Skip to content

fix(deps): update all non-major dependencies#362

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all-minor-patch
Open

fix(deps): update all non-major dependencies#362
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all-minor-patch

Conversation

@renovate

@renovate renovate Bot commented Jun 15, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence Type Update Pending
@radix-ui/react-toast (source) 1.2.161.2.18 age confidence dependencies patch 1.2.19
@radix-ui/react-tooltip (source) 1.2.91.2.11 age confidence dependencies patch 1.2.12
@trpc/client (source) 11.17.011.18.0 age confidence dependencies minor
@trpc/react-query (source) 11.17.011.18.0 age confidence dependencies minor
@trpc/server (source) 11.17.011.18.0 age confidence dependencies minor
@vercel/functions (source) 3.6.33.7.5 age confidence dependencies minor
downshift (source) 9.3.69.4.0 age confidence dependencies minor
jotai 2.20.02.20.1 age confidence dependencies patch
next (source) 16.2.716.2.10 age confidence dependencies patch
next-intl (source) 4.13.04.13.1 age confidence dependencies patch
node (source) 24.16.024.18.0 age confidence minor
pnpm (source) 10.34.110.34.4 age confidence packageManager patch
react-hook-form (source) 7.78.07.80.0 age confidence dependencies minor 7.81.0
react-icons 5.6.05.7.0 age confidence dependencies minor
recharts 3.8.13.9.1 age confidence dependencies minor 3.9.2
remeda (source) 2.38.02.39.0 age confidence dependencies minor

Release Notes

radix-ui/primitives (@​radix-ui/react-toast)

v1.2.18

  • Fixed infinite re-render loop in React 19 caused by unstable composed ref callback references.
  • Cleared the close timer on unmount to prevent memory leaks and errors in test environments
  • Updated dependencies: @radix-ui/react-primitive@2.1.7, @radix-ui/react-dismissable-layer@1.1.14, @radix-ui/react-collection@1.1.11, @radix-ui/react-portal@1.1.13, @radix-ui/react-visually-hidden@1.2.7

v1.2.17

  • Updated dependencies: @radix-ui/react-dismissable-layer@1.1.13, @radix-ui/react-primitive@2.1.6, @radix-ui/react-collection@1.1.10, @radix-ui/react-portal@1.1.12, @radix-ui/react-visually-hidden@1.2.6
radix-ui/primitives (@​radix-ui/react-tooltip)

v1.2.11

  • Updated dependencies: @radix-ui/react-primitive@2.1.7, @radix-ui/react-dismissable-layer@1.1.14, @radix-ui/react-popper@1.3.2, @radix-ui/react-portal@1.1.13, @radix-ui/react-visually-hidden@1.2.7

v1.2.10

  • Updated dependencies: @radix-ui/react-slot@1.3.0, @radix-ui/react-popper@1.3.1, @radix-ui/react-dismissable-layer@1.1.13, @radix-ui/react-primitive@2.1.6, @radix-ui/react-portal@1.1.12, @radix-ui/react-visually-hidden@1.2.6
trpc/trpc (@​trpc/client)

v11.18.0

Compare Source

What's Changed
New Contributors

Full Changelog: trpc/trpc@v11.17.0...v11.18.0

vercel/vercel (@​vercel/functions)

v3.7.5

Compare Source

Patch Changes

v3.7.4

Compare Source

Patch Changes

v3.7.3

Compare Source

Patch Changes

v3.7.2

Compare Source

Patch Changes
  • 071569d: Add a maxPayload option to experimental_upgradeWebSocket(), defaulting to 256 KiB.

v3.7.1

Compare Source

Patch Changes
  • a7f1f7c: Make ws an optional peer dependency

v3.7.0

Compare Source

Minor Changes
  • 3f3ef14: Add experimental_upgradeWebSocket() API
downshift-js/downshift (downshift)

v9.4.0

Compare Source

Features
pmndrs/jotai (jotai)

v2.20.1

Compare Source

This release includes a few small fixes.

What's Changed

New Contributors

Full Changelog: pmndrs/jotai@v2.20.0...v2.20.1

vercel/next.js (next)

v16.2.10

Compare Source

v16.2.9

Compare Source

Empty release to ensure next@latest points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.

v16.2.8

Compare Source

Release with no changes in an attempt to fix next@latest pointing at a prerelease version.

amannn/next-intl (next-intl)

v4.13.1

Compare Source

Bug Fixes
nodejs/node (node)

v24.18.0: 2026-06-23, Version 24.18.0 'Krypton' (LTS), @​richardlau prepared by @​sxa

Compare Source

Notable Changes
  • [e07e7a31e1] - crypto: update root certificates to NSS 3.123.1 (Node.js GitHub Bot) #​63527
  • [44c8ebcbd6] - http: avoid stream listeners on idle agent sockets (Matteo Collina) #​64004
  • [d3ef4122ee] - (SEMVER-MINOR) buffer: increase Buffer.poolSize default to 64 KiB (Matteo Collina) #​63597
  • [bb2857b85a] - (SEMVER-MINOR) crypto: align key argument names in docs and error messages (Filip Skokan) #​62527
  • [b9d5e87880] - (SEMVER-MINOR) crypto: accept key data in crypto.diffieHellman() and cleanup DH jobs (Filip Skokan) #​62527
  • [ccd756d61e] - (SEMVER-MINOR) crypto: add TurboSHAKE and KangarooTwelve Web Cryptography algorithms (Filip Skokan) #​62183
  • [4c9251fc09] - (SEMVER-MINOR) http: add writeInformation to send arbitrary 1xx status codes (Tim Perry) #​63155
  • [8c989ec4a3] - (SEMVER-MINOR) inspector: expose precise coverage start to JS runtime (sangwook) #​63079
  • [3f54c8ba32] - Revert "stream: noop pause/resume on destroyed streams" (Stewart X Addison) #​63834
Commits

v24.17.0: 2026-06-18, Version 24.17.0 'Krypton' (LTS), @​aduh95

Compare Source

This is a security release.

Notable Changes
  • (CVE-2026-48618) tls: normalize hostname for server identity checks (Matteo Collina) – High
  • (CVE-2026-48933) crypto: guard WebCrypto cipher output length (Filip Skokan) – High
  • (CVE-2026-48615) lib,test: redact proxy credentials in tunnel errors (Matteo Collina) – Medium
  • (CVE-2026-48619) http2: cap originSet size to prevent unbounded memory growth (Matteo Collina) – Medium
  • (CVE-2026-48928) tls: fix case-sensitive SNI context matching (Matteo Collina) – Medium
  • (CVE-2026-48930) dns,net: reject hostnames with embedded NUL bytes (Matteo Collina) – Medium
  • (CVE-2026-48934) tls: bind reusable sessions to authenticated host (Matteo Collina) – Medium
  • (CVE-2026-48937) deps: fix integration issues with the latest nghttp2 – Medium
  • (CVE-2026-48617) permission: handle process.chdir on writereport (RafaelGSS) – Low
  • (CVE-2026-48931) http: fix response queue poisoning in http.Agent (Matteo Collina) – Low
  • (CVE-2026-48935) permission: disable FileHandle utimes with permission model (RafaelGSS) – Low
Commits

Note

PR body was truncated to here.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • Between 12:00 AM and 03:59 AM, only on Monday (* 0-3 * * 1)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 7 times, most recently from 6f7d599 to 77b4d3a Compare June 23, 2026 04:58
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch from 77b4d3a to fd87f59 Compare June 26, 2026 02:02
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 6499d63 to 1471ea1 Compare July 4, 2026 17:30
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch from 1471ea1 to 0a5663c Compare July 4, 2026 21:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants