chore(deps): bump ai from 4.3.19 to 5.0.52 in /examples/node/observability-vercel-ai#3878
Conversation
Bumps [ai](https://github.com/vercel/ai) from 4.3.19 to 5.0.52. - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/main/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/compare/ai@4.3.19...ai@5.0.52) --- updated-dependencies: - dependency-name: ai dependency-version: 5.0.52 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
dosubot
bot
added
the
size:XS
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
| "@opentelemetry/sdk-trace-node": "^1.28.0", | ||
| "@opentelemetry/semantic-conventions": "^1.28.0", | ||
| "ai": "^4.3.16", | ||
| "ai": "^5.0.52", |
There was a problem hiding this comment.
🔴 @ai-sdk/openai not bumped to v3.x, incompatible with ai@5.x due to major provider interface mismatch
The ai package is bumped from v4 to v5 (^5.0.52), but @ai-sdk/openai remains at ^1.3.22. These versions are incompatible because they depend on different major versions of the shared @ai-sdk/provider interface:
@ai-sdk/openai@1.3.24depends on@ai-sdk/provider@1.1.3and@ai-sdk/provider-utils@2.2.8ai@5.0.52depends on@ai-sdk/provider@2.0.0and@ai-sdk/provider-utils@3.0.9
Root cause and impact
The model object returned by openai("gpt-4o-mini") from @ai-sdk/openai@1.x implements the @ai-sdk/provider@1.x LanguageModel interface. However, generateText from ai@5.x expects a model conforming to the @ai-sdk/provider@2.x interface. Since @ai-sdk/provider went through a major version bump (1.x → 2.x), the internal contracts between provider and SDK have changed.
The npm registry shows that @ai-sdk/openai v3.x is the version line designed for ai@5.x. The @ai-sdk/openai dependency at examples/node/observability-vercel-ai/package.json:10 should be bumped to ^3.0.0 (or a compatible v3 range) to match the ai@5.x upgrade.
Impact: The example application (app.js:11-27) will fail at runtime when generateText receives an incompatible model object, making this example non-functional.
Prompt for agents
In examples/node/observability-vercel-ai/package.json, bump @ai-sdk/openai from ^1.3.22 to ^3.0.0 (or latest 3.x) on line 10 to match the ai@5.x major version upgrade. The @ai-sdk/openai 1.x line uses @ai-sdk/provider 1.x interfaces which are incompatible with ai 5.x (which uses @ai-sdk/provider 2.x). After updating package.json, regenerate the package-lock.json by running npm install in the examples/node/observability-vercel-ai/ directory.
Was this helpful? React with 👍 or 👎 to provide feedback.
Bumps ai from 4.3.19 to 5.0.52.
Commits
63d5f66Version Packages (#8895)930399bBackport: fix(ai): download files when intermediate file cannot be downloaded...7ca78f1Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...1cfc209Backport: feat(provider/openai):OpenAILanguageModelOptionstype (#8858)347b7ecci: renamev5.0branch torelease-v*85909a9Backport: chore(ai): update test message (#8875)c56822dBackport: fix(ai): updateuiMessageChunkSchemato satisfy the `UIMessageChu...1461adfBackport: chore(examples): remove redundant OpenAI reasoning examples (#8871)6bd07dfVersion Packages (#8853)a45d61aci(release): remove incorrect changeset bump for@ai-sdk/basetenDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.