chore(deps): bump the lab-third-parties group across 1 directory with 9 updates

[dependabot]

Bumps the lab-third-parties group with 9 updates in the /apps/laboratory directory:

Package	From	To
@chakra-ui/react	2.10.7	2.10.9
@sentry/browser	7.120.3	7.120.4
@sentry/react	7.120.3	7.120.4
@tanstack/react-query	5.75.5	5.90.6
bitcoinjs-lib	7.0.0-rc.0	7.0.0
next	15.6.0-canary.29	15.6.0-canary.57
next-auth	5.0.0-beta.29	5.0.0-beta.30
rpc-websockets	7.11.0	7.11.2
webauthn-p256	0.0.2	0.0.10

Updates @chakra-ui/react from 2.10.7 to 2.10.9

Commits

• See full diff in compare view

Updates @sentry/browser from 7.120.3 to 7.120.4

Release notes

Sourced from @​sentry/browser's releases.

7.120.4

• fix(v7/cdn): Stop using Object.assign to be ES5 compatible (#17080)

7.120.4-alpha.1

No user-facing changes, only internal changes.

Changelog

Sourced from @​sentry/browser's changelog.

7.120.4

• fix(v7/cdn): Stop using Object.assign to be ES5 compatible (#17080)

7.120.4-alpha.1

No user-facing changes, only internal changes.

7.120.4-alpha.0

• fix(v7/cdn): Stop using Object.assign to be ES5 compatible (#17080)

Commits

• 0469cab release: 7.120.4
• 0077b5b meta(changelog): Update changelog for 7.120.4 (#17210)
• 125d870 Merge branch 'release/7.120.4-alpha.1' into v7
• a55701f release: 7.120.4-alpha.1
• a42e7e7 meta(changelog): Update changelog for 7.120.4-alpha.1 (#17205)
• 347da0a ci(v7/craft): Remove commit-on-git-repository for deno (#17201)
• 9412e75 test(v7/metrics): Delete metrics test (#17202)
• 1852e61 meta(changelog): Update changelog for 7.120.4-alpha.0 (#17198)
• cb499a6 fix(v7/cdn): Stop using Object.assign to be ES5 compatible (#17080)
• bc8bbb6 ci(v7): Bump to ubuntu-24.04 (#17083)
• Additional commits viewable in compare view

Updates @sentry/react from 7.120.3 to 7.120.4

Release notes

Sourced from @​sentry/react's releases.

7.120.4

• fix(v7/cdn): Stop using Object.assign to be ES5 compatible (#17080)

7.120.4-alpha.1

No user-facing changes, only internal changes.

Changelog

Sourced from @​sentry/react's changelog.

7.120.4

• fix(v7/cdn): Stop using Object.assign to be ES5 compatible (#17080)

7.120.4-alpha.1

No user-facing changes, only internal changes.

7.120.4-alpha.0

• fix(v7/cdn): Stop using Object.assign to be ES5 compatible (#17080)

Commits

• 0469cab release: 7.120.4
• 0077b5b meta(changelog): Update changelog for 7.120.4 (#17210)
• 125d870 Merge branch 'release/7.120.4-alpha.1' into v7
• a55701f release: 7.120.4-alpha.1
• a42e7e7 meta(changelog): Update changelog for 7.120.4-alpha.1 (#17205)
• 347da0a ci(v7/craft): Remove commit-on-git-repository for deno (#17201)
• 9412e75 test(v7/metrics): Delete metrics test (#17202)
• 1852e61 meta(changelog): Update changelog for 7.120.4-alpha.0 (#17198)
• cb499a6 fix(v7/cdn): Stop using Object.assign to be ES5 compatible (#17080)
• bc8bbb6 ci(v7): Bump to ubuntu-24.04 (#17083)
• Additional commits viewable in compare view

Updates @tanstack/react-query from 5.75.5 to 5.90.6

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-persist-client@​5.90.6

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.91.3
  • @​tanstack/react-query@​5.90.4

@​tanstack/react-query@​5.90.6

Patch Changes

• Updated dependencies [1638c02]:
  • @​tanstack/query-core@​5.90.6

@​tanstack/react-query-persist-client@​5.90.5

Patch Changes

• Updated dependencies [4e1c433]:
  • @​tanstack/react-query@​5.90.3
  • @​tanstack/query-persist-client-core@​5.91.2

@​tanstack/react-query@​5.90.5

Patch Changes

• Updated dependencies [e42ddfe]:
  • @​tanstack/query-core@​5.90.5

@​tanstack/react-query-persist-client@​5.90.4

Patch Changes

• Updated dependencies [846d53d]:
  • @​tanstack/query-persist-client-core@​5.91.1
  • @​tanstack/react-query@​5.90.2

@​tanstack/react-query@​5.90.4

Patch Changes

• Updated dependencies [20ef922]:
  • @​tanstack/query-core@​5.90.4

@​tanstack/react-query-persist-client@​5.90.3

Patch Changes

• Updated dependencies [5cd86c6]:
  • @​tanstack/query-persist-client-core@​5.91.0
  • @​tanstack/react-query@​5.90.2

@​tanstack/react-query@​5.90.3

Patch Changes

• Avoid unhandled promise rejection errors during de/rehydration of pending queries. (#9752)

... (truncated)

Changelog

Sourced from @​tanstack/react-query's changelog.

5.90.6

Patch Changes

• Updated dependencies [1638c02]:
  • @​tanstack/query-core@​5.90.6

5.90.5

Patch Changes

• Updated dependencies [e42ddfe]:
  • @​tanstack/query-core@​5.90.5

5.90.4

Patch Changes

• Updated dependencies [20ef922]:
  • @​tanstack/query-core@​5.90.4

5.90.3

Patch Changes

• Avoid unhandled promise rejection errors during de/rehydration of pending queries. (#9752)

• Updated dependencies [4e1c433]:

  • @​tanstack/query-core@​5.90.3

Commits

• c23b4a0 ci: Version Packages (#9834)
• ecdf962 ci: Version Packages (#9773)
• e42ddfe fix(core): observing "promise" needs to implicitly observe "data" (#9772)
• cfc755c ci: Version Packages (#9770)
• 36ece87 ci: Version Packages (#9753)
• 4e1c433 fix(hydration): fix unhandled promise rejections (#9752)
• f4a0cd5 chore: update eslint-plugin-react-hooks (#9737)
• a242f98 Revert "chore(deps): update all non-major dependencies" (#9715)
• 571bc18 chore(deps): update all non-major dependencies (#9712)
• 0eaafe0 release: v5.90.2
• Additional commits viewable in compare view

Updates bitcoinjs-lib from 7.0.0-rc.0 to 7.0.0

Commits

• 18b1c22 7.0.0
• 7a02f18 Bump bip174 version to v3
• 9e08cb5 Merge pull request #2221 from yihanga/fix-deploy-doc
• 2b8c510 Merge pull request #2236 from gap-editor/master
• a72dd31 Update README.md
• 248789d Merge pull request #2233 from bitcoinjs/rm-logo
• 5d86970 Remove kawaii logo
• cbca9f7 Merge pull request #2225 from borzaka/patch-1
• a994499 fix(docs): correct package name for tiny-secp256k1-asmjs alternative
• 56f5df2 upgrade deploy-pages to v4
• Additional commits viewable in compare view

Updates next from 15.6.0-canary.29 to 15.6.0-canary.57

Release notes

Sourced from next's releases.

v15.6.0-canary.57

Core Changes

• Fix tags check for expired/stale: #84717
• tweak middlewareClientMaxBodySize handling: #84712

Misc Changes

• Fix typo on welcome page: #84715

Credits

Huge thanks to @​samselikoff, @​ijjk, and @​ztanner for helping!

v15.6.0-canary.56

Core Changes

• misc: allow beta to be triggered: #84713

Credits

Huge thanks to @​feedthejim for helping!

v15.6.0-canary.55

Core Changes

• breaking(next/image)!: remove 16px from default images.imageSizes config: #84647
• add Statsig Node Core package to Server External Packages: #84157
• Remove bailed out SSG routes from the list of SSG: #83861
• Revert "[Breaking] Skip Next.js internal routes /_next in middleware": #84697
• Bump eslint-plugin-react-hooks to v7: #84669
• Add refresh API to next/cache: #84666
• [Breaking] Require images.localPatterns for query in Image src: #84406
• [Breaking] feat(next/image)!: add support for images.dangerouslyAllowLocalIP and images.maximumRedirects: #84676
• Add new updateTag API and new signature for revalidateTag: #83822
• Add validation for missing default.js in parallel routes: #84702

Misc Changes

• Add note about $ACTION_ properties, remove reference to .entries(): #84459

Credits

Huge thanks to @​styfle, @​brock-statsig, @​devjiwonchoi, @​karlhorky, @​ijjk, @​ztanner, and @​wyattjoh for helping!

v15.6.0-canary.54

Core Changes

• [middleware]: add upper bound to cloneBodyStream: #84539
• Remove automatic linting from build: #83136

... (truncated)

Commits

• 73a4d08 v15.6.0-canary.57
• b2ce9dd tweak middlewareClientMaxBodySize handling (#84712)
• 7e325d9 Fix tags check for expired/stale (#84717)
• 36357eb Fix typo on welcome page (#84715)
• e2713a4 v15.6.0-canary.56
• 5c8fdbe misc: allow beta to be triggered (#84713)
• 8d475c5 v15.6.0-canary.55
• 3630146 Add validation for missing default.js in parallel routes (#84702)
• e598a4f Add new updateTag API and new signature for revalidateTag (#83822)
• 8d41585 [Breaking] feat(next/image)!: add support for `images.dangerouslyAllowLocalIP...
• Additional commits viewable in compare view

Updates next-auth from 5.0.0-beta.29 to 5.0.0-beta.30

Commits

• b4ef14a chore(release): bump version [skip ci]
• 2824fa1 feat: add next 16 support (#13298)
• 8f3b2c7 fix: security issue from nodemailer (#13305)
• 240e343 docs: update the Prisma ORM page to use Prisma Postgres (#13299)
• 0bcd32d chore(drizzle): migrate sqliteTable to array API (#13280)
• 90188fa ci: enable merge queue (#13288)
• 8d02b3d docs: remove carbon developer ads widget from docs sidebar (#13286)
• c8cd9b1 chore: remove unused script (#13279)
• 3a7c669 docs: update links for Credentials-based Authentication (#13258)
• e9e2b50 chore(release): bump package version(s) [skip ci]
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by himself_65, a new releaser for next-auth since your current version.

Updates rpc-websockets from 7.11.0 to 7.11.2

Commits

• See full diff in compare view

Updates webauthn-p256 from 0.0.2 to 0.0.10

Commits

• b034904 chore: version packages (#23)
• 54bd0dc chore: changeset
• 6dcfca9 chore: format
• 6f07991 feat: adds raw credential to return of sign function (#22)
• b54286c chore: format
• d5352d0 chore: version packages (#19)
• 11ee43e chore: changeset
• dadad7b chore: format
• c376c45 feat: add userVerifcation argument to sign function (#18)
• 89f24f2 chore: format
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: chore: update third party dependencies for AppKit Lab. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
appkit-basic-html	Error			Nov 5, 2025 2:50pm
appkit-demo	Error			Nov 5, 2025 2:50pm
appkit-gallery	Error			Nov 5, 2025 2:50pm
appkit-laboratory	Error		Comment	Nov 5, 2025 2:50pm

10 Skipped Deployments

Project	Deployment	Preview	Comments	Updated (UTC)
appkit-basic-example	Ignored			Nov 5, 2025 2:50pm
appkit-basic-sign-client-example	Ignored			Nov 5, 2025 2:50pm
appkit-basic-up-example	Ignored			Nov 5, 2025 2:50pm
appkit-ethers5-bera	Ignored			Nov 5, 2025 2:50pm
appkit-nansen-demo	Ignored			Nov 5, 2025 2:50pm
appkit-vue-solana	Ignored			Nov 5, 2025 2:50pm
appkit-wagmi-cdn-example	Ignored			Nov 5, 2025 2:50pm
ethereum-provider-wagmi-example	Ignored			Nov 5, 2025 2:50pm
next-wagmi-solana-bitcoin-example	Ignored			Nov 5, 2025 2:50pm
vue-wagmi-example	Ignored			Nov 5, 2025 2:50pm

[changeset-bot]

⚠️ No Changeset found

Latest commit: c214354

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[github-actions]

Visual Regression Test Results ❌ Failed

✨ No visual changes detected

Chromatic Build: URL not available
Storybook Preview: Not available

[enesozturk]

With the new Dependabot settings this will be merged along with all other deps.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml