chore(deps): bump @modelcontextprotocol/sdk from 1.13.2 to 1.25.2#2435
chore(deps): bump @modelcontextprotocol/sdk from 1.13.2 to 1.25.2#2435dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) from 1.13.2 to 1.25.2. - [Release notes](https://github.com/modelcontextprotocol/typescript-sdk/releases) - [Commits](modelcontextprotocol/typescript-sdk@1.13.2...v1.25.2) --- updated-dependencies: - dependency-name: "@modelcontextprotocol/sdk" dependency-version: 1.25.2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
dosubot
bot
added
the
size:XS
📦 Next.js Bundle Analysis for langfuse-docsThis analysis was generated by the Next.js Bundle Analysis action. 🤖 Four Pages Changed SizeThe following pages changed size from the code in this PR compared to its base branch:
DetailsOnly the gzipped size is provided here based on an expert tip. First Load is the size of the global bundle plus the bundle for the individual page. If a user were to show up to your website and land on a given page, the first load size represents the amount of javascript that user would need to download. If Any third party scripts you have added directly to your app using the The "Budget %" column shows what percentage of your performance budget the First Load total takes up. For example, if your budget was 100kb, and a given page's first load size was 10kb, it would be 10% of your budget. You can also see how much this has increased or decreased compared to the base branch of your PR. If this percentage has increased by 20% or more, there will be a red status indicator applied, indicating that special attention should be given to this. If you see "+/- <0.01%" it means that there was a change in bundle size, but it is a trivial enough amount that it can be ignored. |
|
Superseded by #2495. |
dependabot
bot
deleted the
dependabot/npm_and_yarn/modelcontextprotocol/sdk-1.25.2
branch
Bumps @modelcontextprotocol/sdk from 1.13.2 to 1.25.2.
Release notes
Sourced from
@modelcontextprotocol/sdk's releases.... (truncated)
Commits
b392f02fix: prevent ReDoS in UriTemplate regex patterns (v1.x backport) (#1365)a0c9b13fix: README badges links destinations (#907)6dd08acci: trigger workflow on v1.x branch (#1319)384311bchore: bump version for patch fix (#1307)fb07af8spec types - backwards compatibility changes (#1306)2b20ca9chore: bump version for release (#1301)67ba7adfeat: fetch transport (#1209)1d42547Add theme property to Icon schema (#1290)54303b4Add optional description field to Implementation schema (#1295)9941294Fix Zod v4 schema description extraction (#1296)Maintainer changes
This version was pushed to npm by pcarleton, a new releaser for
@modelcontextprotocol/sdksince your current version.You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.
Important
Bump
@modelcontextprotocol/sdkfrom 1.13.2 to 1.25.2 inpackage.json, including security fixes and schema enhancements.@modelcontextprotocol/sdkfrom 1.13.2 to 1.25.2 inpackage.json.This description was created by
for fe64a44. You can customize this summary. It will automatically update as commits are pushed.