build(deps): bump the dependencies group across 1 directory with 21 updates by dependabot[bot] · Pull Request #8 · vibecode-vm/multi-oracle

dependabot · 2026-05-21T03:16:59Z

Bumps the dependencies group with 21 updates in the / directory:

Package	From	To
@google/genai	`1.44.0`	`2.5.0`
@modelcontextprotocol/sdk	`1.27.1`	`1.29.0`
@steipete/sweet-cookie	`0.2.0`	`0.3.0`
dotenv	`17.3.1`	`17.4.2`
inquirer	`13.3.0`	`13.4.3`
openai	`6.27.0`	`6.38.0`
qs	`6.15.0`	`6.15.2`
shiki	`4.0.1`	`4.1.0`
zod	`4.3.6`	`4.4.3`
@types/chrome-remote-interface	`0.33.0`	`0.34.0`
@types/node	`25.3.5`	`25.9.1`
@vitest/coverage-v8	`4.0.18`	`4.1.7`
devtools-protocol	`0.0.1595872`	`0.0.1632630`
es-toolkit	`1.45.1`	`1.46.1`
esbuild	`0.27.3`	`0.28.0`
oxfmt	`0.36.0`	`0.51.0`
oxlint	`1.51.0`	`1.66.0`
puppeteer-core	`24.38.0`	`25.0.4`
tsx	`4.21.0`	`4.22.3`
typescript	`5.9.3`	`6.0.3`
vitest	`4.0.18`	`4.1.7`

Updates @google/genai from 1.44.0 to 2.5.0

Release notes

Sourced from @google/genai's releases.

v2.5.0

2.5.0 (2026-05-20)

Features

Add Gemini 3.5 Flash model to options (fcf26e3)

v2.4.0

2.4.0 (2026-05-17)

Features

support Agent and Environment APIs. (b0d9d2b)

Bug Fixes

output_text for turns that don't end with text. (1a3d94f)

v2.3.0

2.3.0 (2026-05-15)

Features

interaction.{output_text,output_image,output_audio,output_video} (0188233)

v2.2.0

2.2.0 (2026-05-12)

Features

Added missing FunctionCallResultDelta type and arguments field to the ArgumentDelta type (f76138b)

v2.1.0

2.1.0 (2026-05-12)

Features

Add gemini-3.1-flash-lite to model options (b0664e1)

Add parameters to video response_format. (207c8f8)

Introduce Server Side tools deltas (2e56d41)

support Blocking FunctionCall in Live API in AgentPlatform (Vertex) (6bd8e7d)

Add support for Vertex-lyria models lyria-3-pro-preview & lyria-3-clip-preview (f9af7410)

... (truncated)

Changelog

Sourced from @google/genai's changelog.

2.5.0 (2026-05-20)

Features

Add Gemini 3.5 Flash model to options (fcf26e3)

2.4.0 (2026-05-17)

Features

support Agent and Environment APIs. (b0d9d2b)

Bug Fixes

output_text for turns that don't end with text. (1a3d94f)

2.3.0 (2026-05-15)

Features

interaction.{output_text,output_image,output_audio,output_video} (0188233)

2.2.0 (2026-05-12)

Features

Added missing FunctionCallResultDelta type and arguments field to the ArgumentDelta type (f76138b)

2.1.0 (2026-05-12)

Features

Add gemini-3.1-flash-lite to model options (b0664e1)

Add parameters to video response_format. (207c8f8)

Introduce Server Side tools deltas (2e56d41)

support Blocking FunctionCall in Live API in AgentPlatform (Vertex) (6bd8e7d)

Add support for Vertex-lyria models lyria-3-pro-preview & lyria-3-clip-preview (f9af7410)

Bug Fixes

Steps is not optional (6fb5386)

2.0.1 (2026-05-09)

... (truncated)

Commits

2cb1814 chore(main): release 2.5.0 (#1616)
f06e3a2 chore: update comment in BatchJobOutputInfo to unblock javadoc generation
fcf26e3 feat: Add Gemini 3.5 Flash model to options
b252753 chore: Cleanup
dbe4484 chore(main): release 2.4.0 (#1604)
b0d9d2b feat: support Agent and Environment APIs.
3845122 chore: Improve APIConnectionTimeoutError message.
6bb8572 chore: Deprecate image_config and response_mime_type
1a3d94f fix: output_text for turns that don't end with text.
2f3bfef chore(main): release 2.3.0 (#1594)
Additional commits viewable in compare view

Install script changes

This version adds preinstall script that runs during installation. Review the package contents before updating.

Updates @modelcontextprotocol/sdk from 1.27.1 to 1.29.0

Release notes

Sourced from @modelcontextprotocol/sdk's releases.

v1.29.0

What's Changed

fix: treat v1.x as primary branch for npm latest tag (backport #1577) by @felixweinberger in modelcontextprotocol/typescript-sdk#1749

[v1.x] fix: disallow null (infinite) requested TTL by @LucaButBoring in modelcontextprotocol/typescript-sdk#1339

[v1.x] fix: add missing size field to ResourceSchema by @olaservo in modelcontextprotocol/typescript-sdk#1575

Add typings exports by @tdraier in modelcontextprotocol/typescript-sdk#1623

v1.x npm audit fix by @KKonstantinov in modelcontextprotocol/typescript-sdk#1780

v1.x #1623 follow up -add missing types to package.json by @KKonstantinov in modelcontextprotocol/typescript-sdk#1773

[v1.x backport] Allow servers / clients to advertise extensions in the capability object by @localden in modelcontextprotocol/typescript-sdk#1811

fix(stdio): always set windowsHide on Windows, not just in Electron by @jnMetaCode in modelcontextprotocol/typescript-sdk#1640

chore: bump version to 1.29.0 by @felixweinberger in modelcontextprotocol/typescript-sdk#1820

New Contributors

@tdraier made their first contribution in modelcontextprotocol/typescript-sdk#1623

@jnMetaCode made their first contribution in modelcontextprotocol/typescript-sdk#1640

Full Changelog: modelcontextprotocol/typescript-sdk@v1.28.0...v1.29.0

v1.28.0

What's Changed

feat: use scopes_supported from resource metadata by default (fixes #580) by @antogyn in modelcontextprotocol/typescript-sdk#757

[v1.x backport] Default to client_secret_basic when server omits token_endpoint_auth_methods_supported by @pcarleton in modelcontextprotocol/typescript-sdk#1611

fix: reject plain JSON Schema objects passed as inputSchema by @tiluckdave in modelcontextprotocol/typescript-sdk#1596

fix: clear _timeoutInfo in _onclose() and scope .finally() abort controller cleanup by @pcarleton in modelcontextprotocol/typescript-sdk#1462

fix(server/auth): RFC 8252 loopback port relaxation by @poteat in modelcontextprotocol/typescript-sdk#1738

chore: bump version to 1.28.0 by @felixweinberger in modelcontextprotocol/typescript-sdk#1746

New Contributors

@antogyn made their first contribution in modelcontextprotocol/typescript-sdk#757

@tiluckdave made their first contribution in modelcontextprotocol/typescript-sdk#1596

@poteat made their first contribution in modelcontextprotocol/typescript-sdk#1738

Full Changelog: modelcontextprotocol/typescript-sdk@v1.27.1...v1.28.0

Commits

e12cbd7 chore: bump version to 1.29.0 (#1820)
3913fd4 fix(stdio): always set windowsHide on Windows, not just in Electron (#1640)
5608e78 [v1.x backport] Allow servers / clients to advertise extensions in the capabi...
7213816 v1.x #1623 follow up -add missing types to package.json (#1773)
364f38c v1.x npm audit fix (#1780)
c95cc09 Add typings exports (#1623)
ddadaa6 [v1.x] fix: add missing size field to ResourceSchema (#1575)
2a15851 [v1.x] fix: disallow null (infinite) requested TTL (#1339)
13e30f1 fix: treat v1.x as primary branch for npm latest tag (backport #1577) (#1749)
a056569 chore: bump version to 1.28.0 (#1746)
Additional commits viewable in compare view

Updates @steipete/sweet-cookie from 0.2.0 to 0.3.0

Release notes

Sourced from @steipete/sweet-cookie's releases.

v0.3.0

Fixed

Enable node:sqlite readBigInts on Node 22+ so current Chromium cookie expiry values do not overflow on the active LTS line. ([#25](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core/issues/25), thanks @navarch-orion)

Support Firefox 147+ Linux XDG profile roots under $XDG_CONFIG_HOME/mozilla/firefox, with legacy ~/.mozilla/firefox fallback. ([#28](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core/issues/28), thanks @solomonneas)

Warn when Chromium v20 App-Bound encrypted cookies fail to decrypt instead of silently dropping them. ([#24](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core/issues/24), thanks @devskale)

Release Proof

npm: https://www.npmjs.com/package/@steipete/sweet-cookie/v/0.3.0

registry tarball: https://registry.npmjs.org/@steipete/sweet-cookie/-/sweet-cookie-0.3.0.tgz

npm integrity: sha512-eGjIEtWe6PPO1kOGGcxloiI8CXuIRdUzDbNBjhoZyvS9FiL0U3vVussNDV0EBuu3OILGrCKizpkxmpJ9G3BcHg==

CI: https://github.com/steipete/sweet-cookie/actions/runs/25886548509

local gates: pnpm build, pnpm check, pnpm test, pnpm test:bun

fresh install smoke: npm i @steipete/sweet-cookie@0.3.0; ESM import returned function function

Changelog

Sourced from @steipete/sweet-cookie's changelog.

0.3.0 - 2026-05-14

Fixed

Enable node:sqlite readBigInts on Node 22+ so current Chromium cookie expiry values do not overflow on the active LTS line. ([#25](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core/issues/25), thanks @navarch-orion)

Support Firefox 147+ Linux XDG profile roots under $XDG_CONFIG_HOME/mozilla/firefox, with legacy ~/.mozilla/firefox fallback. ([#28](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core/issues/28), thanks @solomonneas)

Warn when Chromium v20 App-Bound encrypted cookies fail to decrypt instead of silently dropping them. ([#24](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core/issues/24), thanks @devskale)

Commits

f7f8d66 chore(release): 0.3.0
a099c5f feat: add v20 App-Bound Encryption detection and warning (#24)
3c4c510 test: lock node:sqlite bigint support matrix
446c704 fix(firefox): support Linux XDG profile roots
d7b30f5 chore: use tsgo for TypeScript builds
See full diff in compare view

Updates dotenv from 17.3.1 to 17.4.2

Changelog

Sourced from dotenv's changelog.

17.4.2 (2026-04-12)

Changed

Improved skill files - tightened up details (#1009)

17.4.1 (2026-04-05)

Changed

Change text injecting to injected (#1005)

17.4.0 (2026-04-01)

Added

Add skills/ folder with focused agent skills: skills/dotenv/SKILL.md (core usage) and skills/dotenvx/SKILL.md (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (npx skills add motdotla/dotenv)

Changed

Tighten up logs: ◇ injecting env (14) from .env (#1003)

Commits

f116f70 17.4.2
3a81612 fix visual order of faq
13f55a8 Merge branch 'skill'
4bbbf73 reorganize faq
c3da64b Merge pull request #1009 from motdotla/skill
6f743b1 update source
fc2c624 update skill
972315b Tighten up skill
2795fce reorganize faq
d5495d4 adjust skill
Additional commits viewable in compare view

Updates inquirer from 13.3.0 to 13.4.3

Release notes

Sourced from inquirer's releases.

inquirer@13.4.3

Fix: Windows rendering bug

Fix: Preserve exact literal types in choices array (Typescript only)

Fix: Allow input default value to be of type undefined (Typescript only)

Bump dependencies

inquirer@13.4.2

Fix: some Windows terminals would freeze and not react to keypresses.

inquirer@13.4.1

Improve expand prompt type inferrence.

inquirer@13.4.0

Feat: Added a loading message while validating editor prompt input.

Type improvement: Better type inference with checkbox, search and expand prompts.

Fix: editor prompt not always properly handling editor path on windows.

inquirer@13.3.2

Fix broken 1.3.1 release process.

inquirer@13.3.1

Bump dependencies

Commits

113558c chore: Publish new release
f0ca377 chore: format everything with nano-staged
5341ca1 chore: Bump yarn
cb7ffda ci: add Node.js 26 to test matrix (#2112)
0401a5c fix(@inquirer/input): allow explicit undefined for default option (#2111)
40f87a8 fix: reset cursor to column 0 after prompt completes
b88c9a2 fix: satisfy eslint-plugin-n v18 rules
697684a chore(deps-dev): Bump the linting group across 1 directory with 6 updates
105c439 chore(deps-dev): Bump the build group with 3 updates (#2107)
a020d8a chore(deps-dev): Bump oxfmt in the formatting group (#2106)
Additional commits viewable in compare view

Updates openai from 6.27.0 to 6.38.0

Release notes

Sourced from openai's releases.

v6.38.0

6.38.0 (2026-05-13)

Full Changelog: v6.37.0...v6.38.0

Features

api: add service_tier parameter to responses compact method (423e838)

v6.37.0

6.37.0 (2026-05-07)

Full Changelog: v6.36.0...v6.37.0

Features

api: add quantity field to admin organization usage responses (273a8f7)

api: add web_search_call.results output option to responses (91c75e0)

api: launch realtime translate + update image 2 (a296b66)

api: manual updates (794b905)

api: manual updates (6963729)

api: realtime 2 (f4b7177)

Bug Fixes

api: fix imagegen size enum regression (4fe8469)

Chores

redact api-key headers in debug logs (99c9c80)

v6.36.0

6.36.0 (2026-05-01)

Full Changelog: v6.35.0...v6.36.0

Features

api: add group_type/user metadata fields, update types across admin resources (cc52f97)

api: add support for Admin API Keys per endpoint (770d187)

api: admin API updates (ee2bd2d)

api: manual updates (6af2b6d)

api: manual updates (f2dceda)

Bug Fixes

api: support admin api key auth (e3862a3)

... (truncated)

Changelog

Sourced from openai's changelog.

6.38.0 (2026-05-13)

Full Changelog: v6.37.0...v6.38.0

Features

api: add service_tier parameter to responses compact method (423e838)

6.37.0 (2026-05-07)

Full Changelog: v6.36.0...v6.37.0

Features

api: add quantity field to admin organization usage responses (273a8f7)

api: add web_search_call.results output option to responses (91c75e0)

api: launch realtime translate + update image 2 (a296b66)

api: manual updates (794b905)

api: manual updates (6963729)

api: realtime 2 (f4b7177)

Bug Fixes

api: fix imagegen size enum regression (4fe8469)

Chores

redact api-key headers in debug logs (99c9c80)

6.36.0 (2026-05-01)

Full Changelog: v6.35.0...v6.36.0

Features

api: add group_type/user metadata fields, update types across admin resources (cc52f97)

api: add support for Admin API Keys per endpoint (770d187)

api: admin API updates (ee2bd2d)

api: manual updates (6af2b6d)

api: manual updates (f2dceda)

Bug Fixes

api: support admin api key auth (e3862a3)

api: tighten auth header selection (f1203bd)

... (truncated)

Commits

87f3b04 Merge pull request #1870 from openai/release-please--branches--master--change...
9d91776 release: 6.38.0
427ae2b Merge pull request #1127 from stainless-sdks/dev/jtian/remove-unnecessary-params
255142e [feat] Remove unnecessary params client id during init
423e838 feat(api): add service_tier parameter to responses compact method
b0e89cd release: 6.37.0
2151063 feat(api): realtime 2
a5c4184 feat(api): manual updates
17c79fb chore: redact api-key headers in debug logs
36f69f6 codegen metadata
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for openai since your current version.

Updates qs from 6.15.0 to 6.15.2

Changelog

Sourced from qs's changelog.

6.15.2

[Fix] stringify: skip null/undefined entries in arrayFormat: 'comma' + encodeValuesOnly instead of crashing in encoder

[Fix] stringify: use configured delimiter after charsetSentinel (#555)

[Fix] stringify: apply formatter to encoded key under strictNullHandling (#554)

[Fix] stringify: skip null/undefined filter-array entries instead of crashing in encoder (#551)

[Fix] parse: handle nested bracket groups and add regression tests (#530)

[readme] fix grammar (#550)

[Dev Deps] update @ljharb/eslint-config

[Tests] add regression tests for keys containing percent-encoded bracket text

6.15.1

[Fix] parse: parameterLimit: Infinity with throwOnLimitExceeded: true silently drops all parameters

[Deps] update @ljharb/eslint-config

[Dev Deps] update @ljharb/eslint-config, iconv-lite

[Tests] increase coverage

Commits

9aca407 v6.15.2
5e33d33 [Dev Deps] update @ljharb/eslint-config
21f80b3 [Fix] stringify: skip null/undefined entries in arrayFormat: 'comma' + `e...
a0a81ea [Fix] stringify: use configured delimiter after charsetSentinel
e3062f7 [Fix] stringify: apply formatter to encoded key under strictNullHandling
0c180a4 [Fix] stringify: skip null/undefined filter-array entries instead of crashi...
3a8b94a [Tests] add regression tests for keys containing percent-encoded bracket text
96755ab [readme] fix grammar
a419ce5 [Fix] parse: handle nested bracket groups and add regression tests
3f5e1c5 v6.15.1
Additional commits viewable in compare view

Updates shiki from 4.0.1 to 4.1.0

Release notes

Sourced from shiki's releases.

v4.1.0

   🐞 Bug Fixes

twoslash: Forward tsModule to createTwoslasher - by @arthurfiorette in shikijs/shiki#1271 (be89a)

    View changes on GitHub

v4.0.2

   🐞 Bug Fixes

Support ANSI language with multiple themes - by @dan-lee in shikijs/shiki#1259 (2a232)

    View changes on GitHub

Commits

c809af9 chore: release v4.1.0
95371cb chore: lint
7a1007d chore: release v4.0.2
ef42a16 chore: update deps
2a23230 fix: support ANSI language with multiple themes (#1259)
See full diff in compare view

Updates zod from 4.3.6 to 4.4.3

Release notes

Sourced from zod's releases.

v4.4.3

Commits:

4c2fa95ce3f3390fbc522324e406b4e9e89b88f9 docs: use Zernio primary wordmark for gold sponsor logo

2aeec83eb135e3a83756e973ef44845fc5a455d2 docs: prune lapsed gold sponsors and rebalance logo sizing

7391be88ac1ee5cd02057f5ccc012a1f5df4efd0 docs: prune lapsed silver/bronze sponsors and add active ones

2c703322a21b4e2b12f33f49ea8430c451a68b4f docs: normalize bronze sponsor logos to github avatar pattern

9195250cab0e7950efe39c3926d6c203b4b0a170 docs: remove Mintlify from bronze sponsors (churned)

b8dffe9e62f17e6571e6249d05cc5102b54d94e4 docs: remove Numeric and Speakeasy (2+ missed monthly cycles)

1cab69383fcdeae2a366d5e2a2fc4d8fc765d168 fix(v4): restore catch handling for absent object keys (#5937) (#5939)

c2be4f819064eed62c7c350a2d399b5faecd15f8 fix(v4): generalize optin/fallback to transform; restore preprocess on absent keys (#5941)

f3c9ec03ba7a28ae72d25cc295f38674bee0f559 4.4.3

1fb56a5c18c27102dbc92260a4007c7732a0ccca docs: document release procedure in AGENTS.md

v4.4.2

Commits:

0c62df0ea19fd05abdf90473e9eef7eea530fab2 Clean up docs navigation and stale labels (#5901)

20cc794895cc8604fe0c87d83a5d1c3f89fad0ac chore: add security policy and refresh tooling deps

6fbe07b0177efdd1bf1c0b05160e70d7a0702337 fix(docs): heading anchor links now include the hash so it doesnt scoll all the way up, follows navbar logic (#5791)

4bbed1b1c73eca4ce9e59b1189ed236aa6c8b5bd Tighten discriminated union option typing

bbac3e567e7fccfaaf7cdc97f1ce30c295e2c908 Update PR guidance for agents

cf0dc942a32805c292fff59ade20a7ace980735a Merge remote-tracking branch 'origin/main' into fix-discriminated-union-key-constraint

292c894a5fd2aa42e527900b83d8d7a3009a709c docs: add Zernio gold sponsor

1fc9f311c28dcf80d0bb5a36b177086cbc3d8eca docs: document codec inversion

1373c85da9aeff704a9762d27bc58699618aefb7 docs: remove AI disclosure guidance

e20d02b473c08e3a4e557bc610b1b5fac079b649 chore: ignore triage notes

e58ea4d91b1dfe8194b73508203213cbc7e9c936 docs: test Zod Mini tab code heights

905761a5d127e8d5dd2ebb3bc88c75cb0b8149ff docs: document preprocess input type narrowing

bf64bac850d4dee2b7dde7e64909d5d796d32043 chore: tighten test guidance in AGENTS.md

8ec4e73f4c4693b6361ad591be40fb41eb8a9f95 chore: update play.ts scratch

02c2baf7d0d615872fa4528a8020603b71211702 Make z.preprocess defer optionality to inner schema (#5929)

88015df8e25c44fb5385eb3ef28935119cd5edea fix(docs): drop deprecated baseUrl from tsconfig

c59d4474e3b4cad1b323462186cf607178ce8267 4.4.2

v4.4.1

Commits:

481f7be4238c83ed58183f921b2646f340a91c6a ci: gate release publishing on full test workflow

95ccab423aec720b2523c3a64cdc7e3204537cc7 test(v3): restore optional undefined expectations

cede2c63739a5823d6aa5093d291e9a111da943d fix(v4): reject tuple holes before required defaults (#5900)

edd0bf0f5ada4a8dc581c259407d7bbad0a71ea7 release: 4.4.1

180d83d1dbe6a59260710cc8637a3dea2281ee56 docs: remove Jazz featured sponsor

v4.4.0

4.4.0

This is a minor release with a wide set of correctness and soundness fixes. Some fixes intentionally make Zod stricter, so code that depended on previously accepted invalid or ambiguous inputs may need small updates.

Potentially breaking bug fixes

... (truncated)

Commits

1fb56a5 docs: document release procedure in AGENTS.md
f3c9ec0 4.4.3
c2be4f8 fix(v4): generalize optin/fallback to transform; restore preprocess on absent...
1cab693 fix(v4): restore catch handling for absent object keys (#5937) (#5939)
b8dffe9 docs: remove Numeric and Speakeasy (2+ missed monthly cycles)
9195250 docs: remove Mintlify from bronze sponsors (churned)
2c70332 docs: normalize bronze sponsor logos to github avatar pattern
7391be8 docs: prune lapsed silver/bronze sponsors and add active ones
2aeec83 docs: prune lapsed gold sponsors and rebalance logo sizing
4c2fa95 docs: use Zernio primary wordmark for gold sponsor logo
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for zod since your current version.

Updates @types/chrome-remote-interface from 0.33.0 to 0.34.0

Commits

See full diff in compare view

Updates @types/node from 25.3.5 to 25.9.1

Commits

See full diff in compare view

Updates @vitest/coverage-v8 from 4.0.18 to 4.1.7

Release notes

Sourced from @vitest/coverage-v8's releases.

v4.1.7

   🐞 Bug Fixes

runner: Limit concurrency per task branch in addition to per leaf callbacks (backport) - by @hi-ogawa in vitest-dev/vitest#10384 (4f0f2)

    View changes on GitHub

v4.1.6

   🐞 Bug Fixes

browser: Provide project reference in ToMatchScreenshotResolvePath - by @macarie and @sheremet-va in vitest-dev/vitest#10138 (31882)

Global sequence.concurrent: true with top-level test(..., { concurrent: false }) + depreacte sequential test API and options - by @hi-ogawa, Codex and @sheremet-va in vitest-dev/vitest#10196 (2847d)

browser: Simplify orchestrator otel carrier - by @hi-ogawa in vitest-dev/vitest#10285 (18af9)

   🏎 Performance

Stringify diff objects only once - by @sheremet-va in vitest-dev/vitest#10276 (9f7b1)

    View changes on GitHub

v4.1.5

   🚀 Experimental Features

coverage: Istanbul to support instrumenter option - by @BartWaardenburg and @AriPerkkio in vitest-dev/vitest#10119 (0e0ff)

   🐞 Bug Fixes

--project negation excludes browser instances - by @felamaslen in vitest-dev/vitest#10131 (9423d)

Project color label on html reporter - by @hi-ogawa in vitest-dev/vitest#10142 (596f7)

Fix vi.defineHelper called as object method - by @hi-ogawa in vitest-dev/vitest#10163 (122c2)

Alias agent reporter to minimal - by @sheremet-va in vitest-dev/vitest#10157 (663b9)

Respect diff config options in soft assertions - by @Copilot, sheremet-va and @sheremet-va in vitest-dev/vitest#8696 (9787d)

Respect diff config options in soft assertions " - by @sheremet-va in vitest-dev/vitest#8696 (7dc6d)

ast-collect: Recognize _vi_import prefix in static test discovery - by @Yejneshwar in vitest-dev/vitest#10129 (32546)

coverage: Descriptive error message when reports directory is removed during test run - by @DaveT1991 and @AriPerkkio in vitest-dev/vitest#10117 (14133)

snapshot: Increase default snapshot max output length - by @hi-ogawa and Codex in vitest-dev/vitest#10150 (21e66)

ui: Fix jsx/tsx syntax highlight - by @hi-ogawa in vitest-dev/vitest#10152 (f1b1f)

web-worker: Support MessagePort objects referenced inside postMessage data - by @whitphx and Claude Opus 4.6 (1M context) in vitest-dev/vitest#9927 and vitest-dev/vitest#10124 (7ad7d)

api: Make test-specification options writable - by @sheremet-va in vitest-dev/vitest#10154 (6abd5)

    View changes on GitHub

v4.1.4

   🚀 Experimental Features

coverage:

Default to text reporter skipFull if agent detected - by @hi-ogawa in vitest-dev/vitest#10018 (53757)

experimental:

Expose assertion as a public field - by @sheremet-va in vitest-dev/vitest#10095 (a120e)

Support aria snapshot - by @hi-ogawa, Claude Opus 4.6 (1M context), @AriPerkkio, Codex and @sheremet-va in vitest-dev/vitest#9668 (d4fbb)

... (truncated)

Commits

a09d472 chore: release v4.1.7
a8fd24c chore: release v4.1.6
e399846 chore: release v4.1.5
ac04bac chore: release v4.1.4
2dc0d62 chore: release v4.1.3
fc6f482 chore: release v4.1.2
1f2d318 chore: release v4.1.1
aaf9f18 fix(coverage): simplify provider types (#9931)
4150b91 chore: release v4.1.0
0c2c013 chore: release v4.1.0-beta.6
Additional commits viewable in compare view

Updates devtools-protocol from 0.0.1595872 to 0.0.1632630

Commits

Description has been truncated

…pdates Bumps the dependencies group with 21 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@google/genai](https://github.com/googleapis/js-genai) | `1.44.0` | `2.5.0` | | [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.27.1` | `1.29.0` | | [@steipete/sweet-cookie](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core) | `0.2.0` | `0.3.0` | | [dotenv](https://github.com/motdotla/dotenv) | `17.3.1` | `17.4.2` | | [inquirer](https://github.com/SBoudrias/Inquirer.js) | `13.3.0` | `13.4.3` | | [openai](https://github.com/openai/openai-node) | `6.27.0` | `6.38.0` | | [qs](https://github.com/ljharb/qs) | `6.15.0` | `6.15.2` | | [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) | `4.0.1` | `4.1.0` | | [zod](https://github.com/colinhacks/zod) | `4.3.6` | `4.4.3` | | [@types/chrome-remote-interface](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/chrome-remote-interface) | `0.33.0` | `0.34.0` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.3.5` | `25.9.1` | | [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.0.18` | `4.1.7` | | [devtools-protocol](https://github.com/ChromeDevTools/devtools-protocol) | `0.0.1595872` | `0.0.1632630` | | [es-toolkit](https://github.com/toss/es-toolkit) | `1.45.1` | `1.46.1` | | [esbuild](https://github.com/evanw/esbuild) | `0.27.3` | `0.28.0` | | [oxfmt](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxfmt) | `0.36.0` | `0.51.0` | | [oxlint](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxlint) | `1.51.0` | `1.66.0` | | [puppeteer-core](https://github.com/puppeteer/puppeteer) | `24.38.0` | `25.0.4` | | [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.3` | | [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.3` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.0.18` | `4.1.7` | Updates `@google/genai` from 1.44.0 to 2.5.0 - [Release notes](https://github.com/googleapis/js-genai/releases) - [Changelog](https://github.com/googleapis/js-genai/blob/main/CHANGELOG.md) - [Commits](googleapis/js-genai@v1.44.0...v2.5.0) Updates `@modelcontextprotocol/sdk` from 1.27.1 to 1.29.0 - [Release notes](https://github.com/modelcontextprotocol/typescript-sdk/releases) - [Commits](modelcontextprotocol/typescript-sdk@v1.27.1...v1.29.0) Updates `@steipete/sweet-cookie` from 0.2.0 to 0.3.0 - [Release notes](https://github.com/steipete/sweet-cookie/releases) - [Changelog](https://github.com/steipete/sweet-cookie/blob/main/CHANGELOG.md) - [Commits](https://github.com/steipete/sweet-cookie/commits/v0.3.0/packages/core) Updates `dotenv` from 17.3.1 to 17.4.2 - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](motdotla/dotenv@v17.3.1...v17.4.2) Updates `inquirer` from 13.3.0 to 13.4.3 - [Release notes](https://github.com/SBoudrias/Inquirer.js/releases) - [Commits](https://github.com/SBoudrias/Inquirer.js/compare/inquirer@13.3.0...inquirer@13.4.3) Updates `openai` from 6.27.0 to 6.38.0 - [Release notes](https://github.com/openai/openai-node/releases) - [Changelog](https://github.com/openai/openai-node/blob/master/CHANGELOG.md) - [Commits](openai/openai-node@v6.27.0...v6.38.0) Updates `qs` from 6.15.0 to 6.15.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.15.0...v6.15.2) Updates `shiki` from 4.0.1 to 4.1.0 - [Release notes](https://github.com/shikijs/shiki/releases) - [Commits](https://github.com/shikijs/shiki/commits/v4.1.0/packages/shiki) Updates `zod` from 4.3.6 to 4.4.3 - [Release notes](https://github.com/colinhacks/zod/releases) - [Commits](colinhacks/zod@v4.3.6...v4.4.3) Updates `@types/chrome-remote-interface` from 0.33.0 to 0.34.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/chrome-remote-interface) Updates `@types/node` from 25.3.5 to 25.9.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@vitest/coverage-v8` from 4.0.18 to 4.1.7 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.7/packages/coverage-v8) Updates `devtools-protocol` from 0.0.1595872 to 0.0.1632630 - [Commits](ChromeDevTools/devtools-protocol@v0.0.1595872...v0.0.1632630) Updates `es-toolkit` from 1.45.1 to 1.46.1 - [Release notes](https://github.com/toss/es-toolkit/releases) - [Changelog](https://github.com/toss/es-toolkit/blob/main/CHANGELOG.md) - [Commits](toss/es-toolkit@v1.45.1...v1.46.1) Updates `esbuild` from 0.27.3 to 0.28.0 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](evanw/esbuild@v0.27.3...v0.28.0) Updates `oxfmt` from 0.36.0 to 0.51.0 - [Release notes](https://github.com/oxc-project/oxc/releases) - [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxfmt/CHANGELOG.md) - [Commits](https://github.com/oxc-project/oxc/commits/oxfmt_v0.51.0/npm/oxfmt) Updates `oxlint` from 1.51.0 to 1.66.0 - [Release notes](https://github.com/oxc-project/oxc/releases) - [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxlint/CHANGELOG.md) - [Commits](https://github.com/oxc-project/oxc/commits/oxlint_v1.66.0/npm/oxlint) Updates `puppeteer-core` from 24.38.0 to 25.0.4 - [Release notes](https://github.com/puppeteer/puppeteer/releases) - [Changelog](https://github.com/puppeteer/puppeteer/blob/main/CHANGELOG.md) - [Commits](puppeteer/puppeteer@puppeteer-core-v24.38.0...puppeteer-core-v25.0.4) Updates `tsx` from 4.21.0 to 4.22.3 - [Release notes](https://github.com/privatenumber/tsx/releases) - [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs) - [Commits](privatenumber/tsx@v4.21.0...v4.22.3) Updates `typescript` from 5.9.3 to 6.0.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Commits](microsoft/TypeScript@v5.9.3...v6.0.3) Updates `vitest` from 4.0.18 to 4.1.7 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.7/packages/vitest) --- updated-dependencies: - dependency-name: "@google/genai" dependency-version: 2.5.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: "@modelcontextprotocol/sdk" dependency-version: 1.29.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@steipete/sweet-cookie" dependency-version: 0.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: dotenv dependency-version: 17.4.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: inquirer dependency-version: 13.4.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: openai dependency-version: 6.38.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: qs dependency-version: 6.15.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: shiki dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: zod dependency-version: 4.4.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@types/chrome-remote-interface" dependency-version: 0.34.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@types/node" dependency-version: 25.9.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@vitest/coverage-v8" dependency-version: 4.1.7 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: devtools-protocol dependency-version: 0.0.1632630 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: es-toolkit dependency-version: 1.46.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: esbuild dependency-version: 0.28.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: oxfmt dependency-version: 0.51.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: oxlint dependency-version: 1.66.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: puppeteer-core dependency-version: 25.0.4 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: tsx dependency-version: 4.22.3 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: typescript dependency-version: 6.0.3 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: vitest dependency-version: 4.1.7 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-06-04T04:27:45Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 21, 2026

dependabot Bot closed this Jun 4, 2026

dependabot Bot deleted the dependabot/npm_and_yarn/dependencies-8e31ff1193 branch June 4, 2026 04:27

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the dependencies group across 1 directory with 21 updates#8

build(deps): bump the dependencies group across 1 directory with 21 updates#8
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dependencies-8e31ff1193

dependabot Bot commented on behalf of github May 21, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github Jun 4, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 21, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v2.5.0

2.5.0 (2026-05-20)

Features

v2.4.0

2.4.0 (2026-05-17)

Features

Bug Fixes

v2.3.0

2.3.0 (2026-05-15)

Features

v2.2.0

2.2.0 (2026-05-12)

Features

v2.1.0

2.1.0 (2026-05-12)

Features

2.5.0 (2026-05-20)

Features

2.4.0 (2026-05-17)

Features

Bug Fixes

2.3.0 (2026-05-15)

Features

2.2.0 (2026-05-12)

Features

2.1.0 (2026-05-12)

Features

Bug Fixes

2.0.1 (2026-05-09)

v1.29.0

What's Changed

New Contributors

v1.28.0

What's Changed

New Contributors

v0.3.0

Fixed

Release Proof

0.3.0 - 2026-05-14

Fixed

17.4.2 (2026-04-12)

Changed

17.4.1 (2026-04-05)

Changed

17.4.0 (2026-04-01)

Added

Changed

inquirer@13.4.3

inquirer@13.4.2

inquirer@13.4.1

inquirer@13.4.0

inquirer@13.3.2

inquirer@13.3.1

v6.38.0

6.38.0 (2026-05-13)

Features

v6.37.0

6.37.0 (2026-05-07)

Features

Bug Fixes

Chores

v6.36.0

6.36.0 (2026-05-01)

Features

Bug Fixes

6.38.0 (2026-05-13)

Features

6.37.0 (2026-05-07)

Features

Bug Fixes

Chores

6.36.0 (2026-05-01)

Features

Bug Fixes

6.15.2

6.15.1

v4.1.0

dependabot Bot commented on behalf of github May 21, 2026 •

edited

Loading