Skip to content

Bump the minor-and-patch group across 1 directory with 15 updates#38

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/minor-and-patch-e7724f62e1
Closed

Bump the minor-and-patch group across 1 directory with 15 updates#38
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/minor-and-patch-e7724f62e1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 31, 2026

Copy link
Copy Markdown

Bumps the minor-and-patch group with 15 updates in the / directory:

Package From To
oxfmt 0.46.0 0.51.0
oxlint 1.61.0 1.66.0
es-toolkit 1.46.0 1.46.1
react 19.2.5 19.2.6
@types/react 19.2.14 19.2.15
react-dom 19.2.5 19.2.6
zod 4.3.6 4.4.3
zustand 5.0.12 5.0.13
@vitejs/plugin-react 6.0.1 6.0.2
vite 8.0.10 8.0.14
hono 4.12.15 4.12.22
otpauth 9.5.0 9.5.1
@cloudflare/workers-types 4.20260426.1 4.20260524.1
@types/node 25.6.0 25.9.1
wrangler 4.85.0 4.94.0

Updates oxfmt from 0.46.0 to 0.51.0

Commits

Updates oxlint from 1.61.0 to 1.66.0

Release notes

Sourced from oxlint's releases.

oxlint v1.27.0 && oxfmt v0.12.0

Oxlint v1.27.0

🚀 Features

  • 222a8f0 linter/plugins: Implement SourceCode#isSpaceBetween (#15498) (overlookmotel)
  • 2f9735d linter/plugins: Implement context.languageOptions (#15486) (overlookmotel)
  • bc731ff linter/plugins: Stub out all Context APIs (#15479) (overlookmotel)
  • 5822cb4 linter/plugins: Add extend method to FILE_CONTEXT (#15477) (overlookmotel)
  • 7b1e6f3 apps: Add pure rust binaries and release to github (#15469) (Boshen)
  • 2a89b43 linter: Introduce debug assertions after fixes to assert validity (#15389) (camc314)
  • ad3c45a editor: Add oxc.path.node option (#15040) (Sysix)

🐛 Bug Fixes

  • 6f3cd77 linter/no-var: Incorrect warning for blocks (#15504) (Hamir Mahal)
  • 6957fb9 linter/plugins: Do not allow access to Context#id in createOnce (#15489) (overlookmotel)
  • 7409630 linter/plugins: Allow access to cwd in createOnce in ESLint interop mode (#15488) (overlookmotel)
  • 732205e parser: Reject using / await using in a switch case / default clause (#15225) (sapphi-red)
  • a17ca32 linter/plugins: Replace Context class (#15448) (overlookmotel)
  • ecf2f7b language_server: Fail gracefully when tsgolint executable not found (#15436) (camc314)
  • 3c8d3a7 lang-server: Improve logging in failure case for tsgolint (#15299) (camc314)
  • ef71410 linter: Use jsx if source type is JS in fix debug assertion (#15434) (camc314)
  • e32bbf6 linter/no-var: Handle TypeScript declare keyword in fixer (#15426) (camc314)
  • 6565dbe linter/switch-case-braces: Skip comments when searching for : token (#15425) (camc314)
  • 85bd19a linter/prefer-class-fields: Insert value after type annotation in fixer (#15423) (camc314)
  • fde753e linter/plugins: Block access to context.settings in createOnce (#15394) (overlookmotel)
  • ddd9f9f linter/forward-ref-uses-ref: Dont suggest removing wrapper in invalid positions (#15388) (camc314)
  • dac2a9c linter/no-template-curly-in-string: Remove fixer (#15387) (camc314)
  • 989b8e3 linter/no-var: Only fix to const if the var has an initializer (#15385) (camc314)
  • cc403f5 linter/plugins: Return empty object for unimplemented parserServices (#15364) (magic-akari)

⚡ Performance

  • 25d577e language_server: Start tools in parallel (#15500) (Sysix)
  • 3c57291 linter/plugins: Optimize loops (#15449) (overlookmotel)
  • 3166233 linter/plugins: Remove Arcs (#15431) (overlookmotel)
  • 9de1322 linter/plugins: Lazily deserialize settings JSON (#15395) (overlookmotel)
  • 3049ec2 linter/plugins: Optimize deepFreezeSettings (#15392) (overlookmotel)
  • 444ebfd linter/plugins: Use single object for parserServices (#15378) (overlookmotel)

📚 Documentation

  • 97d2104 linter: Update comment in lint.rs about default value for tsconfig path (#15530) (Connor Shea)
  • 2c6bd9e linter: Always refer as "ES2015" instead of "ES6" (#15411) (sapphi-red)
  • a0c5203 linter/import/named: Update "ES7" comment in examples (#15410) (sapphi-red)
  • 3dc24b5 linter,minifier: Always refer as "ES Modules" instead of "ES6 Modules" (#15409) (sapphi-red)
  • 2ad77fb linter/no-this-before-super: Correct "Why is this bad?" section (#15408) (sapphi-red)
  • 57f0ce1 linter: Add backquotes where appropriate (#15407) (sapphi-red)

Oxfmt v0.12.0

... (truncated)

Changelog

Sourced from oxlint's changelog.

[1.66.0] - 2026-05-18

🚀 Features

  • 0440b0f linter/eslint: Implement id-match rule (#22379) (Vladislav Sayapin)
  • 65bf119 linter: Implement react no-object-type-as-default-prop (#22481) (uhyo)
  • 2a6ddce linter/eslint: Implement no-implied-eval rule (#22391) (Vladislav Sayapin)
  • 625758a linter/vitest: Implement padding-around-after-all-blocks rule (#21788) (kapobajza)
  • 37680b0 linter: Implement react no-unstable-nested-components (#22248) (Jovi De Croock)
  • d8d9c74 linter: Implement import/newline-after-import rule (#19142) (Ryuya Yanagi)

[1.65.0] - 2026-05-15

🚀 Features

  • 5478fb5 linter/jsdoc: Implement require-throws-description rule (#22386) (Mikhail Baev)
  • c73225e linter/eslint: Implement prefer-arrow-callback rule (#22312) (박천(Cheon Park))
  • de82b59 linter: Add support for eslint-plugin-jsx-a11y-x (#22356) (mehm8128)
  • f44b6c8 linter: Fill schemas DummyRuleMap with built-in rules (#22288) (Sysix)

[1.64.0] - 2026-05-11

🚀 Features

  • fbb8f22 linter: Support ignores in overrides (#22148) (camc314)

🐛 Bug Fixes

  • 25b7017 linter: Undocument override ignores option (#22213) (camc314)

[1.63.0] - 2026-05-05

📚 Documentation

  • cacbc4a linter: Fix jest settings docs. (#22127) (connorshea)

[1.62.0] - 2026-04-27

🚀 Features

  • 348f46c linter: Add respectEslintDisableDirectives option (#21384) (Christian Vuerings)

🐛 Bug Fixes

  • 8c425db linter: Allow string for jest version in config schema (#21649) (camc314)
Commits
  • 5570206 release(apps): oxlint v1.66.0 && oxfmt v0.51.0 (#22528)
  • 0440b0f feat(linter/eslint): implement id-match rule (#22379)
  • 65bf119 feat(linter): implement react no-object-type-as-default-prop (#22481)
  • 2a6ddce feat(linter/eslint): implement no-implied-eval rule (#22391)
  • 625758a feat(linter/vitest): Implement padding-around-after-all-blocks rule (#21788)
  • 37680b0 feat(linter): implement react no-unstable-nested-components (#22248)
  • d8d9c74 feat(linter): implement import/newline-after-import rule (#19142)
  • 25e5cbc release(apps): oxlint v1.65.0 && oxfmt v0.50.0 (#22458)
  • 5478fb5 feat(linter/jsdoc): implement require-throws-description rule (#22386)
  • c73225e feat(linter/eslint): implement prefer-arrow-callback rule (#22312)
  • Additional commits viewable in compare view

Updates es-toolkit from 1.46.0 to 1.46.1

Release notes

Sourced from es-toolkit's releases.

v1.46.1

Released on April 29th, 2026.

  • Fixed AbortError and TimeoutError to fall back to Error when DOMException is undefined. ([#1694])
  • Fixed missing forEach and countBy exports for map and set. ([#1695])

We sincerely thank @​SrAnthony and @​umsungjun for their contributions. We appreciate your great efforts!

Changelog

Sourced from es-toolkit's changelog.

Version v1.46.1

Released on April 29th, 2026.

  • Fixed AbortError and TimeoutError to fall back to Error when DOMException is undefined. (#1694)
  • Fixed missing forEach and countBy exports for map and set. (#1695)

We sincerely thank @​SrAnthony and @​umsungjun for their contributions. We appreciate your great efforts!

Commits
  • 0e8656d v1.46.1
  • 29d5e41 fix: DOMException might be undefined
  • 810e2c7 fix(AbortError, TimeoutError): fall back to Error when DOMException is undefi...
  • 50d799e fix: add missing forEach/countBy exports to map and set (#1695)
  • d19ddb0 docs: Add canonical URL
  • a1c3249 build(deps): bump actions/setup-node from 6.3.0 to 6.4.0 (#1697)
  • 7534358 build(deps): bump autofix-ci/action from 1.3.3 to 1.3.4 (#1696)
  • See full diff in compare view

Updates react from 19.2.5 to 19.2.6

Release notes

Sourced from react's releases.

19.2.6 (May 6th, 2026)

React Server Components

Commits

Updates @types/react from 19.2.14 to 19.2.15

Commits

Updates react-dom from 19.2.5 to 19.2.6

Release notes

Sourced from react-dom's releases.

19.2.6 (May 6th, 2026)

React Server Components

Commits

Updates zod from 4.3.6 to 4.4.3

Release notes

Sourced from zod's releases.

v4.4.3

Commits:

  • 4c2fa95ce3f3390fbc522324e406b4e9e89b88f9 docs: use Zernio primary wordmark for gold sponsor logo
  • 2aeec83eb135e3a83756e973ef44845fc5a455d2 docs: prune lapsed gold sponsors and rebalance logo sizing
  • 7391be88ac1ee5cd02057f5ccc012a1f5df4efd0 docs: prune lapsed silver/bronze sponsors and add active ones
  • 2c703322a21b4e2b12f33f49ea8430c451a68b4f docs: normalize bronze sponsor logos to github avatar pattern
  • 9195250cab0e7950efe39c3926d6c203b4b0a170 docs: remove Mintlify from bronze sponsors (churned)
  • b8dffe9e62f17e6571e6249d05cc5102b54d94e4 docs: remove Numeric and Speakeasy (2+ missed monthly cycles)
  • 1cab69383fcdeae2a366d5e2a2fc4d8fc765d168 fix(v4): restore catch handling for absent object keys (#5937) (#5939)
  • c2be4f819064eed62c7c350a2d399b5faecd15f8 fix(v4): generalize optin/fallback to transform; restore preprocess on absent keys (#5941)
  • f3c9ec03ba7a28ae72d25cc295f38674bee0f559 4.4.3
  • 1fb56a5c18c27102dbc92260a4007c7732a0ccca docs: document release procedure in AGENTS.md

v4.4.2

Commits:

  • 0c62df0ea19fd05abdf90473e9eef7eea530fab2 Clean up docs navigation and stale labels (#5901)
  • 20cc794895cc8604fe0c87d83a5d1c3f89fad0ac chore: add security policy and refresh tooling deps
  • 6fbe07b0177efdd1bf1c0b05160e70d7a0702337 fix(docs): heading anchor links now include the hash so it doesnt scoll all the way up, follows navbar logic (#5791)
  • 4bbed1b1c73eca4ce9e59b1189ed236aa6c8b5bd Tighten discriminated union option typing
  • bbac3e567e7fccfaaf7cdc97f1ce30c295e2c908 Update PR guidance for agents
  • cf0dc942a32805c292fff59ade20a7ace980735a Merge remote-tracking branch 'origin/main' into fix-discriminated-union-key-constraint
  • 292c894a5fd2aa42e527900b83d8d7a3009a709c docs: add Zernio gold sponsor
  • 1fc9f311c28dcf80d0bb5a36b177086cbc3d8eca docs: document codec inversion
  • 1373c85da9aeff704a9762d27bc58699618aefb7 docs: remove AI disclosure guidance
  • e20d02b473c08e3a4e557bc610b1b5fac079b649 chore: ignore triage notes
  • e58ea4d91b1dfe8194b73508203213cbc7e9c936 docs: test Zod Mini tab code heights
  • 905761a5d127e8d5dd2ebb3bc88c75cb0b8149ff docs: document preprocess input type narrowing
  • bf64bac850d4dee2b7dde7e64909d5d796d32043 chore: tighten test guidance in AGENTS.md
  • 8ec4e73f4c4693b6361ad591be40fb41eb8a9f95 chore: update play.ts scratch
  • 02c2baf7d0d615872fa4528a8020603b71211702 Make z.preprocess defer optionality to inner schema (#5929)
  • 88015df8e25c44fb5385eb3ef28935119cd5edea fix(docs): drop deprecated baseUrl from tsconfig
  • c59d4474e3b4cad1b323462186cf607178ce8267 4.4.2

v4.4.1

Commits:

  • 481f7be4238c83ed58183f921b2646f340a91c6a ci: gate release publishing on full test workflow
  • 95ccab423aec720b2523c3a64cdc7e3204537cc7 test(v3): restore optional undefined expectations
  • cede2c63739a5823d6aa5093d291e9a111da943d fix(v4): reject tuple holes before required defaults (#5900)
  • edd0bf0f5ada4a8dc581c259407d7bbad0a71ea7 release: 4.4.1
  • 180d83d1dbe6a59260710cc8637a3dea2281ee56 docs: remove Jazz featured sponsor

v4.4.0

4.4.0

This is a minor release with a wide set of correctness and soundness fixes. Some fixes intentionally make Zod stricter, so code that depended on previously accepted invalid or ambiguous inputs may need small updates.

Potentially breaking bug fixes

... (truncated)

Commits
  • 1fb56a5 docs: document release procedure in AGENTS.md
  • f3c9ec0 4.4.3
  • c2be4f8 fix(v4): generalize optin/fallback to transform; restore preprocess on absent...
  • 1cab693 fix(v4): restore catch handling for absent object keys (#5937) (#5939)
  • b8dffe9 docs: remove Numeric and Speakeasy (2+ missed monthly cycles)
  • 9195250 docs: remove Mintlify from bronze sponsors (churned)
  • 2c70332 docs: normalize bronze sponsor logos to github avatar pattern
  • 7391be8 docs: prune lapsed silver/bronze sponsors and add active ones
  • 2aeec83 docs: prune lapsed gold sponsors and rebalance logo sizing
  • 4c2fa95 docs: use Zernio primary wordmark for gold sponsor logo
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for zod since your current version.


Updates zustand from 5.0.12 to 5.0.13

Release notes

Sourced from zustand's releases.

v5.0.13

This release includes an improvement in the devtools middleware.

What's Changed

New Contributors

Full Changelog: pmndrs/zustand@v5.0.12...v5.0.13

Commits
  • 6bc451e 5.0.13
  • 8ec2169 chore(deps): update dev dependencies (#3486)
  • 4e9bcf0 fix(devtools): support Firefox/Safari stack format in findCallerName (#3469)
  • 4b96f4e fix(docs): correct react-dom test utils import path (#3474)
  • c7516c1 fix(tests): change parameters for 'expect' in test (#3483)
  • 1b04af1 docs(persist): fix signature to require persistOptions (#3477)
  • 95d3f33 test(middleware/immer): add runtime tests for immer middleware (#3471)
  • 3201328 Update TypeScript guide links in README.md (#3466)
  • 00f96a3 chore(deps): bump actions/deploy-pages from 4.0.5 to 5.0.0 (#3447)
  • 6330044 test: expand React subscribe test coverage (#3442)
  • Additional commits viewable in compare view

Updates @types/react from 19.2.14 to 19.2.15

Commits

Updates @vitejs/plugin-react from 6.0.1 to 6.0.2

Release notes

Sourced from @​vitejs/plugin-react's releases.

plugin-react@6.0.2

Allow all options in reactCompilerPreset (#1189)

This is a type only change. Only compilationMode and target options were available for reactCompilerPreset.

Changelog

Sourced from @​vitejs/plugin-react's changelog.

6.0.2 (2026-05-14)

Allow all options in reactCompilerPreset (#1189)

This is a type only change. Only compilationMode and target options were available for reactCompilerPreset.

Commits

Updates vite from 8.0.10 to 8.0.14

Release notes

Sourced from vite's releases.

v8.0.14

Please refer to CHANGELOG.md for details.

v8.0.13

Please refer to CHANGELOG.md for details.

v8.0.12

Please refer to CHANGELOG.md for details.

v8.0.11

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.14 (2026-05-21)

Features

Bug Fixes

  • deps: update all non-major dependencies (#22471) (98b8163)
  • dev: handle errors when sending messages to vite server (#22450) (e8e9a34)
  • html: handle trailing slash paths in transformIndexHtml (#22480) (5d94d1b)
  • optimizer: pass oxc jsx options to transformSync in dependency scan (#22342) (b3132da)

Miscellaneous Chores

  • deps: update rolldown-related dependencies (#22470) (7cb728e)
  • remove irrelevant commits from changelog (2c69495)

Code Refactoring

  • glob: do not rewrite import path for absolute base (#22310) (0ae2844)

Tests

8.0.13 (2026-05-14)

Features

  • bundled-dev: add lazy bundling support (#21406) (4f0949f)
  • optimizer: improve the esbuild plugin converter to pass some properties of build result to onEnd (#22357) (47071ce)
  • update rolldown to 1.0.1 (#22444) (8c766a6)

Bug Fixes

  • build: copy public directory after building same environment with write=false (#22328) (158e8ae)
  • css: await sass/less/styl worker disposal on teardown (fix #22274) (#22275) (b7edcb7)
  • css: keep deprecated name/originalFileName in synthetic assetFileNames call (#22439) (8e59c97)
  • make isBundled per environment (#22257) (a576326)
  • ssr: avoid rewriting labels that collide with imports (#22451) (d9b18e0)

Miscellaneous Chores

8.0.12 (2026-05-11)

Features

... (truncated)

Commits
  • c917f1e release: v8.0.14
  • 5d94d1b fix(html): handle trailing slash paths in transformIndexHtml (#22480)
  • 98b8163 fix(deps): update all non-major dependencies (#22471)
  • 96efc88 feat: update rolldown to 1.0.2 (#22484)
  • ebf39a0 test(css): sass does not use main field (#22449)
  • 0ae2844 refactor(glob): do not rewrite import path for absolute base (#22310)
  • 7cb728e chore(deps): update rolldown-related dependencies (#22470)
  • b3132da fix(optimizer): pass oxc jsx options to transformSync in dependency scan ...
  • e8e9a34 fix(dev): handle errors when sending messages to vite server (#22450)
  • 2c69495 chore: remove irrelevant commits from changelog
  • Additional commits viewable in compare view

Updates hono from 4.12.15 to 4.12.22

Release notes

Sourced from hono's releases.

v4.12.22

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.12.21...v4.12.22

v4.12.21

Security fixes

This release includes fixes for the following security issues:

app.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths

Affects: app.mount(). Fixes prefix stripping using the raw URL pathname instead of the decoded path, where percent-encoded characters in the mount prefix or path could cause the prefix to be removed at the wrong position, resulting in the sub-application receiving an incorrect path. GHSA-2gcr-mfcq-wcc3

IP Restriction bypasses static deny rules for non-canonical IPv6

Affects: hono/ip-restriction. Fixes IP address comparison using string equality, where non-canonical IPv6 representations of a denied address — such as compressed forms or hex-notation IPv4-mapped addresses — could bypass static deny rules. GHSA-xrhx-7g5j-rcj5

Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection

Affects: hono/cookie. Fixes missing validation of sameSite and priority options against injection characters (;, \r, \n), where user-controlled input passed to either option could inject additional attributes into the Set-Cookie response header. GHSA-3hrh-pfw6-9m5x

JWT middleware accepts any Authorization scheme, not only Bearer

Affects: hono/jwt, hono/jwk. Fixes missing scheme validation in the Authorization header, where any two-part header value was accepted regardless of the scheme name, allowing non-Bearer schemes to pass JWT authentication. GHSA-f577-qrjj-4474


Users who use app.mount(), hono/ip-restriction, hono/cookie, or hono/jwt/hono/jwk are encouraged to upgrade to this version.

v4.12.20

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.12.19...v4.12.20

... (truncated)

Commits
  • 2f01b77 4.12.22
  • 6bc0dff feat: add msgpack as a compressible content type (#4957)
  • 7e0555d fix(deno): echo negotiated WebSocket subprotocol in upgrade response (#4955)
  • f0ed246 fix(compress): respect Accept-Encoding when encoding option is set (#4951)
  • a192df0 fix(mime): specify charset parameter per MIME type instead of mechanical dete...
  • cf6ef70 chore: update vitest to v4 and cleanups (#4952)
  • a83ddb8 4.12.21
  • 6cbb025 Merge commit from fork
  • c831020 Merge commit from fork
  • 905aedb Merge commit from fork
  • Additional commits viewable in compare view

Updates otpauth from 9.5.0 to 9.5.1

Release notes

Sourced from otpauth's releases.

v9.5.1

What's Changed

Full Changelog: hectorm/otpauth@v9.5.0...v9.5.1

Commits
  • 4903d3d 9.5.1
  • b5c6df7 Add 7 day cooldown for new dependency versions
  • 01f7caf Update dependencies
  • adff202 Bump the npm-development-minor-patch group across 1 directory with 8 updates ...
  • 0e4fa84 Bump @​noble/hashes in the npm-production-minor-patch group (#688)
  • b7f24c9 Bump the github-actions-all group with 4 updates (#692)
  • 80b053d Bump flatted from 3.3.3 to 3.4.2 (#682)
  • 4d0f0cc Bump picomatch from 4.0.3 to 4.0.4 (#684)
  • 2f0e384 Bump the github-actions-all group with 5 updates (#685)
  • 7097f14 Bump the npm-development-minor-patch group across 1 directory with 8 updates ...
  • Additional commits viewable in compare view

Updates @cloudflare/workers-types from 4.20260426.1 to 4.20260524.1

Commits

Updates @types/node from 25.6.0 to 25.9.1

Commits

Updates wrangler from 4.85.0 to 4.94.0

Release notes

Sourced from wrangler's releases.

wrangler@4.94.0

Minor Changes

  • #13897 52e9082 Thanks @​dario-piotrowicz! - Add automatic Cloudflare skills installation for AI coding agents

    Wrangler now detects AI coding agents and offers to install Cloudflare skill files from the cloudflare/skills GitHub repository. Users are prompted once interactively; subsequent runs skip the prompt. Use --install-skills to install without prompting.

  • #13989 f598eac Thanks @​MattieTK! - Print a QR code alongside the tunnel URL when sharing via Cloudflare Tunnel

    When a tunnel is started (via wrangler dev --tunnel or the Vite plugin with tunnel: true), a scannable QR code is now printed to the terminal beneath the tunnel URL. This makes it easy to open the tunnel on a mobile device without manually copying the URL.

    The QR code uses Unicode block characters for a compact representation and is generated best-effort -- if generation fails for any reason, the tunnel URL is still displayed as before.

  • #13467 3a1fbed Thanks @​deloreyj! - Add schedule property to Workflow bindings for cron-based triggering

    Note: This is a configuration-only change. Scheduled triggering of Workflow instances is not yet available — adding schedule to a Workflow binding will not result in scheduled invocations at this time. This change lays the groundwork for an upcoming feature.

    Workflow bindings in wrangler.json now accept an optional schedule field that configures one or more cron expressions to automatically trigger new workflow instances on a schedule.

    // wrangler.json
    {
      "workflows": [
        {
          "binding": "MY_WORKFLOW",
          "name": "my-workflow",
          "class_name": "MyWorkflow",
          "schedule": "0 9 * * 1"
        }
      ]
    }

    Multiple schedules can be provided as an array:

    {
      "workflows": [
        {
          "binding"...
    Description has been truncated

Bumps the minor-and-patch group with 15 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [oxfmt](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxfmt) | `0.46.0` | `0.51.0` |
| [oxlint](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxlint) | `1.61.0` | `1.66.0` |
| [es-toolkit](https://github.com/toss/es-toolkit) | `1.46.0` | `1.46.1` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.5` | `19.2.6` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.15` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.5` | `19.2.6` |
| [zod](https://github.com/colinhacks/zod) | `4.3.6` | `4.4.3` |
| [zustand](https://github.com/pmndrs/zustand) | `5.0.12` | `5.0.13` |
| [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `6.0.1` | `6.0.2` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.10` | `8.0.14` |
| [hono](https://github.com/honojs/hono) | `4.12.15` | `4.12.22` |
| [otpauth](https://github.com/hectorm/otpauth) | `9.5.0` | `9.5.1` |
| [@cloudflare/workers-types](https://github.com/cloudflare/workerd) | `4.20260426.1` | `4.20260524.1` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.6.0` | `25.9.1` |
| [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler) | `4.85.0` | `4.94.0` |



Updates `oxfmt` from 0.46.0 to 0.51.0
- [Release notes](https://github.com/oxc-project/oxc/releases)
- [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxfmt/CHANGELOG.md)
- [Commits](https://github.com/oxc-project/oxc/commits/oxfmt_v0.51.0/npm/oxfmt)

Updates `oxlint` from 1.61.0 to 1.66.0
- [Release notes](https://github.com/oxc-project/oxc/releases)
- [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxlint/CHANGELOG.md)
- [Commits](https://github.com/oxc-project/oxc/commits/oxlint_v1.66.0/npm/oxlint)

Updates `es-toolkit` from 1.46.0 to 1.46.1
- [Release notes](https://github.com/toss/es-toolkit/releases)
- [Changelog](https://github.com/toss/es-toolkit/blob/main/CHANGELOG.md)
- [Commits](toss/es-toolkit@v1.46.0...v1.46.1)

Updates `react` from 19.2.5 to 19.2.6
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react)

Updates `@types/react` from 19.2.14 to 19.2.15
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `react-dom` from 19.2.5 to 19.2.6
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react-dom)

Updates `zod` from 4.3.6 to 4.4.3
- [Release notes](https://github.com/colinhacks/zod/releases)
- [Commits](colinhacks/zod@v4.3.6...v4.4.3)

Updates `zustand` from 5.0.12 to 5.0.13
- [Release notes](https://github.com/pmndrs/zustand/releases)
- [Commits](pmndrs/zustand@v5.0.12...v5.0.13)

Updates `@types/react` from 19.2.14 to 19.2.15
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `@vitejs/plugin-react` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/vitejs/vite-plugin-react/releases)
- [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@6.0.2/packages/plugin-react)

Updates `vite` from 8.0.10 to 8.0.14
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.14/packages/vite)

Updates `hono` from 4.12.15 to 4.12.22
- [Release notes](https://github.com/honojs/hono/releases)
- [Commits](honojs/hono@v4.12.15...v4.12.22)

Updates `otpauth` from 9.5.0 to 9.5.1
- [Release notes](https://github.com/hectorm/otpauth/releases)
- [Commits](hectorm/otpauth@v9.5.0...v9.5.1)

Updates `@cloudflare/workers-types` from 4.20260426.1 to 4.20260524.1
- [Release notes](https://github.com/cloudflare/workerd/releases)
- [Changelog](https://github.com/cloudflare/workerd/blob/main/RELEASE.md)
- [Commits](https://github.com/cloudflare/workerd/commits)

Updates `@types/node` from 25.6.0 to 25.9.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `wrangler` from 4.85.0 to 4.94.0
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@4.94.0/packages/wrangler)

---
updated-dependencies:
- dependency-name: oxfmt
  dependency-version: 0.51.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: oxlint
  dependency-version: 1.66.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: es-toolkit
  dependency-version: 1.46.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: react
  dependency-version: 19.2.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: "@types/react"
  dependency-version: 19.2.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: react-dom
  dependency-version: 19.2.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: zod
  dependency-version: 4.4.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: zustand
  dependency-version: 5.0.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: "@types/react"
  dependency-version: 19.2.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: "@vitejs/plugin-react"
  dependency-version: 6.0.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: vite
  dependency-version: 8.0.14
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: hono
  dependency-version: 4.12.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: otpauth
  dependency-version: 9.5.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: "@cloudflare/workers-types"
  dependency-version: 4.20260524.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: "@types/node"
  dependency-version: 25.9.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: wrangler
  dependency-version: 4.94.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 31, 2026
@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented May 31, 2026

Copy link
Copy Markdown

Deploying differ-web with  Cloudflare Pages  Cloudflare Pages

Latest commit: 85c115e
Status: ✅  Deploy successful!
Preview URL: https://ce5fb30e.differ-web.pages.dev
Branch Preview URL: https://dependabot-npm-and-yarn-mino-45wh.differ-web.pages.dev

View logs

@dependabot @github

dependabot Bot commented on behalf of github Jun 14, 2026

Copy link
Copy Markdown
Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 14, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/minor-and-patch-e7724f62e1 branch June 14, 2026 21:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants