chore(deps): bump the npm_and_yarn group across 20 directories with 15 updates

[dependabot]

Bumps the npm_and_yarn group with 2 updates in the / directory: ajv and markdown-it.
Bumps the npm_and_yarn group with 4 updates in the /docs directory: lodash, markdown-it, next and qs.
Bumps the npm_and_yarn group with 1 update in the /packages/angular directory: @orval/core.
Bumps the npm_and_yarn group with 1 update in the /packages/axios directory: @orval/core.
Bumps the npm_and_yarn group with 1 update in the /packages/fetch directory: @orval/core.
Bumps the npm_and_yarn group with 1 update in the /packages/hono directory: @orval/core.
Bumps the npm_and_yarn group with 1 update in the /packages/mcp directory: @orval/core.
Bumps the npm_and_yarn group with 1 update in the /packages/mock directory: @orval/core.
Bumps the npm_and_yarn group with 3 updates in the /packages/orval directory: @orval/core, @orval/mcp and @orval/mock.
Bumps the npm_and_yarn group with 1 update in the /packages/query directory: @orval/core.
Bumps the npm_and_yarn group with 1 update in the /packages/swr directory: @orval/core.
Bumps the npm_and_yarn group with 1 update in the /packages/zod directory: @orval/core.
Bumps the npm_and_yarn group with 10 updates in the /samples directory:

Package	From	To
ajv	8.14.0	8.18.0
lodash	4.17.21	4.17.23
next	14.2.26	15.5.10
@angular/compiler	12.2.17	19.2.18
hono	4.4.0	4.11.10
wrangler	3.57.2	3.114.17
@modelcontextprotocol/sdk	1.10.1	1.26.0
svelte	3.59.2	5.51.5
diff	4.0.2	4.0.4
undici	5.28.4	5.29.0

Bumps the npm_and_yarn group with 1 update in the /samples/angular-app directory: @angular/compiler.
Bumps the npm_and_yarn group with 1 update in the /samples/hono/hono-with-fetch-client/next-app directory: next.
Bumps the npm_and_yarn group with 3 updates in the /samples/mcp/petstore directory: qs, @modelcontextprotocol/sdk and diff.
Bumps the npm_and_yarn group with 1 update in the /samples/next-app-with-fetch directory: next.
Bumps the npm_and_yarn group with 1 update in the /samples/svelte-query/basic directory: svelte.
Bumps the npm_and_yarn group with 1 update in the /samples/svelte-query/custom-fetch directory: svelte.
Bumps the npm_and_yarn group with 4 updates in the /tests directory: lodash, qs, hono and @modelcontextprotocol/sdk.

Updates ajv from 8.17.1 to 8.18.0

Release notes

Sourced from ajv's releases.

v8.18.0

What's Changed

• feat: allow tree-shaking by adding "sideEffects": false to package.json by @​josdejong in ajv-validator/ajv#2480
• fix: #2482 Infinity and NaN serialise to null by @​jasoniangreen in ajv-validator/ajv#2487
• fix: small grammatical error in managing-schemas.md by @​monteiro-renato in ajv-validator/ajv#2508
• fix: typos in schema-language.md by @​monteiro-renato in ajv-validator/ajv#2507
• fix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by @​epoberezkin in ajv-validator/ajv#2586

New Contributors

• @​josdejong made their first contribution in ajv-validator/ajv#2480
• @​monteiro-renato made their first contribution in ajv-validator/ajv#2508

Full Changelog: ajv-validator/ajv@v8.17.1...v8.18.0

Commits

• 142ce84 8.18.0
• 720a23f fix(pattern): use configured RegExp engine with $data keyword to mitigate ReD...
• 82735a1 fix: typos in schema-language.md (#2507)
• b17ec32 fix: small grammatical error in managing-schemas.md (#2508)
• 69568d0 fix: #2482 Infinity and NaN serialise to null (#2487)
• f06766f feat: allow tree-shaking by adding ``"sideEffects": falsetopackage.json` ...
• See full diff in compare view

Updates markdown-it from 14.1.0 to 14.1.1

Changelog

Sourced from markdown-it's changelog.

[14.1.1] - 2026-01-11

Security

• Fixed regression from v13 in linkify inline rule. Specific patterns could cause high CPU use. Thanks to @​ltduc147 for report.

Commits

• b4a9b65 14.1.1 released
• 4b4bbca Fixed perf regression in linkify-it wrapper
• d2782d8 Add supplementary example-driven documentation (#1092)
• See full diff in compare view

Updates lodash from 4.17.21 to 4.17.23

Commits

• dec55b7 Bump main to v4.17.23 (#6088)
• 19c9251 fix: setCacheHas JSDoc return type should be boolean (#6071)
• b5e6729 jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (#6062)
• edadd45 Prevent prototype pollution on baseUnset function
• 4879a7a doc: fix autoLink function, conversion of source links (#6056)
• 9648f69 chore: remove yarn.lock file (#6053)
• dfa407d ci: remove legacy configuration files (#6052)
• 156e196 feat: add renovate setup (#6039)
• 933e106 ci: add pipeline for Bun (#6023)
• 072a807 docs: update links related to Open JS Foundation (#5968)
• Additional commits viewable in compare view

Updates markdown-it from 14.1.0 to 14.1.1

Changelog

Sourced from markdown-it's changelog.

[14.1.1] - 2026-01-11

Security

• Fixed regression from v13 in linkify inline rule. Specific patterns could cause high CPU use. Thanks to @​ltduc147 for report.

Commits

• b4a9b65 14.1.1 released
• 4b4bbca Fixed perf regression in linkify-it wrapper
• d2782d8 Add supplementary example-driven documentation (#1092)
• See full diff in compare view

Updates next from 13.5.9 to 15.5.10

Release notes

Sourced from next's releases.

v15.5.10

Please refer the following changelogs for more information about this security release:

• https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472
• https://vercel.com/changelog/summary-of-cve-2026-23864

v15.4.11

Please see this changelog for more information about this security patch.

v15.3.9

Please see this changelog for more information about this security patch.

v15.2.9

Please see this changelog for more information about this security patch.

v15.1.12

Please see this changelog for more information about this security patch.

v15.0.8

Please see this changelog for more information about this security patch.

Commits

• 60a2aa9 v15.5.10
• e5b834d fetch(next/image): reduce maximumResponseBody from 300MB to 50MB (#88588)
• 39a2f6a feat(next/image)!: add images.maximumResponseBody config (#88183)
• bf9f084 Sync DoS mitigations for React Flight
• c5de33e v15.5.9
• dd23399 Backport facebook/react#35351 for 15.5.8 (#87086)
• 7526cd6 v15.5.8
• 1e9ec41 Update React Version (#41)
• 16141e5 Update React Version (#30)
• e01e589 Backport Next.js changes to v15.5.8 (#23)
• Additional commits viewable in compare view

Updates qs from 6.5.3 to 6.5.5

Changelog

Sourced from qs's changelog.

6.5.5

• [Fix] fix regressions from robustness refactor
• [meta] add npmignore to autogenerate an npmignore file
• [actions] update reusable workflows

6.5.4

• [Robustness] avoid .push, use void
• [readme] clarify parseArrays and arrayLimit documentation (#543)
• [readme] document that addQueryPrefix does not add ? to empty output (#418)
• [readme] replace runkit CI badge with shields.io check-runs badge
• [actions] fix rebase workflow permissions

Commits

• 3a6d9f8 v6.5.5
• 48160e7 [actions] update reusable workflows
• 2fc004a [meta] add npmignore to autogenerate an npmignore file
• ddcc5d5 [Fix] fix regressions from robustness refactor
• c190488 v6.5.4
• 40b77c3 [actions] fix rebase workflow permissions
• 6e39e92 [readme] document that addQueryPrefix does not add ? to empty output
• 4e393de [readme] replace runkit CI badge with shields.io check-runs badge
• dbb0346 [readme] clarify parseArrays and arrayLimit documentation
• 6b8b4d8 [Robustness] avoid .push, use void
• See full diff in compare view

Updates @orval/core from 7.10.0 to 7.21.0

Maintainer changes

This version was pushed to npm by melloware, a new releaser for @​orval/core since your current version.

Updates @orval/core from 7.10.0 to 7.21.0

Maintainer changes

This version was pushed to npm by melloware, a new releaser for @​orval/core since your current version.

Updates @orval/core from 7.10.0 to 7.21.0

Maintainer changes

This version was pushed to npm by melloware, a new releaser for @​orval/core since your current version.

Updates @orval/core from 7.10.0 to 7.21.0

Maintainer changes

This version was pushed to npm by melloware, a new releaser for @​orval/core since your current version.

Updates @orval/core from 7.10.0 to 7.21.0

Maintainer changes

This version was pushed to npm by melloware, a new releaser for @​orval/core since your current version.

Updates @orval/core from 7.10.0 to 7.21.0

Maintainer changes

This version was pushed to npm by melloware, a new releaser for @​orval/core since your current version.

Updates @orval/core from 7.10.0 to 7.21.0

Maintainer changes

This version was pushed to npm by melloware, a new releaser for @​orval/core since your current version.

Updates @orval/mcp from 7.10.0 to 7.18.0

Maintainer changes

This version was pushed to npm by melloware, a new releaser for @​orval/mcp since your current version.

Updates @orval/mock from 7.10.0 to 7.20.0

Maintainer changes

This version was pushed to npm by melloware, a new releaser for @​orval/mock since your current version.

Updates @orval/core from 7.10.0 to 7.21.0

Maintainer changes

This version was pushed to npm by melloware, a new releaser for @​orval/core since your current version.

Updates @orval/core from 7.10.0 to 7.21.0

Maintainer changes

This version was pushed to npm by melloware, a new releaser for @​orval/core since your current version.

Updates @orval/core from 7.10.0 to 7.21.0

Maintainer changes

This version was pushed to npm by melloware, a new releaser for @​orval/core since your current version.

Updates ajv from 8.14.0 to 8.18.0

Release notes

Sourced from ajv's releases.

v8.18.0

What's Changed

• feat: allow tree-shaking by adding "sideEffects": false to package.json by @​josdejong in ajv-validator/ajv#2480
• fix: #2482 Infinity and NaN serialise to null by @​jasoniangreen in ajv-validator/ajv#2487
• fix: small grammatical error in managing-schemas.md by @​monteiro-renato in ajv-validator/ajv#2508
• fix: typos in schema-language.md by @​monteiro-renato in ajv-validator/ajv#2507
• fix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by @​epoberezkin in ajv-validator/ajv#2586

New Contributors

• @​josdejong made their first contribution in ajv-validator/ajv#2480
• @​monteiro-renato made their first contribution in ajv-validator/ajv#2508

Full Changelog: ajv-validator/ajv@v8.17.1...v8.18.0

Commits

• 142ce84 8.18.0
• 720a23f fix(pattern): use configured RegExp engine with $data keyword to mitigate ReD...
• 82735a1 fix: typos in schema-language.md (#2507)
• b17ec32 fix: small grammatical error in managing-schemas.md (#2508)
• 69568d0 fix: #2482 Infinity and NaN serialise to null (#2487)
• f06766f feat: allow tree-shaking by adding ``"sideEffects": falsetopackage.json` ...
• See full diff in compare view

Updates lodash from 4.17.21 to 4.17.23

Commits

• dec55b7 Bump main to v4.17.23 (#6088)
• 19c9251 fix: setCacheHas JSDoc return type should be boolean (#6071)
• b5e6729 jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (#6062)
• edadd45 Prevent prototype pollution on baseUnset function
• 4879a7a doc: fix autoLink function, conversion of source links (#6056)
• 9648f69 chore: remove yarn.lock file (#6053)
• dfa407d ci: remove legacy configuration files (#6052)
• 156e196 feat: add renovate setup (#6039)
• 933e106 ci: add pipeline for Bun (#6023)
• 072a807 docs: update links related to Open JS Foundation (#5968)
• Additional commits viewable in compare view

Updates next from 14.2.26 to 15.5.10

Release notes

Sourced from next's releases.

v15.5.10

Please refer the following changelogs for more information about this security release:

• https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472
• https://vercel.com/changelog/summary-of-cve-2026-23864

v15.4.11

Please see this changelog for more information about this security patch.

v15.3.9

Please see this changelog for more information about this security patch.

v15.2.9

Please see this changelog for more information about this security patch.

v15.1.12

Please see this changelog for more information about this security patch.

v15.0.8

Please see this changelog for more information about this security patch.

Commits

• 60a2aa9 v15.5.10
• e5b834d fetch(next/image): reduce maximumResponseBody from 300MB to 50MB (#88588)
• 39a2f6a feat(next/image)!: add images.maximumResponseBody config (#88183)
• bf9f084 Sync DoS mitigations for React Flight
• c5de33e v15.5.9
• dd23399 Backport facebook/react#35351 for 15.5.8 (#87086)
• 7526cd6 v15.5.8
• 1e9ec41 Update React Version (#41)
• 16141e5 Update React Version (#30)
• e01e589 Backport Next.js changes to v15.5.8 (#23)
• Additional commits viewable in compare view

Updates @angular/compiler from 12.2.17 to 19.2.18

Release notes

Sourced from @​angular/compiler's releases.

19.2.18

core

Commit	Description
	sanitize sensitive attributes on SVG script elements

19.2.17

compiler

Commit	Description
	prevent XSS via SVG animation attributeName and MathML/SVG URLs

19.2.16

http

Commit	Description
	prevent XSRF token leakage to protocol-relative URLs

19.2.15

core

Commit	Description
	introduce BootstrapContext for improved server bootstrapping (#63639)

Breaking Changes

core

• The server-side bootstrapping process has been changed to eliminate the reliance on a global platform injector.

  Before:

  const bootstrap = () => bootstrapApplication(AppComponent, config);

  After:

  const bootstrap = (context: BootstrapContext) =>
    bootstrapApplication(AppComponent, config, context);

  A schematic is provided to automatically update main.server.ts files to pass the BootstrapContext to the bootstrapApplication call.

  In addition, getPlatform() and destroyPlatform() will now return null and be a no-op respectively when running in a server environment.

For more information please see: GHSA-68x2-mx4q-78m7

18.2.14

core

Commit	Description
	introduce BootstrapContext for improved server bootstrapping (#63640)

... (truncated)

Changelog

Sourced from @​angular/compiler's changelog.

19.2.18 (2026-01-07)

core

Commit	Type	Description
26cdc53d9c	fix	sanitize sensitive attributes on SVG script elements

21.0.7 (2026-01-07)

compiler

Commit	Type	Description
8e808740c9	fix	better types for a few expression AST nodes
63b1cdcf70	fix	produce accurate span for typeof and void expressions
3c3ae0cb64	fix	provide location information for literal map keys
523dbaf1c3	fix	stop ThisReceiver inheritance from ImplicitReceiver

compiler-cli

Commit	Type	Description
4d9c4567ed	fix	ensure component import diagnostics are reported within the imports expression
cd405685af	fix	fix up spelling of diagnostic
778460fcca	fix	support qualified names in typeof type references

core

Commit	Type	Description
7c74674eb0	fix	avoid leaking view data in animations
0edbee4550	fix	explicitly cast signal node value to String
f9c29572d2	fix	sanitize sensitive attributes on SVG script elements

forms

Commit	Type	Description
e3fba182f9	feat	add [formField] directive
561772b152	fix	allow custom controls to require dirty input
f0fb1d8581	fix	allow custom controls to require hidden input
ec110f170b	fix	allow custom controls to require pending input
ae1dc16bb0	fix	clean up abort listener after timeout
9748b0d5da	fix	support custom controls with non signal-based models
6bd22df987	fix	Support readonly arrays in signal forms

router

Commit	Type	Description
41cd4a6af8	fix	Fix RouterLink href not updating with queryParamsHandling
5e9e09aee0	fix	handle errors from view transition updateCallbackDone promise

21.0.6 (2025-12-17)

Breaking Changes (affecting only experimental features)

... (truncated)

Commits

• 26cdc53 fix(core): sanitize sensitive attributes on SVG script elements
• 7c42e2e fix(compiler): prevent XSS via SVG animation attributeName and MathML/SVG URLs
• 24bab55 fix(compiler): lexer support for template literals in object literals (#61601)
• fc2483e refactor(compiler): avoid duplication between FactoryTarget type (#61571)
• 8e54b57 build: move private testing helpers outside platform-browser/testing (#61571)
• 44bb328 fix(compiler): avoid conflicts between HMR code and local symbols (#61550)
• 1007079 build: update compiler-cli to not be stamped when used for the compiler in ng...
• 0d025c5 build: support new ng_project rule (#61336)
• 899cb4a refactor: add explicit types for exports relying on inferred call return type...
• 1312eb1 build: remove irrelevant madge circular deps tests (#61209)
• Additional commits viewable in compare view

Updates hono from 4.4.0 to 4.11.10

Release notes

Sourced from hono's releases.

v4.11.10

What's Changed

• fix: fixed to be more properly timing safe (Merge commit from fork 91def7ca)

Full Changelog: honojs/hono@v4.11.9...v4.11.10

v4.11.9

What's Changed

• fix(url): ignore fragment identifiers in getPath() by @​sano-suguru in honojs/hono#4627
• fix: determine if rendered or not by node.vC[0] instead of referring to node.pP by @​usualoma in honojs/hono#4663

Full Changelog: honojs/hono@v4.11.8...v4.11.9

v4.11.8

What's Changed

• fix(jsx): preserve context when using await before html helper by @​kaigritun in honojs/hono#4662
• fix(bearer-auth): make auth-scheme case-insensitive by @​bytaesu in honojs/hono#4659

New Contributors

• @​kaigritun made their first contribution in honojs/hono#4662

Full Changelog: honojs/hono@v4.11.7...v4.11.8

v4.11.7

Security Release

This release includes security fixes for multiple vulnerabilities in Hono and related middleware. We recommend upgrading if you are using any of the affected components.

Components

IP Restriction Middleware

Fixed an IPv4 address validation bypass that could allow IP-based access control to be bypassed under certain configurations.

Cache Middleware

Fixed an issue where responses marked with Cache-Control: private or no-store could be cached, potentially leading to information disclosure on some runtimes.

Serve Static Middleware (Cloudflare Workers adapter)

Fixed an issue that could allow unintended access to internal asset keys when serving static files with user-controlled paths.

hono/jsx ErrorBoundary

Fixed a reflected Cross-Site Scripting (XSS) issue in the ErrorBoundary component that could occur when untrusted strings were rendered without proper escaping.

Recommendation

Users are encouraged to upgrade to this release, especially if they:

... (truncated)

Commits

• a40d210 4.11.10
• 91def7c Merge commit from fork
• 8b17935 test(types): add regression tests for #4388 (routes before .use() with explic...
• 4a03f4f doc(jwt): mark options.secret as required in JSDoc (#4718)
• 7300551 chore(ci): bump typescript-go to the latest (#4716)
• 4b29780 chore: update Zod import examples to use namespace imports (#4715)
• 69ad885 4.11.9
• 3d536ff fix: determine if rendered or not by node.vC[0] instead of referring to `no...
• 0c1d4c7 fix(url): ignore fragment identifiers in getPath() (#4627)
• 5ca5c3e 4.11.8
• Additional commits viewable in compare view

Updates wrangler from 3.57.2 to 3.114.17

Release notes

Sourced from wrangler's releases.

wrangler@3.114.17

Patch Changes

• #11891 6d5557b Thanks @​emily-shen! - Use argument array when executing git commands with wrangler pages deploy

  Pass user provided values from --commit-hash safely to underlying git command.

Changelog

Sourced from wrangler's changelog.

3.114.17

Patch Changes

• #11891 6d5557b Thanks @​emily-shen! - Use argument array when executing git commands with wrangler pages deploy

  Pass user provided values from --commit-hash safely to underlying git command.

3.114.16

Patch Changes

• #11689 9bab0a0 Thanks @​ascorbic! - Display a warning when authentication errors occur and the account_id in your Wrangler configuration does not match any of your authenticated accounts. This helps identify configuration issues where you may have the wrong account ID set in your wrangler.toml or wrangler.jsonc file.

• #10737 c41a078 Thanks @​workers-devprod! - Allow WRANGLER_SEND_ERROR_REPORTS env var to override whether to report Wrangler crashes to Sentry

• #11134 bd39455 Thanks @​petebacondarwin! - Reduce the amount of arguments being passed in metrics capture.

  Now the argument values that are captured come from an allow list, and can be marked as ALLOW (capture the real value) or REDACT (capture as "").

• #11020 9cb702e Thanks @​dario-piotrowicz! - Fix observability.logs.persist being flagged as an unexpected field during the wrangler config file validation

• #11147 cf4993b Thanks @​FlorentCollin! - Improve the formatting of the D1 execute command to always show the duration in milliseconds with two decimal places.

• #11650 cc29ead Thanks @​ascorbic! - fix: respect TypeScript path aliases when resolving non-JS modules with module rules

  When importing non-JavaScript files (like .graphql, .txt, etc.) using TypeScript path aliases defined in tsconfig.json, Wrangler's module-collection plugin now correctly resolves these imports. Previously, path aliases were only respected for JavaScript/TypeScript files, causing imports like import schema from '~lib/schema.graphql' to fail when using module rules.

• #11179 7f779e9 Thanks @​ascorbic! - Log a more helpful error when attempting to "r2 object put" a non-existent file

• #11501 c78d942 Thanks @​edmundhung! - fix: prevent reporting SQLite error from wrangler d1 execute to Sentry

• #11262 b2683f7 Thanks @​workers-devprod! - Avoid using object lookup for OAuth Error classes

• #11107 d8037d3 Thanks @​workers-devprod! - Fixed conflict between --env and --expires flags in wrangler r2 object put.

  --e now aliases --env only, and NOT --expires.

• #10961 02d2ea9 Thanks @​devin-ai-integration! - Acquire Cloudflare Access tokens for additional requests made during a wrangler dev --remote session

• #11108 892ec4f Thanks @​emily-shen! - Fixed self-bindings (service bindings to the same worker) showing as [not connected] in wrangler dev. Self-bindings now correctly show as [connected] since a worker is always available to itself.

• #11138 3db872a Thanks @​devin-ai-integration! - Implement tail-based logging for wrangler dev remote mode, behind the --x-tail-tags flag. This will become the default in the future.

• #10889 204616c Thanks @​workers-devprod! - Clarify that wrangler check startup generates a local CPU profile

• #11491 ed8aaef Thanks @​edmundhung! - Explicitly close FileHandle in wrangler d1 execute to support Node 25

• #10962 203e599 Thanks @​devin-ai-integration! - Fixed duplicate warning messages appearing during wrangler dev when configuration changes or state transitions occur

... (truncated)

Commits

• f21ee75 Version Packages (#11895)
• 6d5557b fix: execute git commands in pages deploy safely (#11889) (#11891)
• 0e19ae9 Version Packages (#10906)
• 3db872a [v3 backport] Backport tail-based logging from #11135 and #11346 (#11138)
• 02d2ea9 Fix remote dev with Access (#10961)
• 9bab0a0 fix(wrangler): add warning when account_id mismatch detected on auth error (v...
• 4b18c6f Introduce internal isWorkerNotFoundError utility and avoid worker-not-found...
• ed8aaef fix(wrangler): close FileHandle in to support Node 25 (#11491)
• c78d942 V3 backport of #11467: prevent SQLite users error from being reported to Sent...
• cc29ead fix: respect TypeScript path aliases when resolving non-JS modules with modul...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for wrangler since your current version.

Updates @modelcontextprotocol/sdk from 1.10.1 to 1.26.0

Release notes

Sourced from @​modelcontextprotocol/sdk's releases.

v1.26.0

Addresses "Sharing server/transport instances can leak cross-client response data" in this GHSA GHSA-345p-7cg4-v4c7

What's Changed

• chore: bump v1.25.3 for backport fixes by @​pcarleton in modelcontextprotocol/typescript-sdk#1412
• fix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by @​samuv in modelcontextprotocol/typescript-sdk#1382
• Fix #1430: Client Credentials providers scopes support (backported) by @​NSeydoux in modelcontextprotocol/typescript-sdk#1442
• chore: bump version to 1.26.0 by @​pcarleton in modelcontextprotocol/typescript-sdk#1479

New Contributors

• @​samuv made their first contribution in modelcontextprotocol/typescript-sdk#1382
• @​NSeydoux made their first contribution in modelcontextprotocol/typescript-sdk#1442

Full Changelog: modelcontextprotocol/typescript-sdk@v1.25.3...v1.26.0Description has been truncated

[dependabot]

Superseded by #6.