Skip to content

chore(deps)(deps): bump the production-dependencies group with 9 updates#1218

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/production-dependencies-c266b77311
Closed

chore(deps)(deps): bump the production-dependencies group with 9 updates#1218
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/production-dependencies-c266b77311

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026
edited
Loading

Bumps the production-dependencies group with 9 updates:

Package From To
@oclif/core 4.10.5 4.10.6
msw 2.13.4 2.13.6
@libsql/client 0.17.2 0.17.3
better-auth 1.6.5 1.6.9
hono 4.12.14 4.12.15
fumadocs-core 16.8.1 16.8.4
fumadocs-ui 16.8.1 16.8.4
lucide-react 1.8.0 1.11.0
@tanstack/react-router 1.168.23 1.168.24

Updates @oclif/core from 4.10.5 to 4.10.6

Release notes

Sourced from @​oclif/core's releases.

4.10.6

Bug Fixes

  • deps: bump postcss from 8.4.31 to 8.5.10 (9b29ad4)
Changelog

Sourced from @​oclif/core's changelog.

4.10.6 (2026-04-25)

Bug Fixes

  • deps: bump postcss from 8.4.31 to 8.5.10 (9b29ad4)
Commits
  • 1316e3a chore(release): 4.10.6 [skip ci]
  • 4d2464f Merge pull request #1586 from oclif/dependabot-npm_and_yarn-postcss-8.5.10
  • 9b29ad4 fix(deps): bump postcss from 8.4.31 to 8.5.10
  • 507445a Merge pull request #1581 from oclif/dependabot-npm_and_yarn-oclif-plugin-help...
  • 3821db3 Merge pull request #1582 from oclif/dependabot-npm_and_yarn-eslint-config-ocl...
  • 4075594 Merge pull request #1583 from oclif/dependabot-npm_and_yarn-oclif-plugin-plug...
  • e8dcb6e Merge pull request #1584 from oclif/dependabot-npm_and_yarn-prettier-3.8.3
  • c8bc52b chore(dev-deps): bump prettier from 3.8.2 to 3.8.3
  • 105e404 chore(dev-deps): bump @​oclif/plugin-plugins from 5.4.60 to 5.4.61
  • 0eafd76 chore(dev-deps): bump eslint-config-oclif from 6.0.156 to 6.0.157
  • Additional commits viewable in compare view

Updates msw from 2.13.4 to 2.13.6

Release notes

Sourced from msw's releases.

v2.13.6 (2026-04-24)

Bug Fixes

  • WebSocketHandler: add public test() method (#2727) (3da7048e05fae80fe3410e3af86f6c3dd3cfaead) @​kettanaito

v2.13.5 (2026-04-23)

Bug Fixes

  • reset generator state on .resetHandlers()/.restoreHandlers() (#2725) (8d16801cacd89e5aff336c43e888df19fad04417) @​kettanaito
Commits
  • a680221 chore(release): v2.13.6
  • 3da7048 fix(WebSocketHandler): add public test() method (#2727)
  • d814fc8 chore(release): v2.13.5
  • 8d16801 fix: reset generator state on .resetHandlers()/.restoreHandlers() (#2725)
  • edeb058 chore: replace missing ServiceWorkerIncomingRequest with `IncomingWorkerReq...
  • See full diff in compare view

Updates @libsql/client from 0.17.2 to 0.17.3

Commits

Updates better-auth from 1.6.5 to 1.6.9

Release notes

Sourced from better-auth's releases.

v1.6.9

better-auth

Bug Fixes

  • Fixed instrumentation resolution in the adapter factory so edge and browser environments correctly use the pure variant (#9340)

For detailed changes, see CHANGELOG

Contributors

Thanks to everyone who contributed to this release:

@​erquhart

Full changelog: v1.6.8...v1.6.9

v1.6.8

better-auth

Bug Fixes

  • Fixed mapProfileToUser fallback for OAuth providers that may omit email from their profile response (#9331)
  • Fixed support for passing id through beforeCreateTeam and beforeCreateInvitation hooks (#9253)

For detailed changes, see CHANGELOG

@better-auth/oauth-provider

Bug Fixes

  • Fixed authorization flows that do not include a state parameter (#9328)

For detailed changes, see CHANGELOG

@better-auth/passkey

Bug Fixes

  • Fixed incompatibility with TypeScript's exactOptionalPropertyTypes compiler option (#9270)

For detailed changes, see CHANGELOG

Contributors

Thanks to everyone who contributed to this release:

@​baptisteArno, @​gustavovalverde, @​ping-maxwell

Full changelog: v1.6.7...v1.6.8

... (truncated)

Changelog

Sourced from better-auth's changelog.

1.6.9

Patch Changes

  • Updated dependencies [815ecf6]:
    • @​better-auth/core@​1.6.9
    • @​better-auth/drizzle-adapter@​1.6.9
    • @​better-auth/kysely-adapter@​1.6.9
    • @​better-auth/memory-adapter@​1.6.9
    • @​better-auth/mongo-adapter@​1.6.9
    • @​better-auth/prisma-adapter@​1.6.9
    • @​better-auth/telemetry@​1.6.9

1.6.8

Patch Changes

  • #9253 856ab24 Thanks @​baptisteArno! - fix(organization): allow passing id through beforeCreateTeam and beforeCreateInvitation

    Mirrors #4765 for teams and invitations: adapter.createTeam and adapter.createInvitation now pass forceAllowId: true, so ids returned from the respective hooks survive the DB insert.

  • #9331 9aa8e63 Thanks @​gustavovalverde! - fix(oauth): support mapProfileToUser fallback for providers that may omit email

    Social sign-in with OAuth providers that may return no email address (Discord phone-only accounts, Apple subsequent sign-ins, GitHub private emails, Facebook, LinkedIn, and Microsoft Entra ID managed users) can now be unblocked by synthesizing an email inside mapProfileToUser. Rejection logger messages now point at this workaround and at the new "Handling Providers Without Email" docs section.

    Provider profile types now reflect where email can be null or absent:

    • DiscordProfile.email is string | null and optional (absent when the email scope is not granted)
    • AppleProfile.email is optional
    • GithubProfile.email is string | null
    • FacebookProfile.email is optional
    • FacebookProfile.email_verified is optional (Meta's Graph API does not include this field)
    • LinkedInProfile.email is optional
    • LinkedInProfile.email_verified is optional
    • MicrosoftEntraIDProfile.email is optional

    TypeScript consumers who previously dereferenced profile.email directly inside mapProfileToUser will see a compile error that matches the runtime reality; use a nullish-coalescing fallback (profile.email ?? ...) or null-check the field.

    Sign-in still rejects with error=email_not_found (social callback) or error=email_is_missing (Generic OAuth plugin) when neither the provider nor mapProfileToUser produces an email. First-class support for users without an email, keyed on (providerId, accountId) per OpenID Connect Core §5.7, is tracked in #9124.

  • Updated dependencies [9aa8e63]:

    • @​better-auth/core@​1.6.8
    • @​better-auth/drizzle-adapter@​1.6.8
    • @​better-auth/kysely-adapter@​1.6.8
    • @​better-auth/memory-adapter@​1.6.8
    • @​better-auth/mongo-adapter@​1.6.8
    • @​better-auth/prisma-adapter@​1.6.8
    • @​better-auth/telemetry@​1.6.8

1.6.7

... (truncated)

Commits
  • f484269 chore: release v1.6.9 (#9341)
  • fef7dd6 chore: update readme (#9330)
  • b289ac6 chore: release v1.6.8 (#9316)
  • 9aa8e63 fix(oauth): support mapProfileToUser fallback for providers that may omit e...
  • 856ab24 fix(organization): allow passing id through beforeCreateTeam and `beforeCre...
  • f8076d1 chore: release v1.6.7 (#9289)
  • 4f373ee feat(social-providers): accept array of Client IDs for ID token audience (#9292)
  • e1b1cfc fix(oauth2): guard against undefined body when parsing state (#9293)
  • d053a45 fix(phone-number): call callbackOnVerification when updatePhoneNumber is enab...
  • 307196a fix(api): preserve response headers when APIError is thrown (#9211)
  • Additional commits viewable in compare view

Updates hono from 4.12.14 to 4.12.15

Release notes

Sourced from hono's releases.

v4.12.15

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.12.14...v4.12.15

Commits

Updates fumadocs-core from 16.8.1 to 16.8.4

Release notes

Sourced from fumadocs-core's releases.

fumadocs-core@16.8.4

Patch Changes

  • 61b15e9: fix Shiki languages not loaded under lazy mode
  • 1a5433c: Support $ in locale for page tree generation

fumadocs-core@16.8.3

No release notes provided.

fumadocs-core@16.8.2

No release notes provided.

Commits

Updates fumadocs-ui from 16.8.1 to 16.8.4

Release notes

Sourced from fumadocs-ui's releases.

fumadocs-ui@16.8.4

Patch Changes

  • b5ff03b: Support new OG image design for Takumi
  • Updated dependencies [61b15e9]
  • Updated dependencies [1a5433c]
    • fumadocs-core@16.8.4

fumadocs-ui@16.8.3

Patch Changes

  • 8082ef6: Add legacy/layout for versions prior to 16.2
  • 8082ef6: Add css/preset-legacy.css for versions prior to 16.2
  • 8082ef6: Add legacy/sidebar for versions prior to 16.2
    • fumadocs-core@16.8.3

fumadocs-ui@16.8.2

Patch Changes

  • 0e8405a: Update default OG image
    • fumadocs-core@16.8.2
Commits

Updates lucide-react from 1.8.0 to 1.11.0

Release notes

Sourced from lucide-react's releases.

Version 1.11.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.9.0...1.11.0

Version 1.10.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.9.0...1.10.0

Version 1.9.0

What's Changed

New Contributors

... (truncated)

Commits

Updates @tanstack/react-router from 1.168.23 to 1.168.24

Changelog

Sourced from @​tanstack/react-router's changelog.

1.168.24

Patch Changes

  • Add TanStack Start inline CSS manifest support for SSR so route styles can be embedded in the HTML response and hydrated without duplicate stylesheet links. (#7253)

  • Updated dependencies [4d864ee]:

    • @​tanstack/router-core@​1.168.16
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps)(deps): bump the production-dependencies group with 9 updates
1a350e2 
Bumps the production-dependencies group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [@oclif/core](https://github.com/oclif/core) | `4.10.5` | `4.10.6` |
| [msw](https://github.com/mswjs/msw) | `2.13.4` | `2.13.6` |
| [@libsql/client](https://github.com/tursodatabase/libsql-client-ts/tree/HEAD/packages/libsql-client) | `0.17.2` | `0.17.3` |
| [better-auth](https://github.com/better-auth/better-auth/tree/HEAD/packages/better-auth) | `1.6.5` | `1.6.9` |
| [hono](https://github.com/honojs/hono) | `4.12.14` | `4.12.15` |
| [fumadocs-core](https://github.com/fuma-nama/fumadocs) | `16.8.1` | `16.8.4` |
| [fumadocs-ui](https://github.com/fuma-nama/fumadocs) | `16.8.1` | `16.8.4` |
| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.8.0` | `1.11.0` |
| [@tanstack/react-router](https://github.com/TanStack/router/tree/HEAD/packages/react-router) | `1.168.23` | `1.168.24` |


Updates `@oclif/core` from 4.10.5 to 4.10.6
- [Release notes](https://github.com/oclif/core/releases)
- [Changelog](https://github.com/oclif/core/blob/main/CHANGELOG.md)
- [Commits](oclif/core@4.10.5...4.10.6)

Updates `msw` from 2.13.4 to 2.13.6
- [Release notes](https://github.com/mswjs/msw/releases)
- [Changelog](https://github.com/mswjs/msw/blob/main/CHANGELOG.md)
- [Commits](mswjs/msw@v2.13.4...v2.13.6)

Updates `@libsql/client` from 0.17.2 to 0.17.3
- [Release notes](https://github.com/tursodatabase/libsql-client-ts/releases)
- [Changelog](https://github.com/tursodatabase/libsql-client-ts/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tursodatabase/libsql-client-ts/commits/v0.17.3/packages/libsql-client)

Updates `better-auth` from 1.6.5 to 1.6.9
- [Release notes](https://github.com/better-auth/better-auth/releases)
- [Changelog](https://github.com/better-auth/better-auth/blob/main/packages/better-auth/CHANGELOG.md)
- [Commits](https://github.com/better-auth/better-auth/commits/better-auth@1.6.9/packages/better-auth)

Updates `hono` from 4.12.14 to 4.12.15
- [Release notes](https://github.com/honojs/hono/releases)
- [Commits](honojs/hono@v4.12.14...v4.12.15)

Updates `fumadocs-core` from 16.8.1 to 16.8.4
- [Release notes](https://github.com/fuma-nama/fumadocs/releases)
- [Commits](https://github.com/fuma-nama/fumadocs/compare/fumadocs-core@16.8.1...fumadocs-core@16.8.4)

Updates `fumadocs-ui` from 16.8.1 to 16.8.4
- [Release notes](https://github.com/fuma-nama/fumadocs/releases)
- [Commits](https://github.com/fuma-nama/fumadocs/compare/fumadocs-ui@16.8.1...fumadocs-ui@16.8.4)

Updates `lucide-react` from 1.8.0 to 1.11.0
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/1.11.0/packages/lucide-react)

Updates `@tanstack/react-router` from 1.168.23 to 1.168.24
- [Release notes](https://github.com/TanStack/router/releases)
- [Changelog](https://github.com/TanStack/router/blob/main/packages/react-router/CHANGELOG.md)
- [Commits](https://github.com/TanStack/router/commits/@tanstack/react-router@1.168.24/packages/react-router)

---
updated-dependencies:
- dependency-name: "@oclif/core"
  dependency-version: 4.10.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: msw
  dependency-version: 2.13.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: "@libsql/client"
  dependency-version: 0.17.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: better-auth
  dependency-version: 1.6.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: hono
  dependency-version: 4.12.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: fumadocs-core
  dependency-version: 16.8.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: fumadocs-ui
  dependency-version: 16.8.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: lucide-react
  dependency-version: 1.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: "@tanstack/react-router"
  dependency-version: 1.168.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 27, 2026
@vercel
Copy link
Copy Markdown

vercel Bot commented Apr 27, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
objectstack-demo Ready Ready Preview, Comment Apr 27, 2026 2:32am
spec Error Error Apr 27, 2026 2:32am

Request Review

@github-actions github-actions Bot added documentation Improvements or additions to documentation size/s labels Apr 27, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 27, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Apr 27, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/production-dependencies-c266b77311 branch April 27, 2026 15:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file documentation Improvements or additions to documentation javascript Pull requests that update javascript code size/s

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants