Skip to content

Comments

Bump the prod-deps group across 1 directory with 17 updates#290

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/prod-deps-afa5603734
Closed

Bump the prod-deps group across 1 directory with 17 updates#290
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/prod-deps-afa5603734

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 5, 2025
edited
Loading

Bumps the prod-deps group with 17 updates in the / directory:

Package From To
@auth0/nextjs-auth0 3.7.0 4.5.1
@mui/material 6.4.8 7.0.2
@neondatabase/serverless 0.10.4 1.0.0
@next/mdx 15.1.6 15.3.1
@tanstack/react-table 8.21.2 8.21.3
@tanstack/table-core 8.21.2 8.21.3
dotenv 16.4.7 16.5.0
drizzle-orm 0.39.3 0.43.1
next 15.2.4 15.3.1
nodemailer 6.10.0 7.0.2
react 19.0.0 19.1.0
@types/react 19.0.10 19.1.2
react-dom 19.0.0 19.1.0
@types/react-dom 19.0.4 19.1.3
react-hotkeys-hook 4.6.1 5.0.1
react-markdown 9.1.0 10.1.0
ws 8.18.1 8.18.2

Updates @auth0/nextjs-auth0 from 3.7.0 to 4.5.1

Release notes

Sourced from @​auth0/nextjs-auth0's releases.

v4.5.1

Security

v4.5.0

Added

Changed

Fixed

v4.4.2

Revert

Fixed

v4.4.1

Fixed

v4.4.0

Added

Fixed

v4.3.0

Added

... (truncated)

Changelog

Sourced from @​auth0/nextjs-auth0's changelog.

v4.5.1 (2025-04-29)

Full Changelog

Security

v4.5.0 (2025-04-25)

Full Changelog

Added

Changed

Fixed

v4.4.2 (2025-04-08)

Full Changelog

Revert

Fixed

v4.4.1 (2025-04-03)

Full Changelog

Fixed

v4.4.0 (2025-04-01)

Full Changelog

Added

Fixed

... (truncated)

Commits
  • c44432c Release v4.5.1 (#2072)
  • a4f061a fix: Ensure JWE expires as expected (#2040)
  • 6bc280a Release v4.5.0 (#2069)
  • 14ec845 Update tests for getAccessToken refresh flow (#2068)
  • f1eb46d Extensive Cookie Configuration (#2059)
  • 6dec246 Merge branch 'main' into feature/cookieEnvConfig
  • da33ec8 Allow refresh: true in getAccessToken() (#2055)
  • fb384ba Merge branch 'main' into feature/cookieEnvConfig
  • 950edb9 Merge branch 'main' into feature/forceRefresh-getAccessToken
  • 28f7a05 updated tests, added integration test for force refresh getAccessToken
  • Additional commits viewable in compare view

Updates @mui/material from 6.4.8 to 7.0.2

Release notes

Sourced from @​mui/material's releases.

v7.0.2

Apr 9, 2025

A big thanks to the 12 contributors who made this release possible.

@mui/material@7.0.2

@mui/material-nextjs@7.0.2

@mui/styled-engine@7.0.2

  • Added caching to StyledEngineProvider to improve performance for running tests with Jest (#45846) @​siriwatknp

Core

Docs

... (truncated)

Changelog

Sourced from @​mui/material's changelog.

7.0.2

Apr 9, 2025

A big thanks to the 12 contributors who made this release possible.

@mui/material@7.0.2

@mui/material-nextjs@7.0.2

@mui/styled-engine@7.0.2

  • Added caching to StyledEngineProvider to improve performance for running tests with Jest (#45846) @​siriwatknp

Core

Docs

... (truncated)

Commits

Updates @neondatabase/serverless from 0.10.4 to 1.0.0

Changelog

Sourced from @​neondatabase/serverless's changelog.

1.0.0 (2025-03-25)

Breaking change: the HTTP query template function can now only be called as a template function, not as a conventional function. This improves safety from accidental SQL-injection vulnerabilities. For example:

import { neon } from '@neondatabase/serverless';
const sql = neon(process.env.DATABASE_URL);
const id = 1;
// this is safe and convenient, as before
const result = await sqlSELECT * FROM table WHERE id = ${id};
// this looks very similar and was previously allowed, but was open to SQL
// injection attacks because it uses ordinary string interpolation -- it's now
// both a TypeScript type error and a runtime error
const throws = await sql(SELECT * FROM table WHERE id = ${id});

To fill the gap left by this change, the template function has two new properties: a query() function that allows manually parameterized queries, and an unsafe() function that lets you interpolate trusted arbitrary string values. For example:

// this was previously allowed, and was safe, but is now also an error so as to
// prevent the vulnerability seen above
const throws = await sql('SELECT * FROM table WHERE id = $1', [id]);
// the query() function is the new way to manually specify placeholders and
// values (the same way it's done by client.query() and pool.query())
const result = await sql.query('SELECT * FROM table WHERE id = $1', [id]);
// to interpolate strings like column or table names, only if you know
// they're safe, use the unsafe() function
const table = condition ? 'table1' : 'table2'; // known-safe string values
const result = await sqlSELECT * FROM ${sql.unsafe(table)} WHERE id = ${id};
// but in the above case, you might prefer to do this instead
const table = condition ? sqltable1 : sqltable2;
const result = await sqlSELECT * FROM ${table} WHERE id = ${id};

In addition, HTTP template queries are now fully composable, including those with parameters. For example:

const name = 'Olivia';
const limit = 1;
const whereClause = sql`WHERE name = ${name}`;
const limitClause = sql`LIMIT ${limit}`;
// compilation to raw SQL now happens lazily, at query time, so that parameter
// placeholders can be numbered appropriately
const result = await sqlSELECT * FROM table ${whereClause} ${limitClause};
</tr></table>

... (truncated)

Commits

Updates @next/mdx from 15.1.6 to 15.3.1

Release notes

Sourced from @​next/mdx's releases.

v15.3.1

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • chore: Backport SWC-based RC optimization (#78260)
  • fix: bump image-size@1.2.1 (#78164)

Credits

Huge thanks to @​kdy1 and @​styfle for helping!

v15.3.1-canary.15

Core Changes

  • [Turbopack] refactor persistent caching from log based to cow approach: #76234

Misc Changes

  • fix(turbo-tasks-fs): Handle filesystem watcher rescan events: #78045

Credits

Huge thanks to @​bgw and @​sokra for helping!

v15.3.1-canary.14

Core Changes

  • Add graceful error boundary for bots requests: #78298
  • make sure eslint-plugin-next is built when running 'pnpm dev': #78305
  • Migrate pages API routes to handler interface: #78166
  • Update middleware public/static matching: #78325
  • Fix dynamic route param encoding: #78326

Misc Changes

  • fix(turbopack): Fix duplicate modules when tree shaking: true: #78203
  • test: try to fix flakiness in amphtml util: #78304
  • remove BrowserInterface: #78308

Credits

Huge thanks to @​kdy1, @​huozhi, @​lubieowoce, and @​ijjk for helping!

v15.3.1-canary.13

Core Changes

  • @next/mdx: Use stable turbopack config options: #78261

... (truncated)

Commits

Updates @tanstack/react-table from 8.21.2 to 8.21.3

Release notes

Sourced from @​tanstack/react-table's releases.

v8.21.3

Version 8.21.3 - 4/14/25, 8:19 PM

Changes

Fix

  • table-core: use right Document instance on getResizeHandler (column-sizing feature) (#5989) (54ce673) by @​riccardoperra

Docs

Packages

  • @​tanstack/table-core@​8.21.3
  • @​tanstack/angular-table@​8.21.3
  • @​tanstack/lit-table@​8.21.3
  • @​tanstack/qwik-table@​8.21.3
  • @​tanstack/react-table@​8.21.3
  • @​tanstack/solid-table@​8.21.3
  • @​tanstack/svelte-table@​8.21.3
  • @​tanstack/vue-table@​8.21.3
  • @​tanstack/react-table-devtools@​8.21.3
Commits

Updates @tanstack/table-core from 8.21.2 to 8.21.3

Release notes

Sourced from @​tanstack/table-core's releases.

v8.21.3

Version 8.21.3 - 4/14/25, 8:19 PM

Changes

Fix

  • table-core: use right Document instance on getResizeHandler (column-sizing feature) (#5989) (54ce673) by @​riccardoperra

Docs

Packages

  • @​tanstack/table-core@​8.21.3
  • @​tanstack/angular-table@​8.21.3
  • @​tanstack/lit-table@​8.21.3
  • @​tanstack/qwik-table@​8.21.3
  • @​tanstack/react-table@​8.21.3
  • @​tanstack/solid-table@​8.21.3
  • @​tanstack/svelte-table@​8.21.3
  • @​tanstack/vue-table@​8.21.3
  • @​tanstack/react-table-devtools@​8.21.3
Commits
  • f4dc742 release: v8.21.3
  • 54ce673 fix(table-core): use right Document instance on getResizeHandler (column-sizi...
  • See full diff in compare view

Updates dotenv from 16.4.7 to 16.5.0

Changelog

Sourced from dotenv's changelog.

16.5.0 (2025-04-07)

Added

  • 🎉 Added new sponsor Graphite - the AI developer productivity platform helping teams on GitHub ship higher quality software, faster.

[!TIP] Become a sponsor

The dotenvx README is viewed thousands of times DAILY on GitHub and NPM. Sponsoring dotenv is a great way to get in front of developers and give back to the developer community at the same time.

Changed

  • Remove _log method. Use _debug #862
Commits

Updates drizzle-orm from 0.39.3 to 0.43.1

Release notes

Sourced from drizzle-orm's releases.

0.43.1

Fixes

0.43.0

Features

  • Added cross join (#1414)
  • Added lateral left, inner, cross joins to PostgreSQL, MySQL, Gel, SingleStore
  • Added drizzle connection attributes to SingleStore's driver instances

Fixes

  • Removed unsupported by dialect full join from MySQL select api
  • Forced Gel columns to always have explicit schema & table prefixes due to potential errors caused by lack of such prefix in subquery's selection when there's already a column bearing same name in context
  • Added missing export for PgTextBuilderInitial type
  • Removed outdated IfNotImported type check from SingleStore driver initializer
  • Fixed incorrect type inferrence for insert and update models with non-strict tsconfigs (#2654)
  • Fixed invalid spelling of nowait flag (#3554)
  • Add join lateral support
  • Remove .fullJoin() from MySQL API

0.42.0

Features

Duplicate imports removal

When importing from drizzle-orm using custom loaders, you may encounter issues such as: SyntaxError: The requested module 'drizzle-orm' does not provide an export named 'eq'

This issue arose because there were duplicated exports in drizzle-orm. To address this, we added a set of tests that checks every file in drizzle-orm to ensure all exports are valid. These tests will fail if any new duplicated exports appear.

In this release, we’ve removed all duplicated exports, so you should no longer encounter this issue.

pgEnum and mysqlEnum now can accept both strings and TS enums

If you provide a TypeScript enum, all your types will be inferred as that enum - so you can insert and retrieve enum values directly. If you provide a string union, it will work as before.

enum Test {
  a = 'a',
  b = 'b',
  c = 'c',
}
const tableWithTsEnums = mysqlTable('enums_test_case', {
id: serial().primaryKey(),
enum1: mysqlEnum(Test).notNull(),
enum2: mysqlEnum(Test).default(Test.a),
});
</tr></table>

... (truncated)

Commits

Updates next from 15.2.4 to 15.3.1

Release notes

Sourced from next's releases.

v15.3.1

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • chore: Backport SWC-based RC optimization (#78260)
  • fix: bump image-size@1.2.1 (#78164)

Credits

Huge thanks to @​kdy1 and @​styfle for helping!

v15.3.1-canary.15

Core Changes

  • [Turbopack] refactor persistent caching from log based to cow approach: #76234

Misc Changes

  • fix(turbo-tasks-fs): Handle filesystem watcher rescan events: #78045

Credits

Huge thanks to @​bgw and @​sokra for helping!

v15.3.1-canary.14

Core Changes

  • Add graceful error boundary for bots requests: #78298
  • make sure eslint-plugin-next is built when running 'pnpm dev': #78305
  • Migrate pages API routes to handler interface: #78166
  • Update middleware public/static matching: #78325
  • Fix dynamic route param encoding: #78326

Misc Changes

  • fix(turbopack): Fix duplicate modules when tree shaking: true: #78203
  • test: try to fix flakiness in amphtml util: #78304
  • remove BrowserInterface: #78308

Credits

Huge thanks to @​kdy1, @​huozhi, @​lubieowoce, and @​ijjk for helping!

v15.3.1-canary.13

Core Changes

  • @next/mdx: Use stable turbopack config options: #78261

... (truncated)

Commits

Updates nodemailer from 6.10.0 to 7.0.2

Release notes

Sourced from nodemailer's releases.

v7.0.2

7.0.2 (2025-05-04)

Bug Fixes

  • ses: Fixed structured from header (faa9a5e)

v7.0.1

7.0.1 (2025-05-04)

Bug Fixes

  • ses: Use formatted FromEmailAddress for SES emails (821cd09)

v7.0.0

7.0.0 (2025-05-03)

⚠ BREAKING CHANGES

  • SESv2 SDK support, removed older SES SDK v2 and v3 , removed SES rate limiting and idling features

See SES Transport Docs for updated usage details

Features

  • SESv2 SDK support, removed older SES SDK v2 and v3 , removed SES rate limiting and idling features (15db667)

v6.10.1

6.10.1 (2025-02-06)

Bug Fixes

Changelog

Sourced from nodemailer's changelog.

7.0.2 (2025-05-04)

Bug Fixes

  • ses: Fixed structured from header (faa9a5e)

7.0.1 (2025-05-04)

Bug Fixes

  • ses: Use formatted FromEmailAddress for SES emails (821cd09)

7.0.0 (2025-05-03)

⚠ BREAKING CHANGES

  • SESv2 SDK support, removed older SES SDK v2 and v3 , removed SES rate limiting and idling features

Features

  • SESv2 SDK support, removed older SES SDK v2 and v3 , removed SES rate limiting and idling features (15db667)

6.10.1 (2025-02-06)

Bug Fixes

Commits
  • 12b792f chore(master): release 7.0.2 [skip-ci] (#1733)
  • 7c0ea74 Merge branch 'master' of github.com:nodemailer/nodemailer
  • faa9a5e fix(ses): Fixed structured from header
  • 94c4874 chore(master): release 7.0.1 [skip-ci] (#1732)
  • cf25278 Merge branch 'master' of github.com:nodemailer/nodemailer
  • 821cd09 fix(ses): Use formatted FromEmailAddress for SES emails
  • 4839630 chore(master): release 7.0.0 [skip-ci] (#1730)
  • 2e25b4c readme: add syntax highlighting to code examples (#1725)
  • a981f67 Merge branch 'master' of github.com:nodemailer/nodemailer
  • 15db667 feat!: SESv2 SDK support, removed older SES SDK v2 and v3 , removed SES rate ...
  • Additional commits viewable in compare view

Updates react from 19.0.0 to 19.1.0

Release notes

Sourced from react's releases.

19.1.0 (March 28, 2025)

Owner Stack

An Owner Stack is a string representing the components that are directly responsibl...

Description has been truncated

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 5, 2025
@vercel
Copy link

vercel bot commented May 5, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
svw-web-app ❌ Failed (Inspect) May 28, 2025 8:15am

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/prod-deps-afa5603734 branch from 6898674 to 68eb99d Compare May 19, 2025 13:20
@dependabot
Bump the prod-deps group across 1 directory with 17 updates
2f1b843 
Bumps the prod-deps group with 17 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@auth0/nextjs-auth0](https://github.com/auth0/nextjs-auth0) | `3.7.0` | `4.5.1` |
| [@mui/material](https://github.com/mui/material-ui/tree/HEAD/packages/mui-material) | `6.4.8` | `7.0.2` |
| [@neondatabase/serverless](https://github.com/neondatabase/serverless) | `0.10.4` | `1.0.0` |
| [@next/mdx](https://github.com/vercel/next.js/tree/HEAD/packages/next-mdx) | `15.1.6` | `15.3.1` |
| [@tanstack/react-table](https://github.com/TanStack/table/tree/HEAD/packages/react-table) | `8.21.2` | `8.21.3` |
| [@tanstack/table-core](https://github.com/TanStack/table/tree/HEAD/packages/table-core) | `8.21.2` | `8.21.3` |
| [dotenv](https://github.com/motdotla/dotenv) | `16.4.7` | `16.5.0` |
| [drizzle-orm](https://github.com/drizzle-team/drizzle-orm) | `0.39.3` | `0.43.1` |
| [next](https://github.com/vercel/next.js) | `15.2.4` | `15.3.1` |
| [nodemailer](https://github.com/nodemailer/nodemailer) | `6.10.0` | `7.0.2` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.0.0` | `19.1.0` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.0.10` | `19.1.2` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.0.0` | `19.1.0` |
| [@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom) | `19.0.4` | `19.1.3` |
| [react-hotkeys-hook](https://github.com/JohannesKlauss/react-keymap-hook) | `4.6.1` | `5.0.1` |
| [react-markdown](https://github.com/remarkjs/react-markdown) | `9.1.0` | `10.1.0` |
| [ws](https://github.com/websockets/ws) | `8.18.1` | `8.18.2` |



Updates `@auth0/nextjs-auth0` from 3.7.0 to 4.5.1
- [Release notes](https://github.com/auth0/nextjs-auth0/releases)
- [Changelog](https://github.com/auth0/nextjs-auth0/blob/main/CHANGELOG.md)
- [Commits](auth0/nextjs-auth0@v3.7.0...v4.5.1)

Updates `@mui/material` from 6.4.8 to 7.0.2
- [Release notes](https://github.com/mui/material-ui/releases)
- [Changelog](https://github.com/mui/material-ui/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mui/material-ui/commits/v7.0.2/packages/mui-material)

Updates `@neondatabase/serverless` from 0.10.4 to 1.0.0
- [Changelog](https://github.com/neondatabase/serverless/blob/main/CHANGELOG.md)
- [Commits](https://github.com/neondatabase/serverless/commits/v1.0.0)

Updates `@next/mdx` from 15.1.6 to 15.3.1
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/commits/v15.3.1/packages/next-mdx)

Updates `@tanstack/react-table` from 8.21.2 to 8.21.3
- [Release notes](https://github.com/TanStack/table/releases)
- [Commits](https://github.com/TanStack/table/commits/v8.21.3/packages/react-table)

Updates `@tanstack/table-core` from 8.21.2 to 8.21.3
- [Release notes](https://github.com/TanStack/table/releases)
- [Commits](https://github.com/TanStack/table/commits/v8.21.3/packages/table-core)

Updates `dotenv` from 16.4.7 to 16.5.0
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v16.4.7...v16.5.0)

Updates `drizzle-orm` from 0.39.3 to 0.43.1
- [Release notes](https://github.com/drizzle-team/drizzle-orm/releases)
- [Commits](drizzle-team/drizzle-orm@0.39.3...0.43.1)

Updates `next` from 15.2.4 to 15.3.1
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v15.2.4...v15.3.1)

Updates `nodemailer` from 6.10.0 to 7.0.2
- [Release notes](https://github.com/nodemailer/nodemailer/releases)
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md)
- [Commits](nodemailer/nodemailer@v6.10.0...v7.0.2)

Updates `react` from 19.0.0 to 19.1.0
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.1.0/packages/react)

Updates `@types/react` from 19.0.10 to 19.1.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `react-dom` from 19.0.0 to 19.1.0
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.1.0/packages/react-dom)

Updates `@types/react-dom` from 19.0.4 to 19.1.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom)

Updates `react-hotkeys-hook` from 4.6.1 to 5.0.1
- [Release notes](https://github.com/JohannesKlauss/react-keymap-hook/releases)
- [Changelog](https://github.com/JohannesKlauss/react-hotkeys-hook/blob/main/CHANGELOG.md)
- [Commits](https://github.com/JohannesKlauss/react-keymap-hook/commits)

Updates `react-markdown` from 9.1.0 to 10.1.0
- [Release notes](https://github.com/remarkjs/react-markdown/releases)
- [Changelog](https://github.com/remarkjs/react-markdown/blob/main/changelog.md)
- [Commits](remarkjs/react-markdown@9.1.0...10.1.0)

Updates `ws` from 8.18.1 to 8.18.2
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@8.18.1...8.18.2)

---
updated-dependencies:
- dependency-name: "@auth0/nextjs-auth0"
  dependency-version: 4.5.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-deps
- dependency-name: "@mui/material"
  dependency-version: 7.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-deps
- dependency-name: "@neondatabase/serverless"
  dependency-version: 1.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-deps
- dependency-name: "@next/mdx"
  dependency-version: 15.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps
- dependency-name: "@tanstack/react-table"
  dependency-version: 8.21.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: "@tanstack/table-core"
  dependency-version: 8.21.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: dotenv
  dependency-version: 16.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps
- dependency-name: drizzle-orm
  dependency-version: 0.43.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps
- dependency-name: next
  dependency-version: 15.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps
- dependency-name: nodemailer
  dependency-version: 7.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-deps
- dependency-name: react
  dependency-version: 19.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps
- dependency-name: "@types/react"
  dependency-version: 19.1.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: prod-deps
- dependency-name: react-dom
  dependency-version: 19.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps
- dependency-name: "@types/react-dom"
  dependency-version: 19.1.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: prod-deps
- dependency-name: react-hotkeys-hook
  dependency-version: 5.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-deps
- dependency-name: react-markdown
  dependency-version: 10.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-deps
- dependency-name: ws
  dependency-version: 8.18.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/prod-deps-afa5603734 branch from 68eb99d to 2f1b843 Compare May 28, 2025 08:13
@theMattCode theMattCode requested a review from Copilot May 28, 2025 08:17
Copilot AI reviewed May 28, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Bumps several production dependencies to their latest patch/minor versions to keep them up to date.

  • Upgrades core libraries (Next.js, React, MUI, Auth0, Drizzle, Neon)
  • Updates utility deps (dotenv, nodemailer, tanstack, markdown, websockets)
  • Aligns dev overrides in pnpm for @types/react and @types/react-dom

package.json
},
"dependencies": {
"@auth0/nextjs-auth0": "^3.6.0",
"@auth0/nextjs-auth0": "^4.6.0",
Copy link

Copilot AI May 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The bump to ^4.6.0 does not match the PR metadata which targets 4.5.1; please verify the intended version.

Suggested change
"@auth0/nextjs-auth0": "^4.6.0",
"@auth0/nextjs-auth0": "4.5.1",

Copilot uses AI. Check for mistakes.
package.json
"@next/mdx": "15.1.6",
"@tanstack/react-table": "^8.20.6",
"@tanstack/table-core": "^8.20.5",
"@mui/material": "^7.1.0",
Copy link

Copilot AI May 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This update to ^7.1.0 diverges from the documented target of 7.0.2 in the PR description; please confirm the correct MUI version.

Suggested change
"@mui/material": "^7.1.0",
"@mui/material": "7.0.2",

Copilot uses AI. Check for mistakes.
package.json
"@tanstack/table-core": "^8.20.5",
"@mui/material": "^7.1.0",
"@neondatabase/serverless": "^1.0.0",
"@next/mdx": "15.3.2",
Copy link

Copilot AI May 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The version 15.3.2 here differs from the 15.3.1 version listed in the PR metadata; please align them.

Suggested change
"@next/mdx": "15.3.2",
"@next/mdx": "15.3.1",

Copilot uses AI. Check for mistakes.
package.json
"gray-matter": "^4.0.3",
"lodash": "^4.17.21",
"next": "15.2.4",
"next": "15.3.2",
Copy link

Copilot AI May 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This bump to Next.js 15.3.2 conflicts with the 15.3.1 noted in the PR description; please verify the intended release.

Suggested change
"next": "15.3.2",
"next": "15.3.1",

Copilot uses AI. Check for mistakes.
package.json
"node-fetch": "2.7.0",
"nodemailer": "^6.10.0",
"react": "19.0.0",
"nodemailer": "^7.0.3",
Copy link

Copilot AI May 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The upgrade to ^7.0.3 doesn’t match the PR’s stated target of 7.0.2; please confirm which version should be applied.

Suggested change
"nodemailer": "^7.0.3",
"nodemailer": "7.0.2",

Copilot uses AI. Check for mistakes.
package.json
"react-dom": "19.0.0",
"react-hotkeys-hook": "^4.6.1",
"react-dom": "19.1.0",
"react-hotkeys-hook": "^5.1.0",
Copy link

Copilot AI May 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The version was bumped to ^5.1.0 but PR metadata refers to 5.0.1; please ensure the correct hook version is used.

Copilot uses AI. Check for mistakes.
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jun 2, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jun 2, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/prod-deps-afa5603734 branch June 2, 2025 13:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants