WIP: Solid query main merge#10953

Open

brenelz wants to merge 417 commits into

TanStack:solid-query-v6-prefrom

brenelz:solid-query-main-merge

brenelz commented Jun 15, 2026

Contributor

🎯 Changes

✅ Checklist

I have followed the steps in the Contributing guide.
I have tested this code locally with pnpm run test:pr.

🚀 Release Impact

This change affects published code, and I have generated a changeset.
This change is docs/CI/dev-only (no release).

AlexRixten and others added 30 commits

April 23, 2026 20:08


          docs(eslint/no-unstable-deps): correct 'react' package name casing in…

61b9763

… examples (TanStack#10553)

fix(docs): correct import casing in no-unstable-deps examples


          feat(core): callback for retryOnMount (TanStack#10515)

6540a41

* feat(core): callback for retryOnMount

* ci: apply automated fixes

* fix: vue

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>


          ci: Version Packages (TanStack#10567)

ad517e5

ci: changeset release

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>


          fix(query-core): fix hydration bugs for already resolved promises (Ta…

1bb0d23

…nStack#10444)


          ci: Version Packages (TanStack#10568)

2f9527e

ci: changeset release

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>


          test(query-core/utils): add tests for 'ensureQueryFn' with 'initialPr…

41a7ab0

…omise' and 'skipToken' (TanStack#10527)

* test(query-core/utils): add tests for 'ensureQueryFn' initialPromise fallback and skipToken handling

* test(query-core/utils): use typed QueryFunctionContext in ensureQueryFn tests

Replace the `(resolved as unknown as () => Promise<...>)()` double-cast
with `resolved(context)` using a shared `QueryFunctionContext` fixture.
Per review suggestions on TanStack#10527.

---------

Co-authored-by: Wonsuk Choi <sukvvon@gmail.com>


          test(angular-query-experimental/injectQuery): switch 'success' and 'r…

5ccd597

…eject' tests to '@component' + 'render' pattern (TanStack#10572)

* test(angular-query-experimental/injectQuery): switch 'success' and 'reject' tests to '@component' + 'render' pattern

* ci: apply automated fixes

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>


          Fix/infinite query hydration 8825 (TanStack#10074)

d6a7bf3

* fix: preserve infinite query behavior during SSR hydration (TanStack#8825)

* chore: add changeset for TanStack#8825

* refactor: apply review feedback
- Remove isRejectedThenable check
- Inline behavior assignment

* refactor: remove unnecessary `any` type assertions

* refactor: store query type in Query instead of injecting behavior
- Add a type field to Query, set from the _type marker
- In Query.fetch(), apply infiniteQueryBehavior automatically when type === 'infiniteQuery'
- Remove direct behavior injection from infiniteQueryObserver, fetchInfiniteQuery, ensureInfiniteQueryData, and hydrate()
- In hydrate(), pass the _type marker instead of behavior to fix a regression where user-provided hydrate defaultOptions.queries.behavior could be overwritten
- Add regression tests for the SSR -> dehydrate -> hydrate -> refetch flow

* ci: apply automated fixes

* ref: use optional type: 'infinite' everywhere

* fix: don't send full queries into queryClient methods

* fix: let's stick with queryType as the public name

* fix: test -> it

---------

Co-authored-by: kimchosule <kimchosule1@bizbee.co.kr>
Co-authored-by: Dominik Dorfmeister 🔮 <office@dorfmeister.cc>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>


          ref(core): remove leftover setStateOptions (TanStack#10574)

645d5d1


          fix(query-core): stop wrapping persister generics in NoInfer (TanStac…

ea4497e

…k#10510)

* fix(query-core): stop wrapping persister generics in NoInfer

The `persister` field on QueryOptions was typed as
`QueryPersister<NoInfer<TQueryFnData>, NoInfer<TQueryKey>, NoInfer<TPageParam>>`
so persister could not contribute to TQueryFnData inference. When the
companion queryFn declared a parameter (e.g. `(_context) => 'test'`),
TypeScript failed to infer TQueryFnData from its return and defaulted
to `unknown`, causing a spurious overload mismatch against a
concretely-typed persister (fixes TanStack#7842).

Removing the NoInfer wrappers lets persister participate in inference.
Genuine type conflicts between persister and queryFn still surface as
errors (covered by a new negative type test in queryOptions.test-d.tsx).

Co-Authored-By: Claude <noreply@anthropic.com>

* test(react-query): wrap negative type tests in assertType

Addresses CodeRabbit nitpick: vitest/expect-expect flagged the
genuine-conflict test as having no assertions. Wrap both calls in
assertType() so the linter sees an explicit assertion while the
`@ts-expect-error` directives continue to enforce the type mismatch.

Co-Authored-By: Claude <noreply@anthropic.com>

---------

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Dominik Dorfmeister 🔮 <office@dorfmeister.cc>


          ci: Version Packages (TanStack#10575)

93b2845

ci: changeset release

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>


          Feature/use suspense queries combine (TanStack#10576)

f85d825

* useSuspenseQueries combine

* useSuspenseQueries combine

* ci: apply automated fixes

* fix: stale data

* ci: apply automated fixes (attempt 3/3)

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>


          ci: Version Packages (TanStack#10579)

fe287cc

ci: changeset release

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>


          fix(devtools): change onClose callback type from () => unknown to () … (

3d1a62e

TanStack#10118)

* fix(devtools): change onClose callback type from () => unknown to () => void

* Fix onClose callback type in devtools

Updated onClose callback type in devtools to improve type safety.

* chore(changeset): fixed truncated changeset description

---------

Co-authored-by: Dominik Dorfmeister <office@dorfmeister.cc>


          ci: Version Packages (TanStack#10581)

55afb3e

ci: changeset release

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>


          fix(query-core): propagate AbortSignal reason in infiniteQueryBehavio…

672c319

…r fetchPage cancellation (TanStack#10476)

* fix: propagate AbortSignal reason when cancelling infinite query fetchPage (Closes TanStack#10475)

Signed-off-by: Cocoon-Break <54054995+kuishou68@users.noreply.github.com>

* add a test

---------

Signed-off-by: Cocoon-Break <54054995+kuishou68@users.noreply.github.com>
Co-authored-by: Dominik Dorfmeister 🔮 <office@dorfmeister.cc>


          fix: add missing changeset

a53ef97


          ci: Version Packages (TanStack#10582)

441204b

ci: changeset release

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>


          test(angular-query-experimental/injectInfiniteQuery): add test for er…

20fc6c2

…ror state when 'queryFn' rejects (TanStack#10585)


          test(angular-query-experimental/injectQuery): add test for 'select' o…

4f37369

…ption transforming 'queryFn' data (TanStack#10586)


          test(angular-query-experimental/injectQuery): add test for 'placehold…

76161b7

…erData' lifecycle (TanStack#10587)


          test(angular-query-experimental/injectQuery): remove duplicate error …

d78883b

…test already covered by 'should reject and update signal' (TanStack#10588)


          test(angular-query-experimental/injectMutation): switch 'error' test …

e69e5d2

…to '@component' + 'render' pattern (TanStack#10589)


          test(angular-query-experimental/injectMutation): switch 'pending' tes…

72a15ae

…t to '@component' + 'render' pattern (TanStack#10590)


          test(angular-query-experimental/injectMutation): add test for 'mutate…

51ef23f

…Async' resolving with 'mutationFn' return value (TanStack#10591)


          test(angular-query-experimental/injectIsFetching): add filter test by…

7a5b53c

… 'queryKey' (TanStack#10594)


          test(angular-query-experimental/injectIsMutating): add filter test by…

c9755be

… 'mutationKey' (TanStack#10595)


          test(angular-query-experimental/injectIsRestoring): add test for reac…

3547f86

…tively reflecting changes to the provided signal (TanStack#10596)


          test(angular-query-experimental/injectQueries): add test for error st…

dd901ae

…ate when one of the queries rejects (TanStack#10597)


          test(angular-query-experimental/injectIsRestoring): add test for reso…

f88a608

…lving 'provideIsRestoring' value with 'injector' option (TanStack#10599)

sukvvon and others added 20 commits

June 11, 2026 10:56


          test(solid-query/useMutationState): centralize 'queryClient' setup wi…

b5ad715

…th 'beforeEach' (TanStack#10918)


          test(solid-query/useIsMutating): centralize 'queryClient' setup with …

b552179

…'beforeEach' and rename injected/spied clients (TanStack#10919)


          test(*): move 'vi.useRealTimers' to the end of 'afterEach' so cleanup…

feb1efd

… runs under fake timers (TanStack#10920)

* test(*): move 'vi.useRealTimers' to the end of 'afterEach' so cleanup runs under fake timers

* test(*): move 'vi.useRealTimers' to the end of 'afterEach' in persist-client and devtools suites

* test(svelte-query/createQueries): move 'vi.useRealTimers' to the end of 'afterEach'


          test(vue-query): replace deprecated 'toBeCalledWith' and 'toBeCalled'…

43a4ea0

… with 'toHaveBeenCalledWith' and 'toHaveBeenCalled' (TanStack#10935)


          test(react-query): replace deprecated 'toBeCalledTimes' with 'toHaveB…

87426a3

…eenCalledTimes' (TanStack#10937)


          test(solid-query): replace deprecated 'toBeCalledTimes' with 'toHaveB…

c8ebcd7

…eenCalledTimes' (TanStack#10938)


          test(preact-query): replace deprecated 'toBeCalledTimes' with 'toHave…

b266bdc

…BeenCalledTimes' (TanStack#10939)


          test(query-async-storage-persister): replace deprecated 'toBeCalledTi…

ee89b90

…mes' with 'toHaveBeenCalledTimes' (TanStack#10940)


          test(angular-query-experimental): replace deprecated 'toBeCalledWith'…

e5161df

… with 'toHaveBeenCalledWith' (TanStack#10941)


          test(lit-query): replace deprecated 'toThrowError' with 'toThrow' (Ta…

2555dd0

…nStack#10942)


          docs(react-query): recommend against using server actions in queryFn (T…

47e539a

…anStack#10927)


          chore(knip): update '$schema' to 'knip@6' to match the installed majo…

ecc321f

…r version (TanStack#10945)


          fix(scripts): sort 'readFile' before 'readdir' in 'generate-docs' to …

63d425b

…satisfy 'sort-imports' (TanStack#10946)


          test({react,preact}-query/useMutation): split 'should pass meta to mu…

8bb5fde

…tation' into separate success and error tests (TanStack#10947)


          test({react,preact}-query/useMutation): split 'should handle conditio…

…nal logic based on mutate success or failure' into separate success and error tests (TanStack#10948)


          test(solid-query/useMutation): split 'should pass meta to mutation' i…

…nto separate success and error tests (TanStack#10949)


          test(solid-query): add 'renderWithClient' helper and replace inline '…

0e2bfe7

…QueryClientProvider' wrapping in tests (TanStack#10950)


          test(solid-query/useQueries): add test for not fetching during the re…

588b30f

…storing period when 'isRestoring' is true (TanStack#10951)


          test(solid-query/useQueries): add test for using a provided custom 'q…

86b949b

…ueryClient' (TanStack#10952)


          Merge branch 'main' into solid-query-main-merge

5327a73

coderabbitai Bot commented Jun 15, 2026 •

edited

Loading

Contributor

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 29ce31ae-7fd1-4b8e-a0ec-91ee1e4a64be

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

nx-cloud Bot commented Jun 15, 2026 •

edited

Loading

View your CI Pipeline Execution ↗ for commit f87aa3c

Command	Status	Duration	Result
`nx affected --targets=test:sherif,test:knip,tes...`	✅ Succeeded	3m 59s	View ↗
`nx run-many --target=build --exclude=examples/*...`	✅ Succeeded	2s	View ↗

☁️ Nx Cloud last updated this comment at 2026-06-16 02:30:22 UTC


          ci: apply automated fixes

bf91a3f

socket-security Bot commented Jun 15, 2026 •

edited

Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	next@15.5.14
	next@16.2.2
	@size-limit/preset-small-lib@12.0.1
	@angular/common@20.3.18
	@changesets/changelog-github@0.7.0
	typescript-eslint@8.58.1
	@angular/platform-browser@20.3.18
	@typescript-eslint/rule-tester@8.58.1
	@lit-labs/ssr-client@1.1.8
	@angular/animations@20.3.18
	@angular/cli@20.3.22
	@angular/compiler-cli@20.3.18
	@babel/preset-env@7.29.2
	@angular/forms@20.3.18
	@tsconfig/svelte@5.0.8
	@angular/router@20.3.18
	@angular/build@20.3.22
	@types/react@19.2.14
	vitest@4.1.2
	@astrojs/check@0.9.8
	react-native-gesture-handler@2.30.1
	size-limit@12.0.1
	tsx@4.21.0
	publint@0.3.18
	@astrojs/node@9.5.5
	webpack@5.105.4
	tailwindcss@4.2.2
	@solid-primitives/resize-observer@2.1.5
	globals@17.5.0
	@lit/context@1.1.6
	@solidjs/start@1.3.2
	@preact/preset-vite@2.10.5
	svelte@5.55.1
See 22 more rows in the dashboard

View full report

socket-security Bot commented Jun 15, 2026 •

edited

Loading

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		High CVE: npm `@angular/common`: Denial of Service (DoS) via OOM in Number Formatting (digitsInfo) CVE: GHSA-p3vc-36g9-x9gr @angular/common: Denial of Service (DoS) via OOM in Number Formatting (digitsInfo) (HIGH) Affected versions: >= 22.0.0-next.0 < 22.0.0-rc.2; >= 20.0.0-next.0 < 20.3.22; >= 19.0.0-next.0 < 19.2.23; <= 18.2.14; >= 21.0.0-next.0 < 21.2.15 Patched version: 20.3.22 From: examples/angular/auto-refetching/package.json → `npm/@angular/common@20.3.18` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/@angular/common@20.3.18`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: npm `@angular/common`: Information Leak via Default Caching of Credentialed Requests in HttpTransferCache CVE: GHSA-q6f4-qqrg-jv6x @angular/common: Information Leak via Default Caching of Credentialed Requests in HttpTransferCache (HIGH) Affected versions: >= 22.0.0-next.0 < 22.0.0-rc.2; >= 20.0.0-next.0 < 20.3.22; >= 19.0.0-next.0 < 19.2.23; <= 18.2.14; >= 21.0.0-next.0 < 21.2.15 Patched version: 20.3.22 From: examples/angular/auto-refetching/package.json → `npm/@angular/common@20.3.18` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/@angular/common@20.3.18`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: npm `@angular/common`: Denial of Service (DoS) via OOM in Date Formatting (formatDate) CVE: GHSA-48r7-hpm6-gfxm @angular/common: Denial of Service (DoS) via OOM in Date Formatting (formatDate) (HIGH) Affected versions: >= 22.0.0-next.0 < 22.0.1; >= 21.0.0-next.0 < 21.2.17; >= 20.0.0-next.0 < 20.3.25; <= 19.2.25 Patched version: 20.3.25 From: examples/angular/auto-refetching/package.json → `npm/@angular/common@20.3.18` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/@angular/common@20.3.18`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: npm `@angular/common`: Weak 32-Bit Cache Key Hashing in `HttpTransferCache` Leading to Cross-Request Data Leakage and State Poisoning CVE: GHSA-39pv-4j6c-2g6v @angular/common: Weak 32-Bit Cache Key Hashing in `HttpTransferCache` Leading to Cross-Request Data Leakage and State Poisoning (HIGH) Affected versions: >= 22.0.0-next.0 < 22.0.1; >= 21.0.0-next.0 < 21.2.17; >= 20.0.0-next.0 < 20.3.25; <= 19.2.25 Patched version: 20.3.25 From: examples/angular/auto-refetching/package.json → `npm/@angular/common@20.3.18` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/@angular/common@20.3.18`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `@internationalized/date` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pnpm-lock.yaml → `npm/@kobalte/core@0.13.11` → `npm/@internationalized/date@3.12.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/@internationalized/date@3.12.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `@mswjs/interceptors` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pnpm-lock.yaml → `npm/msw@2.12.14` → `npm/vitest@4.1.2` → `npm/@mswjs/interceptors@0.41.3` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/@mswjs/interceptors@0.41.3`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `@mswjs/interceptors` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pnpm-lock.yaml → `npm/msw@2.12.14` → `npm/vitest@4.1.2` → `npm/@mswjs/interceptors@0.41.3` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/@mswjs/interceptors@0.41.3`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `@typescript-eslint/eslint-plugin` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pnpm-lock.yaml → `npm/@vitest/eslint-plugin@1.6.14` → `npm/typescript-eslint@8.58.1` → `npm/@typescript-eslint/eslint-plugin@8.58.1` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/@typescript-eslint/eslint-plugin@8.58.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `astro` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: examples/solid/astro/package.json → `npm/astro@5.18.1` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/astro@5.18.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: Axios: Proxy-Authorization Credential Leak to Origin Server Across HTTP-to-HTTPS Redirect in Axios Node.js HTTP Adapter CVE: GHSA-p92q-9vqr-4j8v Axios: Proxy-Authorization Credential Leak to Origin Server Across HTTP-to-HTTPS Redirect in Axios Node.js HTTP Adapter (HIGH) Affected versions: >= 1.0.0 < 1.16.0; < 0.32.0 Patched version: 1.16.0 From: pnpm-lock.yaml → `npm/nx@22.1.3` → `npm/axios@1.14.0` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/axios@1.14.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: Allocation of Resources Without Limits or Throttling in Axios CVE: GHSA-777c-7fjr-54vf Allocation of Resources Without Limits or Throttling in Axios (HIGH) Affected versions: >= 1.7.0 < 1.16.0 Patched version: 1.16.0 From: pnpm-lock.yaml → `npm/nx@22.1.3` → `npm/axios@1.14.0` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/axios@1.14.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: Axios: Proxy-Authorization header leaks to redirect target when proxy is re-evaluated to direct connection CVE: GHSA-j5f8-grm9-p9fc Axios: Proxy-Authorization header leaks to redirect target when proxy is re-evaluated to direct connection (HIGH) Affected versions: >= 1.0.0 < 1.16.0; < 0.32.0 Patched version: 1.16.0 From: pnpm-lock.yaml → `npm/nx@22.1.3` → `npm/axios@1.14.0` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/axios@1.14.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection CVE: GHSA-hfxv-24rg-xrqf Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection (HIGH) Affected versions: >= 1.0.0 < 1.16.0; < 0.32.0 Patched version: 1.16.0 From: pnpm-lock.yaml → `npm/nx@22.1.3` → `npm/axios@1.14.0` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/axios@1.14.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: npm `axios`'s shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718) CVE: GHSA-pjwm-pj3p-43mv axios's shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718) (HIGH) Affected versions: >= 1.0.0 < 1.16.0; < 0.32.0 Patched version: 1.16.0 From: pnpm-lock.yaml → `npm/nx@22.1.3` → `npm/axios@1.14.0` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/axios@1.14.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: npm `axios` Vulnerable to Full Man-in-the-Middle via Prototype Pollution Gadget in `config.proxy` CVE: GHSA-35jp-ww65-95wh axios Vulnerable to Full Man-in-the-Middle via Prototype Pollution Gadget in `config.proxy` (HIGH) Affected versions: >= 1.0.0 < 1.16.0 Patched version: 1.16.0 From: pnpm-lock.yaml → `npm/nx@22.1.3` → `npm/axios@1.14.0` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/axios@1.14.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: npm `axios` Vulnerable to Credential Theft and Response Hijacking via Prototype Pollution Gadget in Config Merge CVE: GHSA-3g43-6gmg-66jw axios Vulnerable to Credential Theft and Response Hijacking via Prototype Pollution Gadget in Config Merge (HIGH) Affected versions: >= 1.0.0 < 1.15.2; >= 0.19.0 < 0.31.1 Patched version: 1.15.2 From: pnpm-lock.yaml → `npm/nx@22.1.3` → `npm/axios@1.14.0` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/axios@1.14.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: Axios: Header Injection via Prototype Pollution CVE: GHSA-6chq-wfr3-2hj9 Axios: Header Injection via Prototype Pollution (HIGH) Affected versions: >= 1.0.0 < 1.15.1; < 0.31.1 Patched version: 1.15.1 From: pnpm-lock.yaml → `npm/nx@22.1.3` → `npm/axios@1.14.0` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/axios@1.14.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: Axios: Prototype Pollution Gadgets - Response Tampering, Data Exfiltration, and Request Hijacking CVE: GHSA-pf86-5x62-jrwf Axios: Prototype Pollution Gadgets - Response Tampering, Data Exfiltration, and Request Hijacking (HIGH) Affected versions: >= 1.0.0 < 1.15.1; < 0.31.1 Patched version: 1.15.1 From: pnpm-lock.yaml → `npm/nx@22.1.3` → `npm/axios@1.14.0` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/axios@1.14.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: Axios: Incomplete Fix for CVE-2025-62718 — NO_PROXY Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8) in Axios 1.15.0 CVE: GHSA-pmwg-cvhr-8vh7 Axios: Incomplete Fix for CVE-2025-62718 — NO_PROXY Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8) in Axios 1.15.0 (HIGH) Affected versions: >= 1.0.0 < 1.15.1; < 0.31.1 Patched version: 1.15.1 From: pnpm-lock.yaml → `npm/nx@22.1.3` → `npm/axios@1.14.0` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/axios@1.14.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: Axios has prototype pollution read-side gadgets in HTTP adapter that allow credential injection and request hijacking CVE: GHSA-q8qp-cvcw-x6jj Axios has prototype pollution read-side gadgets in HTTP adapter that allow credential injection and request hijacking (HIGH) Affected versions: >= 1.0.0 < 1.15.2 Patched version: 1.15.2 From: pnpm-lock.yaml → `npm/nx@22.1.3` → `npm/axios@1.14.0` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/axios@1.14.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `brace-expansion` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pnpm-lock.yaml → `npm/vinxi@0.5.11` → `npm/eslint-plugin-vue@10.8.0` → `npm/@eslint-react/eslint-plugin@2.13.0` → `npm/@angular/cli@20.3.22` → `npm/@vitest/eslint-plugin@1.6.14` → `npm/@typescript-eslint/utils@8.58.1` → `npm/@typescript-eslint/parser@8.58.1` → `npm/@typescript-eslint/rule-tester@8.58.1` → `npm/typescript-eslint@8.58.1` → `npm/@tanstack/eslint-config@0.3.2` → `npm/brace-expansion@5.0.5` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/brace-expansion@5.0.5`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `caniuse-lite` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pnpm-lock.yaml → `npm/next@14.2.35` → `npm/react-native-reanimated@3.19.5` → `npm/expo@52.0.49` → `npm/@babel/core@7.29.0` → `npm/webpack@5.105.4` → `npm/@angular/compiler-cli@20.3.18` → `npm/@babel/preset-env@7.29.2` → `npm/next@15.5.14` → `npm/@angular/build@20.3.22` → `npm/next@16.2.2` → `npm/@astrojs/tailwind@6.0.2` → `npm/react-native@0.76.9` → `npm/eslint-config-preact@2.0.0` → `npm/caniuse-lite@1.0.30001782` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/caniuse-lite@1.0.30001782`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `caniuse-lite` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pnpm-lock.yaml → `npm/next@14.2.35` → `npm/react-native-reanimated@3.19.5` → `npm/expo@52.0.49` → `npm/@babel/core@7.29.0` → `npm/webpack@5.105.4` → `npm/@angular/compiler-cli@20.3.18` → `npm/@babel/preset-env@7.29.2` → `npm/next@15.5.14` → `npm/@angular/build@20.3.22` → `npm/next@16.2.2` → `npm/@astrojs/tailwind@6.0.2` → `npm/react-native@0.76.9` → `npm/eslint-config-preact@2.0.0` → `npm/caniuse-lite@1.0.30001782` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/caniuse-lite@1.0.30001782`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: Svelte npm `devalue`: DoS via sparse array deserialization CVE: GHSA-77vg-94rm-hx3p Svelte devalue: DoS via sparse array deserialization (HIGH) Affected versions: >= 5.6.3 < 5.8.1 Patched version: 5.8.1 From: pnpm-lock.yaml → `npm/astro@5.18.1` → `npm/svelte@5.55.1` → `npm/@sveltejs/kit@2.57.1` → `npm/@astrojs/vercel@8.2.11` → `npm/devalue@5.6.4` ℹ Read more on: This package \| This alert \| What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/devalue@5.6.4`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
See 23 more rows in the dashboard

View full report

pkg-pr-new Bot commented Jun 15, 2026 •

edited

Loading

More templates

@tanstack/angular-query-experimental

npm i https://pkg.pr.new/@tanstack/angular-query-experimental@10953

@tanstack/eslint-plugin-query

npm i https://pkg.pr.new/@tanstack/eslint-plugin-query@10953

@tanstack/lit-query

npm i https://pkg.pr.new/@tanstack/lit-query@10953

@tanstack/preact-query

npm i https://pkg.pr.new/@tanstack/preact-query@10953

@tanstack/preact-query-devtools

npm i https://pkg.pr.new/@tanstack/preact-query-devtools@10953

@tanstack/preact-query-persist-client

npm i https://pkg.pr.new/@tanstack/preact-query-persist-client@10953

@tanstack/query-async-storage-persister

npm i https://pkg.pr.new/@tanstack/query-async-storage-persister@10953

@tanstack/query-broadcast-client-experimental

npm i https://pkg.pr.new/@tanstack/query-broadcast-client-experimental@10953

@tanstack/query-core

npm i https://pkg.pr.new/@tanstack/query-core@10953

@tanstack/query-devtools

npm i https://pkg.pr.new/@tanstack/query-devtools@10953

@tanstack/query-persist-client-core

npm i https://pkg.pr.new/@tanstack/query-persist-client-core@10953

@tanstack/query-sync-storage-persister

npm i https://pkg.pr.new/@tanstack/query-sync-storage-persister@10953

@tanstack/react-query

npm i https://pkg.pr.new/@tanstack/react-query@10953

@tanstack/react-query-devtools

npm i https://pkg.pr.new/@tanstack/react-query-devtools@10953

@tanstack/react-query-next-experimental

npm i https://pkg.pr.new/@tanstack/react-query-next-experimental@10953

@tanstack/react-query-persist-client

npm i https://pkg.pr.new/@tanstack/react-query-persist-client@10953

@tanstack/solid-query

npm i https://pkg.pr.new/@tanstack/solid-query@10953

@tanstack/solid-query-devtools

npm i https://pkg.pr.new/@tanstack/solid-query-devtools@10953

@tanstack/solid-query-persist-client

npm i https://pkg.pr.new/@tanstack/solid-query-persist-client@10953

@tanstack/svelte-query

npm i https://pkg.pr.new/@tanstack/svelte-query@10953

@tanstack/svelte-query-devtools

npm i https://pkg.pr.new/@tanstack/svelte-query-devtools@10953

@tanstack/svelte-query-persist-client

npm i https://pkg.pr.new/@tanstack/svelte-query-persist-client@10953

@tanstack/vue-query

npm i https://pkg.pr.new/@tanstack/vue-query@10953

@tanstack/vue-query-devtools

npm i https://pkg.pr.new/@tanstack/vue-query-devtools@10953

commit: f74255f

brenelz and others added 3 commits

June 15, 2026 21:04


          fix(solid-query): make useMutation subscriber escape owned scope and …

f87aa3c

…fix Solid 2.0 test usages

useMutation's observer subscriber wrote to the store directly, so calling
mutate() synchronously from an owned scope (during render or inside an
effect) triggered the subscriber synchronously and threw
[SIGNAL_WRITE_IN_OWNED_SCOPE], silently turning the mutation into an error.
Wrap setState in runWithOwner(null, ...) to escape the owner, matching
useBaseQuery/useQueries.

Also update tests for Solid 2.0 APIs:
- useMutation: replace invalid single-arg createEffect with createTrackedEffect
- useQuery: Errored fallback receives an error accessor, use err()
- useInfiniteQuery: add keyed={false} so the outer For yields an accessor
- useQueries: use IsRestoringContext as a component instead of the
  non-existent IsRestoringProvider

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>


          chore(knip): remove redundant '@solidjs/web' from ignoreDependencies …

fa4e0a0

…for solid-query packages

knip now resolves @solidjs/web usage on its own, so the ignore entries for
packages/solid-query and packages/solid-query-persist-client are flagged as
unnecessary config hints. Drop them to satisfy --treat-config-hints-as-errors.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>


          fix(solid-query-devtools): use onSettled for mount/unmount and flush(…

f74255f

…) in tests

The Solid 2.0 migration mounted the devtools instance via queueMicrotask and
forwarded props via deferred createEffect, so the synchronous test assertions
(forwarding + unmount-on-cleanup) never saw the calls.

- Replace the queueMicrotask mount + onCleanup unmount with onSettled, the
  2.0 lifecycle primitive that replaces onMount + onCleanup (setup runs after
  the first stable render, returned cleanup runs on disposal). devtools.mount
  renders a nested Solid app (creating reactive primitives), which is
  forbidden inside an owned scope, so escape the owner with runWithOwner(null).
- In the tests, call flush() after render() (and before unmount) to run the
  deferred effects and onSettled synchronously, matching the existing
  synchronous assertions.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

brenelz marked this pull request as ready for review

June 16, 2026 02:30

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet