chore(deps): Bump the production-dependencies group with 4 updates

[dependabot]

Bumps the production-dependencies group with 4 updates: @modelcontextprotocol/sdk, eventsource-parser, path-to-regexp and raw-body.

Updates @modelcontextprotocol/sdk from 1.17.4 to 1.17.5

Release notes

Sourced from @​modelcontextprotocol/sdk's releases.

1.17.5

What's Changed

• Automatic handling of logging level by @​cliffhall in modelcontextprotocol/typescript-sdk#882
• Fix the SDK vs Spec types test that is breaking CI by @​cliffhall in modelcontextprotocol/typescript-sdk#908

Full Changelog: modelcontextprotocol/typescript-sdk@1.17.4...1.17.5

Commits

• bf81793 bump version (#913)
• 3dd074f Fix the SDK vs Spec types test that is breaking CI (#908)
• 79d11dc Automatic handling of logging level (#882)
• See full diff in compare view

Updates eventsource-parser from 3.0.5 to 3.0.6

Release notes

Sourced from eventsource-parser's releases.

v3.0.6

3.0.6 (2025-08-29)

Bug Fixes

• reintroduce explicit support for node 18 (d845cef)

---

This release is also available on:

• npm package (@​latest dist-tag)

Changelog

Sourced from eventsource-parser's changelog.

3.0.6 (2025-08-29)

Bug Fixes

• reintroduce explicit support for node 18 (d845cef)

Commits

• 244d9f5 chore(release): 3.0.6 [skip ci]
• d845cef fix: reintroduce explicit support for node 18
• See full diff in compare view

Updates path-to-regexp from 8.2.0 to 8.3.0

Release notes

Sourced from path-to-regexp's releases.

8.3.0

Changed

• Add custom error class (#398) 2a7f2a4
• Allow plain objects for TokenData (#391) 687a9bb
• Escape text should escape backslash (#390) a4a8552
• Improved error messages and stack size (#363) a6bdf40

Other

• Minifying the parser
  • PR (#401) 9df2448
  • PR (#395) 4a91505
  • Shaving some bytes d63f44b
  • Remove optional operator 973d15c

pillarjs/path-to-regexp@v8.2.0...v8.3.0

Commits

• c4f5b3f 8.3.0
• 6587c81 Move parameter name errors up in docs (#402)
• 9df2448 Remove more bytes from parser (#401)
• 012a54a Bump actions/checkout from 4 to 5 (#403)
• 9385f7d Remove engines from package (#399)
• 2a7f2a4 Add custom error class (#398)
• 265a2a7 100% test coverage (#396)
• 4a91505 Reduce bytes in parse function (#395)
• 687a9bb Allow plain objects for TokenData (#391)
• a4a8552 Escape text should escape backslash (#390)
• Additional commits viewable in compare view

Updates raw-body from 3.0.0 to 3.0.1

Release notes

Sourced from raw-body's releases.

v3.0.1

What's Changed

• ci: fix ci errors by @​bjohansebas in stream-utils/raw-body#98
• deps: bump iconv-lite by @​bjohansebas in stream-utils/raw-body#97
• chore: fix engines field by @​bjohansebas in stream-utils/raw-body#99
• release: 3.0.1 by @​bjohansebas in stream-utils/raw-body#100

New Contributors

• @​bjohansebas made their first contribution in stream-utils/raw-body#98

Full Changelog: stream-utils/raw-body@v3.0.0...v3.0.1

Changelog

Sourced from raw-body's changelog.

3.0.1 / 2025-09-03

• deps: iconv-lite@0.7.0
  • Avoid false positives in encodingExists by using objects without a prototype
  • Remove compatibility check for StringDecoder.end method
• Fix the engines field to reflect support for Node >= 0.10

Commits

• a61bd09 release: 3.0.1 (#100)
• 7e74385 chore: fix engines field (#99)
• 5387b35 deps: bump iconv-lite (#97)
• a4460a4 ci: add node >21 (#98)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by bsebas, a new releaser for raw-body since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.