chore(deps): bump the production-dependencies group across 1 directory with 39 updates

[dependabot]

Bumps the production-dependencies group with 39 updates in the / directory:

Package	From	To
@apollo/client	4.1.4	4.1.6
@aws-sdk/client-s3	3.975.0	3.1022.0
@aws-sdk/s3-request-presigner	3.1015.0	3.1022.0
@strapi/plugin-graphql	5.36.0	5.41.1
@strapi/plugin-users-permissions	5.36.0	5.41.1
@strapi/provider-upload-aws-s3	5.36.0	5.41.1
@strapi/strapi	5.36.0	5.41.1
dotenv	16.4.5	17.4.0
pg	8.18.0	8.20.0
react	18.3.1	19.2.4
react-dom	18.3.1	19.2.4
react-router-dom	6.30.3	7.13.2
styled-components	6.3.9	6.3.12
graphql	16.12.0	16.13.2
@mux/mux-node	9.0.1	12.8.1
@t3-oss/env-nextjs	0.13.10	0.13.11
lucide-react	0.577.0	1.7.0
next	15.5.14	16.2.2
openai	4.104.0	6.33.0
workflow	4.2.0-beta.70	4.2.0-beta.75
@react-navigation/native	7.1.33	7.2.2
@react-navigation/native-stack	7.14.4	7.14.10
expo	54.0.33	55.0.9
expo-blur	15.0.8	55.0.10
expo-linear-gradient	15.0.8	55.0.9
expo-status-bar	3.0.9	55.0.4
expo-video	3.0.16	55.0.11
react-native	0.81.5	0.84.1
react-native-safe-area-context	5.6.2	5.7.0
react-native-screens	4.16.0	4.24.0
react-native-svg	15.12.1	15.15.4
react-native-webview	13.15.0	13.16.1
@shopify/flash-list	2.0.2	2.3.1
expo-image	3.0.11	55.0.6
expo-router	6.0.23	55.0.8
react-markdown	9.1.0	10.1.0
@base-ui/react	1.2.0	1.3.0
shadcn	4.0.3	4.1.2
gql.tada	1.9.0	1.9.2

Updates @apollo/client from 4.1.4 to 4.1.6

Release notes

Sourced from @​apollo/client's releases.

@​apollo/client@​4.1.6

Patch Changes

• #13128 6c0b8e4 Thanks @​pavelivanov! - Fix useQuery hydration mismatch when ssr: false and skip: true are used together

  When both options were combined, the server would return loading: false (because useSSRQuery checks skip first), but the client's getServerSnapshot was returning ssrDisabledResult with loading: true, causing a hydration mismatch.

@​apollo/client@​4.1.5

Patch Changes

• #13155 3ba1583 Thanks @​jerelmiller! - Fix an issue where useQuery would poll with pollInterval when skip was initialized to true.

• #13135 fd42142 Thanks @​jerelmiller! - Fix issue where client.query would apply options from defaultOptions.watchQuery.

Changelog

Sourced from @​apollo/client's changelog.

4.1.6

Patch Changes

• #13128 6c0b8e4 Thanks @​pavelivanov! - Fix useQuery hydration mismatch when ssr: false and skip: true are used together

  When both options were combined, the server would return loading: false (because useSSRQuery checks skip first), but the client's getServerSnapshot was returning ssrDisabledResult with loading: true, causing a hydration mismatch.

4.1.5

Patch Changes

• #13155 3ba1583 Thanks @​jerelmiller! - Fix an issue where useQuery would poll with pollInterval when skip was initialized to true.

• #13135 fd42142 Thanks @​jerelmiller! - Fix issue where client.query would apply options from defaultOptions.watchQuery.

Commits

• 1f6decb Version Packages (#13160)
• 7bb2071 fix(useQuery): prevent hydration mismatch when ssr: false and skip: true are ...
• ca88f33 update jest config again 🤦
• 355900a ignore test for React 17
• 40e5706 revert file to state on main
• 5cae14d Merge branch 'main' into fix/prevent-hydration-mismatch
• 3b6278d change test
• fc3d8cc roll back, change logic in useQuery, end to end test
• 31f3f9a format
• 67578d8 Apply suggestion from @​phryneas
• Additional commits viewable in compare view

Updates @aws-sdk/client-s3 from 3.975.0 to 3.1022.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.1022.0

3.1022.0(2026-04-01)

Chores

• add additional text to CONTRIBUTING.md (#7909) (02ff5d7c)

New Features

• client-elasticsearch-service: Adding Policy-Min-TLS-1-2-RFC9151-FIPS-2024-08 as TLS Policy in Supported Regions (4819301b)
• client-medical-imaging: Added new boolean flag to persist metadata updates to all primary image sets in the same study as the requested image set. (af90be39)
• client-opensearch: Adding Policy-Min-TLS-1-2-RFC9151-FIPS-2024-08 as TLS Policy in Supported Regions (3173ac0b)
• client-bedrock-agentcore: Added the ability to filter out empty sessions when listing sessions. Customers can now retrieve only sessions that still contain events, eliminating the need to check each session individually. No changes required for existing integrations. (a4d1169c)
• client-bedrock-agentcore-control: Adds support for VPC egress private endpoints for Amazon Bedrock AgentCore gateway targets, enabling private connectivity through managed VPC Lattice resources. Also adds IAM credential provider for gateway targets, enabling IAM-based authentication to target endpoints (de642669)
• client-ecs: Amazon ECS now supports Managed Daemons with dedicated APIs for registering daemon task definitions, creating daemons, and managing daemon deployments. (244432f2)
• client-elasticache: Updated SnapshotRetentionLimit documentation for ServerlessCache to correctly describe the parameter as number of days (max 35) instead of number of snapshots. (67fd75ea)
• client-bedrock: Adds support for Bedrock Batch Inference Job Progress Monitoring (4f7aa9cf)
• client-geo-routes: This release makes RoutingBoundary optional in CalculateRouteMatrix, set StopDuration with a maximum value of 49999 for CalculateRoutes, set TrailerCount with a maximum value of 4, and introduces region restrictions for Grab Maps users. (fc9dd509)

Tests

• endpoints: migrate from jest to vitest (#7908) (7ed15be1)
• increase vitest hook timeouts in e2e (#7910) (13186021)

---

For list of updated packages, view updated-packages.md in assets-3.1022.0.zip

v3.1021.0

3.1021.0(2026-03-31)

Documentation Changes

• client-ec2: This release updates the examples in the documentation for DescribeRegions and DescribeAvailabilityZones. (50b1eeee)

New Features

• clients: update client endpoints as of 2026-03-31 (461ac73c)
• client-kinesis-analytics-v2: Support for Flink 2.2 in Managed Service for Apache Flink (62c491f2)
• client-observabilityadmin: This release adds the Bedrock and Security Hub resource types for Omnia Enablement launch for March 31. (6614c09e)
• client-partnercentral-selling: Adding EURO Currency for MRR Amount (807094be)
• client-s3: Add Bucket Metrics configuration support to directory buckets (67ff7cc5)
• client-quicksight: Adds StartAutomationJob and DescribeAutomationJob APIs for automation jobs. Adds three custom permission capabilities that allow admins to control whether users can manage Spaces and chat agents. Adds an OAuthClientCredentials structure to provide OAuth 2.0 client credentials inline to data sources. (4f13aba2)
• client-s3-control: Adding an optional auditContext parameter to S3 Access Grants credential vending API GetDataAccess to enable job-level audit correlation in S3 CloudTrail logs (78652f0b)
• client-sustainability: This is the first release of the AWS Sustainability SDK, which enables customers to access their sustainability impact data via API. (bfa72518)
• client-database-migration-service: To successfully connect to the IBM DB2 LUW database server, you may need to specify additional security parameters that are passed to the JDBC driver. These parameters are EncryptionAlgorithm and SecurityMechanism. Both parameters accept integer values. (6cdf6680)
• client-s3tables: S3 Tables now supports nested types when creating tables. Users can define complex column schemas using struct, list, and map types. These types can be composed together to model complex, hierarchical data structures within table schemas. (b105320b)
• client-cloudfront: This release adds bring your own IP (BYOIP) IPv6 support to CloudFront's CreateAnycastIpList and UpdateAnycastIpList API through the IpamCidrConfigs field. (5d0f7300)
• client-pinpoint-sms-voice-v2: This release adds RCS for Business messaging and Notify support. RCS lets you create and manage agents, send and receive messages in the US and Canada via SendTextMessage API, and configure SMS fallback. Notify lets you send templated OTP messages globally in minutes with no phone number required. (11d660ce)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.1022.0 (2026-04-01)

Note: Version bump only for package @​aws-sdk/client-s3

3.1021.0 (2026-03-31)

Bug Fixes

• codegen: sync for adaptive retry throttling detection fix (#7905) (03f108d)

Features

• client-s3: Add Bucket Metrics configuration support to directory buckets (67ff7cc)

3.1020.0 (2026-03-30)

Note: Version bump only for package @​aws-sdk/client-s3

3.1019.0 (2026-03-27)

Note: Version bump only for package @​aws-sdk/client-s3

3.1018.0 (2026-03-26)

Note: Version bump only for package @​aws-sdk/client-s3

3.1017.0 (2026-03-25)

... (truncated)

Commits

• e7e636a Publish v3.1022.0
• 86db170 Publish v3.1021.0
• 67ff7cc feat(client-s3): Add Bucket Metrics configuration support to directory buckets
• 03f108d fix(codegen): sync for adaptive retry throttling detection fix (#7905)
• 15cfc71 Publish v3.1020.0
• c702a75 chore(codegen): update smithy package versions (#7903)
• 7f8c031 chore(codegen): differentiate type imports (#7897)
• a84cde6 Publish v3.1019.0
• e35edfc chore(codegen): import from core submodules instead of root (#7896)
• a3a34e3 Publish v3.1018.0
• Additional commits viewable in compare view

Updates @aws-sdk/s3-request-presigner from 3.1015.0 to 3.1022.0

Release notes

Sourced from @​aws-sdk/s3-request-presigner's releases.

v3.1022.0

3.1022.0(2026-04-01)

Chores

• add additional text to CONTRIBUTING.md (#7909) (02ff5d7c)

New Features

• client-elasticsearch-service: Adding Policy-Min-TLS-1-2-RFC9151-FIPS-2024-08 as TLS Policy in Supported Regions (4819301b)
• client-medical-imaging: Added new boolean flag to persist metadata updates to all primary image sets in the same study as the requested image set. (af90be39)
• client-opensearch: Adding Policy-Min-TLS-1-2-RFC9151-FIPS-2024-08 as TLS Policy in Supported Regions (3173ac0b)
• client-bedrock-agentcore: Added the ability to filter out empty sessions when listing sessions. Customers can now retrieve only sessions that still contain events, eliminating the need to check each session individually. No changes required for existing integrations. (a4d1169c)
• client-bedrock-agentcore-control: Adds support for VPC egress private endpoints for Amazon Bedrock AgentCore gateway targets, enabling private connectivity through managed VPC Lattice resources. Also adds IAM credential provider for gateway targets, enabling IAM-based authentication to target endpoints (de642669)
• client-ecs: Amazon ECS now supports Managed Daemons with dedicated APIs for registering daemon task definitions, creating daemons, and managing daemon deployments. (244432f2)
• client-elasticache: Updated SnapshotRetentionLimit documentation for ServerlessCache to correctly describe the parameter as number of days (max 35) instead of number of snapshots. (67fd75ea)
• client-bedrock: Adds support for Bedrock Batch Inference Job Progress Monitoring (4f7aa9cf)
• client-geo-routes: This release makes RoutingBoundary optional in CalculateRouteMatrix, set StopDuration with a maximum value of 49999 for CalculateRoutes, set TrailerCount with a maximum value of 4, and introduces region restrictions for Grab Maps users. (fc9dd509)

Tests

• endpoints: migrate from jest to vitest (#7908) (7ed15be1)
• increase vitest hook timeouts in e2e (#7910) (13186021)

---

For list of updated packages, view updated-packages.md in assets-3.1022.0.zip

v3.1021.0

3.1021.0(2026-03-31)

Documentation Changes

• client-ec2: This release updates the examples in the documentation for DescribeRegions and DescribeAvailabilityZones. (50b1eeee)

New Features

• clients: update client endpoints as of 2026-03-31 (461ac73c)
• client-kinesis-analytics-v2: Support for Flink 2.2 in Managed Service for Apache Flink (62c491f2)
• client-observabilityadmin: This release adds the Bedrock and Security Hub resource types for Omnia Enablement launch for March 31. (6614c09e)
• client-partnercentral-selling: Adding EURO Currency for MRR Amount (807094be)
• client-s3: Add Bucket Metrics configuration support to directory buckets (67ff7cc5)
• client-quicksight: Adds StartAutomationJob and DescribeAutomationJob APIs for automation jobs. Adds three custom permission capabilities that allow admins to control whether users can manage Spaces and chat agents. Adds an OAuthClientCredentials structure to provide OAuth 2.0 client credentials inline to data sources. (4f13aba2)
• client-s3-control: Adding an optional auditContext parameter to S3 Access Grants credential vending API GetDataAccess to enable job-level audit correlation in S3 CloudTrail logs (78652f0b)
• client-sustainability: This is the first release of the AWS Sustainability SDK, which enables customers to access their sustainability impact data via API. (bfa72518)
• client-database-migration-service: To successfully connect to the IBM DB2 LUW database server, you may need to specify additional security parameters that are passed to the JDBC driver. These parameters are EncryptionAlgorithm and SecurityMechanism. Both parameters accept integer values. (6cdf6680)
• client-s3tables: S3 Tables now supports nested types when creating tables. Users can define complex column schemas using struct, list, and map types. These types can be composed together to model complex, hierarchical data structures within table schemas. (b105320b)
• client-cloudfront: This release adds bring your own IP (BYOIP) IPv6 support to CloudFront's CreateAnycastIpList and UpdateAnycastIpList API through the IpamCidrConfigs field. (5d0f7300)
• client-pinpoint-sms-voice-v2: This release adds RCS for Business messaging and Notify support. RCS lets you create and manage agents, send and receive messages in the US and Canada via SendTextMessage API, and configure SMS fallback. Notify lets you send templated OTP messages globally in minutes with no phone number required. (11d660ce)

... (truncated)

Changelog

Sourced from @​aws-sdk/s3-request-presigner's changelog.

3.1022.0 (2026-04-01)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1021.0 (2026-03-31)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1020.0 (2026-03-30)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1019.0 (2026-03-27)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1018.0 (2026-03-26)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1017.0 (2026-03-25)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.1016.0 (2026-03-24)

... (truncated)

Commits

• e7e636a Publish v3.1022.0
• 86db170 Publish v3.1021.0
• 15cfc71 Publish v3.1020.0
• c702a75 chore(codegen): update smithy package versions (#7903)
• a84cde6 Publish v3.1019.0
• a3a34e3 Publish v3.1018.0
• 32dfe7f Publish v3.1017.0
• 7ca64d5 Publish v3.1016.0
• See full diff in compare view

Updates @strapi/plugin-graphql from 5.36.0 to 5.41.1

Release notes

Sourced from @​strapi/plugin-graphql's releases.

v5.41.1

5.41.1 (2026-04-01)

🔥 Bug fix

• load inquirer async (043798dbe8)

❤️ Thank You

• Ben Irvin

v5.41.0

5.41.0 (2026-04-01)

🔥 Bug fix

• use strapi.fetch for remote uploads (#25661)
• Content types with attributes named filters, sort, fields, or populate no longer cause 400 validation errors on populate queries and countDraftRelations (#21338, #25762)
• check devDependencies when resolving required admin deps (#22130)
• use max batch sizes per dialect (#25390)
• content-type-builder: default draftAndPublish to true in AI CTB (#25781)
• document-service: re-insert cascade-deleted bidirectional relations (#25725)
• graphql: expose status and hasPublishedVersion on non–D&P root queries for nested relations (#25763)
• homepage: render widgets progressively and batch permission checks (#25846)
• upload: allow removal of file type filter in media library (#25399)
• upload: row duplicate-key warning (#25670)
• upload: allow upload of files with empty MIME type (#25844)

⚙️ Chore

• deps: bump undici from 6.23.0 to 6.24.0 (#25731)
• deps: bump effect from 3.19.19 to 3.21.0 (#25796)
• scripts/check-package-versions: support Yarn catalog (#25625)

💅 Enhancement

• add customField parameter to extendFields (#22521)
• content-manager: add documentid in listview and editview (#25759)

🚨 Security

• package upgrades to remove deprecated versions of boolean, tar, and glob (#25776)

❤️ Thank You

• Adrien Foulon @​Tofandel
• akash-dabhi-qed @​akash-dabhi-qed
• Bassel Kanso @​Bassel17
• Ben Irvin
• Daniil Barkov @​giollord

... (truncated)

Commits

• 5ae36e3 release: 5.41.1
• 967175a release: 5.41.0
• ba17962 release: 5.40.0
• e1cdebd release: 5.40.0
• d708498 fix(graphql): expose status and hasPublishedVersion on non–D&P root queries f...
• ea3b700 Merge branch 'main' into develop
• 243c96f release: 5.39.0
• cd12da7 release: 5.38.1
• a0a1865 chore: use https instead of git url in package.repository.url (#25698)
• f2a8048 chore: update package metadata (#25599)
• Additional commits viewable in compare view

Updates @strapi/plugin-users-permissions from 5.36.0 to 5.41.1

Release notes

Sourced from @​strapi/plugin-users-permissions's releases.

v5.41.1

5.41.1 (2026-04-01)

🔥 Bug fix

• load inquirer async (043798dbe8)

❤️ Thank You

• Ben Irvin

v5.41.0

5.41.0 (2026-04-01)

🔥 Bug fix

• use strapi.fetch for remote uploads (#25661)
• Content types with attributes named filters, sort, fields, or populate no longer cause 400 validation errors on populate queries and countDraftRelations (#21338, #25762)
• check devDependencies when resolving required admin deps (#22130)
• use max batch sizes per dialect (#25390)
• content-type-builder: default draftAndPublish to true in AI CTB (#25781)
• document-service: re-insert cascade-deleted bidirectional relations (#25725)
• graphql: expose status and hasPublishedVersion on non–D&P root queries for nested relations (#25763)
• homepage: render widgets progressively and batch permission checks (#25846)
• upload: allow removal of file type filter in media library (#25399)
• upload: row duplicate-key warning (#25670)
• upload: allow upload of files with empty MIME type (#25844)

⚙️ Chore

• deps: bump undici from 6.23.0 to 6.24.0 (#25731)
• deps: bump effect from 3.19.19 to 3.21.0 (#25796)
• scripts/check-package-versions: support Yarn catalog (#25625)

💅 Enhancement

• add customField parameter to extendFields (#22521)
• content-manager: add documentid in listview and editview (#25759)

🚨 Security

• package upgrades to remove deprecated versions of boolean, tar, and glob (#25776)

❤️ Thank You

• Adrien Foulon @​Tofandel
• akash-dabhi-qed @​akash-dabhi-qed
• Bassel Kanso @​Bassel17
• Ben Irvin
• Daniil Barkov @​giollord

... (truncated)

Commits

• 5ae36e3 release: 5.41.1
• 967175a release: 5.41.0
• 353a86a security: package upgrades to remove deprecated versions of boolean, tar, and...
• e1cdebd release: 5.40.0
• ea3b700 Merge branch 'main' into develop
• 243c96f release: 5.39.0
• cd12da7 release: 5.38.1
• a0a1865 chore: use https instead of git url in package.repository.url (#25698)
• f2a8048 chore: update package metadata (#25599)
• 12c801d chore: upgrade koa to 20.8.4 and minimatch to 10.2.4 (#25624)
• Additional commits viewable in compare view

Updates @strapi/provider-upload-aws-s3 from 5.36.0 to 5.41.1

Release notes

Sourced from @​strapi/provider-upload-aws-s3's releases.

v5.41.1

5.41.1 (2026-04-01)

🔥 Bug fix

• load inquirer async (043798dbe8)

❤️ Thank You

• Ben Irvin

v5.41.0

5.41.0 (2026-04-01)

🔥 Bug fix

• use strapi.fetch for remote uploads (#25661)
• Content types with attributes named filters, sort, fields, or populate no longer cause 400 validation errors on populate queries and countDraftRelations (#21338, #25762)
• check devDependencies when resolving required admin deps (#22130)
• use max batch sizes per dialect (#25390)
• content-type-builder: default draftAndPublish to true in AI CTB (#25781)
• document-service: re-insert cascade-deleted bidirectional relations (#25725)
• graphql: expose status and hasPublishedVersion on non–D&P root queries for nested relations (#25763)
• homepage: render widgets progressively and batch permission checks (#25846)
• upload: allow removal of file type filter in media library (#25399)
• upload: row duplicate-key warning (#25670)
• upload: allow upload of files with empty MIME type (#25844)

⚙️ Chore

• deps: bump undici from 6.23.0 to 6.24.0 (#25731)
• deps: bump effect from 3.19.19 to 3.21.0 (#25796)
• scripts/check-package-versions: support Yarn catalog (#25625)

💅 Enhancement

• add customField parameter to extendFields (#22521)
• content-manager: add documentid in listview and editview (#25759)

🚨 Security

• package upgrades to remove deprecated versions of boolean, tar, and glob (#25776)

❤️ Thank You

• Adrien Foulon @​Tofandel
• akash-dabhi-qed @​akash-dabhi-qed
• Bassel Kanso @​Bassel17
• Ben Irvin
• Daniil Barkov @​giollord

... (truncated)

Commits

• 5ae36e3 release: 5.41.1
• 967175a release: 5.41.0
• e1cdebd release: 5.40.0
• ea3b700 Merge branch 'main' into develop
• 243c96f release: 5.39.0
• cd12da7 release: 5.38.1
• a0a1865 chore: use https instead of git url in package.repository.url (#25698)
• f2a8048 chore: update package metadata (#25599)
• 29f5741 release: 5.38.0
• e7bb15d release: 5.37.1
• Additional commits viewable in compare view

Updates @strapi/strapi from 5.36.0 to 5.41.1

Release notes

Sourced from @​strapi/strapi's releases.

v5.41.1

5.41.1 (2026-04-01)

🔥 Bug fix

• load inquirer async (043798dbe8)

❤️ Thank You

• Ben Irvin

v5.41.0

5.41.0 (2026-04-01)

🔥 Bug fix

• use strapi.fetch for remote uploads (#25661)
• Content types with attributes named filters, sort, fields, or populate no longer cause 400 validation errors on populate queries and countDraftRelations (#21338, #25762)
• check devDependencies when resolving required admin deps (#22130)
• use max batch sizes per dialect (#25390)
• content-type-builder: default draftAndPublish to true in AI CTB (#25781)
• document-service: re-insert cascade-deleted bidirectional relations (#25725)
• graphql: expose status and hasPublishedVersion on non–D&P root queries for nested relations (#25763)
• homepage: render widgets progressively and batch permission checks (#25846)
• upload: allow removal of file type filter in media library (#25399)
• upload: row duplicate-key warning (#25670)
• upload: allow upload of files with empty MIME type (#25844)

⚙️ Chore

• deps: bump undici from 6.23.0 to 6.24.0 (#25731)
• deps: bump effect from 3.19.19 to 3.21.0 (#25796)
• scripts/check-package-versions: support Yarn catalog (#25625)

💅 Enhancement

• add customField parameter to extendFields (#22521)
• content-manager: add documentid in listview and editview (#25759)

🚨 Security

• package upgrades to remove deprecated versions of boolean, tar, and glob (#25776)

❤️ Thank You

• Adrien Foulon @​Tofandel
• akash-dabhi-qed @​akash-dabhi-qed
• Bassel Kanso @​Bassel17
• Ben Irvin
• Daniil Barkov @​giollord

... (truncated)

Commits

• 5ae36e3 release: 5.41.1
• 043798d fix: load inquirer async
• 967175a release: 5.41.0
• 353a86a security: package upgrades to remove deprecated versions of boolean, tar, and...
• b487698 fix: check devDependencies when resolving required admin deps (#22130)
• e1cdebd release: 5.40.0
• ea3b700 Merge branch 'main' into develop
• 243c96f release: 5.39.0
• cd12da7 release: 5.38.1
• a0a1865 chore: use https instead of git url in package.repository.url (#25698)
• Additional commits viewable in compare view

Updates dotenv from 16.4.5 to 17.4.0

Changelog

Sourced from dotenv's changelog.

17.4.0 (2026-04-01)

Added

• Add skills/ folder with focused agent skills: skills/dotenv/SKILL.md (core usage) and skills/dotenvx/SKILL.md (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (npx skills add motdotla/dotenv)

Changed

• Tighten up logs: ◇ injecting env (14) from .env (#1003)

17.3.1 (2026-02-12)

Changed

• Fix as2 example command in README and update spanish README

17.3.0 (2026-02-12)

Added

• Add a new README section on dotenv’s approach to the agentic future.

Changed

• Rewrite README to get humans started more quickly with less noise while simultaneously making more accessible for llms and agents to go deeper into details.

17.2.4 (2026-02-05)

Changed

• Make DotenvPopulateInput accept NodeJS.ProcessEnv type (#915)

• Give back to dotenv by checking out my newest project vestauth. It is auth for agents. Thank you for using my software.

17.2.3 (2025-09-29)

Changed

• Fixed typescript error definition (#912)

17.2.2 (2025-09-02)

Added

• 🙏 A big thank you to new sponsor Tuple.app - the premier screen sharing app for developers on macOS and Windows. Go check them out. It's wonderful and generous of them to give back to open source by sponsoring dotenv. Give them some love back.

17.2.1 (2025-07-24)

Changed

• Fix clickable tip links by removing parentheses (#897)

... (truncated)

Commits

• a2e31d6 17.4.0
• 4f041ee changelog 🪵
• bab8b98 README
• 516d47e update
• ce9b98f adjust quickstart
• d3a9065 update links
• 9a3f955 add banner
• d35b6a9 clean up
• a115e3a remove version
• 185e641 hide as2 for now - very early beta
• Additional commits viewable in compare view

Updates pg from 8.18.0 to 8.20.0

Changelog

Sourced from pg's changelog.

[email protected]

• Add onConnect callback to pg.Pool constructor options allowing for async initialization of newly created & connected pooled clients.

[email protected]

• Deprecate interal query queue.
• Pass connection parameters to password callback.

Commits

• c9070cc Publish
• ad36e3c fix: typo in deprecation notice for client.query() (#3618)
• f2d7d11 Publish
• 5a4bafc Deprecate Client's internal query queue (#3603)
• a215bfb Typo fix in PgPass deprecation (funciton) (#3605)
• 01e0556 fix(pg-query-stream): invoke this.callback on cursor end/error (#2810)
• e6e3692 Pass connection parameters to password callback (#3602)
• d80d883 test: Fix TLS connection test ending too early
• f332f28 fix: Connection timeout handling for native clients in connected state (Description has been truncated