Skip to content

chore(deps): bump the production group across 1 directory with 26 updates#631

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-d8ea7c072b
Open

chore(deps): bump the production group across 1 directory with 26 updates#631
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-d8ea7c072b

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 30, 2026

Copy link
Copy Markdown

Bumps the production group with 26 updates in the / directory:

Package From To
@iconify-json/lucide 1.2.102 1.2.114
@iconify-json/simple-icons 1.2.77 1.2.87
@shikijs/rehype 3.23.0 4.3.0
@takumi-rs/image-response 0.62.8 1.8.7
@takumi-rs/wasm 0.62.8 1.8.7
@tanstack/react-query 5.99.0 5.101.1
@vercel/analytics 1.6.1 2.0.1
@vercel/speed-insights 1.3.1 2.0.0
@wagmi/core 3.4.11 3.5.4
abitype 1.2.3 1.2.4
accounts 0.10.7 0.14.11
hono 4.12.26 4.12.27
ox 0.14.20 0.14.29
posthog-js 1.367.0 1.393.4
posthog-node 5.29.2 5.38.5
react 19.2.6 19.2.7
react-dom 19.2.6 19.2.7
react-server-dom-webpack 19.2.6 19.2.7
shiki 3.23.0 4.3.0
sql-formatter 15.7.3 15.8.2
tailwind-merge 3.5.0 3.6.0
tailwindcss 4.2.2 4.3.1
wagmi 3.6.14 3.6.20
waku 1.0.0-beta.0 1.0.0-beta.4
webauthx 0.1.1 0.1.2
zod 4.3.6 4.4.3

Updates @iconify-json/lucide from 1.2.102 to 1.2.114

Commits

Updates @iconify-json/simple-icons from 1.2.77 to 1.2.87

Commits

Updates @shikijs/rehype from 3.23.0 to 4.3.0

Release notes

Sourced from @​shikijs/rehype's releases.

v4.3.0

   🚀 Features

    View changes on GitHub

v4.2.0

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.0

   🐞 Bug Fixes

    View changes on GitHub

v4.0.2

   🐞 Bug Fixes

    View changes on GitHub

v4.0.1

   🐞 Bug Fixes

    View changes on GitHub

v4.0.0

   🚨 Breaking Changes

   🚀 Features

... (truncated)

Commits

Updates @takumi-rs/image-response from 0.62.8 to 1.8.7

Release notes

Sourced from @​takumi-rs/image-response's releases.

@​takumi-rs/image-response@​1.8.7

Patch Changes

  • 9604fd7: Split package export types per import/require condition so CJS consumers resolve .d.cts
  • Updated dependencies [9604fd7]
    • takumi-js@1.8.7

@​takumi-rs/image-response@​1.8.6

Patch Changes

  • takumi-js@1.8.6

@​takumi-rs/image-response@​1.8.5

Patch Changes

  • takumi-js@1.8.5

@​takumi-rs/image-response@​1.8.4

Patch Changes

  • takumi-js@1.8.4

@​takumi-rs/image-response@​1.8.3

Patch Changes

  • takumi-js@1.8.3

@​takumi-rs/image-response@​1.8.2

Patch Changes

  • takumi-js@1.8.2

@​takumi-rs/image-response@​1.8.1

Patch Changes

  • Updated dependencies [55b058d]
    • takumi-js@1.8.1
Commits
  • 294bd83 Version Packages (#793)
  • 9604fd7 Split package export types per import/require condition (#795)
  • 4b810d7 chore(deps): update actions/checkout action to v7
  • 81c3678 revert(napi/core): seperate dts build (#792)
  • cafbd48 CI: add least-privilege top-level permissions (#791)
  • a1f4d4e Version Packages (#784)
  • 88497fa WASM: free resource after test ran
  • c1dd195 Crate: fix vertical-align sub/super shift and trim line-end trailing whitespa...
  • 6f55980 Crate: fix line-box height for top/bottom-aligned boxes taller than line-heig...
  • cfac305 Crate: align empty inline-block, inline-flex, and inline-grid boxes to the ba...
  • Additional commits viewable in compare view

Updates @takumi-rs/wasm from 0.62.8 to 1.8.7

Release notes

Sourced from @​takumi-rs/wasm's releases.

@​takumi-rs/wasm@​1.8.7

Patch Changes

  • 9604fd7: Split package export types per import/require condition so CJS consumers resolve .d.cts
  • Updated dependencies [9604fd7]
    • @​takumi-rs/helpers@​1.8.7

@​takumi-rs/wasm@​1.8.6

Patch Changes

  • @​takumi-rs/helpers@​1.8.6

@​takumi-rs/wasm@​1.8.5

Patch Changes

  • @​takumi-rs/helpers@​1.8.5

@​takumi-rs/wasm@​1.8.4

Patch Changes

  • @​takumi-rs/helpers@​1.8.4

@​takumi-rs/wasm@​1.8.3

Patch Changes

  • @​takumi-rs/helpers@​1.8.3

@​takumi-rs/wasm@​1.8.2

Patch Changes

  • 041e5fd: Fix +simd128 flag being override by CI configuration
    • @​takumi-rs/helpers@​1.8.2

@​takumi-rs/wasm@​1.8.1

Patch Changes

  • 55b058d: Hold renderer state behind a lock so all methods take &self, preventing a panic from permanently breaking the wasm-bindgen borrow flag.
    • @​takumi-rs/helpers@​1.8.1

@​takumi-rs/wasm@​1.8.0

Minor Changes

  • ae2c9aa: Built with nightly Rust toolchain with panic=immediate-abort to reduce binary size

Patch Changes

  • @​takumi-rs/helpers@​1.8.0
Commits
  • 294bd83 Version Packages (#793)
  • 9604fd7 Split package export types per import/require condition (#795)
  • 4b810d7 chore(deps): update actions/checkout action to v7
  • 81c3678 revert(napi/core): seperate dts build (#792)
  • cafbd48 CI: add least-privilege top-level permissions (#791)
  • a1f4d4e Version Packages (#784)
  • 88497fa WASM: free resource after test ran
  • c1dd195 Crate: fix vertical-align sub/super shift and trim line-end trailing whitespa...
  • 6f55980 Crate: fix line-box height for top/bottom-aligned boxes taller than line-heig...
  • cfac305 Crate: align empty inline-block, inline-flex, and inline-grid boxes to the ba...
  • Additional commits viewable in compare view

Updates @tanstack/react-query from 5.99.0 to 5.101.1

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.101.1

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-devtools@​5.101.1
    • @​tanstack/react-query@​5.101.1

@​tanstack/react-query-next-experimental@​5.101.1

Patch Changes

  • Updated dependencies []:
    • @​tanstack/react-query@​5.101.1

@​tanstack/react-query-persist-client@​5.101.1

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-persist-client-core@​5.101.1
    • @​tanstack/react-query@​5.101.1

@​tanstack/react-query@​5.101.1

Patch Changes

  • Updated dependencies [9eff92e]:
    • @​tanstack/query-core@​5.101.1

@​tanstack/react-query-devtools@​5.101.0

Patch Changes

@​tanstack/react-query-next-experimental@​5.101.0

Patch Changes

  • #10857 7cf5923 - fix(react-query-next-experimental): replace deprecated 'isServer' with 'environmentManager.isServer()'

  • Updated dependencies []:

    • @​tanstack/react-query@​5.101.0

@​tanstack/react-query-persist-client@​5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-persist-client-core@​5.101.0
    • @​tanstack/react-query@​5.101.0

@​tanstack/react-query@​5.101.0

Patch Changes

... (truncated)

Changelog

Sourced from @​tanstack/react-query's changelog.

5.101.1

Patch Changes

  • Updated dependencies [9eff92e]:
    • @​tanstack/query-core@​5.101.1

5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.101.0

5.100.14

Patch Changes

  • fix(react-query): do not go into optimistic fetching state when not subscribed (#10759)

  • Updated dependencies []:

    • @​tanstack/query-core@​5.100.14

5.100.13

Patch Changes

  • Updated dependencies [d423168]:
    • @​tanstack/query-core@​5.100.13

5.100.12

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.100.12

5.100.11

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.100.11

5.100.10

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.100.10

... (truncated)

Commits
  • b809297 ci: Version Packages (#10977)
  • ccc843e test({react,preact}-query/useQueries): move type-only tests to 'useQueries.te...
  • 4154613 test({react,preact}-query/useMutation): split 'should handle conditional logi...
  • 8bb5fde test({react,preact}-query/useMutation): split 'should pass meta to mutation' ...
  • 87426a3 test(react-query): replace deprecated 'toBeCalledTimes' with 'toHaveBeenCalle...
  • feb1efd test(*): move 'vi.useRealTimers' to the end of 'afterEach' so cleanup runs un...
  • f3d8d2a ci: Version Packages (#10774)
  • 532bb29 fix(tests): disable local coverage instrumentation (#10776)
  • ba6e7be ci: Version Packages (#10767)
  • ed20b6d fix(react): do not go into optimistic fetching state when not subscribed (#10...
  • Additional commits viewable in compare view

Updates @vercel/analytics from 1.6.1 to 2.0.1

Release notes

Sourced from @​vercel/analytics's releases.

v2.0.1

What's Changed

New Contributors

Full Changelog: vercel/analytics@v2.0.0...v2.0.1

v2.0.0

What's Changed

Breaking Changes

  • License changed from MPL-2.0 to MIT (#170)
  • Nuxt: introduce module support. If you need to configure it, load injectAnalytics() from @vercel/analytics/nuxt/runtime (#183)

Features

  • feat: load dynamic configuration (#184) — analytics config can now be loaded dynamically

Bug Fixes

  • fix: src and endpoint paths do not work when relative (#186)

Full Changelog: vercel/speed-insights@1.6.1...2.0.0

v2.0.0-canary.1

Canary release for testing 2.0.0 changes

Commits

Updates @vercel/speed-insights from 1.3.1 to 2.0.0

Release notes

Sourced from @​vercel/speed-insights's releases.

v2.0.0

What's Changed

Breaking Changes

  • License changed from Apache-2.0 to MIT (#111)
  • Nuxt: introduce module support (#110). In case you need to configure it, load injectSpeedInsights() from @vercel/speed-insights/nuxt/runtime

Features

  • feat: load dynamic configuration (#112) — speed insights config can now be loaded dynamically

Full Changelog: vercel/speed-insights@1.3.1...2.0.0

v2.0.0-canary.1

Canary release for testing 2.0.0 changes

1.5.0-canary.4

What's Changed

Full Changelog: vercel/speed-insights@1.2.0-canary.3...1.5.0-canary.4

Commits
  • 828d10c chore: bump version to v2.0.0
  • 15cb241 chore: bump version to v2.0.0-canary.1
  • b10a09c feat: load dynamic configuration (#112)
  • c6f4e37 feat(nuxt)!: Add support for injectSpeedInsights() and Nuxt module (#110)
  • See full diff in compare view

Updates @wagmi/core from 3.4.11 to 3.5.4

Release notes

Sourced from @​wagmi/core's releases.

@​wagmi/core@​3.5.4

Patch Changes

  • Fixed Tempo Zone types for optional fields. (#5167)

@​wagmi/core@​3.5.3

Patch Changes

  • Added connector-specific subpath exports and marked optional connector dependency imports as optional for Turbopack resolution. (#5165)

@​wagmi/core@​3.5.2

Patch Changes

  • Bumped accounts peer version (3e12a5e)

@​wagmi/core@​3.5.0

Minor Changes

  • Added discovered EIP-6963 providers to the connector setup config. (#5128)

@​wagmi/core@​3.4.12

Patch Changes

  • Handled malformed cookie state in cookieToInitialState. (#5116)

  • wagmi/tempo: Renamed Actions.wallet.send to Actions.wallet.transfer and Hooks.wallet.useSend to Hooks.wallet.useTransfer. (#5121)

    Also bumps the accounts peer dependency to ~0.12.

    - await Actions.wallet.send(config, {
    -   to: '0x...',
    -   token: '0x...',
    -   value: '1.5',
    - })
    + await Actions.wallet.transfer(config, {
    +   amount: '1.5',
    +   to: '0x...',
    +   token: '0x...',
    + })
    - const send = Hooks.wallet.useSend()
    + const transfer = Hooks.wallet.useTransfer()
Changelog

Sourced from @​wagmi/core's changelog.

3.5.4

Patch Changes

  • Fixed Tempo Zone types for optional fields. (#5167)

3.5.3

Patch Changes

  • Added connector-specific subpath exports and marked optional connector dependency imports as optional for Turbopack resolution. (#5165)

3.5.2

Patch Changes

  • Bumped accounts peer version (3e12a5e)

3.5.1

Patch Changes

  • Updated prepareTransactionRequest to use the connector client when available. (#5154)

3.5.0

Minor Changes

  • Added discovered EIP-6963 providers to the connector setup config. (#5128)

3.4.12

Patch Changes

  • Handled malformed cookie state in cookieToInitialState. (#5116)

  • wagmi/tempo: Renamed Actions.wallet.send to Actions.wallet.transfer and Hooks.wallet.useSend to Hooks.wallet.useTransfer. (#5121)

    Also bumps the accounts peer dependency to ~0.12.

    - await Actions.wallet.send(config, {
    -   to: '0x...',
    -   token: '0x...',
    -   value: '1.5',
    - })
    + await Actions.wallet.transfer(config, {
    +   amount: '1.5',
    +   to: '0x...',
    +   token: '0x...',

... (truncated)

Commits

Updates abitype from 1.2.3 to 1.2.4

Release notes

Sourced from abitype's releases.

abitype@1.2.4

Patch Changes

  • Fixed Zod identifier regex to anchor start and end, rejecting invalid identifiers like café, 2g, and hello👋. (#296)
Commits

Updates accounts from 0.10.7 to 0.14.11

Release notes

Sourced from accounts's releases.

accounts@0.14.11

Patch Changes

  • 3610539: Added adapter-supplied default access-key keystores via Adapter.Instance.accessKey.keystores, replacing the removed generateAccessKey.
  • a94dcff: Bumped hono to 4.12.25 (catalog + override for transitive @modelcontextprotocol/sdk paths) to clear the remaining pnpm audit advisories: CORS middleware origin reflection (high), serve-static path traversal, and the AWS Lambda Set-Cookie/body-limit/header issues.
  • 0406c1c: Upgraded vulnerable transitive dependencies to patched versions to clear pnpm audit (vite-plus, vite, ws, tmp, form-data, protobufjs, tar, js-yaml, launch-editor, @​babel/core, dompurify).
  • a65930b: Bumped the mppx dependency to ^0.7.0.
  • 9aa1ed4: Fixed eth_fillTransaction to estimate gas for the signing key's signature size instead of always assuming secp256k1.
  • 3610539: Added an accessKey option group to Provider.createaccessKey.keystores for pluggable per-key-type access-key keystores and accessKey.authorize superseding the now-deprecated top-level authorizeAccessKey.
  • 0b960e2: Restored popup treatment in Safari for wallet_connect in the postMessage adapter.
  • b588aa8: Upgraded the wata dependency to 0.2.0 and migrated the postMessage and mobileWebAuth adapters to its async wata.start() session API.

accounts@0.14.9

Patch Changes

  • e15e2a4: Added mobileWebAuth() and tempoWalletMobileWebAuth() adapters, also available from accounts/mobileWebAuth as mobileWebAuth and tempoWallet.

    Added accounts/react-native/expo-web-browser.

    Added ProviderRequest.parse().

    Renamed accounts/react-native/secure-storage to accounts/react-native/expo-secure-store.

    Removed the reactNative() adapter.

accounts@0.14.8

Patch Changes

  • d0d3cea: Added OIDC identity-token support for verified email extraction.

accounts@0.14.7

Patch Changes

  • 8a9564b: Persist CLI access keys in filesystem-backed provider storage.

  • edab403: Allow Provider.create({ authorizeAccessKey }) to return undefined to skip access-key authorization for the current wallet_connect.

  • df1615e: Persist access keys through provider storage.

  • 1478791: Add provider-owned RPC action handling for adapters that expose a viem account with getAccount.

    Adapters can now implement getAccount and optional generateAccessKey instead of duplicating transaction, signing, and access-key RPC actions.

  • ad48834: Allowed the React Native adapter to connect without requesting an access key.

  • 648df76: Make accounts/react-native adapter-only and move React Native storage adapters behind explicit subpaths.

  • 694e022: Added a React Privy adapter at accounts/react/privy, backed Privy Ethereum signing with secp256k1_sign, and stopped exporting the lower-level Core JS Privy adapter from the root package entrypoint.

  • b1a3a69: Added ability to batch key authorization + server auth into one digest.

... (truncated)

Changelog

Sourced from accounts's changelog.

0.14.11

Patch Changes

  • 3610539: Added adapter-supplied default access-key keystores via Adapter.Instance.accessKey.keystores, replacing the removed generateAccessKey.
  • a94dcff: Bumped hono to 4.12.25 (catalog + override for transitive @modelcontextprotocol/sdk paths) to clear the remaining pnpm audit advisories: CORS middleware origin reflection (high), serve-static path traversal, and the AWS Lambda Set-Cookie/body-limit/header issues.
  • 0406c1c: Upgraded vulnerable transitive dependencies to patched versions to clear pnpm audit (vite-plus, vite, ws, tmp, form-data, protobufjs, tar, js-yaml, launch-editor, @​babel/core, dompurify).
  • a65930b: Bumped the mppx dependency to ^0.7.0.
  • 9aa1ed4: Fixed eth_fillTransaction to estimate gas for the signing key's signature size instead of always assuming secp256k1.
  • 3610539: Added an accessKey option group to Provider.createaccessKey.keystores for pluggable per-key-type access-key keystores and accessKey.authorize superseding the now-deprecated top-level authorizeAccessKey.
  • 0b960e2: Restored popup treatment in Safari for wallet_connect in the postMessage adapter.
  • b588aa8: Upgraded the wata dependency to 0.2.0 and migrated the postMessage and mobileWebAuth adapters to its async wata.start() session API.

0.14.10

Patch Changes

  • fa0434f: Added wallet_updateAccessKey to update an access key's spending limits in place.

  • c5bbc8d: Added multisig approval collection to Handler.relay.

  • ab78127: Fixed raw sponsored transaction signing to restore the configured fee token when the serialized transaction omits it.

  • a993dff: Remove the accounts/react-native subpath; import asyncStorage from accounts/react-native/async-storage instead.

  • 05d5458: Removed the T5 hardfork gate so TIP-1053 witness binding always collapses access-key authorization and the auth proof into a single passkey ceremony.

  • 8203e44: Add encrypted MMKV-backed React Native storage that manages its SecureStore encryption key internally.

    Remove secureStorage from accounts/react-native/expo-secure-store; use secureMmkv from accounts/react-native/secure-mmkv instead.

  • a188f7e: Introduced postMessage adapter built on the Wata transport of the same name.

    Updated the tempoWallet adapter to use postMessage.

    Deprecated dialog adapter in favor of postMessage.

0.14.9

Patch Changes

  • e15e2a4: Added mobileWebAuth() and tempoWalletMobileWebAuth() adapters, also available from accounts/mobileWebAuth as mobileWebAuth and tempoWallet.

    Added accounts/react-native/expo-web-browser.

    Added ProviderRequest.parse().

    Renamed accounts/react-native/secure-storage to accounts/react-native/expo-secure-store.

    Removed the reactNative() adapter.

0.14.8

Patch Changes

... (truncated)

Commits

Updates hono from 4.12.26 to 4.12.27

Release notes

Sourced from hono's releases.

v4.12.27

Security fixes

This release includes fixes for the following security issues:

hono/jsx does not isolate context per request

Affects: hono/jsx, hono/jsx-renderer. During SSR, context was stored process-wide instead of per request, so useContext()/useRequestContext() read after an await in an async component could return another concurrent request's value — leading to cross-request data disclosure or authorization checks against the wrong request. GHSA-hvrm-45r6-mjfj

Server-Side XSS via JSX escaping bypass in cx()

Affects: hono/css. cx() marked its composed class name as already-escaped without escaping the input, so untrusted input passed as a class name could break out of the JSX class attribute during SSR and inject markup (XSS). GHSA-w62v-xxxg-mg59

API Gateway v1 adapter can drop a repeated request header value

Affects: hono/aws-lambda. The API Gateway v1 (and VPC Lattice) adapter de-duplicated repeated header values by substring instead of exact match, dropping a value that is a substring of another (e.g. 203.0.113.1 dropped when 203.0.113.10 is present) — affecting logic such as X-Forwarded-For-based IP restriction. GHSA-xgm2-5f3f-mvvc


Users of hono/jsx/hono/jsx-renderer, hono/css (cx()), or the hono/aws-lambda API Gateway v1 / VPC Lattice adapters are encouraged to upgrade.

Commits

Updates ox from 0.14.20 to 0.14.29

Release notes

Sourced from ox's releases.

ox@0.14.29

Patch Changes

  • #268 ed93945 Thanks @​jxom! - viem/tempo: Added genesisConfig shorthand to TIP-1061 multisig helpers and renamed configIdgenesisConfigId on the typed SignatureEnvelope.Multisig.

ox@0.14.28

Patch Changes

  • #265 f5328d2 Thanks @​jxom! - viem/tempo: Added support for TIP-1061 native multisig accounts.

ox@0.14.27

Patch Changes

  • #263 451a442 Thanks @​jxom! - ox/tempo: Added the ReceivePolicyReceipt module for encoding/decoding TIP-1028 receive-policy claim receipts (ClaimReceiptV1 witnesses) with decode, encode, from, fromLog, and fromTransactionReceipt (returns one receipt per TransferBlocked log).

ox@0.14.26

Patch Changes

  • #262 b1ac8c8 Thanks @​jxom! - ox/tempo: Added support for TIP-1049 (admin access keys) via optional isAdmin and account fields on KeyAuthorization that bind into the signing hash.

  • #260 581ccee Thanks @​jxom! - ox/tempo: Added support for TIP-1053 (witnesses in key authorizations) via an optional 32-byte witness field on KeyAuthorization that is included in the signing hash.

ox@0.14.25

Patch Changes

  • #256 ad7610b Thanks @​jxom! - Renamed ChannelDescriptor.from to Channel.from, made Channel.Channel the descriptor type, and changed Channel.computeId to receive channel and options separately.

ox@0.14.24

Patch Changes

  • #254 d837628 Thanks @​jxom! - Added ChannelDescriptor.from for normalizing TIP-20 channel reserve descriptors.

ox@0.14.23

Patch Changes

  • #252 19cd833 Thanks @​jxom! - Added TIP-20 channel reserve constants, channel id computation, and voucher signing helpers.

ox@0.14.22

Patch Changes

  • #227 ffa64c0 Thanks @​Genmin! - Fixed Secp256k1.verify narrowing signature branches before address recovery.

ox@0.14.21

Patch Changes

  • #246 32cf459 Thanks @​0xrusowsky! - Added TxEnvelopeTempo.encodeForSigning to expose the raw Tempo sender-signing preimage bytes.

  • #248 e0474e9 Thanks @​jxom! - Added blockTimestamp support to transaction RPC conversions.

Commits
  • 58ca601 chore: version packages (#269)
  • ed93945 feat(tempo): add genesisConfig shorthand to multisig helpers (#268)
  • ad3330f chore: version packages (#267)
  • 4b3fe3e chore: version packages (#266)
  • ef64a52 ci(tempo): use edge image (tracks main) instead of latest
  • b8a0714 test(tempo): skip TIP-1049 admin e2e until tempo release ships PR #4265
  • f5328d2 feat(tempo): native multisig (#265)
  • ae54345 ci: bump vitest hookTimeout to 60s for tempo localnet cold start
  • 7bb96ea chore: version packages (#264)
  • 451a442 feat(tempo): add ReceivePolicyReceipt module for TIP-1028 claim receipts (#263)
  • Additional commits viewable in compare view

Updates posthog-js from 1.367.0 to 1.393.4

Release notes

Sourced from posthog-js's releases.

posthog-js@1.393.4

1.393.4

Patch Changes

  • #3942 c9c8925 Thanks @​hpouillot! - Fix browser console log capture when session activity timestamps are missing and refresh session attributes for each log. (2026-06-24)
  • Updated dependencies [c9c8925]:
    • @​posthog/core@​1.37.2

posthog-js@1.393.3

1.393.3

Patch Changes

  • #3945 f94deaf Thanks @​ioannisj! - fix(surveys): guard handlePageUnload against version-skewed surveys instance missing...

    Description has been truncated

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 30, 2026
@vercel

vercel Bot commented Jun 30, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
tempo-docs Ready Ready Preview, Comment Jul 2, 2026 6:05am

Request Review

…ates

Bumps the production group with 26 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@iconify-json/lucide](https://github.com/iconify/icon-sets) | `1.2.102` | `1.2.114` |
| [@iconify-json/simple-icons](https://github.com/iconify/icon-sets) | `1.2.77` | `1.2.87` |
| [@shikijs/rehype](https://github.com/shikijs/shiki/tree/HEAD/packages/rehype) | `3.23.0` | `4.3.0` |
| [@takumi-rs/image-response](https://github.com/kane50613/takumi) | `0.62.8` | `1.8.7` |
| [@takumi-rs/wasm](https://github.com/kane50613/takumi) | `0.62.8` | `1.8.7` |
| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.99.0` | `5.101.1` |
| [@vercel/analytics](https://github.com/vercel/analytics/tree/HEAD/packages/web) | `1.6.1` | `2.0.1` |
| [@vercel/speed-insights](https://github.com/vercel/speed-insights/tree/HEAD/packages/web) | `1.3.1` | `2.0.0` |
| [@wagmi/core](https://github.com/wevm/wagmi/tree/HEAD/packages/core) | `3.4.11` | `3.5.4` |
| [abitype](https://github.com/wevm/abitype) | `1.2.3` | `1.2.4` |
| [accounts](https://github.com/tempoxyz/accounts) | `0.10.7` | `0.14.11` |
| [hono](https://github.com/honojs/hono) | `4.12.26` | `4.12.27` |
| [ox](https://github.com/wevm/ox) | `0.14.20` | `0.14.29` |
| [posthog-js](https://github.com/PostHog/posthog-js) | `1.367.0` | `1.393.4` |
| [posthog-node](https://github.com/PostHog/posthog-js/tree/HEAD/packages/node) | `5.29.2` | `5.38.5` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |
| [react-server-dom-webpack](https://github.com/facebook/react/tree/HEAD/packages/react-server-dom-webpack) | `19.2.6` | `19.2.7` |
| [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) | `3.23.0` | `4.3.0` |
| [sql-formatter](https://github.com/sql-formatter-org/sql-formatter) | `15.7.3` | `15.8.2` |
| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.5.0` | `3.6.0` |
| [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) | `4.2.2` | `4.3.1` |
| [wagmi](https://github.com/wevm/wagmi/tree/HEAD/packages/react) | `3.6.14` | `3.6.20` |
| [waku](https://github.com/wakujs/waku/tree/HEAD/packages/waku) | `1.0.0-beta.0` | `1.0.0-beta.4` |
| [webauthx](https://github.com/wevm/webauthx) | `0.1.1` | `0.1.2` |
| [zod](https://github.com/colinhacks/zod) | `4.3.6` | `4.4.3` |



Updates `@iconify-json/lucide` from 1.2.102 to 1.2.114
- [Commits](https://github.com/iconify/icon-sets/commits)

Updates `@iconify-json/simple-icons` from 1.2.77 to 1.2.87
- [Commits](https://github.com/iconify/icon-sets/commits)

Updates `@shikijs/rehype` from 3.23.0 to 4.3.0
- [Release notes](https://github.com/shikijs/shiki/releases)
- [Commits](https://github.com/shikijs/shiki/commits/v4.3.0/packages/rehype)

Updates `@takumi-rs/image-response` from 0.62.8 to 1.8.7
- [Release notes](https://github.com/kane50613/takumi/releases)
- [Commits](https://github.com/kane50613/takumi/compare/@takumi-rs/image-response@0.62.8...@takumi-rs/image-response@1.8.7)

Updates `@takumi-rs/wasm` from 0.62.8 to 1.8.7
- [Release notes](https://github.com/kane50613/takumi/releases)
- [Commits](https://github.com/kane50613/takumi/compare/@takumi-rs/wasm@0.62.8...@takumi-rs/wasm@1.8.7)

Updates `@tanstack/react-query` from 5.99.0 to 5.101.1
- [Release notes](https://github.com/TanStack/query/releases)
- [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md)
- [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query@5.101.1/packages/react-query)

Updates `@vercel/analytics` from 1.6.1 to 2.0.1
- [Release notes](https://github.com/vercel/analytics/releases)
- [Commits](https://github.com/vercel/analytics/commits/v2.0.1/packages/web)

Updates `@vercel/speed-insights` from 1.3.1 to 2.0.0
- [Release notes](https://github.com/vercel/speed-insights/releases)
- [Commits](https://github.com/vercel/speed-insights/commits/v2.0.0/packages/web)

Updates `@wagmi/core` from 3.4.11 to 3.5.4
- [Release notes](https://github.com/wevm/wagmi/releases)
- [Changelog](https://github.com/wevm/wagmi/blob/main/packages/core/CHANGELOG.md)
- [Commits](https://github.com/wevm/wagmi/commits/@wagmi/core@3.5.4/packages/core)

Updates `abitype` from 1.2.3 to 1.2.4
- [Release notes](https://github.com/wevm/abitype/releases)
- [Commits](https://github.com/wevm/abitype/compare/abitype@1.2.3...abitype@1.2.4)

Updates `accounts` from 0.10.7 to 0.14.11
- [Release notes](https://github.com/tempoxyz/accounts/releases)
- [Changelog](https://github.com/tempoxyz/accounts/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tempoxyz/accounts/compare/accounts@0.10.7...accounts@0.14.11)

Updates `hono` from 4.12.26 to 4.12.27
- [Release notes](https://github.com/honojs/hono/releases)
- [Commits](honojs/hono@v4.12.26...v4.12.27)

Updates `ox` from 0.14.20 to 0.14.29
- [Release notes](https://github.com/wevm/ox/releases)
- [Commits](https://github.com/wevm/ox/compare/ox@0.14.20...ox@0.14.29)

Updates `posthog-js` from 1.367.0 to 1.393.4
- [Release notes](https://github.com/PostHog/posthog-js/releases)
- [Changelog](https://github.com/PostHog/posthog-js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/PostHog/posthog-js/compare/posthog-js@1.367.0...posthog-js@1.393.4)

Updates `posthog-node` from 5.29.2 to 5.38.5
- [Release notes](https://github.com/PostHog/posthog-js/releases)
- [Changelog](https://github.com/PostHog/posthog-js/blob/main/packages/node/CHANGELOG.md)
- [Commits](https://github.com/PostHog/posthog-js/commits/posthog-node@5.38.5/packages/node)

Updates `react` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react)

Updates `react-dom` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

Updates `react-server-dom-webpack` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-server-dom-webpack)

Updates `shiki` from 3.23.0 to 4.3.0
- [Release notes](https://github.com/shikijs/shiki/releases)
- [Commits](https://github.com/shikijs/shiki/commits/v4.3.0/packages/shiki)

Updates `sql-formatter` from 15.7.3 to 15.8.2
- [Release notes](https://github.com/sql-formatter-org/sql-formatter/releases)
- [Commits](sql-formatter-org/sql-formatter@v15.7.3...v15.8.2)

Updates `tailwind-merge` from 3.5.0 to 3.6.0
- [Release notes](https://github.com/dcastil/tailwind-merge/releases)
- [Commits](dcastil/tailwind-merge@v3.5.0...v3.6.0)

Updates `tailwindcss` from 4.2.2 to 4.3.1
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/tailwindcss)

Updates `wagmi` from 3.6.14 to 3.6.20
- [Release notes](https://github.com/wevm/wagmi/releases)
- [Changelog](https://github.com/wevm/wagmi/blob/main/packages/react/CHANGELOG.md)
- [Commits](https://github.com/wevm/wagmi/commits/wagmi@3.6.20/packages/react)

Updates `waku` from 1.0.0-beta.0 to 1.0.0-beta.4
- [Release notes](https://github.com/wakujs/waku/releases)
- [Changelog](https://github.com/wakujs/waku/blob/main/CHANGELOG.md)
- [Commits](https://github.com/wakujs/waku/commits/v1.0.0-beta.4/packages/waku)

Updates `webauthx` from 0.1.1 to 0.1.2
- [Release notes](https://github.com/wevm/webauthx/releases)
- [Changelog](https://github.com/wevm/webauthx/blob/main/CHANGELOG.md)
- [Commits](https://github.com/wevm/webauthx/compare/webauthx@0.1.1...webauthx@0.1.2)

Updates `zod` from 4.3.6 to 4.4.3
- [Release notes](https://github.com/colinhacks/zod/releases)
- [Commits](colinhacks/zod@v4.3.6...v4.4.3)

---
updated-dependencies:
- dependency-name: "@iconify-json/lucide"
  dependency-version: 1.2.114
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: "@iconify-json/simple-icons"
  dependency-version: 1.2.87
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: "@shikijs/rehype"
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production
- dependency-name: "@takumi-rs/image-response"
  dependency-version: 1.8.7
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production
- dependency-name: "@takumi-rs/wasm"
  dependency-version: 1.8.7
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production
- dependency-name: "@tanstack/react-query"
  dependency-version: 5.101.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: "@vercel/analytics"
  dependency-version: 2.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production
- dependency-name: "@vercel/speed-insights"
  dependency-version: 2.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production
- dependency-name: "@wagmi/core"
  dependency-version: 3.5.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: abitype
  dependency-version: 1.2.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: accounts
  dependency-version: 0.14.11
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: hono
  dependency-version: 4.12.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: ox
  dependency-version: 0.14.29
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: posthog-js
  dependency-version: 1.393.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: posthog-node
  dependency-version: 5.38.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: react
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: react-server-dom-webpack
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: shiki
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production
- dependency-name: sql-formatter
  dependency-version: 15.8.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: tailwind-merge
  dependency-version: 3.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: tailwindcss
  dependency-version: 4.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: wagmi
  dependency-version: 3.6.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: waku
  dependency-version: 1.0.0-beta.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: webauthx
  dependency-version: 0.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: zod
  dependency-version: 4.4.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/production-d8ea7c072b branch from 315846d to f6c8c73 Compare July 2, 2026 06:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants