deps: bump the minor-and-patch group with 12 updates

[dependabot]

Bumps the minor-and-patch group with 12 updates:

Package	From	To
@anthropic-ai/sdk	0.98.0	0.100.1
@simplewebauthn/server	13.3.0	13.3.1
next	16.2.6	16.2.7
react	19.2.6	19.2.7
@types/react	19.2.15	19.2.16
react-dom	19.2.6	19.2.7
react-hook-form	7.76.1	7.77.0
zustand	5.0.13	5.0.14
@vitest/coverage-v8	4.1.7	4.1.8
eslint-config-next	16.2.6	16.2.7
tsx	4.22.3	4.22.4
vitest	4.1.7	4.1.8

Updates @anthropic-ai/sdk from 0.98.0 to 0.100.1

Release notes

Sourced from @​anthropic-ai/sdk's releases.

sdk: v0.100.1

0.100.1 (2026-05-29)

Full Changelog: sdk-v0.100.0...sdk-v0.100.1

Bug Fixes

• streaming: carry encrypted_content on beta compaction blocks (#1025) (eccddf3)

Chores

• client: update lockfiles to have proper dependencies on standardwebhooks (5e9b523)

sdk: v0.100.0

0.100.0 (2026-05-28)

Full Changelog: sdk-v0.99.0...sdk-v0.100.0

Features

• api: Add support for claude-opus-4-8, mid-conversation system blocks, and usage.output_tokens_details (bb0bf27)

Documentation

• replace literal newlines (66ba142)

sdk: v0.99.0

0.99.0 (2026-05-27)

Full Changelog: sdk-v0.98.1...sdk-v0.99.0

Features

• support custom file size caps (#1029) (814cd4c)

Bug Fixes

• streaming: carry stop_details through message_delta accumulation (#1027) (198bc27)

sdk: v0.98.1

0.98.1 (2026-05-26)

Full Changelog: sdk-v0.98.0...sdk-v0.98.1

Bug Fixes

• client: preserve directory prefix in skills.versions.create uploads (#1024) (abbcd6a)

... (truncated)

Changelog

Sourced from @​anthropic-ai/sdk's changelog.

0.100.1 (2026-05-29)

Full Changelog: sdk-v0.100.0...sdk-v0.100.1

Bug Fixes

• streaming: carry encrypted_content on beta compaction blocks (#1025) (eccddf3)

Chores

• client: update lockfiles to have proper dependencies on standardwebhooks (5e9b523)

0.100.0 (2026-05-28)

Full Changelog: sdk-v0.99.0...sdk-v0.100.0

Features

• api: Add support for claude-opus-4-8, mid-conversation system blocks, and usage.output_tokens_details (bb0bf27)

Documentation

• replace literal newlines (66ba142)

0.99.0 (2026-05-27)

Full Changelog: sdk-v0.98.1...sdk-v0.99.0

Features

• support custom file size caps (#1029) (814cd4c)

Bug Fixes

• streaming: carry stop_details through message_delta accumulation (#1027) (198bc27)

0.98.1 (2026-05-26)

Full Changelog: sdk-v0.98.0...sdk-v0.98.1

Bug Fixes

• client: preserve directory prefix in skills.versions.create uploads (#1024) (abbcd6a)

Chores

... (truncated)

Commits

• 512605f chore: release main
• d0148df codegen metadata
• 4d836b4 codegen metadata
• 323e350 codegen metadata
• ea36df7 chore(client): update lockfiles to have proper dependencies on standardwebhooks
• 0ea1922 codegen metadata
• 991d88f fix(streaming): carry encrypted_content on beta compaction blocks (#1025)
• 6f97c4d chore: release main
• 1fd7ec7 feat(api): Add support for claude-opus-4-8, mid-conversation system blocks, a...
• f5bfc10 docs: replace literal newlines
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​anthropic-ai/sdk since your current version.

Updates @simplewebauthn/server from 13.3.0 to 13.3.1

Release notes

Sourced from @​simplewebauthn/server's releases.

v13.3.1

Changes:

• [server] Fixed an issue with verifyRegistrationResponse() failing to verify some Packed and SafetyNet statements (#767)

Changelog

Sourced from @​simplewebauthn/server's changelog.

v13.3.1

Changes:

• [server] Fixed an issue with verifyRegistrationResponse() failing to verify some Packed and SafetyNet statements (#767)

Commits

• 615538f Update version to 13.3.1
• 61601dd Ignore E2E test for now
• 6c43af7 Use attStmt.alg in Safety Net and Packed Full
• See full diff in compare view

Updates next from 16.2.6 to 16.2.7

Release notes

Sourced from next's releases.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Backport documentation fixes for v16.2 (#93804)
• [backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)
• [backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)
• [backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)
• [backport] Encode non-ASCII characters in cache tags at construction (#93918)
• [backport] Fix server action forwarding loop with middleware rewrites (#93919)
• [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
• [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
• [backport] Fix "type: module" in project dir when using standalone or adapters (#94050)
• [backport] Propagate adapter preferred regions (#94200)
• [16.2.x] Don't drop FormData entries (#94240)
• [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @​eps1lon, @​icyJoseph, @​unstubbable, @​mischnic, @​bgw, @​timneutkens, and @​lukesandberg for helping!

Commits

• 9bd3c26 v16.2.7
• c63224f [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...
• 63115c7 [16.2.x] Don't drop FormData entries (#94240)
• aef22fd [backport] Propagate adapter preferred regions (#94200)
• f126e72 [backport] Fix "type: module" in project dir when using standalone or adapter...
• bda3e2a [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
• 7e16e07 [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
• 6139f4b [backport] Fix server action forwarding loop with middleware rewrites (#93919)
• c021d10 [backport] Encode non-ASCII characters in cache tags at construction (#93918)
• 9184ddb [backport] Fix catch-all router.query corruption with basePath + `rewrite...
• Additional commits viewable in compare view

Updates react from 19.2.6 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

Commits

• 6117d7c Version 19.2.7 (#36591)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.

Updates @types/react from 19.2.15 to 19.2.16

Commits

• See full diff in compare view

Updates react-dom from 19.2.6 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

Commits

• 6117d7c Version 19.2.7 (#36591)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.

Updates react-hook-form from 7.76.1 to 7.77.0

Release notes

Sourced from react-hook-form's releases.

Version 7.77.0

🥡 feat: add resetDefaultValues API (#13427)

https://react-hook-form.com/docs/useform/resetdefaultvalues

const { resetDefaultValues } = useForm();
resetDefaultValues(currentValues);

🐚 harden get() against prototype-path traversal (proto / constructor / prototype) (#13479) 🐞 fix FieldArray errors overriding nested fields (#13476) 🐞 fix inconsistent reset({}) behavior requiring double-call to take effect (#13473) 🐞 fix: preserve values with shouldUnregister (#13464) 🐞 fix stale isDirty in subscribe payload after reset(..., { keepValues: true }) (#13461) 👝 save bundle size (#13468)

thanks to @​puneetdixit200 & @​dfedoryshchev

Changelog

Sourced from react-hook-form's changelog.

[7.77.0] - 2026-05-31

Added

• resetDefaultValues API

Fixed

• Stale isDirty in subscribe payload after reset(..., { keepValues: true })
• Preserve values with shouldUnregister
• Inconsistent reset({}) behavior requiring double-call to take effect
• FieldArray errors overriding nested fields

Security

• Harden get() against prototype-path traversal (__proto__ / constructor / prototype)

Performance

• Bundle size reduction

Commits

• 5b20741 7.77.0
• f1a02d3 🧪 add regression coverage for createFormControl + useController remount defau...
• ba88c3d 📚 docs: fix JSDoc for UseFormWatch (#13486)
• 54198d9 🥡 feat: add resetDefaultValues API (#13427)
• fe8276e 📚 docs: fix duplicate "de" in es-ES README image alt text (#13481)
• 6aa81f9 🐚 harden get() against prototype-path traversal (__proto__ / `constructor...
• 645478b 🐞 fix FieldArray errors overriding nested fields (#13476)
• 889c752 🧪 add regression coverage for dynamic nested names with useController and wat...
• 581321c 🐞 fix inconsistent reset({}) behavior requiring double-call to take effect (#...
• f8eb2d7 🌭 upgrade deps (#13470)
• Additional commits viewable in compare view

Updates zustand from 5.0.13 to 5.0.14

Release notes

Sourced from zustand's releases.

v5.0.14

This release fixes a type issue in devtools.

What's Changed

• fix(devtools): improve type inference for Devtools initializer by @​dbritto-dev in pmndrs/zustand#3511

New Contributors

• @​TheSeydiCharyyev made their first contribution in pmndrs/zustand#3487
• @​brofrong made their first contribution in pmndrs/zustand#3496
• @​hyun907 made their first contribution in pmndrs/zustand#3506

Full Changelog: pmndrs/zustand@v5.0.13...v5.0.14

Commits

• bfb2a9e 5.0.14
• 62b2aff chore(deps): update dev dependencies (#3513)
• ad77bd3 fix(devtools): improve type inference for Devtools initializer (#3511)
• 8476d2c update pnpm etc (#3512)
• d690ec2 docs(combine): add object constraints to T and U in signature (#3506)
• fd8c601 docs(react): add Action constraint to redux middleware signature (#3492)
• 2ce8226 docs(immer): fix setPerson updater type in usage examples (#3502)
• 038b938 docs(updating-state): use curried create form with explicit state type (#3503)
• 60a91b4 docs(devtools): add missing devtools import to troubleshooting example (#3501)
• efad169 Update FUNDING.json
• Additional commits viewable in compare view

Updates @types/react from 19.2.15 to 19.2.16

Commits

• See full diff in compare view

Updates @vitest/coverage-v8 from 4.1.7 to 4.1.8

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.8

   🐞 Bug Fixes

• browser:
  • Disable client cdp API when allowWrite/allowExec: false [backport to v4]  -  by @​hi-ogawa and Codex in vitest-dev/vitest#10450 (e4067)
  • Remove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by @​toxik and @​Zelys-DFKH in vitest-dev/vitest#10474 (675b4)

    View changes on GitHub

Commits

• e61f2dd chore: release v4.1.8
• e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
• See full diff in compare view

Updates eslint-config-next from 16.2.6 to 16.2.7

Release notes

Sourced from eslint-config-next's releases.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Backport documentation fixes for v16.2 (#93804)
• [backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)
• [backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)
• [backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)
• [backport] Encode non-ASCII characters in cache tags at construction (#93918)
• [backport] Fix server action forwarding loop with middleware rewrites (#93919)
• [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
• [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
• [backport] Fix "type: module" in project dir when using standalone or adapters (#94050)
• [backport] Propagate adapter preferred regions (#94200)
• [16.2.x] Don't drop FormData entries (#94240)
• [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @​eps1lon, @​icyJoseph, @​unstubbable, @​mischnic, @​bgw, @​timneutkens, and @​lukesandberg for helping!

Commits

• 9bd3c26 v16.2.7
• See full diff in compare view

Updates tsx from 4.22.3 to 4.22.4

Release notes

Sourced from tsx's releases.

v4.22.4

4.22.4 (2026-05-31)

Bug Fixes

• resolve CommonJS directory requires inside dependencies (#803) (1ce8463)

---

This release is also available on:

• npm package (@​latest dist-tag)

Commits

• 1ce8463 fix: resolve CommonJS directory requires inside dependencies (#803)
• See full diff in compare view

Updates vitest from 4.1.7 to 4.1.8

Release notes

Sourced from vitest's releases.

v4.1.8

   🐞 Bug Fixes

• browser:
  • Disable client cdp API when allowWrite/allowExec: false [backport to v4]  -  by @​hi-ogawa and Codex in vitest-dev/vitest#10450 (e4067)
  • Remove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by @​toxik and @​Zelys-DFKH in vitest-dev/vitest#10474 (675b4)

    View changes on GitHub

Commits

• e61f2dd chore: release v4.1.8
• e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions