chore(deps): bump the bun-minor-and-patch group with 10 updates#368
Merged
Conversation
Bumps the bun-minor-and-patch group with 10 updates: | Package | From | To | | --- | --- | --- | | [marked](https://github.com/markedjs/marked) | `18.0.5` | `18.0.6` | | [@ai-sdk/anthropic](https://github.com/vercel/ai/tree/HEAD/packages/anthropic) | `4.0.8` | `4.0.12` | | [@ai-sdk/google](https://github.com/vercel/ai/tree/HEAD/packages/google) | `4.0.8` | `4.0.12` | | [@ai-sdk/openai](https://github.com/vercel/ai/tree/HEAD/packages/openai) | `4.0.8` | `4.0.11` | | [@anthropic-ai/claude-agent-sdk](https://github.com/anthropics/claude-agent-sdk-typescript) | `0.3.201` | `0.3.207` | | [@anthropic-ai/sdk](https://github.com/anthropics/anthropic-sdk-typescript) | `0.110.0` | `0.111.0` | | [@google/genai](https://github.com/googleapis/js-genai) | `2.10.0` | `2.11.0` | | [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) | `7.0.16` | `7.0.22` | | [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro) | `7.0.6` | `7.0.8` | | [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler) | `4.107.0` | `4.110.0` | Updates `marked` from 18.0.5 to 18.0.6 - [Release notes](https://github.com/markedjs/marked/releases) - [Commits](markedjs/marked@v18.0.5...v18.0.6) Updates `@ai-sdk/anthropic` from 4.0.8 to 4.0.12 - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/main/packages/anthropic/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/commits/@ai-sdk/anthropic@4.0.12/packages/anthropic) Updates `@ai-sdk/google` from 4.0.8 to 4.0.12 - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/main/packages/google/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/commits/@ai-sdk/google@4.0.12/packages/google) Updates `@ai-sdk/openai` from 4.0.8 to 4.0.11 - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/main/packages/openai/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/commits/@ai-sdk/openai@4.0.11/packages/openai) Updates `@anthropic-ai/claude-agent-sdk` from 0.3.201 to 0.3.207 - [Release notes](https://github.com/anthropics/claude-agent-sdk-typescript/releases) - [Changelog](https://github.com/anthropics/claude-agent-sdk-typescript/blob/main/CHANGELOG.md) - [Commits](anthropics/claude-agent-sdk-typescript@v0.3.201...v0.3.207) Updates `@anthropic-ai/sdk` from 0.110.0 to 0.111.0 - [Release notes](https://github.com/anthropics/anthropic-sdk-typescript/releases) - [Changelog](https://github.com/anthropics/anthropic-sdk-typescript/blob/main/CHANGELOG.md) - [Commits](anthropics/anthropic-sdk-typescript@sdk-v0.110.0...sdk-v0.111.0) Updates `@google/genai` from 2.10.0 to 2.11.0 - [Release notes](https://github.com/googleapis/js-genai/releases) - [Changelog](https://github.com/googleapis/js-genai/blob/main/CHANGELOG.md) - [Commits](googleapis/js-genai@v2.10.0...v2.11.0) Updates `ai` from 7.0.16 to 7.0.22 - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/main/packages/ai/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/commits/ai@7.0.22/packages/ai) Updates `astro` from 7.0.6 to 7.0.8 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/astro@7.0.8/packages/astro) Updates `wrangler` from 4.107.0 to 4.110.0 - [Release notes](https://github.com/cloudflare/workers-sdk/releases) - [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@4.110.0/packages/wrangler) --- updated-dependencies: - dependency-name: marked dependency-version: 18.0.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: bun-minor-and-patch - dependency-name: "@ai-sdk/anthropic" dependency-version: 4.0.12 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: bun-minor-and-patch - dependency-name: "@ai-sdk/google" dependency-version: 4.0.12 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: bun-minor-and-patch - dependency-name: "@ai-sdk/openai" dependency-version: 4.0.11 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: bun-minor-and-patch - dependency-name: "@anthropic-ai/claude-agent-sdk" dependency-version: 0.3.207 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: bun-minor-and-patch - dependency-name: "@anthropic-ai/sdk" dependency-version: 0.111.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: bun-minor-and-patch - dependency-name: "@google/genai" dependency-version: 2.11.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: bun-minor-and-patch - dependency-name: ai dependency-version: 7.0.22 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: bun-minor-and-patch - dependency-name: astro dependency-version: 7.0.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: bun-minor-and-patch - dependency-name: wrangler dependency-version: 4.110.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: bun-minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Deploying impeccable with
|
| Latest commit: |
d03abda
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://8f368964.impeccable-2rv.pages.dev |
| Branch Preview URL: | https://dependabot-bun-bun-minor-and-i3ud.impeccable-2rv.pages.dev |
mp3wizard
added a commit
to mp3wizard/impeccable
that referenced
this pull request
Jul 15, 2026
New upstream features: - Fix light-mode command demo contrast (pbakaus#370) - chore(deps): bump bun-minor-and-patch group ×10 (pbakaus#368) - Base sheriff stale clock on blocker age (pbakaus#364) Security findings: 0 secrets, 0 dependency CVEs, 0 Semgrep findings. mcps-audit 1360 findings reviewed as heuristic false positives (execSync/delete/join idioms), consistent with prior cycles. Security fixes: none required; bun.lock re-synced after upstream dep bump.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the bun-minor-and-patch group with 10 updates:
18.0.518.0.64.0.84.0.124.0.84.0.124.0.84.0.110.3.2010.3.2070.110.00.111.02.10.02.11.07.0.167.0.227.0.67.0.84.107.04.110.0Updates
markedfrom 18.0.5 to 18.0.6Release notes
Sourced from marked's releases.
Commits
39bd884chore(release): 18.0.6 [skip ci]6bce57dchore(deps-dev): bump@semantic-release/githubfrom 12.0.8 to 12.0.9 (#4009)63a4bbachore(deps-dev): bump markdown-it from 14.2.0 to 14.3.0 (#4010)a009808fix: Avoid O(n^2) backtracking in inline link href regex (#4013)33928d0fix: Fix ordered lists after blockquotes (#4003)bbb84c8fix: keep trailing text on HTML block close line for PI, declarations, and CD...d2af54echore(deps-dev): bump eslint from 10.5.0 to 10.6.0 (#4005)f403898chore(deps-dev): bump@arethetypeswrong/clifrom 0.18.3 to 0.18.4 (#4006)f8f4112chore(deps): bump actions/checkout from 6 to 7 (#4000)5ddfd8achore: Update repository metadata URLs (#3998)Updates
@ai-sdk/anthropicfrom 4.0.8 to 4.0.12Release notes
Sourced from @ai-sdk/anthropic's releases.
Changelog
Sourced from @ai-sdk/anthropic's changelog.
Commits
c2913fbVersion Packages (#17092)308a519chore: enforce consistent imports fromzod/v4instead ofzod(#17090)405116eVersion Packages (#16937)f0d9a6cVersion Packages (#16898)7718519Version Packages (#16881)2e45d9cfix(anthropic): wrap invalid tool input in object (#16643)Updates
@ai-sdk/googlefrom 4.0.8 to 4.0.12Release notes
Sourced from @ai-sdk/google's releases.
Changelog
Sourced from @ai-sdk/google's changelog.
Commits
58d77caVersion Packages (#17043)e40118cfix: Google Interactions drops text ProviderReference file parts (#17054)405116eVersion Packages (#16937)17d66c5fix: Google provider serializes PDF tool result file data as text on the lega...96d40bcfix: standalone Google threshold provider option is silently ignored (#16922)0f93c57support video reference input for r2v (#16328)f0d9a6cVersion Packages (#16898)7718519Version Packages (#16881)7401c2cfix: Google provider marks Gemini external HTTPS file URLs as unsupported (#1...Updates
@ai-sdk/openaifrom 4.0.8 to 4.0.11Changelog
Sourced from @ai-sdk/openai's changelog.
Commits
703e0bfVersion Packages (#17031)b2b1bb9feat(provider/openai): support GPT-5.6 reasoning and prompt caching controls ...405116eVersion Packages (#16937)fdb6d5dfeat(provider/openai,provider/gateway): add gpt-5.6 model id (#17021)f0d9a6cVersion Packages (#16898)ac306edfix(provider-utils): do not finalize streaming tool calls on parsable partial...Updates
@anthropic-ai/claude-agent-sdkfrom 0.3.201 to 0.3.207Release notes
Sourced from @anthropic-ai/claude-agent-sdk's releases.
... (truncated)
Changelog
Sourced from @anthropic-ai/claude-agent-sdk's changelog.
Commits
79b6350chore: Update CHANGELOG.md9fc7ea5chore: Update CHANGELOG.md95e94bfchore: Update CHANGELOG.md0aed196chore: Update CHANGELOG.md7feb85dchore: Update CHANGELOG.mdeb18b2achore: Update CHANGELOG.md46d7df9chore: Update CHANGELOG.mdUpdates
@anthropic-ai/sdkfrom 0.110.0 to 0.111.0Release notes
Sourced from @anthropic-ai/sdk's releases.
Changelog
Sourced from @anthropic-ai/sdk's changelog.
Commits
9e46760chore: release main8d461eafeat(api): add support for dreaming9436e29codegen metadata0aec1e7feat(tools): gate session tool calls on evaluated_permission; bound idle by s...ac2fc67chore(docs): update model examplec8af65dchore(docs): updates to descriptions and examples2a3a904codegen metadata57c56c9chore(docs): small updates to field descriptionsUpdates
@google/genaifrom 2.10.0 to 2.11.0Release notes
Sourced from @google/genai's releases.
Changelog
Sourced from @google/genai's changelog.
Commits
136ea26chore(main): release 2.11.0 (#1743)3bf5090chore: update the release.txt43c5380chore: release 2.11.0824badffeat: support Function declarations during Agent Creation0f414berefactor(interactions)!: remove cached_content, presence_penalty, and frequen...1127b43chore: Add multiple approval check for major releases67d2f68fix(interactions): accept both dict and list[dict] for transform5fb5354feat: voice consent signature types across all SDK languages.aad178echore: Remove default api-revision headerbe7ab10chore: sort 'properties' keys in OpenAPI schemasUpdates
aifrom 7.0.16 to 7.0.22Release notes
Sourced from ai's releases.
Changelog
Sourced from ai's changelog.
... (truncated)
Commits
b162ae4Version Packages (#17106)8f89c25feat(provider/cartesia): add Sonic 3.5 and Ink support (#16815)c2913fbVersion Packages (#17092)308a519chore: enforce consistent imports fromzod/v4instead ofzod(#17090)58d77caVersion Packages (#17043)a4186d6feat(ai): promote repairToolCall option to stable (#16886)b9ac19ffix(ai): flush compressed Node.js streams per chunk (#17042)405116eVersion Packages (#16937)ee55a07fix: preserve tool approval signatures when approvals are responded (#16589)be7f05afeat(ai): detect MCP tool-definition drift ("rug pull") (#16902)Updates
astrofrom 7.0.6 to 7.0.8Release notes
Sourced from astro's releases.
Changelog
Sourced from astro's changelog.
Commits
dec7692[ci] release (#17338)3048391refactor(test): migrate vite virtual module tests from e2e to integration (#1...3f4efc5fix: passopenoption to adapter preview entrypoints (#17362)\n\nAddopen...79a41e0Improve rendering performance for pages with many components (#17344)2bba277fix: update the compiler to the latest (#17353)025cc74Fix astro dev --force not replacing a running dev server (#17328)1b33c1ffix(routing): prevent trailing slash on file extension endpoint paths in stri...e2e319dfeat: export AstroComponentLogger type (#17313)3a4aa72[ci] release (#17326)23a4120Fix CSS module scoped-name hash mismatch with Lightning CSS in content collec...Updates
wranglerfrom 4.107.0 to 4.110.0Release notes
Sourced from wrangler's releases.
... (truncated)
Commits
eced610Version Packages (#14628)7b28392Move runtime type generation to dedicated internal package (#14589)0283a1f[wrangler] Add dependency metadata to worker uploads (#14591)774c09eVersion Packages (#14603)2fedb1fSupport workflow terminate rollback (#14465)c782e2a[wrangler] Restrict name-ownership guard to Pages-to-Workers delegation (#14616)17d2fc1[wrangler] Addturnstile widgetCLI commands (#14511)315c77cchore: use catalog forworkerddependency (#14607)9f74a5fWorkflows: Improve scheduled Workflows free-plan deploy error (#14604)394b8aeFix wrangler linting (failing because of deprecated detectAgenticEnvironment ...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsNote
Low Risk
Dependency-only lockfile refresh with patch/minor versions; main follow-up is regression smoke on
astrobuild,wranglerdeploy, and any AI/agent live tests—not production runtime deps.Overview
This PR refreshes lockfile-resolved dev and transitive dependencies; the only direct manifest edit in the diff is
@anthropic-ai/sdk^0.110.0→^0.111.0, whilebun.lockcarries the rest of the group (Vercel AI SDK packages,ai,astro,wrangler,marked,@google/genai,@anthropic-ai/claude-agent-sdk, plus Cloudflare workerd/miniflare and Astro markdown/compiler pins).For day-to-day work here, that mostly affects site build (
astro), Cloudflare deploy/preview (wrangler), and live/agent test tooling that sits on the AI SDK stack—not runtimedependencieslikemarked(still^18.0.5inpackage.json, resolved to 18.0.6 in the lockfile).Notable upstream themes worth a quick smoke after merge: Wrangler now attaches npm dependency metadata on worker uploads by default (opt-out via config); AI SDK patch releases include tool-call/streaming and provider fixes; Astro 7.0.8 is bugfix/compiler-focused.
Reviewed by Cursor Bugbot for commit d03abda. Bugbot is set up for automated code reviews on this repo. Configure here.