[Snyk] Upgrade openai from 4.61.0 to 6.8.0

[nerdy-tech-com-gitub]

Snyk has created this PR to upgrade openai from 4.61.0 to 6.8.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 143 versions ahead of your current version.

• The recommended version was released 21 days ago.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Insecure Randomness SNYK-JS-UNDICI-8641354	101	Proof of Concept
	Incorrect Authorization SNYK-JS-VITE-9512410	101	Mature
	Incorrect Authorization SNYK-JS-VITE-9653016	101	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	101	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	101	Proof of Concept
	Command Injection SNYK-JS-GLOB-14040952	101	Proof of Concept
	Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8446504	101	Proof of Concept
	Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8623536	101	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-NUXT-7640974	101	No Known Exploit
	Acceptance of Extraneous Untrusted Data With Trusted Data SNYK-JS-NUXT-9486043	101	No Known Exploit
	Directory Traversal SNYK-JS-NUXTDEVTOOLS-7640977	101	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-ROLLUP-8073097	101	Proof of Concept
	Directory Traversal SNYK-JS-SUPABASEAUTHJS-10255365	101	No Known Exploit
	Improper Validation of Specified Type of Input SNYK-JS-VALIDATOR-13395830	101	Proof of Concept
	Directory Traversal SNYK-JS-VITE-13644406	101	Proof of Concept
	Information Exposure SNYK-JS-VITE-8023174	101	Proof of Concept
	Origin Validation Error SNYK-JS-VITE-8648411	101	Proof of Concept
	Access Control Bypass SNYK-JS-VITE-9576207	101	Proof of Concept
	Information Exposure SNYK-JS-VITE-9685035	101	Proof of Concept
	Directory Traversal SNYK-JS-VITE-9919777	101	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-VUETEMPLATECOMPILER-7554675	101	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELHELPERS-9397697	101	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIME-10044504	101	Proof of Concept
	Prototype Pollution SNYK-JS-JSYAML-13961110	101	No Known Exploit
	Open Redirect SNYK-JS-KOA-10944994	101	Proof of Concept
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	101	No Known Exploit
	Improper Input Validation SNYK-JS-NANOID-8492085	101	No Known Exploit
	Improper Input Validation SNYK-JS-NANOID-8492085	101	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JS-NUXT-7640972	101	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-NUXTDEVTOOLS-13849298	101	No Known Exploit
	Origin Validation Error SNYK-JS-NUXTVITEBUILDER-8663232	101	Proof of Concept
	Prototype Pollution SNYK-JS-PARSEGITCONFIG-9403763	101	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	101	Proof of Concept
	Cross-site Scripting SNYK-JS-SEND-7926862	101	No Known Exploit
	Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	101	No Known Exploit
	Directory Traversal SNYK-JS-SIRV-12558119	101	Proof of Concept
	Missing Release of Memory after Effective Lifetime SNYK-JS-UNDICI-10176064	101	Proof of Concept
	Relative Path Traversal SNYK-JS-VITE-12558116	101	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-VITE-8022916	101	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VUETEMPLATECOMPILER-8219888	101	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	101	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	101	Proof of Concept
	Prototype Pollution SNYK-JS-DEVALUE-12205530	101	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-KOA-8720152	101	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JS-KOA-9679272	101	Proof of Concept
	Directory Traversal SNYK-JS-NUXT-12878602	101	Proof of Concept

Release notes

Package name: openai

• 6.8.0 - 2025-11-03
  

  6.8.0 (2025-11-03)

  Full Changelog: v6.7.0...v6.8.0

  Features

  • api: Realtime API token_limits, Hybrid searching ranking options (6a5b48c)
  • api: remove InputAudio from ResponseInputContent (9909fef)

  Chores

  • internal: codegen related update (3ad52aa)
• 6.7.0 - 2025-10-24
  

  6.7.0 (2025-10-24)

  Full Changelog: v6.6.0...v6.7.0

  Features

  • add support for zod@4 schemas (#1666) (10ef7ff)

  Bug Fixes

  • api: docs updates (2591c21)
• 6.6.0 - 2025-10-20
  

  6.6.0 (2025-10-20)

  Full Changelog: v6.5.0...v6.6.0

  Features

  • api: Add responses.input_tokens.count (520c8a9)

  Bug Fixes

  • api: internal openapi updates (d4aaef9)
• 6.5.0 - 2025-10-17
  

  6.5.0 (2025-10-17)

  Full Changelog: v6.4.0...v6.5.0

  Features

  • api: api update (4d21af3)
• 6.4.0 - 2025-10-16
  

  6.4.0 (2025-10-16)

  Full Changelog: v6.3.0...v6.4.0

  Features

  • api: Add support for gpt-4o-transcribe-diarize on audio/transcriptions endpoint (2d27392)
• 6.3.0 - 2025-10-10
  

  6.3.0 (2025-10-10)

  Full Changelog: v6.2.0...v6.3.0

  Features

  • api: comparison filter in/not in (1a733c6)

  Chores

  • internal: use npm pack for build uploads (a532410)
• 6.2.0 - 2025-10-06
  

  6.2.0 (2025-10-06)

  Full Changelog: v6.1.0...v6.2.0

  Features

  • api: dev day 2025 launches (f2816db)

  Chores

  • internal: codegen related update (b6f64b7)
  • jsdoc: fix @ link annotations to refer only to parts of the package‘s public interface (73e465d)
• 6.1.0 - 2025-10-02
  

  6.1.0 (2025-10-02)

  Full Changelog: v6.0.1...v6.1.0

  Features

  • api: add support for realtime calls (5de9585)
• 6.0.1 - 2025-10-01
  

  6.0.1 (2025-10-01)

  Full Changelog: v6.0.0...v6.0.1

  Bug Fixes

  • api: add status, approval_request_id to MCP tool call (498c6a5)
• 6.0.0 - 2025-09-30
  

  6.0.0 (2025-09-30)

  Full Changelog: v5.23.2...v6.0.0

  ⚠ BREAKING CHANGES

  • api: ResponseFunctionToolCallOutputItem.output and ResponseCustomToolCallOutput.output now return string | Array<ResponseInputText | ResponseInputImage | ResponseInputFile> instead of string only. This may break existing callsites that assume output is always a string.

  Features

  • api: Support images and files for function call outputs in responses, BatchUsage (abe56f8)

  Chores

  • compat with zod v4 (#1658) (94569a0)
• 5.23.2 - 2025-09-30
• 5.23.1 - 2025-09-26
• 5.23.0 - 2025-09-23
• 5.22.1 - 2025-09-22
• 5.22.0 - 2025-09-19
• 5.21.0 - 2025-09-17
• 5.20.3 - 2025-09-15
• 5.20.2 - 2025-09-12
• 5.20.1 - 2025-09-10
• 5.20.0 - 2025-09-08
• 5.19.1 - 2025-09-03
• 5.19.0 - 2025-09-03
• 5.18.1 - 2025-09-02
• 5.18.0 - 2025-09-02
• 5.17.0 - 2025-09-02
• 5.16.0 - 2025-08-26
• 5.15.0 - 2025-08-21
• 5.13.1 - 2025-08-19
• 5.12.2 - 2025-08-08
• 5.12.1 - 2025-08-07
• 5.12.0 - 2025-08-05
• 5.11.0 - 2025-07-30
• 5.10.3 - 2025-07-30
• 5.10.2 - 2025-07-22
• 5.10.1 - 2025-07-16
• 5.10.0 - 2025-07-16
• 5.9.2 - 2025-07-15
• 5.9.1 - 2025-07-15
• 5.9.0 - 2025-07-10
• 5.8.4 - 2025-07-10
• 5.8.3 - 2025-07-08
• 5.8.2 - 2025-06-27
• 5.8.1 - 2025-06-26
• 5.8.0 - 2025-06-26
• 5.7.0 - 2025-06-23
• 5.6.0 - 2025-06-20
• 5.5.1 - 2025-06-17
• 5.5.0 - 2025-06-16
• 5.4.0 - 2025-06-16
• 5.3.0 - 2025-06-10
• 5.2.0 - 2025-06-09
• 5.1.1 - 2025-06-05
• 5.1.0 - 2025-06-03
• 5.0.2 - 2025-06-02
• 5.0.1 - 2025-05-29
• 5.0.0 - 2025-05-29
• 5.0.0-beta.0 - 2025-03-05
• 5.0.0-alpha.0 - 2024-12-20
• 4.104.0 - 2025-05-29
• 4.103.0 - 2025-05-22
• 4.102.0 - 2025-05-21
• 4.101.0 - 2025-05-21
• 4.100.0 - 2025-05-16
• 4.99.0 - 2025-05-16
• 4.98.0 - 2025-05-08
• 4.97.0 - 2025-05-02
• 4.96.2 - 2025-04-29
• 4.96.1 - 2025-04-29
• 4.96.0 - 2025-04-23
• 4.95.1 - 2025-04-18
• 4.95.0 - 2025-04-16
• 4.94.0 - 2025-04-14
• 4.93.0 - 2025-04-08
• 4.92.1 - 2025-04-07
• 4.92.0 - 2025-04-07
• 4.91.1 - 2025-04-01
• 4.91.0 - 2025-03-31
• 4.90.0 - 2025-03-27
• 4.89.1 - 2025-03-26
• 4.89.0 - 2025-03-20
• 4.88.0 - 2025-03-19
• 4.87.4 - 2025-03-18
• 4.87.3 - 2025-03-11
• 4.87.2 - 2025-03-11
• 4.87.1 - 2025-03-11
• 4.87.0 - 2025-03-11
• 4.86.2 - 2025-03-05
• 4.86.1 - 2025-02-27
• 4.86.0 - 2025-02-27
• 4.85.4 - 2025-02-22
• 4.85.3 - 2025-02-20
• 4.85.2 - 2025-02-18
• 4.85.1 - 2025-02-14
• 4.85.0 - 2025-02-13
• 4.84.1 - 2025-02-13
• 4.84.0 - 2025-02-12
• 4.83.0 - 2025-02-05
• 4.82.0 - 2025-01-31
• 4.81.0 - 2025-01-29
• 4.80.1 - 2025-01-24
• 4.80.0 - 2025-01-22
• 4.79.4 - 2025-01-21
• 4.79.3 - 2025-01-21
• 4.79.2 - 2025-01-21
• 4.79.1 - 2025-01-17
• 4.79.0 - 2025-01-17
• 4.78.1 - 2025-01-10
• 4.78.0 - 2025-01-09
• 4.77.4 - 2025-01-08
• 4.77.3 - 2025-01-03
• 4.77.0 - 2024-12-17
• 4.76.3 - 2024-12-13
• 4.76.2 - 2024-12-12
• 4.76.1 - 2024-12-10
• 4.76.0 - 2024-12-05
• 4.75.0 - 2024-12-03
• 4.74.0 - 2024-12-02
• 4.73.1 - 2024-11-25
• 4.73.0 - 2024-11-20
• 4.72.0 - 2024-11-12
• 4.71.1 - 2024-11-06
• 4.71.0 - 2024-11-04
• 4.70.3 - 2024-11-04
• 4.70.2 - 2024-11-01
• 4.70.1 - 2024-11-01
• 4.70.0 - 2024-11-01
• 4.69.0 - 2024-10-30
• 4.68.4 - 2024-10-23
• 4.68.3 - 2024-10-23
• 4.68.2 - 2024-10-22
• 4.68.1 - 2024-10-18
• 4.68.0 - 2024-10-17
• 4.67.3 - 2024-10-08
• 4.67.2 - 2024-10-07
• 4.67.1 - 2024-10-02
• 4.67.0 - 2024-10-01
• 4.66.1 - 2024-09-30
• 4.65.0 - 2024-09-26
• 4.64.0 - 2024-09-25
• 4.63.0 - 2024-09-20
• 4.62.1 - 2024-09-18
• 4.62.0 - 2024-09-17
• 4.61.1 - 2024-09-16
• 4.61.0 - 2024-09-13

from openai GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs