Skip to content

chore(deps)(deps): Bump the patch-and-minor group across 1 directory with 24 updates#26

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/app/patch-and-minor-38b3c6d942
Closed

chore(deps)(deps): Bump the patch-and-minor group across 1 directory with 24 updates#26
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/app/patch-and-minor-38b3c6d942

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown

Bumps the patch-and-minor group with 22 updates in the /app directory:

Package From To
@radix-ui/react-slot 1.2.4 1.3.0
@tanstack/react-query 5.100.14 5.101.0
@trpc/client 11.17.0 11.18.0
@trpc/react-query 11.17.0 11.18.0
axios 1.16.1 1.18.0
date-fns 4.2.1 4.4.0
lucide-react 1.16.0 1.21.0
next 16.2.6 16.2.9
papaparse 5.5.3 5.5.4
pg 8.21.0 8.22.0
react 19.2.6 19.2.7
@types/react 19.2.14 19.2.17
react-dom 19.2.6 19.2.7
sanitize-html 2.17.4 2.17.5
stripe 22.1.1 22.2.2
@tailwindcss/postcss 4.3.0 4.3.1
@types/node 22.19.19 22.20.0
eslint-config-next 16.2.6 16.2.9
eslint-plugin-sonarjs 4.0.3 4.1.0
prettier 3.8.3 3.8.4
ts-jest 29.4.10 29.4.11
typescript-eslint 8.59.4 8.61.1

Updates @radix-ui/react-slot from 1.2.4 to 1.3.0

Changelog

Sourced from @​radix-ui/react-slot's changelog.

1.3.0

Added generic type arguments for SlotProps and createSlot

SlotProps and createSlot now accept generic type arguments to specify the type of element a slot should render, as well as its props.

const Slot = createSlot<HTMLButtonElement, MyCustomButtonProps>("Slot");

1.2.5

  • Fixed infinite re-render loop in React 19 caused by Slot creating a new ref callback on every render
  • Added support for nested Slottable via a render prop, so a slotted element can be wrapped while still merging Slot props and refs onto it
  • Added repository.directory to all package.json files
  • Improved error messages for invalid slot children
  • Updated dependencies: @radix-ui/react-compose-refs@1.1.3
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​radix-ui/react-slot since your current version.


Updates @tanstack/react-query from 5.100.14 to 5.101.0

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.101.0

Patch Changes

@​tanstack/react-query-next-experimental@​5.101.0

Patch Changes

  • #10857 7cf5923 - fix(react-query-next-experimental): replace deprecated 'isServer' with 'environmentManager.isServer()'

  • Updated dependencies []:

    • @​tanstack/react-query@​5.101.0

@​tanstack/react-query-persist-client@​5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-persist-client-core@​5.101.0
    • @​tanstack/react-query@​5.101.0

@​tanstack/react-query@​5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.101.0
Changelog

Sourced from @​tanstack/react-query's changelog.

5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.101.0
Commits

Updates @trpc/client from 11.17.0 to 11.18.0

Release notes

Sourced from @​trpc/client's releases.

v11.18.0

What's Changed

New Contributors

Full Changelog: trpc/trpc@v11.17.0...v11.18.0

Commits

Updates @trpc/react-query from 11.17.0 to 11.18.0

Release notes

Sourced from @​trpc/react-query's releases.

v11.18.0

What's Changed

New Contributors

Full Changelog: trpc/trpc@v11.17.0...v11.18.0

Commits

Updates @trpc/server from 11.17.0 to 11.18.0

Release notes

Sourced from @​trpc/server's releases.

v11.18.0

What's Changed

New Contributors

Full Changelog: trpc/trpc@v11.17.0...v11.18.0

Commits

Updates axios from 1.16.1 to 1.18.0

Release notes

Sourced from axios's releases.

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

  • Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

  • URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

  • Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

  • Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

  • Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

  • Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

  • Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
  • Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

  • HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

  • Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)
  • Proxy TLS: Preserved user httpsAgent TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)
  • React Native FormData: Cleared default Content-Type for React Native FormData so multipart boundaries can be generated correctly. (#10898)

... (truncated)

Changelog

Sourced from axios's changelog.

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

  • Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

  • URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

  • Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

  • Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

  • Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

  • Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

  • Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
  • Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

  • HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

  • Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)
  • Proxy TLS: Preserved user httpsAgent TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)
  • React Native FormData: Cleared default Content-Type for React Native FormData so multipart boundaries can be generated correctly. (#10898)

... (truncated)

Commits
  • 2d06f96 chore(release): prepare release 1.18.0 (#11003)
  • 32fc489 fix: malformed http urls (#11000)
  • b40ce49 chore(deps-dev): bump the development_dependencies group with 10 updates (#10...
  • fe964f9 docs: mark proxy config as Node.js only (#10995)
  • 5f229d2 chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 in the github-actions ...
  • fae9d4e docs: clarify package update PR policy (#10992)
  • 28ab2ce chore(deps-dev): bump the development_dependencies group with 2 updates (#10989)
  • a8e4f13 fix(core): keep default validateStatus when request passes undefined (#10899)
  • 614f455 docs: publish v1.17.0 release notes (#10988)
  • 6bb12c1 fix: custom auth headers not stripped on cross-origin redirects (#10892)
  • Additional commits viewable in compare view

Updates date-fns from 4.2.1 to 4.4.0

Release notes

Sourced from date-fns's releases.

v4.4.0

This release revisits the approach to CDN usage and introduces a new package, @date-fns/cdn and deprecates the date-fns CDN scripts. It allowed reducing the zipped package size from 5.83 MB down to 3.96 MB without introducing any breaking changes.

In v5.0.0-alpha.0 where CDN scripts are completely removed from date-fns the change is more significant and brings the zipped package size down to 2.89 MB.

It is just the first step in optimizing the package size. Expect further size reduction in the future v4 and v5 versions.

Changed

  • DEPRECATED: The date-fns CDN scripts are now deprecated and will be removed in the next major release. Please switch to the new @date-fns/cdn package for CDN usage.

  • Removed CDN source maps to reduce the package size. If you rely on them, please switch to the new @date-fns/cdn package that still includes them.

v4.3.0

Kudos to @​ImRodry and @​puneetdixit200 for their contributions.

Fixed

Commits
  • cd53d25 Promote to v4.4.0
  • d948ec1 Preserve but deprecate CDN versions for v4, set up v5 with polyfills
  • ee65753 Add root mise :format task
  • 9f5bdf5 Add positional argument to test/smoke.sh script
  • 651ead6 Split CDN bundles into separate @​date-fns/cdn package
  • 224c1a2 Deprecate type tests as attw hangs on date-fns package
  • 7bb2842 Switch PACKAGE_OUTPUT_PATH to --dist flag in the package build script
  • b6ad5ac Add flags to control package build script
  • 424a783 Fix docs release after moving to monorepo setup
  • f95bcf1 (docs): Add missing tsx dependency
  • Additional commits viewable in compare view

Updates lucide-react from 1.16.0 to 1.21.0

Release notes

Sourced from lucide-react's releases.

Version 1.21.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.20.0...1.21.0

Version 1.20.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.19.0...1.20.0

Version 1.19.0

What's Changed

... (truncated)

Commits
  • 5ff536e ci(release.yml): Fix workflow and remove version scripts in package scripts...
  • See full diff in compare view

Updates next from 16.2.6 to 16.2.9

Release notes

Sourced from next's releases.

v16.2.9

Empty release to ensure next@latest points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.

v16.2.8

Release with no changes in an attempt to fix next@latest pointing at a prerelease version.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • Backport documentation fixes for v16.2 (#93804)
  • [backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)
  • [backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)
  • [backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)
  • [backport] Encode non-ASCII characters in cache tags at construction (#93918)
  • [backport] Fix server action forwarding loop with middleware rewrites (#93919)
  • [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
  • [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
  • [backport] Fix "type: module" in project dir when using standalone or adapters (#94050)
  • [backport] Propagate adapter preferred regions (#94200)
  • [16.2.x] Don't drop FormData entries (#94240)
  • [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @​eps1lon, @​icyJoseph, @​unstubbable, @​mischnic, @​bgw, @​timneutkens, and @​lukesandberg for helping!

Commits
  • f37fad9 v16.2.9
  • d9aaaed [cd] Allow tagging semver-lower releases as @latest if @latest po… (#94627)
  • 6f16804 v16.2.8
  • 0dbc1d5 [16.2.x][cd] Ensure release can be triggered on old branches (#94598)
  • 90e3c81 [16.2.x] Align Actions dependencies with Canary (#94339)
  • 83f402c [16.2.x][cd] Stop fetching all tags when searching parent tag (#94334)
  • 411c455 v16.2.7
  • c63224f [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...
  • 63115c7 [16.2.x] Don't drop FormData entries (#94240)
  • aef22fd [backport] Propagate adapter preferred regions (#94200)
  • Additional commits viewable in compare view

Updates papaparse from 5.5.3 to 5.5.4

Changelog

Sourced from papaparse's changelog.

Changelog

Commits

Updates pg from 8.21.0 to 8.22.0

Changelog

Sourced from pg's changelog.

pg@8.22.0

Commits

Updates react from 19.2.6 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.


Updates @types/react from 19.2.14 to 19.2.17

Commits

Updates react-dom from 19.2.6 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.


Updates sanitize-html from 2.17.4 to 2.17.5

Changelog

Sourced from sanitize-html's changelog.

2.17.5 (2026-06-10)

Security

  • Added a number of new attributes to be protected against unsafe URLs, e.g. javascript: and similar. None of these are used in the default configuration of sanitize-html or apostrophe or likely to be used there, and some attributes, like an action for a form, are inherently unsafe to allow if XSS protection is your goal. Nevertheless it makes sense to block certain URL types where they are not appropriate. Some attributes are not supported at all by modern browsers but are included for completeness. Thanks to crattack for reporting the vulnerability.
  • Address a potential vulnerability when nonTextTags is configured in a nonstandard way. While it is never a good idea to remove known non-text tags from the standard list e.g. script, styles, etc., this change ensures that doing so does not result in nested tags being passed through without sanitization when they are not expressly allowed. (ApostropheCMS would never trigger this situation.) Thanks to Dipanshu singh for pointing out the issue and contributing the fix.
Commits

Updates stripe from 22.1.1 to 22.2.2

Release notes

Sourced from stripe's releases.

v22.2.2

  • #2725 Fixes CJS type exports for stripe package (reported in #2683)
  • #2758 Fix Stripe.ErrorType.StripeError incorrectly being usable as a runtime class (reported in #2661)
  • #2753 handle shadowed namespaces (reported in #2691)

See the changelog for more details.

v22.2.1

  • #2750 URI Encode path params
  • #2747 Fix V2ListIterator: concurrency guard and empty page handling
  • #2740 Add "source" field to user-agent header
  • #2734 Fix parseHttpHeaderAsNumber to return undefined instead of NaN

See the changelog for more details.

v22.2.0

This release changes the pinned API version to 2026-05-27.dahlia.

  • #2710 Update generated code
    • Add support for new resource V2.Commerce.ProductCatalogImport
    • Add support for create and retrieve methods on resource V2.Commerce.ProductCatalogImport
    • Add support for bizum_payments and scalapay_payments on Account.capabilities, AccountCreateParams.capabilities, and AccountUpdateParams.capabilities
    • Add support for automatic_transfer_rules_by_currency on BalanceSettingUpdateParams.payments.payouts and BalanceSettings.payments.payouts
    • Add support for start_of_day on BalanceSettingUpdateParams.payments.settlement_timing and BalanceSettings.payments.settlement_timing
    • Add support for description on ChargeCreateParams.transfer_data, PaymentIntent.transfer_data, PaymentIntentCreateParams.transfer_data, and PaymentIntentUpdateParams.transfer_data
    • Add support for bizum on Charge.payment_method_details, ConfirmationToken.payment_method_preview, ConfirmationTokenCreateParams.testHelpers.payment_method_data, PaymentAttemptRecord.payment_method_details, PaymentIntent.payment_method_options, PaymentIntentConfirmParams.payment_method_data, PaymentIntentConfirmParams.payment_method_options, PaymentIntentCreateParams.payment_method_data, PaymentIntentCreateParams.payment_method_options, PaymentIntentUpdateParams.payment_method_data, PaymentIntentUpdateParams.payment_method_options, PaymentMethodConfigurationCreateParams, PaymentMethodConfigurationUpdateParams, PaymentMethodConfiguration, PaymentMethodCreateParams, PaymentMethod, PaymentRecord.payment_method_details, SetupIntent.payment_method_options, SetupIntentConfirmParams.payment_method_data, SetupIntentConfirmParams.payment_method_options, SetupIntentCreateParams.payment_method_data, SetupIntentCreateParams.payment_method_options, SetupIntentUpdateParams.payment_method_data, and SetupIntentUpdateParams.payment_method_options
    • Add support for scalapay on Charge.payment_method_details, Checkout.Session.payment_method_options, Checkout.SessionCreateParams.payment_method_options, ConfirmationToken.payment_method_preview, ConfirmationTokenCreateParams.testHelpers.payment_method_data, PaymentAttemptRecord.payment_method_details, PaymentIntent.payment_method_options, PaymentIntentConfirmParams.payment_method_data, PaymentIntentConfirmParams.payment_method_options, PaymentIntentCreateParams.payment_method_data, PaymentIntentCreateParams.payment_method_options, PaymentIntentUpdateParams.payment_method_data, PaymentIntentUpdateParams.payment_method_options, PaymentMethodConfigurationCreateParams, PaymentMethodConfigurationUpdateParams, PaymentMethodConfiguration, PaymentMethodCreateParams, PaymentMethod, PaymentRecord.payment_method_details, Refund.destination_details, SetupIntentConfirmParams.payment_method_data, SetupIntentCreateParams.payment_method_data, and SetupIntentUpdateParams.payment_method_data
    • Add support for mandate on Charge.payment_method_details.twint, PaymentAttemptRecord.payment_method_details.twint, and PaymentRecord.payment_method_details.twint
    • Add support for new values bizum and scalapay on enums Checkout.SessionCreateParams.excluded_payment_method_types, PaymentIntentConfirmParams.excluded_payment_method_types, PaymentIntentCreateParams.excluded_payment_method_types, PaymentIntentUpdateParams.excluded_payment_method_types, SetupIntentCreateParams.excluded_payment_method_types, and SetupIntentUpdateParams.excluded_payment_method_types
    • Change type of Checkout.SessionCreateParams.payment_method_options.twint.setup_future_usage, PaymentIntentConfirmParams.payment_method_options.twint.setup_future_usage, PaymentIntentCreateParams.payment_method_options.twint.setup_future_usage, and PaymentIntentUpdateParams.payment_method_options.twint.setup_future_usage from literal('none') to enum('none'|'off_session')
    • Add support for new values bizum and scalapay on enum Checkout.SessionCreateParams.payment_method_types
    • ⚠️ Change type of Checkout.Session.payment_method_options.twint.setup_future_usage and PaymentIntent.payment_method_options.twint.setup_future_usage from literal('none') to enum('none'|'off_session')
    • Add support for new values bizum and scalapay on enums ConfirmationTokenCreateParams.testHelpers.payment_method_data.type, PaymentIntentConfirmParams.payment_method_data.type, PaymentIntentCreateParams.payment_method_data.type, PaymentIntentUpdateParams.payment_method_data.type, SetupIntentConfirmParams.payment_method_data.type, SetupIntentCreateParams.payment_method_data.type, and SetupIntentUpdateParams.payment_method_data.type
    • ⚠️ Add support for new values bizum and Description has been truncated

…with 24 updates

Bumps the patch-and-minor group with 22 updates in the /app directory:

| Package | From | To |
| --- | --- | --- |
| [@radix-ui/react-slot](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/slot) | `1.2.4` | `1.3.0` |
| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.100.14` | `5.101.0` |
| [@trpc/client](https://github.com/trpc/trpc/tree/HEAD/packages/client) | `11.17.0` | `11.18.0` |
| [@trpc/react-query](https://github.com/trpc/trpc/tree/HEAD/packages/react) | `11.17.0` | `11.18.0` |
| [axios](https://github.com/axios/axios) | `1.16.1` | `1.18.0` |
| [date-fns](https://github.com/date-fns/date-fns) | `4.2.1` | `4.4.0` |
| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.16.0` | `1.21.0` |
| [next](https://github.com/vercel/next.js) | `16.2.6` | `16.2.9` |
| [papaparse](https://github.com/mholt/PapaParse) | `5.5.3` | `5.5.4` |
| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.21.0` | `8.22.0` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |
| [sanitize-html](https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html) | `2.17.4` | `2.17.5` |
| [stripe](https://github.com/stripe/stripe-node) | `22.1.1` | `22.2.2` |
| [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.3.0` | `4.3.1` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.19.19` | `22.20.0` |
| [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.2.6` | `16.2.9` |
| [eslint-plugin-sonarjs](https://github.com/SonarSource/SonarJS) | `4.0.3` | `4.1.0` |
| [prettier](https://github.com/prettier/prettier) | `3.8.3` | `3.8.4` |
| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.4.10` | `29.4.11` |
| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.59.4` | `8.61.1` |



Updates `@radix-ui/react-slot` from 1.2.4 to 1.3.0
- [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/slot/CHANGELOG.md)
- [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/slot)

Updates `@tanstack/react-query` from 5.100.14 to 5.101.0
- [Release notes](https://github.com/TanStack/query/releases)
- [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md)
- [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query@5.101.0/packages/react-query)

Updates `@trpc/client` from 11.17.0 to 11.18.0
- [Release notes](https://github.com/trpc/trpc/releases)
- [Commits](https://github.com/trpc/trpc/commits/v11.18.0/packages/client)

Updates `@trpc/react-query` from 11.17.0 to 11.18.0
- [Release notes](https://github.com/trpc/trpc/releases)
- [Commits](https://github.com/trpc/trpc/commits/v11.18.0/packages/react)

Updates `@trpc/server` from 11.17.0 to 11.18.0
- [Release notes](https://github.com/trpc/trpc/releases)
- [Commits](https://github.com/trpc/trpc/commits/v11.18.0/packages/server)

Updates `axios` from 1.16.1 to 1.18.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.16.1...v1.18.0)

Updates `date-fns` from 4.2.1 to 4.4.0
- [Release notes](https://github.com/date-fns/date-fns/releases)
- [Commits](date-fns/date-fns@v4.2.1...v4.4.0)

Updates `lucide-react` from 1.16.0 to 1.21.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/1.21.0/packages/lucide-react)

Updates `next` from 16.2.6 to 16.2.9
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v16.2.6...v16.2.9)

Updates `papaparse` from 5.5.3 to 5.5.4
- [Release notes](https://github.com/mholt/PapaParse/releases)
- [Changelog](https://github.com/mholt/PapaParse/blob/master/CHANGELOG.md)
- [Commits](mholt/PapaParse@5.5.3...5.5.4)

Updates `pg` from 8.21.0 to 8.22.0
- [Changelog](https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md)
- [Commits](https://github.com/brianc/node-postgres/commits/pg@8.22.0/packages/pg)

Updates `react` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react)

Updates `@types/react` from 19.2.14 to 19.2.17
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `react-dom` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

Updates `sanitize-html` from 2.17.4 to 2.17.5
- [Changelog](https://github.com/apostrophecms/apostrophe/blob/main/packages/sanitize-html/CHANGELOG.md)
- [Commits](https://github.com/apostrophecms/apostrophe/commits/sanitize-html@2.17.5/packages/sanitize-html)

Updates `stripe` from 22.1.1 to 22.2.2
- [Release notes](https://github.com/stripe/stripe-node/releases)
- [Changelog](https://github.com/stripe/stripe-node/blob/master/CHANGELOG.md)
- [Commits](stripe/stripe-node@v22.1.1...v22.2.2)

Updates `@tailwindcss/postcss` from 4.3.0 to 4.3.1
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/@tailwindcss-postcss)

Updates `@types/node` from 22.19.19 to 22.20.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@types/react` from 19.2.14 to 19.2.17
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `eslint-config-next` from 16.2.6 to 16.2.9
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/commits/v16.2.9/packages/eslint-config-next)

Updates `eslint-plugin-sonarjs` from 4.0.3 to 4.1.0
- [Release notes](https://github.com/SonarSource/SonarJS/releases)
- [Commits](https://github.com/SonarSource/SonarJS/commits)

Updates `prettier` from 3.8.3 to 3.8.4
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.8.3...3.8.4)

Updates `tailwindcss` from 4.3.0 to 4.3.1
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/tailwindcss)

Updates `ts-jest` from 29.4.10 to 29.4.11
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](kulshekhar/ts-jest@v29.4.10...v29.4.11)

Updates `typescript-eslint` from 8.59.4 to 8.61.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.1/packages/typescript-eslint)

---
updated-dependencies:
- dependency-name: "@radix-ui/react-slot"
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: "@tanstack/react-query"
  dependency-version: 5.101.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: "@trpc/client"
  dependency-version: 11.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: "@trpc/react-query"
  dependency-version: 11.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: "@trpc/server"
  dependency-version: 11.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: axios
  dependency-version: 1.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: date-fns
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: lucide-react
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: next
  dependency-version: 16.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: papaparse
  dependency-version: 5.5.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: pg
  dependency-version: 8.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: react
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: "@types/react"
  dependency-version: 19.2.17
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: sanitize-html
  dependency-version: 2.17.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: stripe
  dependency-version: 22.2.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: "@tailwindcss/postcss"
  dependency-version: 4.3.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: "@types/node"
  dependency-version: 22.20.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: "@types/react"
  dependency-version: 19.2.17
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: eslint-config-next
  dependency-version: 16.2.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: eslint-plugin-sonarjs
  dependency-version: 4.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: prettier
  dependency-version: 3.8.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: tailwindcss
  dependency-version: 4.3.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: ts-jest
  dependency-version: 29.4.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: typescript-eslint
  dependency-version: 8.61.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot requested a review from goetchstone as a code owner June 22, 2026 13:25
@dependabot @github

dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Author

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot @github

dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 29, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/app/patch-and-minor-38b3c6d942 branch June 29, 2026 13:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants