Bump the prod-deps group across 1 directory with 14 updates

[dependabot]

Bumps the prod-deps group with 14 updates in the / directory:

Package	From	To
@auth0/nextjs-auth0	3.7.0	4.14.0
@emotion/styled	11.14.0	11.14.1
@fontsource/roboto	5.2.5	5.2.9
@mui/material	6.4.8	7.3.6
@neondatabase/serverless	0.10.4	1.0.2
@next/mdx	16.1.0	16.1.1
@tanstack/react-table	8.21.2	8.21.3
@tanstack/table-core	8.21.2	8.21.3
dotenv	16.4.7	17.2.3
drizzle-orm	0.39.3	0.45.1
next	16.1.0	16.1.1
nodemailer	7.0.11	7.0.12
react-hotkeys-hook	4.6.1	5.2.1
ws	8.18.1	8.18.3

Updates @auth0/nextjs-auth0 from 3.7.0 to 4.14.0

Release notes

Sourced from @​auth0/nextjs-auth0's releases.

v4.14.0

v4.14.0 (2025-12-15)

Added

• feat: Custom Token Exchange #2453 (tusharpandey13)

v4.13.3

v4.13.3 (2025-12-12)

Fixed

• bugfix: session write not happening for pages router with chunked cookies #2447 (tusharpandey13)

Security

• Security: Update Next.js peer dependencies for CVE-2025-55184 and CVE-2025-55183 #2457 (tusharpandey13)

v4.13.2

Changed

• Updated peer dependency
  • Next: ^14.2.25 || ~15.0.5 || ~15.1.9 || ~15.2.6 || ~15.3.6 || ~15.4.8 || ~15.5.7 || ^16.0.7
  • React: ^18.0.0 || ~19.0.1 || ~19.1.2 || ^19.2.1
  • React-DOM: ^18.0.0 || ~19.0.1 || ~19.1.2 || ^19.2.1

v4.13.1

Added

• docs: Add docs for silent authentication #2422 (tusharpandey13)

Fixed

• fix: broken next-16 app when basePath is used #2424 (nandan-bhat)

v4.13.0

Added

• feat: add support scopes parameter for connected accounts #2407 (guabu)
• Adding support for Next 16 #2405 (nandan-bhat)

Fixed

• fix: merge sessionChanges before finalizing session after refresh (#2401) #2414 (Clone of #2401 by wolfgangGoedel )
• fix: prevent OAuth parameter injection via returnTo (#2381) #2413 (Clone of #2381 by MegaManSec)

v4.12.1

Changed

• Remove TokenRequestCache when calling getAccessToken

v4.12.0

Added

• feat: Proxy handler support enabling My Account and My Org #2400 (tusharpandey13)

v4.11.2

Changed

• Remove TokenRequestCache when calling getAccessToken

... (truncated)

Changelog

Sourced from @​auth0/nextjs-auth0's changelog.

v4.14.0 (2025-12-15)

Full Changelog

Added

• feat: Custom Token Exchange #2453 (tusharpandey13)

v4.13.3 (2025-12-12)

Full Changelog

Fixed

• bugfix: session write not happening for pages router with chunked cookies #2447 (tusharpandey13)

Security

• Security: Update Next.js peer dependencies for CVE-2025-55184 and CVE-2025-55183 #2457 (tusharpandey13)

v4.13.2 (2025-12-05)

Full Changelog

Changed

• Updated peer dependency
  • Next: ^14.2.25 || ~15.0.5 || ~15.1.9 || ~15.2.6 || ~15.3.6 || ~15.4.8 || ~15.5.7 || ^16.0.7
  • React: ^18.0.0 || ~19.0.1 || ~19.1.2 || ^19.2.1
  • React-DOM: ^18.0.0 || ~19.0.1 || ~19.1.2 || ^19.2.1

v4.13.1 (2025-11-19)

Full Changelog

Added

• docs: Add docs for silent authentication #2422 (tusharpandey13)

Fixed

• fix: broken next-16 app when basePath is used #2424 (nandan-bhat)

v4.13.0 (2025-11-17)

Full Changelog

Added

• feat: add support scopes parameter for connected accounts #2407 (guabu)
• Adding support for Next 16 #2405 (nandan-bhat)

Fixed

• fix: merge sessionChanges before finalizing session after refresh (#2401) #2414 (Clone of #2401 by wolfgangGoedel )
• fix: prevent OAuth parameter injection via returnTo (#2381) #2413 (Clone of #2381 by MegaManSec)

v4.12.1 (2025-11-13)

Full Changelog

Changed

• Remove TokenRequestCache when calling getAccessToken

... (truncated)

Commits

• eb45d4e Release v4.14.0 (#2471)
• 19e253d chore(deps): bump actions/upload-artifact from 5 to 6 (#2465)
• 3b6f464 chore(deps-dev): bump typescript-eslint from 8.47.0 to 8.49.0 (#2466)
• c0b5589 chore(deps-dev): bump @​eslint/js from 9.39.1 to 9.39.2 (#2467)
• 9943faf chore(deps): bump oauth4webapi from 3.8.2 to 3.8.3 (#2470)
• b3eade7 chore(deps): bump jose from 6.1.2 to 6.1.3 (#2469)
• 8f8b5fc docs: add docs for optimizing token refresh in middleware (#2426)
• 4242867 chore: add NOTICE file (#2429)
• 4a2f36e feat: Custom Token Exchange (#2453)
• f435994 chore(deps): bump swr from 2.3.6 to 2.3.7 (#2439)
• Additional commits viewable in compare view

Updates @emotion/styled from 11.14.0 to 11.14.1

Release notes

Sourced from @​emotion/styled's releases.

@​emotion/styled@​11.14.1

Patch Changes

• #3334 0facbe4 Thanks @​ZachRiegel! - Renamed default-exported variable in @emotion/styled to aid inferred import names in auto-import completions in IDEs

Commits

• 4922955 Version Packages (#3335)
• 0facbe4 Renamed default-exported variable in @emotion/styled to aid inferred import...
• cce67ec Bump parcel (#3258)
• See full diff in compare view

Updates @fontsource/roboto from 5.2.5 to 5.2.9

Commits

• See full diff in compare view

Updates @mui/material from 6.4.8 to 7.3.6

Release notes

Sourced from @​mui/material's releases.

v7.3.6

A big thanks to the 22 contributors who made this release possible.

@​mui/material@​7.3.6

• [Accordion] Move properties to the AccordionOwnProps interface (#47348) @​Aleksan4e3
• [Autocomplete] Remove unnecessary filterSelectedOptions dependency from syncHighlightedIndex useCallback (#47378) @​ZeeshanTamboli
• [Autocomplete] Fix input caret not showing when focusing after chip navigation (#47249) @​vrachuri28
• [Autocomplete] Fix ArrowLeft crash when value is not set with single-value rendering (#47214) @​rithik56
• [Button] Fix running formAction when passed (#47185) @​sai6855
• [Chip] Remove leftover closing parenthesis in CSS class key (#47345) @​ZeeshanTamboli
• [ListItem] Add secondaryAction slot to ListItem (#47399) @​sai6855
• [NumberField] Fix scroll behavior (#47397) @​oliviertassinari
• [Select] Fix keyboard navigation while rendering in shadow DOM (#47380) @​xBlizZer
• [Select] Fix cannot pass certain event handlers (#47366) @​ZeeshanTamboli
• [Slider] Accept readonly array for marks prop (#47370) @​pcorpet
• [Snackbar] Avoid unnecessary ownerState spread into useSnackbar (#47373) @​ZeeshanTamboli
• [TextField] Allow custom props in slot props via TS module augmentation (#47367) @​kumarvishwajeettrivedi
• [Tabs] Fix Arrow key navigation failing when component is rendered in shadow DOM (#47178) @​sai6855
• Fix typings for theme applyStyles with custom color schemes (#47242) @​akankshahu

@​mui/system@​7.3.6

• Fix unwanted attribute on DOM from InitColorSchemeScript class attribute (#47200) @​siriwatknp

@​mui/lab@​7.3.6

• [Masonry] Fix layout flicker and single column issue (#43903) @​Fanzzzd

Docs

• Fix default theme viewer styling (#47400) @​sai6855
• Remove repetitive words (#47384) @​rifeplight
• Fix link to Portal API docs (#47383) @​ZeeshanTamboli
• Remove mentions of MUI Base from Material UI docs (#47324) @​mapache-salvaje
• Update CSP guidance (#47342) @​rossdakin
• Fix pathname collision in LLMs docs generator (#47209) @​siriwatknp
• Resolve redirected urls to their final location (#47193) @​Janpot
• Document correct default values for elevation and square props (#47261) @​Ad1tya-007
• Fix display of colors in dark mode in palette customization page (#47403) @​sai6855
• Add Number Field component page (#47165) @​siriwatknp
• Fix mcp schema change (#47171) @​sai6855

Core

• [code-infra] Add types for markdown loader (#47075) @​Janpot
• [code-infra] Build test utils with code-infra pipeline (#47405) @​Janpot
• [code-infra] Vitest test migration (#44325) @​JCQuintas
• [code-infra] Revive docs bundle analyzer (#47401) @​Janpot
• [code-infra] Update tests from vitest PR (#47344) @​Janpot

... (truncated)

Changelog

Sourced from @​mui/material's changelog.

7.3.6

Dec 3, 2025

A big thanks to the 22 contributors who made this release possible.

@​mui/material@​7.3.6

• [Accordion] Move properties to the AccordionOwnProps interface (#47348) @​Aleksan4e3
• [Autocomplete] Remove unnecessary filterSelectedOptions dependency from syncHighlightedIndex useCallback (#47378) @​ZeeshanTamboli
• [Autocomplete] Fix input caret not showing when focusing after chip navigation (#47249) @​vrachuri28
• [Autocomplete] Fix ArrowLeft crash when value is not set with single-value rendering (#47214) @​rithik56
• [Button] Fix running formAction when passed (#47185) @​sai6855
• [Chip] Remove leftover closing parenthesis in CSS class key (#47345) @​ZeeshanTamboli
• [ListItem] Add secondaryAction slot to ListItem (#47399) @​sai6855
• [NumberField] Fix scroll behavior (#47397) @​oliviertassinari
• [Select] Fix keyboard navigation while rendering in shadow DOM (#47380) @​xBlizZer
• [Select] Fix cannot pass certain event handlers (#47366) @​ZeeshanTamboli
• [Slider] Accept readonly array for marks prop (#47370) @​pcorpet
• [Snackbar] Avoid unnecessary ownerState spread into useSnackbar (#47373) @​ZeeshanTamboli
• [TextField] Allow custom props in slot props via TS module augmentation (#47367) @​kumarvishwajeettrivedi
• [Tabs] Fix Arrow key navigation failing when component is rendered in shadow DOM (#47178) @​sai6855
• Fix typings for theme applyStyles with custom color schemes (#47242) @​akankshahu

@​mui/system@​7.3.6

• Fix unwanted attribute on DOM from InitColorSchemeScript class attribute (#47200) @​siriwatknp

@​mui/lab@​7.3.6

• [Masonry] Fix layout flicker and single column issue (#43903) @​Fanzzzd

Docs

• Fix default theme viewer styling (#47400) @​sai6855
• Remove repetitive words (#47384) @​rifeplight
• Fix link to Portal API docs (#47383) @​ZeeshanTamboli
• Remove mentions of MUI Base from Material UI docs (#47324) @​mapache-salvaje
• Update CSP guidance (#47342) @​rossdakin
• Fix pathname collision in LLMs docs generator (#47209) @​siriwatknp
• Resolve redirected urls to their final location (#47193) @​Janpot
• Document correct default values for elevation and square props (#47261) @​Ad1tya-007
• Fix display of colors in dark mode in palette customization page (#47403) @​sai6855
• Add Number Field component page (#47165) @​siriwatknp
• Fix mcp schema change (#47171) @​sai6855

Core

... (truncated)

Commits

• aa8cf28 v7.3.6 (#47409)
• bb64ab1 [Accordion] Move properties to the AccordionOwnProps interface (#47348)
• 83d2589 [code-infra] Vitest test migration (#44325)
• cda73b7 [material-ui][ListItem] Add secondaryAction slot to ListItem (#47399)
• 5536c15 [select] Fix keyboard navigation while rendering in shadow DOM (#47380)
• 56f6d7b Bump @​types/react to ^19.2.7 (#47396)
• c32df2d Bump @​types/chai to ^5.2.3 (#47395)
• 23e3e10 [internal] Remove leftover testing-library libraries from mui-material pack...
• 39c9042 [select] Fix cannot pass certain event handlers (#47366)
• 21f2485 [code-infra] Update tests from vitest PR (#47344)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​mui/material since your current version.

Updates @neondatabase/serverless from 0.10.4 to 1.0.2

Changelog

Sourced from @​neondatabase/serverless's changelog.

1.0.2 (2025-09-30)

Update neon.tech references to neon.com domain.

1.0.1 (2025-06-06)

The package now prints a security warning to the console when a connection is made in a web browser. This behaviour can be suppressed with a new configuration option: disableWarningInBrowsers. There are a few other very minor fixes.

1.0.0 (2025-03-25)

Breaking change: the HTTP query template function can now only be called as a template function, not as a conventional function. This improves safety from accidental SQL-injection vulnerabilities. For example:

import { neon } from '@neondatabase/serverless';
const sql = neon(process.env.DATABASE_URL);
const id = 1;
// this is safe and convenient, as before
const result = await sqlSELECT * FROM table WHERE id = ${id};
// this looks very similar and was previously allowed, but was open to SQL
// injection attacks because it uses ordinary string interpolation -- it's now
// both a TypeScript type error and a runtime error
const throws = await sql(SELECT * FROM table WHERE id = ${id});

To fill the gap left by this change, the template function has two new properties: a query() function that allows manually parameterized queries, and an unsafe() function that lets you interpolate trusted arbitrary string values. For example:

// this was previously allowed, and was safe, but is now also an error so as to
// prevent the vulnerability seen above
const throws = await sql('SELECT * FROM table WHERE id = $1', [id]);
// the query() function is the new way to manually specify placeholders and
// values (the same way it's done by client.query() and pool.query())
const result = await sql.query('SELECT * FROM table WHERE id = $1', [id]);
// to interpolate strings like column or table names, only if you know
// they're safe, use the unsafe() function
const table = condition ? 'table1' : 'table2'; // known-safe string values
const result = await sqlSELECT * FROM ${sql.unsafe(table)} WHERE id = ${id};
// but in the above case, you might prefer to do this instead
const table = condition ? sqltable1 : sqltable2;
const result = await sqlSELECT * FROM ${table} WHERE id = ${id};

In addition, HTTP template queries are now fully composable, including those with parameters. For example:

</tr></table> 

... (truncated)

Commits

• See full diff in compare view

Updates @next/mdx from 16.1.0 to 16.1.1

Release notes

Sourced from @​next/mdx's releases.

v16.1.1

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Turbopack: Create junction points instead of symlinks on Windows (#87606)

Credits

Huge thanks to @​sokra and @​ztanner for helping!

v16.1.1-canary.10

Misc Changes

• chore(turbo-tasks-malloc): replace mimalloc-rspack to mimalloc: #87815

Credits

Huge thanks to @​xusd320 for helping!

v16.1.1-canary.9

Core Changes

• misc: fix type check log for CI envs: #87838

Misc Changes

• Update Rspack production test manifest: #87889
• Update Rspack development test manifest: #87888

Credits

Huge thanks to @​feedthejim and @​vercel-release-bot for helping!

v16.1.1-canary.8

Core Changes

• [strict-route-types] Add experimental.strictRouteTypes config: #87378

Credits

Huge thanks to @​eps1lon for helping!

v16.1.1-canary.7

Core Changes

• Add experimental routing package for resolving adapter routes: #86404
• Ensure outputs are correct with cache components in deployment adapters: #87018
• Move off of deprecated url.parse: #87257

... (truncated)

Commits

• 3aa5398 v16.1.1
• See full diff in compare view

Updates @tanstack/react-table from 8.21.2 to 8.21.3

Release notes

Sourced from @​tanstack/react-table's releases.

v8.21.3

Version 8.21.3 - 4/14/25, 8:19 PM

Changes

Fix

• table-core: use right Document instance on getResizeHandler (column-sizing feature) (#5989) (54ce673) by @​riccardoperra

Docs

• fix all 158 broken links (#5972) (f7bf6f1) by @​kisaragi-hiu
• add vue example for grouping (#5941) (3efa59c) by Harshil Patel

Packages

• @​tanstack/table-core@​8.21.3
• @​tanstack/angular-table@​8.21.3
• @​tanstack/lit-table@​8.21.3
• @​tanstack/qwik-table@​8.21.3
• @​tanstack/react-table@​8.21.3
• @​tanstack/solid-table@​8.21.3
• @​tanstack/svelte-table@​8.21.3
• @​tanstack/vue-table@​8.21.3
• @​tanstack/react-table-devtools@​8.21.3

Commits

• f4dc742 release: v8.21.3
• See full diff in compare view

Updates @tanstack/table-core from 8.21.2 to 8.21.3

Release notes

Sourced from @​tanstack/table-core's releases.

v8.21.3

Version 8.21.3 - 4/14/25, 8:19 PM

Changes

Fix

• table-core: use right Document instance on getResizeHandler (column-sizing feature) (#5989) (54ce673) by @​riccardoperra

Docs

• fix all 158 broken links (#5972) (f7bf6f1) by @​kisaragi-hiu
• add vue example for grouping (#5941) (3efa59c) by Harshil Patel

Packages

• @​tanstack/table-core@​8.21.3
• @​tanstack/angular-table@​8.21.3
• @​tanstack/lit-table@​8.21.3
• @​tanstack/qwik-table@​8.21.3
• @​tanstack/react-table@​8.21.3
• @​tanstack/solid-table@​8.21.3
• @​tanstack/svelte-table@​8.21.3
• @​tanstack/vue-table@​8.21.3
• @​tanstack/react-table-devtools@​8.21.3

Commits

• f4dc742 release: v8.21.3
• 54ce673 fix(table-core): use right Document instance on getResizeHandler (column-sizi...
• See full diff in compare view

Updates dotenv from 16.4.7 to 17.2.3

Changelog

Sourced from dotenv's changelog.

17.2.3 (2025-09-29)

Changed

• Fixed typescript error definition (#912)

17.2.2 (2025-09-02)

Added

• 🙏 A big thank you to new sponsor Tuple.app - the premier screen sharing app for developers on macOS and Windows. Go check them out. It's wonderful and generous of them to give back to open source by sponsoring dotenv. Give them some love back.

17.2.1 (2025-07-24)

Changed

• Fix clickable tip links by removing parentheses (#897)

17.2.0 (2025-07-09)

Added

• Optionally specify DOTENV_CONFIG_QUIET=true in your environment or .env file to quiet the runtime log (#889)
• Just like dotenv any DOTENV_CONFIG_ environment variables take precedence over any code set options like ({quiet: false})

# .env
DOTENV_CONFIG_QUIET=true
HELLO="World"

// index.js
require('dotenv').config()
console.log(`Hello ${process.env.HELLO}`)

$ node index.js
Hello World
or
$ DOTENV_CONFIG_QUIET=true node index.js

17.1.0 (2025-07-07)

Added

• Add additional security and configuration tips to the runtime log (#884)
• Dim the tips text from the main injection information text

... (truncated)

Commits

• affe113 17.2.3
• db1ff1f changelog 🪵
• 7063f16 Merge pull request #913 from motdotla/new-tips
• 0bbe72c test against expected tips
• 017951b only run .js tests
• 39eda1f add space back
• fcc030e update tips
• b6c7a0d updated tips - as Dotenvx Radar has been renamed Dotenvx Ops
• b3c8b16 remove unnecessary call to npx
• d6e4c17 Merge pull request #912 from adjerbetian/fix/typescript-error-definition
• Additional commits viewable in compare view

Updates drizzle-orm from 0.39.3 to 0.45.1

Release notes

Sourced from drizzle-orm's releases.

0.45.1

• Fixed pg-native Pool detection in node-postgres transactions breaking in environments with forbidden require() (#5107)

0.45.0

• Fixed pg-native Pool detection in node-postgres transactions
• Allowed subqueries in select fields
• Updated typo algorythm => algorithm
• Fixed $onUpdate not handling SQL values (fixes #2388, tests implemented by L-Mario564 in #2911)
• Fixed pg mappers not handling Date instances in bun-sql:postgresql driver responses for date, timestamp types (fixes #4493)

0.44.7

• fix durable sqlite transaction return value #3746 - thanks @​joaocstro

0.44.6

• feat: add $replicas reference #4874

0.44.5

• Fixed invalid usage of .one() in durable-sqlite session
• Fixed spread operator related crash in sqlite blob columns
• Better browser support for sqlite blob columns
• Improved sqlite blob mapping

0.44.4

• Fix wrong DrizzleQueryError export. thanks @​nathankleyn

0.44.3

• Fixed types of $client for clients created by drizzle function

await db.$client.[...]

• Added the updated_at column to the neon_auth.users_sync table definition.

0.44.2

• [BUG]: Fixed type issues with joins with certain variations of tsconfig: #4535, #4457

0.44.1

• [BUG]: Drizzle can no longer run on Durable Objects

0.44.0

Error handling

Starting from this version, we’ve introduced a new DrizzleQueryError that wraps all errors from database drivers and provides a set of useful information:

1. A proper stack trace to identify which exact Drizzle query failed
2. The generated SQL string and its parameters
3. The original stack trace from the driver that caused the DrizzleQueryError

Drizzle cache module

... (truncated)

Commits

• a086f59 Fixed pg-native Pool detection in node-postgres transactions breaking in envi...
• c445637 Merge pull request #5095 from drizzle-team/main-workflows
• e7b3aaa Merge branch 'main' into main-workflows
• 0d885a5 refactor: Update condition for run-feature job to improve clarity and functio...
• 45a1ffb Merge pull request #5087 from drizzle-team/main-workflows
• 6357645 chore: Comment out NEON_HTTP_CONNECTION_STRING requirement in release workflows
• 53dec98 refactor: Simplify release router workflow by removing unnecessary switch job...
• ce88a18 Merge remote-tracking branch 'origin/ext-deps-kit' into main-workflows
• 5c8a4c5 +
• 73e2ea4 feat: Add release router workflow to manage feature and latest releases
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for drizzle-orm since your current version.

Updates next from 16.1.0 to 16.1.1

Release notes

Sourced from next's releases.

v16.1.1

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Turbopack: Create junction points instead of symlinks on Windows (#87606)

Credits

Huge thanks to @​sokra and @​ztanner for helping!

v16.1.1-canary.10

Misc Changes

• chore(turbo-tasks-malloc): replace mimalloc-rspack to mimalloc: #87815

Credits

Huge thanks to @​xusd320 for helping!

v16.1.1-canary.9

Core Changes

• misc: fix type check log for CI envs: #87838

Misc Changes

• Update Rspack production test manifest: #87889
• Update Rspack development test manifest: #87888

Credits

Huge thanks to @​feedthejim and @​vercel-release-bot for helping!

v16.1.1-canary.8

Core Changes

• [strict-route-types] Add experimental.strictRouteTypes config: #87378

Credits

Huge thanks to @​eps1lon for helping!

v16.1.1-canary.7

Core Changes

• Add experimental routing package for resolving adapter routes: #86404
• Ensure outputs are correct with cache components in deployment adapters: #87018
• Move off of deprecated url.parse: #87257

... (truncated)

Commits

• 3aa5398 v16.1.1
• d1bd5b5 Turbopack: Create junction points instead of symlinks on Windows (#87606)
• a67ee72 setup release branch
• See full diff in compare view

Updates nodemailer from 7.0.11 to 7.0.12

Release notes

Sourced from nodemailer's releases.

v7.0.12

7.0.12 (2025-12-22)

Bug Fixes

• added support for REQUIRETLS (#1793) (053ce6a)
• use 8bit encoding for message/rfc822 attachments (adf8611)

Changelog

Sourced from nodemailer's changelog.

7.0.12 (2025-12-22)

Bug Fixes

• added support for REQUIRETLS (#1793) (053ce6a)
• use 8bit encoding for message/rfc822 attachments (adf8611)

Commits

• a208a0b chore(master): release 7.0.12 (#1785)
• 053ce6a fix: added support for REQUIRETLS (#1793)
• adf8611 fix: use 8bit encoding for message/rfc822 attachments
• See full diff in compare view

Updates react-hotkeys-hook from 4.6.1 to 5.2.1

Release notes

Sourced from react-hotkeys-hook's releases.

v5.2.1

• fmt 73ea06f
• remove unused script 160f872
• fix dependencies 4c89bcb
• Updated CHANGELOG.md ce7f732
• Add sideEffects field to package.json f464e05

---

Full Changelog: JohannesKlauss/react-hotkeys-hook@v5.2.0...v5.2.1

v5.2.0

JohannesKlauss/react-hotkeys-hook@v5.1.0...v5.2.0

What's Changed

• Added biome as formatter & linter by @​JohannesKlauss in JohannesKlauss/react-hotkeys-hook#1255
• Update README.md by @​iakuraa in JohannesKlauss/react-hotkeys-hook#1294
• Include aria roles in ignores by @​stutrek in JohannesKlauss/react-hotkeys-hook#1291
• Fix missing hotkey prop by @​ljani in JohannesKlauss/react-hotkeys-hook#1287
• Add more details on mod modifier by @​mickaelzhang in JohannesKlauss/react-hotkeys-hook#1293

New Contributors

• @​iakuraa made their first contribution in JohannesKlauss/react-hotkeys-hook#1294
• @​stutrek made their first contribution in JohannesKlauss/react-hotkeys-hook#1291
• @​ljani made their first contribution in JohannesKlauss/react-hotkeys-hook#1287
• @​mickaelzhang made their first contribution in JohannesKlauss/react-hotkeys-hook#1293

Full Changelog: JohannesKlauss/react-hotkeys-hook@v5.1.0...v5.2.0

v5.1.0

What's Changed

• chore(deps): update all non-major dependencies by @​renovate in JohannesKlauss/react-hotkeys-hook#1236
• chore(deps): update all non-major dependencies by @​renovate in JohannesKlauss/react-hotkeys-hook#1242
• chore(deps): update dependency globals to v16 by @​renovate in JohannesKlauss/react-hotkeys-hook#1243
• chore(deps): update all non-major dependencies by @​renovate in JohannesKlauss/react-hotkeys-hook#1248
• Remove explicit 'null' type from useRef uses. by @​dbowring in

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
svw-web-app	Error		Jan 1, 2026 1:11pm

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml