build(deps): bump the production-minor-patch group across 1 directory with 18 updates

[dependabot]

Bumps the production-minor-patch group with 18 updates in the / directory:

Package	From	To
@aws-sdk/client-s3	3.1045.0	3.1057.0
@hookform/resolvers	5.2.2	5.4.0
@mdxeditor/editor	4.0.0	4.0.1
@tanstack/react-query	5.100.10	5.100.14
@tanstack/react-query-devtools	5.100.10	5.100.14
@xyflow/react	12.10.2	12.11.0
better-auth	1.6.10	1.6.13
date-fns	4.1.0	4.4.0
docx	9.6.1	9.7.1
ldapts	8.1.7	8.1.8
lucide-react	1.14.0	1.17.0
next	16.2.6	16.2.7
nodemailer	8.0.7	8.0.10
react	19.2.6	19.2.7
react-dom	19.2.6	19.2.7
react-hook-form	7.75.0	7.77.0
semver	7.8.0	7.8.1
shadcn	4.7.0	4.10.0

Updates @aws-sdk/client-s3 from 3.1045.0 to 3.1057.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.1057.0

3.1057.0(2026-05-29)

Bug Fixes

• client-rds-data:
  • ArrayValue member element types are now nullable: booleanValues is (boolean | null)[], longValues and doubleValues are (number | null)[], stringValues is (string | null)[], and arrayValues is (ArrayValue | null)[]. This reflects that SQL array responses can contain NULL elements. Existing TypeScript code that reads elements as non-nullable values won't compile; migrate by changing the target type to nullable, using the nullish coalescing operator ?? to supply a default, or using .filter(v => v !== null). (43e8abc9)

Chores

• codegen:
  • smithy-aws-typescript-codegen 0.50.0 (#8056) (050bee10)
  • sync for smithy 1.71.0 and snapshot-testing fix (#8053) (e55a3879)

New Features

• clients: update client endpoints as of 2026-05-29 (100e59e3)
• client-codeguru-security: Adding new BDD representation of endpoint ruleset (b5e79600)
• client-auto-scaling-plans: Adding new BDD representation of endpoint ruleset (be4de620)
• client-connect-contact-lens: Adding new BDD representation of endpoint ruleset (5356eaf4)
• client-connectcampaignsv2: Adding new BDD representation of endpoint ruleset (610e00f6)
• client-cloudsearch: Adding new BDD representation of endpoint ruleset (954a5629)
• client-account: Adding new BDD representation of endpoint ruleset (043ec31b)
• client-directory-service-data: Adding new BDD representation of endpoint ruleset (a4c4696b)
• client-bedrock: Automated Reasoning checks - Added two build workflows for policies. Iterative Refine Policy uses AI to update policy definitions based on test results and feedback. Resolve Policy Ambiguities consolidates ambiguous variables in Automated Reasoning policies, a common source of ambiguous validation. (dc971ce1)
• client-lex-models-v2: Adding new BDD representation of endpoint ruleset (46879a2b)
• client-application-insights: Adding new BDD representation of endpoint ruleset (8188d14a)
• client-quicksight: Adds support for creating, updating, describing, listing, and deleting an OAuthClientApplication resource, a new quicksight resource that allows customers to store OAuth configurations to connect to their databases via 3 Legged OAuth. (62d39a81)
• client-bedrock-agentcore-control: Reference your own AWS Secrets Manager secrets when configuring credential providers, giving you control over encryption, rotation, and access policies instead of using service-managed secrets. (ac8eac96)
• client-codecatalyst: Adding new BDD representation of endpoint ruleset (5d0951a1)
• client-grafana: Adding new BDD representation of endpoint ruleset (a0c1dbf4)
• client-drs: Adding new BDD representation of endpoint ruleset (af7bbc33)
• client-cloudsearch-domain: Adding new BDD representation of endpoint ruleset (84e5f9f0)
• client-networkflowmonitor: Adding new BDD representation of endpoint ruleset (2571d33c)
• client-mailmanager: Adding new BDD representation of endpoint ruleset (89075b5d)
• client-route53resolver: Added BatchCreateFirewallRule, BatchUpdateFirewallRule, BatchDeleteFirewallRule, and ListFirewallRuleTypes APIs. Added FirewallRuleType support to Firewall Rule APIs. (a5c6d722)
• client-pcs: Adding new BDD representation of endpoint ruleset (eec245d2)
• client-inspector-scan: Adding new BDD representation of endpoint ruleset (f4eb5511)
• client-sesv2: This release introduces support for Tenant Suppression Lists (3de2020c)
• client-chime: Adding new BDD representation of endpoint ruleset (f8e2cde5)
• client-proton: Adding new BDD representation of endpoint ruleset (937b25e0)
• client-lex-runtime-v2: Adding new BDD representation of endpoint ruleset (2e4709c6)
• client-ssm-guiconnect: Adding new BDD representation of endpoint ruleset (e5c019d3)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.1057.0 (2026-05-29)

Note: Version bump only for package @​aws-sdk/client-s3

3.1056.0 (2026-05-28)

Note: Version bump only for package @​aws-sdk/client-s3

3.1055.0 (2026-05-27)

Note: Version bump only for package @​aws-sdk/client-s3

3.1054.0 (2026-05-26)

Note: Version bump only for package @​aws-sdk/client-s3

3.1053.0 (2026-05-22)

Note: Version bump only for package @​aws-sdk/client-s3

3.1052.0 (2026-05-21)

Note: Version bump only for package @​aws-sdk/client-s3

3.1051.0 (2026-05-20)

... (truncated)

Commits

• e836d5c Publish v3.1057.0
• e55a387 chore(codegen): sync for smithy 1.71.0 and snapshot-testing fix (#8053)
• 4b03542 Publish v3.1056.0
• 7ae617c chore(codegen): sync for cyclic file dependency fixes (#8051)
• 2981565 Publish v3.1055.0
• d999d57 Publish v3.1054.0
• ef69ea6 Publish v3.1053.0
• 443d6be Publish v3.1052.0
• 0d6242d chore(codegen): update @​smithy dependencies (#8038)
• b825c13 Publish v3.1051.0
• Additional commits viewable in compare view

Updates @hookform/resolvers from 5.2.2 to 5.4.0

Release notes

Sourced from @​hookform/resolvers's releases.

v5.4.0

5.4.0 (2026-05-21)

Features

• feat: add ata-validator resolver (#845)

Fixes

• fix issue with toNestErrors.ts (#848)

• add guidance on passing context to yupResolver (useForm context) (#835) (3d29924)

Commits

• 3d29924 feat: add guidance on passing context to yupResolver (useForm context) (#835)
• 56b68f3 feat: 5.3.0
• cf8562d update readme on ata-validator
• 5e5b610 fix issue with toNestErrors.ts (#848)
• 72aacf8 Revise supported versions in SECURITY.md
• ad89a20 feat: add ata-validator resolver (#845)
• 02286db ci: updated publish workflow to use node 24 (#838)
• 2e9bc7c Fix(zodResolver): error paths in complex unions #787 (#819)
• See full diff in compare view

Updates @mdxeditor/editor from 4.0.0 to 4.0.1

Release notes

Sourced from @​mdxeditor/editor's releases.

v4.0.1

4.0.1 (2026-05-20)

Bug Fixes

• fall back to default code block language on import (835ad54), closes #935

Commits

• 835ad54 fix: fall back to default code block language on import
• 869f769 Harden GitHub Actions workflows (#934)
• See full diff in compare view

Updates @tanstack/react-query from 5.100.10 to 5.100.14

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.100.14

Patch Changes

• Updated dependencies [ed20b6d]:
  • @​tanstack/react-query@​5.100.14
  • @​tanstack/query-devtools@​5.100.14

@​tanstack/react-query-next-experimental@​5.100.14

Patch Changes

• Updated dependencies [ed20b6d]:
  • @​tanstack/react-query@​5.100.14

@​tanstack/react-query-persist-client@​5.100.14

Patch Changes

• Updated dependencies [ed20b6d]:
  • @​tanstack/react-query@​5.100.14
  • @​tanstack/query-persist-client-core@​5.100.14

@​tanstack/react-query@​5.100.14

Patch Changes

• fix(react-query): do not go into optimistic fetching state when not subscribed (#10759)

• Updated dependencies []:

  • @​tanstack/query-core@​5.100.14

@​tanstack/react-query-devtools@​5.100.13

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.13
  • @​tanstack/react-query@​5.100.13

@​tanstack/react-query-next-experimental@​5.100.13

Patch Changes

• Updated dependencies []:
  • @​tanstack/react-query@​5.100.13

@​tanstack/react-query-persist-client@​5.100.13

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.100.13
  • @​tanstack/react-query@​5.100.13

@​tanstack/react-query@​5.100.13

Patch Changes

... (truncated)

Changelog

Sourced from @​tanstack/react-query's changelog.

5.100.14

Patch Changes

• fix(react-query): do not go into optimistic fetching state when not subscribed (#10759)

• Updated dependencies []:

  • @​tanstack/query-core@​5.100.14

5.100.13

Patch Changes

• Updated dependencies [d423168]:
  • @​tanstack/query-core@​5.100.13

5.100.12

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.12

5.100.11

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.11

Commits

• See full diff in compare view

Updates @tanstack/react-query-devtools from 5.100.10 to 5.100.14

Release notes

Sourced from @​tanstack/react-query-devtools's releases.

@​tanstack/react-query-devtools@​5.100.14

Patch Changes

• Updated dependencies [ed20b6d]:
  • @​tanstack/react-query@​5.100.14
  • @​tanstack/query-devtools@​5.100.14

@​tanstack/react-query-devtools@​5.100.13

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.13
  • @​tanstack/react-query@​5.100.13

@​tanstack/react-query-devtools@​5.100.12

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.12
  • @​tanstack/react-query@​5.100.12

@​tanstack/react-query-devtools@​5.100.11

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.11
  • @​tanstack/react-query@​5.100.11

Changelog

Sourced from @​tanstack/react-query-devtools's changelog.

5.100.14

Patch Changes

• Updated dependencies [ed20b6d]:
  • @​tanstack/react-query@​5.100.14
  • @​tanstack/query-devtools@​5.100.14

5.100.13

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.13
  • @​tanstack/react-query@​5.100.13

5.100.12

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.12
  • @​tanstack/react-query@​5.100.12

5.100.11

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.11
  • @​tanstack/react-query@​5.100.11

Commits

• See full diff in compare view

Updates @xyflow/react from 12.10.2 to 12.11.0

Release notes

Sourced from @​xyflow/react's releases.

@​xyflow/react@​12.11.0

12.11.0

Minor Changes

• #5677 e6661de - Add autoPanOnSelection to auto-pan when user drags a selection close to the edge of the viewport.

Patch Changes

• #5791 732c8eb - Adds a type error when handleId is used without handleType in useNodeConnections

• #5793 c5c853d - Dev Warnings now use library-specific messaging with the correct documentation links.

• #5776 0441e9f - Export NodeHandle type

• #5755 88737f9 - Add @types/react and @types/react-dom as optional peer dependencies to prevent issues with pnpm strict mode (hoist: false)

• #5105 076ad38 - Fix type for event passed to onNodeDrag

• #5784 7055140 - Fix node resizing possible beyond absolute extents

• #5769 ad4d547 - Use useEffect for StoreUpdater to restore previous behaviour

• Updated dependencies [732c8eb, c5c853d, e6661de, 737194d, 40660cd, 4806e7c, 7055140]:

  • @​xyflow/system@​0.0.77

Changelog

Sourced from @​xyflow/react's changelog.

12.11.0

Minor Changes

• #5677 e6661de - Add autoPanOnSelection to auto-pan when user drags a selection close to the edge of the viewport.

Patch Changes

• #5791 732c8eb - Adds a type error when handleId is used without handleType in useNodeConnections

• #5793 c5c853d - Dev Warnings now use library-specific messaging with the correct documentation links.

• #5776 0441e9f - Export NodeHandle type

• #5755 88737f9 - Add @types/react and @types/react-dom as optional peer dependencies to prevent issues with pnpm strict mode (hoist: false)

• #5105 076ad38 - Fix type for event passed to onNodeDrag

• #5784 7055140 - Fix node resizing possible beyond absolute extents

• #5769 ad4d547 - Use useEffect for StoreUpdater to restore previous behaviour

• Updated dependencies [732c8eb, c5c853d, e6661de, 737194d, 40660cd, 4806e7c, 7055140]:

  • @​xyflow/system@​0.0.77

Commits

• 6970ded chore(packages): bump
• c9db70d Merge branch 'main' of https://github.com/xyflow/xyflow into 5780-svelte-flow...
• af23aef chore: cleanup error messages
• 9d58ab9 fix: make error messages framework-specific
• e52bb55 Merge pull request #5105 from thedanchez/xydrag-type-generics
• 03e3dc0 Merge pull request #5755 from nielskaspers/fix/issue-5738-react-types-peer-dep
• caebfd6 Merge pull request #5784 from xyflow/fix-node-resizer-again
• 9dc7ec9 chore(react): fix util function
• c4e7833 Merge pull request #5785 from xyflow/fix-useless-promises
• 01fb1f1 chore(system): add UseNodeConnectionsParams type
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​xyflow/react since your current version.

Updates better-auth from 1.6.10 to 1.6.13

Release notes

Sourced from better-auth's releases.

v1.6.13

better-auth

Features

• Added support for server-side accountInfo calls with an optional userId parameter, allowing trusted callers to read provider profiles without constructing session headers (#9813)

Bug Fixes

• Clarified that viewBackupCodes is a server-only function not accessible via HTTP in its API documentation (#9822)
• Fixed Google One Tap authenticating the wrong user when the presented Google account is already linked to a different local user, by resolving identity through the shared OAuth path
• Fixed storeStateStrategy defaulting to "cookie" instead of "database" when only secondaryStorage is configured, preventing oversized-cookie errors on platforms like AWS Lambda (#9591)
• Fixed updateUserInfoOnLink not being applied when linking accounts through the standard OAuth redirect flow (#8758)
• Fixed oidc-provider and mcp plugins accepting invalid redirect_uri schemes such as javascript: and data: (#9838)
• Fixed organization logo not accepting null, preventing users from clearing an existing logo on create and update (#9842)

For detailed changes, see CHANGELOG

@better-auth/sso

Bug Fixes

• Fixed SAML Single Logout leaving the user signed in due to session deletion matching on row ID instead of session token
• Fixed ambiguous internalAdapter helper methods that could silently match the wrong account or wipe all sessions for a user (#9818)
• Fixed a high-severity XML injection vulnerability in signed SAML assertions by updating samlify to 2.13.1 (GHSA-34r5-q4jw-r36m) (#9821)

For detailed changes, see CHANGELOG

@better-auth/api-key

Bug Fixes

• Fixed verifyApiKey rejecting keys created under a non-default configId when the request omitted configId (#9794)

For detailed changes, see CHANGELOG

@better-auth/core

Bug Fixes

• Fixed a silent failure in consumeOne when an adapter's deleteMany returned a non-numeric value, now surfacing a clear error (#9831)

For detailed changes, see CHANGELOG

@better-auth/expo

Bug Fixes

• Fixed sign-in being lost on Expo when a provider issues large tokens, by splitting oversized account cookies across multiple storage keys (#9815)

... (truncated)

Changelog

Sourced from better-auth's changelog.

1.6.13

Patch Changes

• #9813 d3919dc Thanks @​gustavovalverde! - Support server-side accountInfo calls without session headers.

  auth.api.accountInfo now accepts an optional userId, so a trusted server-side caller can read a user's provider profile without constructing session headers. This mirrors getAccessToken and refreshToken. HTTP callers still require a valid session, and a session always takes precedence over a supplied userId.

  The shared "resolve the target user, then fetch a valid access token" logic behind these three endpoints now lives in one place. As part of that, a server-side call that supplies neither a session nor a userId reports USER_ID_OR_SESSION_REQUIRED (400) consistently, rather than UNAUTHORIZED on some endpoints.

• #9591 5f282bd Thanks @​Vishesh-Verma-07! - When only secondaryStorage is configured (no primary database), storeStateStrategy now defaults to "database" instead of "cookie", preventing oversized-cookie errors on platforms like AWS Lambda. The account cookie that holds OAuth tokens in database-less setups stays enabled, so getAccessToken keeps working.

• #9818 43c08a2 Thanks @​gustavovalverde! - Fix two buggy internalAdapter helpers.

  Remove findAccount(accountId). It looked accounts up by account ID alone, which is unique neither across providers nor across users, so it returned a non-deterministic match. All callers now use a user-scoped or provider-scoped lookup.

  Replace the ambiguous deleteSessions(string | string[]) with two explicit methods. deleteUserSessions(userId) revokes every session for a user, and deleteSessions(tokens) revokes sessions by token. The old single-string overload silently treated its argument as a user ID, so a caller that meant to delete one session token could instead wipe all of a user's sessions or quietly match nothing.

• #9818 43c08a2 Thanks @​gustavovalverde! - Fix Google One Tap signing in the wrong user when the presented Google account is already linked to someone else. One Tap now resolves identity through the shared OAuth path, so the user who owns the Google subject is signed in, matching the redirect and signIn.social flows. Previously it matched a local user by the token's email and used the subject only to decide linking, so a Google credential owned by one user could authenticate a different user who happened to share that email.

  /account-info now resolves the account from the signed-in user's own linked accounts and accepts an optional providerId to disambiguate when two providers issue the same account ID. A colliding account ID returns a distinct AMBIGUOUS_ACCOUNT error instead of a misleading "not found", and an account with no configured social provider returns a 400 rather than a 500.

• #9838 be32012 Thanks @​gustavovalverde! - Validate the scheme of OAuth redirect_uris in the oidc-provider and mcp plugins.

  Both plugins previously accepted any string as a redirect_uri at registration. They now reject the javascript:, data:, and vbscript: schemes, which are never valid OAuth redirect targets. The @better-auth/oauth-provider package already applied this check, so this change brings the two older plugins in line with it.

  The redirect-URI scheme policy now lives in @better-auth/core as a single SafeUrlSchema and an isSafeUrlScheme helper, and the OAuth provider plugins share that one implementation. The client navigation helpers (redirectPlugin, one-tap, and two-factor) also skip navigation when the target uses one of these schemes.

  The change is non-breaking. The http, https, loopback, and custom application schemes still register unchanged. Both oidc-provider and mcp are on the migration path to @better-auth/oauth-provider, which remains the route to its stricter HTTPS-or-loopback policy.

• #9842 87c1a0c Thanks @​bytaesu! - You can now clear an organization's logo by passing logo: null to createOrganization and updateOrganization. Previously only a string was accepted, so an existing logo could not be removed.

• #9822 9c8ded6 Thanks @​gustavovalverde! - Document viewBackupCodes as a server-only function so its API comment no longer reads like an HTTP route.

  The JSDoc above auth.api.viewBackupCodes advertised POST /two-factor/view-backup-codes, but the endpoint is server-only: it is not registered on the HTTP router and has no client method. The comment now states that it is callable only from trusted server code and that the userId should come from an authenticated session.

• #8758 23d7cbf Thanks @​bytaesu! - Apply accountLinking.updateUserInfoOnLink across every OAuth link flow.

  Enabling updateUserInfoOnLink only synced the user's profile when linking through a direct ID token. Linking through the standard OAuth redirect (linkSocial, the generic OAuth oauth2.link endpoint, and implicit linking on social sign-in) ignored the option, so the name and image never changed. Every link path now honors it.

  The synced fields match the sign-up path: name, image, and any fields your mapProfileToUser adds. The local email and emailVerified are never changed on a link, so linking a provider cannot rebind the account's identity.

  Implicit linking on social sign-in also returned the pre-update user, so the freshly issued session served stale profile data from its cookie cache until the cache expired. The new session now carries the updated profile.

• Updated dependencies [43c08a2, 5c3e248]:

  • @​better-auth/core@​1.6.13
  • @​better-auth/drizzle-adapter@​1.6.13
  • @​better-auth/kysely-adapter@​1.6.13
  • @​better-auth/memory-adapter@​1.6.13
  • @​better-auth/mongo-adapter@​1.6.13

... (truncated)

Commits

• a6f38c7 chore: release v1.6.13 (#9804)
• 87c1a0c fix(organization): allow null logo on create and update (#9842)
• be32012 fix(oauth): validate redirect_uri schemes in oidc-provider and mcp (#9838)
• 9c8ded6 docs(two-factor): mark viewBackupCodes as server-only in its API comment (#...
• 43c08a2 fix(account): scope OAuth account identity and fix buggy internalAdapter help...
• 23d7cbf fix(oauth): apply updateUserInfoOnLink in OAuth callback link flow (#8758)
• d3919dc feat(account): support server-side accountInfo calls without session header...
• 5f282bd fix(account): default storeStateStrategy to "database" when using `secondar...
• c0c574e chore: release v1.6.12 (#9590)
• c5b9f93 fix(generic-oauth): add accessTokenExpiresIn for providers that omit `expir...
• Additional commits viewable in compare view

Updates date-fns from 4.1.0 to 4.4.0

Release notes

Sourced from date-fns's releases.

v4.4.0

This release revisits the approach to CDN usage and introduces a new package, @date-fns/cdn and deprecates the date-fns CDN scripts. It allowed reducing the zipped package size from 5.83 MB down to 3.96 MB without introducing any breaking changes.

In v5.0.0-alpha.0 where CDN scripts are completely removed from date-fns the change is more significant and brings the zipped package size down to 2.89 MB.

It is just the first step in optimizing the package size. Expect further size reduction in the future v4 and v5 versions.

Changed

• DEPRECATED: The date-fns CDN scripts are now deprecated and will be removed in the next major release. Please switch to the new @date-fns/cdn package for CDN usage.

• Removed CDN source maps to reduce the package size. If you rely on them, please switch to the new @date-fns/cdn package that still includes them.

v4.3.0

Kudos to @​ImRodry and @​puneetdixit200 for their contributions.

Fixed

• Fixed missing modularized optimization fallback (for Next.js and others). See #4193.

• Fixed pt locale first day of week to be Sunday. See #4195 by @​ImRodry.

• Fixed zh-CN, zh-HK, and zh-TW locale month parsing for October, November, and December. See #4194 by @​puneetdixit200.

v4.2.1

Fixed

• Fixed type definitions missing in v4.2.0 due to TypeScript misconfiguration.

v4.2.0

This is a minor release in all senses, it only includes documentation updates (first of many) that points to the new You Don't Need date-fns* page.

* Not really

Changed

• Added Temporal API references to the JSDoc annotations of add, addBusinessDays, and addDays.

Commits

• cd53d25 Promote to v4.4.0
• d948ec1 Preserve but deprecate CDN versions for v4, set up v5 with polyfills
• ee65753 Add root mise :format task
• 9f5bdf5 Add positional argument to test/smoke.sh script
• 651ead6 Split CDN bundles into separate @​date-fns/cdn package
• 224c1a2 Deprecate type tests as attw hangs on date-fns package
• 7bb2842 Switch PACKAGE_OUTPUT_PATH to --dist flag in the package build script
• b6ad5ac Add flags to control package build script
• 424a783 Fix docs release after moving to monorepo setup
• f95bcf1 (docs): Add missing tsx dependency
• Additional commits viewable in compare view

Updates docx from 9.6.1 to 9.7.1

Release notes

Sourced from docx's releases.

9.7.1

What's Changed

• build(deps): bump nanoid from 5.1.7 to 5.1.11 by @​dependabot[bot] in dolanmiu/docx#3436
• build(deps-dev): bump inquirer from 13.3.2 to 13.4.3 by @​dependabot[bot] in dolanmiu/docx#3437
• build(deps-dev): bump prettier from 3.8.1 to 3.8.3 by @​dependabot[bot] in dolanmiu/docx#3438
• build(deps-dev): bump jiti from 2.6.1 to 2.7.0 by @​dependabot[bot] in dolanmiu/docx#3439
• build(deps-dev): bump tsx from 4.21.0 to 4.22.3 by @​dependabot[bot] in dolanmiu/docx#3440
• build(deps-dev): bump eslint-plugin-jsdoc from 62.8.0 to 63.0.0 by @​dependabot[bot] in dolanmiu/docx#3441
• build(deps-dev): bump cspell from 9.7.0 to 10.0.0 by @​dependabot[bot] in dolanmiu/docx#3442
• build(deps): bump the npm_and_yarn group across 1 directory with 3 updates by @​dependabot[bot] in dolanmiu/docx#3435
• build(deps-dev): bump eslint-plugin-functional from 9.0.4 to 9.0.5 by @​dependabot[bot] in dolanmiu/docx#3445
• build(deps): bump @​types/node from 25.5.0 to 25.9.1 by @​dependabot[bot] in dolanmiu/docx#3446
• build(deps-dev): bump pre-commit from 1.2.2 to 2.0.0 by @​dependabot[bot] in dolanmiu/docx#3447
• build(deps-dev): bump eslint-plugin-unicorn from 63.0.0 to 64.0.0 by @​dependabot[bot] in dolanmiu/docx#3448
• build(deps-dev): bump jsdom from 29.0.1 to 29.1.1 by @​dependabot[bot] in dolanmiu/docx#3449
• build(deps-dev): bump inquirer from 13.4.3 to 14.0.0 by @​dependabot[bot] in dolanmiu/docx#3451
• build(deps-dev): bump typedoc from 0.28.18 to 0.28.19 by @​dependabot[bot] in dolanmiu/docx#3452
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.59.4 to 8.60.0 by @​dependabot[bot] in dolanmiu/docx#3450
• build(deps-dev): bump @​typescript-eslint/parser from 8.59.4 to 8.60.0 by @​dependabot[bot] in dolanmiu/docx#3454
• Fix/bundle types issue by @​dolanmiu in dolanmiu/docx#3456
• build(deps-dev): bump typescript-eslint from 8.59.4 to 8.60.0 by @​dependabot[bot] in dolanmiu/docx#3455
• chore: Upgrade node-version in GitHub Actions workflow by @​dolanmiu in dolanmiu/docx#3457

Full Changelog: dolanmiu/docx@9.7.0...9.7.1

9.7.0

What's Changed

• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.56.1 to 8.57.0 by @​dependabot[bot] in dolanmiu/docx#3388
• build(deps-dev): bump typescript-eslint from 8.56.1 to 8.57.0 by @​dependabot[bot] in dolanmiu/docx#3389
• build(deps): bump @​types/node from 25.3.5 to 25.4.0 by @​dependabot[bot] in dolanmiu/docx#3390
• build(deps-dev): bump eslint-plugin-jsdoc from 62.7.1 to 62.8.0 by @​dependabot[bot] in dolanmiu/docx#3392
• build(deps-dev): bump vite from 7.3.1 to 8.0.0 by @​dependabot[bot] in dolanmiu/docx#3393
• build(deps): bump @​types/node from 25.4.0 to 25.5.0 by @​dependabot[bot] in dolanmiu/docx#3396
• build(deps-dev): bump undici from 7.21.0 to 7.24.1 in the npm_and_yarn group across 1 directory by @​dependabot[bot] in dolanmiu/docx#3398
• build(deps): bump nanoid from 5.1.6 to 5.1.7 by @​dependabot[bot] in

[dependabot]

Labels

The following labels could not be found: area:npm, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.