chore(deps): bump the npm group with 6 updates by dependabot[bot] · Pull Request #184 · unav4ila8le/foliofox

dependabot · 2026-03-23T19:39:45Z

Bumps the npm group with 6 updates:

Package	From	To
@ai-sdk/openai	`3.0.47`	`3.0.48`
@ai-sdk/react	`3.0.136`	`3.0.138`
@supabase/supabase-js	`2.99.3`	`2.100.0`
ai	`6.0.134`	`6.0.136`
posthog-js	`1.363.2`	`1.363.3`
vitest	`4.1.0`	`4.1.1`

Updates @ai-sdk/openai from 3.0.47 to 3.0.48

Release notes

Sourced from @ai-sdk/openai's releases.

@ai-sdk/openai@3.0.48

Patch Changes

9c548de: Add gpt-5.4-mini, gpt-5.4-mini-2026-03-17, gpt-5.4-nano, and gpt-5.4-nano-2026-03-17 models.

bcb04df: fix(openai): preserve raw finish reason for failed responses stream events

Handle response.failed chunks in Responses API streaming so finishReason.raw is preserved from incomplete_details.reason (e.g. max_output_tokens), and map failed-without-reason cases to unified error instead of other.

Commits

a141a1e Version Packages (#13762)
9c548de Backport: feat(openai): add additional GPT-5.4 models (#13755)
bcb04df Backport: feat: add support for response.failed event type with finish reason...
7f19779 Version Packages (#13740)
763e178 Backport: chore(provider/gateway): update gateway model settings files v6 (#1...
be357d5 Version Packages (#13734)
df6a330 chore(ai): remove all experimental agent events (#13698)
b911147 Version Packages (#13729)
4bcec3c Backport: feat(perplexity): expose provider-reported cost in providerMetadata...
9c523bc Version Packages (#13723)
Additional commits viewable in compare view

Updates @ai-sdk/react from 3.0.136 to 3.0.138

Release notes

Sourced from @ai-sdk/react's releases.

@ai-sdk/react@3.0.138

Patch Changes

ai@6.0.136

@ai-sdk/react@3.0.137

Patch Changes

Updated dependencies [df6a330]

ai@6.0.135

Commits

7f19779 Version Packages (#13740)
763e178 Backport: chore(provider/gateway): update gateway model settings files v6 (#1...
be357d5 Version Packages (#13734)
df6a330 chore(ai): remove all experimental agent events (#13698)
b911147 Version Packages (#13729)
4bcec3c Backport: feat(perplexity): expose provider-reported cost in providerMetadata...
9c523bc Version Packages (#13723)
12e972c Backport: feat(provider/xai): add costInUsdTicks and moderation error to vide...
See full diff in compare view

Updates @supabase/supabase-js from 2.99.3 to 2.100.0

Release notes

Sourced from @supabase/supabase-js's releases.

v2.100.0

2.100.0 (2026-03-23)

🚀 Features

realtime: use phoenix's js lib inside realtime-js (#2119)

🩹 Fixes

auth: guard navigator lock steal against cascade when lock is stolen by another request (#2178)

realtime: revert vsn type to string (#2170)

storage: structural detection on json() to detect Response-like errors (#2179)

❤️ Thank You

Alan Guzek @GuzekAlan

Dominik Pilipczuk @snickerdoodle2

Katerina Skroumpelou @mandarini

v2.100.0-rc.0

2.100.0-rc.0 (2026-03-16)

This was a version bump only, there were no code changes.

v2.100.0-canary.4

2.100.0-canary.4 (2026-03-23)

🩹 Fixes

postgrest: add type safety for eq() and neq() column names (#2175)

❤️ Thank You

Ayush Baluni @aayushbaluni

v2.100.0-canary.3

2.100.0-canary.3 (2026-03-20)

This was a version bump only, there were no code changes.

v2.100.0-canary.2

2.100.0-canary.2 (2026-03-19)

This was a version bump only, there were no code changes.

v2.100.0-canary.1

2.100.0-canary.1 (2026-03-19)

🩹 Fixes

... (truncated)

Changelog

Sourced from @supabase/supabase-js's changelog.

2.100.0 (2026-03-23)

This was a version bump only for @supabase/supabase-js to align it with other projects, there were no code changes.

2.99.2 (2026-03-16)

This was a version bump only for @supabase/supabase-js to align it with other projects, there were no code changes.

2.99.1 (2026-03-11)

This was a version bump only for @supabase/supabase-js to align it with other projects, there were no code changes.

2.99.0 (2026-03-09)

This was a version bump only for @supabase/supabase-js to align it with other projects, there were no code changes.

2.98.0 (2026-02-26)

This was a version bump only for @supabase/supabase-js to align it with other projects, there were no code changes.

2.97.0 (2026-02-18)

This was a version bump only for @supabase/supabase-js to align it with other projects, there were no code changes.

2.96.0 (2026-02-17)

This was a version bump only for @supabase/supabase-js to align it with other projects, there were no code changes.

2.95.3 (2026-02-06)

🚀 Features

supabase: add canonical CORS headers export for edge functions (#2071)

❤️ Thank You

Katerina Skroumpelou @mandarini

2.95.0 (2026-02-05)

🚀 Features

supabase: add canonical CORS headers export for edge functions (#2071)

❤️ Thank You

Katerina Skroumpelou @mandarini

2.94.1 (2026-02-04)

... (truncated)

Commits

See full diff in compare view

Updates ai from 6.0.134 to 6.0.136

Release notes

Sourced from ai's releases.

ai@6.0.136

Patch Changes

Updated dependencies [763e178]

@ai-sdk/gateway@3.0.78

ai@6.0.135

Patch Changes

df6a330: chore(ai): remove all experimental agent events

Commits

7f19779 Version Packages (#13740)
763e178 Backport: chore(provider/gateway): update gateway model settings files v6 (#1...
be357d5 Version Packages (#13734)
df6a330 chore(ai): remove all experimental agent events (#13698)
b911147 Version Packages (#13729)
4bcec3c Backport: feat(perplexity): expose provider-reported cost in providerMetadata...
9c523bc Version Packages (#13723)
12e972c Backport: feat(provider/xai): add costInUsdTicks and moderation error to vide...
See full diff in compare view

Updates posthog-js from 1.363.2 to 1.363.3

Release notes

Sourced from posthog-js's releases.

posthog-js@1.363.3

1.363.3

Patch Changes

#3253 42fbd41 Thanks @marandaneto! - Reduce browser SDK bundle size by ~6.6 KB (-3.7%) through code modernization, build config tuning, string deduplication, enum-to-const conversions, and property access shorthand getters. (2026-03-23)

Updated dependencies []:

@posthog/types@1.363.3

Commits

d7391a3 chore: update versions and lockfile [version bump]
42fbd41 chore(browser): reduce bundle size by 6.6 KB (-3.7%) (#3253)
See full diff in compare view

Updates vitest from 4.1.0 to 4.1.1

Release notes

Sourced from vitest's releases.

v4.1.1

   🚀 Features

experimental:

Expose matchesTags to test if the current filter matches tags - by @sheremet-va in vitest-dev/vitest#9913 (eec53)

Introduce experimental.vcsProvider - by @sheremet-va in vitest-dev/vitest#9928 (56115)

   🐞 Bug Fixes

Mark TestProject.testFilesList internal properly - by @sapphi-red in vitest-dev/vitest#9867 (54f26)

Detect fixture that returns without calling use - by @oilater in vitest-dev/vitest#9831 and vitest-dev/vitest#9861 (633ae)

Drop vite 8.beta support - by @AriPerkkio in vitest-dev/vitest#9862 (b78f5)

Type regression in vi.mocked() static class methods - by @purepear and @hi-ogawa in vitest-dev/vitest#9857 (90926)

Properly re-evaluate actual modules of mocked external - by @hi-ogawa in vitest-dev/vitest#9898 (ae5ec)

Preserve coverage report when html reporter overlaps - by @hi-ogawa in vitest-dev/vitest#9889 (2d81a)

Provide vi.advanceTimers to the preview provider - by @sheremet-va in vitest-dev/vitest#9891 (1bc3e)

Don't leak event listener in playwright provider - by @sheremet-va in vitest-dev/vitest#9910 (d9355)

Open browser in --standalone mode without running tests - by @sheremet-va in vitest-dev/vitest#9911 (e78ad)

Guard disposable and optional body - by @sheremet-va in vitest-dev/vitest#9912 (6fdb2)

Resolve retry.condition RegExp serialization issue - by @nstepien and @hi-ogawa in vitest-dev/vitest#9942 (7b605)

collect:

Don't treat extra props on test return as tests - by @sheremet-va in vitest-dev/vitest#9871 (141e7)

coverage:

Simplify provider types - by @AriPerkkio in vitest-dev/vitest#9931 (aaf9f)

Load built-in provider without module runner - by @AriPerkkio in vitest-dev/vitest#9939 (bf892)

expect:

Soft assertions continue after .resolves/.rejects promise errors - by @mixelburg, Maks Pikov, Claude Opus 4.6 (1M context) and @hi-ogawa in vitest-dev/vitest#9843 (6d74b)

Fix sinon-chai style API - by @hi-ogawa in vitest-dev/vitest#9943 (0f08d)

pretty-format:

Limit output for large object - by @hi-ogawa and Claude Opus 4.6 (1M context) in vitest-dev/vitest#9949 (0d5f9)

    View changes on GitHub

Commits

1f2d318 chore: release v4.1.1
ebfde79 refactor: rename matchesTagsFilter to matchesTags (#9956)
5611500 feat(experimental): introduce experimental.vcsProvider (#9928)
eec53d9 feat(experimental): expose matchesTagsFilter to test if the current filter ...
bf89208 fix(coverage): load built-in provider without module runner (#9939)
5a60868 refactor: fix typos (#9950)
aaf9f18 fix(coverage): simplify provider types (#9931)
6fdb2ba fix: guard disposable and optional body (#9912)
e78adcf fix: open browser in --standalone mode without running tests (#9911)
ae5ec03 fix: properly re-evaluate actual modules of mocked external (#9898)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the npm group with 6 updates: | Package | From | To | | --- | --- | --- | | [@ai-sdk/openai](https://github.com/vercel/ai) | `3.0.47` | `3.0.48` | | [@ai-sdk/react](https://github.com/vercel/ai) | `3.0.136` | `3.0.138` | | [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js) | `2.99.3` | `2.100.0` | | [ai](https://github.com/vercel/ai) | `6.0.134` | `6.0.136` | | [posthog-js](https://github.com/PostHog/posthog-js) | `1.363.2` | `1.363.3` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.0` | `4.1.1` | Updates `@ai-sdk/openai` from 3.0.47 to 3.0.48 - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/main/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/compare/@ai-sdk/openai@3.0.47...@ai-sdk/openai@3.0.48) Updates `@ai-sdk/react` from 3.0.136 to 3.0.138 - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/main/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/compare/@ai-sdk/react@3.0.136...@ai-sdk/react@3.0.138) Updates `@supabase/supabase-js` from 2.99.3 to 2.100.0 - [Release notes](https://github.com/supabase/supabase-js/releases) - [Changelog](https://github.com/supabase/supabase-js/blob/master/packages/core/supabase-js/CHANGELOG.md) - [Commits](https://github.com/supabase/supabase-js/commits/v2.100.0/packages/core/supabase-js) Updates `ai` from 6.0.134 to 6.0.136 - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/main/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/compare/ai@6.0.134...ai@6.0.136) Updates `posthog-js` from 1.363.2 to 1.363.3 - [Release notes](https://github.com/PostHog/posthog-js/releases) - [Changelog](https://github.com/PostHog/posthog-js/blob/main/CHANGELOG.md) - [Commits](https://github.com/PostHog/posthog-js/compare/posthog-js@1.363.2...posthog-js@1.363.3) Updates `vitest` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.1/packages/vitest) --- updated-dependencies: - dependency-name: "@ai-sdk/openai" dependency-version: 3.0.48 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@ai-sdk/react" dependency-version: 3.0.138 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@supabase/supabase-js" dependency-version: 2.100.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: npm - dependency-name: ai dependency-version: 6.0.136 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm - dependency-name: posthog-js dependency-version: 1.363.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm - dependency-name: vitest dependency-version: 4.1.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm ... Signed-off-by: dependabot[bot] <support@github.com>

vercel · 2026-03-23T19:39:49Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
foliofox	Ready	Preview, Comment	Mar 23, 2026 7:41pm

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 23, 2026

dependabot bot requested a review from unav4ila8le as a code owner March 23, 2026 19:39

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 23, 2026

vercel bot deployed to Preview March 23, 2026 19:41 View deployment

unav4ila8le approved these changes Mar 24, 2026

View reviewed changes

unav4ila8le merged commit d3fdc4d into main Mar 24, 2026
6 checks passed

unav4ila8le deleted the dependabot/npm_and_yarn/npm-d6644d0d6f branch March 24, 2026 04:10

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the npm group with 6 updates#184

chore(deps): bump the npm group with 6 updates#184
unav4ila8le merged 1 commit intomainfrom
dependabot/npm_and_yarn/npm-d6644d0d6f

dependabot bot commented on behalf of github Mar 23, 2026

Uh oh!

vercel bot commented Mar 23, 2026 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Mar 23, 2026

@​ai-sdk/openai@​3.0.48

Patch Changes

@​ai-sdk/react@​3.0.138

Patch Changes

@​ai-sdk/react@​3.0.137

Patch Changes

v2.100.0

2.100.0 (2026-03-23)

🚀 Features

🩹 Fixes

❤️ Thank You

v2.100.0-rc.0

2.100.0-rc.0 (2026-03-16)

v2.100.0-canary.4

2.100.0-canary.4 (2026-03-23)

🩹 Fixes

❤️ Thank You

v2.100.0-canary.3

2.100.0-canary.3 (2026-03-20)

v2.100.0-canary.2

2.100.0-canary.2 (2026-03-19)

v2.100.0-canary.1

2.100.0-canary.1 (2026-03-19)

🩹 Fixes

2.100.0 (2026-03-23)

2.99.2 (2026-03-16)

2.99.1 (2026-03-11)

2.99.0 (2026-03-09)

2.98.0 (2026-02-26)

2.97.0 (2026-02-18)

2.96.0 (2026-02-17)

2.95.3 (2026-02-06)

🚀 Features

❤️ Thank You

2.95.0 (2026-02-05)

🚀 Features

❤️ Thank You

2.94.1 (2026-02-04)

ai@6.0.136

Patch Changes

ai@6.0.135

Patch Changes

posthog-js@1.363.3

1.363.3

Patch Changes

v4.1.1

🚀 Features

🐞 Bug Fixes

View changes on GitHub

Uh oh!

vercel bot commented Mar 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

`@ai-sdk/openai@3`.0.48

`@ai-sdk/react@3`.0.138

`@ai-sdk/react@3`.0.137

vercel bot commented Mar 23, 2026 •

edited

Loading