UNPKG

@ai-sdk/provider-utils

Version:
1,709 lines (1,042 loc) 60.1 kB
# @ai-sdk/provider-utils ## 5.0.7 ### Patch Changes - Updated dependencies [0f93c57] - @ai-sdk/provider@4.0.3 ## 5.0.6 ### Patch Changes - ac306ed: Fix `StreamingToolCallTracker` finalizing streaming tool calls on parsable partial JSON. Tool calls now only finalize during stream flush, restoring the behavior of #13137: a parsable argument buffer can still be the prefix of a longer argument string, so finalizing early could act on truncated tool inputs. ## 5.0.5 ### Patch Changes - 5c5c0f5: Add experimental streaming transcription support for transcription models, including OpenAI `gpt-realtime-whisper` and xAI WebSocket STT. - Updated dependencies [5c5c0f5] - @ai-sdk/provider@4.0.2 ## 5.0.4 ### Patch Changes - c6f5e62: Prevent prototype pollution when synchronously parsing provider JSON inputs and expose `secureJsonParse` from provider-utils. ## 5.0.3 ### Patch Changes - 8c616f0: feat(mcp): add maxRetries option for failed mcp tool calls ## 5.0.2 ### Patch Changes - Updated dependencies [0274f34] - @ai-sdk/provider@4.0.1 ## 5.0.1 ### Patch Changes - 6a436e3: Limit JSON response body reads in response handlers to prevent unbounded memory use. ## 5.0.0 ### Major Changes - 986c6fd: feat(ai): change type of experimental_context from unknown to generic - b0c2869: chore(ai): remove deprecated `media` type part from `ToolResultOutput` - f7d4f01: feat(provider): add support for `reasoning-file` type for files that are part of reasoning - 776b617: feat(provider): adding new 'custom' content type - ef992f8: Remove CommonJS exports from all packages. All packages are now ESM-only (`"type": "module"`). Consumers using `require()` must switch to ESM `import` syntax. - 493295c: Remove the deprecated `ToolCallOptions` export. Use `ToolExecutionOptions` instead. - c29a26f: feat(provider): add support for provider references and uploading files as supported per provider - 3887c70: feat(provider): add new top-level reasoning parameter to spec and support it in `generateText` and `streamText` - 61753c3: ### `@ai-sdk/openai`: remove redundant `name` argument from `openai.tools.customTool()` `openai.tools.customTool()` no longer accepts a `name` field. the tool name is now derived from the sdk tool key (the object key in the `tools` object). migration: remove the `name` property from `customTool()` calls. the object key is now used as the tool name sent to the openai api. before: ```ts tools: { write_sql: openai.tools.customTool({ name: 'write_sql', description: '...', }), } ``` after: ```ts tools: { write_sql: openai.tools.customTool({ description: '...', }), } ``` ### `@ai-sdk/provider-utils`: `createToolNameMapping()` no longer accepts the `resolveProviderToolName` parameter before: tool name can be set dynamically ```ts const toolNameMapping = createToolNameMapping({ tools, providerToolNames: { "openai.code_interpreter": "code_interpreter", "openai.file_search": "file_search", "openai.image_generation": "image_generation", "openai.local_shell": "local_shell", "openai.shell": "shell", "openai.web_search": "web_search", "openai.web_search_preview": "web_search_preview", "openai.mcp": "mcp", "openai.apply_patch": "apply_patch", }, resolveProviderToolName: (tool) => tool.id === "openai.custom" ? (tool.args as { name?: string }).name : undefined, }); ``` after: tool name is static based on `tools` keys ``` const toolNameMapping = createToolNameMapping({ tools, providerToolNames: { 'openai.code_interpreter': 'code_interpreter', 'openai.file_search': 'file_search', 'openai.image_generation': 'image_generation', 'openai.local_shell': 'local_shell', 'openai.shell': 'shell', 'openai.web_search': 'web_search', 'openai.web_search_preview': 'web_search_preview', 'openai.mcp': 'mcp', 'openai.apply_patch': 'apply_patch', } }); ``` - 7e26e81: chore: rename experimental_context to context - 8359612: Start v7 pre-release - 5463d0d: feat(provider): align tool result output content file part types with top-level message file part types ### Patch Changes - 2427d88: feat(ai): change Tool.sensitiveContext to telemetry.includeToolsContext and make it opt-in - 785fe16: feat: distinguish provider-defined and provider-executed tools - ee798eb: chore(provider-utils): rename `Experimental_Sandbox` to `Experimental_SandboxSession` - 531251e: fix(security): validate redirect targets in download functions to prevent SSRF bypass Both `downloadBlob` and `download` now validate the final URL after following HTTP redirects, preventing attackers from bypassing SSRF protections via open redirects to internal/private addresses. - 67df0a0: feat: add sensitiveContext property to Tool - 105f95b: Ensure the default empty tool input schema includes `type: "object"` for OpenAI-compatible providers that require object schemas. - eea8d98: refactoring: rename tool execution events - d848405: feat: add optional `abortSignal` parameters to sandbox command execution - 46d1149: chore(provider-utils,google): fix grammar errors in error and warning messages - 1f509d4: fix(ai): force template check on 'kind' param - ca446f8: feat: flexible tool descriptions - 3ae1786: fix: better context type inference - a7de9c9: fix: make sandbox experimental - 9f0e36c: trigger release for all packages after provenance setup - befb78c: refactoring: remove real-time delays in unit tests - f634bac: feat(mcp): add new McpProviderMetadata type - 2e17091: fix(types): move shared tool set utility types into provider-utils Moved `ToolSet`, `InferToolSetContext`, and `UnionToIntersection` into `@ai-sdk/provider-utils` and updated `ai` internals to import them directly from there. This keeps the shared tool typing utilities colocated with the core tool type definitions. - ca39020: Add an optional `workingDirectory` parameter to sandbox command execution. - 0458559: fix: deprecate needsApproval on Tool - 5852c0a: refactoring(provider-utils): add controller as property to StreamingToolCallTracker - 2e98477: fix: retain stack traces on async errors - add1126: refactoring: executeTool uses tool as parameter - aeda373: fix: only send provider credentials to same-origin response-supplied URLs Several provider clients followed a URL taken from the provider's API response (a polling/status URL or a final media URL such as `polling_url`, `urls.get`, `result_url`, `result.sample`, or `video.uri`) and reused the authenticated headers — or appended `?key=<API_KEY>` — on that request. Because the host of the response-supplied URL was never validated, the long-lived API key was sent to whatever host the response named (a CDN in the benign case, or an attacker-chosen host if the provider response was tampered with), allowing credential exfiltration. A new `isSameOrigin` helper is added to `@ai-sdk/provider-utils`, and the affected fetches in `@ai-sdk/black-forest-labs`, `@ai-sdk/fireworks`, `@ai-sdk/replicate`, `@ai-sdk/gladia`, `@ai-sdk/fal`, and `@ai-sdk/google` now attach credentials only when the followed URL is same-origin with the provider's configured API origin. Requests to a foreign origin are made without the credential. - 350ea38: refactoring: introduce Arrayable type - 7fc6bd6: Raise minimum supported Node.js version to 22. Supported versions: 22, 24, and 26. - f807e45: Extract shared `StreamingToolCallTracker` class into `@ai-sdk/provider-utils` to deduplicate streaming tool call handling across OpenAI-compatible providers. Also adds missing `generateId()` fallback for `toolCallId` in Alibaba's `doGenerate` path and ensures all providers finalize unfinished tool calls during stream flush. - 08d2129: feat(mcp): propagate the server name through dynamic tool parts - 0c4c275: trigger initial canary release - 6fd51c0: fix(provider): preserve error type prefix in getErrorMessage - 69254e0: feat(ai): add toolMetadata for tool specific metdata - 6c93e36: feat(provider-utils): add `spawnCommand` method to `Experimental_Sandbox` to allow for detached command execution - 9bd6512: feat(provider): change file part data property to be tagged with a type and remove the image part type - 258c093: chore: ensure consistent import handling and avoid import duplicates or cycles - 375fdd7: fix: harden download URL SSRF guard against hostname and redirect bypasses `validateDownloadUrl` and the file download helpers (`downloadBlob`, `download`) could be bypassed in several ways when handling untrusted URLs: - A fully-qualified hostname with a trailing dot (e.g. `localhost.`, `myhost.local.`) skipped the localhost/`.local` blocklist. - IPv6 addresses that embed an IPv4 address in their last 32 bits — IPv4-compatible (`::127.0.0.1`), IPv4-translated (`::ffff:0:127.0.0.1`), and NAT64 (`64:ff9b::127.0.0.1`, including the `64:ff9b:1::/48` local-use prefix) — were not decoded and checked against the private IPv4 ranges. - Redirects were validated only _after_ `fetch` had already followed them, so the request to a redirect target (e.g. an internal/metadata address) had already been issued before the check ran. - Several reserved/internal address ranges were not blocked: CGNAT (`100.64.0.0/10`, used by some cloud providers for internal traffic), benchmarking (`198.18.0.0/15`), IETF protocol assignments (`192.0.0.0/24`), the reserved `240.0.0.0/4` block (including the `255.255.255.255` broadcast address), and IPv6 site-local (`fec0::/10`) and multicast (`ff00::/8`). The validator now strips trailing dots before the hostname checks and fully expands IPv6 addresses to detect embedded private IPv4 targets. The download helpers now follow redirects manually (`redirect: 'manual'`), re-validating each hop before requesting it, so an unsafe redirect target is never fetched. When a redirect cannot be inspected because the runtime returns an opaque response, the helpers fail closed (reject the redirect) on the server; only in a real browser — where SSRF is not reachable (fetch is constrained by CORS and cannot reach a server's internal network or cloud-metadata endpoints) — is the redirect followed natively so legitimate redirected downloads keep working. - b6783da: refactoring: restructure Tool types - 3015fc3: feat: sandbox shell execution abstraction - b8396f0: trigger initial beta release - daf6637: feat(provider-utils): add `env` option to `spawn` and `run` methods of `Experimental_SandboxSession` - a6617c5: feat(provider-utils): add `readFile` and `writeFile` plus convenience wrappers to `Experimental_Sandbox` abstraction - 28dfa06: fix: support tools with optional context - 083947b: feat(ai): separate toolsContext from context - bae5e2b: fix(security): re-validate tool approvals from client message history before execution The approval-replay path in `generateText`/`streamText` (and `WorkflowAgent.stream`) reconstructed approved tool calls from the client-supplied messages array and executed them without re-validating input against the tool's schema or re-applying the approval policy. A client could forge an assistant message with a pre-approved tool-call part and have the server execute a tool with attacker-chosen arguments. The replay path now validates HMAC signature (when `experimental_toolApprovalSecret` is configured), re-validates tool-call input against the tool's input schema, and re-resolves the approval policy before execution. - f617ac2: feat(provider-utils): narrow `tool()` return type to `ExecutableTool<...>` when `execute` is provided - 90e2d8a: chore: fix unused vars not being flagged by our lint tooling - b4507d5: fix(provider-utils): cancel response body on download rejection to prevent socket leak When a download was rejected early — because the `Content-Length` header exceeded the size limit, the response status was not ok, or a redirect resolved to a blocked URL — the fetch response body was left unconsumed and uncancelled. With WHATWG Fetch/undici this leaves the underlying TCP socket open instead of returning it to the connection pool, allowing an attacker-controlled origin to exhaust file descriptors and cause a denial of service. The body is now cancelled on all early-rejection paths in `readResponseWithSizeLimit`, `download`, and `downloadBlob`, and `fetchWithValidatedRedirects` cancels each redirect hop's body before following or rejecting the next hop. - e93fa91: rename Sandbox.executeCommand to Sandbox.runCommand - fc92055: feat(ai): automatic tool approval - b3976a2: Add workflow serialization support to all provider models. **`@ai-sdk/provider-utils`:** New `serializeModel()` helper that extracts only serializable properties from a model instance, filtering out functions and objects containing functions. Third-party provider authors can use this to add workflow support to their own models. **All providers:** `headers` is now optional in provider config types. This is non-breaking — existing code that passes `headers` continues to work. Custom provider implementations that construct model configs manually can now omit `headers`, which is useful when models are deserialized from a workflow step boundary where auth is provided separately. All provider model classes now include `WORKFLOW_SERIALIZE` and `WORKFLOW_DESERIALIZE` static methods, enabling them to cross workflow step boundaries without serialization errors. - ff5eba1: feat: roll `image-*` tool output types into their equivalent `file-*` types ## 5.0.0-beta.50 ### Patch Changes - Updated dependencies [0416e3e] - @ai-sdk/provider@4.0.0-beta.20 ## 5.0.0-beta.49 ### Patch Changes - b8396f0: trigger initial beta release - Updated dependencies [b8396f0] - @ai-sdk/provider@4.0.0-beta.19 ## 5.0.0-canary.48 ### Patch Changes - aeda373: fix: only send provider credentials to same-origin response-supplied URLs Several provider clients followed a URL taken from the provider's API response (a polling/status URL or a final media URL such as `polling_url`, `urls.get`, `result_url`, `result.sample`, or `video.uri`) and reused the authenticated headers — or appended `?key=<API_KEY>` — on that request. Because the host of the response-supplied URL was never validated, the long-lived API key was sent to whatever host the response named (a CDN in the benign case, or an attacker-chosen host if the provider response was tampered with), allowing credential exfiltration. A new `isSameOrigin` helper is added to `@ai-sdk/provider-utils`, and the affected fetches in `@ai-sdk/black-forest-labs`, `@ai-sdk/fireworks`, `@ai-sdk/replicate`, `@ai-sdk/gladia`, `@ai-sdk/fal`, and `@ai-sdk/google` now attach credentials only when the followed URL is same-origin with the provider's configured API origin. Requests to a foreign origin are made without the credential. - 375fdd7: fix: harden download URL SSRF guard against hostname and redirect bypasses `validateDownloadUrl` and the file download helpers (`downloadBlob`, `download`) could be bypassed in several ways when handling untrusted URLs: - A fully-qualified hostname with a trailing dot (e.g. `localhost.`, `myhost.local.`) skipped the localhost/`.local` blocklist. - IPv6 addresses that embed an IPv4 address in their last 32 bits — IPv4-compatible (`::127.0.0.1`), IPv4-translated (`::ffff:0:127.0.0.1`), and NAT64 (`64:ff9b::127.0.0.1`, including the `64:ff9b:1::/48` local-use prefix) — were not decoded and checked against the private IPv4 ranges. - Redirects were validated only _after_ `fetch` had already followed them, so the request to a redirect target (e.g. an internal/metadata address) had already been issued before the check ran. - Several reserved/internal address ranges were not blocked: CGNAT (`100.64.0.0/10`, used by some cloud providers for internal traffic), benchmarking (`198.18.0.0/15`), IETF protocol assignments (`192.0.0.0/24`), the reserved `240.0.0.0/4` block (including the `255.255.255.255` broadcast address), and IPv6 site-local (`fec0::/10`) and multicast (`ff00::/8`). The validator now strips trailing dots before the hostname checks and fully expands IPv6 addresses to detect embedded private IPv4 targets. The download helpers now follow redirects manually (`redirect: 'manual'`), re-validating each hop before requesting it, so an unsafe redirect target is never fetched. When a redirect cannot be inspected because the runtime returns an opaque response, the helpers fail closed (reject the redirect) on the server; only in a real browser — where SSRF is not reachable (fetch is constrained by CORS and cannot reach a server's internal network or cloud-metadata endpoints) — is the redirect followed natively so legitimate redirected downloads keep working. - b4507d5: fix(provider-utils): cancel response body on download rejection to prevent socket leak When a download was rejected early — because the `Content-Length` header exceeded the size limit, the response status was not ok, or a redirect resolved to a blocked URL — the fetch response body was left unconsumed and uncancelled. With WHATWG Fetch/undici this leaves the underlying TCP socket open instead of returning it to the connection pool, allowing an attacker-controlled origin to exhaust file descriptors and cause a denial of service. The body is now cancelled on all early-rejection paths in `readResponseWithSizeLimit`, `download`, and `downloadBlob`, and `fetchWithValidatedRedirects` cancels each redirect hop's body before following or rejecting the next hop. ## 5.0.0-canary.47 ### Patch Changes - bae5e2b: fix(security): re-validate tool approvals from client message history before execution The approval-replay path in `generateText`/`streamText` (and `WorkflowAgent.stream`) reconstructed approved tool calls from the client-supplied messages array and executed them without re-validating input against the tool's schema or re-applying the approval policy. A client could forge an assistant message with a pre-approved tool-call part and have the server execute a tool with attacker-chosen arguments. The replay path now validates HMAC signature (when `experimental_toolApprovalSecret` is configured), re-validates tool-call input against the tool's input schema, and re-resolves the approval policy before execution. ## 5.0.0-canary.46 ### Patch Changes - Updated dependencies [ce769dd] - @ai-sdk/provider@4.0.0-canary.18 ## 5.0.0-canary.45 ### Patch Changes - ee798eb: chore(provider-utils): rename `Experimental_Sandbox` to `Experimental_SandboxSession` - daf6637: feat(provider-utils): add `env` option to `spawn` and `run` methods of `Experimental_SandboxSession` ## 5.0.0-canary.44 ### Patch Changes - 6c93e36: feat(provider-utils): add `spawnCommand` method to `Experimental_Sandbox` to allow for detached command execution - f617ac2: feat(provider-utils): narrow `tool()` return type to `ExecutableTool<...>` when `execute` is provided ## 5.0.0-canary.43 ### Patch Changes - 7fc6bd6: Raise minimum supported Node.js version to 22. Supported versions: 22, 24, and 26. - Updated dependencies [7fc6bd6] - @ai-sdk/provider@4.0.0-canary.17 ## 5.0.0-canary.42 ### Patch Changes - a6617c5: feat(provider-utils): add `readFile` and `writeFile` plus convenience wrappers to `Experimental_Sandbox` abstraction ## 5.0.0-canary.41 ### Patch Changes - 28dfa06: fix: support tools with optional context - e93fa91: rename Sandbox.executeCommand to Sandbox.runCommand ## 5.0.0-canary.40 ### Patch Changes - a7de9c9: fix: make sandbox experimental ## 5.0.0-canary.39 ### Patch Changes - 105f95b: Ensure the default empty tool input schema includes `type: "object"` for OpenAI-compatible providers that require object schemas. ## 5.0.0-canary.38 ### Patch Changes - ca446f8: feat: flexible tool descriptions ## 5.0.0-canary.37 ### Patch Changes - d848405: feat: add optional `abortSignal` parameters to sandbox command execution ## 5.0.0-canary.36 ### Patch Changes - ca39020: Add an optional `workingDirectory` parameter to sandbox command execution. ## 5.0.0-canary.35 ### Patch Changes - f634bac: feat(mcp): add new McpProviderMetadata type ## 5.0.0-canary.34 ### Patch Changes - 69254e0: feat(ai): add toolMetadata for tool specific metdata - 3015fc3: feat: sandbox shell execution abstraction ## 5.0.0-canary.33 ### Patch Changes - 2427d88: feat(ai): change Tool.sensitiveContext to telemetry.includeToolsContext and make it opt-in ## 5.0.0-canary.32 ### Major Changes - 5463d0d: feat(provider): align tool result output content file part types with top-level message file part types ### Patch Changes - Updated dependencies [5463d0d] - @ai-sdk/provider@4.0.0-canary.16 ## 5.0.0-canary.31 ### Patch Changes - 0c4c275: trigger initial canary release - Updated dependencies [0c4c275] - @ai-sdk/provider@4.0.0-canary.15 ## 5.0.0-beta.30 ### Patch Changes - 08d2129: feat(mcp): propagate the server name through dynamic tool parts ## 5.0.0-beta.29 ### Patch Changes - 9bd6512: feat(provider): change file part data property to be tagged with a type and remove the image part type - 258c093: chore: ensure consistent import handling and avoid import duplicates or cycles - b6783da: refactoring: restructure Tool types - Updated dependencies [9bd6512] - Updated dependencies [258c093] - @ai-sdk/provider@4.0.0-beta.14 ## 5.0.0-beta.28 ### Patch Changes - 9f0e36c: trigger release for all packages after provenance setup - Updated dependencies [9f0e36c] - @ai-sdk/provider@4.0.0-beta.13 ## 5.0.0-beta.27 ### Patch Changes - 785fe16: feat: distinguish provider-defined and provider-executed tools - 67df0a0: feat: add sensitiveContext property to Tool - befb78c: refactoring: remove real-time delays in unit tests - 0458559: fix: deprecate needsApproval on Tool - 5852c0a: refactoring(provider-utils): add controller as property to StreamingToolCallTracker - fc92055: feat(ai): automatic tool approval ## 5.0.0-beta.26 ### Patch Changes - 2e98477: fix: retain stack traces on async errors ## 5.0.0-beta.25 ### Patch Changes - eea8d98: refactoring: rename tool execution events ## 5.0.0-beta.24 ### Patch Changes - f807e45: Extract shared `StreamingToolCallTracker` class into `@ai-sdk/provider-utils` to deduplicate streaming tool call handling across OpenAI-compatible providers. Also adds missing `generateId()` fallback for `toolCallId` in Alibaba's `doGenerate` path and ensures all providers finalize unfinished tool calls during stream flush. ## 5.0.0-beta.23 ### Patch Changes - 350ea38: refactoring: introduce Arrayable type ## 5.0.0-beta.22 ### Patch Changes - 083947b: feat(ai): separate toolsContext from context ## 5.0.0-beta.21 ### Patch Changes - add1126: refactoring: executeTool uses tool as parameter ## 5.0.0-beta.20 ### Patch Changes - b3976a2: Add workflow serialization support to all provider models. **`@ai-sdk/provider-utils`:** New `serializeModel()` helper that extracts only serializable properties from a model instance, filtering out functions and objects containing functions. Third-party provider authors can use this to add workflow support to their own models. **All providers:** `headers` is now optional in provider config types. This is non-breaking — existing code that passes `headers` continues to work. Custom provider implementations that construct model configs manually can now omit `headers`, which is useful when models are deserialized from a workflow step boundary where auth is provided separately. All provider model classes now include `WORKFLOW_SERIALIZE` and `WORKFLOW_DESERIALIZE` static methods, enabling them to cross workflow step boundaries without serialization errors. - ff5eba1: feat: roll `image-*` tool output types into their equivalent `file-*` types - Updated dependencies [ff5eba1] - @ai-sdk/provider@4.0.0-beta.12 ## 5.0.0-beta.19 ### Major Changes - ef992f8: Remove CommonJS exports from all packages. All packages are now ESM-only (`"type": "module"`). Consumers using `require()` must switch to ESM `import` syntax. ### Patch Changes - Updated dependencies [ef992f8] - @ai-sdk/provider@4.0.0-beta.11 ## 5.0.0-beta.18 ### Patch Changes - 90e2d8a: chore: fix unused vars not being flagged by our lint tooling ## 5.0.0-beta.17 ### Patch Changes - 3ae1786: fix: better context type inference ## 5.0.0-beta.16 ### Patch Changes - Updated dependencies [176466a] - @ai-sdk/provider@4.0.0-beta.10 ## 5.0.0-beta.15 ### Patch Changes - Updated dependencies [e311194] - @ai-sdk/provider@4.0.0-beta.9 ## 5.0.0-beta.14 ### Patch Changes - Updated dependencies [34bd95d] - Updated dependencies [008271d] - @ai-sdk/provider@4.0.0-beta.8 ## 5.0.0-beta.13 ### Major Changes - 7e26e81: chore: rename experimental_context to context ### Patch Changes - b0c2869: chore(ai): remove deprecated `media` type part from `ToolResultOutput` ## 5.0.0-beta.12 ### Patch Changes - 46d1149: chore(provider-utils,google): fix grammar errors in error and warning messages ## 5.0.0-beta.11 ### Patch Changes - 6fd51c0: fix(provider): preserve error type prefix in getErrorMessage - Updated dependencies [6fd51c0] - @ai-sdk/provider@4.0.0-beta.7 ## 5.0.0-beta.10 ### Patch Changes - c29a26f: feat(provider): add support for provider references and uploading files as supported per provider - Updated dependencies [c29a26f] - @ai-sdk/provider@4.0.0-beta.6 ## 5.0.0-beta.9 ### Patch Changes - 2e17091: fix(types): move shared tool set utility types into provider-utils Moved `ToolSet`, `InferToolSetContext`, and `UnionToIntersection` into `@ai-sdk/provider-utils` and updated `ai` internals to import them directly from there. This keeps the shared tool typing utilities colocated with the core tool type definitions. ## 5.0.0-beta.8 ### Major Changes - 986c6fd: feat(ai): change type of experimental_context from unknown to generic - 493295c: Remove the deprecated `ToolCallOptions` export. Use `ToolExecutionOptions` instead. ## 5.0.0-beta.7 ### Patch Changes - 1f509d4: fix(ai): force template check on 'kind' param - Updated dependencies [1f509d4] - @ai-sdk/provider@4.0.0-beta.5 ## 5.0.0-beta.6 ### Patch Changes - 3887c70: feat(provider): add new top-level reasoning parameter to spec and support it in `generateText` and `streamText` - Updated dependencies [3887c70] - @ai-sdk/provider@4.0.0-beta.4 ## 5.0.0-beta.5 ### Major Changes - 776b617: feat(provider): adding new 'custom' content type ### Patch Changes - Updated dependencies [776b617] - @ai-sdk/provider@4.0.0-beta.3 ## 5.0.0-beta.4 ### Major Changes - 61753c3: ### `@ai-sdk/openai`: remove redundant `name` argument from `openai.tools.customTool()` `openai.tools.customTool()` no longer accepts a `name` field. the tool name is now derived from the sdk tool key (the object key in the `tools` object). migration: remove the `name` property from `customTool()` calls. the object key is now used as the tool name sent to the openai api. before: ```ts tools: { write_sql: openai.tools.customTool({ name: 'write_sql', description: '...', }), } ``` after: ```ts tools: { write_sql: openai.tools.customTool({ description: '...', }), } ``` ### `@ai-sdk/provider-utils`: `createToolNameMapping()` no longer accepts the `resolveProviderToolName` parameter before: tool name can be set dynamically ```ts const toolNameMapping = createToolNameMapping({ tools, providerToolNames: { "openai.code_interpreter": "code_interpreter", "openai.file_search": "file_search", "openai.image_generation": "image_generation", "openai.local_shell": "local_shell", "openai.shell": "shell", "openai.web_search": "web_search", "openai.web_search_preview": "web_search_preview", "openai.mcp": "mcp", "openai.apply_patch": "apply_patch", }, resolveProviderToolName: (tool) => tool.id === "openai.custom" ? (tool.args as { name?: string }).name : undefined, }); ``` after: tool name is static based on `tools` keys ``` const toolNameMapping = createToolNameMapping({ tools, providerToolNames: { 'openai.code_interpreter': 'code_interpreter', 'openai.file_search': 'file_search', 'openai.image_generation': 'image_generation', 'openai.local_shell': 'local_shell', 'openai.shell': 'shell', 'openai.web_search': 'web_search', 'openai.web_search_preview': 'web_search_preview', 'openai.mcp': 'mcp', 'openai.apply_patch': 'apply_patch', } }); ``` ## 5.0.0-beta.3 ### Patch Changes - f7d4f01: feat(provider): add support for `reasoning-file` type for files that are part of reasoning - Updated dependencies [f7d4f01] - @ai-sdk/provider@4.0.0-beta.2 ## 5.0.0-beta.2 ### Patch Changes - Updated dependencies [5c2a5a2] - @ai-sdk/provider@4.0.0-beta.1 ## 5.0.0-beta.1 ### Patch Changes - 531251e: fix(security): validate redirect targets in download functions to prevent SSRF bypass Both `downloadBlob` and `download` now validate the final URL after following HTTP redirects, preventing attackers from bypassing SSRF protections via open redirects to internal/private addresses. ## 5.0.0-beta.0 ### Major Changes - 8359612: Start v7 pre-release ### Patch Changes - Updated dependencies [8359612] - @ai-sdk/provider@4.0.0-beta.0 ## 4.0.19 ### Patch Changes - ad4cfc2: Add URL validation to `downloadBlob` and `download` to prevent blind SSRF attacks. Private/internal IP addresses, localhost, and non-HTTP protocols are now rejected before fetching. ## 4.0.18 ### Patch Changes - 824b295: fix(provider-utils): prevent unicode escape bypass in secureJsonParse ## 4.0.17 ### Patch Changes - 08336f1: fix(bedrock): strip file extensions from filename ## 4.0.16 ### Patch Changes - 58bc42d: feat(provider/openai): support custom tools with alias mapping ## 4.0.15 ### Patch Changes - 4024a3a: security: prevent unbounded memory growth in download functions The `download()` and `downloadBlob()` functions now enforce a default 2 GiB size limit when downloading from user-provided URLs. Downloads that exceed this limit are aborted with a `DownloadError` instead of consuming unbounded memory and crashing the process. The `abortSignal` parameter is now passed through to `fetch()` in all download call sites. Added `download` option to `transcribe()` and `experimental_generateVideo()` for providing a custom download function. Use the new `createDownload({ maxBytes })` factory to configure download size limits. ## 4.0.14 ### Patch Changes - Updated dependencies [7168375] - @ai-sdk/provider@3.0.8 ## 4.0.13 ### Patch Changes - Updated dependencies [53f6731] - @ai-sdk/provider@3.0.7 ## 4.0.12 ### Patch Changes - 96936e5: fix(provider-utils): export only types from standard-schema package ## 4.0.11 ### Patch Changes - 2810850: fix(ai): improve type validation error messages with field paths and entity identifiers - Updated dependencies [2810850] - @ai-sdk/provider@3.0.6 ## 4.0.10 ### Patch Changes - 462ad00: fix(provider-utils): recognize bun fetch errors as retryable ## 4.0.9 ### Patch Changes - 4de5a1d: chore: excluded tests from src folder in npm package - Updated dependencies [4de5a1d] - @ai-sdk/provider@3.0.5 ## 4.0.8 ### Patch Changes - Updated dependencies [5c090e7] - @ai-sdk/provider@3.0.4 ## 4.0.7 ### Patch Changes - 46f46e4: fix(provider-utils): improve tool type inference when using `inputExamples` with Zod schemas that use `.optional().default()` or `.refine()`. ## 4.0.6 ### Patch Changes - 1b11dcb: chore(ai): include sources in npm package - Updated dependencies [1b11dcb] - @ai-sdk/provider@3.0.3 ## 4.0.5 ### Patch Changes - 34d1c8a: fix(provider-utils): add additionalProperties field for standard schema function ## 4.0.4 ### Patch Changes - Updated dependencies [d937c8f] - @ai-sdk/provider@3.0.2 ## 4.0.3 ### Patch Changes - 0b429d4: fix(provider-utils): handle anyOf/allOf/oneOf and definitions in addAdditionalPropertiesToJsonSchema ## 4.0.2 ### Patch Changes - 863d34f: fix: trigger release to update `@latest` - Updated dependencies [863d34f] - @ai-sdk/provider@3.0.1 ## 4.0.1 ### Patch Changes - 29264a3: feat: add MCP tool approval ## 4.0.0 ### Major Changes - dee8b05: ai SDK 6 beta ### Minor Changes - 78928cb: release: start 5.1 beta ### Patch Changes - 0adc679: feat(provider): shared spec v3 - 50b70d6: feat(anthropic): add programmatic tool calling - dce03c4: feat: tool input examples - 3b1d015: feat(ai): Effect schema support - 95f65c2: chore: use import \* from zod/v4 - 016b111: fix(provider-utils): make ReadableStream.cancel() properly finalize async iterators - 58920e0: refactor: consolidate header normalization across packages, remove duplicates, preserve custom headers - 954c356: feat(openai): allow custom names for provider-defined tools - 544d4e8: chore(specification): rename v3 provider defined tool to provider tool - 521c537: feat(ai): Tool.needsApproval can be a function - e8109d3: feat: tool execution approval - 03849b0: move DelayedPromise into provider utils - e06565c: feat(provider-utils): add needsApproval support to provider-defined tools - 32d8dbb: fix(provider-utils): compatibility with V8 readonly execution environment - d116b4b: feat(ai): arktype support - 293a6b7: Added a title to the tools - 703459a: feat: tool execution approval for dynamic tools - 83e5744: feat: support async Tool.toModelOutput - 7e32fea: feat(ai): valibot support - 3ed5519: chore: rename ToolCallOptions to ToolExecutionOptions - 8dac895: feat: `LanguageModelV3` - cbb1d35: Update for provider-util changeset after change in PR #8588 - 9061dc0: feat: image editing - 32223c8: feat: add toolCallId arg to toModelOutput - c1efac4: feat: add input arg to toModelOutput - 4616b86: chore: update zod peer depenedency version - 4f16c37: chore(provider-utils): upgrade eventsource-parser to 3.0.6 - 81e29ab: chore: update docs - 6306603: chore: replace Validator with Schema - fca786b: feat(provider-utils): add MaybePromiseLike type - 763d04a: feat: Standard JSON Schema support - 3794514: feat: flexible tool output content support - e9e157f: fix: generate zod4 json schema from input schema - 960ec8f: chore: change argument of toModelOutput to parameter object - 1bd7d32: feat: tool-specific strict mode - f0b2157: fix: revert zod import change - 95f65c2: chore: load zod schemas lazily - Updated dependencies - @ai-sdk/provider@3.0.0 ## 4.0.0-beta.59 ### Patch Changes - Updated dependencies [475189e] - @ai-sdk/provider@3.0.0-beta.32 ## 4.0.0-beta.58 ### Patch Changes - Updated dependencies [2625a04] - @ai-sdk/provider@3.0.0-beta.31 ## 4.0.0-beta.57 ### Patch Changes - Updated dependencies [cbf52cd] - @ai-sdk/provider@3.0.0-beta.30 ## 4.0.0-beta.56 ### Patch Changes - Updated dependencies [9549c9e] - @ai-sdk/provider@3.0.0-beta.29 ## 4.0.0-beta.55 ### Patch Changes - 50b70d6: feat(anthropic): add programmatic tool calling ## 4.0.0-beta.54 ### Patch Changes - 9061dc0: feat: image editing - Updated dependencies [9061dc0] - @ai-sdk/provider@3.0.0-beta.28 ## 4.0.0-beta.53 ### Patch Changes - Updated dependencies [366f50b] - @ai-sdk/provider@3.0.0-beta.27 ## 4.0.0-beta.52 ### Patch Changes - 763d04a: feat: Standard JSON Schema support ## 4.0.0-beta.51 ### Patch Changes - c1efac4: feat: add input arg to toModelOutput ## 4.0.0-beta.50 ### Patch Changes - 32223c8: feat: add toolCallId arg to toModelOutput ## 4.0.0-beta.49 ### Patch Changes - 83e5744: feat: support async Tool.toModelOutput ## 4.0.0-beta.48 ### Patch Changes - 960ec8f: chore: change argument of toModelOutput to parameter object ## 4.0.0-beta.47 ### Patch Changes - e9e157f: fix: generate zod4 json schema from input schema ## 4.0.0-beta.46 ### Patch Changes - 81e29ab: chore: update docs ## 4.0.0-beta.45 ### Patch Changes - Updated dependencies [3bd2689] - @ai-sdk/provider@3.0.0-beta.26 ## 4.0.0-beta.44 ### Patch Changes - Updated dependencies [53f3368] - @ai-sdk/provider@3.0.0-beta.25 ## 4.0.0-beta.43 ### Patch Changes - dce03c4: feat: tool input examples - Updated dependencies [dce03c4] - @ai-sdk/provider@3.0.0-beta.24 ## 4.0.0-beta.42 ### Patch Changes - 3ed5519: chore: rename ToolCallOptions to ToolExecutionOptions ## 4.0.0-beta.41 ### Patch Changes - 1bd7d32: feat: tool-specific strict mode - Updated dependencies [1bd7d32] - @ai-sdk/provider@3.0.0-beta.23 ## 4.0.0-beta.40 ### Patch Changes - 544d4e8: chore(specification): rename v3 provider defined tool to provider tool - Updated dependencies [544d4e8] - @ai-sdk/provider@3.0.0-beta.22 ## 4.0.0-beta.39 ### Patch Changes - 954c356: feat(openai): allow custom names for provider-defined tools - Updated dependencies [954c356] - @ai-sdk/provider@3.0.0-beta.21 ## 4.0.0-beta.38 ### Patch Changes - 03849b0: move DelayedPromise into provider utils ## 4.0.0-beta.37 ### Patch Changes - Updated dependencies [457318b] - @ai-sdk/provider@3.0.0-beta.20 ## 4.0.0-beta.36 ### Patch Changes - Updated dependencies [8d9e8ad] - @ai-sdk/provider@3.0.0-beta.19 ## 4.0.0-beta.35 ### Patch Changes - Updated dependencies [10d819b] - @ai-sdk/provider@3.0.0-beta.18 ## 4.0.0-beta.34 ### Patch Changes - Updated dependencies [db913bd] - @ai-sdk/provider@3.0.0-beta.17 ## 4.0.0-beta.33 ### Patch Changes - Updated dependencies [b681d7d] - @ai-sdk/provider@3.0.0-beta.16 ## 4.0.0-beta.32 ### Patch Changes - 32d8dbb: fix(provider-utils): compatibility with V8 readonly execution environment ## 4.0.0-beta.31 ### Patch Changes - Updated dependencies [bb36798] - @ai-sdk/provider@3.0.0-beta.15 ## 4.0.0-beta.30 ### Patch Changes - 4f16c37: chore(provider-utils): upgrade eventsource-parser to 3.0.6 ## 4.0.0-beta.29 ### Patch Changes - Updated dependencies [af3780b] - @ai-sdk/provider@3.0.0-beta.14 ## 4.0.0-beta.28 ### Patch Changes - 016b111: fix(provider-utils): make ReadableStream.cancel() properly finalize async iterators ## 4.0.0-beta.27 ### Patch Changes - Updated dependencies [37c58a0] - @ai-sdk/provider@3.0.0-beta.13 ## 4.0.0-beta.26 ### Patch Changes - Updated dependencies [d1bdadb] - @ai-sdk/provider@3.0.0-beta.12 ## 4.0.0-beta.25 ### Patch Changes - Updated dependencies [4c44a5b] - @ai-sdk/provider@3.0.0-beta.11 ## 4.0.0-beta.24 ### Patch Changes - Updated dependencies [0c3b58b] - @ai-sdk/provider@3.0.0-beta.10 ## 4.0.0-beta.23 ### Patch Changes - Updated dependencies [a755db5] - @ai-sdk/provider@3.0.0-beta.9 ## 4.0.0-beta.22 ### Patch Changes - 58920e0: refactor: consolidate header normalization across packages, remove duplicates, preserve custom headers ## 4.0.0-beta.21 ### Patch Changes - 293a6b7: Added a title to the tools ## 4.0.0-beta.20 ### Patch Changes - fca786b: feat(provider-utils): add MaybePromiseLike type ## 4.0.0-beta.19 ### Patch Changes - 3794514: feat: flexible tool output content support - Updated dependencies [3794514] - @ai-sdk/provider@3.0.0-beta.8 ## 4.0.0-beta.18 ### Patch Changes - Updated dependencies [81d4308] - @ai-sdk/provider@3.0.0-beta.7 ## 4.0.0-beta.17 ### Patch Changes - 703459a: feat: tool execution approval for dynamic tools ## 4.0.0-beta.16 ### Patch Changes - 6306603: chore: replace Validator with Schema ## 4.0.0-beta.15 ### Patch Changes - f0b2157: fix: revert zod import change ## 4.0.0-beta.14 ### Patch Changes - 3b1d015: feat(ai): Effect schema support ## 4.0.0-beta.13 ### Patch Changes - d116b4b: feat(ai): arktype support ## 4.0.0-beta.12 ### Patch Changes - 7e32fea: feat(ai): valibot support ## 4.0.0-beta.11 ### Patch Changes - 95f65c2: chore: use import \* from zod/v4 - 95f65c2: chore: load zod schemas lazily ## 4.0.0-beta.10 ### Major Changes - dee8b05: ai SDK 6 beta ### Patch Changes - Updated dependencies [dee8b05] - @ai-sdk/provider@3.0.0-beta.6 ## 3.1.0-beta.9 ### Patch Changes - 521c537: feat(ai): Tool.needsApproval can be a function ## 3.1.0-beta.8 ### Patch Changes - e06565c: feat(provider-utils): add needsApproval support to provider-defined tools ## 3.1.0-beta.7 ### Patch Changes - e8109d3: feat: tool execution approval - Updated dependencies - @ai-sdk/provider@2.1.0-beta.5 ## 3.1.0-beta.6 ### Patch Changes - 0adc679: feat(provider): shared spec v3 - Updated dependencies - @ai-sdk/provider@2.1.0-beta.4 ## 3.1.0-beta.5 ### Patch Changes - 8dac895: feat: `LanguageModelV3` - Updated dependencies [8dac895] - @ai-sdk/provider@2.1.0-beta.3 ## 3.1.0-beta.4 ### Patch Changes - 4616b86: chore: update zod peer depenedency version ## 3.1.0-beta.3 ### Patch Changes - Updated dependencies - @ai-sdk/provider@2.1.0-beta.2 ## 3.1.0-beta.2 ### Patch Changes - Updated dependencies [0c4822d] - @ai-sdk/provider@2.1.0-beta.1 ## 3.1.0-beta.1 ### Patch Changes - cbb1d35: Update for provider-util changeset after change in PR #8588 ## 3.1.0-beta.0 ### Minor Changes - 78928cb: release: start 5.1 beta ### Patch Changes - Updated dependencies [78928cb] - @ai-sdk/provider@2.1.0-beta.0 ## 3.0.9 ### Patch Changes - 0294b58: feat(ai): set `ai`, `@ai-sdk/provider-utils`, and runtime in `user-agent` header ## 3.0.8 ### Patch Changes - 99964ed: fix(provider-utils): fix type inference for toModelOutput ## 3.0.7 ### Patch Changes - 886e7cd: chore(provider-utils): upgrade event-source parser to 3.0.5 ## 3.0.6 ### Patch Changes - 1b5a3d3: chore(provider-util): integrate zod-to-json-schema ## 3.0.5 ### Patch Changes - 0857788: fix(provider/groq): `experimental_transcribe` fails with valid Buffer ## 3.0.4 ### Patch Changes - 68751f9: fix(provider-utils): add inject json utility function ## 3.0.3 ### Patch Changes - 034e229: fix(provider/utils): fix FlexibleSchema type inference with zod/v3 - f25040d: fix(provider-utils): fix tools type inference ## 3.0.2 ### Patch Changes - 38ac190: feat(ai): preliminary tool results ## 3.0.1 ### Patch Changes - 90d212f: feat (ai): add experimental tool call context ## 3.0.0 ### Major Changes - 5d142ab: remove deprecated `CoreToolCall` and `CoreToolResult` types - d5f588f: AI SDK 5 - e025824: refactoring (ai): restructure provider-defined tools - 40acf9b: feat (ui): introduce ChatStore and ChatTransport - 957b739: chore (provider-utils): rename TestServerCall.requestBody to requestBodyJson - ea7a7c9: feat (ui): UI message metadata - 41fa418: chore (provider-utils): return IdGenerator interface - 71f938d: feat (ai): add output schema for tools ### Patch Changes - a571d6e: chore(provider-utils): move ToolResultContent to provider-utils - e7fcc86: feat (ai): introduce dynamic tools - 45c1ea2: refactoring: introduce FlexibleSchema - 060370c: feat(provider-utils): add TestServerCall#requestCredentials - 0571b98: chore (provider-utils): update eventsource-parser to 3.0.3 - 4fef487: feat: support for zod v4 for schema validation All these methods now accept both a zod v4 and zod v3 schemas for validation: - `generateObject()` - `streamObject()` - `generateText()` - `experimental_useObject()` from `@ai-sdk/react` - `streamUI()` from `@ai-sdk/rsc` - 0c0c0b3: refactor (provider-utils): move `customAlphabet()` method from `nanoid` into codebase - 8ba77a7: chore (provider-utils): use eventsource-parser library - a166433: feat: add transcription with experimental_transcribe - 9f95b35: refactor (provider-utils): copy relevant code from `secure-json-parse` into codebase - 66962ed: fix(packages): export node10 compatible types - 05d2819: feat: allow zod 4.x as peer dependency - ac34802: Add clear object function to StructuredObject - 63d791d: chore (utils): remove unused test helpers - 87b828f: fix(provider-utils): fix SSE parser bug (CRLF) - bfdca8d: feat (ai): add InferToolInput and InferToolOutput helpers - 0ff02bb: chore(provider-utils): move over jsonSchema - 39a4fab: fix (provider-utils): detect failed fetch in browser environments - 57edfcb: Adds support for async zod validators - faf8446: chore (provider-utils): switch to standard-schema - d1a034f: feature: using Zod 4 for internal stuff - 88a8ee5: fix (ai): support abort during retry waits - 205077b: fix: improve Zod compatibility - 28a5ed5: refactoring: move tools helper into provider-utils - dd5fd43: feat (ai): support dynamic tools in Chat onToolCall - 383cbfa: feat (ai): add isAborted to onFinish callback for ui message streams - Updated dependencies - @ai-sdk/provider@2.0.0 ## 3.0.0-beta.10 ### Patch Changes - 88a8ee5: fix (ai): support abort during retry waits ## 3.0.0-beta.9 ### Patch Changes - Updated dependencies [27deb4d] - @ai-sdk/provider@2.0.0-beta.2 ## 3.0.0-beta.8 ### Patch Changes - dd5fd43: feat (ai): support dynamic tools in Chat onToolCall ## 3.0.0-beta.7 ### Patch Changes - e7fcc86: feat (ai): introduce dynamic tools ## 3.0.0-beta.6 ### Patch Changes - ac34802: Add clear object function to StructuredObject ## 3.0.0-beta.5 ### Patch Changes - 57edfcb: Adds support for async zod validators - 383cbfa: feat (ai): add isAborted to onFinish callback for ui message streams ## 3.0.0-beta.4 ### Patch Changes - 205077b: fix: improve Zod compatibility ## 3.0.0-beta.3 ### Patch Changes - 05d2819: feat: allow zod 4.x as peer dependency ## 3.0.0-beta.2 ### Patch Changes - 0571b98: chore (provider-utils): update eventsource-parser to 3.0.3 - 39a4fab: fix (provider-utils): detect failed fetch in browser environments - d1a034f: feature: using Zod 4 for internal stuff ## 3.0.0-beta.1 ### Major Changes - e025824: refactoring (ai): restructure provider-defined tools - 71f938d: feat (ai): add output schema for tools ### Patch Changes - 45c1ea2: refactoring: introduce FlexibleSchema - bfdca8d: feat (ai): add InferToolInput and InferToolOutput helpers - 28a5ed5: refactoring: move tools helper into provider-utils - Updated dependencies - @ai-sdk/provider@2.0.0-beta.1 ## 3.0.0-alpha.15 ### Patch Changes - 8ba77a7: chore (provider-utils): use eventsource-parser library - Updated dependencies [48d257a] - @ai-sdk/provider@2.0.0-alpha.15 ## 3.0.0-alpha.14 ### Patch Changes - Updated dependencies - @ai-sdk/provider@2.0.0-alpha.14 ## 3.0.0-alpha.13 ### Patch Changes - Updated dependencies [68ecf2f] - @ai-sdk/provider@2.0.0-alpha.13 ## 3.0.0-alpha.12 ### Patch Changes - Updated dependencies [e2aceaf] - @ai-sdk/provider@2.0.0-alpha.12 ## 3.0.0-alpha.11 ### Patch Changes - Updated dependencies [c1e6647] - @ai-sdk/provider@2.0.0-alpha.11 ## 3.0.0-alpha.10 ### Patch Changes - Updated dependencies [c4df419] - @ai-sdk/provider@2.0.0-alpha.10 ## 3.0.0-alpha.9 ### Patch Changes - Updated dependencies [811dff3] - @ai-sdk/provider@2.0.0-alpha.9 ## 3.0.0-alpha.8 ### Patch Changes - 4fef487: feat: support for zod v4 for schema validation All these methods now accept both a zod v4 and zod v3 schemas for validation: - `generateObject()` - `streamObject()` - `generateText()` - `experimental_useObject()` from `@ai-sdk/react` - `streamUI()` from `@ai-sdk/rsc` - Updated dependencies [9222aeb] - @ai-sdk/provider@2.0.0-alpha.8 ## 3.0.0-alpha.7 ### Patch Changes - Updated dependencies [5c56081] - @ai-sdk/provider@2.0.0-alpha.7 ## 3.0.0-alpha.6 ### Patch Changes - Updated dependencies [0d2c085] - @ai-sdk/provider@2.0.0-alpha.6 ## 3.0.0-alpha.4 ### Patch Changes - Updated dependencies [dc714f3] - @ai-sdk/provider@2.0.0-alpha.4 ## 3.0.0-alpha.3 ### Patch Changes - Updated dependencies [6b98118] - @ai-sdk/provider@2.0.0-alpha.3 ## 3.0.0-alpha.2 ### Patch Changes - Updated dependencies [26535e0] - @ai-sdk/provider@2.0.0-alpha.2 ## 3.0.0-alpha.1 ### Patch Changes - Updated dependencies [3f2f00c] - @ai-sdk/provider@2.0.0-alpha.1 ## 3.0.0-canary.19 ### Patch Changes - faf8446: chore (provider-utils): switch to standard-schema ## 3.0.0-canary.18 ### Major Changes - 40acf9b: feat (ui): introduce ChatStore and ChatTransport ## 3.0.0-canary.17 ### Major Changes - ea7a7c9: feat (ui): UI message metadata ## 3.0.0-canary.16 ### Patch Changes - 87b828f: fix(provider-utils): fix SSE parser bug (CRLF) ## 3.0.0-canary.15 ### Major Changes - 41fa418: chore (provider-utils): return IdGenerator interface ### Patch Changes - a571d6e: chore(provider-utils): move ToolResultContent to provider-utils - Updated dependencies - @ai-sdk/provider@2.0.0-canary.14 ## 3.0.0-canary.14 ### Major Changes - 957b739: chore (provider-utils): rename TestServerCall.requestBody to requestBodyJson ### Patch Changes - Updated dependencies [9bd5ab5] - @ai-sdk/provider@2.0.0-canary.13 ## 3.0.0-canary.13 ### Patch Changes - 0ff02bb: chore(provider-utils): move over jsonSchema - Updated dependencies [7b3ae3f] - @ai-sdk/provider@2.0.0-canary.12 ## 3.0.0-canary.12 ### Patch Changes - Updated dependencies - @ai-sdk/provider@2.0.0-canary.11 ## 3.0.0-canary.11 ### Patch Changes - 66962ed: fix(packages): export node10 compatible types - Updated dependencies - @ai-sdk/provider@2.0.0-canary.10 ## 3.0.0-canary.10 ### Patch Changes - Updated dependencies [e86be6f] - @ai-sdk/provider@2.0.0-canary.9 ## 3.0.0-canary.9 ### Patch Changes - Updated dependencies - @ai-sdk/provider@2.0.0-canary.8 ## 3.0.0-canary.8 ### Major Changes - 5d142ab: remove deprecated `CoreToolCall` and `CoreToolResult` types ### Patch Changes - Updated dependencies - @ai-sdk/provider@2.0.0-canary.7 ## 3.0.0-canary.7 ### Patch Changes - Updated dependencies - @ai-sdk/provider@2.0.0-canary.6 ## 3.0.0-canary.6 ### Patch Changes - Updated dependencies - @ai-sdk/provider@2.0.0-canary.5 ## 3.0.0-canary.5 ### Patch Changes - Updated dependencies [6f6bb89] - @ai-sdk/provider@2.0.0-canary.4 ## 3.0.0-canary.4 ### Patch Changes - Updated dependencies [d1a1aa1] - @ai-sd