Skip to content

chore(deps)(deps): Bump the patch-and-minor group across 1 directory with 26 updates#27

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/app/patch-and-minor-df76347ede
Open

chore(deps)(deps): Bump the patch-and-minor group across 1 directory with 26 updates#27
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/app/patch-and-minor-df76347ede

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown

Bumps the patch-and-minor group with 24 updates in the /app directory:

Package From To
@radix-ui/react-slot 1.2.4 1.3.0
@rgrove/parse-xml 4.2.0 4.2.1
@tanstack/react-query 5.100.14 5.101.2
@trpc/client 11.17.0 11.18.0
@trpc/react-query 11.17.0 11.18.0
axios 1.16.1 1.18.1
date-fns 4.2.1 4.4.0
lucide-react 1.16.0 1.22.0
next 16.2.6 16.2.9
papaparse 5.5.3 5.5.4
pg 8.21.0 8.22.0
react 19.2.6 19.2.7
@types/react 19.2.14 19.2.17
react-dom 19.2.6 19.2.7
sanitize-html 2.17.4 2.17.5
stripe 22.1.1 22.3.0
@tailwindcss/postcss 4.3.0 4.3.1
@types/node 22.19.19 22.20.0
autoprefixer 10.5.0 10.5.2
eslint-config-next 16.2.6 16.2.9
eslint-plugin-sonarjs 4.0.3 4.1.0
prettier 3.8.3 3.9.3
ts-jest 29.4.10 29.4.11
typescript-eslint 8.59.4 8.62.0

Updates @radix-ui/react-slot from 1.2.4 to 1.3.0

Changelog

Sourced from @​radix-ui/react-slot's changelog.

1.3.0

Added generic type arguments for SlotProps and createSlot

SlotProps and createSlot now accept generic type arguments to specify the type of element a slot should render, as well as its props.

const Slot = createSlot<HTMLButtonElement, MyCustomButtonProps>("Slot");

1.2.5

  • Fixed infinite re-render loop in React 19 caused by Slot creating a new ref callback on every render
  • Added support for nested Slottable via a render prop, so a slotted element can be wrapped while still merging Slot props and refs onto it
  • Added repository.directory to all package.json files
  • Improved error messages for invalid slot children
  • Updated dependencies: @radix-ui/react-compose-refs@1.1.3
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​radix-ui/react-slot since your current version.


Updates @rgrove/parse-xml from 4.2.0 to 4.2.1

Release notes

Sourced from @​rgrove/parse-xml's releases.

v4.2.1

Fixed

  • A character reference for a carriage return (&#xD; / &[#13](https://github.com/rgrove/parse-xml/issues/13);) in element text content is now correctly preserved as a literal \r rather than being normalized to \n. #41 (@​spokodev)

New Contributors

Full Changelog: rgrove/parse-xml@v4.2.0...v4.2.1

Changelog

Sourced from @​rgrove/parse-xml's changelog.

4.2.1 (2026-06-27)

Fixed

  • A character reference for a carriage return (&#xD; / &[#13](https://github.com/rgrove/parse-xml/issues/13);) in element text content is now correctly preserved as a literal \r rather than being normalized to \n. #41 (@​spokodev)
Commits

Updates @tanstack/react-query from 5.100.14 to 5.101.2

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.101.2

Patch Changes

@​tanstack/react-query-next-experimental@​5.101.2

Patch Changes

  • Updated dependencies []:
    • @​tanstack/react-query@​5.101.2

@​tanstack/react-query-persist-client@​5.101.2

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-persist-client-core@​5.101.2
    • @​tanstack/react-query@​5.101.2

@​tanstack/react-query@​5.101.2

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.101.2

@​tanstack/react-query-devtools@​5.101.1

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-devtools@​5.101.1
    • @​tanstack/react-query@​5.101.1

@​tanstack/react-query-next-experimental@​5.101.1

Patch Changes

  • Updated dependencies []:
    • @​tanstack/react-query@​5.101.1

@​tanstack/react-query-persist-client@​5.101.1

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-persist-client-core@​5.101.1
    • @​tanstack/react-query@​5.101.1

@​tanstack/react-query@​5.101.1

Patch Changes

... (truncated)

Changelog

Sourced from @​tanstack/react-query's changelog.

5.101.2

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.101.2

5.101.1

Patch Changes

  • Updated dependencies [9eff92e]:
    • @​tanstack/query-core@​5.101.1

5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.101.0
Commits
  • 610e8d1 ci: Version Packages (#10996)
  • 1f84256 docs: document the select typing caveat for parallel-queries hooks (#10984)
  • b809297 ci: Version Packages (#10977)
  • ccc843e test({react,preact}-query/useQueries): move type-only tests to 'useQueries.te...
  • 4154613 test({react,preact}-query/useMutation): split 'should handle conditional logi...
  • 8bb5fde test({react,preact}-query/useMutation): split 'should pass meta to mutation' ...
  • 87426a3 test(react-query): replace deprecated 'toBeCalledTimes' with 'toHaveBeenCalle...
  • feb1efd test(*): move 'vi.useRealTimers' to the end of 'afterEach' so cleanup runs un...
  • f3d8d2a ci: Version Packages (#10774)
  • 532bb29 fix(tests): disable local coverage instrumentation (#10776)
  • See full diff in compare view

Updates @trpc/client from 11.17.0 to 11.18.0

Release notes

Sourced from @​trpc/client's releases.

v11.18.0

What's Changed

New Contributors

Full Changelog: trpc/trpc@v11.17.0...v11.18.0

Commits

Updates @trpc/react-query from 11.17.0 to 11.18.0

Release notes

Sourced from @​trpc/react-query's releases.

v11.18.0

What's Changed

New Contributors

Full Changelog: trpc/trpc@v11.17.0...v11.18.0

Commits

Updates @trpc/server from 11.17.0 to 11.18.0

Release notes

Sourced from @​trpc/server's releases.

v11.18.0

What's Changed

New Contributors

Full Changelog: trpc/trpc@v11.17.0...v11.18.0

Commits

Updates axios from 1.16.1 to 1.18.1

Release notes

Sourced from axios's releases.

v1.18.1 — June 21, 2026

This release focuses on Node HTTP adapter fixes, safer AxiosError serialisation, runtime/type correctness fixes, documentation updates, and dependency maintenance.

🐛 Bug Fixes

  • AxiosError Serialisation: Made AxiosError#cause non-enumerable to prevent circular JSON serialisation failures when errors include nested causes. (#10913)
  • Node HTTP Adapter: Guarded socket.setKeepAlive for proxy agent streams, accepted path-only URLs when socketPath is configured, deferred environment proxy handling to Node, and explicitly passed maxBodyLength through to follow-redirects. (#10917, #10930, #10942, #10993)
  • Runtime and Type Correctness: Fixed several runtime crashes, type definition mismatches, and incorrect error handling paths. (#10959, #11021)
  • AxiosURLSearchParams: Switched the encoder callback to an arrow function so encoder.call(this) receives the AxiosURLSearchParams instance correctly. (#11019)

🔧 Maintenance & Chores

  • Documentation: Documented sensitive headers and status transition behaviour, prepared cleaned-up docs, added Deno install instructions, and clarified that request data is request-specific (#11007, #11010, #11023, #11025)

  • Dependencies: Bumped vite, rollup, form-data, js-yaml, and multer across the root project, docs, smoke tests, and module test workspaces. (#11011, #11012, #11013, #11014, #11015, #11016, #11017, #11026)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

  • Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

  • URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

  • Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

  • Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

  • Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

  • Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

  • Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

  • URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

  • Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

  • Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

  • Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

  • Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

  • Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
  • Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

  • HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

  • Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)

... (truncated)

Commits
  • a209bfb chore(release): prepare release 1.18.1 (#11027)
  • fa6a55e chore(deps-dev): bump multer from 2.1.1 to 2.2.0 (#11026)
  • 40e7be8 docs: clarifies that request data is request-specific in axios (#11025)
  • a446b39 fix(AxiosURLSearchParams): use arrow function so encoder.call(this) receives ...
  • cf1306a docs: add Deno to install instructions (#11023)
  • b32880a fix: incorrect use of error (#11021)
  • 1792eda fix: ensure maxBodyLength is explicitly passed to follow-redirects (#10993)
  • 30499d6 fix: various runtime crashes and type definition mismatches (#10959)
  • 20ce9c4 fix(http): defer env proxy handling to Node (#10942)
  • e64bcf9 chore(deps): merge branch 'v1.x' into tests/module/cjs (#11014)
  • Additional commits viewable in compare view

Updates date-fns from 4.2.1 to 4.4.0

Release notes

Sourced from date-fns's releases.

v4.4.0

This release revisits the approach to CDN usage and introduces a new package, @date-fns/cdn and deprecates the date-fns CDN scripts. It allowed reducing the zipped package size from 5.83 MB down to 3.96 MB without introducing any breaking changes.

In v5.0.0-alpha.0 where CDN scripts are completely removed from date-fns the change is more significant and brings the zipped package size down to 2.89 MB.

It is just the first step in optimizing the package size. Expect further size reduction in the future v4 and v5 versions.

Changed

  • DEPRECATED: The date-fns CDN scripts are now deprecated and will be removed in the next major release. Please switch to the new @date-fns/cdn package for CDN usage.

  • Removed CDN source maps to reduce the package size. If you rely on them, please switch to the new @date-fns/cdn package that still includes them.

v4.3.0

Kudos to @​ImRodry and @​puneetdixit200 for their contributions.

Fixed

Commits
  • cd53d25 Promote to v4.4.0
  • d948ec1 Preserve but deprecate CDN versions for v4, set up v5 with polyfills
  • ee65753 Add root mise :format task
  • 9f5bdf5 Add positional argument to test/smoke.sh script
  • 651ead6 Split CDN bundles into separate @​date-fns/cdn package
  • 224c1a2 Deprecate type tests as attw hangs on date-fns package
  • 7bb2842 Switch PACKAGE_OUTPUT_PATH to --dist flag in the package build script
  • b6ad5ac Add flags to control package build script
  • 424a783 Fix docs release after moving to monorepo setup
  • f95bcf1 (docs): Add missing tsx dependency
  • Additional commits viewable in compare view

Updates lucide-react from 1.16.0 to 1.22.0

Release notes

Sourced from lucide-react's releases.

Version 1.22.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.21.0...1.22.0

Version 1.21.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.20.0...1.21.0

Version 1.20.0

What's Changed

... (truncated)

Commits
  • 5ff536e ci(release.yml): Fix workflow and remove version scripts in package scripts...
  • See full diff in compare view

Updates next from 16.2.6 to 16.2.9

Release notes

Sourced from next's releases.

v16.2.9

Empty release to ensure next@latest points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.

v16.2.8

Release with no changes in an attempt to fix next@latest pointing at a prerelease version.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • Backport documentation fixes for v16.2 (#93804)
  • [backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)
  • [backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)
  • [backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)
  • [backport] Encode non-ASCII characters in cache tags at construction (#93918)
  • [backport] Fix server action forwarding loop with middleware rewrites (#93919)
  • [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
  • [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
  • [backport] Fix "type: module" in project dir when using standalone or adapters (#94050)
  • [backport] Propagate adapter preferred regions (#94200)
  • [16.2.x] Don't drop FormData entries (#94240)
  • [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @​eps1lon, @​icyJoseph, @​unstubbable, @​mischnic, @​bgw, @​timneutkens, and @​lukesandberg for helping!

Commits
  • f37fad9 v16.2.9
  • d9aaaed [cd] Allow tagging semver-lower releases as @latest if @latest po… (#94627)
  • 6f16804 v16.2.8
  • 0dbc1d5 [16.2.x][cd] Ensure release can be triggered on old branches (#94598)
  • 90e3c81 [16.2.x] Align Actions dependencies with Canary (#94339)
  • 83f402c [16.2.x][cd] Stop fetching all tags when searching parent tag (#94334)
  • 411c455 v16.2.7
  • c63224f [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...
  • 63115c7 [16.2.x] Don't drop FormData entries (#94240)
  • aef22fd [backport] Propagate adapter preferred regions (#94200)
  • Additional commits viewable in compare view

Updates papaparse from 5.5.3 to 5.5.4

Changelog

Sourced from papaparse's changelog.

Changelog

Commits

Updates pg from 8.21.0 to 8.22.0

Changelog

Sourced from pg's changelog.

pg@8.22.0

Commits

Updates react from 19.2.6 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.


Updates @types/react from 19.2.14 to 19.2.17

Commits

Updates react-dom from 19.2.6 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.


Updates sanitize-html from 2.17.4 to 2.17.5

Changelog

Sourced from sanitize-html's changelog.

2.17.5 (2026-06-10)

Security

  • Added a number of new attributes to be protected against unsafe URLs, e.g. javascript: and similar. None of these are used in the default configuration of sanitize-html or apostrophe or likely to be used there, and some attributes, like an action for a form, are inherently unsafe to allow if XSS protection is your goal. Nevertheless it makes sense to block certain URL types where they are not appropriate. Some attributes are not supported at all by modern browsers but are included for completeness. Thanks to crattack for reporting the vulnerability.
  • Address a potential vulnerability when nonTextTags is configured in a nonstandard way. While it is never a good idea to remove known non-text tags from the standard list e.g. script, styles, etc., this change ensures that doing so does not result in nested tags being passed through without sanitization when they are not expressly allowed. (ApostropheCMS would never trigger this situation.) Thanks to Dipanshu singh for pointing out the issue and contributing the fix.
Commits

Updates stripe from 22.1.1 to 22.3.0

Release notes

Sourced from stripe's releases.

v22.3.0<...

Description has been truncated

…with 26 updates

Bumps the patch-and-minor group with 24 updates in the /app directory:

| Package | From | To |
| --- | --- | --- |
| [@radix-ui/react-slot](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/slot) | `1.2.4` | `1.3.0` |
| [@rgrove/parse-xml](https://github.com/rgrove/parse-xml) | `4.2.0` | `4.2.1` |
| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.100.14` | `5.101.2` |
| [@trpc/client](https://github.com/trpc/trpc/tree/HEAD/packages/client) | `11.17.0` | `11.18.0` |
| [@trpc/react-query](https://github.com/trpc/trpc/tree/HEAD/packages/react) | `11.17.0` | `11.18.0` |
| [axios](https://github.com/axios/axios) | `1.16.1` | `1.18.1` |
| [date-fns](https://github.com/date-fns/date-fns) | `4.2.1` | `4.4.0` |
| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.16.0` | `1.22.0` |
| [next](https://github.com/vercel/next.js) | `16.2.6` | `16.2.9` |
| [papaparse](https://github.com/mholt/PapaParse) | `5.5.3` | `5.5.4` |
| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.21.0` | `8.22.0` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |
| [sanitize-html](https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html) | `2.17.4` | `2.17.5` |
| [stripe](https://github.com/stripe/stripe-node) | `22.1.1` | `22.3.0` |
| [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.3.0` | `4.3.1` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.19.19` | `22.20.0` |
| [autoprefixer](https://github.com/postcss/autoprefixer) | `10.5.0` | `10.5.2` |
| [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.2.6` | `16.2.9` |
| [eslint-plugin-sonarjs](https://github.com/SonarSource/SonarJS) | `4.0.3` | `4.1.0` |
| [prettier](https://github.com/prettier/prettier) | `3.8.3` | `3.9.3` |
| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.4.10` | `29.4.11` |
| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.59.4` | `8.62.0` |



Updates `@radix-ui/react-slot` from 1.2.4 to 1.3.0
- [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/slot/CHANGELOG.md)
- [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/slot)

Updates `@rgrove/parse-xml` from 4.2.0 to 4.2.1
- [Release notes](https://github.com/rgrove/parse-xml/releases)
- [Changelog](https://github.com/rgrove/parse-xml/blob/main/CHANGELOG.md)
- [Commits](rgrove/parse-xml@v4.2.0...v4.2.1)

Updates `@tanstack/react-query` from 5.100.14 to 5.101.2
- [Release notes](https://github.com/TanStack/query/releases)
- [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md)
- [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query@5.101.2/packages/react-query)

Updates `@trpc/client` from 11.17.0 to 11.18.0
- [Release notes](https://github.com/trpc/trpc/releases)
- [Commits](https://github.com/trpc/trpc/commits/v11.18.0/packages/client)

Updates `@trpc/react-query` from 11.17.0 to 11.18.0
- [Release notes](https://github.com/trpc/trpc/releases)
- [Commits](https://github.com/trpc/trpc/commits/v11.18.0/packages/react)

Updates `@trpc/server` from 11.17.0 to 11.18.0
- [Release notes](https://github.com/trpc/trpc/releases)
- [Commits](https://github.com/trpc/trpc/commits/v11.18.0/packages/server)

Updates `axios` from 1.16.1 to 1.18.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.16.1...v1.18.1)

Updates `date-fns` from 4.2.1 to 4.4.0
- [Release notes](https://github.com/date-fns/date-fns/releases)
- [Commits](date-fns/date-fns@v4.2.1...v4.4.0)

Updates `lucide-react` from 1.16.0 to 1.22.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/1.22.0/packages/lucide-react)

Updates `next` from 16.2.6 to 16.2.9
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v16.2.6...v16.2.9)

Updates `papaparse` from 5.5.3 to 5.5.4
- [Release notes](https://github.com/mholt/PapaParse/releases)
- [Changelog](https://github.com/mholt/PapaParse/blob/master/CHANGELOG.md)
- [Commits](mholt/PapaParse@5.5.3...5.5.4)

Updates `pg` from 8.21.0 to 8.22.0
- [Changelog](https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md)
- [Commits](https://github.com/brianc/node-postgres/commits/pg@8.22.0/packages/pg)

Updates `react` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react)

Updates `@types/react` from 19.2.14 to 19.2.17
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `react-dom` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

Updates `sanitize-html` from 2.17.4 to 2.17.5
- [Changelog](https://github.com/apostrophecms/apostrophe/blob/main/packages/sanitize-html/CHANGELOG.md)
- [Commits](https://github.com/apostrophecms/apostrophe/commits/sanitize-html@2.17.5/packages/sanitize-html)

Updates `stripe` from 22.1.1 to 22.3.0
- [Release notes](https://github.com/stripe/stripe-node/releases)
- [Changelog](https://github.com/stripe/stripe-node/blob/master/CHANGELOG.md)
- [Commits](stripe/stripe-node@v22.1.1...v22.3.0)

Updates `@tailwindcss/postcss` from 4.3.0 to 4.3.1
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/@tailwindcss-postcss)

Updates `@types/node` from 22.19.19 to 22.20.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@types/react` from 19.2.14 to 19.2.17
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `autoprefixer` from 10.5.0 to 10.5.2
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](postcss/autoprefixer@10.5.0...10.5.2)

Updates `eslint-config-next` from 16.2.6 to 16.2.9
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/commits/v16.2.9/packages/eslint-config-next)

Updates `eslint-plugin-sonarjs` from 4.0.3 to 4.1.0
- [Release notes](https://github.com/SonarSource/SonarJS/releases)
- [Commits](https://github.com/SonarSource/SonarJS/commits)

Updates `prettier` from 3.8.3 to 3.9.3
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.8.3...3.9.3)

Updates `tailwindcss` from 4.3.0 to 4.3.1
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/tailwindcss)

Updates `ts-jest` from 29.4.10 to 29.4.11
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](kulshekhar/ts-jest@v29.4.10...v29.4.11)

Updates `typescript-eslint` from 8.59.4 to 8.62.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.0/packages/typescript-eslint)

---
updated-dependencies:
- dependency-name: "@radix-ui/react-slot"
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: "@rgrove/parse-xml"
  dependency-version: 4.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: "@tanstack/react-query"
  dependency-version: 5.101.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: "@trpc/client"
  dependency-version: 11.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: "@trpc/react-query"
  dependency-version: 11.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: "@trpc/server"
  dependency-version: 11.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: axios
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: date-fns
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: lucide-react
  dependency-version: 1.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: next
  dependency-version: 16.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: papaparse
  dependency-version: 5.5.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: pg
  dependency-version: 8.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: react
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: "@types/react"
  dependency-version: 19.2.17
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: sanitize-html
  dependency-version: 2.17.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: stripe
  dependency-version: 22.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: "@tailwindcss/postcss"
  dependency-version: 4.3.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: "@types/node"
  dependency-version: 22.20.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: "@types/react"
  dependency-version: 19.2.17
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: autoprefixer
  dependency-version: 10.5.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: eslint-config-next
  dependency-version: 16.2.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: eslint-plugin-sonarjs
  dependency-version: 4.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: prettier
  dependency-version: 3.9.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
- dependency-name: tailwindcss
  dependency-version: 4.3.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: ts-jest
  dependency-version: 29.4.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: typescript-eslint
  dependency-version: 8.62.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-and-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Author

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from goetchstone as a code owner June 29, 2026 13:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants