chore(deps): bump the npm_and_yarn group across 2 directories with 4 updates

[dependabot]

Bumps the npm_and_yarn group with 3 updates in the / directory: agents, drizzle-orm and wrangler.
Bumps the npm_and_yarn group with 1 update in the /debug-tools/presentation-tester directory: vite.

Updates agents from 0.2.35 to 0.10.0

Release notes

Sourced from agents's releases.

agents@0.10.0

Minor Changes

• #1256 dfab937 Thanks @​threepointone! - Add durable fiber execution to the Agent base class.

  runFiber(name, fn) registers work in SQLite, holds a keepAlive ref, and enables recovery via onFiberRecovered after DO eviction. ctx.stash() and this.stash() checkpoint progress that survives eviction.

  AIChatAgent gains unstable_chatRecovery — when enabled, each chat turn is wrapped in a fiber. onChatRecovery provides provider-specific recovery (Workers AI continuation, OpenAI response retrieval, Anthropic synthetic message). continueLastTurn() appends to the interrupted assistant message seamlessly.

  Think now extends Agent directly (no mixin). Fiber support is inherited from the base class.

  Breaking (experimental APIs only):

  • Removed withFibers mixin (agents/experimental/forever)
  • Removed withDurableChat mixin (@cloudflare/ai-chat/experimental/forever)
  • Removed ./experimental/forever export from both packages
  • Think no longer has a fibers flag — recovery is automatic via alarm housekeeping

Patch Changes

• #1259 1933eb4 Thanks @​threepointone! - Run fiber recovery eagerly in onStart() instead of deferring to the next alarm. Interrupted fibers are now detected immediately on the first request after DO wake, with the alarm path as a fallback. A re-entrancy guard prevents double recovery.

• #1263 e3ceb82 Thanks @​threepointone! - Fix routeAgentEmail() keeping the target DO non-hibernatable for ~100-120s after onEmail() returns. Replaces bare closure RPC targets with a single RpcTarget bridge (EmailBridge) that has explicit Symbol.dispose lifecycle, allowing the runtime to tear down the bidirectional RPC session promptly instead of tying it to the caller's execution context lifetime.

• c5ca556 Thanks @​threepointone! - Cap vite peer dependency at >=6.0.0 <9.0.0 to avoid silently accepting untested future major versions.

• #1271 0cc2dae Thanks @​threepointone! - Add optional MCPServerFilter parameter to getAITools(), listTools(), listPrompts(), listResources(), and listResourceTemplates() for scoping results to specific MCP servers by ID, name, or connection state.

• #1267 d1ee61a Thanks @​dmmulroy! - Fix MCP streamable HTTP client session lifecycle so closing connections explicitly terminates active sessions and persists session IDs across reconnects/restores.

• #1270 87b4512 Thanks @​threepointone! - Wire Session into Think as the storage layer, achieving full feature parity with AIChatAgent plus Session-backed advantages.

  Think (@cloudflare/think):

  • Session integration: this.messages backed by session.getHistory(), tree-structured messages, context blocks, compaction, FTS5 search
  • configureSession() override for context blocks, compaction, search, skills (sync or async)
  • assembleContext() returns { system, messages } with context block composition
  • onChatResponse() lifecycle hook fires from all turn paths
  • Non-destructive regeneration via trigger: "regenerate-message" with Session branching
  • saveMessages() for programmatic turn entry (scheduled responses, webhooks, proactive agents)
  • continueLastTurn() for extending the last assistant response
  • Custom body persistence across hibernation
  • sanitizeMessageForPersistence() hook for PII redaction
  • messageConcurrency strategies (queue/latest/merge/drop/debounce)
  • resetTurnState() extracted as protected method
  • unstable_chatRecovery with runFiber wrapping on all 4 turn paths
  • onChatRecovery() hook with ChatRecoveryContext
  • hasPendingInteraction() / waitUntilStable() for quiescence detection
  • Re-export Session from @cloudflare/think
  • Constructor wraps onStart — subclasses never need super.onStart()

... (truncated)

Changelog

Sourced from agents's changelog.

0.10.0

Minor Changes

• #1256 dfab937 Thanks @​threepointone! - Add durable fiber execution to the Agent base class.

  runFiber(name, fn) registers work in SQLite, holds a keepAlive ref, and enables recovery via onFiberRecovered after DO eviction. ctx.stash() and this.stash() checkpoint progress that survives eviction.

  AIChatAgent gains unstable_chatRecovery — when enabled, each chat turn is wrapped in a fiber. onChatRecovery provides provider-specific recovery (Workers AI continuation, OpenAI response retrieval, Anthropic synthetic message). continueLastTurn() appends to the interrupted assistant message seamlessly.

  Think now extends Agent directly (no mixin). Fiber support is inherited from the base class.

  Breaking (experimental APIs only):

  • Removed withFibers mixin (agents/experimental/forever)
  • Removed withDurableChat mixin (@cloudflare/ai-chat/experimental/forever)
  • Removed ./experimental/forever export from both packages
  • Think no longer has a fibers flag — recovery is automatic via alarm housekeeping

Patch Changes

• #1259 1933eb4 Thanks @​threepointone! - Run fiber recovery eagerly in onStart() instead of deferring to the next alarm. Interrupted fibers are now detected immediately on the first request after DO wake, with the alarm path as a fallback. A re-entrancy guard prevents double recovery.

• #1263 e3ceb82 Thanks @​threepointone! - Fix routeAgentEmail() keeping the target DO non-hibernatable for ~100-120s after onEmail() returns. Replaces bare closure RPC targets with a single RpcTarget bridge (EmailBridge) that has explicit Symbol.dispose lifecycle, allowing the runtime to tear down the bidirectional RPC session promptly instead of tying it to the caller's execution context lifetime.

• c5ca556 Thanks @​threepointone! - Cap vite peer dependency at >=6.0.0 <9.0.0 to avoid silently accepting untested future major versions.

• #1271 0cc2dae Thanks @​threepointone! - Add optional MCPServerFilter parameter to getAITools(), listTools(), listPrompts(), listResources(), and listResourceTemplates() for scoping results to specific MCP servers by ID, name, or connection state.

• #1267 d1ee61a Thanks @​dmmulroy! - Fix MCP streamable HTTP client session lifecycle so closing connections explicitly terminates active sessions and persists session IDs across reconnects/restores.

• #1270 87b4512 Thanks @​threepointone! - Wire Session into Think as the storage layer, achieving full feature parity with AIChatAgent plus Session-backed advantages.

  Think (@cloudflare/think):

  • Session integration: this.messages backed by session.getHistory(), tree-structured messages, context blocks, compaction, FTS5 search
  • configureSession() override for context blocks, compaction, search, skills (sync or async)
  • assembleContext() returns { system, messages } with context block composition
  • onChatResponse() lifecycle hook fires from all turn paths
  • Non-destructive regeneration via trigger: "regenerate-message" with Session branching
  • saveMessages() for programmatic turn entry (scheduled responses, webhooks, proactive agents)
  • continueLastTurn() for extending the last assistant response
  • Custom body persistence across hibernation
  • sanitizeMessageForPersistence() hook for PII redaction
  • messageConcurrency strategies (queue/latest/merge/drop/debounce)
  • resetTurnState() extracted as protected method
  • unstable_chatRecovery with runFiber wrapping on all 4 turn paths
  • onChatRecovery() hook with ChatRecoveryContext
  • hasPendingInteraction() / waitUntilStable() for quiescence detection
  • Re-export Session from @cloudflare/think

... (truncated)

Commits

• b035ff1 Version Packages (#1258)
• 0cc2dae feat: add MCPServerFilter to scope getAITools and list methods (#1271)
• c5ca556 Update deps and fix peer dependency ranges
• e3ceb82 fix: use RpcTarget bridge for email callbacks to fix DO hibernation (#1263)
• 87b4512 feat(think): Session integration + full AIChatAgent parity (Phases 1-5) (#1270)
• d1ee61a fix(mcp): streamable-http client session lifecycle — explicit termination, se...
• 8a3a84e feat: inference buffer — durable response buffer for long-running inference c...
• 1933eb4 Eager fiber recovery on wake (onStart) (#1259)
• dfab937 Unified fiber architecture: durable execution baked into Agent (#1256)
• 8db4ef1 Add stream recovery and continuation to withDurableChat mixin (#1254)
• Additional commits viewable in compare view

Updates drizzle-orm from 0.44.7 to 0.45.2

Release notes

Sourced from drizzle-orm's releases.

0.45.2

• Fixed sql.identifier(), sql.as() escaping issues. Previously all the values passed to this functions were not properly escaped causing a possible SQL Injection (CWE-89) vulnerability

Thanks to @​EthanKim88, @​0x90sh and @​wgoodall01 for reaching out to us with a reproduction and suggested fix

0.45.1

• Fixed pg-native Pool detection in node-postgres transactions breaking in environments with forbidden require() (#5107)

0.45.0

• Fixed pg-native Pool detection in node-postgres transactions
• Allowed subqueries in select fields
• Updated typo algorythm => algorithm
• Fixed $onUpdate not handling SQL values (fixes #2388, tests implemented by L-Mario564 in #2911)
• Fixed pg mappers not handling Date instances in bun-sql:postgresql driver responses for date, timestamp types (fixes #4493)

Commits

• 273c780 + 0.45.2 (#5534)
• 4aa6ecf Kit updates (#5490)
• e8e6edf feat(drizzle-kit): support d1 via binding (#5302)
• a086f59 Fixed pg-native Pool detection in node-postgres transactions breaking in envi...
• c445637 Merge pull request #5095 from drizzle-team/main-workflows
• e7b3aaa Merge branch 'main' into main-workflows
• 0d885a5 refactor: Update condition for run-feature job to improve clarity and functio...
• 45a1ffb Merge pull request #5087 from drizzle-team/main-workflows
• 6357645 chore: Comment out NEON_HTTP_CONNECTION_STRING requirement in release workflows
• 53dec98 refactor: Simplify release router workflow by removing unnecessary switch job...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for drizzle-orm since your current version.

Updates wrangler from 4.50.0 to 4.59.1

Commits

• 37a8607 Version Packages (#11890)
• 99b1f32 fix: execute git commands in pages deploy safely (#11889)
• e98c95a Version Packages (#11836)
• ad65efa Add --check flag to wrangler types (#11852)
• beb96af feat(unenv-preset): add support for native node:sqlite module (#11841)
• b0e54b2 [wrangler] Add AI agent detection to analytics events (#11820)
• 2203af4 Add Node.js 24 and 25 compatibility to the test suites for Miniflare, Wrangle...
• b6148ed chore(deps): bump the workerd-and-workers-types group with 2 updates (#11872)
• 0eb973d Do not warn user when using a redirected config that came from a config with ...
• 0f8d69d containers: users can set multiple tiers for constraints (#11755)
• Additional commits viewable in compare view

Updates vite from 5.4.21 to 8.0.8

Release notes

Sourced from vite's releases.

v8.0.8

Please refer to CHANGELOG.md for details.

v8.0.7

Please refer to CHANGELOG.md for details.

v8.0.6

Please refer to CHANGELOG.md for details.

v8.0.5

Please refer to CHANGELOG.md for details.

v8.0.4

Please refer to CHANGELOG.md for details.

create-vite@8.0.3

Please refer to CHANGELOG.md for details.

v8.0.3

Please refer to CHANGELOG.md for details.

create-vite@8.0.2

Please refer to CHANGELOG.md for details.

v8.0.2

Please refer to CHANGELOG.md for details.

create-vite@8.0.1

Please refer to CHANGELOG.md for details.

v8.0.1

Please refer to CHANGELOG.md for details.

plugin-legacy@8.0.1

Please refer to CHANGELOG.md for details.

create-vite@8.0.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.0.0

Please refer to CHANGELOG.md for details.

v8.0.0

Please refer to CHANGELOG.md for details.

v8.0.0-beta.18

Please refer to CHANGELOG.md for details.

v8.0.0-beta.17

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

8.0.8 (2026-04-09)

Features

• update rolldown to 1.0.0-rc.15 (#22201) (6baf587)

Bug Fixes

• avoid dns.getDefaultResultOrder temporary (#22202) (15f1c15)
• ssr: class property keys hoisting matching imports (#22199) (e137601)

8.0.7 (2026-04-07)

Bug Fixes

• use sync dns.getDefaultResultOrder instead of dns.promises (#22185) (5c05b04)

8.0.6 (2026-04-07)

Features

• update rolldown to 1.0.0-rc.13 (#22097) (51d3e48)

Bug Fixes

• css: avoid mutating sass error multiple times (#22115) (d5081c2)
• optimize-deps: hoist CJS interop assignment (#22156) (17a8f9e)

Performance Improvements

• early return in getLocalhostAddressIfDiffersFromDNS when DNS order is verbatim (#22151) (56ec256)

Miscellaneous Chores

• create-vite: remove unnecessary DOM.Iterable (#22168) (bdc53ab)
• replace remaining prettier script (#22179) (af71fb2)

8.0.5 (2026-04-06)

Bug Fixes

• apply server.fs check to env transport (#22159) (f02d9fd)
• avoid path traversal with optimize deps sourcemap handler (#22161) (79f002f)
• check server.fs after stripping query as well (#22160) (a9a3df2)
• disallow referencing files outside the package from sourcemap (#22158) (f05f501)

8.0.4 (2026-04-06)

Features

• allow esbuild 0.28 as peer deps (#22155) (b0da973)
• hmr: truncate list of files on hmr update (#21535) (d00e806)
• optimizer: log when dependency scanning or bundling takes over 1s (#21797) (f61a1ab)

Bug Fixes

... (truncated)

Commits

• 6e585dc release: v8.0.8
• e137601 fix(ssr): class property keys hoisting matching imports (#22199)
• 15f1c15 fix: avoid dns.getDefaultResultOrder temporary (#22202)
• 6baf587 feat: update rolldown to 1.0.0-rc.15 (#22201)
• fdb2e6f release: v8.0.7
• 5c05b04 fix: use sync dns.getDefaultResultOrder instead of dns.promises (#22185)
• 7b3086f release: v8.0.6
• af71fb2 chore: replace remaining prettier script (#22179)
• 51d3e48 feat: update rolldown to 1.0.0-rc.13 (#22097)
• 17a8f9e fix(optimize-deps): hoist CJS interop assignment (#22156)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	drizzle-orm@​0.44.7 ⏵ 0.45.2	+1	+16	+1
	wrangler@​4.50.0 ⏵ 4.59.1		+16	+1	+1
	agents@​0.2.35 ⏵ 0.10.0		+4	+1	+1
	vite@​5.4.21 ⏵ 8.0.8	+14	+2	+18	+2

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Potential security risk (AI signal): npm rolldown is 66.0% likely risky Notes: No direct evidence of stealthy malware (exfiltration/backdoor/crypto-mining) is present in this JS wrapper; however, it creates significant supply-chain and execution risk by (1) potentially running pnpm to download/install a WASI binding at runtime into /tmp and requiring the result, and (2) loading native code from an environment-provided path (NAPI_RS_NATIVE_LIBRARY_PATH) without integrity/path controls. These behaviors warrant heightened scrutiny, especially in untrusted or network-enabled environments. Confidence: 0.66 Severity: 0.72 From: ? → npm/agents@0.10.0 → npm/vite@8.0.8 → npm/rolldown@1.0.0-rc.15 ℹ Read more on: This package | This alert | What are AI-detected potential security risks? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system identified potential security problems in this package. It is advised to review the package thoroughly and assess the potential risks before installation. You may also consider reporting the issue to the package maintainer or seeking alternative solutions with a stronger security posture. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/rolldown@1.0.0-rc.15. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Environment variable access: npm @ai-sdk/provider-utils Location: Package overview From: ? → npm/agents@0.10.0 → npm/@ai-sdk/provider-utils@4.0.23 ℹ Read more on: This package | This alert | What is environment variable access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should be clear about which environment variables they access, and care should be taken to ensure they only access environment variables they claim to. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@ai-sdk/provider-utils@4.0.23. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Environment variable access: npm ai reads NODE_ENV Env Vars: NODE_ENV Location: Package overview From: ? → npm/agents@0.10.0 → npm/ai@6.0.154 ℹ Read more on: This package | This alert | What is environment variable access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should be clear about which environment variables they access, and care should be taken to ensure they only access environment variables they claim to. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/ai@6.0.154. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report