chore(deps): bump the dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the dependencies group with 3 updates in the / directory: hono, shadcn and @eslint-react/eslint-plugin.

Updates hono from 4.12.21 to 4.12.22

Release notes

Sourced from hono's releases.

v4.12.22

What's Changed

• chore: update vitest to v4 and cleanups by @​BlankParticle in honojs/hono#4952
• fix(mime): specify charset parameter per MIME type instead of mechanical detection by @​renatograsso10 in honojs/hono#4912
• fix(compress): respect Accept-Encoding when encoding option is set by @​LeSingh1 in honojs/hono#4951
• fix(deno): echo negotiated WebSocket subprotocol in upgrade response by @​ATOM00blue in honojs/hono#4955
• feat: add msgpack as a compressible content type by @​na-trium-144 in honojs/hono#4957

New Contributors

• @​renatograsso10 made their first contribution in honojs/hono#4912
• @​LeSingh1 made their first contribution in honojs/hono#4951
• @​ATOM00blue made their first contribution in honojs/hono#4955
• @​na-trium-144 made their first contribution in honojs/hono#4957

Full Changelog: honojs/hono@v4.12.21...v4.12.22

Commits

• 2f01b77 4.12.22
• 6bc0dff feat: add msgpack as a compressible content type (#4957)
• 7e0555d fix(deno): echo negotiated WebSocket subprotocol in upgrade response (#4955)
• f0ed246 fix(compress): respect Accept-Encoding when encoding option is set (#4951)
• a192df0 fix(mime): specify charset parameter per MIME type instead of mechanical dete...
• cf6ef70 chore: update vitest to v4 and cleanups (#4952)
• See full diff in compare view

Updates shadcn from 4.7.0 to 4.8.0

Release notes

Sourced from shadcn's releases.

shadcn@4.8.0

Minor Changes

• #10715 51e3cfaf32faeff2589e5c74d81ffd109f509e93 Thanks @​shadcn! - add shadcn registry validate command

• #10708 c8ab3801ecf97c0350ac0234a25e61f19ccaba62 Thanks @​shadcn! - add include to registry.json

Patch Changes

• #10567 1c4a53a37adeba36dbd5c07980c5bb6d295cea9e Thanks @​shadcn! - fix failing version derivation test

Changelog

Sourced from shadcn's changelog.

4.8.0

Minor Changes

• #10715 51e3cfaf32faeff2589e5c74d81ffd109f509e93 Thanks @​shadcn! - add shadcn registry validate command

• #10708 c8ab3801ecf97c0350ac0234a25e61f19ccaba62 Thanks @​shadcn! - add include to registry.json

Patch Changes

• #10567 1c4a53a37adeba36dbd5c07980c5bb6d295cea9e Thanks @​shadcn! - fix failing version derivation test

Commits

• 072c27f chore(release): version packages (#10568)
• 51e3cfa feat(registry): add validate command (#10715)
• c8ab380 feat: add include to registry.json (#10708)
• 1c4a53a test(shadcn): derive previous minor assertion (#10567)
• See full diff in compare view

Updates @eslint-react/eslint-plugin from 5.8.3 to 5.8.4

Release notes

Sourced from @​eslint-react/eslint-plugin's releases.

v5.8.4 (2026-05-22)

What's Changed

📝 Documentation

• Website: Restructured the FAQ page from an accordion layout to standard headings for better SEO, accessibility, and direct anchor linking.
• Website: Replaced the homepage Hint popover with a direct link to the FAQ anchor explaining the project's human/LLM collaboration policy.
• Added a new "What does 90% human-written mean?" section to the FAQ.
• Updated documentation for isClassComponent and JsxConfig.
• Removed outdated documentation files.

🏗️ Internal

• core: Simplified isClassComponent by removing the context parameter and replacing isClassComponentLoose with the simplified function.
• eslint-plugin-react-x: Removed unnecessary optional chaining across multiple rules (immutability, no-unused-state, purity, refs, set-state-in-effect, static-components, use-memo, etc.) and expanded test coverage for edge cases (#1792).
• Added automated GitHub Release workflow and fixed actions/setup-node cache parameter error.
• Added null-safety boundary tests for rules affected by PR #1792 (#1794).
• Bumped dependencies across workspace packages: @takumi-rs/image-response to 1.2.1, fumadocs-mdx to 15.0.6, import-integrity-lint to 1.1.1, preact to 10.29.2, tsx to 4.22.1, @typescript-eslint to ^8.59.4, @types/node to ^25.9.0, dompurify to ^3.4.5, pnpm to 11.1.3, textlint to 15.7.1, and dprint TypeScript plugin to 0.96.1.
• Cleaned up stray empty string in tsl.config.ts.
• Cleaned up type and lint errors across the workspace (#1793).
• Downgraded TypeScript override in pnpm-workspace.yaml from ^6.0.3 to 5.9.3.
• Fixed zizmor security audit findings in release workflow and moved ignore comments inline, removing .github/zizmor.yml.
• Removed scripts/verify-lockfile.ts, scripts/verify-devtools.ts, and all references to them.
• Reordered handler functions in react-jsx/no-children-prop (no logic change).
• Updated baseline metrics and compacted tsconfig.

Full Changelog: Rel1cx/eslint-react@v5.8.3...v5.8.4

Attestation

https://github.com/Rel1cx/eslint-react/attestations/28384702

v5.8.4-beta.5 (2026-05-22)

What's Changed

🏗️ Internal

• Bumped @typescript-eslint packages from ^8.59.3 to ^8.59.4.
• Bumped @types/node from ^25.8.0 to ^25.9.0.
• Bumped dompurify from ^3.4.3 to ^3.4.5.
• Bumped pnpm from 11.1.2 to 11.1.3.
• Removed scripts/verify-lockfile.ts and all references to it.

Full Changelog: Rel1cx/eslint-react@v5.8.4-beta.4...v5.8.4-beta.5

Attestation

... (truncated)

Changelog

Sourced from @​eslint-react/eslint-plugin's changelog.

v5.8.4 (2026-05-22)

📝 Documentation

• Website: Restructured the FAQ page from an accordion layout to standard headings for better SEO, accessibility, and direct anchor linking.
• Website: Replaced the homepage Hint popover with a direct link to the FAQ anchor explaining the project's human/LLM collaboration policy.
• Added a new "What does 90% human-written mean?" section to the FAQ.
• Updated documentation for isClassComponent and JsxConfig.
• Removed outdated documentation files.

🏗️ Internal

• core: Simplified isClassComponent by removing the context parameter and replacing isClassComponentLoose with the simplified function.
• eslint-plugin-react-x: Removed unnecessary optional chaining across multiple rules (immutability, no-unused-state, purity, refs, set-state-in-effect, static-components, use-memo, etc.) and expanded test coverage for edge cases (#1792).
• Added automated GitHub Release workflow and fixed actions/setup-node cache parameter error.
• Added null-safety boundary tests for rules affected by PR #1792 (#1794).
• Bumped dependencies across workspace packages: @takumi-rs/image-response to 1.2.1, fumadocs-mdx to 15.0.6, import-integrity-lint to 1.1.1, preact to 10.29.2, tsx to 4.22.1, @typescript-eslint to ^8.59.4, @types/node to ^25.9.0, dompurify to ^3.4.5, pnpm to 11.1.3, textlint to 15.7.1, and dprint TypeScript plugin to 0.96.1.
• Cleaned up stray empty string in tsl.config.ts.
• Cleaned up type and lint errors across the workspace (#1793).
• Downgraded TypeScript override in pnpm-workspace.yaml from ^6.0.3 to 5.9.3.
• Fixed zizmor security audit findings in release workflow and moved ignore comments inline, removing .github/zizmor.yml.
• Removed scripts/verify-lockfile.ts, scripts/verify-devtools.ts, and all references to them.
• Reordered handler functions in react-jsx/no-children-prop (no logic change).
• Updated baseline metrics and compacted tsconfig.

Full Changelog: Rel1cx/eslint-react@v5.8.3...v5.8.4

Commits

• 39f2a0f release: 5.8.4
• f7fa04e release: 5.8.4-beta.5
• dbbd329 release: 5.8.4-beta.4
• e3d9585 release: 5.8.4-beta.3
• 1bae3a5 Link 90% human-written claim to FAQ
• 4b70b17 release: 5.8.4-beta.2
• 1d1fa4b release: 5.8.4-next.2
• ad39513 release: 5.8.4-beta.1
• b60987f release: 5.8.4-next.1
• 203f9c2 refactor: cleanup type and lint errors (#1793)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.