Skip to content

chore(deps): bump the production-dependencies group with 4 updates#20

Merged
allenhutchison merged 1 commit intomainfrom
dependabot/npm_and_yarn/production-dependencies-1f4c96fd9b
Jan 25, 2026
Merged

chore(deps): bump the production-dependencies group with 4 updates#20
allenhutchison merged 1 commit intomainfrom
dependabot/npm_and_yarn/production-dependencies-1f4c96fd9b

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 25, 2026
edited
Loading

Bumps the production-dependencies group with 4 updates: @allenhutchison/gemini-utils, @google/genai, @modelcontextprotocol/sdk and zod.

Updates @allenhutchison/gemini-utils from 0.3.0 to 0.4.3

Commits

Updates @google/genai from 1.34.0 to 1.38.0

Release notes

Sourced from @​google/genai's releases.

v1.38.0

1.38.0 (2026-01-20)

Features

  • Add ModelArmorConfig support for prompt and response sanitization via the Model Armor service (be65c24)
  • Allow custom endpoints for authentication with Vertex AI in Typescript (891e32d), closes #1137
  • Update data types from discovery doc. (a16a180)
  • Update data types from discovery doc. (a4eaa8c)

v1.37.0

1.37.0 (2026-01-15)

Features

  • Support 4:5 and 5:4 aspect ratio in Interactions (5294da2)

v1.36.0

1.36.0 (2026-01-14)

Features

  • Add FileSearchCallContent to Interactions (ccf11a4)
  • Add ImageConfig to GenerationConfig for image generation in Interactions (f34b6fb)
  • Support JS local tokenizer (bb429ad)
  • voice activity support (3ad1011)

v1.35.0

1.35.0 (2026-01-07)

Features

  • [Python] add RegisterFiles so gcs files can be used with genai. (1bf555c)
  • Add PersonGeneration to ImageConfig for Vertex Gempix (b0753d7)
Changelog

Sourced from @​google/genai's changelog.

1.38.0 (2026-01-20)

Features

  • Add ModelArmorConfig support for prompt and response sanitization via the Model Armor service (be65c24)
  • Allow custom endpoints for authentication with Vertex AI in Typescript (891e32d), closes #1137
  • Update data types from discovery doc. (a16a180)
  • Update data types from discovery doc. (a4eaa8c)

1.37.0 (2026-01-15)

Features

  • Support 4:5 and 5:4 aspect ratio in Interactions (5294da2)

1.36.0 (2026-01-14)

Features

  • Add FileSearchCallContent to Interactions (ccf11a4)
  • Add ImageConfig to GenerationConfig for image generation in Interactions (f34b6fb)
  • Support JS local tokenizer (bb429ad)
  • voice activity support (3ad1011)

1.35.0 (2026-01-07)

Features

  • [Python] add RegisterFiles so gcs files can be used with genai. (1bf555c)
  • Add PersonGeneration to ImageConfig for Vertex Gempix (b0753d7)
Commits
  • 0055069 chore(main): release 1.38.0 (#1258)
  • 891e32d feat: Allow custom endpoints for authentication with Vertex AI in Typescript
  • a16a180 feat: Update data types from discovery doc.
  • a4eaa8c feat: Update data types from discovery doc.
  • 2389c32 test: Suppress compilation issues with TypeScript 5.9.
  • cc86058 chore: Update documentation for the background parameter.
  • be65c24 feat: Add ModelArmorConfig support for prompt and response sanitization via t...
  • d136c02 Copybara import of the project:
  • e8c5bef chore(main): release 1.37.0 (#1256)
  • f702b73 Copybara import of the project:
  • Additional commits viewable in compare view

Updates @modelcontextprotocol/sdk from 1.25.1 to 1.25.3

Release notes

Sourced from @​modelcontextprotocol/sdk's releases.

v1.25.3

What's Changed

Full Changelog: modelcontextprotocol/typescript-sdk@v1.25.2...v1.25.3

v1.25.2

What's Changed

New Contributors

Full Changelog: modelcontextprotocol/typescript-sdk@1.25.1...v1.25.2

Commits
  • ced7535 1.25.3
  • 6e8f7e1 fix: prevent Hono from overriding global Response object (v1.x) (#1411)
  • 12ae856 [v1.x backport] Use correct schema for client sampling validation when tools ...
  • b392f02 fix: prevent ReDoS in UriTemplate regex patterns (v1.x backport) (#1365)
  • a0c9b13 fix: README badges links destinations (#907)
  • 6dd08ac ci: trigger workflow on v1.x branch (#1319)
  • See full diff in compare view

Updates zod from 4.2.1 to 4.3.6

Release notes

Sourced from zod's releases.

v4.3.6

Commits:

  • 9977fb0868432461de265a773319e80a90ba3e37 Add brand.dev to sponsors
  • f4b7bae3468f6188b8f004e007d722148fc91d77 Update pullfrog.yml (#5634)
  • 251d7163a0ac7740fee741428d913e3c55702ace Clean up workflow_call
  • edd4132466da0f5065a8e051b599d01fdd1081d8 fix: add missing User-agent to robots.txt and allow all (#5646)
  • 85db85e9091d0706910d60c7eb2e9c181edd87bd fix: typo in codec.test.ts file (#5628)
  • cbf77bb12bdfda2e054818e79001f5cb3798ce76 Avoid non null assertion (#5638)
  • dfbbf1c1ae0c224b8131d80ddf0a264262144086 Avoid re-exported star modules (#5656)
  • 762e911e5773f949452fd6dd4e360f2362110e8e Generalize numeric key handling
  • ca3c8629c0c2715571f70b44c2433cad3db7fe4e v4.3.6

v4.3.5

Commits:

  • 21afffdb42ccab554036312e33fed0ea3cb8f982 [Docs] Update migration guide docs for deprecation of message (#5595)
  • e36743e513aadb307b29949a80d6eb0dcc8fc278 Improve mini treeshaking
  • 0cdc0b8597999fd9ca99767b912c1e82c1ff2d6c 4.3.5

v4.3.4

Commits:

  • 1a8bea3b474eada6f219c163d0d3ad09fadabe72 Add integration tests
  • e01cd02b2f23d7e9078d3813830b146f8a2258b4 Support patternProperties for looserecord (#5592)
  • 089e5fbb0f58ce96d2c4fb34cd91724c78df4af5 Improve looseRecord docs
  • decef9c418d9a598c3f1bada06891ba5d922c5cd Fix lint
  • 9443aab00d44d5d5f4a7eada65fc0fc851781042 Drop iso time in fromJSONSchema
  • 66bda7491a1b9eab83bdeec0c12f4efc7290bd48 Remove .refine() from ZodMiniType
  • b4ab94ca608cd5b581bfc12b20dd8d95b35b3009 4.3.4

v4.3.3

Commits:

  • f3b2151959d215d405f54dff3c7ab3bf1fd887ca v4.3.3

v4.3.2

Commits:

  • bf96635d243118de6e4f260077aa137453790bf6 Loosen strictObjectinside intersection (#5587)
  • f71dc0182ab0f0f9a6be6295b07faca269e10179 Remove Juno (#5590)
  • 0f41e5a12a43e6913c9dcb501b2b5136ea86500d 4.3.2

v4.3.1

Commits:

  • 0fe88407a4149c907929b757dc6618d8afe998fc allow non-overwriting extends with refinements. 4.3.1

v4.3.0

This is Zod's biggest release since 4.0. It addresses several of Zod's longest-standing feature requests.

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 25, 2026
@coderabbitai
Copy link

coderabbitai bot commented Jan 25, 2026

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

@allenhutchison
Copy link
Owner

allenhutchison commented Jan 25, 2026

@dependabot rebase

@dependabot
chore(deps): bump the production-dependencies group with 4 updates
4fb389d 
Bumps the production-dependencies group with 4 updates: [@allenhutchison/gemini-utils](https://github.com/allenhutchison/gemini-utils), [@google/genai](https://github.com/googleapis/js-genai), [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) and [zod](https://github.com/colinhacks/zod).


Updates `@allenhutchison/gemini-utils` from 0.3.0 to 0.4.3
- [Commits](https://github.com/allenhutchison/gemini-utils/commits)

Updates `@google/genai` from 1.34.0 to 1.38.0
- [Release notes](https://github.com/googleapis/js-genai/releases)
- [Changelog](https://github.com/googleapis/js-genai/blob/main/CHANGELOG.md)
- [Commits](googleapis/js-genai@v1.34.0...v1.38.0)

Updates `@modelcontextprotocol/sdk` from 1.25.1 to 1.25.3
- [Release notes](https://github.com/modelcontextprotocol/typescript-sdk/releases)
- [Commits](modelcontextprotocol/typescript-sdk@1.25.1...v1.25.3)

Updates `zod` from 4.2.1 to 4.3.6
- [Release notes](https://github.com/colinhacks/zod/releases)
- [Commits](colinhacks/zod@v4.2.1...v4.3.6)

---
updated-dependencies:
- dependency-name: "@allenhutchison/gemini-utils"
  dependency-version: 0.4.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: "@google/genai"
  dependency-version: 1.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: "@modelcontextprotocol/sdk"
  dependency-version: 1.25.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: zod
  dependency-version: 4.3.6
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/production-dependencies-1f4c96fd9b branch from 2ad2222 to 4fb389d Compare January 25, 2026 00:23
@allenhutchison allenhutchison merged commit bb6d6c5 into main Jan 25, 2026
2 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/production-dependencies-1f4c96fd9b branch January 25, 2026 00:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@allenhutchison