chore(deps): bump the production-dependencies group with 12 updates

[dependabot]

Bumps the production-dependencies group with 12 updates:

Package	From	To
ts-morph	21.0.1	28.0.0
@ai-sdk/anthropic	1.2.12	3.0.79
@ai-sdk/openai	1.3.24	3.0.65
@langchain/core	1.1.47	1.1.48
ai	4.3.19	6.0.191
zod	3.25.76	4.4.3
diff	5.2.2	9.0.0
glob	10.5.0	13.0.6
commander	11.1.0	14.0.3
ink	5.2.1	7.0.4
ora	8.2.0	9.4.0
react	18.3.1	19.2.6

Updates ts-morph from 21.0.1 to 28.0.0

Release notes

Sourced from ts-morph's releases.

28.0.0

What's Changed

• feat(BREAKING): TypeScript 6.0 by @​dsherret in dsherret/ts-morph#1669
• feat: standalone printStructure function by @​dsherret in dsherret/ts-morph#1670
• fix: InvalidOperationError in addTypeArgument by @​jfirebaugh in dsherret/ts-morph#1663

Note there are some breaking changes due to TypeScript 6.0. Read more here: https://devblogs.microsoft.com/typescript/announcing-typescript-6-0/

As part of this release, structures can now be printed to a string using the printStructure function.

import { printStructure, StructureKind } from "ts-morph";
const code = printStructure({
kind: StructureKind.Class,
name: "MyClass",
isExported: true,
properties: [{ name: "myProp", type: "string" }],
methods: [{
name: "myMethod",
parameters: [{ name: "param", type: "number" }],
returnType: "void",
}],
});
console.log(code);

Outputs:

export class MyClass {
  myProp: string;
myMethod(param: number): void {
}
}

New Contributors

• @​jfirebaugh made their first contribution in dsherret/ts-morph#1663

Full Changelog: dsherret/ts-morph@27.0.2...28.0.0

27.0.2

What's Changed

• Fixes the npm publish in order to get the fixes in from 27.0.1
  • fix: browser support no longer working since dsherret/ts-morph#1628 in 26.0.0 due to missing browser fields by @​BossSloth in dsherret/ts-morph#1654

Full Changelog: dsherret/ts-morph@27.0.1...27.0.2

... (truncated)

Commits

• c895bee 28.0.0 (#1672)
• f731ab2 docs: add logo (#1671)
• 76ca64e feat: standalone printStructure function (#1670)
• 0c57a18 fix: InvalidOperationError in addTypeArgument (#1663)
• d3f77b8 feat(BREAKING): TypeScript 6.0 (#1669)
• 0dd1adc 27.0.2 (#1659)
• 44d04c9 chore: do not attempt npm publish when package already exists (#1658)
• 923182d fix: browser support no longer working since #1628 in 26.0.0 due to missing b...
• 2182f99 27.0.0 (#1652)
• 673161e feat: ability to add and remove the defer keyword in imports (#1651)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for ts-morph since your current version.

Updates @ai-sdk/anthropic from 1.2.12 to 3.0.79

Release notes

Sourced from @​ai-sdk/anthropic's releases.

@​ai-sdk/anthropic@​3.0.79

Patch Changes

• d61a788: Handle errors from anthropic websearch tool

Changelog

Sourced from @​ai-sdk/anthropic's changelog.

3.0.79

Patch Changes

• d61a788: Handle errors from anthropic websearch tool

3.0.78

Patch Changes

• 6e28d25: fix(anthropic): propagate toModelOutput providerOption to anthropic tool results

3.0.77

Patch Changes

• d53314d: feat(anthropic): add the new advisor tool

3.0.76

Patch Changes

• Updated dependencies [f591416]
  • @​ai-sdk/provider-utils@​4.0.27

3.0.75

Patch Changes

• 3f06680: Remove stale effort-2025-11-24 beta header — the extended thinking effort parameter is GA and no longer requires the beta flag. Vertex AI's strict validator was actively rejecting requests with this header.

3.0.74

Patch Changes

• Updated dependencies [7beadf0]
  • @​ai-sdk/provider-utils@​4.0.26

3.0.73

Patch Changes

• f8c9ae4: feat(anthropic): sanitize the unsupported JSON schema validation properties
• a727da4: chore: ensure consistent import handling and avoid import duplicates or cycles
• Updated dependencies [a727da4]
  • @​ai-sdk/provider-utils@​4.0.25
  • @​ai-sdk/provider@​3.0.10

3.0.72

... (truncated)

Commits

• 7ebba33 Version Packages (#15557)
• d61a788 Backport: Handle errors in anthropic's web search tool (#15555)
• 2e7664b Version Packages (#15315)
• 6e28d25 Backport: fix(anthropic): propagate toModelOutput providerOption to anthropic...
• d37fb1f Version Packages (#15202)
• d53314d Backport: feat(anthropic): add the new advisor tool (#15203)
• e3ccdb5 Version Packages (#15094)
• 74a7a20 Version Packages (#15012)
• 3f06680 Backport: fix(anthropic): remove stale effort-2025-11-24 beta header (#15011)
• 8a46a3c Version Packages (#14875)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​ai-sdk/anthropic since your current version.

Updates @ai-sdk/openai from 1.3.24 to 3.0.65

Release notes

Sourced from @​ai-sdk/openai's releases.

@​ai-sdk/openai-compatible@​3.0.0-canary.52

Patch Changes

• Updated dependencies [6c93e36]
• Updated dependencies [f617ac2]
  • @​ai-sdk/provider-utils@​5.0.0-canary.44

@​ai-sdk/openai-compatible@​3.0.0-canary.51

Patch Changes

• 9f1e1ba: fix: accept empty string role in streaming delta chunks from OpenAI-compatible providers

@​ai-sdk/openai-compatible@​2.0.48

Patch Changes

• e40e1d4: fix: accept empty string role in streaming delta chunks from OpenAI-compatible providers

Changelog

Sourced from @​ai-sdk/openai's changelog.

3.0.65

Patch Changes

• eb52378: fix(openai): skip passing reasoning items when using previous response id

3.0.64

Patch Changes

• b7ed8bd: feat(openai): add opt-in pass-through for unsupported file media types

3.0.63

Patch Changes

• Updated dependencies [f591416]
  • @​ai-sdk/provider-utils@​4.0.27

3.0.62

Patch Changes

• 65edcca: feat: add allowedTools provider option for OpenAI Responses

3.0.61

Patch Changes

• b93f9b4: feat(provider/openai): forward imageDetail providerOptions on tool-result image content

3.0.60

Patch Changes

• 6dcd8e6: feat(openai): add GPT-5.5 chat model IDs

3.0.59

Patch Changes

• 38966ab: fix(openai, openai-compatible): only send null content for assistant messages with tool calls

3.0.58

Patch Changes

• 2370948: feat(openai): preserve namespace on function_call output items

3.0.57

... (truncated)

Commits

• 1a3ec6d Version Packages (#15513)
• eb52378 Backport: fix(openai): skip passing reasoning items when using previous respo...
• 2e7664b Version Packages (#15315)
• b7ed8bd Backport: feat(openai): add opt-in pass-through for unsupported file media ty...
• e3ccdb5 Version Packages (#15094)
• bf9de31 Version Packages (#15046)
• 65edcca Backport: feat(openai): add allowedTools provider option for Responses (#15044)
• ee37690 Version Packages (#15020)
• b93f9b4 Backport: feat(provider/openai): forward imageDetail providerOptions on tool-...
• c706111 Version Packages (#14971)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​ai-sdk/openai since your current version.

Updates @langchain/core from 1.1.47 to 1.1.48

Release notes

Sourced from @​langchain/core's releases.

@​langchain/core@​1.1.48

Patch Changes

• #10832 1b24369 Thanks @​info-arnav! - fix(core, openrouter): make CJS default re-exports callable

• #10666 2bb55b0 Thanks @​hnustwjj! - feat(openrouter): surface reasoning content as v1 standard content blocks

  convertOpenRouterResponseToBaseMessage and convertOpenRouterDeltaToBaseMessageChunk now copy OpenRouter's reasoning (flat string) and reasoning_details (structured array) fields onto additional_kwargs.reasoning_content / additional_kwargs.reasoning_details. A new ChatOpenRouterTranslator is registered in @langchain/core under the "openrouter" provider key so AIMessage.contentBlocks emits standard {type: "reasoning"} blocks alongside text and tool calls.

  Previously, reasoning text returned by reasoning-capable models routed through OpenRouter (DeepSeek R1, Minimax M2, Claude extended thinking, o-series, etc.) was silently dropped: only the reasoning_tokens count was preserved via usage_metadata. Consumers using standard content blocks (including the frontend agent UI patterns shown in the docs) could not display the model's chain of thought.

• #10918 3999fab Thanks @​christian-bromann! - fix(openai): stream custom tool calls through Responses API chunks

Commits

• caad091 chore: version packages (#10919)
• f4a6149 chore(deps): bump fast-uri from 3.1.0 to 3.1.2 (#10926)
• 7b12f6d chore(deps): bump protobufjs from 7.5.6 to 7.6.0 (#10930)
• 5c6c5fe chore(deps): bump ws from 5.2.4 to 8.20.0 (#10915)
• a8652ce docs: fix typos, add Ollama setup, update outdated references (#10922)
• 2bb55b0 feat(openrouter): surface reasoning as v1 standard content blocks (#10666)
• 4ecb660 fix(langchain): set name on todoListMiddleware ToolMessages (#10706)
• 20f27df fix(ibm): handle API errors in streaming responses (#10721)
• 4566873 feat(ibm): add integration test to IBM implementation (#10732)
• 6e4337f fix(aws): add claude-haiku-4 to supportedToolChoiceValuesForModel (#10743)
• Additional commits viewable in compare view

Updates ai from 4.3.19 to 6.0.191

Release notes

Sourced from ai's releases.

ai@6.0.191

Patch Changes

• Updated dependencies [27a1b22]
  • @​ai-sdk/gateway@​3.0.120

Changelog

Sourced from ai's changelog.

6.0.191

Patch Changes

• Updated dependencies [27a1b22]
  • @​ai-sdk/gateway@​3.0.120

6.0.190

Patch Changes

• Updated dependencies [33b10a2]
• Updated dependencies [f6e4146]
  • @​ai-sdk/gateway@​3.0.119

6.0.189

Patch Changes

• 356c3cf: fix(ai): make input optional on input-streaming UIMessagePart variants

6.0.188

Patch Changes

• c98715a: Add allowSystemInMessages option to ToolLoopAgent.

  This exposes the same option that exists on streamText and generateText, whether role: "system" messages are allowed in the prompt or messages fields. When unset, system messages are rejected because they can create a prompt injection attack risk. Ideally, use the instructions option instead. Set to true to allow system messages, or false to explicitly reject them.

  const agent = new ToolLoopAgent({
    model,
    allowSystemInMessages: true,
  });
  await agent.generate({
  messages: [
  { role: "system", content: "Server context" },
  { role: "user", content: "Hello" },
  ],
  });

  The option can also be returned from prepareCall for dynamic per-call configuration.

6.0.187

Patch Changes

• Updated dependencies [6f4bb06]

... (truncated)

Commits

• 0838d52 Version Packages (#15565)
• 1a3ec6d Version Packages (#15513)
• bde7d0f Version Packages (#15494)
• 356c3cf Backport: fix(ai): make input optional on input-streaming UIMessagePart varia...
• 93ad540 Version Packages (#15489)
• c98715a Backport: [tool-loop-agent] adding support for messages with system role with...
• a15eda9 Version Packages (#15473)
• 917e487 Backport CI speed improvements to release-v6.0 (#15455)
• e33b836 Version Packages (#15440)
• 4a98945 Version Packages (#15406)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for ai since your current version.

Updates zod from 3.25.76 to 4.4.3

Release notes

Sourced from zod's releases.

v4.4.3

Commits:

• 4c2fa95ce3f3390fbc522324e406b4e9e89b88f9 docs: use Zernio primary wordmark for gold sponsor logo
• 2aeec83eb135e3a83756e973ef44845fc5a455d2 docs: prune lapsed gold sponsors and rebalance logo sizing
• 7391be88ac1ee5cd02057f5ccc012a1f5df4efd0 docs: prune lapsed silver/bronze sponsors and add active ones
• 2c703322a21b4e2b12f33f49ea8430c451a68b4f docs: normalize bronze sponsor logos to github avatar pattern
• 9195250cab0e7950efe39c3926d6c203b4b0a170 docs: remove Mintlify from bronze sponsors (churned)
• b8dffe9e62f17e6571e6249d05cc5102b54d94e4 docs: remove Numeric and Speakeasy (2+ missed monthly cycles)
• 1cab69383fcdeae2a366d5e2a2fc4d8fc765d168 fix(v4): restore catch handling for absent object keys (#5937) (#5939)
• c2be4f819064eed62c7c350a2d399b5faecd15f8 fix(v4): generalize optin/fallback to transform; restore preprocess on absent keys (#5941)
• f3c9ec03ba7a28ae72d25cc295f38674bee0f559 4.4.3
• 1fb56a5c18c27102dbc92260a4007c7732a0ccca docs: document release procedure in AGENTS.md

v4.4.2

Commits:

• 0c62df0ea19fd05abdf90473e9eef7eea530fab2 Clean up docs navigation and stale labels (#5901)
• 20cc794895cc8604fe0c87d83a5d1c3f89fad0ac chore: add security policy and refresh tooling deps
• 6fbe07b0177efdd1bf1c0b05160e70d7a0702337 fix(docs): heading anchor links now include the hash so it doesnt scoll all the way up, follows navbar logic (#5791)
• 4bbed1b1c73eca4ce9e59b1189ed236aa6c8b5bd Tighten discriminated union option typing
• bbac3e567e7fccfaaf7cdc97f1ce30c295e2c908 Update PR guidance for agents
• cf0dc942a32805c292fff59ade20a7ace980735a Merge remote-tracking branch 'origin/main' into fix-discriminated-union-key-constraint
• 292c894a5fd2aa42e527900b83d8d7a3009a709c docs: add Zernio gold sponsor
• 1fc9f311c28dcf80d0bb5a36b177086cbc3d8eca docs: document codec inversion
• 1373c85da9aeff704a9762d27bc58699618aefb7 docs: remove AI disclosure guidance
• e20d02b473c08e3a4e557bc610b1b5fac079b649 chore: ignore triage notes
• e58ea4d91b1dfe8194b73508203213cbc7e9c936 docs: test Zod Mini tab code heights
• 905761a5d127e8d5dd2ebb3bc88c75cb0b8149ff docs: document preprocess input type narrowing
• bf64bac850d4dee2b7dde7e64909d5d796d32043 chore: tighten test guidance in AGENTS.md
• 8ec4e73f4c4693b6361ad591be40fb41eb8a9f95 chore: update play.ts scratch
• 02c2baf7d0d615872fa4528a8020603b71211702 Make z.preprocess defer optionality to inner schema (#5929)
• 88015df8e25c44fb5385eb3ef28935119cd5edea fix(docs): drop deprecated baseUrl from tsconfig
• c59d4474e3b4cad1b323462186cf607178ce8267 4.4.2

v4.4.1

Commits:

• 481f7be4238c83ed58183f921b2646f340a91c6a ci: gate release publishing on full test workflow
• 95ccab423aec720b2523c3a64cdc7e3204537cc7 test(v3): restore optional undefined expectations
• cede2c63739a5823d6aa5093d291e9a111da943d fix(v4): reject tuple holes before required defaults (#5900)
• edd0bf0f5ada4a8dc581c259407d7bbad0a71ea7 release: 4.4.1
• 180d83d1dbe6a59260710cc8637a3dea2281ee56 docs: remove Jazz featured sponsor

v4.4.0

4.4.0

This is a minor release with a wide set of correctness and soundness fixes. Some fixes intentionally make Zod stricter, so code that depended on previously accepted invalid or ambiguous inputs may need small updates.

Potentially breaking bug fixes

... (truncated)

Commits

• 1fb56a5 docs: document release procedure in AGENTS.md
• f3c9ec0 4.4.3
• c2be4f8 fix(v4): generalize optin/fallback to transform; restore preprocess on absent...
• 1cab693 fix(v4): restore catch handling for absent object keys (#5937) (#5939)
• b8dffe9 docs: remove Numeric and Speakeasy (2+ missed monthly cycles)
• 9195250 docs: remove Mintlify from bronze sponsors (churned)
• 2c70332 docs: normalize bronze sponsor logos to github avatar pattern
• 7391be8 docs: prune lapsed silver/bronze sponsors and add active ones
• 2aeec83 docs: prune lapsed gold sponsors and rebalance logo sizing
• 4c2fa95 docs: use Zernio primary wordmark for gold sponsor logo
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for zod since your current version.

Updates diff from 5.2.2 to 9.0.0

Changelog

Sourced from diff's changelog.

9.0.0

(All changes part of PR #672.)

• ES5 support is dropped. parsePatch now uses TextDecoder and Uint8Array, which are not available in ES5, and TypeScript is now compiled with the "es6" target. From now on, I intend to freely use any features that are deemed "Widely available" by Baseline. Users who need ES5 support should stick to version 8.

• C-style quoted strings in filename headers are now properly supported.

  When the name of either the old or new file in a patch contains "special characters", both GNU diff and Git quote the filename in the patch's headers and escape special characters using the same escape sequences that are used in string literals in C, including octal escapes for all non-ASCII characters. Previously, jsdiff had very little support for this; parsePatch would remove the quotes, and unescape any escaped backslashes, but would not unescape other escape sequences. formatPatch, meanwhile, did not quote or escape special characters at all.

  Now, parsePatch parses all the possible escape sequences that GNU diff (or Git) ever output, and formatPatch quotes and escapes filenames containing special characters in the same way GNU diff does.

• formatPatch now omits file headers when oldFileName or newFileName in the provided patch object are undefined, regardless of the headerOptions parameter. (Previously, it would treat the absence of oldFileName or newFileName as indicating the filename was the word "undefined" and emit headers --- undefined / +++ undefined.)

• formatPatch no longer outputs trailing tab characters at the end of ---/+++ headers.

  Previously, if formatPatch was passed a patch object to serialize that had empty strings for the oldHeader or newHeader property, it would include a trailing tab character after the filename in the --- and/or +++ file header. Now, this scenario is treated the same as when oldHeader/newHeader is undefined - i.e. the trailing tab is omitted.

• formatPatch no longer mutates its input when serializing a patch containing a hunk where either the old or new content contained zero lines. (Such a hunk occurs only when the hunk has no context lines and represents a pure insertion or pure deletion, which for instance will occur whenever one of the two files being diffed is completely empty.) Previously formatPatch would provide the correct output but also mutate the oldLines or newLines property on the hunk, changing the meaning of the underlying patch.

• Git-style patches are now supported by parsePatch, formatPatch, and reversePatch.

  Patches output by git diff can include some features that are unlike those output by GNU diff, and therefore not handled by an ordinary unified diff format parser. An ordinary diff simply describes the differences between the content of two files, but Git diffs can also indicate, via "extended headers", the creation or deletion of (potentially empty) files, indicate that a file was renamed, and contain information about file mode changes. Furthermore, when these changes appear in a diff in the absence of a content change (e.g. when an empty file is created, or a file is renamed without content changes), the patch will contain no associated ---/+++ file headers nor any hunks.

  jsdiff previously did not support parsing Git's extended headers, nor hunkless patches. Now parsePatch parses some of the extended headers, parses hunkless Git patches, and can determine filenames (e.g. from the extended headers) when parsing a patch that includes no --- or +++ file headers. The additional information conveyed by the extended headers we support is recorded on new fields on the result object returned by parsePatch. See isGit and subsequent properties in the docs in the README.md file.

  formatPatch now outputs extended headers based on these new Git-specific properties, and reversePatch respects them as far as possible (with one unavoidable caveat noted in the README.md file).

• Unpaired file headers now cause parsePatch to throw.

  It remains acceptable to have a patch with no file headers whatsoever (e.g. one that begins with a @@ hunk header on the very first line), but a patch with only a --- header or only a +++ header is now considered an error.

• parsePatch is now more tolerant of "trailing garbage"

  That is: after a patch, or between files/indexes in a patch, it is now acceptable to have arbitrary lines of "garbage" (so long as they unambiguously have no syntactic meaning - e.g. trailing garbage that leads with a +, -, or and thus is interpretable as part of a hunk still triggers a throw).

  This means we no longer reject patches output by tools that include extra data in "garbage" lines not understood by generic unified diff parsers. (For example, SVN patches can include "Property changes on:" lines that generic unified diff parsers should discard as garbage; jsdiff previously threw errors when encountering them.)

  This change brings jsdiff's behaviour more in line with GNU patch, which is highly permissive of "garbage".

• The oldFileName and newFileName fields of StructuredPatch are now typed as string | undefined instead of string. This type change reflects the (pre-existing) reality that parsePatch can produce patches without filenames (e.g. when parsing a patch that simply contains hunks with no file headers).

8.0.4

• #667 - fix another bug in diffWords when used with an Intl.Segmenter. If the text to be diffed included a combining mark after a whitespace character (i.e. roughly speaking, an accented space), diffWords would previously crash. Now this case is handled correctly.

8.0.3

• #631 - fix support for using an Intl.Segmenter with diffWords. This has been almost completely broken since the feature was added in v6.0.0, since it would outright crash on any text that featured two consecutive newlines between a pair of words (a very common case).
• #635 - small tweaks to tokenization behaviour of diffWords when used without an Intl.Segmenter. Specifically, the soft hyphen (U+00AD) is no longer considered to be a word break, and the multiplication and division signs (× and ÷) are now treated as punctuation instead of as letters / word characters.

... (truncated)

Commits

• ed13aca Update version in package.json and in release notes (#683)
• 7a49317 Bump dependencies again (#682)
• afe5aec Add Git support, and otherwise variously improve & fix parsePatch (and other ...
• 2e46779 Fix a typo (#679)
• dd2f994 8.0.4 release (#678)
• 3cc4384 Update docs on releasing to reflect migration to yarn berry (#677)
• 6fc2aa6 yarn up '*' && yarn up -R '**' (#676)
• af7393a yarn up '*' && yarn up -R '**' (#670)
• 4b5d180 Fix another bug in diffWords's "intlSegmenter" mode (#667)
• 10da50c yarn up '*' && yarn up -R '**' (#666)
• Additional commits viewable in compare view

Updates glob from 10.5.0 to 13.0.6

Changelog

Sourced from glob's changelog.

changeglob

13

• Move the CLI program out to a separate package, glob-bin. Install that if you'd like to continue using glob from the command line.

12

• Remove the unsafe --shell option. The --shell option is now ONLY supported on known shells where the behavior can be implemented safely.

11.1

GHSA-5j98-mcp5-4vw2

• Add the --shell option for the command line, with a warning that this is unsafe. (It will be removed in v12.)
• Add the --cmd-arg/-g as a way to safely add positional arguments to the command provided to the CLI tool.
• Detect commands with space or quote characters on known shells, and pass positional arguments to them safely, avoiding shell:true execution.

11.0

• Drop support for node before v20

10.4

• Add includeChildMatches: false option
• Export the Ignore class

10.3

• Add --default -p flag to provide a default pattern
• exclude symbolic links to directories when follow and nodir are both set

10.2

• Add glob cli

10.1

• Return '.' instead of the empty string '' when the current working directory is returned as a match.
• Add posix: true option to return / delimited paths, even on

... (truncated)

Commits

• e80cb38 13.0.6
• 9cdbbff revert tsgo, not ready for test coverage correctness yet
• 89c99ba use tsgo compiler
• b7275d5 update deps, expand engines to include node 18
• 942e360 update workflows, pull taprc out of package.json
• 4a0d53c update tap for mockImport bugfix
• ef94ad2 update tap
• 180c2d4 update docs
• 37993c8 remove stray console.error in test
• 03ae4c2 13.0.5
• Additional commits viewable in compare view

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates commander from 11.1.0 to 14.0.3

Release notes

Sourced from commander's releases.

v14.0.3

Added

• Release Policy document (#2462)

Changes

• old major versions now supported for 12 months instead of just previous major version, to give predictable end-of-life date (#2462)
• clarify typing for deprecated callback parameter to .outputHelp() (#2427)
• simple readability improvements to README (#2465)

v14.0.2

Changed

• improve negative number auto-detection test (#2428)
• update (dev) dependencies

v14.0.1

Fixed

• broken markdown link in README (#2369)

Changed

• improve code readability by using optional chaining (#2394)
• use more idiomatic code with object spread instead of Object.assign() (#2395)
• improve code readability using string.endsWith() instead of string.slice() (#2396)
• refactor .parseOptions() to process args array in-place (#2409)
• change private variadic support routines from ._concatValue() to ._collectValue() (change code from array.concat() to array.push()) (#2410)
• update (dev) dependencies

v14.0.0

Added

• support for groups of options and commands in the help using low-level .helpGroup() on Option and Command, and higher -level .optionsGroup() and .commandsGroup() which can be used in chaining way to specify group title for following option s/commands (#2328)
• support for unescaped negative numbers as option-arguments and command-arguments (#2339)
• TypeScript: add parseArg property to Argument class (#2359)

Fixed

• remove bogus leading space in help when option has default value but not a description (#2348)
• .configureOutput() now makes copy of settings instead of modifying in-place, fixing side-effects (#2350)

Changed

• Breaking: Commander 14 requires Node.js v20 or higher
• internal refactor of Help class adding .formatItemList() and .groupItems() methods (#2328)

... (truncated)

Changelog

Sourced from commander's changelog.

[14.0.3] (2026-01-31)

Added

• Release Policy document (#2462)

Changes

• old major versions now supported for 12 months instead of just previous major version, to give predictable end-of-life date (#2462)
• clarify typing for deprecated callback parameter to .outputHelp() (#2427)
• simple readability improvements to README (#2465)

[14.0.2] (2025-10-25)

Changed

• improve negative number auto-detection test (#2428)
• update (dev) dependencies

[14.0.1] (2025-09-12)

Fixed

• broken markdown link in README (#2369)

Changed

• improve code readability by using optional chaining (#2394)
• use more idiomatic code with object spread instead of Object.assign() (#2395)
• improve code readability using string.endsWith() instead of string.slice() (#2396)
• refactor .parseOptions() to process args array in-place (#2409)
• change private variadic support routines from ._concatValue() to ._collectValue() (change code from array.concat() to array.push()) (#2410)
• update (dev) dependencies

[14.0.0] (2025-05-18)

Added

• support for groups of options and commands in the help using low-level .helpGroup() on Option and Command, and higher-level .optionsGroup() and .commandsGroup() which can be used in chaining way to specify group title for following options/commands (#2328)
• support for unescaped negative numbers as option-arguments and command-arguments (#2339)
• TypeScript: add parseArg property to Argument class (#2359)

Fixed

• remove bogus leading space in help when option has default value but not a description (#2348)
• .configureOutput() now makes copy of settings instead of modifying in-place, fixing side-effects (#2350)

Changed

• Breaking: Commander 14 requires Node.js v20 or higher

... (truncated)

Commits

• 8247364 14.0.3
• e281fe3 Update docs for 14.0.3 (#2474)
• 7357dda Separate out a more detailed release policy document (#2462)
• b6e2e3a Bump eslint from 9.39.1 to 9.39.2 (#2470)
• d6f63a7 Bump ts-jest from 29.4.5 to 29.4.6 (#2467)
• 2a9768a Bump prettier from 3.6.2 to 3.7.4 (#2466)
• 9211918 docs(README): Tweak formatting, punctuation for clarity (#2465)
• 4208a96 Bump typescript-eslint from 8.46.2 to 8.48.0 (#2458)
• 03308ce Bump eslint-plugin-jest from 29.0.1 to 29.2.1 (#2457)
• 4d2db1f Bump globals from 16.4.0 to 16.5.0 (#2456)
• Additional commits viewable in compare view

Updates ink from 5.2.1 to 7.0.4

Release notes

Sourced from ink's releases.

v7.0.4

• Fix: Share resize listener via emitLayoutListeners instead of per-hook listeners (#952) 89d43d8
• Fix: Remove useEffectEvent functions from useEffect dependency arrays (#960) 9d534f7

---

vadimdemedes/ink@v7.0.3...v7.0.4

v7.0.3

• Fix: Drop stale <Static> output from fullStaticOutput on identity change (#950) 669c438
• Fix: <Static> remount via key change drops new items (#948) be9f44c
• Fix useBoxMetrics not accepting ref objects with an initial null value (#945) 7c2267c

---

vadimdemedes/ink@v7.0.2...v7.0.3

v7.0.2

• Fix: Defer raw mode disable to prevent process hang on component swap dd052ea

---

vadimdemedes/ink@v7.0.1...v7.0.2

v7.0.1

• Fix: Restore useApp exit typing 42ddd40
• Fix: Respect disableFocus() when handling Escape (#937) cb66873

---

vadimdemedes/ink@v7.0.0...v7.0.1

v7.0.0

Breaking

• Require Node.js 22 19b5316
• Require React 19.2+ cfaebbb
  • Ink now uses useEffectEvent internally to avoid re-subscribing input handlers on every render
• Pressing Backspace now correctly sets key.backspace instead of key.delete (#634) 321a2e8
  • Most terminals send the same byte for Backspace as the Delete key, which caused Ink to misreport it. If you were checking key.delete to handle backspace, switch to key.backspace
• key.meta is no longer set to true when Escape is pressed e195912
  • Previously a backward-compat shim made plain Escape set both key.escape and key.meta. Now only key.escape is true. key.meta is reserved for actual Alt/Meta modifier combinations

New

• Add usePaste hook for handling clipboard paste events fbbeb23
  • Automatically enables bracketed paste mode so pasted text arrives as a single string, never misinterpreted as individual key presses by useInput
• Add useWindowSize hook 7047795
  • Returns {columns, rows} and re-renders automatically on terminal resize
• Add useBoxMetrics hook for measuring box dimensions at runtime (#433) 88731d1

... (truncated)

Commits

• 40b3a75 7.0.4
• 89d43d8 Fix: Share resize listener via emitLayoutListeners instead of per-hook list...
• 9d534f7 Fix: Remove useEffectEvent functions from useEffect dependency arrays (#960)
• 3d30345 7.0.3
• 34a4990 Tweaks
• 669c438 Fix: Drop stale \<Static> output from fullStaticOutput on identity change (#...
• be9f44c Fix: <Static> remount via key change drops new items (#948)
• 7c2267c Fix useBoxMetrics not accepting ref objects with an initial null value (#945)