Skip to content

build(deps): bump the production-minor-patch group across 1 directory with 19 updates#1476

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-minor-patch-2fe6384c5e
Open

build(deps): bump the production-minor-patch group across 1 directory with 19 updates#1476
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-minor-patch-2fe6384c5e

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 8, 2026

Bumps the production-minor-patch group with 19 updates in the / directory:

Package From To
@aws-sdk/client-s3 3.1045.0 3.1063.0
@hookform/resolvers 5.2.2 5.4.0
@mdxeditor/editor 4.0.0 4.0.2
@tanstack/react-query 5.100.10 5.101.0
@tanstack/react-query-devtools 5.100.10 5.101.0
@xyflow/react 12.10.2 12.11.0
better-auth 1.6.10 1.6.14
date-fns 4.1.0 4.4.0
docx 9.6.1 9.7.1
ldapts 8.1.7 8.1.8
lucide-react 1.14.0 1.17.0
next 16.2.6 16.2.7
nodemailer 8.0.7 8.0.10
radix-ui 1.4.3 1.5.0
react 19.2.6 19.2.7
react-dom 19.2.6 19.2.7
react-hook-form 7.75.0 7.78.0
semver 7.8.0 7.8.2
shadcn 4.7.0 4.10.0

Updates @aws-sdk/client-s3 from 3.1045.0 to 3.1063.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.1063.0

3.1063.0(2026-06-05)

Chores
New Features
  • clients: update client endpoints as of 2026-06-05 (fe9a398f)
  • client-sagemaker: This release adds support for MLflow experiment tracking in SageMaker inference optimization. CreateAIRecommendationJob and CreateAIBenchmarkJob now accept an optional OutputConfig.MlflowConfig (MLflow App ARN, experiment, run name) to stream benchmark metrics and artifacts to your own MLflow App. (39430442)
  • client-emr-serverless: Adds support for updating max capacity and custom fields while application is started (6c9cce08)
  • client-dynamodb: Adding new BDD representation of endpoint ruleset (416005d4)
  • client-mediaconvert: Adds support for configurable number of Clear Lead segments at the beginning of encrypted output. Adds support for multiple trickplay variants. (40eb4c6b)
  • client-payment-cryptography: Adds CloudFormation support for resource-based policies on AWS Payment Cryptography keys. (c32019a8)
  • client-quicksight: Adds support for Knowledge Base APIs and Index Capacity API (8205152f)
Bug Fixes
  • core/httpAuthSchemes: fix concurrent skew correction (#8078) (83e48928)
Tests
  • middleware-endpoint-discovery: remove integration tests (#8077) (02363831)
  • clients: add client error deserialization tests (#8075) (0dfa4ad1)

For list of updated packages, view updated-packages.md in assets-3.1063.0.zip

v3.1062.0

3.1062.0(2026-06-04)

Chores
  • scripts: include generated packages when validating declared imports 1-1 with used imports (#8072) (291ad366)
Documentation Changes
  • client-guardduty: Remove unsupported RDS field for filter (5815da7f)
New Features
  • client-interconnect: Adding new BDD representation of endpoint ruleset (34e23ef2)
  • client-ec2-instance-connect: Adding new BDD representation of endpoint ruleset (c2a4981e)
  • client-mq: BDD bulk update change rollout (e058b8fd)
  • client-workspaces: Adding new BDD representation of endpoint ruleset (6b1e3602)
  • client-connectparticipant: Adding new BDD representation of endpoint ruleset (22db2a6a)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.1063.0 (2026-06-05)

Note: Version bump only for package @​aws-sdk/client-s3

3.1062.0 (2026-06-04)

Note: Version bump only for package @​aws-sdk/client-s3

3.1061.0 (2026-06-03)

Note: Version bump only for package @​aws-sdk/client-s3

3.1060.0 (2026-06-03)

Note: Version bump only for package @​aws-sdk/client-s3

3.1059.0 (2026-06-02)

Note: Version bump only for package @​aws-sdk/client-s3

3.1058.0 (2026-06-01)

Note: Version bump only for package @​aws-sdk/client-s3

3.1057.0 (2026-05-29)

... (truncated)

Commits
  • 85dabf4 Publish v3.1063.0
  • 9bd1a86 chore: update author URL in package.json (#8080)
  • f5235bb Publish v3.1062.0
  • 291ad36 chore(scripts): include generated packages when validating declared imports 1...
  • 71df2cc Publish v3.1061.0
  • 1216094 chore(middleware-sdk-s3): consolidate S3 internal packages (#8026)
  • 8aeb92d Publish v3.1060.0
  • 75bb4fc Publish v3.1059.0
  • 6b082a6 chore(codegen): sync for adaptive retry fix, EAI_AGAIN transient error (#8067)
  • d7602d4 Publish v3.1058.0
  • Additional commits viewable in compare view

Updates @hookform/resolvers from 5.2.2 to 5.4.0

Release notes

Sourced from @​hookform/resolvers's releases.

v5.4.0

5.4.0 (2026-05-21)

Features

  • feat: add ata-validator resolver (#845)

Fixes

  • fix issue with toNestErrors.ts (#848)
  • add guidance on passing context to yupResolver (useForm context) (#835) (3d29924)
Commits

Updates @mdxeditor/editor from 4.0.0 to 4.0.2

Release notes

Sourced from @​mdxeditor/editor's releases.

v4.0.2

4.0.2 (2026-06-03)

Bug Fixes

  • preserve blank lines within markdown list items (0886ac9), closes #936

v4.0.1

4.0.1 (2026-05-20)

Bug Fixes

  • fall back to default code block language on import (835ad54), closes #935
Commits
  • 0886ac9 fix: preserve blank lines within markdown list items
  • 835ad54 fix: fall back to default code block language on import
  • 869f769 Harden GitHub Actions workflows (#934)
  • See full diff in compare view

Updates @tanstack/react-query from 5.100.10 to 5.101.0

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.101.0

Patch Changes

@​tanstack/react-query-next-experimental@​5.101.0

Patch Changes

  • #10857 7cf5923 - fix(react-query-next-experimental): replace deprecated 'isServer' with 'environmentManager.isServer()'

  • Updated dependencies []:

    • @​tanstack/react-query@​5.101.0

@​tanstack/react-query-persist-client@​5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-persist-client-core@​5.101.0
    • @​tanstack/react-query@​5.101.0

@​tanstack/react-query@​5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.101.0

@​tanstack/react-query-devtools@​5.100.14

Patch Changes

  • Updated dependencies [ed20b6d]:
    • @​tanstack/react-query@​5.100.14
    • @​tanstack/query-devtools@​5.100.14

@​tanstack/react-query-next-experimental@​5.100.14

Patch Changes

  • Updated dependencies [ed20b6d]:
    • @​tanstack/react-query@​5.100.14

@​tanstack/react-query-persist-client@​5.100.14

Patch Changes

  • Updated dependencies [ed20b6d]:
    • @​tanstack/react-query@​5.100.14
    • @​tanstack/query-persist-client-core@​5.100.14

@​tanstack/react-query@​5.100.14

Patch Changes

... (truncated)

Changelog

Sourced from @​tanstack/react-query's changelog.

5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.101.0

5.100.14

Patch Changes

  • fix(react-query): do not go into optimistic fetching state when not subscribed (#10759)

  • Updated dependencies []:

    • @​tanstack/query-core@​5.100.14

5.100.13

Patch Changes

  • Updated dependencies [d423168]:
    • @​tanstack/query-core@​5.100.13

5.100.12

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.100.12

5.100.11

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.100.11
Commits

Updates @tanstack/react-query-devtools from 5.100.10 to 5.101.0

Release notes

Sourced from @​tanstack/react-query-devtools's releases.

@​tanstack/react-query-devtools@​5.101.0

Patch Changes

@​tanstack/react-query-devtools@​5.100.14

Patch Changes

  • Updated dependencies [ed20b6d]:
    • @​tanstack/react-query@​5.100.14
    • @​tanstack/query-devtools@​5.100.14

@​tanstack/react-query-devtools@​5.100.13

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-devtools@​5.100.13
    • @​tanstack/react-query@​5.100.13

@​tanstack/react-query-devtools@​5.100.12

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-devtools@​5.100.12
    • @​tanstack/react-query@​5.100.12
Changelog

Sourced from @​tanstack/react-query-devtools's changelog.

5.101.0

Patch Changes

5.100.14

Patch Changes

  • Updated dependencies [ed20b6d]:
    • @​tanstack/react-query@​5.100.14
    • @​tanstack/query-devtools@​5.100.14

5.100.13

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-devtools@​5.100.13
    • @​tanstack/react-query@​5.100.13

5.100.12

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-devtools@​5.100.12
    • @​tanstack/react-query@​5.100.12

5.100.11

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-devtools@​5.100.11
    • @​tanstack/react-query@​5.100.11
Commits

Updates @xyflow/react from 12.10.2 to 12.11.0

Release notes

Sourced from @​xyflow/react's releases.

@​xyflow/react@​12.11.0

12.11.0

Minor Changes

  • #5677 e6661de - Add autoPanOnSelection to auto-pan when user drags a selection close to the edge of the viewport.

Patch Changes

  • #5791 732c8eb - Adds a type error when handleId is used without handleType in useNodeConnections

  • #5793 c5c853d - Dev Warnings now use library-specific messaging with the correct documentation links.

  • #5776 0441e9f - Export NodeHandle type

  • #5755 88737f9 - Add @types/react and @types/react-dom as optional peer dependencies to prevent issues with pnpm strict mode (hoist: false)

  • #5105 076ad38 - Fix type for event passed to onNodeDrag

  • #5784 7055140 - Fix node resizing possible beyond absolute extents

  • #5769 ad4d547 - Use useEffect for StoreUpdater to restore previous behaviour

  • Updated dependencies [732c8eb, c5c853d, e6661de, 737194d, 40660cd, 4806e7c, 7055140]:

    • @​xyflow/system@​0.0.77
Changelog

Sourced from @​xyflow/react's changelog.

12.11.0

Minor Changes

  • #5677 e6661de - Add autoPanOnSelection to auto-pan when user drags a selection close to the edge of the viewport.

Patch Changes

  • #5791 732c8eb - Adds a type error when handleId is used without handleType in useNodeConnections

  • #5793 c5c853d - Dev Warnings now use library-specific messaging with the correct documentation links.

  • #5776 0441e9f - Export NodeHandle type

  • #5755 88737f9 - Add @types/react and @types/react-dom as optional peer dependencies to prevent issues with pnpm strict mode (hoist: false)

  • #5105 076ad38 - Fix type for event passed to onNodeDrag

  • #5784 7055140 - Fix node resizing possible beyond absolute extents

  • #5769 ad4d547 - Use useEffect for StoreUpdater to restore previous behaviour

  • Updated dependencies [732c8eb, c5c853d, e6661de, 737194d, 40660cd, 4806e7c, 7055140]:

    • @​xyflow/system@​0.0.77
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​xyflow/react since your current version.


Updates better-auth from 1.6.10 to 1.6.14

Release notes

Sourced from better-auth's releases.

v1.6.14

better-auth

Bug Fixes

  • Fixed Google One Tap authenticating the wrong user when the presented Google account was already linked to a different local user.
  • Fixed null values being rejected for optional fields in the generated database schema (#9841)
  • Fixed getSessionCookie to prefer the __Secure- prefixed cookie over a non-secure leftover, preventing a stale cookie from shadowing the current session (#9806)
  • Fixed redirect URI validation to work on all supported runtimes and to reject URIs containing a fragment component per RFC 6749 §3.1.2 (#9845)
  • Fixed organization invitation verification to restore the normal emailed-invitation flow while enforcing stricter email verification for externally controlled or predictable invitation IDs (#9877)

For detailed changes, see CHANGELOG

@better-auth/sso

Bug Fixes

  • Fixed SAML Single Logout leaving the user signed in due to the logout handlers matching the session by ID instead of token.

For detailed changes, see CHANGELOG

Contributors

Thanks to everyone who contributed to this release:

@​bytaesu, @​gustavovalverde

Full changelog: v1.6.13...v1.6.14

v1.6.13

better-auth

Features

  • Added support for server-side accountInfo calls with an optional userId parameter, allowing trusted callers to read provider profiles without constructing session headers (#9813)

Bug Fixes

  • Clarified that viewBackupCodes is a server-only function not accessible via HTTP in its API documentation (#9822)
  • Fixed Google One Tap authenticating the wrong user when the presented Google account is already linked to a different local user, by resolving identity through the shared OAuth path
  • Fixed storeStateStrategy defaulting to "cookie" instead of "database" when only secondaryStorage is configured, preventing oversized-cookie errors on platforms like AWS Lambda (#9591)
  • Fixed updateUserInfoOnLink not being applied when linking accounts through the standard OAuth redirect flow (#8758)
  • Fixed oidc-provider and mcp plugins accepting invalid redirect_uri schemes such as javascript: and data: (#9838)
  • Fixed organization logo not accepting null, preventing users from clearing an existing logo on create and update (#9842)

For detailed changes, see CHANGELOG

@better-auth/sso

Bug Fixes

... (truncated)

Changelog

Sourced from better-auth's changelog.

1.6.14

Patch Changes

  • #9877 2d9781a Thanks @​gustavovalverde! - Restore the normal emailed-invitation flow while documenting the stricter verification posture for organization invitations.

    Client-side listUserInvitations now always requires a verified session email because it enumerates invitation IDs from session.user.email. The requireEmailVerificationOnInvitation option now controls recipient calls that carry an invitation ID (acceptInvitation, rejectInvitation, getInvitation). When unset, Better Auth keeps the emailed-invitation sign-up flow for built-in opaque invitation IDs, including the default generator or advanced.database.generateId: "uuid", and requires verified email when invitation IDs are externally controlled or predictable, such as advanced.database.generateId: "serial" / false or custom ID generation. Apps that expose invitation IDs outside the invited user's mailbox, expose organization invitation lists to members, or require stricter ownership proof should set requireEmailVerificationOnInvitation: true or require verified email before sign-in.

  • #9841 5a2d642 Thanks @​bytaesu! - Optional fields (required: false) now accept null, not just omission. The generated input validation previously rejected null even though the column is nullable, so a nullable field could not be cleared by passing null.

  • #9845 13abc79 Thanks @​gustavovalverde! - Harden redirect-URI validation across the OAuth provider plugins. isSafeUrlScheme and SafeUrlSchema no longer call URL.canParse, which is absent on some supported runtimes and could throw or silently disable the dangerous-scheme check. They now parse with a try/catch fallback. SafeUrlSchema also rejects redirect URIs that contain a fragment component, per RFC 6749 §3.1.2.

  • #9806 9d3450a Thanks @​bytaesu! - getSessionCookie now prefers the __Secure- cookie when both it and a non-secure cookie are present, so the non-secure cookie no longer shadows the current session cookie.

  • Updated dependencies [13abc79]:

    • @​better-auth/core@​1.6.14
    • @​better-auth/drizzle-adapter@​1.6.14
    • @​better-auth/kysely-adapter@​1.6.14
    • @​better-auth/memory-adapter@​1.6.14
    • @​better-auth/mongo-adapter@​1.6.14
    • @​better-auth/prisma-adapter@​1.6.14
    • @​better-auth/telemetry@​1.6.14

1.6.13

Patch Changes

  • #9813 d3919dc Thanks @​gustavovalverde! - Support server-side accountInfo calls without session headers.

    auth.api.accountInfo now accepts an optional userId, so a trusted server-side caller can read a user's provider profile without constructing session headers. This mirrors getAccessToken and refreshToken. HTTP callers still require a valid session, and a session always takes precedence over a supplied userId.

    The shared "resolve the target user, then fetch a valid access token" logic behind these three endpoints now lives in one place. As part of that, a server-side call that supplies neither a session nor a userId reports USER_ID_OR_SESSION_REQUIRED (400) consistently, rather than UNAUTHORIZED on some endpoints.

  • #9591 5f282bd Thanks @​Vishesh-Verma-07! - When only secondaryStorage is configured (no primary database), storeStateStrategy now defaults to "database" instead of "cookie", preventing oversized-cookie errors on platforms like AWS Lambda. The account cookie that holds OAuth tokens in database-less setups stays enabled, so getAccessToken keeps working.

  • #9818 43c08a2 Thanks @​gustavovalverde! - Fix two buggy internalAdapter helpers.

    Remove findAccount(accountId). It looked accounts up by account ID alone, which is unique neither across providers nor across users, so it returned a non-deterministic match. All callers now use a user-scoped or provider-scoped lookup.

    Replace the ambiguous deleteSessions(string | string[]) with two explicit methods. deleteUserSessions(userId) revokes every session for a user, and deleteSessions(tokens) revokes sessions by token. The old single-string overload silently treated its argument as a user ID, so a caller that meant to delete one session token could instead wipe all of a user's sessions or quietly match nothing.

  • #9818 43c08a2 Thanks @​gustavovalverde! - Fix Google One Tap signing in the wrong user when the presented Google account is already linked to someone else. One Tap now resolves identity through the shared OAuth path, so the user who owns the Google subject is signed in, matching the redirect and signIn.social flows. Previously it matched a local user by the token's email and used the subject only to decide linking, so a Google credential owned by one user could authenticate a different user who happened to share that email.

    /account-info now resolves the account from the signed-in user's own linked accounts and accepts an optional providerId to disambiguate when two providers issue the same account ID. A colliding account ID returns a distinct AMBIGUOUS_ACCOUNT error instead of a misleading "not found", and an account with no configured social provider returns a 400 rather than a 500.

  • #9838 be32012 Thanks @​gustavovalverde! - Validate the scheme of OAuth redirect_uris in the oidc-provider and mcp plugins.

    Both plugins previously accepted any string as a redirect_uri at registration. They now reject the javascript:, data:, and vbscript: schemes, which are never valid OAuth redirect targets. The @better-auth/oauth-provider package already applied this check, so this change brings the two older plugins in line with it.

... (truncated)

Commits
  • 5038d41 chore: release v1.6.14 (#9846)
  • 2d9781a fix(organization): split invitation verification gates (#9877)
  • 5a2d642 fix: accept null for optional fields in generated schema (#9841)
  • 9d3450a fix(cookies): prefer __Secure- cookie in getSessionCookie (#9806)
  • a6f38c7 chore: release v1.6.13 (#9804)
  • 87c1a0c fix(organization): allow null logo on create and update (#9842)
  • be32012 fix(oauth): validate redirect_uri schemes in oidc-provider and mcp (#9838)
  • 9c8ded6 docs(two-factor): mark viewBackupCodes as server-only in its API comment (#...
  • 43c08a2 fix(account): scope OAuth account identity and fix buggy internalAdapter help...
  • 23d7cbf fix(oauth): apply updateUserInfoOnLink in OAuth callback link flow (#8758)
  • Additional commits viewable in compare view

Updates date-fns from 4.1.0 to 4.4.0

Release notes

Sourced from date-fns's releases.

v4.4.0

This release revisits the approach to CDN usage and introduces a new package, @date-fns/cdn and deprecates the date-fns CDN scripts. It allowed reducing the zipped package size from 5.83 MB down to 3.96 MB without introducing any breaking changes.

In v5.0.0-alpha.0 where CDN scripts are completely removed from date-fns the change is more significant and brings the zipped package size down to 2.89 MB.

It is just the first step in optimizing the package size. Expect further size reduction in the future v4 and v5 versions.

Changed

  • DEPRECATED: The date-fns CDN scripts are now deprecated and will be removed in the next major release. Please switch to the new @date-fns/cdn package for CDN usage.

  • Removed CDN source maps to reduce the package size. If you rely on them, please switch to the new @date-fns/cdn package that still includes them.

v4.3.0

Kudos to @​ImRodry and @​puneetdixit200 for their contributions.

Fixed

v4.2.1

Fixed

  • Fixed type definitions missing in v4.2.0 due to TypeScript misconfiguration.

v4.2.0

This is a minor release in all senses, it only includes documentation updates (first of many) that points to the new You Don't Need date-fns* page.

* Not really

Changed

  • Added Temporal API references to the JSDoc annotations of add, addBusinessDays, and addDays.
Commits
  • cd53d25 Promote to v4.4.0
  • d948ec1 Preserve but deprecate CDN versions for v4, set up v5 with polyfills
  • ee65753 Add root mise :format task
  • 9f5bdf5 Add positional argument to test/smoke.sh script
  • 651ead6 Split CDN bundles into separate @​date-fns/cdn package
  • 224c1a2 Deprecate type tests as attw hangs on date-fns package
  • 7bb2842 Switch PACKAGE_OUTPUT_PATH to --dist flag in the package build script
  • b6ad5ac Add flags to control package build script
  • 424a783 Fix docs release after moving to monorepo setup
  • f95bcf1 (docs): Add missing tsx dependency
  • Additional commits viewable in compare view

Updates docx from 9.6.1 to 9.7.1

Release notes

Sourced from docx's releases.

9.7.1

What's Changed

Full Changelog: dolanmiu/docx@9.7.0...9.7.1

9.7.0

What's Changed

@dependabot
build(deps): bump the production-minor-patch group across 1 directory…
66c99cf 
… with 19 updates

Bumps the production-minor-patch group with 19 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1045.0` | `3.1063.0` |
| [@hookform/resolvers](https://github.com/react-hook-form/resolvers) | `5.2.2` | `5.4.0` |
| [@mdxeditor/editor](https://github.com/mdx-editor/editor) | `4.0.0` | `4.0.2` |
| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.100.10` | `5.101.0` |
| [@tanstack/react-query-devtools](https://github.com/TanStack/query/tree/HEAD/packages/react-query-devtools) | `5.100.10` | `5.101.0` |
| [@xyflow/react](https://github.com/xyflow/xyflow/tree/HEAD/packages/react) | `12.10.2` | `12.11.0` |
| [better-auth](https://github.com/better-auth/better-auth/tree/HEAD/packages/better-auth) | `1.6.10` | `1.6.14` |
| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.4.0` |
| [docx](https://github.com/dolanmiu/docx) | `9.6.1` | `9.7.1` |
| [ldapts](https://github.com/ldapts/ldapts) | `8.1.7` | `8.1.8` |
| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.14.0` | `1.17.0` |
| [next](https://github.com/vercel/next.js) | `16.2.6` | `16.2.7` |
| [nodemailer](https://github.com/nodemailer/nodemailer) | `8.0.7` | `8.0.10` |
| [radix-ui](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/radix-ui) | `1.4.3` | `1.5.0` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |
| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.75.0` | `7.78.0` |
| [semver](https://github.com/npm/node-semver) | `7.8.0` | `7.8.2` |
| [shadcn](https://github.com/shadcn-ui/ui/tree/HEAD/packages/shadcn) | `4.7.0` | `4.10.0` |



Updates `@aws-sdk/client-s3` from 3.1045.0 to 3.1063.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1063.0/clients/client-s3)

Updates `@hookform/resolvers` from 5.2.2 to 5.4.0
- [Release notes](https://github.com/react-hook-form/resolvers/releases)
- [Commits](react-hook-form/resolvers@v5.2.2...v5.4.0)

Updates `@mdxeditor/editor` from 4.0.0 to 4.0.2
- [Release notes](https://github.com/mdx-editor/editor/releases)
- [Commits](mdx-editor/editor@v4.0.0...v4.0.2)

Updates `@tanstack/react-query` from 5.100.10 to 5.101.0
- [Release notes](https://github.com/TanStack/query/releases)
- [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md)
- [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query@5.101.0/packages/react-query)

Updates `@tanstack/react-query-devtools` from 5.100.10 to 5.101.0
- [Release notes](https://github.com/TanStack/query/releases)
- [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query-devtools/CHANGELOG.md)
- [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query-devtools@5.101.0/packages/react-query-devtools)

Updates `@xyflow/react` from 12.10.2 to 12.11.0
- [Release notes](https://github.com/xyflow/xyflow/releases)
- [Changelog](https://github.com/xyflow/xyflow/blob/main/packages/react/CHANGELOG.md)
- [Commits](https://github.com/xyflow/xyflow/commits/@xyflow/react@12.11.0/packages/react)

Updates `better-auth` from 1.6.10 to 1.6.14
- [Release notes](https://github.com/better-auth/better-auth/releases)
- [Changelog](https://github.com/better-auth/better-auth/blob/main/packages/better-auth/CHANGELOG.md)
- [Commits](https://github.com/better-auth/better-auth/commits/better-auth@1.6.14/packages/better-auth)

Updates `date-fns` from 4.1.0 to 4.4.0
- [Release notes](https://github.com/date-fns/date-fns/releases)
- [Commits](date-fns/date-fns@v4.1.0...v4.4.0)

Updates `docx` from 9.6.1 to 9.7.1
- [Release notes](https://github.com/dolanmiu/docx/releases)
- [Commits](dolanmiu/docx@9.6.1...9.7.1)

Updates `ldapts` from 8.1.7 to 8.1.8
- [Release notes](https://github.com/ldapts/ldapts/releases)
- [Changelog](https://github.com/ldapts/ldapts/blob/main/CHANGELOG.md)
- [Commits](ldapts/ldapts@v8.1.7...v8.1.8)

Updates `lucide-react` from 1.14.0 to 1.17.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/1.17.0/packages/lucide-react)

Updates `next` from 16.2.6 to 16.2.7
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v16.2.6...v16.2.7)

Updates `nodemailer` from 8.0.7 to 8.0.10
- [Release notes](https://github.com/nodemailer/nodemailer/releases)
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md)
- [Commits](nodemailer/nodemailer@v8.0.7...v8.0.10)

Updates `radix-ui` from 1.4.3 to 1.5.0
- [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/radix-ui/CHANGELOG.md)
- [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/radix-ui)

Updates `react` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react)

Updates `react-dom` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

Updates `react-hook-form` from 7.75.0 to 7.78.0
- [Release notes](https://github.com/react-hook-form/react-hook-form/releases)
- [Changelog](https://github.com/react-hook-form/react-hook-form/blob/master/CHANGELOG.md)
- [Commits](react-hook-form/react-hook-form@v7.75.0...v7.78.0)

Updates `semver` from 7.8.0 to 7.8.2
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.8.0...v7.8.2)

Updates `shadcn` from 4.7.0 to 4.10.0
- [Release notes](https://github.com/shadcn-ui/ui/releases)
- [Changelog](https://github.com/shadcn-ui/ui/blob/main/packages/shadcn/CHANGELOG.md)
- [Commits](https://github.com/shadcn-ui/ui/commits/shadcn@4.10.0/packages/shadcn)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-s3"
  dependency-version: 3.1063.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: "@hookform/resolvers"
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: "@mdxeditor/editor"
  dependency-version: 4.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: "@tanstack/react-query"
  dependency-version: 5.101.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: "@tanstack/react-query-devtools"
  dependency-version: 5.101.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: "@xyflow/react"
  dependency-version: 12.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: better-auth
  dependency-version: 1.6.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: date-fns
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: docx
  dependency-version: 9.7.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: ldapts
  dependency-version: 8.1.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: lucide-react
  dependency-version: 1.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: next
  dependency-version: 16.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: nodemailer
  dependency-version: 8.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: radix-ui
  dependency-version: 1.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: react
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: react-hook-form
  dependency-version: 7.78.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: semver
  dependency-version: 7.8.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: shadcn
  dependency-version: 4.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Jun 8, 2026

Labels

The following labels could not be found: area:npm, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants