deps(deps): bump the minor-and-patch group across 1 directory with 31 updates by dependabot[bot] · Pull Request #80 · profullstack/media-streamer

dependabot · 2026-06-08T16:14:53Z

Bumps the minor-and-patch group with 31 updates in the / directory:

Package	From	To
@radix-ui/react-dialog	`1.1.15`	`1.1.16`
@radix-ui/react-dropdown-menu	`2.1.16`	`2.1.17`
@radix-ui/react-progress	`1.1.8`	`1.1.9`
@radix-ui/react-scroll-area	`1.2.10`	`1.2.11`
@radix-ui/react-separator	`1.1.8`	`1.1.9`
@radix-ui/react-slider	`1.3.6`	`1.4.0`
@radix-ui/react-slot	`1.2.4`	`1.2.5`
@radix-ui/react-tabs	`1.1.13`	`1.1.14`
@radix-ui/react-toast	`1.2.15`	`1.2.16`
@radix-ui/react-tooltip	`1.2.8`	`1.2.9`
@supabase/supabase-js	`2.99.3`	`2.108.0`
framer-motion	`12.38.0`	`12.40.0`
imapflow	`1.3.6`	`1.3.7`
ioredis	`5.10.1`	`5.11.1`
isomorphic-dompurify	`3.12.0`	`3.16.0`
lucide-react	`1.14.0`	`1.17.0`
next	`16.2.4`	`16.2.7`
openai	`6.36.0`	`6.42.0`
posthog-js	`1.381.0`	`1.382.0`
react	`19.2.5`	`19.2.7`
@types/react	`19.2.14`	`19.2.17`
react-dom	`19.2.5`	`19.2.7`
resend	`6.12.2`	`6.12.4`
tailwind-merge	`3.5.0`	`3.6.0`
@tailwindcss/postcss	`4.2.4`	`4.3.0`
@types/jsdom	`28.0.0`	`28.0.3`
@types/node	`25.6.0`	`25.9.2`
eslint-config-next	`16.2.4`	`16.2.7`
postcss	`8.5.14`	`8.5.15`
tailwindcss	`4.2.4`	`4.3.0`
tsx	`4.21.0`	`4.22.4`

Updates @radix-ui/react-dialog from 1.1.15 to 1.1.16

Changelog

Sourced from @radix-ui/react-dialog's changelog.

1.1.16

Fixed disabled pointer events in closed dialogs

Fixed a bug where iOS text selection and editing on HTML inputs within react-dialog were broken

Fixed triggers referencing a non-existent element via aria-controls when their content is removed from the DOM (credit to @dodomorandi for the original PR)

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-slot@1.2.5, @radix-ui/react-focus-guards@1.1.4, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-focus-scope@1.1.9, @radix-ui/react-id@1.1.2, @radix-ui/react-portal@1.1.11, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-dialog since your current version.

Updates @radix-ui/react-dropdown-menu from 2.1.16 to 2.1.17

Changelog

Sourced from @radix-ui/react-dropdown-menu's changelog.

2.1.17

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-menu@2.1.17, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-id@1.1.2, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-dropdown-menu since your current version.

Updates @radix-ui/react-progress from 1.1.8 to 1.1.9

Changelog

Sourced from @radix-ui/react-progress's changelog.

1.1.9

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-progress since your current version.

Updates @radix-ui/react-scroll-area from 1.2.10 to 1.2.11

Changelog

Sourced from @radix-ui/react-scroll-area's changelog.

1.2.11

Fixed missing data-state attribute for Scroll Area scrollbars

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-direction@1.1.2, @radix-ui/number@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-callback-ref@1.1.2, @radix-ui/react-use-layout-effect@1.1.2

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-scroll-area since your current version.

Updates @radix-ui/react-separator from 1.1.8 to 1.1.9

Changelog

Sourced from @radix-ui/react-separator's changelog.

1.1.9

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-primitive@2.1.5

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-separator since your current version.

Updates @radix-ui/react-slider from 1.3.6 to 1.4.0

Changelog

Sourced from @radix-ui/react-slider's changelog.

1.4.0

Added unstable ThumbProvider, ThumbTrigger, and BubbleInput parts to Slider. SliderThumb was previously a single component that implicitly rendered a hidden native input for form submission. It is now composed from these new parts, which are exposed so consumers can decouple the bubble input from the thumb (for example, to render or customize it independently) instead of relying on SliderThumb to render it implicitly. SliderThumb continues to render all three by default, so existing usage is unaffected.

Added focusVisible for non-keyboard interactions with slider thumbs for progressively enabling styles using :focus-visible alongside programmatic focus management

Fixed Slider focus bugs in scrollable context

Fixed a Slider bug where very small step values made the thumbs unresponsive

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-collection@1.1.9, @radix-ui/react-direction@1.1.2, @radix-ui/number@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-use-layout-effect@1.1.2, @radix-ui/react-use-previous@1.1.2, @radix-ui/react-use-size@1.1.2

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-slider since your current version.

Updates @radix-ui/react-slot from 1.2.4 to 1.2.5

Changelog

Sourced from @radix-ui/react-slot's changelog.

1.2.5

Fixed infinite re-render loop in React 19 caused by Slot creating a new ref callback on every render

Added support for nested Slottable via a render prop, so a slotted element can be wrapped while still merging Slot props and refs onto it

Added repository.directory to all package.json files

Improved error messages for invalid slot children

Updated dependencies: @radix-ui/react-compose-refs@1.1.3

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-slot since your current version.

Updates @radix-ui/react-tabs from 1.1.13 to 1.1.14

Changelog

Sourced from @radix-ui/react-tabs's changelog.

1.1.14

Fixed triggers referencing a non-existent element via aria-controls when their content is removed from the DOM (credit to @dodomorandi for the original PR)

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-direction@1.1.2, @radix-ui/primitive@1.1.4, @radix-ui/react-context@1.1.4, @radix-ui/react-id@1.1.2, @radix-ui/react-primitive@2.1.5, @radix-ui/react-roving-focus@1.1.12, @radix-ui/react-use-controllable-state@1.2.3

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-tabs since your current version.

Updates @radix-ui/react-toast from 1.2.15 to 1.2.16

Changelog

Sourced from @radix-ui/react-toast's changelog.

1.2.16

Allow to specify container for ToastAnnounce

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/react-collection@1.1.9, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-portal@1.1.11, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-callback-ref@1.1.2, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-use-layout-effect@1.1.2, @radix-ui/react-visually-hidden@1.2.5

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-toast since your current version.

Updates @radix-ui/react-tooltip from 1.2.8 to 1.2.9

Changelog

Sourced from @radix-ui/react-tooltip's changelog.

1.2.9

Fixed runtime error when event target is non-Node

Fixed a Tooltip bug so that skipDelayDuration={0} works as expected. Previously, the open delay could still be skipped when moving between triggers.

Added repository.directory to all package.json files

Updated dependencies: @radix-ui/react-presence@1.1.6, @radix-ui/react-popper@1.3.0, @radix-ui/react-slot@1.2.5, @radix-ui/react-dismissable-layer@1.1.12, @radix-ui/primitive@1.1.4, @radix-ui/react-compose-refs@1.1.3, @radix-ui/react-context@1.1.4, @radix-ui/react-id@1.1.2, @radix-ui/react-portal@1.1.11, @radix-ui/react-primitive@2.1.5, @radix-ui/react-use-controllable-state@1.2.3, @radix-ui/react-visually-hidden@1.2.5

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @radix-ui/react-tooltip since your current version.

Updates @supabase/supabase-js from 2.99.3 to 2.108.0

Release notes

Sourced from @supabase/supabase-js's releases.

v2.108.0

2.108.0 (2026-06-08)

🚀 Features

auth: auth.resend() consistent confirmation flow (#2144)

🩹 Fixes

auth: do not console.error AuthApiError already returned through contract (#2428)

postgrest: pass request headers as plain object for RN/custom-fetch compatibility (#2414)

❤️ Thank You

Katerina Skroumpelou @mandarini

Lawrence Li @weilirs

MaitreyeeDeshmukh

v2.108.0-canary.0

2.108.0-canary.0 (2026-06-04)

🚀 Features

auth: auth.resend() consistent confirmation flow (#2144)

🩹 Fixes

auth: do not console.error AuthApiError already returned through contract (#2428)

postgrest: pass request headers as plain object for RN/custom-fetch compatibility (#2414)

❤️ Thank You

Katerina Skroumpelou @mandarini

Lawrence Li @weilirs

MaitreyeeDeshmukh

v2.107.0

2.107.0 (2026-06-02)

🚀 Features

auth: remove navigator.locks-based mutex; introduce commit guard + dispose() (#2392)

realtime: allow httpSend to send binary payload (#2400)

supabase: update X-Client-Info to structured metadata format (#2359)

🩹 Fixes

auth: return AuthInvalidJwtError from getClaims for expired JWT (#2395)

auth: recognize ?error= redirects in implicit grant gate (#2407)

auth): revert fix(auth: encode client-id in oauth requests (#2383, #2417)

... (truncated)

Changelog

Sourced from @supabase/supabase-js's changelog.

2.108.0 (2026-06-08)

This was a version bump only for @supabase/supabase-js to align it with other projects, there were no code changes.

2.107.0 (2026-06-02)

🚀 Features

auth: remove navigator.locks-based mutex; introduce commit guard + dispose() (#2392)

supabase: update X-Client-Info to structured metadata format (#2359)

realtime: allow httpSend to send binary payload (#2400)

❤️ Thank You

Claude Sonnet 4.6

Eduardo Gurgel

Guilherme Souza

Katerina Skroumpelou @mandarini

Omar Al Matar @Bewinxed

2.106.2 (2026-05-25)

🩹 Fixes

misc: add react-native export condition for Hermes-safe resolution (#2393)

❤️ Thank You

Myroslav Hryhschenko @BLOCKMATERIAL

2.106.1 (2026-05-20)

🩹 Fixes

misc: hide dynamic import from hermesc (#2381)

❤️ Thank You

Katerina Skroumpelou @mandarini

2.106.0 (2026-05-18)

🚀 Features

supabase: W3C/OpenTelemetry trace context propagation (#2163)

🩹 Fixes

release: mark @supabase/tracing private and snapshot it for JSR (#2370)

... (truncated)

Commits

57014e1 chore(release): version 2.107.0 changelogs (#2421)
54ec2b6 feat(auth): remove navigator.locks-based mutex; introduce commit guard + disp...
3397c92 feat(supabase): update X-Client-Info to structured metadata format (#2359)
335207f feat(realtime): allow httpSend to send binary payload (#2400)
42f12dd docs(repo): ship per-package AGENTS.md and migrations via npm (#2397)
b200b74 chore(release): version 2.106.2 changelogs (#2396)
a5f09cf chore(repo): adopt pnpm catalog and clean up devDeps (#2389)
c72cc56 fix(misc): add react-native export condition for Hermes-safe resolution (#2393)
a7bdb23 docs(supabase): expand tracePropagation tsdoc with examples (#2388)
f4c149c chore(release): version 2.106.1 changelogs (#2384)
Additional commits viewable in compare view

Updates framer-motion from 12.38.0 to 12.40.0

Changelog

Sourced from framer-motion's changelog.

[12.40.0] 2026-05-21

Added

path option to transition.

arc() for motion along an arc.

[12.39.0] 2026-05-18

Added

Support for repeatType and repeatDelay in animation sequences.

Fixed

Variants: Re-run keyframe animations when switching between variant labels even when they share identical keyframe arrays.

Drag: Preserve in-flight motion value animations across React 19 reorder unmount/remount so dragSnapToOrigin no longer leaves the drag transform stranded after a layout swap.

LazyMotion: Share React contexts between the framer-motion and framer-motion/m (and therefore motion/react and motion/react-m) CJS bundles so that <m.div> from the /m subpath picks up features loaded by <LazyMotion> from the main entry point.

useScroll: Support hydrating target and container refs from anywhere in the tree.

Drag: Gesture no longer starts from incorrect start point when rendered inside <AnimatePresence initial={false} />.

Drag: dragConstraints, when set as viewport-relative ref, no longer break on scroll.§

Updated visualElement hydration order.

useAnimate: Now respects skipAnimations.

AnimatePresence: Fix object-form initial values not applied on re-entry after exit completes.

scroll: Fixed callback progress when tracking an element.

useScroll: Fix hardware acceleration when tracking an element.

Commits

38ebb94 v12.40.0
b1f766c Latest
bca5544 Merge pull request #3699 from motiondivision/lochie/arcs-injectable
f1a96cf arc(): rename amp/rotate, expose MotionPath, fix explicit cw/ccw
b4aaba0 pathRotation: non-destructive orientToPath rotation channel
8604ef3 Make arcs injectable via transition.path = arc()
f90fe29 add orientToPath
9ebe999 fix: test
bc2107e Revert "no should"
6eeb92d no should
Additional commits viewable in compare view

Updates imapflow from 1.3.6 to 1.3.7

Changelog

Sourced from imapflow's changelog.

1.3.7 (2026-06-08)

Bug Fixes

harden FLAGS guard and bring lib to full test coverage (6666bec)

Commits

c0969c6 chore(master): release 1.3.7 [skip-ci] (#357)
6666bec fix: harden FLAGS guard and bring lib to full test coverage
See full diff in compare view

Updates ioredis from 5.10.1 to 5.11.1

Release notes

Sourced from ioredis's releases.

v5.11.1

5.11.1 (2026-06-04)

Bug Fixes

cluster: reconnect to nodes that restart without slot changes (#2096) (c84b2ee)

parse protocol-relative Redis URLs as TCP connections (#2125) (131ee24)

v5.11.0

5.11.0 (2026-05-26)

Bug Fixes

prevent RangeError from string accumulation in pipeline (#2088) (defc077)

replace deprecated url.parse() with WHATWG URL API (#2081) (0021a45), closes redis/ioredis#1747

Features

add array commands, typings and tests (#2114) (baf68d6)

add increx command (#2115) (37d0695)

add Redis MSETEX support (#2111) (04a4615)

add typed GCRA command support and functional tests (#2094) (468a802)

add vector set command support (#2116) (b7b3def)

Add xnack command (#2103) (187d29b)

Add zinter zunion count (#2104) (0d510bb)

Implement TracingChannel support (#2089) (4760e0a)

Changelog

Sourced from ioredis's changelog.

5.11.1 (2026-06-04)

Bug Fixes

cluster: reconnect to nodes that restart without slot changes (#2096) (c84b2ee)

parse protocol-relative Redis URLs as TCP connections (#2125) (131ee24)

5.11.0 (2026-05-26)

Bug Fixes

prevent RangeError from string accumulation in pipeline (#2088) (defc077)

replace deprecated url.parse() with WHATWG URL API (#2081) (0021a45), closes redis/ioredis#1747

Features

add array commands, typings and tests (#2114) (baf68d6)

add increx command (#2115) (37d0695)

add Redis MSETEX support (#2111) (04a4615)

add typed GCRA command support and functional tests (#2094) (468a802)

add vector set command support (#2116) (b7b3def)

Add xnack command (#2103) (187d29b)

Add zinter zunion count (#2104) (0d510bb)

Implement TracingChannel support (#2089) (4760e0a)

Commits

fb224a7 chore(release): 5.11.1 [skip ci]
131ee24 fix: parse protocol-relative Redis URLs as TCP connections (#2125)
c84b2ee fix(cluster): reconnect to nodes that restart without slot changes (#2096)
1490432 chore(release): 5.11.0 [skip ci]
5359d4d refactor(utils): inline defaults and isArguments helpers (#2107)
b7b3def feat: add vector set command support (#2116)
faa53fd ci: update Node.js and Redis test matrix (#2119)
37d0695 feat: add increx command (#2115)
612ee9d chore: update Redis 8.8 test image to custom (#2118)
baf68d6 feat: add array commands, typings and tests (#2114)
Additional commits viewable in compare view

Updates isomorphic-dompurify from 3.12.0 to 3.16.0

Release notes

Sourced from isomorphic-dompurify's releases.

3.16.0: Updated dependencies

dompurify 3.4.7 -> 3.4.8

vitest 4.1.7 -> 4.1.8

lefthook 2.1.8 -> 2.1.9

3.15.0: Updated dependencies

dompurify 3.4.5 -> 3.4.7

@biomejs/biome 2.4.15 -> 2.4.16

vitest 4.1.6 -> 4.1.7

packageManager pnpm 11.1.3 -> 11.4.0

3.14.0: Updated dependencies

What's Changed

chore(deps): bump dompurify from 3.4.3 to 3.4.5 by @dependabot[bot]

chore: Allowed esbuild and disallowed lefthook for ci.

chore: Added homepage URL to package.json.

Full Changelog: kkomelin/isomorphic-dompurify@3.13.0...3.14.0

3.13.0: Updated dependencies

What's Changed

chore(deps-dev): bump vitest from 4.1.5 to 4.1.6 by @dependabot[bot] in kkomelin/isomorphic-dompurify#435

chore(deps-dev): bump @types/jsdom from 28.0.1 to 28.0.3 by @dependabot[bot] in kkomelin/isomorphic-dompurify#436

chore(deps-dev): bump @biomejs/biome from 2.4.14 to 2.4.15 by @dependabot[bot] in kkomelin/isomorphic-dompurify#434

chore(deps): bump dompurify from 3.4.2 to 3.4.3 by @dependabot[bot] in kkomelin/isomorphic-dompurify#437

Full Changelog: kkomelin/isomorphic-dompurify@3.12.0...3.13.0

Commits

bee551b chore: Bump version to 3.16.0 and update dependencies.
e03b0c0 chore(deps): bump dompurify from 3.4.7 to 3.4.8
86abe8b chore(deps-dev): bump lefthook from 2.1.8 to 2.1.9
284831c chore(deps-dev): bump vitest from 4.1.7 to 4.1.8
2542801 chore: Bump version to 3.15.0 and update dependencies.
82bb1de chore(deps): bump dompurify from 3.4.5 to 3.4.6
871d363 chore(deps-dev): bump vitest from 4.1.6 to 4.1.7
518ae7d chore(deps-dev): bump lefthook from 2.1.6 to 2.1.8
45a223b chore: Pin lefthook to 2.1.6 and add dependabot cooldown.
d6a1565 chore: Actualized pnpm-lock.yaml.
Additional commits viewable in compare view

Updates lucide-react from 1.14.0 to 1.17.0

Release notes

Sourced from lucide-react's releases.

Version 1.17.0

What's Changed

chore(lucide-vue-next|lucide-svelte|lucide-angular): Remove deprecated packages by @ericfennis in lucide-icons/lucide#4376

chore(repo): Update issue templates and documentation for package ren… by @ericfennis in lucide-icons/lucide#4379

feat(site): Adds survey overlay to website by @ericfennis in lucide-icons/lucide#4380

feat(site): Certificate dev links by @ericfennis in lucide-icons/lucide#4390

fix(icons): changed martini icon by @jamiemlaw in lucide-icons/lucide#4335

chore(deps): bump brace-expansion from 1.1.11 to 5.0.6 by @dependabot[bot] in lucide-icons/lucide#4386

chore(deps): bump @tootallnate/once from 2.0.0 to 2.0.1 by @dependabot[bot] in lucide-icons/lucide#4404

chore(deps): bump devalue from 5.8.0 to 5.8.1 by @dependabot[bot] in lucide-icons/lucide#4391

chore(deps): bump ws from 8.18.0 to 8.20.1 by @dependabot[bot] in lucide-icons/lucide#4392

fix(gh-icon): limit icon size to a maximum of 256 pixels by @jguddas in lucide-icons/lucide#4398

chore(dependencies): Update dependencies by @ericfennis in lucide-icons/lucide#4377

feat(copilot): Adding copilot instructions by @ericfennis in lucide-icons/lucide#4407

feat(icons): add globe-check by @Barakudum in lucide-icons/lucide#4342

feat(metadata): Require use-cases in meta json by @ericfennis in lucide-icons/lucide#4321

feat(icons): added parasol icon by @karsa-mistmere in lucide-icons/lucide#4347

Full Changelog: lucide-icons/lucide@1.16.0...1.17.0

Version 1.16.0

What's Changed

feat(icons): added blender icon by @rrod497 in lucide-icons/lucide#3884

Full Changelog: lucide-icons/lucide@1.15.0...1.16.0

Version 1.15.0

What's Changed

fix: remove 'less' from brand stopwords by @jguddas in lucide-icons/lucide#4331

fix(@lucide/vue): Clone slots before passing to icon by @axtho in lucide-icons/lucide#4339

fix(icons): changed text-cursor icon by @jamiemlaw in lucide-icons/lucide#4340

fix(icons): changed landmark icon by @jamiemlaw in lucide-icons/lucide#4334

chore(deps-dev): bump nitropack from 2.13.1 to 2.13.4 by @dependabot[bot] in lucide-icons/lucide#4352

chore(deps-dev): bump simple-git from 3.33.0 to 3.36.0 by @dependabot[bot] in lucide-icons/lucide#4349

fix(icons): changed candy-cane icon by @jguddas in lucide-icons/lucide#4148

fix(icons): changed volleyball icon by @jamiemlaw in lucide-icons/lucide#4338

fix(icons): changed chart-no-axes-combined icon by @jguddas in lucide-icons/lucide#3567

feat(icon): added broccoli icon by @swastik7805 in lucide-icons/lucide#4263

chore(site): Updates to site and updated carbon ads by @ericfennis in lucide-icons/lucide#4359

feat(icons): added sticky note variants by @Barakudum in lucide-icons/lucide#4348

chore(deps-dev): bump astro from 6.1.6 to 6.1.10 by @dependabot[bot] in lucide-icons/lucide#4361

New Contributors

@axtho made their first contribution in lucide-icons/lucide#4339

@Barakudum made their first contribution in lucide-icons/lucide#4348

Full Changelog: lucide-icons/lucide@1.14.0...1.15.0

Commits

07c885e fix(docs): fix zephyr-cloud URL in readmes
See full diff in compare view

Updates next from 16.2.4 to 16.2.7

Release notes

Sourced from next's releases.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

Backport documentation fixes for v16.2 (#93804)

[backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)

[backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)

[backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)

[backport] Encode non-ASCII characters in cache tags at construction (#93918)

[backport] Fix server action forwarding loop with middleware rewrites (#93919)

[backport] Turbopack: switch from base40 to base38 hash encoding (#93932)

[ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)

[backport] Fix "type: module" in project dir when using standalone or adapters (#94050)

[backport] Propagate adapter preferred regions (#94200)

[16.2.x] Don't drop FormData entries (#94240)

[backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @eps1lon, @icyJoseph, @unstubbable, @mischnic, @bgw, @timneutkens, and @lukesandberg for helping!

v16.2.6

[!NOTE] This release contains security fixes and backported bug fixes. It does not include all pending features/changes on canary.

Security Fixes

The following advisories have been addressed:

High:

GHSA-8h8q-6873-q5fj: Denial of Service with Server Components

GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes

GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up

GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components

GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection

GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades

GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n

Moderate:

GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces

GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input

GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API

GHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses

Low:

GHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting

GHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned

... (truncated)

Commits

9bd3c26 v16.2.7
c63224f [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...
63115c7 [16.2.x] Don't drop FormData entries (#94240)
aef22fd [backport] Propagate adapter preferred regions (#94200)
f126e72 [backport] Fix "type: module" in project dir when using standalone or adapter...
bda3e2a [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
7e16e07 [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
6139f4b [backport] Fix server action forwarding loop with middleware rewrites (#93919)
c021d10 [backport] Encode non-ASCII characters in cache tags at construction (#93918)
9184ddb [backport] Fix catch-all router.query corruption with basePath + `rewrite...
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for next since your current version.

Updates openai from 6.36.0 to 6.42.0

Release notes

Sourced from openai's releases.

v6.42.0

6.42.0 (2026-06-03)

Full Changelog: v6.41.0...v6.42.0

Features

api: responses.moderation and chat_completions.moderation (6d8f592)

v6.41.0

6.41.0 (2026-06-01)

Full Changelog: v6.40.0...v6.41.0

Features

api: Add Amazon Bedrock Responses support (#1899) (535b045)

v6.40.0

6.40.0 (2026-06-01)

Full Changelog: v6.39.1...v6.40.0

Features

api: workload identity in audit logs, additional_tools item in responses, fix ActionSearch.query to be optional. (aee09f3)

Chores

remove migrate CLI (673c618)

v6.39.1

6.39.1 (2026-05-27)

Full Changelog: v6.39.0...v6.39.1

Bug Fixes

Improve undici dispatcher mismatch guidance (#1898) (b6e5fd6)

treat text/plan with format: binary as raw upload (f9a632a)

treat text/plan with format: binary as raw upload (323cb78)

Chores

internal: cod...
Description has been truncated

dependabot · 2026-06-08T16:14:55Z

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

github-actions · 2026-06-08T16:15:21Z

vu1nz Security Review

0 finding(s) in PR #?

No security issues found.

socket-security · 2026-06-08T16:17:23Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Quality
next@16.2.7
@radix-ui/react-separator@1.1.9
eslint-config-next@16.2.7
@radix-ui/react-progress@1.1.9
@radix-ui/react-slot@1.2.3 ⏵ 1.2.5	⁺¹	⁺¹
@radix-ui/react-tabs@1.1.14
@radix-ui/react-dropdown-menu@2.1.17
@radix-ui/react-dialog@1.1.16
@radix-ui/react-tooltip@1.2.9
@radix-ui/react-slider@1.4.0
@radix-ui/react-toast@1.2.16
@radix-ui/react-scroll-area@1.2.11
@types/jsdom@28.0.3
posthog-js@1.382.0
openai@6.42.0
@types/react@19.2.17
lucide-react@1.17.0
@types/node@25.9.2
postcss@8.5.15
tailwindcss@4.3.0
react@19.2.7
tailwind-merge@3.6.0
resend@6.12.4
react-dom@19.2.7
isomorphic-dompurify@3.16.0
imapflow@1.3.7
framer-motion@12.40.0
@tailwindcss/postcss@4.3.0

View full report

socket-security · 2026-06-08T16:17:25Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		Obfuscated code: npm `@typescript-eslint/eslint-plugin` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pnpm-lock.yaml → `npm/eslint-config-next@16.2.7` → `npm/@typescript-eslint/eslint-plugin@8.60.1` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/@typescript-eslint/eslint-plugin@8.60.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `posthog-js` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package.json → `npm/posthog-js@1.382.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/posthog-js@1.382.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `posthog-js` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package.json → `npm/posthog-js@1.382.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/posthog-js@1.382.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `posthog-js` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package.json → `npm/posthog-js@1.382.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/posthog-js@1.382.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Publisher changed: npm `resend` is now published by dielduarte Author: dielduarte From: package.json → `npm/resend@6.12.4` ℹ Read more on: This package \| This alert \| What is unstable ownership? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Try to reduce the number of authors you depend on to reduce the risk to malicious actors gaining access to your supply chain. Packages should remove inactive collaborators with publishing rights from packages on npm. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/resend@6.12.4`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		License policy violation: npm `rollup` under unrecognized license License: unrecognized license - This license was not allowed or given any lesser classification by the applicable policy (package/LICENSE.md) From: pnpm-lock.yaml → `npm/@vitejs/plugin-react@5.1.4` → `npm/vitest@4.1.8` → `npm/rollup@4.61.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/rollup@4.61.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

… updates Bumps the minor-and-patch group with 31 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@radix-ui/react-dialog](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dialog) | `1.1.15` | `1.1.16` | | [@radix-ui/react-dropdown-menu](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dropdown-menu) | `2.1.16` | `2.1.17` | | [@radix-ui/react-progress](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/progress) | `1.1.8` | `1.1.9` | | [@radix-ui/react-scroll-area](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/scroll-area) | `1.2.10` | `1.2.11` | | [@radix-ui/react-separator](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/separator) | `1.1.8` | `1.1.9` | | [@radix-ui/react-slider](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/slider) | `1.3.6` | `1.4.0` | | [@radix-ui/react-slot](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/slot) | `1.2.4` | `1.2.5` | | [@radix-ui/react-tabs](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/tabs) | `1.1.13` | `1.1.14` | | [@radix-ui/react-toast](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/toast) | `1.2.15` | `1.2.16` | | [@radix-ui/react-tooltip](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/tooltip) | `1.2.8` | `1.2.9` | | [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js) | `2.99.3` | `2.108.0` | | [framer-motion](https://github.com/motiondivision/motion) | `12.38.0` | `12.40.0` | | [imapflow](https://github.com/postalsys/imapflow) | `1.3.6` | `1.3.7` | | [ioredis](https://github.com/luin/ioredis) | `5.10.1` | `5.11.1` | | [isomorphic-dompurify](https://github.com/kkomelin/isomorphic-dompurify) | `3.12.0` | `3.16.0` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.14.0` | `1.17.0` | | [next](https://github.com/vercel/next.js) | `16.2.4` | `16.2.7` | | [openai](https://github.com/openai/openai-node) | `6.36.0` | `6.42.0` | | [posthog-js](https://github.com/PostHog/posthog-js) | `1.381.0` | `1.382.0` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.5` | `19.2.7` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.5` | `19.2.7` | | [resend](https://github.com/resend/resend-node) | `6.12.2` | `6.12.4` | | [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.5.0` | `3.6.0` | | [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.2.4` | `4.3.0` | | [@types/jsdom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jsdom) | `28.0.0` | `28.0.3` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.6.0` | `25.9.2` | | [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.2.4` | `16.2.7` | | [postcss](https://github.com/postcss/postcss) | `8.5.14` | `8.5.15` | | [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) | `4.2.4` | `4.3.0` | | [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.4` | Updates `@radix-ui/react-dialog` from 1.1.15 to 1.1.16 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/dialog/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/dialog) Updates `@radix-ui/react-dropdown-menu` from 2.1.16 to 2.1.17 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/dropdown-menu/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/dropdown-menu) Updates `@radix-ui/react-progress` from 1.1.8 to 1.1.9 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/progress/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/progress) Updates `@radix-ui/react-scroll-area` from 1.2.10 to 1.2.11 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/scroll-area/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/scroll-area) Updates `@radix-ui/react-separator` from 1.1.8 to 1.1.9 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/separator/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/separator) Updates `@radix-ui/react-slider` from 1.3.6 to 1.4.0 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/slider/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/slider) Updates `@radix-ui/react-slot` from 1.2.4 to 1.2.5 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/slot/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/slot) Updates `@radix-ui/react-tabs` from 1.1.13 to 1.1.14 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/tabs/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/tabs) Updates `@radix-ui/react-toast` from 1.2.15 to 1.2.16 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/toast/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/toast) Updates `@radix-ui/react-tooltip` from 1.2.8 to 1.2.9 - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/tooltip/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/tooltip) Updates `@supabase/supabase-js` from 2.99.3 to 2.108.0 - [Release notes](https://github.com/supabase/supabase-js/releases) - [Changelog](https://github.com/supabase/supabase-js/blob/master/packages/core/supabase-js/CHANGELOG.md) - [Commits](https://github.com/supabase/supabase-js/commits/v2.108.0/packages/core/supabase-js) Updates `framer-motion` from 12.38.0 to 12.40.0 - [Changelog](https://github.com/motiondivision/motion/blob/main/CHANGELOG.md) - [Commits](motiondivision/motion@v12.38.0...v12.40.0) Updates `imapflow` from 1.3.6 to 1.3.7 - [Release notes](https://github.com/postalsys/imapflow/releases) - [Changelog](https://github.com/postalsys/imapflow/blob/master/CHANGELOG.md) - [Commits](postalsys/imapflow@v1.3.6...v1.3.7) Updates `ioredis` from 5.10.1 to 5.11.1 - [Release notes](https://github.com/luin/ioredis/releases) - [Changelog](https://github.com/redis/ioredis/blob/main/CHANGELOG.md) - [Commits](redis/ioredis@v5.10.1...v5.11.1) Updates `isomorphic-dompurify` from 3.12.0 to 3.16.0 - [Release notes](https://github.com/kkomelin/isomorphic-dompurify/releases) - [Commits](kkomelin/isomorphic-dompurify@3.12.0...3.16.0) Updates `lucide-react` from 1.14.0 to 1.17.0 - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/1.17.0/packages/lucide-react) Updates `next` from 16.2.4 to 16.2.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v16.2.4...v16.2.7) Updates `openai` from 6.36.0 to 6.42.0 - [Release notes](https://github.com/openai/openai-node/releases) - [Changelog](https://github.com/openai/openai-node/blob/main/CHANGELOG.md) - [Commits](openai/openai-node@v6.36.0...v6.42.0) Updates `posthog-js` from 1.381.0 to 1.382.0 - [Release notes](https://github.com/PostHog/posthog-js/releases) - [Changelog](https://github.com/PostHog/posthog-js/blob/main/CHANGELOG.md) - [Commits](https://github.com/PostHog/posthog-js/compare/posthog-js@1.381.0...posthog-js@1.382.0) Updates `react` from 19.2.5 to 19.2.7 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react) Updates `@types/react` from 19.2.14 to 19.2.17 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `react-dom` from 19.2.5 to 19.2.7 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom) Updates `resend` from 6.12.2 to 6.12.4 - [Release notes](https://github.com/resend/resend-node/releases) - [Commits](resend/resend-node@v6.12.2...v6.12.4) Updates `tailwind-merge` from 3.5.0 to 3.6.0 - [Release notes](https://github.com/dcastil/tailwind-merge/releases) - [Commits](dcastil/tailwind-merge@v3.5.0...v3.6.0) Updates `@tailwindcss/postcss` from 4.2.4 to 4.3.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.0/packages/@tailwindcss-postcss) Updates `@types/jsdom` from 28.0.0 to 28.0.3 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jsdom) Updates `@types/node` from 25.6.0 to 25.9.2 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@types/react` from 19.2.14 to 19.2.17 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `eslint-config-next` from 16.2.4 to 16.2.7 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/commits/v16.2.7/packages/eslint-config-next) Updates `postcss` from 8.5.14 to 8.5.15 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.5.14...8.5.15) Updates `tailwindcss` from 4.2.4 to 4.3.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.0/packages/tailwindcss) Updates `tsx` from 4.21.0 to 4.22.4 - [Release notes](https://github.com/privatenumber/tsx/releases) - [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs) - [Commits](privatenumber/tsx@v4.21.0...v4.22.4) --- updated-dependencies: - dependency-name: "@radix-ui/react-dialog" dependency-version: 1.1.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@radix-ui/react-dropdown-menu" dependency-version: 2.1.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@radix-ui/react-progress" dependency-version: 1.1.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@radix-ui/react-scroll-area" dependency-version: 1.2.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@radix-ui/react-separator" dependency-version: 1.1.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@radix-ui/react-slider" dependency-version: 1.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: "@radix-ui/react-slot" dependency-version: 1.2.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@radix-ui/react-tabs" dependency-version: 1.1.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@radix-ui/react-toast" dependency-version: 1.2.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@radix-ui/react-tooltip" dependency-version: 1.2.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@supabase/supabase-js" dependency-version: 2.108.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: "@tailwindcss/postcss" dependency-version: 4.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: "@types/jsdom" dependency-version: 28.0.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@types/node" dependency-version: 25.9.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: "@types/react" dependency-version: 19.2.17 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: "@types/react" dependency-version: 19.2.17 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: eslint-config-next dependency-version: 16.2.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: framer-motion dependency-version: 12.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: imapflow dependency-version: 1.3.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: ioredis dependency-version: 5.11.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: isomorphic-dompurify dependency-version: 3.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: lucide-react dependency-version: 1.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: next dependency-version: 16.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: openai dependency-version: 6.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: postcss dependency-version: 8.5.15 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: posthog-js dependency-version: 1.382.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: react dependency-version: 19.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: react-dom dependency-version: 19.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: resend dependency-version: 6.12.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: tailwind-merge dependency-version: 3.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: tailwindcss dependency-version: 4.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: tsx dependency-version: 4.22.4 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot changed the title ~~deps(deps): bump the minor-and-patch group with 31 updates~~ deps(deps): bump the minor-and-patch group across 1 directory with 31 updates Jun 8, 2026

dependabot Bot force-pushed the dependabot/npm_and_yarn/minor-and-patch-675550024b branch from 9c7b3c5 to 31a5073 Compare June 8, 2026 16:29

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

deps(deps): bump the minor-and-patch group across 1 directory with 31 updates#80

deps(deps): bump the minor-and-patch group across 1 directory with 31 updates#80
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/minor-and-patch-675550024b

dependabot Bot commented on behalf of github Jun 8, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github Jun 8, 2026

Uh oh!

github-actions Bot commented Jun 8, 2026

Uh oh!

socket-security Bot commented Jun 8, 2026 •

edited

Loading

Uh oh!

socket-security Bot commented Jun 8, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 8, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

1.1.16

2.1.17

1.1.9

1.2.11

1.1.9

1.4.0

1.2.5

1.1.14

1.2.16

1.2.9

v2.108.0

2.108.0 (2026-06-08)

🚀 Features

🩹 Fixes

❤️ Thank You

v2.108.0-canary.0

2.108.0-canary.0 (2026-06-04)

🚀 Features

🩹 Fixes

❤️ Thank You

v2.107.0

2.107.0 (2026-06-02)

🚀 Features

🩹 Fixes

2.108.0 (2026-06-08)

2.107.0 (2026-06-02)

🚀 Features

❤️ Thank You

2.106.2 (2026-05-25)

🩹 Fixes

❤️ Thank You

2.106.1 (2026-05-20)

🩹 Fixes

❤️ Thank You

2.106.0 (2026-05-18)

🚀 Features

🩹 Fixes

[12.40.0] 2026-05-21

Added

[12.39.0] 2026-05-18

Added

Fixed

1.3.7 (2026-06-08)

Bug Fixes

v5.11.1

5.11.1 (2026-06-04)

Bug Fixes

v5.11.0

5.11.0 (2026-05-26)

Bug Fixes

Features

5.11.1 (2026-06-04)

Bug Fixes

5.11.0 (2026-05-26)

Bug Fixes

Features

3.16.0: Updated dependencies

3.15.0: Updated dependencies

3.14.0: Updated dependencies

What's Changed

3.13.0: Updated dependencies

What's Changed

Version 1.17.0

What's Changed

Version 1.16.0

What's Changed

Version 1.15.0

What's Changed

New Contributors

v16.2.7

Core Changes

Credits

v16.2.6

Security Fixes

v6.42.0

6.42.0 (2026-06-03)

Features

dependabot Bot commented on behalf of github Jun 8, 2026 •

edited

Loading

socket-security Bot commented Jun 8, 2026 •

edited

Loading

socket-security Bot commented Jun 8, 2026 •

edited

Loading