Bump @pinecone-database/pinecone from 6.1.4 to 7.1.0#62
Bump @pinecone-database/pinecone from 6.1.4 to 7.1.0#62dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
dependabot
bot
added
dependencies
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| "dependencies": { | ||
| "@modelcontextprotocol/sdk": "^1.25.3", | ||
| "@pinecone-database/pinecone": "^6.1.4", | ||
| "@pinecone-database/pinecone": "^7.1.0", |
There was a problem hiding this comment.
Node version support now mismatches dependency
Medium Severity
Upgrading to @pinecone-database/pinecone@^7.1.0 pulls a package that declares node >=20, while this project still advertises engines.node as >=18. On Node 18/19, installs can fail under strict engine checks or runtime behavior can break despite the package claiming support.
Additional Locations (1)
Triggered by project rule: Code Review Guidance
|
@dependabot rebase |
Bumps [@pinecone-database/pinecone](https://github.com/pinecone-io/pinecone-ts-client) from 6.1.4 to 7.1.0. - [Release notes](https://github.com/pinecone-io/pinecone-ts-client/releases) - [Commits](pinecone-io/pinecone-ts-client@v6.1.4...v7.1.0) --- updated-dependencies: - dependency-name: "@pinecone-database/pinecone" dependency-version: 7.1.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/pinecone-database/pinecone-7.1.0
branch
from
ebd31ad to
b14fa2f
Compare
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| "dependencies": { | ||
| "@modelcontextprotocol/sdk": "^1.25.3", | ||
| "@pinecone-database/pinecone": "^6.1.4", | ||
| "@pinecone-database/pinecone": "^7.1.0", |
There was a problem hiding this comment.
Major version bump breaks all pc.index() calls
High Severity
Bumping @pinecone-database/pinecone from v6 to v7 introduces a breaking change: pc.index() no longer accepts a string argument and now requires an object like { name: 'my-index' }. The codebase calls pc.index(name) with a string in four files (upsert-records.ts, search-records.ts, describe-index-stats.ts, cascading-search.ts), which will fail at runtime since no source code was updated alongside this version bump.
Additional Locations (1)
Triggered by project rule: Code Review Guidance
| "dependencies": { | ||
| "@modelcontextprotocol/sdk": "^1.25.3", | ||
| "@pinecone-database/pinecone": "^6.1.4", | ||
| "@pinecone-database/pinecone": "^7.1.0", |
There was a problem hiding this comment.
Major version bump breaks inference.rerank() call signature
High Severity
The v7 SDK changed inference.rerank() from positional arguments to a single RerankOptions object. The codebase calls pc.inference.rerank(model, query, documents, options) with positional args in rerank-documents.ts and cascading-search.ts, which will fail at runtime since v7 expects rerank({ model, query, documents, topN, rankFields, ... }).
Additional Locations (1)
Triggered by project rule: Code Review Guidance
1 participant
Bumps @pinecone-database/pinecone from 6.1.4 to 7.1.0.
Release notes
Sourced from
@pinecone-database/pinecone's releases.... (truncated)
Commits
0f2e3c6[skip ci] Publish release v7.1.055fb10bImplementscan_factorandmax_candidates(#379)1c6dd61ImplementreadCapacityconfiguration support for BYOC indexes (#378)576fe90pass git token with the create draft release with notes job (#377)193d1b3[skip ci] Publish release v7.0.04f3cbb2Small tweak to top-level README (#376)4e4d3a8RefactorREADME.mdfor2025-10, fixbuild-and-publish-docsworkflow (#375)ead0109[2025-10][Assistant] Exposeevaluate, add multimodal support in `uploadFile...536ea7eUnify operations around object shaped arguments, allow operation-level namesp...a2b3d16Update tonode v20.x/typescript v5.6.3(#372)Install script changes
This version adds
preparescript that runs during installation. Review the package contents before updating.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Note
Medium Risk
Major-version SDK upgrade that may include breaking API changes, and the updated
@pinecone-database/pineconepackage now requires Node >=20 which could break installs/runs on Node 18/19 despite this repo still declaringnode >=18.Overview
Updates the Pinecone Node SDK dependency from
@pinecone-database/pinecone@6.1.4to7.1.0inpackage.jsonand refreshespackage-lock.jsonaccordingly.Notably, the locked
@pinecone-database/pineconepackage now declares an engine requirement of Node >=20, which may require aligning this repo's supported Node versions or CI/runtime environments.Written by Cursor Bugbot for commit b14fa2f. This will update automatically on new commits. Configure here.