chore(deps): bump the npm_and_yarn group across 3 directories with 2 updates #727
Conversation
…updates Bumps the npm_and_yarn group with 2 updates in the / directory: [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) and [next](https://github.com/vercel/next.js). Bumps the npm_and_yarn group with 1 update in the /examples/nextjs directory: [next](https://github.com/vercel/next.js). Bumps the npm_and_yarn group with 1 update in the /examples/realtime-next directory: [next](https://github.com/vercel/next.js). Updates `@modelcontextprotocol/sdk` from 1.12.1 to 1.24.0 - [Release notes](https://github.com/modelcontextprotocol/typescript-sdk/releases) - [Commits](modelcontextprotocol/typescript-sdk@1.12.1...1.24.0) Updates `next` from 15.4.7 to 15.4.8 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.4.7...v15.4.8) Updates `next` from 15.4.7 to 15.4.8 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.4.7...v15.4.8) Updates `next` from 15.4.7 to 15.4.8 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v15.4.7...v15.4.8) --- updated-dependencies: - dependency-name: "@modelcontextprotocol/sdk" dependency-version: 1.24.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: next dependency-version: 15.4.8 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: next dependency-version: 15.4.8 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: next dependency-version: 15.4.8 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
|
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| "dependencies": { | ||
| "@modelcontextprotocol/sdk": "^1.12.0", | ||
| "@modelcontextprotocol/sdk": "^1.24.0", | ||
| "@openai/agents": "workspace:*" |
There was a problem hiding this comment.
Updating @modelcontextprotocol/sdk to 1.24.0 introduces a required peer dependency on zod (see new peerDependencies recorded in pnpm-lock.yaml), but this example package still only lists the SDK itself. A clean install of examples/mcp (e.g., running pnpm install in that folder or copying the example elsewhere) no longer pulls in zod, so the SDK’s runtime imports will resolve to a missing module/unmet peer and the example will fail to start. Adding an explicit zod dependency here (or pinning the SDK to a version without that peer) is needed to keep the MCP example working on standalone installs.
Useful? React with 👍 / 👎.
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
dependabot
bot
deleted the
dependabot/npm_and_yarn/npm_and_yarn-8855b0905c
branch
Bumps the npm_and_yarn group with 2 updates in the / directory: @modelcontextprotocol/sdk and next.
Bumps the npm_and_yarn group with 1 update in the /examples/nextjs directory: next.
Bumps the npm_and_yarn group with 1 update in the /examples/realtime-next directory: next.
Updates
@modelcontextprotocol/sdkfrom 1.12.1 to 1.24.0Release notes
Sourced from
@modelcontextprotocol/sdk's releases.... (truncated)
Commits
356b7e6chore: bump version for release (#1215)09623e2Merge commit from forkcf51343feat: backwards-compatible createMessage overloads for SEP-1577 (#1212)8204126fix: allow zod 4 transformations (#1213)6083600Modify Origin header validation in validateRequestHeaders (streamableHttp.ts ...a6ee2cbfix: normalize null to undefined in ElicitResultSchema content field (#1204)4b651b8feat: add closeStandaloneSSEStream for GET stream polling (#1203)5ceabfbfix: normalize headers in sse transport (#856)f67fc2ffix: improve SSE reconnection behavior (#1191)fab7e1efeat: add closeSSEStream callback to RequestHandlerExtra (#1166)Maintainer changes
This version was pushed to npm by pcarleton, a new releaser for
@modelcontextprotocol/sdksince your current version.Updates
nextfrom 15.4.7 to 15.4.8Release notes
Sourced from next's releases.
Commits
4966847v15.4.8bf8d31cupdate version scriptbed530fUpdate React Version for Next.js 15.4.8 (#9)4309d93update tag17e6873[backport]:experimental.middlewareClientMaxBodySize(#84722)4da39f2[backport] fix: unstable_cache should perform blocking revalidation during IS...Updates
nextfrom 15.4.7 to 15.4.8Release notes
Sourced from next's releases.
Commits
4966847v15.4.8bf8d31cupdate version scriptbed530fUpdate React Version for Next.js 15.4.8 (#9)4309d93update tag17e6873[backport]:experimental.middlewareClientMaxBodySize(#84722)4da39f2[backport] fix: unstable_cache should perform blocking revalidation during IS...Updates
nextfrom 15.4.7 to 15.4.8Release notes
Sourced from next's releases.
Commits
4966847v15.4.8bf8d31cupdate version scriptbed530fUpdate React Version for Next.js 15.4.8 (#9)4309d93update tag17e6873[backport]:experimental.middlewareClientMaxBodySize(#84722)4da39f2[backport] fix: unstable_cache should perform blocking revalidation during IS...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.