Skip to content

build(deps): bump the production-minor-patch group across 1 directory with 19 updates#1479

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-minor-patch-bb0411a078
Closed

build(deps): bump the production-minor-patch group across 1 directory with 19 updates#1479
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-minor-patch-bb0411a078

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor

Bumps the production-minor-patch group with 19 updates in the / directory:

Package From To
@aws-sdk/client-s3 3.1045.0 3.1068.0
@hookform/resolvers 5.2.2 5.4.0
@mdxeditor/editor 4.0.0 4.0.3
@tanstack/react-query 5.100.10 5.101.0
@tanstack/react-query-devtools 5.100.10 5.101.0
@xyflow/react 12.10.2 12.11.0
better-auth 1.6.10 1.6.18
date-fns 4.1.0 4.4.0
docx 9.6.1 9.7.1
ldapts 8.1.7 8.1.8
lucide-react 1.14.0 1.18.0
next 16.2.6 16.2.9
radix-ui 1.4.3 1.5.0
react 19.2.6 19.2.7
react-dom 19.2.6 19.2.7
react-hook-form 7.75.0 7.79.0
react-qr-code 2.0.21 2.2.0
semver 7.8.0 7.8.4
shadcn 4.7.0 4.11.0

Updates @aws-sdk/client-s3 from 3.1045.0 to 3.1068.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.1068.0

3.1068.0(2026-06-12)

Documentation Changes
  • client-iam: Updating documentation for select service-specific credential APIs (f572228a)
New Features
  • clients: update client endpoints as of 2026-06-12 (3f89d039)
  • client-acm: Certificate transparency logging opt-out is no longer available. Per compliance requirements, all public ACM certificates are automatically recorded in certificate transparency logs. The CertificateTransparencyLoggingPreference option is deprecated. (ca60b0f9)
  • client-eks: Patches missing enum values for EKS updates (c2df34dc)
  • client-sagemaker-runtime: Added support for inline request payloads to the InvokeEndpointAsync operation to allow users to provide the inference payload directly in the request Body (up to 128,000 bytes) as an alternative to uploading the payload to Amazon S3 and passing InputLocation. (c4e229dd)
  • client-glue: Adds support for retrieving Apache Iceberg table metadata via GetTable. Use the new AttributesToGet parameter with LATEST ICEBERG METADATA to receive schema, partition specs, sort orders, and table properties in the response. (f45445f9)
  • client-firehose: Update KeyARN in DeliveryStreamEncryptionConfigurationInput to accept KMS key ARNs only (not alias ARNs), matching service behavior. (80837cd3)
  • client-bedrock-agentcore: Added tagging and CMK support across optimization, an explanation field in recommendation output, and an insights feature to identify failure patterns, extract user intents, and summarize execution behavior (1c06496f)
  • client-devops-agent: Adds support for Trigger CRUD APIs (CreateTrigger, GetTrigger, UpdateTrigger, DeleteTrigger, ListTriggers) for managing schedule-based automation triggers in DevOps Agent agent spaces. (7139cf1e)
  • client-bedrock-agentcore-control: Added tagging and CMK support for optimizations and an insights feature to identify failure patterns, extract user intents, and summarize execution behavior (571ac1e7)

For list of updated packages, view updated-packages.md in assets-3.1068.0.zip

v3.1067.0

3.1067.0(2026-06-11)

Documentation Changes
  • suggest UndiciHttpHandler as an alternative request handler (#8092) (bd18a9f0)
New Features
  • client-eks: Introduce new CreateCluster parameters for Amazon EKS local clusters on AWS Outposts. Added etcdInstanceType for configuring the EC2 instance type for dedicated etcd instances, and spreadLevel for configuring the placement group spread level for Kubernetes control plane and etcd instances. (383363d5)
  • client-omics: Adds support for workflowName in the ListRuns API response. (fa2f4604)
  • client-neptune: Amazon Neptune now supports IPv6 dual-stack networking. You can create and manage Neptune DB clusters accessible over both IPv4 and IPv6 by specifying NetworkType as DUAL in CreateDBCluster, ModifyDBCluster, RestoreDBClusterFromSnapshot, and RestoreDBClusterToPointInTime API operations (ae089f94)
  • client-bedrock-agentcore: Adds support to perform cross account data plane actions on an AgentCore Memory resource (8d92e480)
  • client-healthlake: Adds the UpdateFHIRDatastore API and adds analytics, NLP, and profile configuration support to CreateFHIRDatastore and DescribeFHIRDatastore. (c74ab005)
  • client-bedrock-agentcore-control: Supports deterministic metadata for AgentCore Memory (af7a995a)
  • client-support: Adding new BDD representation of endpoint ruleset (cd9dac21)

For list of updated packages, view updated-packages.md in assets-3.1067.0.zip

v3.1066.0

3.1066.0(2026-06-10)

New Features

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.1068.0 (2026-06-12)

Note: Version bump only for package @​aws-sdk/client-s3

3.1067.0 (2026-06-11)

Note: Version bump only for package @​aws-sdk/client-s3

3.1066.0 (2026-06-10)

Note: Version bump only for package @​aws-sdk/client-s3

3.1065.0 (2026-06-09)

Note: Version bump only for package @​aws-sdk/client-s3

3.1064.0 (2026-06-08)

Note: Version bump only for package @​aws-sdk/client-s3

3.1063.0 (2026-06-05)

Note: Version bump only for package @​aws-sdk/client-s3

3.1062.0 (2026-06-04)

... (truncated)

Commits

Updates @hookform/resolvers from 5.2.2 to 5.4.0

Release notes

Sourced from @​hookform/resolvers's releases.

v5.4.0

5.4.0 (2026-05-21)

Features

  • feat: add ata-validator resolver (#845)

Fixes

  • fix issue with toNestErrors.ts (#848)
  • add guidance on passing context to yupResolver (useForm context) (#835) (3d29924)
Commits

Updates @mdxeditor/editor from 4.0.0 to 4.0.3

Release notes

Sourced from @​mdxeditor/editor's releases.

v4.0.3

4.0.3 (2026-06-12)

Bug Fixes

  • types: repair declaration rollup output (b34e0f7), closes #939

v4.0.2

4.0.2 (2026-06-03)

Bug Fixes

  • preserve blank lines within markdown list items (0886ac9), closes #936

v4.0.1

4.0.1 (2026-05-20)

Bug Fixes

  • fall back to default code block language on import (835ad54), closes #935
Commits
  • b34e0f7 fix(types): repair declaration rollup output
  • 0886ac9 fix: preserve blank lines within markdown list items
  • 835ad54 fix: fall back to default code block language on import
  • 869f769 Harden GitHub Actions workflows (#934)
  • See full diff in compare view

Updates @tanstack/react-query from 5.100.10 to 5.101.0

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.101.0

Patch Changes

@​tanstack/react-query-next-experimental@​5.101.0

Patch Changes

  • #10857 7cf5923 - fix(react-query-next-experimental): replace deprecated 'isServer' with 'environmentManager.isServer()'

  • Updated dependencies []:

    • @​tanstack/react-query@​5.101.0

@​tanstack/react-query-persist-client@​5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-persist-client-core@​5.101.0
    • @​tanstack/react-query@​5.101.0

@​tanstack/react-query@​5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.101.0

@​tanstack/react-query-devtools@​5.100.14

Patch Changes

  • Updated dependencies [ed20b6d]:
    • @​tanstack/react-query@​5.100.14
    • @​tanstack/query-devtools@​5.100.14

@​tanstack/react-query-next-experimental@​5.100.14

Patch Changes

  • Updated dependencies [ed20b6d]:
    • @​tanstack/react-query@​5.100.14

@​tanstack/react-query-persist-client@​5.100.14

Patch Changes

  • Updated dependencies [ed20b6d]:
    • @​tanstack/react-query@​5.100.14
    • @​tanstack/query-persist-client-core@​5.100.14

@​tanstack/react-query@​5.100.14

Patch Changes

... (truncated)

Changelog

Sourced from @​tanstack/react-query's changelog.

5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.101.0

5.100.14

Patch Changes

  • fix(react-query): do not go into optimistic fetching state when not subscribed (#10759)

  • Updated dependencies []:

    • @​tanstack/query-core@​5.100.14

5.100.13

Patch Changes

  • Updated dependencies [d423168]:
    • @​tanstack/query-core@​5.100.13

5.100.12

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.100.12

5.100.11

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.100.11
Commits

Updates @tanstack/react-query-devtools from 5.100.10 to 5.101.0

Release notes

Sourced from @​tanstack/react-query-devtools's releases.

@​tanstack/react-query-devtools@​5.101.0

Patch Changes

@​tanstack/react-query-devtools@​5.100.14

Patch Changes

  • Updated dependencies [ed20b6d]:
    • @​tanstack/react-query@​5.100.14
    • @​tanstack/query-devtools@​5.100.14

@​tanstack/react-query-devtools@​5.100.13

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-devtools@​5.100.13
    • @​tanstack/react-query@​5.100.13

@​tanstack/react-query-devtools@​5.100.12

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-devtools@​5.100.12
    • @​tanstack/react-query@​5.100.12
Changelog

Sourced from @​tanstack/react-query-devtools's changelog.

5.101.0

Patch Changes

5.100.14

Patch Changes

  • Updated dependencies [ed20b6d]:
    • @​tanstack/react-query@​5.100.14
    • @​tanstack/query-devtools@​5.100.14

5.100.13

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-devtools@​5.100.13
    • @​tanstack/react-query@​5.100.13

5.100.12

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-devtools@​5.100.12
    • @​tanstack/react-query@​5.100.12

5.100.11

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-devtools@​5.100.11
    • @​tanstack/react-query@​5.100.11
Commits

Updates @xyflow/react from 12.10.2 to 12.11.0

Release notes

Sourced from @​xyflow/react's releases.

@​xyflow/react@​12.11.0

12.11.0

Minor Changes

  • #5677 e6661de - Add autoPanOnSelection to auto-pan when user drags a selection close to the edge of the viewport.

Patch Changes

  • #5791 732c8eb - Adds a type error when handleId is used without handleType in useNodeConnections

  • #5793 c5c853d - Dev Warnings now use library-specific messaging with the correct documentation links.

  • #5776 0441e9f - Export NodeHandle type

  • #5755 88737f9 - Add @types/react and @types/react-dom as optional peer dependencies to prevent issues with pnpm strict mode (hoist: false)

  • #5105 076ad38 - Fix type for event passed to onNodeDrag

  • #5784 7055140 - Fix node resizing possible beyond absolute extents

  • #5769 ad4d547 - Use useEffect for StoreUpdater to restore previous behaviour

  • Updated dependencies [732c8eb, c5c853d, e6661de, 737194d, 40660cd, 4806e7c, 7055140]:

    • @​xyflow/system@​0.0.77
Changelog

Sourced from @​xyflow/react's changelog.

12.11.0

Minor Changes

  • #5677 e6661de - Add autoPanOnSelection to auto-pan when user drags a selection close to the edge of the viewport.

Patch Changes

  • #5791 732c8eb - Adds a type error when handleId is used without handleType in useNodeConnections

  • #5793 c5c853d - Dev Warnings now use library-specific messaging with the correct documentation links.

  • #5776 0441e9f - Export NodeHandle type

  • #5755 88737f9 - Add @types/react and @types/react-dom as optional peer dependencies to prevent issues with pnpm strict mode (hoist: false)

  • #5105 076ad38 - Fix type for event passed to onNodeDrag

  • #5784 7055140 - Fix node resizing possible beyond absolute extents

  • #5769 ad4d547 - Use useEffect for StoreUpdater to restore previous behaviour

  • Updated dependencies [732c8eb, c5c853d, e6661de, 737194d, 40660cd, 4806e7c, 7055140]:

    • @​xyflow/system@​0.0.77
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​xyflow/react since your current version.


Updates better-auth from 1.6.10 to 1.6.18

Release notes

Sourced from better-auth's releases.

v1.6.18

better-auth

Bug Fixes

  • Fixed getCookieCache to return null for expired sessions instead of treating stale signed cookies as live sessions.
  • Fixed the delete-account confirmation link to prevent duplicate account deletions from concurrent callback requests.
  • Fixed one-time tokens from being redeemable multiple times under concurrent requests.
  • Fixed password reset tokens from changing a password more than once under concurrent requests.
  • Fixed Reddit sign-in to assign a non-routable placeholder address (<id>@reddit.invalid) to users with no email, preventing accidental matches with real mailboxes.
  • Fixed Sign-In with Ethereum nonces from being accepted multiple times under concurrent sign-in requests.
  • Added internalAdapter.reserveVerificationValue to atomically record single-use markers, ensuring only one concurrent caller succeeds for replay-protected operations.
  • Added the incrementOne adapter method and SecondaryStorage.increment for atomic counter updates, enabling strict rate-limit and usage-counter enforcement under concurrent load.
  • Fixed expired two-factor challenges from completing login and prevented duplicate session creation from concurrent verifications.
  • Fixed captcha verification to time out after 10 seconds, preventing slow or unreachable captcha providers from hanging requests indefinitely.
  • Fixed /delete-user/callback to reject account deletion when the session has been revoked server-side (cookie-only session deployments are unaffected).
  • Fixed rate limiting to prevent concurrent requests from slipping past configured limits, with a new optional consume method for custom storage backends to opt into strict enforcement.
  • Fixed team deletion to preserve pending invitations by removing only the deleted team's reference rather than invalidating the invitations entirely.
  • Fixed expected authentication validation failures to log as warnings instead of errors.
  • Fixed MCP bearer token validation to reject expired access tokens and require the offline_access scope for refresh token usage.
  • Fixed plugin API inference in composite monorepo setups where the core package resolved through multiple paths (#9583)
  • Fixed OpenAPI generation to accurately serialize Zod request schemas, including optional, nullable, intersected, and record-shaped types (#9315)
  • Fixed a memory leak where the JWKS cache could grow on every access token verification.
  • Fixed Google One Tap to require a configured client ID (set via the oneTap plugin or socialProviders.google) and reject tokens issued for other applications.
  • Fixed device-authorization token polling to prevent the same approved device code from being redeemed multiple times under concurrent polls.
  • Fixed account cookie preservation when switching users in the same browser session.
  • Fixed email OTP sign-in to prevent concurrent requests from signing in multiple times or exceeding the attempt limit.
  • Fixed phone-number OTP sign-in to prevent concurrent requests from signing in multiple times or exceeding the attempt limit.
  • Fixed two-factor OTP sign-in to prevent concurrent requests from signing in multiple times or exceeding the attempt limit.
  • Fixed the Have I Been Pwned plugin to check breached passwords on additional endpoints, including email-OTP and phone-number reset-password routes and admin password-setting routes.
  • Fixed the multi-session set-active and revoke endpoints to only act on sessions the caller holds a signed cookie for, preventing unauthorized session manipulation.
  • Fixed the OIDC /oauth2/endsession endpoint to reject cross-site logout requests that carry only a session cookie without a valid id_token_hint.
  • Fixed WeChat sign-in to work without an email address by assigning a stable placeholder email, with mapProfileToUser available to supply a real one.

For detailed changes, see CHANGELOG

@better-auth/sso

Bug Fixes

  • Fixed SAML assertion replay protection to hold under concurrent requests, preventing a duplicate submission from being accepted more than once.
  • Fixed organization admins and owners to verify domain ownership for SSO providers their organization owns, not just the member who originally registered the provider.
  • Fixed trustEmailVerified to treat only a boolean true or the string "true" as a verified email, rejecting the string "false" as unverified.

For detailed changes, see CHANGELOG

@better-auth/memory-adapter

Bug Fixes

... (truncated)

Changelog

Sourced from better-auth's changelog.

1.6.18

Patch Changes

  • #9315 9ef7240 Thanks @​GautamBytes! - fix OpenAPI requestBody generation for intersected and default-wrapped body schemas

  • #9583 b21a5f7 Thanks @​GautamBytes! - Fix plugin-provided client methods and additional session fields not being inferred in composite monorepos.

  • Updated dependencies [b21a5f7]:

    • @​better-auth/core@​1.6.18
    • @​better-auth/drizzle-adapter@​1.6.18
    • @​better-auth/kysely-adapter@​1.6.18
    • @​better-auth/memory-adapter@​1.6.18
    • @​better-auth/mongo-adapter@​1.6.18
    • @​better-auth/prisma-adapter@​1.6.18
    • @​better-auth/telemetry@​1.6.18

1.6.17

Patch Changes

  • #9993 baeaa00 Thanks @​gustavovalverde! - When a team had a single open slot, accepting an invitation into it was wrongly rejected as over the member limit and left a dangling membership record. Two invitations accepted into a nearly-full team at the same time could also push it past its limit. Both are fixed.

  • #9482 3e99e6c Thanks @​bytaesu! - admin.setUserPassword now creates a credential account when the target user does not have one, matching the behavior of resetPassword. Previously the call returned status: true without doing anything for users without an existing credential account (e.g., social-only or magic-link signups), so admins migrating users from another auth system or assigning an initial password to a social-only user can now do so directly without poking the account table.

  • 96c78c3 Thanks @​GautamBytes! - Downgrade expected auth validation failures from error logs to warnings.

  • #9993 baeaa00 Thanks @​gustavovalverde! - Captcha provider verification requests now time out after 10 seconds and fail closed, so a slow or unreachable captcha provider can no longer tie up a request indefinitely.

  • #9993 baeaa00 Thanks @​gustavovalverde! - A delete-account confirmation link can no longer delete the account more than once when its callback is opened concurrently.

  • #9991 0c3856f Thanks @​gustavovalverde! - Completing account deletion through /delete-user/callback now fails when the session has been revoked server-side, instead of proceeding within the cookie-cache window. Deployments that keep sessions only in the cookie are unaffected.

  • #9993 baeaa00 Thanks @​gustavovalverde! - Polling for a device-authorization token can no longer redeem the same approved device code more than once when several polls arrive together.

  • #9993 baeaa00 Thanks @​gustavovalverde! - Submitting the same email OTP from several requests at once can no longer sign in more than once or gain extra tries beyond the attempt limit.

  • #10002 ed7b6c9 Thanks @​gustavovalverde! - Adding a member to a team that is already at its maximumMembersPerTeam limit is now rejected on every path. addMember with a teamId and add-team-member previously skipped the limit that invitation acceptance enforced, so they could push a team over its cap. A rejected addMember no longer creates the organization member.

  • #9677 e0a768c Thanks @​GautamBytes! - Refactor role.authorize control flow while preserving existing authorization behavior.

  • #9987 7343284 Thanks @​bytaesu! - Generic OAuth sign-in works again for providers whose userinfo response has no sub or id field when mapProfileToUser derives the account id. An empty id field now falls back to sub.

  • #9991 0c3856f Thanks @​gustavovalverde! - getCookieCache now returns null for an expired session instead of the stale session data. Middleware that calls it to gate access no longer treats an expired signed cookie as a live session.

  • #9993 baeaa00 Thanks @​gustavovalverde! - The Have I Been Pwned plugin now checks submitted passwords against the breach database on more password-setting endpoints by default, including the email-OTP and phone-number reset-password routes and the admin create-user and set-user-password routes. A breached password can no longer be set through those routes when the plugin is enabled with its default paths.

  • #9987 7343284 Thanks @​bytaesu! - Preserve the fresh account cookie issued while switching users in the same browser instead of expiring it from stale request cookie state.

  • #9991 0c3856f Thanks @​gustavovalverde! - Expired MCP access tokens are no longer accepted. A protected MCP resource now rejects a bearer token once it has expired, both on the server and through the remote client. A refresh token is accepted only when the original authorization included the offline_access scope.

... (truncated)

Commits
  • 04debbf chore: release v1.6.18 (#10026)
  • 9ef7240 fix(open-api): serialize zod request schemas accurately (#9315)
  • b21a5f7 fix(client): preserve plugin inference in composite monorepos (#9583)
  • 0d8b238 chore: release v1.6.17 (#9984)
  • eff3c99 test(next-js): verify nextCookies forwards all set-cookie headers (#10013)
  • e0a768c refactor(access): flatten access plugin role authorization logic (#9677)
  • 3310ebc fix(open-api): mark model ids as required (#9704)
  • 59e0ccb fix(client): updateSession should infer session additional fields (#9777)
  • 96c78c3 fix(logger): downgrade validation logs level to warn
  • 5c289b5 fix(account): resolve stateless account cookies across instances (#9979)
  • Additional commits viewable in compare view

Updates date-fns from 4.1.0 to 4.4.0

Release notes

Sourced from date-fns's releases.

v4.4.0

This release revisits the approach to CDN usage and introduces a new package, @date-fns/cdn and deprecates the date-fns CDN scripts. It allowed reducing the zipped package size from 5.83 MB down to 3.96 MB without introducing any breaking changes.

In v5.0.0-alpha.0 where CDN scripts are completely removed from date-fns the change is more significant and brings the zipped package size down to 2.89 MB.

It is just the first step in optimizing the package size. Expect further size reduction in the future v4 and v5 versions.

Changed

  • DEPRECATED: The date-fns CDN scripts are now deprecated and will be removed in the next major release. Please switch to the new @date-fns/cdn package for CDN usage.

  • Removed CDN source maps to reduce the package size. If you rely on them, please switch to the new @date-fns/cdn package that still includes them.

v4.3.0

Kudos to @​ImRodry and @​puneetdixit200 for their contributions.

Fixed

v4.2.1

Fixed

  • Fixed type definitions missing in v4.2.0 due to TypeScript misconfiguration.

v4.2.0

This is a minor release in all senses, it only includes documentation updates (first of many) that points to the new You Don't Need date-fns* page.

* Not really

Changed

  • Added Temporal API references to the JSDoc annotations of add, addBusinessDays, and addDays.
Commits
  • cd53d25 Promote to v4.4.0
  • d948ec1 Preserve but deprecate CDN versions for v4, set up v5 with polyfills
  • ee65753 Add root mise :format task
  • 9f5bdf5 Add positional argument to test/smoke.sh script
  • 651ead6 Split CDN bundles into separate @​date-fns/cdn package
  • 224c1a2 Deprecate type tests as attw hangs on date-fns package
  • 7bb2842 Switch PACKAGE_OUTPUT_PATH to --dist flag in the package build script
  • b6ad5ac Add flags to control package build script
  • 424a783 Fix docs release after moving to monorepo setup
  • f95bcf1 (docs): Add missing tsx dependency
  • Additional commits viewable in compare view

Updates docx from 9.6.1 to 9.7.1

Release notes

Sourced from docx's releases.

9.7.1

What's Changed

… with 19 updates

Bumps the production-minor-patch group with 19 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1045.0` | `3.1068.0` |
| [@hookform/resolvers](https://github.com/react-hook-form/resolvers) | `5.2.2` | `5.4.0` |
| [@mdxeditor/editor](https://github.com/mdx-editor/editor) | `4.0.0` | `4.0.3` |
| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.100.10` | `5.101.0` |
| [@tanstack/react-query-devtools](https://github.com/TanStack/query/tree/HEAD/packages/react-query-devtools) | `5.100.10` | `5.101.0` |
| [@xyflow/react](https://github.com/xyflow/xyflow/tree/HEAD/packages/react) | `12.10.2` | `12.11.0` |
| [better-auth](https://github.com/better-auth/better-auth/tree/HEAD/packages/better-auth) | `1.6.10` | `1.6.18` |
| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.4.0` |
| [docx](https://github.com/dolanmiu/docx) | `9.6.1` | `9.7.1` |
| [ldapts](https://github.com/ldapts/ldapts) | `8.1.7` | `8.1.8` |
| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.14.0` | `1.18.0` |
| [next](https://github.com/vercel/next.js) | `16.2.6` | `16.2.9` |
| [radix-ui](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/radix-ui) | `1.4.3` | `1.5.0` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |
| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.75.0` | `7.79.0` |
| [react-qr-code](https://github.com/rosskhanas/react-qr-code) | `2.0.21` | `2.2.0` |
| [semver](https://github.com/npm/node-semver) | `7.8.0` | `7.8.4` |
| [shadcn](https://github.com/shadcn-ui/ui/tree/HEAD/packages/shadcn) | `4.7.0` | `4.11.0` |



Updates `@aws-sdk/client-s3` from 3.1045.0 to 3.1068.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1068.0/clients/client-s3)

Updates `@hookform/resolvers` from 5.2.2 to 5.4.0
- [Release notes](https://github.com/react-hook-form/resolvers/releases)
- [Commits](react-hook-form/resolvers@v5.2.2...v5.4.0)

Updates `@mdxeditor/editor` from 4.0.0 to 4.0.3
- [Release notes](https://github.com/mdx-editor/editor/releases)
- [Commits](mdx-editor/editor@v4.0.0...v4.0.3)

Updates `@tanstack/react-query` from 5.100.10 to 5.101.0
- [Release notes](https://github.com/TanStack/query/releases)
- [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md)
- [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query@5.101.0/packages/react-query)

Updates `@tanstack/react-query-devtools` from 5.100.10 to 5.101.0
- [Release notes](https://github.com/TanStack/query/releases)
- [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query-devtools/CHANGELOG.md)
- [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query-devtools@5.101.0/packages/react-query-devtools)

Updates `@xyflow/react` from 12.10.2 to 12.11.0
- [Release notes](https://github.com/xyflow/xyflow/releases)
- [Changelog](https://github.com/xyflow/xyflow/blob/main/packages/react/CHANGELOG.md)
- [Commits](https://github.com/xyflow/xyflow/commits/@xyflow/react@12.11.0/packages/react)

Updates `better-auth` from 1.6.10 to 1.6.18
- [Release notes](https://github.com/better-auth/better-auth/releases)
- [Changelog](https://github.com/better-auth/better-auth/blob/main/packages/better-auth/CHANGELOG.md)
- [Commits](https://github.com/better-auth/better-auth/commits/v1.6.18/packages/better-auth)

Updates `date-fns` from 4.1.0 to 4.4.0
- [Release notes](https://github.com/date-fns/date-fns/releases)
- [Commits](date-fns/date-fns@v4.1.0...v4.4.0)

Updates `docx` from 9.6.1 to 9.7.1
- [Release notes](https://github.com/dolanmiu/docx/releases)
- [Commits](dolanmiu/docx@9.6.1...9.7.1)

Updates `ldapts` from 8.1.7 to 8.1.8
- [Release notes](https://github.com/ldapts/ldapts/releases)
- [Changelog](https://github.com/ldapts/ldapts/blob/main/CHANGELOG.md)
- [Commits](ldapts/ldapts@v8.1.7...v8.1.8)

Updates `lucide-react` from 1.14.0 to 1.18.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/1.18.0/packages/lucide-react)

Updates `next` from 16.2.6 to 16.2.9
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v16.2.6...v16.2.9)

Updates `radix-ui` from 1.4.3 to 1.5.0
- [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/radix-ui/CHANGELOG.md)
- [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/radix-ui)

Updates `react` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react)

Updates `react-dom` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

Updates `react-hook-form` from 7.75.0 to 7.79.0
- [Release notes](https://github.com/react-hook-form/react-hook-form/releases)
- [Changelog](https://github.com/react-hook-form/react-hook-form/blob/master/CHANGELOG.md)
- [Commits](react-hook-form/react-hook-form@v7.75.0...v7.79.0)

Updates `react-qr-code` from 2.0.21 to 2.2.0
- [Release notes](https://github.com/rosskhanas/react-qr-code/releases)
- [Changelog](https://github.com/rosskhanas/react-qr-code/blob/master/CHANGELOG.md)
- [Commits](rosskhanas/react-qr-code@2.0.21...2.2.0)

Updates `semver` from 7.8.0 to 7.8.4
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.8.0...v7.8.4)

Updates `shadcn` from 4.7.0 to 4.11.0
- [Release notes](https://github.com/shadcn-ui/ui/releases)
- [Changelog](https://github.com/shadcn-ui/ui/blob/main/packages/shadcn/CHANGELOG.md)
- [Commits](https://github.com/shadcn-ui/ui/commits/shadcn@4.11.0/packages/shadcn)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-s3"
  dependency-version: 3.1068.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: "@hookform/resolvers"
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: "@mdxeditor/editor"
  dependency-version: 4.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: "@tanstack/react-query"
  dependency-version: 5.101.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: "@tanstack/react-query-devtools"
  dependency-version: 5.101.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: "@xyflow/react"
  dependency-version: 12.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: better-auth
  dependency-version: 1.6.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: date-fns
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: docx
  dependency-version: 9.7.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: ldapts
  dependency-version: 8.1.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: lucide-react
  dependency-version: 1.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: next
  dependency-version: 16.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: radix-ui
  dependency-version: 1.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: react
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: react-hook-form
  dependency-version: 7.79.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: react-qr-code
  dependency-version: 2.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: semver
  dependency-version: 7.8.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: shadcn
  dependency-version: 4.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: area:npm, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot @github

dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 22, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/production-minor-patch-bb0411a078 branch June 22, 2026 05:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants