Skip to content

fix(deps): update dependency ai to ^6.0.174#509

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/ai-6.x
Open

fix(deps): update dependency ai to ^6.0.174#509
renovate[bot] wants to merge 1 commit intomainfrom
renovate/ai-6.x

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented May 1, 2026
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
ai (source) ^6.0.0^6.0.174 age confidence

Release Notes

vercel/ai (ai)

v6.0.174

Compare Source

Patch Changes

v6.0.173

Compare Source

Patch Changes

v6.0.172

Compare Source

v6.0.171

Compare Source

Patch Changes

  • 48f842a: fix(ai): enforce callOptionsSchema at runtime in ToolLoopAgent

    ToolLoopAgentSettings.callOptionsSchema was declared and documented as a runtime schema for options, but tool-loop-agent.ts never invoked it. Any invariant a developer encoded in the schema was silently bypassed at runtime, and unchecked options flowed straight into prepareCall and any instructions template that interpolated them.

    ToolLoopAgent.prepareCall now validates caller-supplied options against callOptionsSchema (when set) via safeValidateTypes, throwing InvalidArgumentError on failure before forwarding to prepareCall / generateText / streamText.

  • a727da4: chore: ensure consistent import handling and avoid import duplicates or cycles

  • 5fee301: fix(mcp): prevent prototype pollution by using secureJsonParse

  • Updated dependencies [a727da4]

v6.0.170

Compare Source

Patch Changes
  • 19d587a: fix(ai): add allowSystemInMessages option and warn by default when system messages are found in prompt or messages

v6.0.169

Compare Source

v6.0.168

Compare Source

Patch Changes

v6.0.167

Compare Source

Patch Changes

v6.0.166

Compare Source

Patch Changes
  • b8d28f4: fix(ai): omit reasoning-start/end when sendReasoning is false

v6.0.165

Compare Source

Patch Changes

v6.0.164

Compare Source

Patch Changes

v6.0.163

Compare Source

Patch Changes

v6.0.162

Compare Source

Patch Changes

v6.0.161

Compare Source

Patch Changes

v6.0.160

Compare Source

Patch Changes

v6.0.159

Compare Source

Patch Changes

v6.0.158

Compare Source

Patch Changes
  • 295beba: fix(ai): fix lastAssistantMessageIsCompleteWithApprovalResponses to no longer ignore providerExecuted tool approvals

v6.0.157

Compare Source

Patch Changes
  • ff11aee: fix(ai): fix providerExecuted tool approvals being passed to language model twice

v6.0.156

Compare Source

Patch Changes

v6.0.155

Compare Source

Patch Changes
  • 06764c5: fix(ai): skip passing invalid JSON inputs to response messages

v6.0.154

Compare Source

Patch Changes

v6.0.153

Compare Source

Patch Changes

  • f152133: feat (ai/core): support plain string model IDs in rerank() function

    The rerank() function now accepts plain model strings (e.g., 'cohere/rerank-v3.5') in addition to RerankingModel objects, matching the behavior of generateText, embed, and other core functions.

v6.0.152

Compare Source

Patch Changes
  • d42076d: Add AI Gateway hint to provider READMEs

v6.0.151

Compare Source

Patch Changes

v6.0.150

Compare Source

Patch Changes

v6.0.149

Compare Source

Patch Changes

v6.0.148

Compare Source

Patch Changes

v6.0.147

Compare Source

Patch Changes

v6.0.146

Compare Source

Patch Changes

v6.0.145

Patch Changes

v6.0.144

Patch Changes

v6.0.143

Patch Changes

v6.0.142

Compare Source

Patch Changes

v6.0.141

Compare Source

Patch Changes

v6.0.140

Compare Source

Patch Changes

v6.0.139

Patch Changes

v6.0.138

Patch Changes

v6.0.137

Patch Changes

v6.0.136

Compare Source

Patch Changes

v6.0.135

Patch Changes
  • df6a330: chore(ai): remove all experimental agent events

v6.0.134

Patch Changes
  • ed6876b: chore(ai): remove all experimental embed events

v6.0.133

Patch Changes

v6.0.132

Patch Changes

v6.0.131

Patch Changes
  • 14f25f9: feat(ai): introduce experimental callbacks for embed function

v6.0.130

Compare Source

Patch Changes

v6.0.129

Compare Source

Patch Changes

v6.0.128

Compare Source

Patch Changes

v6.0.127

Compare Source

Patch Changes

v6.0.126

Compare Source

Patch Changes
  • 578615a: Remove custom User-Agent header from HttpChatTransport to fix CORS preflight failures in Safari and Firefox

v6.0.125

Compare Source

Patch Changes

v6.0.124

Patch Changes

v6.0.122

Compare Source

Patch Changes

v6.0.121

Compare Source

Patch Changes

v6.0.120

Compare Source

Patch Changes
  • 78c0e26: feat(ai): pass result provider metadata across the stream

v6.0.119

Compare Source

Patch Changes
  • ab286f1: fix(ai): doStream should reflect transformed values
  • d68b122: feat(ai): add missing usage attributes

v6.0.118

Compare Source

Patch Changes

  • 64ac0fd: fix(security): validate redirect targets in download functions to prevent SSRF bypass

    Both downloadBlob and download now validate the final URL after following HTTP redirects, preventing attackers from bypassing SSRF protections via open redirects to internal/private addresses.

  • Updated dependencies [64ac0fd]

v6.0.117

Compare Source

Patch Changes

Configuration

📅 Schedule: (in timezone Europe/London)

  • Branch creation
    • "after 01:00 and before 07:00 every weekday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the dependencies label May 1, 2026
@github-actions github-actions Bot added the size/XS Extra small PR: < 100 lines changed label May 1, 2026
@renovate renovate Bot force-pushed the renovate/ai-6.x branch from fc1bd89 to 1aa8bd1 Compare May 2, 2026 05:36
@renovate renovate Bot changed the title fix(deps): update dependency ai to ^6.0.168 fix(deps): update dependency ai to ^6.0.169 May 2, 2026
@github-actions github-actions Bot added size/XS Extra small PR: < 100 lines changed and removed size/XS Extra small PR: < 100 lines changed labels May 2, 2026
@renovate renovate Bot force-pushed the renovate/ai-6.x branch from 1aa8bd1 to dc2df68 Compare May 2, 2026 20:47
@renovate renovate Bot changed the title fix(deps): update dependency ai to ^6.0.169 fix(deps): update dependency ai to ^6.0.170 May 2, 2026
@github-actions github-actions Bot added size/XS Extra small PR: < 100 lines changed and removed size/XS Extra small PR: < 100 lines changed labels May 2, 2026
@renovate renovate Bot force-pushed the renovate/ai-6.x branch from dc2df68 to 230bc0c Compare May 3, 2026 21:45
@renovate renovate Bot changed the title fix(deps): update dependency ai to ^6.0.170 fix(deps): update dependency ai to ^6.0.172 May 3, 2026
@github-actions github-actions Bot added size/XS Extra small PR: < 100 lines changed and removed size/XS Extra small PR: < 100 lines changed labels May 3, 2026
@renovate renovate Bot force-pushed the renovate/ai-6.x branch from 230bc0c to fe446a0 Compare May 4, 2026 19:45
@renovate renovate Bot changed the title fix(deps): update dependency ai to ^6.0.172 fix(deps): update dependency ai to ^6.0.174 May 4, 2026
@github-actions github-actions Bot added size/XS Extra small PR: < 100 lines changed and removed size/XS Extra small PR: < 100 lines changed labels May 4, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies size/XS Extra small PR: < 100 lines changed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants