Update all dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@auth/prisma-adapter (source)	2.11.1 → 2.11.2
@t3-oss/env-nextjs (source)	0.13.8 → 0.13.11
ai (source)	^5.0.0 → ^6.0.0
autoprefixer	10.4.22 → 10.5.0
bun-types (source)	1.3.4 → 1.3.14
eslint-config-next (source)	16.0.7 → 16.2.9
geist (source)	1.5.1 → 1.7.2
react-syntax-highlighter	16.1.0 → 16.1.1
tailwind-merge	3.4.0 → 3.6.0
typescript (source)	5.9.3 → 6.0.3
zod (source)	4.1.13 → 4.4.3

---

Release Notes

nextauthjs/next-auth (@​auth/prisma-adapter)

v2.11.2

Compare Source

Other

• @​auth/core: dependency update (67f2b16)

t3-oss/t3-env (@​t3-oss/env-nextjs)

v0.13.11

Compare Source

Patch Changes

• Updated dependencies [6937086]:
  • @​t3-oss/env-core@​0.13.11

v0.13.10

Compare Source

Patch Changes

• Updated dependencies [a778bf3]:
  • @​t3-oss/env-core@​0.13.10

v0.13.9

Compare Source

Patch Changes

• Updated dependencies [5987d5a]:
  • @​t3-oss/env-core@​0.13.9

vercel/ai (ai)

v6.0.205

Compare Source

Patch Changes

• Updated dependencies [6160ced]
• Updated dependencies [c9b8abd]
  • @​ai-sdk/gateway@​3.0.131

v6.0.204

Compare Source

v6.0.203

Compare Source

Patch Changes

• f42aa79: fix: harden download URL SSRF guard against hostname and redirect bypasses

  validateDownloadUrl and the file download helpers (downloadBlob, download) could be bypassed in several ways when handling untrusted URLs:

  • A fully-qualified hostname with a trailing dot (e.g. localhost., myhost.local.) skipped the localhost/.local blocklist.
  • IPv6 addresses that embed an IPv4 address in their last 32 bits — IPv4-compatible (::127.0.0.1), IPv4-translated (::ffff:0:127.0.0.1), and NAT64 (64:ff9b::127.0.0.1, including the 64:ff9b:1::/48 local-use prefix) — were not decoded and checked against the private IPv4 ranges.
  • Redirects were validated only after fetch had already followed them, so the request to a redirect target (e.g. an internal/metadata address) had already been issued before the check ran.
  • Several reserved/internal address ranges were not blocked: CGNAT (100.64.0.0/10, used by some cloud providers for internal traffic), benchmarking (198.18.0.0/15), IETF protocol assignments (192.0.0.0/24), the reserved 240.0.0.0/4 block (including the 255.255.255.255 broadcast address), and IPv6 site-local (fec0::/10) and multicast (ff00::/8).

  The validator now strips trailing dots before the hostname checks and fully expands IPv6 addresses to detect embedded private IPv4 targets. The download helpers now follow redirects manually (redirect: 'manual'), re-validating each hop before requesting it, so an unsafe redirect target is never fetched. When a redirect cannot be inspected because the runtime returns an opaque response, the helpers fail closed (reject the redirect) on the server; only in a real browser — where SSRF is not reachable (fetch is constrained by CORS and cannot reach a server's internal network or cloud-metadata endpoints) — is the redirect followed natively so legitimate redirected downloads keep working.

• 5291f7e: Harden stream text processing and middleware against prototype pollution from stream part IDs.

• b4b575a: fix: redact server error details from UI message streams by default

  streamText(...).toUIMessageStream() and createUIMessageStream defaulted their onError callback to getErrorMessage, which serializes the raw error (error.toString() / JSON.stringify(error)) into the client-facing { type: 'error', errorText } chunk — and also into tool-output-error parts. The documented default was () => 'An error occurred.', so applications relying on the documented behavior were unknowingly streaming server exception details (internal hostnames, paths, provider request data, validation inputs) to end users.

  The default onError now returns the documented generic 'An error occurred.'. Raw error details are only emitted when the developer explicitly supplies an onError handler. This also redacts tool-output-error and invalid-tool-input error text by default; pass an onError to surface richer messages.

• Updated dependencies [bfa5864]

• Updated dependencies [f42aa79]

  • @​ai-sdk/provider-utils@​4.0.29
  • @​ai-sdk/gateway@​3.0.129

v6.0.202

Compare Source

Patch Changes

• 942f2f8: fix(security): re-validate tool approvals from client message history before execution

  The approval-replay path in generateText/streamText reconstructed approved tool calls from the client-supplied messages array and executed them without re-validating input against the tool's schema or re-checking that the tool actually requires approval. A client could forge an assistant message with a pre-approved tool-call part and have the server execute a tool with attacker-chosen arguments.

  The replay path now verifies the HMAC signature (when experimental_toolApprovalSecret is configured), re-validates tool-call input against the tool's input schema, and re-resolves whether the tool requires approval before execution.

• Updated dependencies [942f2f8]

  • @​ai-sdk/provider-utils@​4.0.28
  • @​ai-sdk/gateway@​3.0.128

v6.0.201

Compare Source

Patch Changes

• 0c8c0ed: fix(ai): return schema-transformed elements in array output mode

  Previously final array output validation checked each element against the schema but returned the raw model output. Array output now returns the validated values so Zod transforms, coercions, defaults, and pipes are applied consistently with object output.

v6.0.200

Compare Source

Patch Changes

• 14098e7: fix(ai): reject streamText result promises with NoOutputGeneratedError when the model stream ends without producing any output. Previously such streams resolved with an empty step. Incomplete streams with partial output still resolve with the partial result.
• 2cabe9c: Harden UI message stream processing against prototype pollution from chunk IDs.

v6.0.199

Compare Source

Patch Changes

• 49d9364: fix(ai): add approval guard for denied tool outputs
• Updated dependencies [3851e29]
• Updated dependencies [2a91a17]
  • @​ai-sdk/gateway@​3.0.127

v6.0.198

Compare Source

Patch Changes

• Updated dependencies [ff16d3b]
  • @​ai-sdk/gateway@​3.0.126

v6.0.197

Compare Source

v6.0.196

Compare Source

Patch Changes

• Updated dependencies [286b7a2]
  • @​ai-sdk/gateway@​3.0.124

v6.0.195

Compare Source

v6.0.194

Compare Source

v6.0.193

Compare Source

Patch Changes

• af580ea: fix(ai): do not re-validate tool input for output-error parts in validateUIMessages

v6.0.192

Compare Source

Patch Changes

• Updated dependencies [4084fcd]
  • @​ai-sdk/gateway@​3.0.121

v6.0.191

Compare Source

Patch Changes

• Updated dependencies [27a1b22]
  • @​ai-sdk/gateway@​3.0.120

v6.0.190

Compare Source

Patch Changes

• Updated dependencies [33b10a2]
• Updated dependencies [f6e4146]
  • @​ai-sdk/gateway@​3.0.119

v6.0.189

Compare Source

Patch Changes

• 356c3cf: fix(ai): make input optional on input-streaming UIMessagePart variants

v6.0.188

Compare Source

Patch Changes

• c98715a: Add allowSystemInMessages option to ToolLoopAgent.

  This exposes the same option that exists on streamText and generateText, whether role: "system" messages are allowed in the prompt or messages fields. When unset, system messages are rejected because they can create a prompt injection attack risk. Ideally, use the instructions option instead. Set to true to allow system messages, or false to explicitly reject them.

  const agent = new ToolLoopAgent({
    model,
    allowSystemInMessages: true,
  });
  
  await agent.generate({
    messages: [
      { role: "system", content: "Server context" },
      { role: "user", content: "Hello" },
    ],
  });

  The option can also be returned from prepareCall for dynamic per-call configuration.

v6.0.187

Compare Source

Patch Changes

• Updated dependencies [6f4bb06]
  • @​ai-sdk/gateway@​3.0.118

v6.0.185

Compare Source

Patch Changes

• Updated dependencies [488ef33]
  • @​ai-sdk/gateway@​3.0.116

v6.0.184

Patch Changes

• 40fc5e4: fix(ai): default missing embedding warnings to an empty array

v6.0.183

Patch Changes

• Updated dependencies [363cefe]
  • @​ai-sdk/gateway@​3.0.115

v6.0.182

Patch Changes

• e76a29a: fix(ai): download tool-result file URLs

v6.0.180

Patch Changes

• 253bd5a: fix(gateway): enable retry support for gateway errors
• 57ec10f: fix URL of hero animation in README
• Updated dependencies [253bd5a]
  • @​ai-sdk/gateway@​3.0.114

v6.0.178

Patch Changes

• ac6f27e: fix(ai): update opentelemetry pinned version

v6.0.177

Patch Changes

• Updated dependencies [5c73af8]
  • @​ai-sdk/gateway@​3.0.112

v6.0.176

Patch Changes

• f591416: feat(ai): add toolMetadata for tool specific metdata
• Updated dependencies [f591416]
  • @​ai-sdk/provider-utils@​4.0.27
  • @​ai-sdk/gateway@​3.0.111

v6.0.175

Patch Changes

• Updated dependencies [9a88b1d]
  • @​ai-sdk/gateway@​3.0.110

v6.0.174

Patch Changes

• Updated dependencies [49f6d44]
  • @​ai-sdk/gateway@​3.0.109

v6.0.173

Patch Changes

• 7beadf0: feat(mcp): propagate the server name through dynamic tool parts
• Updated dependencies [7beadf0]
  • @​ai-sdk/provider-utils@​4.0.26
  • @​ai-sdk/gateway@​3.0.108

v6.0.172

v6.0.171

Patch Changes

• 48f842a: fix(ai): enforce callOptionsSchema at runtime in ToolLoopAgent

  ToolLoopAgentSettings.callOptionsSchema was declared and documented as a runtime schema for options, but tool-loop-agent.ts never invoked it. Any invariant a developer encoded in the schema was silently bypassed at runtime, and unchecked options flowed straight into prepareCall and any instructions template that interpolated them.

  ToolLoopAgent.prepareCall now validates caller-supplied options against callOptionsSchema (when set) via safeValidateTypes, throwing InvalidArgumentError on failure before forwarding to prepareCall / generateText / streamText.

• a727da4: chore: ensure consistent import handling and avoid import duplicates or cycles

• 5fee301: fix(mcp): prevent prototype pollution by using secureJsonParse

• Updated dependencies [a727da4]

  • @​ai-sdk/provider-utils@​4.0.25
  • @​ai-sdk/provider@​3.0.10
  • @​ai-sdk/gateway@​3.0.106

v6.0.170

Compare Source

Patch Changes

• 19d587a: fix(ai): add allowSystemInMessages option and warn by default when system messages are found in prompt or messages

v6.0.169

Compare Source

v6.0.168

Compare Source

Patch Changes

• Updated dependencies [493d7d4]
  • @​ai-sdk/gateway@​3.0.104

v6.0.167

Compare Source

Patch Changes

• Updated dependencies [20805c8]
  • @​ai-sdk/gateway@​3.0.103

v6.0.166

Compare Source

Patch Changes

• b8d28f4: fix(ai): omit reasoning-start/end when sendReasoning is false

v6.0.165

Compare Source

Patch Changes

• Updated dependencies [2ff8d57]
  • @​ai-sdk/gateway@​3.0.102

v6.0.164

Compare Source

Patch Changes

• Updated dependencies [83434a9]
  • @​ai-sdk/gateway@​3.0.101

v6.0.163

Compare Source

Patch Changes

• Updated dependencies [a27a631]
  • @​ai-sdk/gateway@​3.0.100

v6.0.162

Compare Source

Patch Changes

• Updated dependencies [8c4abaf]
  • @​ai-sdk/gateway@​3.0.99

v6.0.161

Compare Source

Patch Changes

• Updated dependencies [9031f26]
  • @​ai-sdk/gateway@​3.0.98

v6.0.160

Compare Source

Patch Changes

• Updated dependencies [06f7838]
  • @​ai-sdk/gateway@​3.0.97

v6.0.159

Compare Source

Patch Changes

• Updated dependencies [a0d9373]
  • @​ai-sdk/gateway@​3.0.96

v6.0.158

Compare Source

Patch Changes

• 295beba: fix(ai): fix lastAssistantMessageIsCompleteWithApprovalResponses to no longer ignore providerExecuted tool approvals

v6.0.157

Compare Source

Patch Changes

• ff11aee: fix(ai): fix providerExecuted tool approvals being passed to language model twice

v6.0.156

Compare Source

Patch Changes

• Updated dependencies [08c5ac3]
  • @​ai-sdk/gateway@​3.0.95

v6.0.155

Compare Source

Patch Changes

• 06764c5: fix(ai): skip passing invalid JSON inputs to response messages

v6.0.154

Compare Source

Patch Changes

• Updated dependencies [37a378e]
  • @​ai-sdk/gateway@​3.0.94

v6.0.153

Compare Source

Patch Changes

• f152133: feat (ai/core): support plain string model IDs in rerank() function

  The rerank() function now accepts plain model strings (e.g., 'cohere/rerank-v3.5') in addition to RerankingModel objects, matching the behavior of generateText, embed, and other core functions.

v6.0.152

Compare Source

Patch Changes

• d42076d: Add AI Gateway hint to provider READMEs

v6.0.151

Compare Source

Patch Changes

• Updated dependencies [ec18852]
  • @​ai-sdk/gateway@​3.0.93

v6.0.150

Compare Source

Patch Changes

• 1003609: fix(ai): skip stringifying text when streaming partial text
• Updated dependencies [9de7d7b]
  • @​ai-sdk/gateway@​3.0.92

v6.0.149

Compare Source

Patch Changes

• Updated dependencies [3aca847]
  • @​ai-sdk/gateway@​3.0.91

v6.0.148

Compare Source

Patch Changes

• Updated dependencies [e923a24]
  • @​ai-sdk/gateway@​3.0.90

v6.0.147

Compare Source

Patch Changes

• Updated dependencies [6247886]
  • @​ai-sdk/provider-utils@​4.0.23
  • @​ai-sdk/gateway@​3.0.89

v6.0.146

Compare Source

Patch Changes

• Updated dependencies [5f439a1]
  • @​ai-sdk/gateway@​3.0.88

v6.0.145

Compare Source

Patch Changes

• Updated dependencies [ffd431a]
  • @​ai-sdk/gateway@​3.0.87

v6.0.144

Compare Source

Patch Changes

• 0469aed: fix: allow inline data URLs in download validation
• Updated dependencies [0469aed]
• Updated dependencies [15bfbd2]
  • @​ai-sdk/provider-utils@​4.0.22
  • @​ai-sdk/gateway@​3.0.86

v6.0.143

Compare Source

Patch Changes

• Updated dependencies [85e476d]
  • @​ai-sdk/gateway@​3.0.85

v6.0.142

Compare Source

Patch Changes

• 6f75953: feat(ai): add new isLoopFinished stop condition helper for unlimited steps
• Updated dependencies [70322b4]
  • @​ai-sdk/gateway@​3.0.84

v6.0.141

Compare Source

Patch Changes

• Updated dependencies [768a9d6]
  • @​ai-sdk/gateway@​3.0.83

v6.0.140

Compare Source

Patch Changes

• Updated dependencies [95fedf0]
  • @​ai-sdk/gateway@​3.0.82

v6.0.139

Compare Source

Patch Changes

• Updated dependencies [e69062d]
  • @​ai-sdk/gateway@​3.0.81

v6.0.138

Compare Source

Patch Changes

• Updated dependencies [0db5cd8]
  • @​ai-sdk/gateway@​3.0.80

v6.0.137

Compare Source

Patch Changes

• Updated dependencies [3caa544]
  • @​ai-sdk/gateway@​3.0.79

v6.0.136

Compare Source

Patch Changes

• Updated dependencies [763e178]
  • @​ai-sdk/gateway@​3.0.78

v6.0.135

Compare Source

Patch Changes

• df6a330: chore(ai): remove all experimental agent events

v6.0.134

Compare Source

Patch Changes

• ed6876b: chore(ai): remove all experimental embed events

v6.0.133

Compare Source

Patch Changes

• 055cd68: fix: publish v6 to latest npm dist tag
• Updated dependencies [d99eb91]
• Updated dependencies [055cd68]
  • @​ai-sdk/gateway@​3.0.77
  • @​ai-sdk/provider-utils@​4.0.21

v6.0.132

Compare Source

Patch Changes

• 28fd5a5: README updates

v6.0.131

Compare Source

Patch Changes

• 14f25f9: feat(ai): introduce experimental callbacks for embed function

v6.0.130

Compare Source

Patch Changes

• Updated dependencies [25af909]
  • @​ai-sdk/gateway@​3.0.76

v6.0.129

Compare Source

Patch Changes

• Updated dependencies [f95e0c0]
  • @​ai-sdk/gateway@​3.0.75

v6.0.128

Compare Source

Patch Changes

• Updated dependencies [7324b56]
  • @​ai-sdk/gateway@​3.0.74

v6.0.127

Compare Source

Patch Changes

• Updated dependencies [ac0c407]
• Updated dependencies [e748159]
  • @​ai-sdk/gateway@​3.0.73

v6.0.126

Compare Source

Patch Changes

• 578615a: Remove custom User-Agent header from HttpChatTransport to fix CORS preflight failures in Safari and Firefox

v6.0.125

Compare Source

Patch Changes

• Updated dependencies [5ffb1ad]
• Updated dependencies [f5bf0c6]
  • @​ai-sdk/gateway@​3.0.72

v6.0.124

Patch Changes

• Updated dependencies [55ccbe2]
  • @​ai-sdk/gateway@​3.0.71

v6.0.122

Compare Source

Patch Changes

• Updated dependencies [ca0b430]
  • @​ai-sdk/gateway@​3.0.70

v6.0.121

Compare Source

Patch Changes

• Updated dependencies [efdaefc]
  • @​ai-sdk/gateway@​3.0.69

v6.0.120

Compare Source

Patch Changes

• 78c0e26: feat(ai): pass result provider metadata across the stream

v6.0.119

Compare Source

Patch Changes

• ab286f1: fix(ai): doStream should reflect transformed values
• d68b122: feat(ai): add missing usage attributes

v6.0.118

Compare Source

Patch Changes

• 64ac0fd: fix(security): validate redirect targets in download functions to prevent SSRF bypass

  Both downloadBlob and download now validate the final URL after following HTTP redirects, preventing attackers from bypassing SSRF protections via open redirects to internal/private addresses.

• Updated dependencies [64ac0fd]

  • @​ai-sdk/provider-utils@​4.0.20
  • @​ai-sdk/gateway@​3.0.68

v6.0.117

Compare Source

Patch Changes

• d23121f: chore(ai): add optional ChatRequestOptions to addToolApprovalResponse and addToolOutput
• Updated dependencies [2589004]
  • @​ai-sdk/gateway@​3.0.67

v6.0.116

Compare Source

Patch Changes

• ad4cfc2: Add URL validation to downloadBlob and download to prevent blind SSRF attacks. Private/internal IP addresses, localhost, and non-HTTP protocols are now rejected before fetching.
• Updated dependencies [ad4cfc2]
  • @​ai-sdk/provider-utils@​4.0.19
  • @​ai-sdk/gateway@​3.0.66

v6.0.115

Compare Source

Patch Changes

• Updated dependencies [824b295]
  • @​ai-sdk/provider-utils@​4.0.18
  • @​ai-sdk/gateway@​3.0.65

v6.0.114

Compare Source

Patch Changes

• 2291047: fix(ai): fix missing support for image thought signatures (e.g. for Gemini image models)

v6.0.113

Compare Source

Patch Changes

• 70d3980: fix(ai): use errorMode 'text' in approval continuation to preserve tool error messages

v6.0.112

Compare Source

Patch Changes

• Updated dependencies [db3d4ca]
  • @​ai-sdk/gateway@​3.0.64

v6.0.111

Compare Source

Patch Changes

• 2129c82: feat(ai): register global telemetry integrations

v6.0.110

Compare Source

Patch Changes

• Updated dependencies [1b01ec1]
• Updated dependencies [8df8e11]
  • @​ai-sdk/gateway@​3.0.63

v6.0.109

Compare Source

Patch Changes

• Updated dependencies [10bec50]
  • @​ai-sdk/gateway@​3.0.62

v6.0.108

Compare Source

Patch Changes

• 2a4f512: feat(ai): add telemetry interface and registry

v6.0.107

Compare Source

Patch Changes

• Updated dependencies [08336f1]
  • @​ai-sdk/provider-utils@​4.0.17
  • @​ai-sdk/gateway@​3.0.61

v6.0.106

Compare Source

Patch Changes

• Updated dependencies [29e9f4d]
  • @​ai-sdk/gateway@​3.0.60

v6.0.105

Compare Source

Patch Changes

• Updated dependencies [58bc42d]
  • @​ai-sdk/provider-utils@​4.0.16
  • @​ai-sdk/gateway@​3.0.59

v6.0.104

Compare Source

Patch Changes

• Updated dependencies [1330f2f]
  • @​ai-sdk/gateway@​3.0.58

v6.0.103

Compare Source

Patch Changes

• Updated dependencies [ba63bc2]
  • @​ai-sdk/gateway@​3.0.57

v6.0.102

Compare Source

Patch Changes

• Updated dependencies [45f0a7f]
  • @​ai-sdk/gateway@​3.0.56

v6.0.101

Compare Source

Patch Changes

• 5230482: fix(ai): Don't create duplicate tool parts when models call non-existent tools

v6.0.100

Compare Source

Patch Changes

• b7fba77: feat(ai): add event notifiers to core functions

v6.0.99

Compare Source

Patch Changes

• Updated dependencies [e8172b6]
  • @​ai-sdk/gateway@​3.0.55

v6.0.98

Compare Source

Patch Changes

• Updated dependencies [0c9395b]
  • @​ai-sdk/gateway@​3.0.54

v6.0.97

Compare Source

Patch Changes

• ebfdad1: feat(ai): experimental callbacks in ToolLoopAgent

v6.0.96

Compare Source

Patch Changes

• 30c9de6: feat(ai): experimental callbacks for streamText

v6.0.95

Compare Source

Patch Changes

• Updated dependencies [73b7e09]
  • @​ai-sdk/gateway@​3.0.53

v6.0.94

Compare Source

Patch Changes

• Updated dependencies [363fa44]
  • @​ai-sdk/gateway@​3.0.52

v6.0.93

Compare Source

Patch Changes

• d3769ec: feat(ai): add experimental callbacks in generateText

v6.0.92

Compare Source

Patch Changes

• Updated dependencies [765b013]
  • @​ai-sdk/gateway@​3.0.51

v6.0.91

Compare Source

Patch Changes

• Updated dependencies [a433cd3]
  • @​ai-sdk/gateway@​3.0.50

v6.0.90

Compare Source

Patch Changes

• 98e83ab: Fix useChat status briefly flashing to submitted on page load when resume: true is set and there is no active stream to resume. The reconnectToStream check is now performed before setting status to submitted, so status stays ready when the server responds with 204 (no active stream).

v6.0.89

Compare Source

Patch Changes

• Updated dependencies [5f693c8]
  • @​ai-sdk/gateway@​3.0.49

v6.0.88

Compare Source

Patch Changes

• Updated dependencies [2a1c664]
  • @​ai-sdk/gateway@​3.0.48

v6.0.87

Compare Source

Patch Changes

• Updated dependencies [[6bbd05b](https://redirect.github.com/vercel/

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (in timezone Asia/Manila)

• Branch creation
  • "before 2am"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.