build(deps): bump the production-dependencies group across 1 directory with 59 updates

[dependabot]

Bumps the production-dependencies group with 59 updates in the / directory:

Package	From	To
@ai-sdk/openai	3.0.26	3.0.54
@ai-sdk/react	3.0.80	3.0.172
@aws-sdk/client-s3	3.984.0	3.1039.0
@aws-sdk/s3-request-presigner	3.984.0	3.1039.0
@fumadocs/content-collections	1.2.6	1.2.9
@hono/zod-openapi	1.2.1	1.3.0
@next/third-parties	16.1.6	16.2.4
@paralleldrive/cuid2	2.3.1	3.3.0
@prisma/client	7.3.0	7.8.0
@react-email/components	0.0.41	1.0.12
@react-email/render	1.4.0	2.0.8
@scalar/hono-api-reference	0.9.40	0.10.12
@tanstack/react-query	5.90.20	5.100.6
@tiptap/extension-dropcursor	3.19.0	3.22.5
@tiptap/extension-image	3.19.0	3.22.5
@tiptap/extension-placeholder	3.19.0	3.22.5
@tiptap/react	3.19.0	3.22.5
@tiptap/starter-kit	3.19.0	3.22.5
@uiw/react-md-editor	4.0.11	4.1.0
ai	6.0.78	6.0.170
better-auth	1.4.18	1.6.9
boring-avatars	1.11.2	2.0.4
dompurify	3.3.1	3.4.1
fumadocs-core	16.5.2	16.8.5
fumadocs-ui	16.5.2	16.8.5
geist	1.5.1	1.7.0
hono	4.11.8	4.12.16
hono-openapi	0.4.8	1.3.0
isomorphic-dompurify	2.35.0	3.11.0
jotai	2.12.3	2.19.1
lucide-react	0.542.0	1.14.0
nanoid	5.1.6	5.1.9
next	16.1.6	16.2.4
next-intl	4.8.3	4.11.0
nodemailer	7.0.13	8.0.7
nuqs	2.8.8	2.8.9
openai	6.19.0	6.35.0
react	19.2.4	19.2.5
react-day-picker	9.13.0	9.14.0
react-dom	19.2.4	19.2.5
react-dropzone	14.4.0	15.0.0
react-hook-form	7.71.1	7.74.0
react-qr-code	2.0.18	2.0.21
react-resizable-panels	3.0.6	4.10.0
recharts	2.15.4	3.8.1
sharp	0.34.4	0.34.5
slugify	1.6.6	1.6.9
stripe	18.5.0	22.1.0
tailwind-merge	3.4.0	3.5.0
tencentcloud-sdk-nodejs	4.1.184	4.1.224
ufo	1.6.3	1.6.4
use-debounce	10.1.0	10.1.1
use-intl	4.8.2	4.11.0
uuid	11.1.0	14.0.0
zod	4.3.6	4.4.1
zustand	5.0.11	5.0.12
@prisma/adapter-pg	7.3.0	7.8.0
pg	8.18.0	8.20.0
ws	8.19.0	8.20.0

Updates @ai-sdk/openai from 3.0.26 to 3.0.54

Release notes

Sourced from @​ai-sdk/openai's releases.

@​ai-sdk/openai@​3.0.54

Patch Changes

• a7f3c72: trigger release for all packages after provenance setup
• 408a2ad: patch - send content: null instead of empty string for tool-only assistant messages
• c71ad14: feat(provider/openai): add gpt-image-2 model support
• Updated dependencies [a7f3c72]
  • @​ai-sdk/provider@​3.0.9
  • @​ai-sdk/provider-utils@​4.0.24

Changelog

Sourced from @​ai-sdk/openai's changelog.

3.0.54

Patch Changes

• a7f3c72: trigger release for all packages after provenance setup
• 408a2ad: patch - send content: null instead of empty string for tool-only assistant messages
• c71ad14: feat(provider/openai): add gpt-image-2 model support
• Updated dependencies [a7f3c72]
  • @​ai-sdk/provider@​3.0.9
  • @​ai-sdk/provider-utils@​4.0.24

3.0.53

Patch Changes

• 953385d: fix(openai): default undefined tool-call input to empty object before serializing tool arguments

3.0.52

Patch Changes

• d42076d: Add AI Gateway hint to provider READMEs

3.0.51

Patch Changes

• Updated dependencies [6247886]
  • @​ai-sdk/provider-utils@​4.0.23

3.0.50

Patch Changes

• Updated dependencies [0469aed]
  • @​ai-sdk/provider-utils@​4.0.22

3.0.49

Patch Changes

• bc01093: fix(openai): support file-url parts in tool output content

3.0.48

Patch Changes

• 9c548de: Add gpt-5.4-mini, gpt-5.4-mini-2026-03-17, gpt-5.4-nano, and gpt-5.4-nano-2026-03-17 models.
• bcb04df: fix(openai): preserve raw finish reason for failed responses stream events

... (truncated)

Commits

• 77a4e05 Version Packages (#14802)
• a7f3c72 Re-enable v6 releases (#14799)
• c71ad14 Backport: feat(provider/openai): add gpt-image-2 model support (#14682)
• 408a2ad Backport: fix(openai, openai-compatible): send null content for tool-only ass...
• f4faec7 Version Packages (#14440)
• 953385d Backport: fix(ai): default undefined tool-call input to empty object in conve...
• 99327b1 Version Packages (#14212)
• d42076d Backport: Add AI Gateway hint to provider READMEs (#14199)
• c3a057d Version Packages (#14153)
• 8aefbbb Version Packages (#14078)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​ai-sdk/openai since your current version.

Updates @ai-sdk/react from 3.0.80 to 3.0.172

Release notes

Sourced from @​ai-sdk/react's releases.

@​ai-sdk/react@​3.0.172

Patch Changes

• Updated dependencies [19d587a]
  • ai@6.0.170

@​ai-sdk/react@​3.0.171

Patch Changes

• a7f3c72: trigger release for all packages after provenance setup
• Updated dependencies [2662bb5]
• Updated dependencies [a7f3c72]
  • ai@6.0.169
  • @​ai-sdk/provider-utils@​4.0.24

Changelog

Sourced from @​ai-sdk/react's changelog.

3.0.172

Patch Changes

• Updated dependencies [19d587a]
  • ai@6.0.170

3.0.171

Patch Changes

• a7f3c72: trigger release for all packages after provenance setup
• Updated dependencies [2662bb5]
• Updated dependencies [a7f3c72]
  • ai@6.0.169
  • @​ai-sdk/provider-utils@​4.0.24

3.0.170

Patch Changes

• ai@6.0.168

3.0.169

Patch Changes

• ai@6.0.167

3.0.168

Patch Changes

• Updated dependencies [b8d28f4]
  • ai@6.0.166

3.0.167

Patch Changes

• ai@6.0.165

3.0.166

Patch Changes

• ai@6.0.164

3.0.165

... (truncated)

Commits

• 7ab1e18 Version Packages (#14815)
• 77a4e05 Version Packages (#14802)
• a7f3c72 Re-enable v6 releases (#14799)
• c38119a Version Packages (#14574)
• db2a49b Version Packages (#14558)
• c76f57a Version Packages (#14553)
• 1072e57 Version Packages (#14535)
• e662efd Version Packages (#14510)
• 3aa3a68 Version Packages (#14507)
• b0e5ab3 Version Packages (#14494)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​ai-sdk/react since your current version.

Updates @aws-sdk/client-s3 from 3.984.0 to 3.1039.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.1039.0

3.1039.0(2026-04-29)

Chores

• codegen:
  • smithy-aws-typescript-codegen 0.49.0 (#7972) (799fdc7b)
  • sync for adaptive retry fixes (#7970) (3dfb72b7)
• xml-builder: manual version bump for 3.972.21 release (#7969) (99bfb4b8)

Documentation Changes

• client-ecr: Removes support for registry policy V1 (0fc28e9f)

New Features

• clients: update client endpoints as of 2026-04-29 (2c0c0979)
• client-workspaces-web: Allow admins to configure IPv6 ranges on IP Access Settings. (a1d8beb2)
• client-account: Adds AccountState in the response for the GetAccountInformation API. Each state represents a specific phase in the account lifecycle. Use this information to manage account access, automate workflows, or trigger actions based on account state changes. (dc283531)
• client-gamelift: Amazon GameLift Servers adds a new DescribeContainerGroupPortMappings API for container fleets, making it easy to discover which connection ports map to your container ports without needing to remotely access the compute. (71e95d8f)
• client-transfer: This launch will increase the limits for customers to list the contents from the remote directories from 10k to 200k. (58052c95)
• client-cloudfront: Amazon CloudFront now supports cache tag. Tag objects via response headers and invalidate all matching objects in a single request, replacing manual URL tracking and broad wildcards. (fac83987)
• client-mediapackagev2: This feature adds configuration for specifying SCTE marker handling and allow greater control over generated manifest and segment URIs (cd814f6b)
• client-bedrock-agentcore-control: Adds configuration bundles for versioned, immutable agent configuration snapshots with branch-based lineage (480b6517)
• client-bedrock-agentcore: Adds batch evaluation for running evaluators against multiple agent sessions with server-side orchestration, AI-powered recommendations for optimizing system prompts and tool descriptions, and AB testing with controlled traffic splitting and statistical significance reporting (c9db8716)
• client-deadline: Adds support for rtx-pro-server-6000 GPU accelerator for service-managed fleets. (86aab769)

Bug Fixes

• xml-builder: inline nodable/entities for dist format compatibility (#7968) (02b6be6b)

Tests

• client-dynamodb:
  • enable verbose e2e test mode (#7974) (97d9277e)
  • e2e test table cleanup (#7971) (8009782e)

---

For list of updated packages, view updated-packages.md in assets-3.1039.0.zip

v3.1038.0

3.1038.0(2026-04-27)

Chores

• codegen: sync for typed waiter-result values (#7965) (e9f8d8a9)

Documentation Changes

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.1039.0 (2026-04-29)

Note: Version bump only for package @​aws-sdk/client-s3

3.1038.0 (2026-04-27)

Bug Fixes

• xml-builder: use xml 1.1 parsing behavior for entities (#7964) (7a30bce)

3.1037.0 (2026-04-24)

Note: Version bump only for package @​aws-sdk/client-s3

3.1036.0 (2026-04-23)

Note: Version bump only for package @​aws-sdk/client-s3

3.1035.0 (2026-04-22)

Bug Fixes

• client-s3: retry errors with 200 status code (#7945) (7d9d8d1)

Features

• client-s3: This release adds five additional checksum algorithms for S3 data integrity (MD5, SHA-512, XXHash3, XXHash64, XXHash128) and support for S3 Inventory on directory buckets (S3 Express One Zone). (41a6a59)

... (truncated)

Commits

• 51c8215 Publish v3.1039.0
• 3dfb72b chore(codegen): sync for adaptive retry fixes (#7970)
• 3fbf6c5 Publish v3.1038.0
• e9f8d8a chore(codegen): sync for typed waiter-result values (#7965)
• 7a30bce fix(xml-builder): use xml 1.1 parsing behavior for entities (#7964)
• 7babd8b Publish v3.1037.0
• 46e4ac5 Publish v3.1036.0
• 107aefc chore(codegen): sync for http2 session closure, retry longpoll backoff, and f...
• d8fbfbc Publish v3.1035.0
• 41a6a59 feat(client-s3): This release adds five additional checksum algorithms for S3...
• Additional commits viewable in compare view

Updates @aws-sdk/s3-request-presigner from 3.984.0 to 3.1039.0

Release notes

Sourced from @​aws-sdk/s3-request-presigner's releases.

v3.1039.0

3.1039.0(2026-04-29)

Chores

• codegen:
  • smithy-aws-typescript-codegen 0.49.0 (#7972) (799fdc7b)
  • sync for adaptive retry fixes (#7970) (3dfb72b7)
• xml-builder: manual version bump for 3.972.21 release (#7969) (99bfb4b8)

Documentation Changes

• client-ecr: Removes support for registry policy V1 (0fc28e9f)

New Features

• clients: update client endpoints as of 2026-04-29 (2c0c0979)
• client-workspaces-web: Allow admins to configure IPv6 ranges on IP Access Settings. (a1d8beb2)
• client-account: Adds AccountState in the response for the GetAccountInformation API. Each state represents a specific phase in the account lifecycle. Use this information to manage account access, automate workflows, or trigger actions based on account state changes. (dc283531)
• client-gamelift: Amazon GameLift Servers adds a new DescribeContainerGroupPortMappings API for container fleets, making it easy to discover which connection ports map to your container ports without needing to remotely access the compute. (71e95d8f)
• client-transfer: This launch will increase the limits for customers to list the contents from the remote directories from 10k to 200k. (58052c95)
• client-cloudfront: Amazon CloudFront now supports cache tag. Tag objects via response headers and invalidate all matching objects in a single request, replacing manual URL tracking and broad wildcards. (fac83987)
• client-mediapackagev2: This feature adds configuration for specifying SCTE marker handling and allow greater control over generated manifest and segment URIs (cd814f6b)
• client-bedrock-agentcore-control: Adds configuration bundles for versioned, immutable agent configuration snapshots with branch-based lineage (480b6517)
• client-bedrock-agentcore: Adds batch evaluation for running evaluators against multiple agent sessions with server-side orchestration, AI-powered recommendations for optimizing system prompts and tool descriptions, and AB testing with controlled traffic splitting and statistical significance reporting (c9db8716)
• client-deadline: Adds support for rtx-pro-server-6000 GPU accelerator for service-managed fleets. (86aab769)

Bug Fixes

• xml-builder: inline nodable/entities for dist format compatibility (#7968) (02b6be6b)

Tests

• client-dynamodb:
  • enable verbose e2e test mode (#7974) (97d9277e)
  • e2e test table cleanup (#7971) (8009782e)

---

For list of updated packages, view updated-packages.md in assets-3.1039.0.zip

v3.1038.0

3.1038.0(2026-04-27)

Chores

• codegen: sync for typed waiter-result values (#7965) (e9f8d8a9)

Documentation Changes

... (truncated)

Changelog

Sourced from @​aws-sdk/s3-request-presigner's changelog.

3.1039.0 (2026-04-29)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1038.0 (2026-04-27)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1037.0 (2026-04-24)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1036.0 (2026-04-23)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1035.0 (2026-04-22)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1034.0 (2026-04-21)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1033.0 (2026-04-20)

... (truncated)

Commits

• 51c8215 Publish v3.1039.0
• 3fbf6c5 Publish v3.1038.0
• 7babd8b Publish v3.1037.0
• 46e4ac5 Publish v3.1036.0
• 107aefc chore(codegen): sync for http2 session closure, retry longpoll backoff, and f...
• d8fbfbc Publish v3.1035.0
• d08b5a7 Publish v3.1034.0
• 273ad5b chore(codegen): sync for http2 session concurrency fixes (#7942)
• a62021b Publish v3.1033.0
• c0c0872 Publish v3.1032.0
• Additional commits viewable in compare view

Updates @fumadocs/content-collections from 1.2.6 to 1.2.9

Release notes

Sourced from @​fumadocs/content-collections's releases.

@​fumadocs/content-collections@​1.2.9

Patch Changes

• 2d8f596: fix npm pack skipping nested node_modules
• Updated dependencies [2d8f596]
  • fumadocs-core@16.7.14

@​fumadocs/content-collections@​1.2.8

Patch Changes

• 690ddb9: bundle more deps
• Updated dependencies [690ddb9]
  • fumadocs-core@16.7.13

Commits

• fa60913 Version Packages (#3202)
• 2d8f596 Chore: fix npm pack skipping nested node_modules
• b5af621 Merge pull request #3200 from fuma-nama/changeset-release/dev
• 79995e9 fix tsdown warnings
• 9518cc8 OpenAPI: remove openapi-sampler dep
• 335b9c1 Chore: bundle more deps
• 498425b UI: pre-calculate TOC item positions
• 7cdde7c UI: improve TOC performance
• 690ddb9 Chore: bundle more deps
• 8999346 Version Packages (#3198)
• Additional commits viewable in compare view

Updates @hono/zod-openapi from 1.2.1 to 1.3.0

Release notes

Sourced from @​hono/zod-openapi's releases.

@​hono/zod-openapi@​1.3.0

Minor Changes

• #1752 fe0f8e4b44ca8e78d2ed60ed8591f415cd85eaa9 Thanks @​destroSunRay! - This PR adds two new utilities to improve route definition and registration in @hono/zod-openapi:

  • defineOpenAPIRoute: Provides explicit type safety for route definitions
  • openapiRoutes: Enables batch registration of multiple routes with full type safety
  • Registering many routes individually was repetitive and verbose
  • Type inference for complex route configurations was challenging
  • Organizing routes across multiple files was difficult
  • No built-in support for conditional route registration
  • RPC type safety was hard to maintain across scattered route registrations
  • defineOpenAPIRoute: Wraps route definitions with explicit types for better IDE support and type checking
  • openapiRoutes: Accepts an array of route definitions and registers them all at once
  • Supports addRoute flag for conditional registration
  • Maintains full type safety and RPC support through recursive type merging
  • Enables clean modular organization of routes
  • ✅ Reduced boilerplate code
  • ✅ Better type inference and IDE autocomplete
  • ✅ Easier code organization and maintainability
  • ✅ Declarative conditional routes
  • ✅ Full backward compatibility

  See the updated README for usage examples.

  • All existing tests pass (102/102)
  • Added tests for new functionality
  • Verified type inference works correctly
  • Updated package README with usage examples

@​hono/zod-openapi@​1.2.4

Patch Changes

• #1831 40ede9c55abe672798deca6970ef60b945382d34 Thanks @​yusukebe! - fix: publish to JSR

@​hono/zod-openapi@​1.2.3

Patch Changes

• #1810 db8fd160d0685cda0d874a5908326c004f72522a Thanks @​dirkluijk! - fix: bump @​asteasolutions/zod-to-openapi to allow nested discriminated unions

@​hono/zod-openapi@​1.2.2

Patch Changes

• #1748 82701be9e1bfd2b0830555119cf89315501386e2 Thanks @​yusukebe! - fix: bump zod-to-openapi to fix the memory leak

Changelog

Sourced from @​hono/zod-openapi's changelog.

1.3.0

Minor Changes

• #1752 fe0f8e4b44ca8e78d2ed60ed8591f415cd85eaa9 Thanks @​destroSunRay! - This PR adds two new utilities to improve route definition and registration in @hono/zod-openapi:

  • defineOpenAPIRoute: Provides explicit type safety for route definitions
  • openapiRoutes: Enables batch registration of multiple routes with full type safety
  • Registering many routes individually was repetitive and verbose
  • Type inference for complex route configurations was challenging
  • Organizing routes across multiple files was difficult
  • No built-in support for conditional route registration
  • RPC type safety was hard to maintain across scattered route registrations
  • defineOpenAPIRoute: Wraps route definitions with explicit types for better IDE support and type checking
  • openapiRoutes: Accepts an array of route definitions and registers them all at once
  • Supports addRoute flag for conditional registration
  • Maintains full type safety and RPC support through recursive type merging
  • Enables clean modular organization of routes
  • ✅ Reduced boilerplate code
  • ✅ Better type inference and IDE autocomplete
  • ✅ Easier code organization and maintainability
  • ✅ Declarative conditional routes
  • ✅ Full backward compatibility

  See the updated README for usage examples.

  • All existing tests pass (102/102)
  • Added tests for new functionality
  • Verified type inference works correctly
  • Updated package README with usage examples

1.2.4

Patch Changes

• #1831 40ede9c55abe672798deca6970ef60b945382d34 Thanks @​yusukebe! - fix: publish to JSR

1.2.3

Patch Changes

• #1810 db8fd160d0685cda0d874a5908326c004f72522a Thanks @​dirkluijk! - fix: bump @​asteasolutions/zod-to-openapi to allow nested discriminated unions

1.2.2

Patch Changes

• #1748 82701be9e1bfd2b0830555119cf89315501386e2 Thanks @​yusukebe! - fix: bump zod-to-openapi to fix the memory leak

Commits

• 5eeca71 Version Packages (#1849)
• fe0f8e4 feat(zod-openapi): add defineOpenAPIRoute and openapiRoutes for batch route r...
• a6f4ef5 Version Packages (#1832)
• 40ede9c fix(zod-openapi): publish to JSR (#1831)
• 38993fa Version Packages (#1811)
• db8fd16 fix(zod-openapi): bump @​asteasolutions/zod-to-openapi to allow nested discrim...
• e762ac0 feat(eslint): ignoring variables and parameters prefixed with _ (#1772)
• 27d8981 Version Packages (#1749)
• 82701be fix(zod-openapi): bump zod-to-openapi to fix the memory leak (#1748)
• 475cd12 chore: update typescript to 5.9.3 (#1741)
• See full diff in compare view

Updates @next/third-parties from 16.1.6 to 16.2.4

Release notes

Sourced from @​next/third-parties's releases.

v16.2.4

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• chore: Bump reqwest to 0.13.2 (Fixes Google Fonts with Turbopack for Windows on ARM64) (#92713)
• Turbopack: fix filesystem watcher config not applying follow_symlinks(false) (#92631)
• Scope Safari ?ts= cache-buster to CSS/font assets only (Pages Router) (#92580)
• Compiler: Support boolean and number primtives in next.config defines (#92731)
• turbo-tasks: Fix recomputation loop by allowing cell cleanup on error during recomputation (#92725)
• Turbopack: shorter error for ChunkGroupInfo::get_index_of (#92814)
• Turbopack: shorter error message for ModuleBatchesGraph::get_entry_index (#92828)
• Adding more system info to the 'initialize project' trace (#92427)

Credits

Huge thanks to @​Badbird5907, @​lukesandberg, @​andrewimm, @​sokra, and @​mischnic for helping!

v16.2.3

[!NOTE] This release is backporting security and bug fixes. For more information about the fixed security vulnerability, please see https://vercel.com/changelog/summary-of-cve-2026-23869. The release does not include all pending features/changes on canary.

Core Changes

• Ensure app-page reports stale ISR revalidation errors via onRequestError (#92282)
• Fix [Bug]: manifest.ts breaks HMR in Next.js 16.2 (#91981 through #92273)
• Deduplicate output assets and detect content conflicts on emit (#92292)
• Fix styled-jsx race condition: styles lost due to concurrent rendering (#92459)
• turbo-tasks-backend: stability fixes for task cancellation and error handling (#92254)

Credits

Huge thanks to @​icyJoseph, @​sokra, @​wbinnssmith, @​eps1lon and @​ztanner for helping!

v16.2.2

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• backport: Move expanded adapters docs to API reference (#92115) (#92129)
• Backport: TypeScript v6 deprecations for baseUrl and moduleResolution (#92130)
• [create-next-app] Skip interactive prompts when CLI flags are provided (#91840)
• next.config.js: Accept an option for serverFastRefresh (#91968)
• Turbopack: enable server HMR for app route handlers (#91466)
• Turbopack: exclude metadata routes from server HMR (#92034)
• Fix CI for glibc linux builds
• Backport: disable bmi2 in qfilter #92177
• [backport] Fix CSS HMR on Safari (#92174)

... (truncated)

Commits

• 2275bd8 v16.2.4
• d5f649b v16.2.3
• 52faae3 v16.2.2
• ed7d2ce v16.2.1
• c5c94df v16.2.0
• 3683192 v16.2.0-canary.104
• 6689814 v16.2.0-canary.103
• ad66dbc v16.2.0-canary.102
• b856498 v16.2.0-canary.101
• 136b77e v16.2.0-canary.100
• Additional commits viewable in compare view

Updates @paralleldrive/cuid2 from 2.3.1 to 3.3.0

Changelog

Sourced from @​paralleldrive/cuid2's changelog.

[3.3.0] - 2026-01-25

Fixed

• Fix typo in package.json exports field: ./package.json path was incorrectly specified
• Fix TypeScript compilation error (TS1203) by replacing export = with named exports in index.d.ts

Updated

• Update AI development framework (aidd) to v2.5.0 for enhanced security reviews
• Update all devDependencies to latest versions (@​types/node, @​types/react, eslint, eslint-config-next, eslint-config-prettier, eslint-plugin-prettier, next, prettier, react, react-dom, release-it, riteway, updtr, watch)

[3.0.2] - 2025-10-27

Changed

• Remove collision-test from pre-commit hook to unblock release process

Fixed

• Replace BigInt with bignumber.js for broader browser support (legacy browsers)
• Add export module field to package.json for better ESM compatibility

Added

• Implement CSPRNG using crypto.getRandomValues for enhanced security
• Add validation to throw error when length > 32

Documentation

• Fix typo: Change "Pseudo" to "Pseudo" in README.md
• Update link for PleaseRobMe.com

[3.0.0] - 2025-10-18

⚠️ BREAKING CHANGES

• Convert entire project from CommonJS to ES modules
  • Changed from require()/module.exports to import/export
  • Added "type": "module" to package.json
  • Users must use ESM imports or upgrade to this version carefully
  • For CommonJS compatibility, use v2.3.1 instead

Commits

• 2275e80 chore(release): v3.3.0
• 3af6f1b chore: update CHANGELOG for v3.2.1
• ee1ff97 Merge pull request #119 from paralleldrive/update
• 59541b5 chore: downgrade packages for security
• aebdc31 chore: remove legacy Travis CI config
• 71b5d09 ci: add GitHub Actions workflow
• d044cfe chore: update dependencies and AI framework
• 3bec9b1 Merge pull request #116 from paralleldrive/copilot/fix-typescript-error-ts1203
• a910d6e Delete REVIEW.md
• 76b5c83 docs: add comprehensive code review for TS1203 fix
• Additional commits viewable in compare view

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates @prisma/client from 7.3.0 to 7.8.0

Release notes

Sourced from @​prisma/client's releases.

7.8.0

Today, we are excited to share the 7.8.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

Highlights

ORM

Features

Prisma Client

• Added a queryPlanCacheMaxSize option to the PrismaClient constructor for fine-grained control over the query plan cache. Pass 0 to disable the cache entirely, or omit it to use the default cache size. A larger value can improve performance in applications that execute many unique queries, while a smaller one can reduce memory usage. (#29503)

Bug Fixes

Prisma Client

• Fixed an equality filter panic and incorrect ::jsonb cast when filtering on PostgreSQL JSON list columns. Queries using where: { jsonListField: { equals: [...] } }prisma/prisma-engines#5804
• Fixed case-insensitive JSON field filtering (mode: insensitive), allowing where: { jsonField: { equals: "...", mode: "insensitive" } }prisma/prisma-engines#5806
• Fixed incorrect parameterization of enum values that have a custom database name set via @map. (#29422)
• Fixed a database parameter limit check (P2029), which could incorrectly reject or miss over-limit queries. (#29422)
• Fixed a regression that caused missing SQL Server VARCHARprisma/prisma-engines#5801

Schema Engine

• Fixed a misleading error message in prisma migrate diff that referenced the --shadow-database-url CLI flag, which was removed in Prisma 7. (#29455)
• Fixed prisma migrate dev (and shadow database migration replay in general) failing with CREATE INDEX CONCURRENTLY cannot run inside a transaction blockprisma/prisma-engines#5799
• Fixed PostgreSQL introspection silently dropping sequence defaults when the database returns the schema-qualified form pg_catalog.nextval('sequence_name'::regclass) instead of the bare nextval(...). Columns backed by sequences now correctly appear as @default(autoincrement())prisma/prisma-engines#5802

Driver Adapters

• @​prisma/adapter-d1: Savepoint operations (createSavepoint, rollbackToSavepoint, releaseSavepoint) now silently no-op with debug logging instead of executing SQL statements, consistent with how the D1 adapter already treats top-level transactions. (#29499)

Open roles at Prisma

Interested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our Careers page and find the role that's right for you.

Enterprise support

Thousands of teams use Prisma and many of them already tap into our Enterprise & Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.

With this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: https://prisma.io/enterprise.

7.7.0

Today, we are excited to share the 7.7.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

... (truncated)

Commits

• 62b44ac chore(deps): update engines to 7.8.0-5.e96eae70cf4ade6a15d7e6064d5b0b4f7d835d...
• 4104864...

  Description has been truncated