chore(deps): bump the web group in /web with 21 updates by dependabot[bot] · Pull Request #23 · skygazer42/Weaver

dependabot · 2026-03-07T21:38:11Z

Bumps the web group in /web with 21 updates:

Package	From	To
@ai-sdk/react	`0.0.62`	`3.0.118`
ai	`3.4.33`	`6.0.116`
katex	`0.16.27`	`0.16.37`
lucide-react	`0.344.0`	`0.577.0`
mermaid	`11.12.2`	`11.12.3`
next	`14.2.35`	`16.1.6`
react	`18.3.1`	`19.2.4`
@types/react	`18.3.27`	`19.2.14`
react-dom	`18.3.1`	`19.2.4`
@types/react-dom	`18.3.7`	`19.2.3`
react-error-boundary	`6.0.0`	`6.1.1`
react-markdown	`9.1.0`	`10.1.0`
react-syntax-highlighter	`16.1.0`	`16.1.1`
react-virtuoso	`4.17.0`	`4.18.3`
tailwind-merge	`2.6.0`	`3.5.0`
@types/node	`20.19.27`	`25.3.5`
autoprefixer	`10.4.23`	`10.4.27`
eslint	`8.57.1`	`10.0.3`
eslint-config-next	`14.2.35`	`16.1.6`
postcss	`8.5.6`	`8.5.8`
tailwindcss	`3.4.19`	`4.2.1`

Updates @ai-sdk/react from 0.0.62 to 3.0.118

Release notes

Sourced from @ai-sdk/react's releases.

@ai-sdk/react@2.0.152

Patch Changes

ai@5.0.150

Commits

035d5ad Version Packages (#13087)
3fb4e70 feat(provider/anthropic): support fine-grained tool streaming with eagerInput...
ad4cfc2 fix(security): add URL validation to prevent SSRF in download functions (#13085)
4f7ec7f Version Packages (#13084)
824b295 fix(provider-utils): prevent unicode escape bypass in secureJsonParse (#13079)
7579667 Version Packages (#13074)
d5801fe fix(xai): ensure strict mode for tools (#12996)
e70bec4 Version Packages (#13073)
89d8b45 fix(google): make urlMetadata optional in urlContextMetadata schema (#12701)
39d0544 Version Packages (#13072)
Additional commits viewable in compare view

Updates ai from 3.4.33 to 6.0.116

Release notes

Sourced from ai's releases.

ai@6.0.116

Patch Changes

ad4cfc2: Add URL validation to downloadBlob and download to prevent blind SSRF attacks. Private/internal IP addresses, localhost, and non-HTTP protocols are now rejected before fetching.

Updated dependencies [ad4cfc2]

@ai-sdk/provider-utils@4.0.19

@ai-sdk/gateway@3.0.66

ai@6.0.115

Patch Changes

Updated dependencies [824b295]

@ai-sdk/provider-utils@4.0.18

@ai-sdk/gateway@3.0.65

ai@5.0.150

Patch Changes

Updated dependencies [ee7582f]

@ai-sdk/gateway@2.0.55

ai@5.0.149

Patch Changes

c66afc5: fix(security): validate redirect targets in download functions to prevent SSRF bypass

download now validates the final URL after following HTTP redirects, preventing attackers from bypassing SSRF protections via open redirects to internal/private addresses.

ai@5.0.148

Patch Changes

Updated dependencies [392dc94]

@ai-sdk/gateway@2.0.54

ai@5.0.147

Patch Changes

Updated dependencies [7a57a71]

@ai-sdk/gateway@2.0.53

ai@5.0.146

Patch Changes

6a2f01b: Add URL validation to download to prevent blind SSRF attacks. Private/internal IP addresses, localhost, and non-HTTP protocols are now rejected before fetching.

Updated dependencies [6a2f01b]

Updated dependencies [17d64e3]

@ai-sdk/provider-utils@3.0.22

@ai-sdk/gateway@2.0.52

Commits

035d5ad Version Packages (#13087)
3fb4e70 feat(provider/anthropic): support fine-grained tool streaming with eagerInput...
ad4cfc2 fix(security): add URL validation to prevent SSRF in download functions (#13085)
4f7ec7f Version Packages (#13084)
824b295 fix(provider-utils): prevent unicode escape bypass in secureJsonParse (#13079)
7579667 Version Packages (#13074)
d5801fe fix(xai): ensure strict mode for tools (#12996)
e70bec4 Version Packages (#13073)
89d8b45 fix(google): make urlMetadata optional in urlContextMetadata schema (#12701)
39d0544 Version Packages (#13072)
Additional commits viewable in compare view

Updates katex from 0.16.27 to 0.16.37

Release notes

Sourced from katex's releases.

v0.16.37

0.16.37 (2026-03-06)

Bug Fixes

negative-width \hphantom and symmetric \smash (#4153) (d4799ca)

v0.16.36

0.16.36 (2026-03-06)

Bug Fixes

contrib esm bloat (#4157) (2bde1ad)

v0.16.35

0.16.35 (2026-03-05)

Bug Fixes

version number regression (#4155) (db26b73)

v0.16.34

0.16.34 (2026-03-05)

Bug Fixes

emoji with variation selector (#4151) (c2606e5)

v0.16.33

0.16.33 (2026-02-23)

Bug Fixes

scss: forward variables to fonts module (#4146) (9349a64)

v0.16.32

0.16.32 (2026-02-22)

Bug Fixes

italic separation in \mathnormal (#4143) (71305a0)

v0.16.31

0.16.31 (2026-02-22)

... (truncated)

Changelog

Sourced from katex's changelog.

0.16.37 (2026-03-06)

Bug Fixes

negative-width \hphantom and symmetric \smash (#4153) (d4799ca)

0.16.36 (2026-03-06)

Bug Fixes

contrib esm bloat (#4157) (2bde1ad)

0.16.35 (2026-03-05)

Bug Fixes

version number regression (#4155) (db26b73)

0.16.34 (2026-03-05)

Bug Fixes

emoji with variation selector (#4151) (c2606e5)

0.16.33 (2026-02-23)

Bug Fixes

scss: forward variables to fonts module (#4146) (9349a64)

0.16.32 (2026-02-22)

Bug Fixes

italic separation in \mathnormal (#4143) (71305a0)

0.16.31 (2026-02-22)

Bug Fixes

\*frac sizing (#4137) (ef51f18)

0.16.30 (2026-02-22)

... (truncated)

Commits

4eee63b chore(release): 0.16.37 [ci skip]
d4799ca fix: negative-width \hphantom and symmetric \smash (#4153)
6ba48a4 chore: screenshotter support for Docker Desktop on Windows (#4154)
4128549 chore(release): 0.16.36 [ci skip]
2bde1ad fix: contrib esm bloat (#4157)
de31e7f chore(release): 0.16.35 [ci skip]
db26b73 fix: version number regression (#4155)
6134cb5 chore(release): 0.16.34 [ci skip]
c2606e5 fix: emoji with variation selector (#4151)
dd428f5 chore: port from Flow to TypeScript (#4145)
Additional commits viewable in compare view

Updates lucide-react from 0.344.0 to 0.577.0

Release notes

Sourced from lucide-react's releases.

Version 0.577.0

What's Changed

chore(deps): bump rollup from 4.53.3 to 4.59.0 by @dependabot[bot] in lucide-icons/lucide#4106

fix(repo): correctly ignore docs/releaseMetadata via .gitignore by @bhavberi in lucide-icons/lucide#4100

feat(icons): added ellipse icon by @KISHORE-KUMAR-S in lucide-icons/lucide#3749

New Contributors

@bhavberi made their first contribution in lucide-icons/lucide#4100

@KISHORE-KUMAR-S made their first contribution in lucide-icons/lucide#3749

Full Changelog: lucide-icons/lucide@0.576.0...0.577.0

Version 0.576.0

What's Changed

Added zodiac signs by @karsa-mistmere in lucide-icons/lucide#712

fix(icons): fixes guideline violations in package-* icons. by @karsa-mistmere in lucide-icons/lucide#4074

fix(icons): changed receipt icon by @karsa-mistmere in lucide-icons/lucide#4075

fix(icons): updated cuboid icon tags and categories by @karsa-mistmere in lucide-icons/lucide#4095

fix(icons): changed cuboid icon by @jamiemlaw in lucide-icons/lucide#4098

fix(lucide-font, lucide-static): Fixing stable code points by @ericfennis in lucide-icons/lucide#3894

feat(icons): added fishing-rod icon by @7ender in lucide-icons/lucide#3839

Full Changelog: lucide-icons/lucide@0.575.0...0.576.0

Version 0.575.0

What's Changed

feat(icons): added message-square-check icon by @karsa-mistmere in lucide-icons/lucide#4076

fix(lucide): Fix ESM Module output path in build by @ericfennis in lucide-icons/lucide#4084

feat(icons): added metronome icon by @edwloef in lucide-icons/lucide#4063

fix(icons): remove execution permission of SVG files by @duckafire in lucide-icons/lucide#4053

fix(icons): changed file-pen-line icon by @jguddas in lucide-icons/lucide#3970

feat(icons): added square-arrow-right-exit and square-arrow-right-enter icons by @EthanHazel in lucide-icons/lucide#3958

fix(icons): renamed flip-* to square-centerline-dashed-* by @jguddas in lucide-icons/lucide#3945

New Contributors

@edwloef made their first contribution in lucide-icons/lucide#4063

@duckafire made their first contribution in lucide-icons/lucide#4053

Full Changelog: lucide-icons/lucide@0.573.0...0.575.0

Version 0.574.0

What's Changed

fix(icons): changed rocking-chair icon by @jamiemlaw in lucide-icons/lucide#3445

fix(icons): flipped coins icon by @jguddas in lucide-icons/lucide#3158

feat(icons): added x-line-top icon by @jguddas in lucide-icons/lucide#2838

feat(icons): added mouse-left icon by @marvfash in lucide-icons/lucide#2788

feat(icons): added mouse-right icon by @marvfash in lucide-icons/lucide#2787

New Contributors

... (truncated)

Commits

f6c0d06 chore(deps): bump rollup from 4.53.3 to 4.59.0 (#4106)
67c0485 feat(scripts): added helper script to automatically update OpenCollective bac...
b6ed43d feat(packages): Added aria-hidden fallback for decorative icons to all packag...
076e0bb chore(dependencies): Update dependencies (#3809)
80d6f73 fix(icons): Rename fingerprint icon to fingerprint-pattern (#3767)
1cfb3ff chore(deps-dev): bump vite from 6.3.5 to 6.3.6 (#3611)
e71198d chore: icon alias improvements (#2861)
3e644fd chore(scripts): Refactor scripts to typescript (#3316)
19fa01b build(deps-dev): bump vite from 6.3.2 to 6.3.4 (#3181)
03eb862 use implicit return in react package (#2325)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for lucide-react since your current version.

Updates mermaid from 11.12.2 to 11.12.3

Release notes

Sourced from mermaid's releases.

mermaid@11.12.3

Patch Changes

Updated dependencies [7243340]:

@mermaid-js/parser@1.0.0

Commits

cbe7015 Merge pull request #7397 from mermaid-js/changeset-release/master
69fccd2 Version Packages
56ecd66 Fixed issue with hero text
3735098 Merge pull request #7377 from aloisklink/chore/upgrade-to-langium-v4
ea46407 Update link with source
dc30a46 Updating the Hero on the docs side
426a616 chore(dev-deps): update @argos-ci/cypress to 6.2.2
16bc9e6 chore(deps): update dependency lodash-es to v4.17.23
7243340 chore(parser)!: upgrade parser to Langium v4
156dc11 chore(deps): upgrade to langium 3.5.0
Additional commits viewable in compare view

Updates next from 14.2.35 to 16.1.6

Release notes

Sourced from next's releases.

v16.1.6

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

Upgrade to swc 54 (#88207)

implement LRU cache with invocation ID scoping for minimal mode response cache (#88509)

tweak LRU sentinel key (#89123)

Credits

Huge thanks to @mischnic, @wyattjoh, and @ztanner for helping!

v16.1.5

Please refer the following changelogs for more information about this security release:

https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472 https://vercel.com/changelog/summary-of-cve-2026-23864

v16.1.4

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

Only filter next config if experimental flag is enabled (#88733)

Credits

Huge thanks to @mischnic for helping!

v16.1.1-canary.36

Core Changes

Rename rewroteURL to rewrittenPathname in request metadata: #88751

Simplify getImplicitTags to accept pathname instead of url object: #88753

Add NEXT_DEPLOYMENT_ID global: #86738

Turbopack: remove deployment id suffix from client reference manifest chunks: #88741

Inject <html data-dpl-id> and don't inline it into JS anymore: #88761

[metadata] match the Metadata and ResolvedMetadata type: #88739

Example Changes

Update with-mysql example to Next.js 15, Tailwind 4, Prisma 7: #88475

Misc Changes

[ci] Ensure Turbo Remote Cache can be written to: #88794

perf(turbopack): optimize resolve plugin handling: #88639

Fix buildManifest.js deployment tests: #88806

... (truncated)

Commits

adf8c61 v16.1.6
098c0c0 [backport][ci] Make gh auth status optional when triggering a release (#89100)
a43df32 Backport/docs fixes jan 25 16.1.x (#89124)
d6d5734 tweak LRU sentinel cache key (#89123)
4324698 backport: implement LRU cache with invocation ID scoping for minimal mode res...
23c4649 [backport] Upgrade to swc 54 (#88207) (#89103)
acba4a6 v16.1.5
e1d1fc6 Add maximum size limit for postponed body parsing (#88175)
500ec83 fetch(next/image): reduce maximumResponseBody from 300MB to 50MB (#88588)
1caaca3 feat(next/image)!: add images.maximumResponseBody config (#88183)
Additional commits viewable in compare view

Updates react from 18.3.1 to 19.2.4

Release notes

Sourced from react's releases.

19.2.4 (January 26th, 2026)

React Server Components

Add more DoS mitigations to Server Actions, and harden Server Components (#35632 by @gnoff, @lubieowoce, @sebmarkbage, @unstubbable)

19.2.3 (December 11th, 2025)

React Server Components

Add extra loop protection to React Server Functions (@sebmarkbage #35351)

19.2.2 (December 11th, 2025)

React Server Components

Move react-server-dom-webpack/*.unbundled to private react-server-dom-unbundled (@eps1lon facebook/react#35290)

Patch Promise cycles and toString on Server Functions (@sebmarkbage, @unstubbable #35289, #35345)

19.2.1 (December 3rd, 2025)

React Server Components

Bring React Server Component fixes to Server Actions (@sebmarkbage #35277)

19.2.0 (Oct 1, 2025)

Below is a list of all new features, APIs, and bug fixes.

Read the React 19.2 release post for more information.

New React Features

<Activity>: A new API to hide and restore the UI and internal state of its children.

useEffectEvent is a React Hook that lets you extract non-reactive logic into an Effect Event.

cacheSignal (for RSCs) lets your know when the cache() lifetime is over.

React Performance tracks appear on the Performance panel’s timeline in your browser developer tools

New React DOM Features

Added resume APIs for partial pre-rendering with Web Streams:

resume: to resume a prerender to a stream.

resumeAndPrerender: to resume a prerender to HTML.

Added resume APIs for partial pre-rendering with Node Streams:

resumeToPipeableStream: to resume a prerender to a stream.

resumeAndPrerenderToNodeStream: to resume a prerender to HTML.

Updated prerender APIs to return a postponed state that can be passed to the resume APIs.

Notable changes

React DOM now batches suspense boundary reveals, matching the behavior of client side rendering. This change is especially noticeable when animating the reveal of Suspense boundaries e.g. with the upcoming <ViewTransition> Component. React will batch as much reveals as possible before the first paint while trying to hit popular first-contentful paint metrics.

Add Node Web Streams (prerender, renderToReadableStream) to server-side-rendering APIs for Node.js

Use underscore instead of : IDs generated by useId

All Changes

... (truncated)

Changelog

Sourced from react's changelog.

19.2.1 (Dec 3, 2025)

React Server Components

Bring React Server Component fixes to Server Actions (@sebmarkbage #35277)

19.2.0 (October 1st, 2025)

Below is a list of all new features, APIs, and bug fixes.

Read the React 19.2 release post for more information.

New React Features

<Activity>: A new API to hide and restore the UI and internal state of its children.

useEffectEvent is a React Hook that lets you extract non-reactive logic into an Effect Event.

cacheSignal (for RSCs) lets your know when the cache() lifetime is over.

React Performance tracks appear on the Performance panel’s timeline in your browser developer tools

New React DOM Features

Added resume APIs for partial pre-rendering with Web Streams:

resume: to resume a prerender to a stream.

resumeAndPrerender: to resume a prerender to HTML.

Added resume APIs for partial pre-rendering with Node Streams:

resumeToPipeableStream: to resume a prerender to a stream.

resumeAndPrerenderToNodeStream: to resume a prerender to HTML.

Updated prerender APIs to return a postponed state that can be passed to the resume APIs.

Notable changes

React DOM now batches suspense boundary reveals, matching the behavior of client side rendering. This change is especially noticeable when animating the reveal of Suspense boundaries e.g. with the upcoming <ViewTransition> Component. React will batch as much reveals as possible before the first paint while trying to hit popular first-contentful paint metrics.

Add Node Web Streams (prerender, renderToReadableStream) to server-side-rendering APIs for Node.js

Use underscore instead of : IDs generated by useId

All Changes

React

<Activity /> was developed over many years, starting before ClassComponent.setState (@acdlite @sebmarkbage and many others)

Stringify context as "SomeContext" instead of "SomeContext.Provider" (@kassens #33507)

Include stack of cause of React instrumentation errors with %o placeholder (@eps1lon #34198)

Fix infinite useDeferredValue loop in popstate event (@acdlite #32821)

Fix a bug when an initial value was passed to useDeferredValue (@acdlite #34376)

Fix a crash when submitting forms with Client Actions (@sebmarkbage #33055)

Hide/unhide the content of dehydrated suspense boundaries if they resuspend (@sebmarkbage #32900)

Avoid stack overflow on wide trees during Hot Reload (@sophiebits #34145)

Improve Owner and Component stacks in various places (@sebmarkbage, @eps1lon: #33629, #33724, #32735, #33723)

Add cacheSignal (@sebmarkbage #33557)

... (truncated)

Commits

90ab3f8 Version 19.2.4
612e371 Version 19.2.3
b910fc1 Version 19.2.2
053df4e Version 19.2.1
5667a41 Bump next prerelease version numbers (#34639)
8bb7241 Bump useEffectEvent to Canary (#34610)
e3c9656 Ensure Performance Track are Clamped and Don't overlap (#34509)
68f00c9 Release Activity in Canary (#34374)
0e10ee9 [Reconciler] Set ProfileMode for Host Root Fiber by default in dev (#34432)
3bf8ab4 Add missing Activity export to development mode (#34439)
Additional commits viewable in compare view

Updates @types/react from 18.3.27 to 19.2.14

Commits

See full diff in compare view

Updates react-dom from 18.3.1 to 19.2.4

Release notes

Sourced from react-dom's releases.

19.2.4 (January 26th, 2026)

React Server Components

Add more DoS mitigations to Server Actions, and harden Server Components (#35632 by @gnoff, @lubieowoce, @sebmarkbage, @unstubbable)

19.2.3 (December 11th, 2025)

React Server Components

Add extra loop protection to React Server Functions (@sebmarkbage #35351)

19.2.2 (December 11th, 2025)

React Server Components

Move react-server-dom-webpack/*.unbundled to private react-server-dom-unbundled (@eps1lon facebook/react#35290)

Patch Promise cycles and toString on Server Functions (@sebmarkbage, @unstubbable #35289, #35345)

19.2.1 (December 3rd, 2025)

React Server Components

Bring React Server Component fixes to Server Actions (@sebmarkbage #35277)

19.2.0 (Oct 1, 2025)

Below is a list of all new features, APIs, and bug fixes.

Read the React 19.2 release post for more information.

New React Features

<Activity>: A new API to hide and restore the UI and internal state of its children.

useEffectEvent is a React Hook that lets you extract non-reactive logic into an Effect Event.

cacheSignal (for RSCs) lets your know when the cache() lifetime is over.

React Performance tracks appear on the Performance panel’s timeline in your browser developer tools

New React DOM Features

Added resume APIs for partial pre-rendering with Web Streams:

resume: to resume a prerender to a stream.

resumeAndPrerender: to resume a prerender to HTML.

Added resume APIs for partial pre-rendering with Node Streams:

resumeToPipeableStream: to resume a prerender to a stream.

resumeAndPrerenderToNodeStream: to resume a prerender to HTML.

Updated prerender APIs to return a postponed state that can be passed to the resume APIs.

Notable changes

React DOM now batches suspense boundary reveals, matching the behavior of client side rendering. This change is especially noticeable when animating the reveal of Suspense boundaries e.g. with the upcoming <ViewTransition> Component. React will batch as much reveals as possible before the first paint while trying to hit popular first-contentful paint metrics.

Add Node Web Streams (prerender, renderToReadableStream) to server-side-rendering APIs for Node.js

Use underscore instead of : IDs generated by useId

All Changes

... (truncated)

Changelog

Sourced from react-dom's changelog.

19.2.1 (Dec 3, 2025)

React Server Components

Bring React Server Component fixes to Server Actions (@sebmarkbage #35277)

19.2.0 (October 1st, 2025)

Below is a list of all new features, APIs, and bug fixes.

Read the React 19.2 release post for more information.

New React Features

<Activity>: A new API to hide and restore the UI and internal state of its children.

useEffectEvent is a React Hook that lets you extract non-reactive logic into an Effect Event.

cacheSignal (for RSCs) lets your know when the cache() lifetime is over.

React Performance tracks appear on the Performance panel’s timeline in your browser developer tools

New React DOM Features

Added resume APIs for partial pre-rendering with Web Streams:

resume: to resume a prerender to a stream.

resumeAndPrerender: to resume a prerender to HTML.

Added resume APIs for partial pre-rendering with Node Streams:

resumeToPipeableStream: to resume a prerender to a stream.

resumeAndPrerenderToNodeStream: to resume a prerender to HTML.

Updated prerender APIs to return a postponed state that can be passed to the resume APIs.

Notable changes

React DOM now batches suspense boundary reveals, matching the behavior of client side rendering. This change is especially noticeable when animating the reveal of Suspense boundaries e.g. with the upcoming <ViewTransition> Component. React will batch as much reveals as possible before the first paint while trying to hit popular first-contentful paint metrics.

Add Node Web Streams (prerender, renderToReadableStream) to server-side-rendering APIs for Node.js

Use underscore instead of : IDs generated by useId

All Changes

React

<Activity /> was developed over many years, starting before ClassComponent.setState (@acdlite @sebmarkbage and many others)

Stringify context as "SomeContext" instead of "SomeContext.Provider" (@kassens #33507)

Include stack of cause of React instrumentation errors with %o placeholder (@eps1lon #34198)

Fix infinite useDeferredValue loop in popstate event (@acdlite #32821)

Fix a bug when an initial value was passed to useDeferredValue (@acdlite #34376)

Fix a crash when submitting forms with Client Actions (@sebmarkbage #33055)

Hide/unhide the content of dehydrated suspense boundaries if they resuspend (@sebmarkbage #32900)

Avoid stack overflow on wide trees during Hot Reload (@sophiebits #34145)

Improve Owner and Component stacks in various places (@sebmarkbage, @eps1lon: #33629, #33724, #32735, #33723)

Add cacheSignal (@sebmarkbage #33557)

... (truncated)

Commits

90ab3f8 Version 19.2.4
612e371 Version 19.2.3
b910fc1 Version 19.2.2
053df4e Version 19.2.1
8618113 Bump scheduler version (#34671)
1bd1f01 Ship partial-prerendering APIs to Canary (#34633)
2f0649a [Fizz] Remove nonce option from resume-and-prerender APIs (#34664)
5667a41 Bump next prerelease version numbers (#34639)
e08f53b Match react-dom/static test entrypoints and published entrypoints (#34599)
8bb7241 Bump useEffectEvent to Canary (#34610)
Additional commits viewable in compare view

Updates @types/react-dom from 18.3.7 to 19.2.3

Commits

See full diff in compare view

Updates react-error-boundary from 6.0.0 to 6.1.1

Release notes

Sourced from react-error-boundary's releases.

6.1.1

Fixed a problem with project logo not displaying correctly in the README for the Firefox browser.

6.1.0

#235: Fix error type (Error -> unknown)

Export getErrorMessage helper method

6.0.3

Removed react-dom from peer dependencies list; it was accidentally added during a previous internal refactor

6.0.2

Updated README and generated TS docs

6.0.1

Updated README and generated docs

Commits

2356daa 6.1.0 -> 6.1.1
127a749 Fixed a problem with project logo not displaying correctly in the README for ...
86c0509 6.0.4 -> 6.1.0
9aea72a Fix error type (Error -> unknown) (#235)
186ae40 6.0.2 -> 6.0.3

Bumps the web group in /web with 21 updates: | Package | From | To | | --- | --- | --- | | [@ai-sdk/react](https://github.com/vercel/ai) | `0.0.62` | `3.0.118` | | [ai](https://github.com/vercel/ai) | `3.4.33` | `6.0.116` | | [katex](https://github.com/KaTeX/KaTeX) | `0.16.27` | `0.16.37` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.344.0` | `0.577.0` | | [mermaid](https://github.com/mermaid-js/mermaid) | `11.12.2` | `11.12.3` | | [next](https://github.com/vercel/next.js) | `14.2.35` | `16.1.6` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `18.3.1` | `19.2.4` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `18.3.27` | `19.2.14` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `18.3.1` | `19.2.4` | | [@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom) | `18.3.7` | `19.2.3` | | [react-error-boundary](https://github.com/bvaughn/react-error-boundary) | `6.0.0` | `6.1.1` | | [react-markdown](https://github.com/remarkjs/react-markdown) | `9.1.0` | `10.1.0` | | [react-syntax-highlighter](https://github.com/react-syntax-highlighter/react-syntax-highlighter) | `16.1.0` | `16.1.1` | | [react-virtuoso](https://github.com/petyosi/react-virtuoso/tree/HEAD/packages/react-virtuoso) | `4.17.0` | `4.18.3` | | [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `2.6.0` | `3.5.0` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `20.19.27` | `25.3.5` | | [autoprefixer](https://github.com/postcss/autoprefixer) | `10.4.23` | `10.4.27` | | [eslint](https://github.com/eslint/eslint) | `8.57.1` | `10.0.3` | | [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `14.2.35` | `16.1.6` | | [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.8` | | [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) | `3.4.19` | `4.2.1` | Updates `@ai-sdk/react` from 0.0.62 to 3.0.118 - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/main/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/compare/@ai-sdk/react@0.0.62...@ai-sdk/react@3.0.118) Updates `ai` from 3.4.33 to 6.0.116 - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/main/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/compare/ai@3.4.33...ai@6.0.116) Updates `katex` from 0.16.27 to 0.16.37 - [Release notes](https://github.com/KaTeX/KaTeX/releases) - [Changelog](https://github.com/KaTeX/KaTeX/blob/main/CHANGELOG.md) - [Commits](KaTeX/KaTeX@v0.16.27...v0.16.37) Updates `lucide-react` from 0.344.0 to 0.577.0 - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/0.577.0/packages/lucide-react) Updates `mermaid` from 11.12.2 to 11.12.3 - [Release notes](https://github.com/mermaid-js/mermaid/releases) - [Commits](https://github.com/mermaid-js/mermaid/compare/mermaid@11.12.2...mermaid@11.12.3) Updates `next` from 14.2.35 to 16.1.6 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v14.2.35...v16.1.6) Updates `react` from 18.3.1 to 19.2.4 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.4/packages/react) Updates `@types/react` from 18.3.27 to 19.2.14 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `react-dom` from 18.3.1 to 19.2.4 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.4/packages/react-dom) Updates `@types/react-dom` from 18.3.7 to 19.2.3 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom) Updates `react-error-boundary` from 6.0.0 to 6.1.1 - [Release notes](https://github.com/bvaughn/react-error-boundary/releases) - [Commits](bvaughn/react-error-boundary@6.0.0...6.1.1) Updates `react-markdown` from 9.1.0 to 10.1.0 - [Release notes](https://github.com/remarkjs/react-markdown/releases) - [Changelog](https://github.com/remarkjs/react-markdown/blob/main/changelog.md) - [Commits](remarkjs/react-markdown@9.1.0...10.1.0) Updates `react-syntax-highlighter` from 16.1.0 to 16.1.1 - [Release notes](https://github.com/react-syntax-highlighter/react-syntax-highlighter/releases) - [Changelog](https://github.com/react-syntax-highlighter/react-syntax-highlighter/blob/master/CHANGELOG.MD) - [Commits](react-syntax-highlighter/react-syntax-highlighter@v16.1.0...v16.1.1) Updates `react-virtuoso` from 4.17.0 to 4.18.3 - [Release notes](https://github.com/petyosi/react-virtuoso/releases) - [Changelog](https://github.com/petyosi/react-virtuoso/blob/master/packages/react-virtuoso/CHANGELOG.md) - [Commits](https://github.com/petyosi/react-virtuoso/commits/react-virtuoso@4.18.3/packages/react-virtuoso) Updates `tailwind-merge` from 2.6.0 to 3.5.0 - [Release notes](https://github.com/dcastil/tailwind-merge/releases) - [Commits](dcastil/tailwind-merge@v2.6.0...v3.5.0) Updates `@types/node` from 20.19.27 to 25.3.5 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@types/react` from 18.3.27 to 19.2.14 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `@types/react-dom` from 18.3.7 to 19.2.3 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom) Updates `autoprefixer` from 10.4.23 to 10.4.27 - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](postcss/autoprefixer@10.4.23...10.4.27) Updates `eslint` from 8.57.1 to 10.0.3 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v8.57.1...v10.0.3) Updates `eslint-config-next` from 14.2.35 to 16.1.6 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/commits/v16.1.6/packages/eslint-config-next) Updates `postcss` from 8.5.6 to 8.5.8 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.5.6...8.5.8) Updates `tailwindcss` from 3.4.19 to 4.2.1 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.2.1/packages/tailwindcss) --- updated-dependencies: - dependency-name: "@ai-sdk/react" dependency-version: 3.0.118 dependency-type: direct:production update-type: version-update:semver-major dependency-group: web - dependency-name: ai dependency-version: 6.0.116 dependency-type: direct:production update-type: version-update:semver-major dependency-group: web - dependency-name: katex dependency-version: 0.16.37 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: web - dependency-name: lucide-react dependency-version: 0.577.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: web - dependency-name: mermaid dependency-version: 11.12.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: web - dependency-name: next dependency-version: 16.1.6 dependency-type: direct:production update-type: version-update:semver-major dependency-group: web - dependency-name: react dependency-version: 19.2.4 dependency-type: direct:production update-type: version-update:semver-major dependency-group: web - dependency-name: "@types/react" dependency-version: 19.2.14 dependency-type: direct:development update-type: version-update:semver-major dependency-group: web - dependency-name: react-dom dependency-version: 19.2.4 dependency-type: direct:production update-type: version-update:semver-major dependency-group: web - dependency-name: "@types/react-dom" dependency-version: 19.2.3 dependency-type: direct:development update-type: version-update:semver-major dependency-group: web - dependency-name: react-error-boundary dependency-version: 6.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: web - dependency-name: react-markdown dependency-version: 10.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: web - dependency-name: react-syntax-highlighter dependency-version: 16.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: web - dependency-name: react-virtuoso dependency-version: 4.18.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: web - dependency-name: tailwind-merge dependency-version: 3.5.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: web - dependency-name: "@types/node" dependency-version: 25.3.5 dependency-type: direct:development update-type: version-update:semver-major dependency-group: web - dependency-name: "@types/react" dependency-version: 19.2.14 dependency-type: direct:development update-type: version-update:semver-major dependency-group: web - dependency-name: "@types/react-dom" dependency-version: 19.2.3 dependency-type: direct:development update-type: version-update:semver-major dependency-group: web - dependency-name: autoprefixer dependency-version: 10.4.27 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: web - dependency-name: eslint dependency-version: 10.0.3 dependency-type: direct:development update-type: version-update:semver-major dependency-group: web - dependency-name: eslint-config-next dependency-version: 16.1.6 dependency-type: direct:development update-type: version-update:semver-major dependency-group: web - dependency-name: postcss dependency-version: 8.5.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: web - dependency-name: tailwindcss dependency-version: 4.2.1 dependency-type: direct:development update-type: version-update:semver-major dependency-group: web ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 7, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the web group in /web with 21 updates#23

chore(deps): bump the web group in /web with 21 updates#23
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/web/web-32e901e815

dependabot bot commented on behalf of github Mar 7, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Mar 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

@​ai-sdk/react@​2.0.152

Patch Changes

ai@6.0.116

Patch Changes

ai@6.0.115

Patch Changes

ai@5.0.150

Patch Changes

ai@5.0.149

Patch Changes

ai@5.0.148

Patch Changes

ai@5.0.147

Patch Changes

ai@5.0.146

Patch Changes

v0.16.37

0.16.37 (2026-03-06)

Bug Fixes

v0.16.36

0.16.36 (2026-03-06)

Bug Fixes

v0.16.35

0.16.35 (2026-03-05)

Bug Fixes

v0.16.34

0.16.34 (2026-03-05)

Bug Fixes

v0.16.33

0.16.33 (2026-02-23)

Bug Fixes

v0.16.32

0.16.32 (2026-02-22)

Bug Fixes

v0.16.31

0.16.31 (2026-02-22)

0.16.37 (2026-03-06)

Bug Fixes

0.16.36 (2026-03-06)

Bug Fixes

0.16.35 (2026-03-05)

Bug Fixes

0.16.34 (2026-03-05)

Bug Fixes

0.16.33 (2026-02-23)

Bug Fixes

0.16.32 (2026-02-22)

Bug Fixes

0.16.31 (2026-02-22)

Bug Fixes

0.16.30 (2026-02-22)

Version 0.577.0

What's Changed

New Contributors

Version 0.576.0

What's Changed

Version 0.575.0

What's Changed

New Contributors

Version 0.574.0

What's Changed

New Contributors

mermaid@11.12.3

Patch Changes

v16.1.6

Core Changes

Credits

v16.1.5

v16.1.4

Core Changes

Credits

v16.1.1-canary.36

Core Changes

Example Changes

Misc Changes

19.2.4 (January 26th, 2026)

React Server Components

dependabot bot commented on behalf of github Mar 7, 2026 •

edited

Loading

`@ai-sdk/react@2`.0.152