Skip to content

deps(deps): bump the frontend-dependencies group across 1 directory with 23 updates#368

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/frontend/frontend-dependencies-02562e696f
Closed

deps(deps): bump the frontend-dependencies group across 1 directory with 23 updates#368
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/frontend/frontend-dependencies-02562e696f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 25, 2026

Copy link
Copy Markdown
Contributor

Bumps the frontend-dependencies group with 23 updates in the /frontend directory:

Package From To
@hookform/resolvers 5.2.2 5.4.0
i18next 25.10.10 26.2.0
lucide-react 0.575.0 1.16.0
next 16.2.4 16.2.6
react 19.2.3 19.2.6
@types/react 19.2.14 19.2.15
react-dom 19.2.3 19.2.6
react-hook-form 7.74.0 7.76.1
react-i18next 16.6.6 17.0.8
tailwind-merge 3.5.0 3.6.0
zod 4.4.2 4.4.3
zustand 5.0.12 5.0.13
@playwright/test 1.59.1 1.60.0
@tailwindcss/postcss 4.2.4 4.3.0
@types/node 20.19.39 25.9.1
@vitest/coverage-v8 3.2.4 4.1.7
@vitest/ui 3.2.4 4.1.7
eslint 9.39.4 10.4.0
eslint-config-next 16.2.4 16.2.6
jsdom 23.2.0 29.1.1
typescript 5.9.3 6.0.3
vite-tsconfig-paths 5.1.4 6.1.1
vitest 3.2.4 4.1.7

Updates @hookform/resolvers from 5.2.2 to 5.4.0

Release notes

Sourced from @​hookform/resolvers's releases.

v5.4.0

5.4.0 (2026-05-21)

Features

  • feat: add ata-validator resolver (#845)

Fixes

  • fix issue with toNestErrors.ts (#848)
  • add guidance on passing context to yupResolver (useForm context) (#835) (3d29924)
Commits

Updates i18next from 25.10.10 to 26.2.0

Release notes

Sourced from i18next's releases.

v26.2.0

  • feat(types): new parseInterpolation TypeOption (default true). When set to false in CustomTypeOptions, the type-level extractor stops parsing translation strings for {{variable}} patterns. Required by i18next-icu users — the default extractor mistakes ICU MessageFormat nested-brace plurals like {count, plural, one {{count} row} other {{count} rows}} for an interpolation block and demands a phantom variable name. The flag is type-only; runtime interpolation is governed by InterpolationOptions and is unaffected. Fixes i18next-icu#85.
  • fix(types): expose enableSelector on InitOptions so i18next.init({ enableSelector: 'strict' }) typechecks without a module augmentation. The runtime already reads opts?.enableSelector from init options; this lands the matching type declaration next to the other selector-resolution knobs. Accepts false | true | 'optimize' | 'strict'. Thanks @​Faithfinder (#2431)

v26.1.0

  • feat: enableSelector: 'strict' (TypeOptions + runtime option). Opt-in mode that drops the flattened-primary form from NsResource at the type level — every namespace (primary included) is exposed only under its own key on $, uniformly across single- and multi-ns hooks. At runtime, a leading selector path segment matching the scope's namespace list is always rewritten as a namespace prefix, including the primary. Eliminates the silent-miss surface area where t($ => $.primary.foo) typechecks but doesn't resolve under the default mode (see #2429). Backward-compatible: default enableSelector: false | true | 'optimize' behavior is unchanged. Note: strict mode is incompatible with the #2405 pattern (keys whose names match sibling namespaces) — those users should stay on default mode.

v26.0.10

  • feat: getFixedT accepts a fourth optional fixedOpts argument carrying scopeNs — the full namespace list the bound t was created for. The selector API uses scopeNs to detect when a path's first segment is a namespace prefix, without changing resolution scope. Resolution still uses the bound ns (a single primary string in the typical react-i18next setup), so plain t('key') lookups stay isolated to the primary namespace exactly as before — only t($ => $.secondaryNs.foo) selectors now route correctly under useTranslation([nsA, nsB]). Fixes the runtime side of #2429 for the react-i18next default-nsMode case. The 4th argument is opt-in: existing 3-arg getFixedT(lng, ns, keyPrefix) callers see no behavior change.

v26.0.9

  • fix(types): unformatted interpolation values are now typed as string | number (was string). i18next stringifies values at runtime, so requiring callers to wrap numbers in String(...) for plain {{var}} placeholders was unnecessary friction — and could mask the real problem when a non-string value was passed alongside multiple interpolation slots (the t() overload resolution would fall through to the 3-arg form and report a confusing "not assignable to string" error against the options object). Typed format specifiers like {{x, number}}, {{x, currency}}, {{x, datetime}}, etc. keep their precise types; this only relaxes the no-format default. The count variable remains number-only

v26.0.8

  • fix(types): restore the pre-v25.10.4 ExistsFunction shape so plain arrow functions can again be assigned to ExistsFunction-typed variables (TypeScript cannot infer type predicates through multi-overload assignment). Direct i18next.exists(key) calls still narrow key to SelectorKey — the predicate is now declared inline on i18n.exists. Custom wrappers that want the narrowing can type themselves as typeof i18next.exists 2425

v26.0.7

  • fix: when a plural lookup misses, the missingKey debug log now shows the actual plural-resolved key (e.g. foo.bar_many for Polish count: 14) instead of the base key — making it obvious which plural category was expected and missing 2423
  • chore: drop @babel/runtime runtime dependency. The build no longer generates any @babel/runtime imports, so the package is unused by consumers. Rollup now uses babelHelpers: 'bundled' so any helpers that are ever needed in the future will be inlined rather than imported externally 2424
  • chore: stop emitting dist/esm/i18next.bundled.js. It was byte-identical to dist/esm/i18next.js because no helpers were being imported 2424

v26.0.6

Security release — all issues found via an internal audit. GHSA advisory filed after release.

  • security: warn when a translation string combines escapeValue: false with interpolated variables inside a $t(key, { ... "{{var}}" ... }) nesting-options block. In that narrow combination, attacker-controlled string values containing " can break out of the JSON options literal and inject additional nesting options (e.g. redirect lng/ns). The default escapeValue: true configuration is unaffected because HTML-escaping neutralises the quote before JSON.parse. See the security docs for mitigation guidance (GHSA-TBD)
  • security: apply regexEscape to unescapePrefix / unescapeSuffix on par with the other interpolation delimiters. Prevents ReDoS (catastrophic-backtracking) when a misconfigured delimiter contains regex metacharacters, and fixes silent breakage of the {{- var}} syntax when the delimiter contains characters like (, [, .
  • security: strip CR/LF/NUL and other C0/C1 control characters from string log arguments to prevent log forging via user-controlled translation keys, language codes, namespaces, or interpolation variable names (CWE-117)
  • chore: ignore .env* and *.pem/*.key files in .gitignore

v26.0.5

  • fix: cloneInstance().changeLanguage() no longer fails to update language state when the target language is not yet loaded — a race between init()'s deferred load() and the user's changeLanguage() could overwrite isLanguageChangingTo, causing setLngProps to be skipped 2422

v26.0.4

  • fix(types): inline formatting options like {{price, currency(EUR)}} are now correctly resolved to their base format type (e.g. number for currency) instead of falling back to string 2378

v26.0.3

  • fix(types): addResourceBundle now accepts an optional 6th options parameter ({ silent?: boolean; skipCopy?: boolean }) matching the runtime API 2419

v26.0.2

  • fix(types): t("key", {} as TOptions) no longer produces a type error — the context constraint now bypasses strict checking when context is unknown (e.g. from TOptions) 2418

v26.0.1

  • fix: Formatter no longer crashes when alwaysFormat is true and no format specifier is present (format is undefined)
  • fix: Formatter now returns undefined/null values as-is instead of producing NaN when the value is missing

v26.0.0

This is a major breaking release:

Breaking Changes

... (truncated)

Changelog

Sourced from i18next's changelog.

26.2.0

  • feat(types): new parseInterpolation TypeOption (default true). When set to false in CustomTypeOptions, the type-level extractor stops parsing translation strings for {{variable}} patterns. Required by i18next-icu users — the default extractor mistakes ICU MessageFormat nested-brace plurals like {count, plural, one {{count} row} other {{count} rows}} for an interpolation block and demands a phantom variable name. The flag is type-only; runtime interpolation is governed by InterpolationOptions and is unaffected. Fixes i18next-icu#85.
  • fix(types): expose enableSelector on InitOptions so i18next.init({ enableSelector: 'strict' }) typechecks without a module augmentation. The runtime already reads opts?.enableSelector from init options; this lands the matching type declaration next to the other selector-resolution knobs. Accepts false | true | 'optimize' | 'strict'. Thanks @​Faithfinder (#2431)

26.1.0

  • feat: enableSelector: 'strict' (TypeOptions + runtime option). Opt-in mode that drops the flattened-primary form from NsResource at the type level — every namespace (primary included) is exposed only under its own key on $, uniformly across single- and multi-ns hooks. At runtime, a leading selector path segment matching the scope's namespace list is always rewritten as a namespace prefix, including the primary. Eliminates the silent-miss surface area where t($ => $.primary.foo) typechecks but doesn't resolve under the default mode (see #2429). Backward-compatible: default enableSelector: false | true | 'optimize' behavior is unchanged. Note: strict mode is incompatible with the #2405 pattern (keys whose names match sibling namespaces) — those users should stay on default mode.

26.0.10

  • feat: getFixedT accepts a fourth optional fixedOpts argument carrying scopeNs — the full namespace list the bound t was created for. The selector API uses scopeNs to detect when a path's first segment is a namespace prefix, without changing resolution scope. Resolution still uses the bound ns (a single primary string in the typical react-i18next setup), so plain t('key') lookups stay isolated to the primary namespace exactly as before — only t($ => $.secondaryNs.foo) selectors now route correctly under useTranslation([nsA, nsB]). Fixes the runtime side of #2429 for the react-i18next default-nsMode case. The 4th argument is opt-in: existing 3-arg getFixedT(lng, ns, keyPrefix) callers see no behavior change.

26.0.9

  • fix(types): unformatted interpolation values are now typed as string | number (was string). i18next stringifies values at runtime, so requiring callers to wrap numbers in String(...) for plain {{var}} placeholders was unnecessary friction — and could mask the real problem when a non-string value was passed alongside multiple interpolation slots (the t() overload resolution would fall through to the 3-arg form and report a confusing "not assignable to string" error against the options object). Typed format specifiers like {{x, number}}, {{x, currency}}, {{x, datetime}}, etc. keep their precise types; this only relaxes the no-format default. The count variable remains number-only

26.0.8

  • fix(types): restore the pre-v25.10.4 ExistsFunction shape so plain arrow functions can again be assigned to ExistsFunction-typed variables (TypeScript cannot infer type predicates through multi-overload assignment). Direct i18next.exists(key) calls still narrow key to SelectorKey — the predicate is now declared inline on i18n.exists. Custom wrappers that want the narrowing can type themselves as typeof i18next.exists 2425

26.0.7

  • fix: when a plural lookup misses, the missingKey debug log now shows the actual plural-resolved key (e.g. foo.bar_many for Polish count: 14) instead of the base key — making it obvious which plural category was expected and missing 2423
  • chore: drop @babel/runtime runtime dependency. The build no longer generates any @babel/runtime imports, so the package is unused by consumers. Rollup now uses babelHelpers: 'bundled' so any helpers that are ever needed in the future will be inlined rather than imported externally 2424
  • chore: stop emitting dist/esm/i18next.bundled.js. It was byte-identical to dist/esm/i18next.js because no helpers were being imported 2424

26.0.6

Security release — all issues found via an internal audit.

  • security: warn when a translation string combines escapeValue: false with interpolated variables inside a $t(key, { ... "{{var}}" ... }) nesting-options block. In that narrow combination, attacker-controlled string values containing " can break out of the JSON options literal and inject additional nesting options (e.g. redirect lng/ns). The default escapeValue: true configuration is unaffected because HTML-escaping neutralises the quote before JSON.parse. See the security note in the Nesting docs for the full pattern and mitigations
  • security: apply regexEscape to unescapePrefix / unescapeSuffix on par with the other interpolation delimiters. Prevents ReDoS (catastrophic-backtracking) when a misconfigured delimiter contains regex metacharacters, and fixes silent breakage of the {{- var}} syntax when the delimiter contains characters like (, [, .
  • security: strip CR/LF/NUL and other C0/C1 control characters from string log arguments to prevent log forging via user-controlled translation keys, language codes, namespaces, or interpolation variable names (CWE-117)
  • chore: ignore .env* and *.pem/*.key files in .gitignore

26.0.5

  • fix: cloneInstance().changeLanguage() no longer fails to update language state when the target language is not yet loaded — a race between init()'s deferred load() and the user's changeLanguage() could overwrite isLanguageChangingTo, causing setLngProps to be skipped 2422

26.0.4

  • fix(types): inline formatting options like {{price, currency(EUR)}} are now correctly resolved to their base format type (e.g. number for currency) instead of falling back to string 2378

26.0.3

  • fix(types): addResourceBundle now accepts an optional 6th options parameter ({ silent?: boolean; skipCopy?: boolean }) matching the runtime API 2419

26.0.2

... (truncated)

Commits
  • 22fb6ad 26.2.0
  • b640ac4 feat(types): parseInterpolation flag for ICU-friendly t() typing (i18next-icu...
  • 0b9debd changelog: 26.1.1 entry for #2431
  • 50509e4 fix(types): expose enableSelector on InitOptions (#2431)
  • 80b5402 Enhance Pro Tip in README with i18next-locize-backend plugin link
  • 5af0475 26.1.0
  • 85c0951 feat: enableSelector: 'strict' — explicit-ns selector mode, no flattened prim...
  • 8fec684 docs(types): clarify ExistsFunction note re: narrowing through wrappers
  • 61eaf5b 26.0.10
  • 47fd92f feat: getFixedT 4th-arg scopeNs decouples selector ns-detection from resoluti...
  • Additional commits viewable in compare view

Updates lucide-react from 0.575.0 to 1.16.0

Release notes

Sourced from lucide-react's releases.

Version 1.16.0

What's Changed

Full Changelog: lucide-icons/lucide@1.15.0...1.16.0

Version 1.15.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.14.0...1.15.0

Version 1.14.0

What's Changed

Full Changelog: lucide-icons/lucide@1.13.0...1.14.0

Version 1.13.0

What's Changed

Full Changelog: lucide-icons/lucide@1.12.0...1.13.0

Version 1.12.0

What's Changed

... (truncated)

Commits

Updates next from 16.2.4 to 16.2.6

Release notes

Sourced from next's releases.

v16.2.6

[!NOTE] This release contains security fixes and backported bug fixes. It does not include all pending features/changes on canary.

Security Fixes

The following advisories have been addressed:

High:

Moderate:

Low:

Core Changes

  • fix: preserve HTTP access fallbacks during prerender recovery (#92231)
  • Fix fallback route params case in app-page handler (#91737)
  • Fix invalid HTML response for route-level RSC requests in deployment adapter (#91541)
  • Patch setHeader for direct route handlers (#93101)
  • Include deployment id in cacheHandlers keys (#93453)
  • Fix double-encoding of URL pathname parts in client param parsing (#93491)

v16.2.5

[!NOTE] This release contains security fixes and backported bug fixes. It does not include all pending features/changes on canary.

Security Fixes

The following advisories have been addressed:

High:

... (truncated)

Commits
  • ee6e79b v16.2.6
  • afa053d Turbopack: Match proxy matchers with webpack implementation (#93594)
  • 97a154e Turbopack: Fix middleware matcher suffix (#93590)
  • 83899bc [backport] Disable build caches for production/staging/force-preview deploys ...
  • 7b222b9 [backport][test] Pin package manager to patch versions (#93595)
  • a8dc24f [backport] Turbopack: more strict vergen setup (#93587)
  • 766148f v16.2.5
  • 0dd9483 fix: add explicit checks for RSC header (#83) (#98)
  • d166096 fix proxy matching for segment prefetch URLs (#89) (#96)
  • 9d50c0b Strip next-resume header from incoming requests (#92)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for next since your current version.


Updates react from 19.2.3 to 19.2.6

Release notes

Sourced from react's releases.

19.2.6 (May 6th, 2026)

React Server Components

19.2.5 (April 8th, 2026)

React Server Components

19.2.4 (January 26th, 2026)

React Server Components

Commits

Updates @types/react from 19.2.14 to 19.2.15

Commits

Updates react-dom from 19.2.3 to 19.2.6

Release notes

Sourced from react-dom's releases.

19.2.6 (May 6th, 2026)

React Server Components

19.2.5 (April 8th, 2026)

React Server Components

19.2.4 (January 26th, 2026)

React Server Components

Commits

Updates react-hook-form from 7.74.0 to 7.76.1

Release notes

Sourced from react-hook-form's releases.

Version 7.76.1

🐞 fix: pass options parameter through setValues to enable validation (#13457) 🐞 fix(setValues): emit whole-form change without stale name/type (#13450) 🚗 perf(setValues): thread skipClone through setFieldValue (#13448) 🚗 perf(setValues): skip redundant per-field deep clones (#13445) Revert "🐞 fix: treat NaN as empty when valueAsNumber is true in validateField (#13388)"

thanks to @​philibea & @​maxkostow

Version v7.76.0

🪭 close #13141 improve isDirty sync with dirtyFields state (#13370) 🐞 fix isValidating reactivity when validatingFields is not subscribed (#13440) 🛺 test: fix duplicate-word typos in test descriptions (#13439) 🐞 fix #13436: errors state when using form level validation (#13437) 🐞 fix #13429 append({ obj: null }) is silently replaced by defaultValues after remove() (#13435) 🐞 fix native validation tooltip suppression caused by duplicate submit-error focus (#13432) 🐞 fix: propagate setValues updates to mounted Controller fields (#13431) 🐞 fix: rreserve reset values for conditionally mounted Controller fields with shouldUnregister 🐞 fix: useFieldArray remove leaves array with empty object when using values prop (#13422) 🐞 fix #13260: notify all matching field-array roots on nested setValue updates (#13420) 🐞 fix #13104: preserve nested resolver field-array errors in trigger() (#13419) 🐞 fix #13413: preserve formState.defaultValues when useFieldArray + watch are used together 📝 docs: fix JSDoc for IsNever, register, and getFieldState (#13410) (#13411) 🐞 fix(Watch): restore TypeScript 4 compatibility (#13409)

Big thanks to @​dfedoryshchev for multiple fixes, and to @​EduardF1, @​in-ch and @​johnstrand.

Version 7.75.0

🦧 feat: improve get dirty fields prune empty fields (#13363)

+ dirtyFields: { test: [{ data: false }] }
- dirtyFields: {} // removed the empty node with false value

🎹 typescript 6.0 (#13330) 🌡️ chore: minor improvement on setValue & reset (#13366) 🐞 fix #13403: include setValues in FormProvider context value (#13404) 🐞 fix: recompute isDirty after re-registering a previously unregistered field (#13399) 🐞 fix: preserve watch updates on field array unmount fixes #13375 (#13385) 🐞 fix: prevent useWatch re-render when unrelated field validation is … (#13398)

thanks to @​dfedoryshchev, @​cyky & @​gkarabelos

Changelog

Sourced from react-hook-form's changelog.

[7.76.1] - 2026-05-23

Fixed

  • Revert notify all matching field-array roots on nested setValue updates
  • Revert treat NaN as empty when valueAsNumber is true in validateField
  • setValues pass options parameter through to enable validation
  • setValues emit whole-form change without stale name/type

Performance

  • setValues skip redundant per-field deep clones
  • setValues thread skipClone through setFieldValue

[7.76.0] - 2026-05-16

Added

  • Improve isDirty sync with dirtyFields state

Fixed

  • Preserve formState.defaultValues when useFieldArray and watch are used together
  • Preserve nested resolver field-array errors in trigger()
  • Notify all matching field-array roots on nested setValue updates
  • useFieldArray remove leaves array with empty object when using values prop
  • Preserve reset values for conditionally mounted Controller fields with shouldUnregister
  • Propagate setValues updates to mounted Controller fields
  • Native validation tooltip suppression caused by duplicate submit-error focus
  • append({ obj: null }) silently replaced by defaultValues after remove()
  • Errors state when using form-level validation
  • isValidating reactivity when validatingFields is not subscribed

[7.75.0] - 2026-05-02

Added

  • Improve getDirtyFields to prune empty fields
  • TypeScript 6.0 support

Fixed

  • Include setValues in FormProvider context value
  • Preserve watch updates on field array unmount
  • Prevent useWatch re-render when unrelated field validation occurs
  • Recompute isDirty after re-registering a previously unregistered field
Commits
  • 2b900d2 7.76.1
  • 079348e 🚮 chore: remove --frozen-lockfile
  • edf5c45 🧪 fix unit test
  • d79648c Revert "🐞 fix: treat NaN as empty when valueAsNumber is true in validateField...
  • 778881c 🐞 fix: pass options parameter through setValues to enable validation (#13457)
  • a2ac01f 🧪 test(useFieldArray): regression coverage for descendant setValue key thrash...
  • dfcebdb Revert "🐞 fix #13260: notify all matching field-array roots on nested setValu...
  • ca01f65 Revert "🐞 fix(useFieldArray): preserve managed field ids in array subscriber ...
  • 15d1762 🐞 fix(setValues): emit whole-form change without stale name/type (#13450)
  • 989cbff 🚗 perf(setValues): thread skipClone through setFieldValue (#13448)
  • Additional commits viewable in compare view

Updates react-i18next from 16.6.6 to 17.0.8

Changelog

Sourced from react-i18next's changelog.

17.0.8

  • fix(types): <Trans i18nKey={$ => ...}> now typechecks under enableSelector: 'strict'. The Trans component's conditional type was gated on _EnableSelector extends true | 'optimize', excluding 'strict' and falling back to the legacy string-key signature. Runtime was already correct (it calls keyFromSelector(i18nKey) whenever typeof i18nKey === 'function'); this is a type-only fix that widens the conditional to include 'strict'. Thanks @​Faithfinder (#1921)

17.0.7

  • feat: useTranslation([nsA, nsB, ...]) now passes its full namespace list to getFixedT via the new scopeNs opt (requires i18next ≥ v26.0.10). This makes selector calls with a secondary-namespace prefix resolve correctly under default nsMode: t($ => $.nsB.foo) previously missed silently because the bound ns was the primary string only and i18next's selector rewrite needed an array. Resolution semantics are unchanged — plain t('key') lookups still stay isolated to the primary namespace by default; use nsMode: 'fallback' to opt into multi-ns fallback resolution as before. Fixes i18next#2429 for useTranslation-based callers.

17.0.6

  • fix: restore the v17 nodesToString output format consumed by i18next-cli's extractor while still rendering 1919 correctly
    • 17.0.5 fixed 1919 by changing what nodesToString produced, which inadvertently changed the extracted translation strings for keep-tags wrapping non-keep React elements
    • The fix now lives in the renderer: indexed <N> placeholders nested inside a keep-tag are scoped to that tag's own original React children (matching kept tags by name and positional occurrence at each level), so the translation string format produced by nodesToString is unchanged

17.0.5

  • fix: <Trans /> no longer breaks child rendering when a kept HTML node (transKeepBasicHtmlNodesFor) wraps a non-keep React element 1919 — superseded by 17.0.6, which keeps the same runtime fix without changing the nodesToString output

17.0.4

  • fix: avoid React does not recognize the 'i18nIsDynamicList' prop on a DOM element warning 1915

17.0.3

  • fix: avoid invalid prop on React.Fragment inside <Trans /> 1914

17.0.2

  • fix(types): values prop on <Trans /> now only requires interpolation variables for the specific i18nKey, not all variables in the namespace 1913

17.0.1

  • chore: bump minimum i18next peer dependency to >= 26.0.1 (forgot to do it in last version)
  • fix: migrate test setup from removed legacy interpolation.format to i18n.services.formatter.add() (i18next v26)

17.0.0

Potentially breaking changes

  • fix: transKeepBasicHtmlNodesFor now correctly preserves HTML tag names when children contain interpolations or mixed content 230
    • Previously, <strong>{{name}}</strong> was incorrectly serialized as <1>{{name}}</1> — the tag name was only preserved for plain string children
    • This bug existed since the feature was introduced and affects auto-generated keys (when no explicit i18nKey is provided)
    • If you rely on auto-generated Trans keys containing indexed tags for kept HTML elements with interpolation children, you will need to update your translation files

Other changes

  • updated dev dependencies (vitest, rollup plugins, happy-dom, typescript, etc.)
Commits
  • a46ad23 17.0.8
  • f715031 update i18next dep
  • a515d5b changelog: 17.0.8 entry for #1921
  • d5ab7c8 fix(types): accept selector i18nKey on <Trans> under enableSelector: 'strict'...
  • b91ba36 Add Locize advice section near the top of README
  • 5e892a2 17.0.7
  • c8f4c6b feat: useTranslation([nsA,nsB]) routes selector secondary-ns prefix via getFi...
  • 084f9a6 Modernize locize.com URLs and refresh UTM tags
  • cb20d18 17.0.6

…ith 23 updates

Bumps the frontend-dependencies group with 23 updates in the /frontend directory:

| Package | From | To |
| --- | --- | --- |
| [@hookform/resolvers](https://github.com/react-hook-form/resolvers) | `5.2.2` | `5.4.0` |
| [i18next](https://github.com/i18next/i18next) | `25.10.10` | `26.2.0` |
| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.575.0` | `1.16.0` |
| [next](https://github.com/vercel/next.js) | `16.2.4` | `16.2.6` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.3` | `19.2.6` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.15` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.3` | `19.2.6` |
| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.74.0` | `7.76.1` |
| [react-i18next](https://github.com/i18next/react-i18next) | `16.6.6` | `17.0.8` |
| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.5.0` | `3.6.0` |
| [zod](https://github.com/colinhacks/zod) | `4.4.2` | `4.4.3` |
| [zustand](https://github.com/pmndrs/zustand) | `5.0.12` | `5.0.13` |
| [@playwright/test](https://github.com/microsoft/playwright) | `1.59.1` | `1.60.0` |
| [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.2.4` | `4.3.0` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `20.19.39` | `25.9.1` |
| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `3.2.4` | `4.1.7` |
| [@vitest/ui](https://github.com/vitest-dev/vitest/tree/HEAD/packages/ui) | `3.2.4` | `4.1.7` |
| [eslint](https://github.com/eslint/eslint) | `9.39.4` | `10.4.0` |
| [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.2.4` | `16.2.6` |
| [jsdom](https://github.com/jsdom/jsdom) | `23.2.0` | `29.1.1` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.3` |
| [vite-tsconfig-paths](https://github.com/aleclarson/vite-tsconfig-paths) | `5.1.4` | `6.1.1` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.2.4` | `4.1.7` |



Updates `@hookform/resolvers` from 5.2.2 to 5.4.0
- [Release notes](https://github.com/react-hook-form/resolvers/releases)
- [Commits](react-hook-form/resolvers@v5.2.2...v5.4.0)

Updates `i18next` from 25.10.10 to 26.2.0
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](i18next/i18next@v25.10.10...v26.2.0)

Updates `lucide-react` from 0.575.0 to 1.16.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/1.16.0/packages/lucide-react)

Updates `next` from 16.2.4 to 16.2.6
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v16.2.4...v16.2.6)

Updates `react` from 19.2.3 to 19.2.6
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react)

Updates `@types/react` from 19.2.14 to 19.2.15
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `react-dom` from 19.2.3 to 19.2.6
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react-dom)

Updates `react-hook-form` from 7.74.0 to 7.76.1
- [Release notes](https://github.com/react-hook-form/react-hook-form/releases)
- [Changelog](https://github.com/react-hook-form/react-hook-form/blob/master/CHANGELOG.md)
- [Commits](react-hook-form/react-hook-form@v7.74.0...v7.76.1)

Updates `react-i18next` from 16.6.6 to 17.0.8
- [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md)
- [Commits](i18next/react-i18next@v16.6.6...v17.0.8)

Updates `tailwind-merge` from 3.5.0 to 3.6.0
- [Release notes](https://github.com/dcastil/tailwind-merge/releases)
- [Commits](dcastil/tailwind-merge@v3.5.0...v3.6.0)

Updates `zod` from 4.4.2 to 4.4.3
- [Release notes](https://github.com/colinhacks/zod/releases)
- [Commits](colinhacks/zod@v4.4.2...v4.4.3)

Updates `zustand` from 5.0.12 to 5.0.13
- [Release notes](https://github.com/pmndrs/zustand/releases)
- [Commits](pmndrs/zustand@v5.0.12...v5.0.13)

Updates `@playwright/test` from 1.59.1 to 1.60.0
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](microsoft/playwright@v1.59.1...v1.60.0)

Updates `@tailwindcss/postcss` from 4.2.4 to 4.3.0
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.0/packages/@tailwindcss-postcss)

Updates `@types/node` from 20.19.39 to 25.9.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@types/react` from 19.2.14 to 19.2.15
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `@vitest/coverage-v8` from 3.2.4 to 4.1.7
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.7/packages/coverage-v8)

Updates `@vitest/ui` from 3.2.4 to 4.1.7
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.7/packages/ui)

Updates `eslint` from 9.39.4 to 10.4.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v9.39.4...v10.4.0)

Updates `eslint-config-next` from 16.2.4 to 16.2.6
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/commits/v16.2.6/packages/eslint-config-next)

Updates `jsdom` from 23.2.0 to 29.1.1
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Commits](jsdom/jsdom@v23.2.0...v29.1.1)

Updates `typescript` from 5.9.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v5.9.3...v6.0.3)

Updates `vite-tsconfig-paths` from 5.1.4 to 6.1.1
- [Release notes](https://github.com/aleclarson/vite-tsconfig-paths/releases)
- [Commits](aleclarson/vite-tsconfig-paths@v5.1.4...v6.1.1)

Updates `vitest` from 3.2.4 to 4.1.7
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.7/packages/vitest)

---
updated-dependencies:
- dependency-name: "@hookform/resolvers"
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-dependencies
- dependency-name: i18next
  dependency-version: 26.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: frontend-dependencies
- dependency-name: lucide-react
  dependency-version: 1.16.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: frontend-dependencies
- dependency-name: next
  dependency-version: 16.2.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-dependencies
- dependency-name: react
  dependency-version: 19.2.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-dependencies
- dependency-name: "@types/react"
  dependency-version: 19.2.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend-dependencies
- dependency-name: react-dom
  dependency-version: 19.2.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-dependencies
- dependency-name: react-hook-form
  dependency-version: 7.76.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-dependencies
- dependency-name: react-i18next
  dependency-version: 17.0.8
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: frontend-dependencies
- dependency-name: tailwind-merge
  dependency-version: 3.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-dependencies
- dependency-name: zod
  dependency-version: 4.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-dependencies
- dependency-name: zustand
  dependency-version: 5.0.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend-dependencies
- dependency-name: "@playwright/test"
  dependency-version: 1.60.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: frontend-dependencies
- dependency-name: "@tailwindcss/postcss"
  dependency-version: 4.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: frontend-dependencies
- dependency-name: "@types/node"
  dependency-version: 25.9.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: frontend-dependencies
- dependency-name: "@types/react"
  dependency-version: 19.2.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend-dependencies
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.1.7
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: frontend-dependencies
- dependency-name: "@vitest/ui"
  dependency-version: 4.1.7
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: frontend-dependencies
- dependency-name: eslint
  dependency-version: 10.4.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: frontend-dependencies
- dependency-name: eslint-config-next
  dependency-version: 16.2.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend-dependencies
- dependency-name: jsdom
  dependency-version: 29.1.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: frontend-dependencies
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: frontend-dependencies
- dependency-name: vite-tsconfig-paths
  dependency-version: 6.1.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: frontend-dependencies
- dependency-name: vitest
  dependency-version: 4.1.7
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: frontend-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github May 25, 2026

Copy link
Copy Markdown
Contributor Author

Assignees

The following users could not be added as assignees: your-username. Either the username does not exist or it does not have the correct permissions to be added as an assignee.

Labels

The following labels could not be found: dependencies, javascript. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@vercel

vercel Bot commented May 25, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
chain-logistics Ready Ready Preview, Comment May 25, 2026 2:09pm

@dependabot @github

dependabot Bot commented on behalf of github Jun 2, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 2, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/frontend/frontend-dependencies-02562e696f branch June 2, 2026 03:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants