0.35 to 2.0.39
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/deepseek@2.0.39/packages/deepseek/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/commits/@ai-sdk/deepseek@2.0.39/packages/deepseek)

Updates `@ai-sdk/google` from 3.0.80 to 3.0.83
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/google@3.0.83/packages/google/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/commits/@ai-sdk/google@3.0.83/packages/google)

Updates `@ai-sdk/groq` from 3.0.39 to 3.0.42
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/groq@3.0.42/packages/groq/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/commits/@ai-sdk/groq@3.0.42/packages/groq)

Updates `@ai-sdk/mistral` from 3.0.37 to 3.0.40
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/mistral@3.0.40/packages/mistral/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/commits/@ai-sdk/mistral@3.0.40/packages/mistral)

Updates `@ai-sdk/openai` from 3.0.67 to 3.0.72
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/openai@3.0.72/packages/openai/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/commits/@ai-sdk/openai@3.0.72/packages/openai)

Updates `@ai-sdk/openai-compatible` from 2.0.48 to 2.0.51
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/openai-compatible@2.0.51/packages/openai-compatible/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/commits/@ai-sdk/openai-compatible@2.0.51/packages/openai-compatible)

Updates `@ai-sdk/xai` from 3.0.93 to 3.0.96
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/xai@3.0.96/packages/xai/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/commits/@ai-sdk/xai@3.0.96/packages/xai)

Updates `@ai-sdk/gateway` from 3.0.123 to 3.0.133
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/gateway@3.0.133/packages/gateway/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/commits/@ai-sdk/gateway@3.0.133/packages/gateway)

Updates `@ai-sdk/provider-utils` from 4.0.27 to 4.0.30
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/@ai-sdk/provider-utils@4.0.30/packages/provider-utils/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/commits/@ai-sdk/provider-utils@4.0.30/packages/provider-utils)

---
updated-dependencies:
- dependency-name: ai
  dependency-version: 6.0.207
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ai-sdk
- dependency-name: "@ai-sdk/amazon-bedrock"
  dependency-version: 4.0.118
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ai-sdk
- dependency-name: "@ai-sdk/anthropic"
  dependency-version: 3.0.85
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ai-sdk
- dependency-name: "@ai-sdk/cohere"
  dependency-version: 3.0.39
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ai-sdk
- dependency-name: "@ai-sdk/deepseek"
  dependency-version: 2.0.39
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ai-sdk
- dependency-name: "@ai-sdk/google"
  dependency-version: 3.0.83
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ai-sdk
- dependency-name: "@ai-sdk/groq"
  dependency-version: 3.0.42
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ai-sdk
- dependency-name: "@ai-sdk/mistral"
  dependency-version: 3.0.40
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ai-sdk
- dependency-name: "@ai-sdk/openai"
  dependency-version: 3.0.72
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ai-sdk
- dependency-name: "@ai-sdk/openai-compatible"
  dependency-version: 2.0.51
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ai-sdk
- dependency-name: "@ai-sdk/xai"
  dependency-version: 3.0.96
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ai-sdk
- dependency-name: "@ai-sdk/gateway"
  dependency-version: 3.0.133
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: ai-sdk
- dependency-name: "@ai-sdk/provider-utils"
  dependency-version: 4.0.30
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: ai-sdk
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 17, 2026
@mcarvin8 mcarvin8 merged commit 89b763b into main Jun 17, 2026
5 checks passed
@mcarvin8 mcarvin8 deleted the dependabot/npm_and_yarn/ai-sdk-9e2fba3896 branch June 17, 2026 22:28
@github-actions github-actions Bot mentioned this pull request Jun 17, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mcarvin8