Skip to content

Bump vercel from 50.44.0 to 53.2.0#73

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/vercel-53.2.0
Open

Bump vercel from 50.44.0 to 53.2.0#73
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/vercel-53.2.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 8, 2026

Bumps vercel from 50.44.0 to 53.2.0.

Release notes

Sourced from vercel's releases.

vercel@53.2.0

Minor Changes

  • 3898acb: Add vercel firewall command for managing project firewall configuration. Supports custom rules (add, edit, delete, enable, disable, reorder), IP blocking, system bypass rules, attack challenge mode, and system mitigations.

Patch Changes

  • 0cf132c: vercel connex create now accepts a --triggers flag. When passed, the request body includes triggers: { enabled: true } so the server wires webhook triggers into the created client. Without the flag, triggers: { enabled: false } is sent.
  • 1d766af: Let --yes enable the browser recovery flow for vercel connex token even in non-TTY contexts (e.g., coding agents), so a single command can open the browser, poll, and return the token without round-tripping through the agent's chat.
  • dd27e25: Added vercel deploy continue --error to mark manual deployments as failed with an optional error message.
  • 2f2b3f1: Added --filter/-f <NAME> flag to vercel project ls for filtering projects by name (substring match).
  • b2c2541: Avoid resolving the configured default team before unscoped vercel link --yes --project cross-team search, so team-scoped tokens can still link projects they can access.
  • 5f3cf99: Skip SAML-protected ("limited") teams during vercel link's cross-team auto-detect so it no longer forces device-code re-authentication for scopes the user did not explicitly choose. The project is still linked from any accessible team where it's found, and limited scopes remain available through the standard scope picker (selectOrg) or --scope <slug>.
    • @​vercel/python@​6.38.0

vercel@53.1.1

Patch Changes

  • 4a5be0b: Fixed vc env update failing when updating sensitive environment variables.
  • 2ffd7bc: Tighten the SdkKey type so plaintext keyValue, tokenValue, and connectionString can no longer appear on list responses. flags sdk-keys ls --json already omitted these via an explicit allowlist; the type split makes the guarantee static. Create-time output from flags sdk-keys add is unaffected.
  • e6cb5bc: Hide --token from help output for commands that don't support it (login, switch).
  • 8a5aa6a: Ensure synthetic SPA fallbacks are merged after builder-produced routes.
  • bab5a60: Handle stale Claude Code Vercel plugin registry entries during plugin migration.
  • Updated dependencies [34e7b09]
  • Updated dependencies [8e29c9c]
  • Updated dependencies [2da36f3]
  • Updated dependencies [fa5f57a]
  • Updated dependencies [97f87f7]
    • @​vercel/next@​4.17.1
    • @​vercel/python@​6.38.0
    • @​vercel/remix-builder@​5.8.1
    • @​vercel/static-build@​2.9.22

vercel@53.1.0

Minor Changes

  • 5cf1179: Use services orchestrator for single web services in local dev.

Patch Changes

  • 3aa821e: Allow adding Development Environment Variables on teams that enforce sensitive Environment Variables.

vercel@53.0.1

Patch Changes

  • Updated dependencies [f7b5377]
    • @​vercel/node@​5.7.15
    • @​vercel/elysia@​0.1.73
    • @​vercel/express@​0.1.83
    • @​vercel/fastify@​0.1.76

... (truncated)

Changelog

Sourced from vercel's changelog.

53.2.0

Minor Changes

  • 3898acb: Add vercel firewall command for managing project firewall configuration. Supports custom rules (add, edit, delete, enable, disable, reorder), IP blocking, system bypass rules, attack challenge mode, and system mitigations.

Patch Changes

  • 0cf132c: vercel connex create now accepts a --triggers flag. When passed, the request body includes triggers: { enabled: true } so the server wires webhook triggers into the created client. Without the flag, triggers: { enabled: false } is sent.
  • 1d766af: Let --yes enable the browser recovery flow for vercel connex token even in non-TTY contexts (e.g., coding agents), so a single command can open the browser, poll, and return the token without round-tripping through the agent's chat.
  • dd27e25: Added vercel deploy continue --error to mark manual deployments as failed with an optional error message.
  • 2f2b3f1: Added --filter/-f <NAME> flag to vercel project ls for filtering projects by name (substring match).
  • b2c2541: Avoid resolving the configured default team before unscoped vercel link --yes --project cross-team search, so team-scoped tokens can still link projects they can access.
  • 5f3cf99: Skip SAML-protected ("limited") teams during vercel link's cross-team auto-detect so it no longer forces device-code re-authentication for scopes the user did not explicitly choose. The project is still linked from any accessible team where it's found, and limited scopes remain available through the standard scope picker (selectOrg) or --scope <slug>.
    • @​vercel/python@​6.38.0

53.1.1

Patch Changes

  • 4a5be0b: Fixed vc env update failing when updating sensitive environment variables.
  • 2ffd7bc: Tighten the SdkKey type so plaintext keyValue, tokenValue, and connectionString can no longer appear on list responses. flags sdk-keys ls --json already omitted these via an explicit allowlist; the type split makes the guarantee static. Create-time output from flags sdk-keys add is unaffected.
  • e6cb5bc: Hide --token from help output for commands that don't support it (login, switch).
  • 8a5aa6a: Ensure synthetic SPA fallbacks are merged after builder-produced routes.
  • bab5a60: Handle stale Claude Code Vercel plugin registry entries during plugin migration.
  • Updated dependencies [34e7b09]
  • Updated dependencies [8e29c9c]
  • Updated dependencies [2da36f3]
  • Updated dependencies [fa5f57a]
  • Updated dependencies [97f87f7]
    • @​vercel/next@​4.17.1
    • @​vercel/python@​6.38.0
    • @​vercel/remix-builder@​5.8.1
    • @​vercel/static-build@​2.9.22

53.1.0

Minor Changes

  • 5cf1179: Use services orchestrator for single web services in local dev.

Patch Changes

  • 3aa821e: Allow adding Development Environment Variables on teams that enforce sensitive Environment Variables.

53.0.1

Patch Changes

  • Updated dependencies [f7b5377]

... (truncated)

Commits
  • 23540b5 Version Packages (#16226)
  • b2c2541 fix(cli): avoid default scope lookup during link (#16231)
  • 5f3cf99 Skip limited teams during vercel link auto detect (#16220)
  • 7fc11eb ci: remove redundant build step and fix VITEST_WORKER_ID (#16229)
  • 3f0e9b7 Revert "ci: improve E2E log ergonomics in GitHub Actions" (#16225)
  • 9bf71cc ci: improve E2E log ergonomics in GitHub Actions
  • dd27e25 [cli] Allow continuing a deployment to error (#16203)
  • da93fcc Replace Jest with Vitest across workspace tests (#16215)
  • 0cf132c feat(cli): add --triggers to connex create behind FF_CONNEX_TRIGGERS (#16102)
  • c6b49e4 [ci] Shard vercel CLI unit tests into 7 chunks via VITEST_TEST_FILES (#16208)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for vercel since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump vercel from 50.44.0 to 53.2.0
4386dfa 
Bumps [vercel](https://github.com/vercel/vercel/tree/HEAD/packages/cli) from 50.44.0 to 53.2.0.
- [Release notes](https://github.com/vercel/vercel/releases)
- [Changelog](https://github.com/vercel/vercel/blob/main/packages/cli/CHANGELOG.md)
- [Commits](https://github.com/vercel/vercel/commits/vercel@53.2.0/packages/cli)

---
updated-dependencies:
- dependency-name: vercel
  dependency-version: 53.2.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 8, 2026
@dependabot dependabot Bot mentioned this pull request May 8, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants