chore(deps): update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@antfu/eslint-config	7.7.2 → 7.7.3
@iconify-json/tabler	1.2.31 → 1.2.33
@libsql/client (source)	0.17.0 → 0.17.2
@nuxthub/core (source)	0.10.6 → 0.10.7
@types/chrome (source)	0.1.37 → 0.1.40
@unocss/nuxt (source)	66.6.2 → 66.6.8
@unocss/reset (source)	66.6.2 → 66.6.8
ai (source)	6.0.105 → 6.0.154
drizzle-kit (source)	0.31.9 → 0.31.10
pnpm (source)	10.32.1 → 10.33.0
reka-ui	2.9.2 → 2.9.5
unocss (source)	66.5.1 → 66.6.8
unocss (source)	66.6.6 → 66.6.8
unstorage (source)	1.17.4 → 1.17.5
vue-tsc (source)	3.2.5 → 3.2.6
workers-ai-provider	3.1.2 → 3.1.10
wrangler (source)	4.74.0 → 4.81.1
wxt (source)	0.20.19 → 0.20.20

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

antfu/eslint-config (@​antfu/eslint-config)

v7.7.3

Compare Source

   🐞 Bug Fixes

• Disable some e18e rules  -  by @​antfu (7edec)

    View changes on GitHub

tursodatabase/libsql-client-ts (@​libsql/client)

v0.17.2

Compare Source

v0.17.1

Compare Source

nuxt-hub/core (@​nuxthub/core)

v0.10.7

Compare Source

compare changes

🚀 Enhancements

• db: Add support for database replica (#​808)
• cli: Add "name" and "custom" arguments for db generate cli command (#​816)
• cli: Add --force flag to skip confirmation when dropping all tables (#​834)
• db: Add hub.db.applyMigrationsDuringDev: boolean option (#​837)
• db: Use drizzle studio d1 driver (#​846)

🩹 Fixes

• db: Generate schema types during prepare (#​795)
• Change Cloudflare D1 API URI (#​794)
• devtools: Point Drizzle Studio to correct D1 database file (#​806)
• db: Create package.json during prepare (#​797)
• db: Resolve Nuxt aliases in schema bundling (#​802)
• db: Correct D1 migrations_dir path in wrangler.json (#​814)
• playground: Fix get todos database query (#​819)
• Fix incorrect license in README (#​829)
• db: Resolve @​nuxthub/db from rootDir for pnpm workspaces (#​828)
• db: Bundle cache schema entries (#​833)
• db: Respect explicit libsql driver on Cloudflare (#​842)
• db: Pass driver options to postgres-js (#​844)

📖 Documentation

• Fix typo in schema documentation (#​807)
• Add environments, CI/CD guide, and env vars reference (#​804)
• Add nuxt-studio (64f9105)
• Make formatting in db migrate command usage consistant (#​822)
• Update migration handling for Cloudflare D1 (#​848)
• blob: Clarify nuxt image dev config (#​851)
• Fix typo in url (d4e24b3)

🏡 Chore

• Update deps (7a8ec94)
• Update deps" (a5f46e9)
• release: V0.10.6 (ea6305c)
• Don't pass empty params to kit cli (43dc045)

❤️ Contributors

• Rihan Arfan (@​RihanArfan)
• Max maximogarciamtnez@gmail.com
• M Reinhard (@​michaelreinhard1)
• Branislav Juhás (@​branislavjuhaas)
• Miguelrk miguelromerokaram@gmail.com
• Hareland (@​hareland)
• Darius Haskell (@​hsklnet)
• Sébastien Chopin (@​atinux)
• Jens Becker mail@jens.pub
• Nogic (@​nogic1008)

unocss/unocss (@​unocss/nuxt)

v66.6.8

Compare Source

   🚀 Features

• preset-wind4: Improve css variable usage in bracket syntax  -  by @​zyyv in #​5174 (89308)
• svelte-scoped: Add hashSafelistClasses boolean, by default do not hash safelisted classes  -  by @​henrikvilhelmberglund in #​5157 (e5f89)

   🐞 Bug Fixes

• inspector: Add background colors  -  by @​liangmiQwQ in #​5160 (5a138)
• svelte-scoped: Replace build hook with buildEnd to remove setAss…  -  by @​henrikvilhelmberglund in #​5159 (17513)
• transformer-attributify-jsx: Improve error message  -  by @​9romise in #​5156 (07800)
• webpack: Persistent cache  -  by @​Jack-sh1, Jack-sh1 and @​zyyv in #​5017 (ff7e7)

    View changes on GitHub

v66.6.7

Compare Source

   🚀 Features

• rule-utils: Add details-content pseudo to pseudo.ts  -  by @​henrikvilhelmberglund in #​5138 (2a2c9)

   🐞 Bug Fixes

• eslint-plugin: Update types for Linter compatibility  -  by @​Jungzl in #​5147 (f18d7)
• inspector: No longer hijack printUrls  -  by @​antfu (d00a6)
• language-server,vscode: Honor workspace roots for unocss config discovery  -  by @​Jungzl and GPT-5.4 in #​5145 (062bf)
• preset-wind4: Fix option variable-prefix not working  -  by @​micaiguai in #​5142 (f1094)

    View changes on GitHub

v66.6.6

Compare Source

   🐞 Bug Fixes

• svelte-scoped: Generate in buildEnd() to make presetWind4 on-dem…  -  by @​henrikvilhelmberglund in #​5133 (06d7c)

    View changes on GitHub

v66.6.5

Compare Source

   🐞 Bug Fixes

• config: Enhance loadConfig to track user custom config presence  -  by @​zyyv in #​5132 (76f65)

    View changes on GitHub

v66.6.4

Compare Source

   🚀 Features

• core: Add noScope key determines whether to wrap the selector  -  by @​zyyv and Copilot in #​5130 (5b67c)

    View changes on GitHub

vercel/ai (ai)

v6.0.154

Compare Source

Patch Changes

• Updated dependencies [37a378e]
  • @​ai-sdk/gateway@​3.0.94

v6.0.153

Compare Source

Patch Changes

• f152133: feat (ai/core): support plain string model IDs in rerank() function

  The rerank() function now accepts plain model strings (e.g., 'cohere/rerank-v3.5') in addition to RerankingModel objects, matching the behavior of generateText, embed, and other core functions.

v6.0.152

Compare Source

Patch Changes

• d42076d: Add AI Gateway hint to provider READMEs

v6.0.151

Compare Source

Patch Changes

• Updated dependencies [ec18852]
  • @​ai-sdk/gateway@​3.0.93

v6.0.150

Compare Source

Patch Changes

• 1003609: fix(ai): skip stringifying text when streaming partial text
• Updated dependencies [9de7d7b]
  • @​ai-sdk/gateway@​3.0.92

v6.0.149

Compare Source

Patch Changes

• Updated dependencies [3aca847]
  • @​ai-sdk/gateway@​3.0.91

v6.0.148

Compare Source

Patch Changes

• Updated dependencies [e923a24]
  • @​ai-sdk/gateway@​3.0.90

v6.0.147

Compare Source

Patch Changes

• Updated dependencies [6247886]
  • @​ai-sdk/provider-utils@​4.0.23
  • @​ai-sdk/gateway@​3.0.89

v6.0.146

Compare Source

Patch Changes

• Updated dependencies [5f439a1]
  • @​ai-sdk/gateway@​3.0.88

v6.0.145

Compare Source

Patch Changes

• Updated dependencies [ffd431a]
  • @​ai-sdk/gateway@​3.0.87

v6.0.144

Compare Source

Patch Changes

• 0469aed: fix: allow inline data URLs in download validation
• Updated dependencies [0469aed]
• Updated dependencies [15bfbd2]
  • @​ai-sdk/provider-utils@​4.0.22
  • @​ai-sdk/gateway@​3.0.86

v6.0.143

Compare Source

Patch Changes

• Updated dependencies [85e476d]
  • @​ai-sdk/gateway@​3.0.85

v6.0.142

Compare Source

Patch Changes

• 6f75953: feat(ai): add new isLoopFinished stop condition helper for unlimited steps
• Updated dependencies [70322b4]
  • @​ai-sdk/gateway@​3.0.84

v6.0.141

Compare Source

Patch Changes

• Updated dependencies [768a9d6]
  • @​ai-sdk/gateway@​3.0.83

v6.0.140

Compare Source

Patch Changes

• Updated dependencies [95fedf0]
  • @​ai-sdk/gateway@​3.0.82

v6.0.139

Compare Source

Patch Changes

• Updated dependencies [e69062d]
  • @​ai-sdk/gateway@​3.0.81

v6.0.138

Compare Source

Patch Changes

• Updated dependencies [0db5cd8]
  • @​ai-sdk/gateway@​3.0.80

v6.0.137

Compare Source

Patch Changes

• Updated dependencies [3caa544]
  • @​ai-sdk/gateway@​3.0.79

v6.0.136

Compare Source

Patch Changes

• Updated dependencies [763e178]
  • @​ai-sdk/gateway@​3.0.78

v6.0.135

Compare Source

Patch Changes

• df6a330: chore(ai): remove all experimental agent events

v6.0.134

Compare Source

Patch Changes

• ed6876b: chore(ai): remove all experimental embed events

v6.0.133

Compare Source

Patch Changes

• 055cd68: fix: publish v6 to latest npm dist tag
• Updated dependencies [d99eb91]
• Updated dependencies [055cd68]
  • @​ai-sdk/gateway@​3.0.77
  • @​ai-sdk/provider-utils@​4.0.21

v6.0.132

Compare Source

Patch Changes

• 28fd5a5: README updates

v6.0.131

Compare Source

Patch Changes

• 14f25f9: feat(ai): introduce experimental callbacks for embed function

v6.0.130

Compare Source

Patch Changes

• Updated dependencies [25af909]
  • @​ai-sdk/gateway@​3.0.76

v6.0.129

Compare Source

Patch Changes

• Updated dependencies [f95e0c0]
  • @​ai-sdk/gateway@​3.0.75

v6.0.128

Compare Source

Patch Changes

• Updated dependencies [7324b56]
  • @​ai-sdk/gateway@​3.0.74

v6.0.127

Compare Source

Patch Changes

• Updated dependencies [ac0c407]
• Updated dependencies [e748159]
  • @​ai-sdk/gateway@​3.0.73

v6.0.126

Compare Source

Patch Changes

• 578615a: Remove custom User-Agent header from HttpChatTransport to fix CORS preflight failures in Safari and Firefox

v6.0.125

Compare Source

Patch Changes

• Updated dependencies [5ffb1ad]
• Updated dependencies [f5bf0c6]
  • @​ai-sdk/gateway@​3.0.72

v6.0.124

Patch Changes

• Updated dependencies [55ccbe2]
  • @​ai-sdk/gateway@​3.0.71

v6.0.122

Compare Source

Patch Changes

• Updated dependencies [ca0b430]
  • @​ai-sdk/gateway@​3.0.70

v6.0.121

Compare Source

Patch Changes

• Updated dependencies [efdaefc]
  • @​ai-sdk/gateway@​3.0.69

v6.0.120

Compare Source

Patch Changes

• 78c0e26: feat(ai): pass result provider metadata across the stream

v6.0.119

Patch Changes

• ab286f1: fix(ai): doStream should reflect transformed values
• d68b122: feat(ai): add missing usage attributes

v6.0.118

Patch Changes

• 64ac0fd: fix(security): validate redirect targets in download functions to prevent SSRF bypass

  Both downloadBlob and download now validate the final URL after following HTTP redirects, preventing attackers from bypassing SSRF protections via open redirects to internal/private addresses.

• Updated dependencies [64ac0fd]

  • @​ai-sdk/provider-utils@​4.0.20
  • @​ai-sdk/gateway@​3.0.68

v6.0.117

Patch Changes

• d23121f: chore(ai): add optional ChatRequestOptions to addToolApprovalResponse and addToolOutput
• Updated dependencies [2589004]
  • @​ai-sdk/gateway@​3.0.67

v6.0.116

Patch Changes

• ad4cfc2: Add URL validation to downloadBlob and download to prevent blind SSRF attacks. Private/internal IP addresses, localhost, and non-HTTP protocols are now rejected before fetching.
• Updated dependencies [ad4cfc2]
  • @​ai-sdk/provider-utils@​4.0.19
  • @​ai-sdk/gateway@​3.0.66

v6.0.115

Patch Changes

• Updated dependencies [824b295]
  • @​ai-sdk/provider-utils@​4.0.18
  • @​ai-sdk/gateway@​3.0.65

v6.0.114

Compare Source

Patch Changes

• 2291047: fix(ai): fix missing support for image thought signatures (e.g. for Gemini image models)

v6.0.113

Compare Source

Patch Changes

• 70d3980: fix(ai): use errorMode 'text' in approval continuation to preserve tool error messages

v6.0.112

Compare Source

Patch Changes

• Updated dependencies [db3d4ca]
  • @​ai-sdk/gateway@​3.0.64

v6.0.111

Compare Source

Patch Changes

• 2129c82: feat(ai): register global telemetry integrations

v6.0.110

Compare Source

Patch Changes

• Updated dependencies [1b01ec1]
• Updated dependencies [8df8e11]
  • @​ai-sdk/gateway@​3.0.63

v6.0.109

Compare Source

Patch Changes

• Updated dependencies [10bec50]
  • @​ai-sdk/gateway@​3.0.62

v6.0.108

Compare Source

Patch Changes

• 2a4f512: feat(ai): add telemetry interface and registry

v6.0.107

Compare Source

Patch Changes

• Updated dependencies [08336f1]
  • @​ai-sdk/provider-utils@​4.0.17
  • @​ai-sdk/gateway@​3.0.61

v6.0.106

Compare Source

Patch Changes

• Updated dependencies [29e9f4d]
  • @​ai-sdk/gateway@​3.0.60

drizzle-team/drizzle-orm (drizzle-kit)

v0.31.10

Compare Source

• Updated to hanji@0.0.8 - native bun stringWidth, stripANSI support, errors for non-TTY environments
• We've migrated away from esbuild-register to tsx loader, it will now allow to use drizzle-kit seamlessly with both ESM and CJS modules
• We've also added native Bun and Deno launch support, which will not trigger tsx loader and utilise native bun and deno imports capabilities and faster startup times

pnpm/pnpm (pnpm)

v10.33.0

Compare Source

unovue/reka-ui (reka-ui)

v2.9.5

Compare Source

   🐞 Bug Fixes

• core: Prevent /#PURE/ annotation inside function declarations  -  by @​zernonia and Claude Sonnet 4.6 in #​2585 (d7349)

    View changes on GitHub

v2.9.4

Compare Source

   🐞 Bug Fixes

• Automate namespaced components generation on build  -  by @​mateusznarowski in #​2571 (07951)
• Improve production tree-shaking  -  by @​zernonia and Claude Opus 4.6 (1M context) in #​2577 (6ff20)
• DateField: Fixed direct incorrect passing of date values to input element  -  by @​rastuhacode in #​2549 (9c098)
• ListboxVirtualizer: Ignore non-element VNodes in slot children  -  by @​zernonia and Claude Opus 4.6 (1M context) in #​2578 (06042)
• Select: Normalize hidden control  -  by @​CTOJoe in #​2572 and #​2573 (172ea)
• TimeField,DateField: Avoid changing focus prematurely with previous segment value of 0  -  by @​zomakus in #​2568 (c04be)

    View changes on GitHub

v2.9.3

Compare Source

   🐞 Bug Fixes

• Autocomplete: Add IME composition input handling  -  by @​kricsleo in #​2541 (987ca)
• ColorField/ColorArea: Forward custom attributes in ColorFieldRoot  -  by @​zernonia and Claude Sonnet 4.6 in #​2559 (700c8)
• Combobox: Prevent addOnBlur from adding raw input when selecting item  -  by @​kricsleo in #​2514 (bc1db)
• FocusScope: Don't move focus if DOM mutation occurred before any nodes had focus  -  by @​romansp in #​2546 (91023)
• Listbox: Restore highlightOnHover behavior  -  by @​zernonia and Claude Sonnet 4.6 in #​2558 (ffde5)
• PinInput: Paste only numeric text in numeric mode  -  by @​kricsleo in #​2516 (bf719)
• Select: Export SelectItemEmits type  -  by @​CTOJoe in #​2526 and #​2527 (49d1d)
• tooltip,hovercard: Close when scrollable ancestor is scrolled  -  by @​zernonia and Claude Sonnet 4.6 in #​2557 (a987a)
• useForwardProps: Return Partial to correctly type optional boolean props  -  by @​zernonia and Claude Sonnet 4.6 in #​2561 (c22a4)
• useGraceArea: Add nil guard for hover target in grace area creation  -  by @​kricsleo in #​2553 (67fb1)

    View changes on GitHub

unjs/unstorage (unstorage)

v1.17.5

Compare Source

compare changes

📦 Dependencies

• Update deps (h3 and lru-cache) (37e8958)

vuejs/language-tools (vue-tsc)

v3.2.6

Compare Source

language-core

• fix: generate $slots type in template correctly with defineSlots (#​5984) - Thanks to @​KazariEX!
• fix: infer only readonly component of arrays in v-for (#​5987) - Thanks to @​ascott18!
• fix: avoid false positives for destructured props detection on binding property names (#​5994) - Thanks to @​KazariEX!

vscode

• fix: use regex for TS extension patching to support VS Code 1.110+ (#​5983) - Thanks to @​ebiryu!

cloudflare/ai (workers-ai-provider)

v3.1.10

Compare Source

Patch Changes

• #​480 1c6bdad Thanks @​threepointone! - Add optional fetch parameter to credentials mode for request interception and testing. Available when using accountId + apiKey (not with bindings). Matches the pattern used by @ai-sdk/openai and @ai-sdk/anthropic.

v3.1.9

Compare Source

Patch Changes

• #​474 dc95a5f Thanks @​threepointone! - update dependencies

• #​461 9131bb4 Thanks @​threepointone! - Replace tsup with tsdown as the build tool

v3.1.8

Compare Source

Patch Changes

• #​455 e02cdd2 Thanks @​ferdousbhai! - fix(workers-ai-provider): close reasoning block before tool calls and text

v3.1.7

Compare Source

Patch Changes

• #​457 cc94a06 Thanks @​threepointone! - Fix request cancellation by propagating abortSignal to outbound network calls.

  ai-gateway-provider: Pass abortSignal to the fetch call (API path) and to binding.run() (binding path) so that cancelled requests are properly aborted.

  workers-ai-provider: Pass abortSignal to binding.run() for chat, embedding, and image models, matching the existing behavior in transcription, speech, and reranking models.

  @​cloudflare/tanstack-ai: Pass signal through to binding.run() in both createGatewayFetch (AI Gateway binding path) and createWorkersAiBindingFetch (Workers AI binding path).

v3.1.6

Compare Source

Patch Changes

• #​454 29087ad Thanks @​mchenco! - Fix three tool calling bugs that caused multi-turn agentic loops to fail

  1. Tool result output not unwrapped

  convert-to-workersai-chat-messages.ts was calling JSON.stringify(toolResponse.output) on the entire LanguageModelV3ToolResultOutput wrapper object ({ type: 'text', value: '...' }), sending the wrapper as the tool message content instead of just the value. Models received garbled tool results and stopped after the first tool call instead of continuing.

  Fix: extract output.value and serialize only that.

  2. toolChoice: "required" mapped to "any" instead of "required"

  utils.ts mapped toolChoice: "required" to tool_choice: "any". All vLLM-backed models (@cf/moonshotai/kimi-k2.5, @cf/meta/llama-4-scout-17b-16e-instruct, @cf/zai-org/glm-4.7-flash) return 8001: Invalid input for tool_choice: "any". The same incorrect mapping applied to toolChoice: { type: "tool" }.

  Fix: map both to "required".

  3. description: false in tool definitions

  utils.ts used && short-circuit for tool description and parameters, which evaluates to false (not undefined) when tool.type !== "function". Sending description: false to the binding causes 8001: Invalid input.

  Fix: use ternary to produce undefined when not applicable.

  Tested against @cf/moonshotai/kimi-k2.5, @cf/meta/llama-4-scout-17b-16e-instruct, and @cf/zai-org/glm-4.7-flash via the Workers AI binding.

v3.1.5

Compare Source

Patch Changes

• #​451 2a62e23 Thanks @​mchenco! - Fix reasoning content being concatenated into assistant message content in multi-turn conversations

  Previously, reasoning parts in assistant messages were concatenated into the content string when building message history. This caused models like kimi-k2.5 and deepseek-r1 to receive their own internal reasoning as if it were spoken text, corrupting the conversation history and resulting in empty text responses or leaked special tokens on subsequent turns.

  Reasoning parts are now sent as the reasoning field on the assistant message object, which is the field name vLLM expects on input for reasoning models (kimi-k2.5, glm-4.7-flash).

v3.1.4

Compare Source

Patch Changes

• #​448 054ccb8 Thanks @​threepointone! - Fix image inputs for vision-capable chat models

  • Handle all LanguageModelV3DataContent variants (Uint8Array, base64 string, data URL) instead of only Uint8Array
  • Send images as OpenAI-compatible image_url content parts inline in messages, enabling vision for models like Llama 4 Scout and Kimi K2.5
  • Works with both the binding and REST API paths

v3.1.3

Compare Source

Patch Changes

• #​429 ae24f06 Thanks @​michaeldwan! - Pass tool_choice through to binding.run() so tool selection mode (auto, required, none) is respected when using Workers AI with the binding API

• #​410 bc2eba3 Thanks @​vaibhavshn! - fix: route REST API requests through AI Gateway when the gateway option is provided in createRun()

• #​446 3c35051 Thanks @​threepointone! - Remove tool_call_id sanitization that truncated IDs to 9 alphanumeric chars, which caused all tool call IDs to collide after round-trip

• #​444 b1c742b Thanks @​mchenco! - Add sessionAffinity setting to send x-session-affinity header for prefix-cache optimization. Also forward extraHeaders in the REST API path instead of discarding them.

cloudflare/workers-sdk (wrangler)

v4.81.1

Compare Source

Patch Changes

• #​13337 c510494 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260405.1	1.20260408.1

• #​13362 8b71eca Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • "on Monday"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pnpm-lock.yaml

Scope: all 3 workspace projects
Progress: resolved 1, reused 0, downloaded 0, added 0
Progress: resolved 22, reused 0, downloaded 0, added 0
packages/web                             |  WARN  deprecated unplugin-vue-router@0.19.2
Progress: resolved 45, reused 0, downloaded 0, added 0
Progress: resolved 46, reused 0, downloaded 0, added 0
Progress: resolved 146, reused 0, downloaded 0, added 0
Progress: resolved 291, reused 0, downloaded 0, added 0
Progress: resolved 381, reused 0, downloaded 0, added 0
Progress: resolved 616, reused 0, downloaded 0, added 0
Progress: resolved 767, reused 0, downloaded 0, added 0
Progress: resolved 891, reused 0, downloaded 0, added 0
Progress: resolved 920, reused 0, downloaded 0, added 0
Progress: resolved 965, reused 0, downloaded 0, added 0
Progress: resolved 1110, reused 0, downloaded 0, added 0
/tmp/renovate/repos/github/danielroe/unsight.dev/packages/web:
 ERR_PNPM_TRUST_DOWNGRADE  High-risk trust downgrade for "semver@6.3.1" (possible package takeover)

This error happened while installing the dependencies of nuxt@4.4.2
 at @nuxt/vite-builder@4.4.2
 at @vitejs/plugin-vue-jsx@5.1.5
 at @babel/core@7.29.0

Trust checks are based solely on publish date, not semver. A package cannot be installed if any earlier-published version had stronger trust evidence. Earlier versions had provenance attestation, but this version has no trust evidence. A trust downgrade may indicate a supply chain incident.

[cloudflare-workers-and-pages]

Deploying unsight with    Cloudflare Pages

Latest commit:	4ed00ad
Status:	🚫  Build failed.

View logs