chore(deps-dev): bump @ai-sdk/openai from 2.0.20 to 3.0.50#782
chore(deps-dev): bump @ai-sdk/openai from 2.0.20 to 3.0.50#782dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
dependabot
Bot
added
dependencies
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
| @@ -33,7 +33,7 @@ | |||
| }, | |||
| "devDependencies": { | |||
There was a problem hiding this comment.
🔴 This PR bumps @ai-sdk/openai from 2.x to 3.x, but the companion ai package remains at ^5 — these are incompatible: @ai-sdk/openai@3.0.50 depends on @ai-sdk/provider@3.0.8 and @ai-sdk/provider-utils@4.0.22, while ai@5.0.52 depends on @ai-sdk/provider@2.0.0 and @ai-sdk/provider-utils@3.0.9. All e2e tests in vercel-ai-sdk.e2e.test.ts that pass an openai() model to generateText/streamText/generateObject/streamObject/embed will fail at runtime due to the incompatible LanguageModel protocol across these major versions. Fix by also bumping ai to ^6 or ^7 (the versions @ai-sdk/openai@3.x was designed for, as shown in the PR release notes listing ai@7.0.0-beta.77/78), or revert @ai-sdk/openai to ^2.
Extended reasoning...
Root cause
This Dependabot PR bumps @ai-sdk/openai from 2.0.20 to 3.0.50 in devDependencies, but leaves ai pinned at ^5 (resolving to ai@5.0.52). These two packages share a common provider interface contract, and the versions are incompatible:
@ai-sdk/openai@3.0.50depends on@ai-sdk/provider@3.0.8and@ai-sdk/provider-utils@4.0.22ai@5.0.52depends on@ai-sdk/provider@2.0.0and@ai-sdk/provider-utils@3.0.9
The pnpm lockfile confirms both major versions are installed side-by-side (not deduplicated), since they have different major versions and are not peer-resolved.
Incompatible interface versions
The @ai-sdk/provider package defines the LanguageModel protocol (the interface that generateText(), streamText(), generateObject(), and streamObject() call into). A major version bump from 2.x to 3.x indicates breaking interface changes. The addition of @standard-schema/spec@1.1.0 as a new required dependency in @ai-sdk/provider-utils@4.0.22 (absent from 3.x) specifically indicates breaking changes in schema handling — directly affecting generateObject, streamObject, and tool definitions.
Code path that triggers it
In tests/e2e/vercel-ai-sdk.e2e.test.ts, the tests do:
import { openai } from @ai-sdk/openai; // from @ai-sdk/openai@3.x → implements provider@3.x interface
import { generateText, streamText, ... } from ai; // from ai@5.x → expects provider@2.x interface
const result = await generateText({
model: openai(gpt-4o-mini), // LanguageModel from provider@3.x passed where provider@2.x expected
...
});At runtime, generateText() (from ai@5.x) will call methods on the model object using the LanguageModelV1 interface defined in @ai-sdk/provider@2.x. If @ai-sdk/openai@3.x exposes a LanguageModelV2 (or otherwise changed specificationVersion / doGenerate / doStream / doEmbed signatures), the call will fail.
Confirmation from release notes
The PR's own release notes show that @ai-sdk/openai@3.x was released alongside ai@7.0.0-beta.77 and ai@7.0.0-beta.78 — meaning it was designed for ai@6.x or ai@7.x, not ai@5.x. @ai-sdk/anthropic was intentionally NOT bumped and stays at ^2, compatible with ai@5.x, highlighting this as an accidental mismatch.
Step-by-step proof
pnpm installresolves@ai-sdk/openaito3.0.50, which hard-depends on@ai-sdk/provider@3.0.8ai@5.0.52hard-depends on@ai-sdk/provider@2.0.0— these cannot deduplicate across a major version boundary- Both are installed:
node_modules/@ai-sdk/openai/node_modules/@ai-sdk/provideris v3.x;node_modules/ai/node_modules/@ai-sdk/provideris v2.x - Test calls
openai("gpt-4o-mini")→ returns an object implementingLanguageModelfromprovider@3.x - That object is passed to
generateText({ model: ... })fromai@5.x, which checksmodel.specificationVersionor callsmodel.doGenerate()per theprovider@2.xAPI contract - If the method signatures changed across the major version bump (as expected), the call throws or returns malformed results
Fix
Either:
- Bump
aifrom^5to^6or^7alongside this PR (matching what@ai-sdk/openai@3.xwas designed for) - Or revert
@ai-sdk/openaito^2and wait for a coordinated upgrade
Bumps [@ai-sdk/openai](https://github.com/vercel/ai) from 2.0.20 to 3.0.50. - [Release notes](https://github.com/vercel/ai/releases) - [Changelog](https://github.com/vercel/ai/blob/main/CHANGELOG.md) - [Commits](https://github.com/vercel/ai/compare/@ai-sdk/openai@2.0.20...@ai-sdk/openai@3.0.50) --- updated-dependencies: - dependency-name: "@ai-sdk/openai" dependency-version: 3.0.50 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/ai-sdk/openai-3.0.50
branch
from
7ae7261 to
fb2853e
Compare
|
Superseded by #786. |
Bumps @ai-sdk/openai from 2.0.20 to 3.0.50.
Release notes
Sourced from
@ai-sdk/openai's releases.... (truncated)
Commits
8aefbbbVersion Packages (#14078)0469aedBackport: fix: allow inline data URLs in download validation (#13624)15bfbd2Backport: chore(provider/gateway): update gateway model settings files v6 (#1...fd6120bVersion Packages (#14059)94aed06fix(anthropic): allow both temperature and topP for non-Anthropic models (#14...2122d7aBackport: fix(langchain): emit reasoning-end before finish-step on LangGraph ...1e0f58eVersion Packages (#14042)85e476dBackport: feat (provider/gateway): add disallowPromptTraining provider option...39c6a0eVersion Packages (#14026)df099b9Backport: feat(bedrock): add support for service tier for model inference (#1...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Disclaimer: Experimental PR review
Greptile Summary
This PR bumps
@ai-sdk/openaifrom2.0.20to3.0.50(a major version bump) as a devDependency used exclusively in E2E tests. The lockfile update also pulls in new major versions of@ai-sdk/provider(2→3) and@ai-sdk/provider-utils(3→4), and adds the new transitive dependency@standard-schema/spec@1.1.0.Confidence Score: 5/5
Safe to merge — devDependency-only bump used exclusively in E2E tests, with no production code affected.
All changes are confined to a devDependency (
@ai-sdk/openai) and its lockfile entries. The E2E test file uses only stable, standard patterns (openai(),openai.embedding()) that are unchanged across the v2→v3 boundary. No P0 or P1 findings; no production code is touched.No files require special attention.
Important Files Changed
@ai-sdk/openaidevDependency specifier from^2to^3; no production dependencies changed.@ai-sdk/openai@3.0.50, bringing in@ai-sdk/provider@3.0.8,@ai-sdk/provider-utils@4.0.22, and the new transitive dep@standard-schema/spec@1.1.0.Flowchart
%%{init: {'theme': 'neutral'}}%% flowchart TD A["E2E Tests\n(vercel-ai-sdk.e2e.test.ts)"] --> B["@ai-sdk/openai@3.0.50\n(devDependency)"] B --> C["@ai-sdk/provider@3.0.8"] B --> D["@ai-sdk/provider-utils@4.0.22"] D --> E["@standard-schema/spec@1.1.0\n(new transitive dep)"] D --> F["eventsource-parser@3.0.6"] G["@ai-sdk/anthropic@2.0.6\n(unchanged)"] --> H["@ai-sdk/provider@2.0.0"] G --> I["@ai-sdk/provider-utils@3.0.9"] style B fill:#f9c74f style C fill:#f9c74f style D fill:#f9c74f style E fill:#90be6dReviews (1): Last reviewed commit: "chore(deps-dev): bump @ai-sdk/openai fro..." | Re-trigger Greptile