Bump the prod-deps group across 1 directory with 20 updates

[dependabot]

Bumps the prod-deps group with 20 updates in the / directory:

Package	From	To
@auth0/nextjs-auth0	3.7.0	4.9.0
@emotion/styled	11.14.0	11.14.1
@fontsource/roboto	5.2.5	5.2.6
@mui/material	6.4.8	7.3.1
@neondatabase/serverless	0.10.4	1.0.1
@next/mdx	15.1.6	15.5.2
@tanstack/react-table	8.21.2	8.21.3
@tanstack/table-core	8.21.2	8.21.3
dotenv	16.4.7	17.2.1
drizzle-orm	0.39.3	0.44.5
next	15.2.4	15.5.2
nodemailer	6.10.0	7.0.6
@types/nodemailer	6.4.17	7.0.1
react	19.0.0	19.1.1
@types/react	19.0.10	19.1.12
react-dom	19.0.0	19.1.1
@types/react-dom	19.0.4	19.1.9
react-hotkeys-hook	4.6.1	5.1.0
react-markdown	9.1.0	10.1.0
ws	8.18.1	8.18.3

Updates @auth0/nextjs-auth0 from 3.7.0 to 4.9.0

Release notes

Sourced from @​auth0/nextjs-auth0's releases.

v4.9.0

Added

• feat: Allow configuring transaction cookie maxAge #2245 (tusharpandey13)
• feat: Add flag to control parallel transactions #2244 (tusharpandey13)
• feat: add support for withApiAuthRequired helper #2230 (guabu)
• feat: add withPageAuthRequired for server #2207 (guabu)

Fixed

• bugfix: respect path configuration when deleting cookies #2250 (tusharpandey13)
• bugfix: Clear cookies with the correct path when basePath is used #2232 (tusharpandey13)
• bugfix: Fix clientAssertionSigningKey type mismatch #2243 (tusharpandey13)
• fix: correctly handle expired JWE's in cookies #2082 (frederikprijck)

Security

• chore: pin eslint-config-prettier and eslint-plugin-prettier versions to prevent malicious package installation #2239 (tusharpandey13)

v4.8.0

Added

• feat: Add alternate logout strategy #2203 (tusharpandey13)
• feat: add withPageAuthRequired for protecting pages client side #2193 (guabu)

Fixed

• Use max-age=0 to delete cookie #2200 (guabu)
• feat: update id_token when a new Access Token is fetched #2189 (tusharpandey13)

v4.7.0

Added

• feat: support basePath configuration #2167 (guabu)

Fixed

• fix: typo in warning message #2169 (J-Amberg)
• fix: handle authorization code grant request errors #2175 (guabu)
• fix: Properly configure SDK to be distributed as ESM #2171 (frederikprijck)
• fix: consistently treat returnTo parameter as an absolute path #2185 (guabu)

Changed

• Export filterDefaultIdTokenClaims and update beforeSessionSaved docs #2119 (frederikprijck)
• return a 204 from the profile endpoint when unauthenticated (opt-in) #2159 (guabu)
• remove unnecessary error logs #2179 (guabu)
• Bump msw from 2.7.5 to 2.9.0 #2139 (dependabot)
• Bump msw from 2.9.0 to 2.10.2 #2153 (dependabot)
• Bump oauth4webapi from 3.5.1 to 3.5.2 #2154 (dependabot)
• Bump oauth4webapi from 3.5.2 to 3.5.3 #2177 (dependabot)

v4.6.1

Fixed

• Fixes CVE-2025-48947
• Fix Missing idToken during Session Migration from v3 to v4 #2116 #2120 (KentoMoriwaki)
• fix(session): prevent accidental deletion of legacy-named session cookie #2114 (nandan-bhat)

... (truncated)

Changelog

Sourced from @​auth0/nextjs-auth0's changelog.

v4.9.0 (2025-08-01)

Full Changelog

Added

• feat: Allow configuring transaction cookie maxAge #2245 (tusharpandey13)
• feat: Add flag to control parallel transactions #2244 (tusharpandey13)
• feat: add support for withApiAuthRequired helper #2230 (guabu)
• feat: add withPageAuthRequired for server #2207 (guabu)

Fixed

• bugfix: respect path configuration when deleting cookies #2250 (tusharpandey13)
• bugfix: Clear cookies with the correct path when basePath is used #2232 (tusharpandey13)
• bugfix: Fix clientAssertionSigningKey type mismatch #2243 (tusharpandey13)
• fix: correctly handle expired JWE's in cookies #2082 (frederikprijck)

Security

• chore: pin eslint-config-prettier and eslint-plugin-prettier versions to prevent malicious package installation #2239 (tusharpandey13)

v4.8.0 (2025-07-03)

Full Changelog

Added

• feat: Add alternate logout strategy #2203 (tusharpandey13)
• feat: add withPageAuthRequired for protecting pages client side #2193 (guabu)

Fixed

• Use max-age=0 to delete cookie #2200 (guabu)
• feat: update id_token when a new Access Token is fetched #2189 (tusharpandey13)

v4.7.0 (2025-06-20)

Full Changelog

Added

• feat: support basePath configuration #2167 (guabu)

Fixed

• fix: typo in warning message #2169 (J-Amberg)
• fix: handle authorization code grant request errors #2175 (guabu)
• fix: Properly configure SDK to be distributed as ESM #2171 (frederikprijck)
• fix: consistently treat returnTo parameter as an absolute path #2185 (guabu)

Changed

• Export filterDefaultIdTokenClaims and update beforeSessionSaved docs #2119 (frederikprijck)
• return a 204 from the profile endpoint when unauthenticated (opt-in) #2159 (guabu)
• remove unnecessary error logs #2179 (guabu)
• Bump msw from 2.7.5 to 2.9.0 #2139 (dependabot)
• Bump msw from 2.9.0 to 2.10.2 #2153 (dependabot)
• Bump oauth4webapi from 3.5.1 to 3.5.2 #2154 (dependabot)
• Bump oauth4webapi from 3.5.2 to 3.5.3 #2177 (dependabot)

... (truncated)

Commits

• 0e83495 Release v4.9.0 (#2251)
• 073d5ed bugfix: respect path configuration when deleting cookies (#2250)
• a36a2b6 feat: Allow configuring transaction cookie maxAge (#2245)
• 8bb3aa6 feat: Add flag to control parallel transactions (#2244)
• 2df00f2 bugfix: Clear cookies with the correct path when basePath is used (#2232)
• 2cfe390 bugfix: Fix clientAssertionSigningKey type mismatch (#2243)
• 533c4b7 chore: pin eslint-config-prettier and eslint-plugin-prettier versions to prev...
• 35257e4 feat: add support for withApiAuthRequired helper (#2230)
• dbcca6a chore: enforce linter in CI (#2235)
• 82df012 feature/add customize auth handlers docs (#2218)
• Additional commits viewable in compare view

Updates @emotion/styled from 11.14.0 to 11.14.1

Release notes

Sourced from @​emotion/styled's releases.

@​emotion/styled@​11.14.1

Patch Changes

• #3334 0facbe4 Thanks @​ZachRiegel! - Renamed default-exported variable in @emotion/styled to aid inferred import names in auto-import completions in IDEs

Commits

• 4922955 Version Packages (#3335)
• 0facbe4 Renamed default-exported variable in @emotion/styled to aid inferred import...
• cce67ec Bump parcel (#3258)
• See full diff in compare view

Updates @fontsource/roboto from 5.2.5 to 5.2.6

Commits

• See full diff in compare view

Updates @mui/material from 6.4.8 to 7.3.1

Release notes

Sourced from @​mui/material's releases.

v7.3.1

A big thanks to the 2 contributors who made this release possible.

@mui/[email protected]

• [PaginationItem] Fix inheritance of component (#46666) @​sai6855
• [Select] Revert - Implement pointer cancellation PR 45789 (#46672) @​ZeeshanTamboli

All contributors of this release in alphabetical order: @​sai6855, @​ZeeshanTamboli

v7.3.0

A big thanks to the 24 contributors who made this release possible. Here are some highlights ✨:

• 🚀 Shipped nativeColor feature that eliminates JS color manipulation and unlocks support for all modern color spaces (#43942) @​siriwatknp!

  To learn more, check out the Native Color guide.

@mui/[email protected]

• Support native color without JS manipulation (#43942) @​siriwatknp
• [Accordion] Add region slot (#46659) @​sai6855
• [SpeedDial] Fix navigation with arrow keys when slotProps.fab is defined (#46508) @​sai6855
• [Select] Improve MenuProps.slotProps implementation (#46612) @​ZeeshanTamboli
• [Select] Implement pointer cancellation (#45789) @​Kartik-Murthy
• [Switch] Add role="switch" (#46482) @​ZeeshanTamboli
• [Autocomplete] Fix auto highlight when options change but not the length (#46489) @​yafeng-c

@mui/[email protected]

• Fix v5.0.0/top-level-imports codemod changing color imports (#46405) @​AidanLDev

Docs

• Add JetBrains IDEs MCP configuration (#46470) @​bernardobelchior
• Add warning to array spacing section (#46542) @​cherniavskii
• Add MCP server installation details for Claude Code (#46621) @​saschabratton
• Fix incorrect command for MCP Inspector in mcp.md (#46630) @​EndiM
• Fix incorrect Typography override example for responsive styles (#46558) @​aditi291soni
• Improve MCP docs (#46557) @​siriwatknp
• Fix displaying of components in dark mode (#46544) @​sai6855
• Generate template entries about documented generics (#46540) @​LukasTy
• Use fixed dates for stable CRUD dashboard screenshots (#46546) @​apedroferreira
• Add "Edit in Mui Chat" button on demos (#46480) @​siriwatknp
• Fix Menu customization demo (#46535) @​siriwatknp
• Add dashboard with CRUD template based on Toolpad Core (#46376) @​apedroferreira
• Clarify createTheme warning for future compatibility (#46476) @​satendra03
• Remove typo in _redirects (#46463) @​bharatkashyap
• Change API docs to stay inside Material UI (#46414) @​bharatkashyap
• [Dialog] Fix Form dialog demo's actions button padding (#46506) @​frontman-git
• [SpeedDial] Remove deprecated props from demos (#46485) @​sai6855

... (truncated)

Changelog

Sourced from @​mui/material's changelog.

7.3.1

Aug 6, 2025

A big thanks to the 2 contributors who made this release possible.

@mui/[email protected]

• [PaginationItem] Fix inheritance of component (#46666) @​sai6855
• [Select] Revert - Implement pointer cancellation PR 45789 (#46672) @​ZeeshanTamboli

All contributors of this release in alphabetical order: @​sai6855, @​ZeeshanTamboli

7.3.0

Aug 5, 2025

A big thanks to the 24 contributors who made this release possible. Here are some highlights ✨:

• 🚀 Shipped nativeColor feature that eliminates JS color manipulation and unlocks support for all modern color spaces (#43942) @​siriwatknp!

  To learn more, check out the Native Color guide.

@mui/[email protected]

• Support native color without JS manipulation (#43942) @​siriwatknp
• [Accordion] Add region slot (#46659) @​sai6855
• [SpeedDial] Fix navigation with arrow keys when slotProps.fab is defined (#46508) @​sai6855
• [Select] Improve MenuProps.slotProps implementation (#46612) @​ZeeshanTamboli
• [Select] Implement pointer cancellation (#45789) @​Kartik-Murthy
• [Switch] Add role="switch" (#46482) @​ZeeshanTamboli
• [Autocomplete] Fix auto highlight when options change but not the length (#46489) @​yafeng-c

@mui/[email protected]

• Fix v5.0.0/top-level-imports codemod changing color imports (#46405) @​AidanLDev

Docs

• Add JetBrains IDEs MCP configuration (#46470) @​bernardobelchior
• Add warning to array spacing section (#46542) @​cherniavskii
• Add MCP server installation details for Claude Code (#46621) @​saschabratton
• Fix incorrect command for MCP Inspector in mcp.md (#46630) @​EndiM
• Fix incorrect Typography override example for responsive styles (#46558) @​aditi291soni
• Improve MCP docs (#46557) @​siriwatknp
• Fix displaying of components in dark mode (#46544) @​sai6855

... (truncated)

Commits

• 3592ec3 7.3.1 (#46674)
• dc5b996 [Select] Revert - Implement pointer cancellation PR 45789 (#46672)
• bd36604 [material-ui][PaginationItem] Fix inheritance of component (#46666)
• ad98e5e 7.3.0 (#46658)
• b995580 [material-ui][Accordion] Add region slot (#46659)
• 58440c9 Bump React (#46649)
• d590626 Bump @​testing-library/dom to ^10.4.1 (#46644)
• 472cc72 [Autocomplete] Fix auto highlight when options change but not the length (#46...
• 83bfdd7 [material-ui] Replace JS color manipulation with native color syntax (#43942)
• 5052446 [infra] Fix test_types_next, test_react_18, test_react_next jobs (#46182)
• Additional commits viewable in compare view

Updates @neondatabase/serverless from 0.10.4 to 1.0.1

Changelog

Sourced from @​neondatabase/serverless's changelog.

1.0.1 (2025-06-06)

The package now prints a security warning to the console when a connection is made in a web browser. This behaviour can be suppressed with a new configuration option: disableWarningInBrowsers. There are a few other very minor fixes.

1.0.0 (2025-03-25)

Breaking change: the HTTP query template function can now only be called as a template function, not as a conventional function. This improves safety from accidental SQL-injection vulnerabilities. For example:

import { neon } from '@neondatabase/serverless';
const sql = neon(process.env.DATABASE_URL);
const id = 1;
// this is safe and convenient, as before
const result = await sqlSELECT * FROM table WHERE id = ${id};
// this looks very similar and was previously allowed, but was open to SQL
// injection attacks because it uses ordinary string interpolation -- it's now
// both a TypeScript type error and a runtime error
const throws = await sql(SELECT * FROM table WHERE id = ${id});

To fill the gap left by this change, the template function has two new properties: a query() function that allows manually parameterized queries, and an unsafe() function that lets you interpolate trusted arbitrary string values. For example:

// this was previously allowed, and was safe, but is now also an error so as to
// prevent the vulnerability seen above
const throws = await sql('SELECT * FROM table WHERE id = $1', [id]);
// the query() function is the new way to manually specify placeholders and
// values (the same way it's done by client.query() and pool.query())
const result = await sql.query('SELECT * FROM table WHERE id = $1', [id]);
// to interpolate strings like column or table names, only if you know
// they're safe, use the unsafe() function
const table = condition ? 'table1' : 'table2'; // known-safe string values
const result = await sqlSELECT * FROM ${sql.unsafe(table)} WHERE id = ${id};
// but in the above case, you might prefer to do this instead
const table = condition ? sqltable1 : sqltable2;
const result = await sqlSELECT * FROM ${table} WHERE id = ${id};

In addition, HTTP template queries are now fully composable, including those with parameters. For example:

const name = 'Olivia';
const limit = 1;
const whereClause = sql`WHERE name = ${name}`;
const limitClause = sql`LIMIT ${limit}`;
</tr></table> 

... (truncated)

Commits

• See full diff in compare view

Updates @next/mdx from 15.1.6 to 15.5.2

Release notes

Sourced from @​next/mdx's releases.

v15.5.2

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix: disable unknownatrules lint rule entirely (#83059)
• revert: add ?dpl to fonts in /_next/static/media (#83062)

Credits

Huge thanks to @​bgub and @​ztanner for helping!

v15.5.1

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix: aliased navigations should apply scroll handling (#82900)
• Turbopack: fix invalid NFT entry with file behind symlink (#82887)
• fix: typesafe linking to route handlers and pages API routes (#82858)
• fix: change "noUnknownAtRules" to "warn" for Biome (#82974)
• fix: add path normalization to getRelativePath for Windows (#82918)
• feat: add typesafety with config.typedRoutes to redirect() and permanentRedirect() (#82860)
• fix: avoid importing types that will be unused (#82856)
• fix: update the config.api.responseLimit type (#82852)
• fix: update validation return types (#82854)

Credits

Huge thanks to @​bgub, @​mischnic, and @​ztanner for helping!

v15.5.1-canary.22

Misc Changes

• Turbopack: Redefine Background backend jobs: #83174

Credits

Huge thanks to @​sokra for helping!

v15.5.1-canary.21

Misc Changes

• Turbopack: improve overhead benchmarks: #83231

Credits

Huge thanks to @​sokra for helping!

v15.5.1-canary.20

... (truncated)

Commits

• 497ec6a v15.5.2
• cc68ced v15.5.1
• 7e08c82 v15.5.0
• 8f6d345 v15.4.2-canary.56
• e3e2197 v15.4.2-canary.55
• a745826 v15.4.2-canary.54
• bec38ef v15.4.2-canary.53
• 97dbf5f v15.4.2-canary.52
• 9934b37 v15.4.2-canary.51
• df9f3ba v15.4.2-canary.50
• Additional commits viewable in compare view

Updates @tanstack/react-table from 8.21.2 to 8.21.3

Release notes

Sourced from @​tanstack/react-table's releases.

v8.21.3

Version 8.21.3 - 4/14/25, 8:19 PM

Changes

Fix

• table-core: use right Document instance on getResizeHandler (column-sizing feature) (#5989) (54ce673) by @​riccardoperra

Docs

• fix all 158 broken links (#5972) (f7bf6f1) by @​kisaragi-hiu
• add vue example for grouping (#5941) (3efa59c) by Harshil Patel

Packages

• @​tanstack/table-core@​8.21.3
• @​tanstack/angular-table@​8.21.3
• @​tanstack/lit-table@​8.21.3
• @​tanstack/qwik-table@​8.21.3
• @​tanstack/react-table@​8.21.3
• @​tanstack/solid-table@​8.21.3
• @​tanstack/svelte-table@​8.21.3
• @​tanstack/vue-table@​8.21.3
• @​tanstack/react-table-devtools@​8.21.3

Commits

• f4dc742 release: v8.21.3
• See full diff in compare view

Updates @tanstack/table-core from 8.21.2 to 8.21.3

Release notes

Sourced from @​tanstack/table-core's releases.

v8.21.3

Version 8.21.3 - 4/14/25, 8:19 PM

Changes

Fix

• table-core: use right Document instance on getResizeHandler (column-sizing feature) (#5989) (54ce673) by @​riccardoperra

Docs

• fix all 158 broken links (#5972) (f7bf6f1) by @​kisaragi-hiu
• add vue example for grouping (#5941) (3efa59c) by Harshil Patel

Packages

• @​tanstack/table-core@​8.21.3
• @​tanstack/angular-table@​8.21.3
• @​tanstack/lit-table@​8.21.3
• @​tanstack/qwik-table@​8.21.3
• @​tanstack/react-table@​8.21.3
• @​tanstack/solid-table@​8.21.3
• @​tanstack/svelte-table@​8.21.3
• @​tanstack/vue-table@​8.21.3
• @​tanstack/react-table-devtools@​8.21.3

Commits

• f4dc742 release: v8.21.3
• 54ce673 fix(table-core): use right Document instance on getResizeHandler (column-sizi...
• See full diff in compare view

Updates dotenv from 16.4.7 to 17.2.1

Changelog

Sourced from dotenv's changelog.

17.2.1 (2025-07-24)

Changed

• Fix clickable tip links by removing parentheses (#897)

17.2.0 (2025-07-09)

Added

• Optionally specify DOTENV_CONFIG_QUIET=true in your environment or .env file to quiet the runtime log (#889)
• Just like dotenv any DOTENV_CONFIG_ environment variables take precedence over any code set options like ({quiet: false})

# .env
DOTENV_CONFIG_QUIET=true
HELLO="World"

// index.js
require('dotenv').config()
console.log(`Hello ${process.env.HELLO}`)

$ node index.js
Hello World
or
$ DOTENV_CONFIG_QUIET=true node index.js

17.1.0 (2025-07-07)

Added

• Add additional security and configuration tips to the runtime log (#884)
• Dim the tips text from the main injection information text

const TIPS = [
  '🔐 encrypt with dotenvx: https://dotenvx.com',
  '🔐 prevent committing .env to code: https://dotenvx.com/precommit',
  '🔐 prevent building .env in docker: https://dotenvx.com/prebuild',
  '🛠️  run anywhere with `dotenvx run -- yourcommand`',
  '⚙️  specify custom .env file path with { path: \'/custom/path/.env\' }',
  '⚙️  enable debug logging with { debug: true }',
  '⚙️  override existing env vars with { override: true }',
  '⚙️  suppress all logs with { quiet: true }',
  '⚙️  write to custom object with { processEnv: myObject }',
</tr></table> 

... (truncated)

Commits

• 37cf55a 17.2.1
• f2d92e9 changelog 🪵
• bd27017 Merge pull request #897 from motdotla/adjust-tip-for-click
• 8a9ce45 add to tests
• 19e5ad9 adjust clickable tip
• 4186757 Merge pull request #894 from mjomble/patch-1
• 04322a6 Merge pull request #895 from andersr/add-es6-config-info-to-readme
• 1102cab Add info about ES6 import with config options
• 5566b77 Fixed link in changelog
• 11acd9f 17.2.0
• Additional commits viewable in compare view

Updates drizzle-orm from 0.39.3 to 0.44.5

Release notes

Sourced from drizzle-orm's releases.

0.44.5

• Fixed invalid usage of .one() in durable-sqlite session
• Fixed spread operator related crash in sqlite blob columns
• Better browser support for sqlite blob columns
• Improved sqlite blob mapping

0.44.4

• Fix wrong DrizzleQueryError export. thanks @​nathankleyn

0.44.3

• Fixed types of $client for clients created by drizzle function

await db.$client.[...]

• Added the updated_at column to the neon_auth.users_sync table definition.

0.44.2

• [BUG]: Fixed type issues with joins with certain variations of tsconfig: #4535, #4457

0.44.1

• [BUG]: Drizzle can no longer run on Durable Objects

0.44.0

Error handling

Starting from this version, we’ve introduced a new DrizzleQueryError that wraps all errors from database drivers and provides a set of useful information:

1. A proper stack trace to identify which exact Drizzle query failed
2. The generated SQL string and its parameters
3. The original stack trace from the driver that caused the DrizzleQueryError

Drizzle cache module

Drizzle sends every query straight to your database by default. There are no hidden actions, no automatic caching or invalidation - you’ll always see exactly what runs. If you want caching, you must opt in.

By default, Drizzle uses a explicit caching strategy (i.e. global: false), so nothing is ever cached unless you ask. This prevents surprises or hidden performance traps in your application. Alternatively, you can flip on all caching (global: true) so that every select will look in cache first.

Out first native integration was built together with Upstash team and let you natively use upstash as a cache for your drizzle queries

import { upstashCache } from "drizzle-orm/cache/upstash";
import { drizzle } from "drizzle-orm/...";
const db = drizzle(process.env.DB_URL!, {
cache: upstashCache({
// 👇 Redis credentials (optional — can also be pulled from env vars)
url: '<UPSTASH_URL>',
token: '<UPSTASH_TOKEN>',
</tr></table>

... (truncated)

Commits

• 37d059f v0.44.5 (#4849)
• 33f0374 Upgrade drizzle-zod peerDeps
• 8b8d78e Fix export of DrizzleQueryError (fixes #4618) (#4778)
• 027921f Fixed types of $client for clients created by drizzle function from crede...
• e44d9bb Add updated_at column (#4106)
• ac1dcd9 Fix hakfvec (#4689)
• 5c6b3af Add databaseName and packageName properties for studio (#4683)
• 9895842 Studio transactions (#4664)
• 50a8b16 Fixed type issues with joins with certain variations of tsconfig (fixes #45...
• 9865e63 Fix better-sqlite version
• Additional commits viewable in compare view

Updates next from 15.2.4 to 15.5.2

Release notes

Sourced from next's releases.

v15.5.2

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix: disable unknownatrules lint rule entirely (#83059)
• revert: add ?dpl to fonts in /_next/static/media (#83062)

Credits

Huge thanks to @​bgub and @​ztanner for helping!

v15.5.1

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix: aliased navigations should apply scroll handling (#82900)
• Turbopack: fix invalid NFT entry with file behind symlink (#82887)
• fix: typesafe linking to route handlers and pages API routes (#82858)
• fix: change "noUnknownAtRules" to "warn" for Biome (#82974)
• fix: add path normalization to getRelativePath for Windows (#82918)
• feat: add typesafety with config.typedRoutes to redirect() and permanentRedirect() (#82860)
• fix: avoid importing types that will be unused (#82856)
• fix: update the config.api.responseLimit type (#82852)
• fix: update validation return types (#82854)

Credits

Huge thanks to @​bgub, @​mischnic, and @​ztanner for helping!

v15.5.1-canary.22

Misc Changes

• Turbopack: Redefine Background backend jobs: #83174

Credits

Huge thanks to @​sokra for helping!

v15.5.1-canary.21

Misc Changes

• Turbopack: improve overhead benchmarks: #83231

Credits

Huge thanks to @​sokra for helping!

v15.5.1-canary.20

... (truncated)

Commits

• 497ec6a v15.5.2
• bc72f41 [backport] revert: add ?dpl to fonts in /_next/static/media (#83062) (#83066)
• c8faf68 [backport] fix: disable unknownatrules lint rule entirely (#83059) (#83060)
• cc68ced v15.5.1
• 1ce9857 [backport] fix: update validation return types (#82854) (#83027)
• b93c894 [backport] fix: update the config.api.responseLimit type (#82852) (#83028)
• 8a92f28 [backport] fix: avoid importing types that will be unused (#82856) (#83026)
• 19617ab [backport] feat: add typesafety with config.typedRoutes to redirect() and per...
• 822e4c0 [backport] fix: add path normalization to getRelativePath for Windows (#82918...
• bb67ca9 [backport] fix: change "noUnknownAtRules" to "warn" for Biome (#82974) (#83022)
• Additional commits viewable in compare view

Updates nodemailer from 6.10.0 to 7.0.6

Release notes

Sourced from nodemailer's releases.

v7.0.6

7.0.6 (2025-08-27)

Bug Fixes

• encoder: avoid silent data loss by properly flushing trailing base64 (#1747) (01ae76f)
• handle multiple XOAUTH2 token requests correctly (

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
svw-web-app	Error			Sep 2, 2025 9:20am

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.