build(deps): bump the dependencies group across 1 directory with 22 updates by dependabot[bot] · Pull Request #9 · vibecode-vm/multi-oracle

dependabot · 2026-06-04T04:29:00Z

Bumps the dependencies group with 22 updates in the / directory:

Package	From	To
@google/genai	`1.44.0`	`2.8.0`
@modelcontextprotocol/sdk	`1.27.1`	`1.29.0`
@steipete/sweet-cookie	`0.2.0`	`0.3.0`
commander	`14.0.3`	`15.0.0`
dotenv	`17.3.1`	`17.4.2`
inquirer	`13.3.0`	`14.0.2`
openai	`6.27.0`	`6.42.0`
qs	`6.15.0`	`6.15.2`
shiki	`4.0.1`	`4.2.0`
zod	`4.3.6`	`4.4.3`
@types/chrome-remote-interface	`0.33.0`	`0.34.0`
@types/node	`25.3.5`	`25.9.1`
@vitest/coverage-v8	`4.0.18`	`4.1.8`
devtools-protocol	`0.0.1595872`	`0.0.1640722`
es-toolkit	`1.45.1`	`1.47.0`
esbuild	`0.27.3`	`0.28.0`
oxfmt	`0.36.0`	`0.53.0`
oxlint	`1.51.0`	`1.68.0`
puppeteer-core	`24.38.0`	`25.1.0`
tsx	`4.21.0`	`4.22.4`
typescript	`5.9.3`	`6.0.3`
vitest	`4.0.18`	`4.1.8`

Updates @google/genai from 1.44.0 to 2.8.0

Release notes

Sourced from @google/genai's releases.

v2.8.0

2.8.0 (2026-06-03)

Features

Add Agent Platform MCP support to async generate_content (baeaeaa)

Add transcription language code. (d2981d6)

Add TranslationConfig for live translation. (8c44240)

Support ReinforcementTuning in GenAI SDK including ValidateReward API method. (36f0bfb)

v2.7.0

2.7.0 (2026-05-27)

Features

Add Skill Registry ListSkills and DeleteSkill to SDK (d75582a)

additional computer_use field support for vertex. (54a692b)

interaction-api: Allow "text/csv" as a supported document mime type for Interaction API. (3cc830e)

interaction-api: Enable BigQuery tool in Deep Research config. (58c8c7e)

Support Reinforcement Tuning in GenAI SDK (418cc35)

v2.6.0

2.6.0 (2026-05-21)

Features

add enable_prompt_injection_detection for Computer Use feature for the Gemini API. (f780f3c)

Add budget_exceeded status (1e97bd0)

Add gemini-3.5-flash (1e97bd0)

add new fields (b78eeee)

v2.5.0

2.5.0 (2026-05-20)

Features

Add Gemini 3.5 Flash model to options (fcf26e3)

v2.4.0

2.4.0 (2026-05-17)

Features

support Agent and Environment APIs. (b0d9d2b)

... (truncated)

Changelog

Sourced from @google/genai's changelog.

2.8.0 (2026-06-03)

Features

Add Agent Platform MCP support to async generate_content (baeaeaa)

Add transcription language code. (d2981d6)

Add TranslationConfig for live translation. (8c44240)

Support ReinforcementTuning in GenAI SDK including ValidateReward API method. (36f0bfb)

2.7.0 (2026-05-27)

Features

Add Skill Registry ListSkills and DeleteSkill to SDK (d75582a)

additional computer_use field support for vertex. (54a692b)

interaction-api: Allow "text/csv" as a supported document mime type for Interaction API. (3cc830e)

interaction-api: Enable BigQuery tool in Deep Research config. (58c8c7e)

Support Reinforcement Tuning in GenAI SDK (418cc35)

2.6.0 (2026-05-21)

Features

add enable_prompt_injection_detection for Computer Use feature for the Gemini API. (f780f3c)

Add budget_exceeded status (1e97bd0)

Add gemini-3.5-flash (1e97bd0)

add new fields (b78eeee)

2.5.0 (2026-05-20)

Features

Add Gemini 3.5 Flash model to options (fcf26e3)

2.4.0 (2026-05-17)

Features

support Agent and Environment APIs. (b0d9d2b)

Bug Fixes

output_text for turns that don't end with text. (1a3d94f)

... (truncated)

Commits

ea0dd60 chore(main): release 2.8.0 (#1646)
36f0bfb feat: Support ReinforcementTuning in GenAI SDK including ValidateReward API m...
d2981d6 feat: Add transcription language code.
98ac90d chore: deprecate Google Maps grounding widget API fields
8c44240 feat: Add TranslationConfig for live translation.
baeaeaa feat: Add Agent Platform MCP support to async generate_content
c1d3cb7 chore: Internal cleanup
bd78ed3 chore: Fix relative import path in pagers.ts.
2821346 chore(main): release 2.7.0 (#1630)
54a692b feat: additional computer_use field support for vertex.
Additional commits viewable in compare view

Install script changes

This version adds preinstall script that runs during installation. Review the package contents before updating.

Updates @modelcontextprotocol/sdk from 1.27.1 to 1.29.0

Release notes

Sourced from @modelcontextprotocol/sdk's releases.

v1.29.0

What's Changed

fix: treat v1.x as primary branch for npm latest tag (backport #1577) by @felixweinberger in modelcontextprotocol/typescript-sdk#1749

[v1.x] fix: disallow null (infinite) requested TTL by @LucaButBoring in modelcontextprotocol/typescript-sdk#1339

[v1.x] fix: add missing size field to ResourceSchema by @olaservo in modelcontextprotocol/typescript-sdk#1575

Add typings exports by @tdraier in modelcontextprotocol/typescript-sdk#1623

v1.x npm audit fix by @KKonstantinov in modelcontextprotocol/typescript-sdk#1780

v1.x #1623 follow up -add missing types to package.json by @KKonstantinov in modelcontextprotocol/typescript-sdk#1773

[v1.x backport] Allow servers / clients to advertise extensions in the capability object by @localden in modelcontextprotocol/typescript-sdk#1811

fix(stdio): always set windowsHide on Windows, not just in Electron by @jnMetaCode in modelcontextprotocol/typescript-sdk#1640

chore: bump version to 1.29.0 by @felixweinberger in modelcontextprotocol/typescript-sdk#1820

New Contributors

@tdraier made their first contribution in modelcontextprotocol/typescript-sdk#1623

@jnMetaCode made their first contribution in modelcontextprotocol/typescript-sdk#1640

Full Changelog: modelcontextprotocol/typescript-sdk@v1.28.0...v1.29.0

v1.28.0

What's Changed

feat: use scopes_supported from resource metadata by default (fixes #580) by @antogyn in modelcontextprotocol/typescript-sdk#757

[v1.x backport] Default to client_secret_basic when server omits token_endpoint_auth_methods_supported by @pcarleton in modelcontextprotocol/typescript-sdk#1611

fix: reject plain JSON Schema objects passed as inputSchema by @tiluckdave in modelcontextprotocol/typescript-sdk#1596

fix: clear _timeoutInfo in _onclose() and scope .finally() abort controller cleanup by @pcarleton in modelcontextprotocol/typescript-sdk#1462

fix(server/auth): RFC 8252 loopback port relaxation by @poteat in modelcontextprotocol/typescript-sdk#1738

chore: bump version to 1.28.0 by @felixweinberger in modelcontextprotocol/typescript-sdk#1746

New Contributors

@antogyn made their first contribution in modelcontextprotocol/typescript-sdk#757

@tiluckdave made their first contribution in modelcontextprotocol/typescript-sdk#1596

@poteat made their first contribution in modelcontextprotocol/typescript-sdk#1738

Full Changelog: modelcontextprotocol/typescript-sdk@v1.27.1...v1.28.0

Commits

e12cbd7 chore: bump version to 1.29.0 (#1820)
3913fd4 fix(stdio): always set windowsHide on Windows, not just in Electron (#1640)
5608e78 [v1.x backport] Allow servers / clients to advertise extensions in the capabi...
7213816 v1.x #1623 follow up -add missing types to package.json (#1773)
364f38c v1.x npm audit fix (#1780)
c95cc09 Add typings exports (#1623)
ddadaa6 [v1.x] fix: add missing size field to ResourceSchema (#1575)
2a15851 [v1.x] fix: disallow null (infinite) requested TTL (#1339)
13e30f1 fix: treat v1.x as primary branch for npm latest tag (backport #1577) (#1749)
a056569 chore: bump version to 1.28.0 (#1746)
Additional commits viewable in compare view

Updates @steipete/sweet-cookie from 0.2.0 to 0.3.0

Release notes

Sourced from @steipete/sweet-cookie's releases.

v0.3.0

Fixed

Enable node:sqlite readBigInts on Node 22+ so current Chromium cookie expiry values do not overflow on the active LTS line. ([#25](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core/issues/25), thanks @navarch-orion)

Support Firefox 147+ Linux XDG profile roots under $XDG_CONFIG_HOME/mozilla/firefox, with legacy ~/.mozilla/firefox fallback. ([#28](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core/issues/28), thanks @solomonneas)

Warn when Chromium v20 App-Bound encrypted cookies fail to decrypt instead of silently dropping them. ([#24](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core/issues/24), thanks @devskale)

Release Proof

npm: https://www.npmjs.com/package/@steipete/sweet-cookie/v/0.3.0

registry tarball: https://registry.npmjs.org/@steipete/sweet-cookie/-/sweet-cookie-0.3.0.tgz

npm integrity: sha512-eGjIEtWe6PPO1kOGGcxloiI8CXuIRdUzDbNBjhoZyvS9FiL0U3vVussNDV0EBuu3OILGrCKizpkxmpJ9G3BcHg==

CI: https://github.com/steipete/sweet-cookie/actions/runs/25886548509

local gates: pnpm build, pnpm check, pnpm test, pnpm test:bun

fresh install smoke: npm i @steipete/sweet-cookie@0.3.0; ESM import returned function function

Changelog

Sourced from @steipete/sweet-cookie's changelog.

0.3.0 - 2026-05-14

Fixed

Enable node:sqlite readBigInts on Node 22+ so current Chromium cookie expiry values do not overflow on the active LTS line. ([#25](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core/issues/25), thanks @navarch-orion)

Support Firefox 147+ Linux XDG profile roots under $XDG_CONFIG_HOME/mozilla/firefox, with legacy ~/.mozilla/firefox fallback. ([#28](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core/issues/28), thanks @solomonneas)

Warn when Chromium v20 App-Bound encrypted cookies fail to decrypt instead of silently dropping them. ([#24](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core/issues/24), thanks @devskale)

Commits

f7f8d66 chore(release): 0.3.0
a099c5f feat: add v20 App-Bound Encryption detection and warning (#24)
3c4c510 test: lock node:sqlite bigint support matrix
446c704 fix(firefox): support Linux XDG profile roots
d7b30f5 chore: use tsgo for TypeScript builds
See full diff in compare view

Updates commander from 14.0.3 to 15.0.0

Release notes

Sourced from commander's releases.

v15.0.0

Commander 15 is ESM only. This is expected to be seamless for ESM consumers, but some CommonJS consumers may hit issues with tooling requiring configuration for ESM-only dependencies. See Migration Tips below.

The release of Commander 15 moves Commander 14 into maintenance. Commander 14 will get security updates for 12 months (to May 2027). For more info see Release Policy.

Added

show excess command-arguments in error message (#2384)

Fixed

Breaking: only lone --no-* option sets default option value to true, default not implicitly set when define both positive and negative option in either order (#2405)

update example to use compatible character for MINGW64 (#2475)

Changed

Breaking: migrated Commander implementation from CommonJS to ESM (#2464)

Breaking: Commander 15 requires Node.js v22.12.0 or higher (for require(esm)).

dev: switch tests from Jest to node:test test runner (#2463)

Deleted

Breaking: removed deprecated export of commander/esm.mjs (#2464)

Migration Tips

Commander 15 is ESM only, but this does not mean you need to migrate to ESM to use it. Importing ESM from CommonJS is supported by Node.js, and Bun, and Deno. Hopefully it Just Works for you! However, you may be using a different runtime or some other part of your setup that may not yet natively support importing ESM from CommonJS, such as your testing framework or bundler.

If you have problems using Commander 15 in your environment, one option is stay on Commander 14 for now. Commander 14 will get security updates until May 2027 and things will hopefully improve for your setup in the meantime.

v15.0.0-0

Commander 15 is ESM only. This is expected to be seamless for ESM consumers, but some CommonJS consumers may hit issues with tooling requiring configuration for ESM-only dependencies. See Migration Tips below.

The release of Commander 15 in May 2026 will move Commander 14 into maintenance. Commander 14 will get security updates for 12 months (to May 2027). For more info see Release Policy.

Added

show excess command-arguments in error message (#2384)

Fixed

Breaking: only lone --no-* option sets default option value to true, default not implicitly set when define both positive and negative option in either order (#2405)

update example to use compatible character for MINGW64 (#2475)

... (truncated)

Changelog

Sourced from commander's changelog.

[15.0.0] (2026-05-29)

Commander 15 is ESM only. This is expected to be seamless for ESM consumers, but some CommonJS consumers may hit issues with tooling requiring configuration for ESM-only dependencies. See Migration Tips below.

The release of Commander 15 moves Commander 14 into maintenance. Commander 14 will get security updates for 12 months (to May 2027). For more info see Release Policy.

Added

show excess command-arguments in error message (#2384)

Fixed

Breaking: only lone --no-* option sets default option value to true, default not implicitly set when define both positive and negative option in either order (#2405)

update example to use compatible character for MINGW64 (#2475)

Changed

Breaking: migrated Commander implementation from CommonJS to ESM (#2464)

Breaking: Commander 15 requires Node.js v22.12.0 or higher (for require(esm)).

dev: switch tests from Jest to node:test test runner (#2463)

Deleted

Breaking: removed deprecated export of commander/esm.mjs (#2464)

Migration Tips

Commander 15 is ESM only, but this does not mean you need to migrate to ESM to use it. Importing ESM from CommonJS is supported by Node.js, and Bun, and Deno. Hopefully it Just Works for you! However, you may be using a different runtime or some other part of your setup that may not yet natively support importing ESM from CommonJS, such as your testing framework or bundler.

If you have problems using Commander 15 in your environment, one option is stay on Commander 14 for now. Commander 14 will get security updates until May 2027 and things will hopefully improve for your setup in the meantime.

[15.0.0-0] (2026-02-22)

(Released as 15.0.0)

Commits

ba6d13d Fix release dates in changelog (#2523)
a752ed9 Pin GitHub actions with hash (#2521)
74d5dfe Drop EOL node 20 from test matrix, and add node 26 (#2520)
6df9b68 Update details for 15.0.0 release (#2519)
01ce5d0 Remove jest esm examples (#2517)
d785d8b Update dependencies (#2518)
9098b48 Update dependencies (#2506)
373f660 Use node:util stripVTControlCharacters instead of own code (#2486)
987f289 Use simple match in test (to avoid warning about expensive regex) (#2485)
0ea3bb3 Update dependecies and lint (#2489)
Additional commits viewable in compare view

Updates dotenv from 17.3.1 to 17.4.2

Changelog

Sourced from dotenv's changelog.

17.4.2 (2026-04-12)

Changed

Improved skill files - tightened up details (#1009)

17.4.1 (2026-04-05)

Changed

Change text injecting to injected (#1005)

17.4.0 (2026-04-01)

Added

Add skills/ folder with focused agent skills: skills/dotenv/SKILL.md (core usage) and skills/dotenvx/SKILL.md (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (npx skills add motdotla/dotenv)

Changed

Tighten up logs: ◇ injecting env (14) from .env (#1003)

Commits

f116f70 17.4.2
3a81612 fix visual order of faq
13f55a8 Merge branch 'skill'
4bbbf73 reorganize faq
c3da64b Merge pull request #1009 from motdotla/skill
6f743b1 update source
fc2c624 update skill
972315b Tighten up skill
2795fce reorganize faq
d5495d4 adjust skill
Additional commits viewable in compare view

Updates inquirer from 13.3.0 to 14.0.2

Release notes

Sourced from inquirer's releases.

inquirer@14.0.2

Fix security warnings in external-editor

inquirer@14.0.1

Rolled back mute-stream dependency from v4 to v3 to undo breaking compatible engines.

Added tooling to prevent regression of the above in the future. This surfaced our min engines already enforced a higher limit, so adjusted the explicit limits to match the current state.

inquirer@14.0.0

Fix (breaking): Inquirer will now throw when encountering non-registered prompt. Prior to this fix, Inquirer would default to type: 'input' in such cases - this behaviour was misleading and made it harder to detect broken code when not using Typescript.

Feat: Read env variable INQUIRER_KEYBINDINGS to enable vim or emacs keybindings; making this a user preference instead of a library author preference. One caveat is doing so disable the search feature in the select prompt. Syntax: INQUIRER_KEYBINDINGS=vim,emacs.

Fix: Line wraps would sometime cause the cursor to be mispositioned relative to the input.

Chore: Dropped the rxjs dependency in favor of a lightweight internal Observable implementation. The package is much smaller for most users now.

Chore: Bump dependencies.

inquirer@13.4.3

Fix: Windows rendering bug

Fix: Preserve exact literal types in choices array (Typescript only)

Fix: Allow input default value to be of type undefined (Typescript only)

Bump dependencies

inquirer@13.4.2

Fix: some Windows terminals would freeze and not react to keypresses.

inquirer@13.4.1

Improve expand prompt type inferrence.

inquirer@13.4.0

Feat: Added a loading message while validating editor prompt input.

Type improvement: Better type inference with checkbox, search and expand prompts.

Fix: editor prompt not always properly handling editor path on windows.

inquirer@13.3.2

Fix broken 1.3.1 release process.

inquirer@13.3.1

Bump dependencies

Commits

bfd8710 chore: Publish new release
55cc5f3 feat: add reusable package lint CLI
3af9ed0 test(inquirer): capture prompt runner output
4381857 fix(@inquirer/input): remove stale lint suppression
45df331 fix(@inquirer/external-editor): harden editor temp files
adef323 chore: limit CI token permissions
b43359d chore: Publish new release
24ecae2 chore: fix yarn.lock
b078d97 fix: validate package engine compatibility
3a49f9f chore(deps-dev): Bump oxfmt in the formatting group (#2143)
Additional commits viewable in compare view

Updates openai from 6.27.0 to 6.42.0

Release notes

Sourced from openai's releases.

v6.42.0

6.42.0 (2026-06-03)

Full Changelog: v6.41.0...v6.42.0

Features

api: responses.moderation and chat_completions.moderation (6d8f592)

v6.41.0

6.41.0 (2026-06-01)

Full Changelog: v6.40.0...v6.41.0

Features

api: Add Amazon Bedrock Responses support (#1899) (535b045)

v6.40.0

6.40.0 (2026-06-01)

Full Changelog: v6.39.1...v6.40.0

Features

api: workload identity in audit logs, additional_tools item in responses, fix ActionSearch.query to be optional. (aee09f3)

Chores

remove migrate CLI (673c618)

v6.39.1

6.39.1 (2026-05-27)

Full Changelog: v6.39.0...v6.39.1

Bug Fixes

Improve undici dispatcher mismatch guidance (#1898) (b6e5fd6)

treat text/plan with format: binary as raw upload (f9a632a)

treat text/plan with format: binary as raw upload (323cb78)

Chores

internal: codegen related update (d32deef)

v6.39.0

6.39.0 (2026-05-21)

... (truncated)

Changelog

Sourced from openai's changelog.

6.42.0 (2026-06-03)

Full Changelog: v6.41.0...v6.42.0

Features

api: responses.moderation and chat_completions.moderation (6d8f592)

6.41.0 (2026-06-01)

Full Changelog: v6.40.0...v6.41.0

Features

api: Add Amazon Bedrock Responses support (#1899) (535b045)

6.40.0 (2026-06-01)

Full Changelog: v6.39.1...v6.40.0

Features

api: workload identity in audit logs, additional_tools item in responses, fix ActionSearch.query to be optional. (aee09f3)

Chores

remove migrate CLI (673c618)

6.39.1 (2026-05-27)

Full Changelog: v6.39.0...v6.39.1

Bug Fixes

Improve undici dispatcher mismatch guidance (#1898) (b6e5fd6)

treat text/plan with format: binary as raw upload (f9a632a)

treat text/plan with format: binary as raw upload (323cb78)

Chores

internal: codegen related update (d32deef)

6.39.0 (2026-05-21)

Full Changelog: v6.38.0...v6.39.0

Features

... (truncated)

Commits

6f849f4 release: 6.42.0
579edb2 feat(api): responses.moderation and chat_completions.moderation
7fa93eb release: 6.41.0
3b7fe31 feat(api): Add Amazon Bedrock Responses support (#1899)
caf499a codegen metadata
77bec5b release: 6.40.0
0fb7602 feat(api): workload identity in audit logs, additional_tools item in response...
4a860b8 chore: remove migrate CLI
6c11a74 release: 6.39.1
a91a7aa fix: Improve undici dispatcher mismatch guidance (#1898)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for openai since your current version.

Updates qs from 6.15.0 to 6.15.2

Changelog

Sourced from qs's changelog.

6.15.2

[Fix] stringify: skip null/undefined entries in arrayFormat: 'comma' + encodeValuesOnly instead of crashing in encoder

[Fix] stringify: use configured delimiter after charsetSentinel (#555)

[Fix] stringify: apply formatter to encoded key under strictNullHandling (#554)

[Fix] stringify: skip null/undefined filter-array entries instead of crashing in encoder (#551)

[Fix] parse: handle nested bracket groups and add regression tests (#530)

[readme] fix grammar (#550)

[Dev Deps] update @ljharb/eslint-config

[Tests] add regression tests for keys containing percent-encoded bracket text

6.15.1

[Fix] parse: parameterLimit: Infinity with throwOnLimitExceeded: true silently drops all parameters

[Deps] update @ljharb/eslint-config

[Dev Deps] update @ljharb/eslint-config, iconv-lite

[Tests] increase coverage

Commits

9aca407 v6.15.2
5e33d33 [Dev Deps] update @ljharb/eslint-config
21f80b3 [Fix] stringify: skip null/undefined entries in arrayFormat: 'comma' + `e...
a0a81ea [Fix] stringify: use configured delimiter after charsetSentinel
e3062f7 [Fix] stringify: apply formatter to encoded key under strictNullHandling
0c180a4 [Fix] stringify: skip null/undefined filter-array entries instead of crashi...
3a8b94a [Tests] add regression tests for keys containing percent-encoded bracket text
96755ab [readme] fix grammar
a419ce5 [Fix] parse: handle nested bracket groups and add regression tests
3f5e1c5 v6.15.1
Additional commits viewable in compare view

Updates shiki from 4.0.1 to 4.2.0

Release notes

Sourced from shiki's releases.

v4.2.0

   🚀 Features

Add @shikijs/stream and @shikijs/magic-move packages - by @antfu in shikijs/shiki#1283 (d031f)

   🐞 Bug Fixes

transformers: Handle YAML comment prefixes correctly for v3 - by @AkaHarshit in shikijs/shiki#1266 (f694a)

vitepress-twoslash: Scroll blocking on mobile viewports - by @micaiguai in shikijs/shiki#1262 (9e0e8)

    View changes on GitHub

v4.1.0

   🐞 Bug Fixes

twoslash: Forward tsModule to createTwoslasher - by @arthurfiorette in shikijs/shiki#1271 (be89a)

    View changes on GitHub

v4.0.2

   🐞 Bug Fixes

Support ANSI language with multiple themes - by @dan-lee in shikijs/shiki#1259 (2a232)

    View changes on GitHub

Commits

1d56dae chore: release v4.2.0
c809af9 chore: release v4.1.0
95371cb chore: lint
7a1007d chore: release v4.0.2
ef42a16 chore: update deps
2a23230 fix: support ANSI language with multiple themes (#1259)
See full diff in compare view

Updates zod from 4.3.6 to 4.4.3

Release notes

Sourced from zod's releases.

v4.4.3

Commits:

4c2fa95ce3f3390fbc522324e406b4e9e89b88f9 docs: use Zernio primary wordmark for gold sponsor logo

2aeec83eb135e3a83756e973ef44845fc5a455d2 docs: prune lapsed gold sponsors and rebalance logo sizing

7391be88ac1ee5cd02057f5ccc012a1f5df4efd0 docs: prune lapsed silver/bronze sponsors and add active ones

2c703322a21b4e2b12f33f49ea8430c451a68b4f docs: normalize bronze sponsor logos to github avatar pattern

9195250cab0e7950efe39c3926d6c203b4b0a170 docs: remove Mintlify from bronze sponsors (churned)

b8dffe9e62f17e6571e6249d05cc5102b54d94e4 docs: remove Numeric and Speakeasy (2+ missed monthly cycles)

1cab69383fcdeae2a366d5e2a2fc4d8fc765d168 fix(v4): restore catch handling for absent object keys (#5937) (#5939)

c2be4f819064eed62c7c350a2d399b5faecd15f8 fix(v4): generalize optin/fallback to transform; restore preprocess on absent keys (#5941)

f3c9ec03ba7a28ae72d25cc295f38674bee0f559 4.4.3

1fb56a5c18c27102dbc92260a4007c7732a0ccca docs: document release procedure in AGENTS.md

v4.4.2

Commits:

0c62df0ea19fd05abdf90473e9eef7eea530fab2 Clean up docs navigation and stale labels (#5901)

20cc794895cc8604fe0c87d83a5d1c3f89fad0ac chore: add security policy and refresh tooling deps

6fbe07b0177efdd1bf1c0b05160e70d7a0702337 fix(docs): heading anchor links now include the hash so it doesnt scoll all the way up, follows navbar logic (#5791)

4bbed1b1c73eca4ce9e59b1189ed236aa6c8b5bd Tighten discriminated union option typing

bbac3e567e7fccfaaf7cdc97f1ce30c295e2c908 Update PR guidance for agents

cf0dc942a32805c292fff59ade20a7ace980735a Merge remote-tracking branch 'origin/main' into fix-discriminated-union-key-constraint

292c894a5fd2aa42e527900b83d8d7a3009a709c docs: add Zernio gold sponsor

1fc9f311c28dcf80d0bb5a36b177086cbc3d8eca docs: document codec inversion

1373c85da9aeff704a9762d27bc58699618aefb7 docs: remove AI disclosure guidance

e20d02b473c08e3a4e557bc610b1b5fac079b649 chore: ignore triage notes

e58ea4d91b1dfe8194b73508203213cbc7e9c936 docs: test Zod Mini tab code heights

905761a5d127e8d5dd2ebb3bc88c75cb0b8149ff docs: document preprocess input type narrowing

bf64bac850d4dee2b7dde7e64909d5d796d32043 chore: tighten test guidance in AGENTS.md

8ec4e73f4c4693b6361ad591be40fb41eb8a9f95 chore: update play.ts scratch

02c2baf7d0d615872fa4528a8020603b71211702 Make z.preprocess defer optionality to inner schema (#5929)

88015df8e25c44fb5385eb3ef28935119cd5edea fix(docs): drop deprecated baseUrl from tsconfig

c59d4474e3b4cad1b323462186cf607178ce8267 4.4.2

v4.4.1

Commits:

481f7be4238c83ed58183f921b2646f340a91c6a ci: gate release publishing on full test workflow

95ccab423aec720b2523c3a64cdc7e3204537cc7 test(v3): restore optional undefined expectations

cede2c63739a5823d6aa5093d291e9a111da943d fix(v4): reject tuple holes before required defaults (#5900)

edd0bf0f5ada4a8dc581c259407d7bbad0a71ea7 release: 4.4.1

180d83d1dbe6a59260710cc8637a3dea2281ee56 docs: remove Jazz featured sponsor

v4.4.0

4.4.0

This is a minor release with a wide set of correctness and soundness fixes. Some fixes intentionally make Zod stricter, so code that depended on previously accepted invalid or ambiguous inputs may need small updates.

Potentially breaking bug fixes

... (truncated)

Commits

1fb56a5 docs: document release procedure in AGENTS.md
f3c9ec0 4.4.3
c2be4f8 fix(v4): generalize optin/fallback to transform; restore preprocess on absent...
1cab693 fix(v4): restore catch handling for absent object keys (#5937) (#5939)
b8dffe9 docs: remove Numeric and Speakeasy (2+ missed monthly cycles)
9195250 docs: remove Mintlify from bronze sponsors (churned)
2c70332 docs: normalize bronze sponsor logos to github avatar pattern
7391be8 docs: prune lapsed silver/bronze sponsors and add active ones
2aeec83 docs: prune lapsed gold sponsors and rebalance logo sizing
4c2fa95 docs: use Zernio primary wordmark for gold sponsor logo
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for zod since your current version.

Updates @types/chrome-remote-interface from 0.33.0 to 0.34.0

Commits

See full diff in compare view

Updates @types/node from 25.3.5 to 25.9.1

Commits

See full diff in compare view

Updates @vitest/coverage-v8 from 4.0.18 to 4.1.8

Release notes

Sourced from @vitest/coverage-v8's releases.

v4.1.8

🐞 Bug Fixes

browser:

Disable client cdp API when allowWrite/allowExec: falseDescription has been truncated

…pdates Bumps the dependencies group with 22 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@google/genai](https://github.com/googleapis/js-genai) | `1.44.0` | `2.8.0` | | [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.27.1` | `1.29.0` | | [@steipete/sweet-cookie](https://github.com/steipete/sweet-cookie/tree/HEAD/packages/core) | `0.2.0` | `0.3.0` | | [commander](https://github.com/tj/commander.js) | `14.0.3` | `15.0.0` | | [dotenv](https://github.com/motdotla/dotenv) | `17.3.1` | `17.4.2` | | [inquirer](https://github.com/SBoudrias/Inquirer.js) | `13.3.0` | `14.0.2` | | [openai](https://github.com/openai/openai-node) | `6.27.0` | `6.42.0` | | [qs](https://github.com/ljharb/qs) | `6.15.0` | `6.15.2` | | [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) | `4.0.1` | `4.2.0` | | [zod](https://github.com/colinhacks/zod) | `4.3.6` | `4.4.3` | | [@types/chrome-remote-interface](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/chrome-remote-interface) | `0.33.0` | `0.34.0` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.3.5` | `25.9.1` | | [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.0.18` | `4.1.8` | | [devtools-protocol](https://github.com/ChromeDevTools/devtools-protocol) | `0.0.1595872` | `0.0.1640722` | | [es-toolkit](https://github.com/toss/es-toolkit) | `1.45.1` | `1.47.0` | | [esbuild](https://github.com/evanw/esbuild) | `0.27.3` | `0.28.0` | | [oxfmt](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxfmt) | `0.36.0` | `0.53.0` | | [oxlint](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxlint) | `1.51.0` | `1.68.0` | | [puppeteer-core](https://github.com/puppeteer/puppeteer) | `24.38.0` | `25.1.0` | | [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.4` | | [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.3` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.0.18` | `4.1.8` | Updates `@google/genai` from 1.44.0 to 2.8.0 - [Release notes](https://github.com/googleapis/js-genai/releases) - [Changelog](https://github.com/googleapis/js-genai/blob/main/CHANGELOG.md) - [Commits](googleapis/js-genai@v1.44.0...v2.8.0) Updates `@modelcontextprotocol/sdk` from 1.27.1 to 1.29.0 - [Release notes](https://github.com/modelcontextprotocol/typescript-sdk/releases) - [Commits](modelcontextprotocol/typescript-sdk@v1.27.1...v1.29.0) Updates `@steipete/sweet-cookie` from 0.2.0 to 0.3.0 - [Release notes](https://github.com/steipete/sweet-cookie/releases) - [Changelog](https://github.com/steipete/sweet-cookie/blob/main/CHANGELOG.md) - [Commits](https://github.com/steipete/sweet-cookie/commits/v0.3.0/packages/core) Updates `commander` from 14.0.3 to 15.0.0 - [Release notes](https://github.com/tj/commander.js/releases) - [Changelog](https://github.com/tj/commander.js/blob/master/CHANGELOG.md) - [Commits](tj/commander.js@v14.0.3...v15.0.0) Updates `dotenv` from 17.3.1 to 17.4.2 - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](motdotla/dotenv@v17.3.1...v17.4.2) Updates `inquirer` from 13.3.0 to 14.0.2 - [Release notes](https://github.com/SBoudrias/Inquirer.js/releases) - [Commits](https://github.com/SBoudrias/Inquirer.js/compare/inquirer@13.3.0...inquirer@14.0.2) Updates `openai` from 6.27.0 to 6.42.0 - [Release notes](https://github.com/openai/openai-node/releases) - [Changelog](https://github.com/openai/openai-node/blob/master/CHANGELOG.md) - [Commits](openai/openai-node@v6.27.0...v6.42.0) Updates `qs` from 6.15.0 to 6.15.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.15.0...v6.15.2) Updates `shiki` from 4.0.1 to 4.2.0 - [Release notes](https://github.com/shikijs/shiki/releases) - [Commits](https://github.com/shikijs/shiki/commits/v4.2.0/packages/shiki) Updates `zod` from 4.3.6 to 4.4.3 - [Release notes](https://github.com/colinhacks/zod/releases) - [Commits](colinhacks/zod@v4.3.6...v4.4.3) Updates `@types/chrome-remote-interface` from 0.33.0 to 0.34.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/chrome-remote-interface) Updates `@types/node` from 25.3.5 to 25.9.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@vitest/coverage-v8` from 4.0.18 to 4.1.8 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/coverage-v8) Updates `devtools-protocol` from 0.0.1595872 to 0.0.1640722 - [Commits](ChromeDevTools/devtools-protocol@v0.0.1595872...v0.0.1640722) Updates `es-toolkit` from 1.45.1 to 1.47.0 - [Release notes](https://github.com/toss/es-toolkit/releases) - [Changelog](https://github.com/toss/es-toolkit/blob/main/CHANGELOG.md) - [Commits](toss/es-toolkit@v1.45.1...v1.47.0) Updates `esbuild` from 0.27.3 to 0.28.0 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](evanw/esbuild@v0.27.3...v0.28.0) Updates `oxfmt` from 0.36.0 to 0.53.0 - [Release notes](https://github.com/oxc-project/oxc/releases) - [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxfmt/CHANGELOG.md) - [Commits](https://github.com/oxc-project/oxc/commits/oxfmt_v0.53.0/npm/oxfmt) Updates `oxlint` from 1.51.0 to 1.68.0 - [Release notes](https://github.com/oxc-project/oxc/releases) - [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxlint/CHANGELOG.md) - [Commits](https://github.com/oxc-project/oxc/commits/oxlint_v1.68.0/npm/oxlint) Updates `puppeteer-core` from 24.38.0 to 25.1.0 - [Release notes](https://github.com/puppeteer/puppeteer/releases) - [Changelog](https://github.com/puppeteer/puppeteer/blob/main/CHANGELOG.md) - [Commits](puppeteer/puppeteer@puppeteer-core-v24.38.0...puppeteer-core-v25.1.0) Updates `tsx` from 4.21.0 to 4.22.4 - [Release notes](https://github.com/privatenumber/tsx/releases) - [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs) - [Commits](privatenumber/tsx@v4.21.0...v4.22.4) Updates `typescript` from 5.9.3 to 6.0.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Commits](microsoft/TypeScript@v5.9.3...v6.0.3) Updates `vitest` from 4.0.18 to 4.1.8 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest) --- updated-dependencies: - dependency-name: "@google/genai" dependency-version: 2.8.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: "@modelcontextprotocol/sdk" dependency-version: 1.29.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@steipete/sweet-cookie" dependency-version: 0.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: commander dependency-version: 15.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: dotenv dependency-version: 17.4.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: inquirer dependency-version: 14.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: openai dependency-version: 6.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: qs dependency-version: 6.15.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: shiki dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: zod dependency-version: 4.4.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@types/chrome-remote-interface" dependency-version: 0.34.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@types/node" dependency-version: 25.9.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@vitest/coverage-v8" dependency-version: 4.1.8 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: devtools-protocol dependency-version: 0.0.1640722 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: es-toolkit dependency-version: 1.47.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: esbuild dependency-version: 0.28.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: oxfmt dependency-version: 0.53.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: oxlint dependency-version: 1.68.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: puppeteer-core dependency-version: 25.1.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: tsx dependency-version: 4.22.4 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: typescript dependency-version: 6.0.3 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: vitest dependency-version: 4.1.8 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-06-11T03:08:30Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 4, 2026

dependabot Bot closed this Jun 11, 2026

dependabot Bot deleted the dependabot/npm_and_yarn/dependencies-3abeff8e05 branch June 11, 2026 03:08

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the dependencies group across 1 directory with 22 updates#9

build(deps): bump the dependencies group across 1 directory with 22 updates#9
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dependencies-3abeff8e05

dependabot Bot commented on behalf of github Jun 4, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github Jun 11, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 4, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v2.8.0

2.8.0 (2026-06-03)

Features

v2.7.0

2.7.0 (2026-05-27)

Features

v2.6.0

2.6.0 (2026-05-21)

Features

v2.5.0

2.5.0 (2026-05-20)

Features

v2.4.0

2.4.0 (2026-05-17)

Features

2.8.0 (2026-06-03)

Features

2.7.0 (2026-05-27)

Features

2.6.0 (2026-05-21)

Features

2.5.0 (2026-05-20)

Features

2.4.0 (2026-05-17)

Features

Bug Fixes

v1.29.0

What's Changed

New Contributors

v1.28.0

What's Changed

New Contributors

v0.3.0

Fixed

Release Proof

0.3.0 - 2026-05-14

Fixed

v15.0.0

Added

Fixed

Changed

Deleted

Migration Tips

v15.0.0-0

Added

Fixed

[15.0.0] (2026-05-29)

Added

Fixed

Changed

Deleted

Migration Tips

[15.0.0-0] (2026-02-22)

17.4.2 (2026-04-12)

Changed

17.4.1 (2026-04-05)

Changed

17.4.0 (2026-04-01)

Added

Changed

inquirer@14.0.2

inquirer@14.0.1

inquirer@14.0.0

inquirer@13.4.3

inquirer@13.4.2

inquirer@13.4.1

inquirer@13.4.0

inquirer@13.3.2

inquirer@13.3.1

v6.42.0

6.42.0 (2026-06-03)

Features

v6.41.0

6.41.0 (2026-06-01)

Features

v6.40.0

6.40.0 (2026-06-01)

dependabot Bot commented on behalf of github Jun 4, 2026 •

edited

Loading