chore(deps): bump the production group across 1 directory with 5 updates

[dependabot]

Bumps the production group with 5 updates in the / directory:

Package	From	To
@sentry/nextjs	10.49.0	10.51.0
@supabase/supabase-js	2.104.0	2.105.1
@tanstack/react-query	5.99.2	5.100.6
posthog-js	1.369.3	1.372.5
posthog-node	5.29.2	5.32.0

Updates @sentry/nextjs from 10.49.0 to 10.51.0

Release notes

Sourced from @​sentry/nextjs's releases.

10.51.0

Important Changes

• feat(cloudflare): Add trace propagation for RPC method calls (#20343)

  Trace context is now propagated across Cloudflare Workers RPC calls, connecting traces between Workers and Durable Objects. This feature is opt-in and requires setting enableRpcTracePropagation: true in your SDK configuration:

  // Worker
  export default Sentry.withSentry(
    env => ({
      dsn: env.SENTRY_DSN,
      enableRpcTracePropagation: true,
    }),
    handler,
  );
  // Durable Object
  export const MyDurableObject = Sentry.instrumentDurableObjectWithSentry(
  env => ({
  dsn: env.SENTRY_DSN,
  enableRpcTracePropagation: true,
  }),
  MyDurableObjectBase,
  );

• feat(hono)!: Change setup for @sentry/hono/node (init in external file) (#20497)

  To improve Node.js instrumentation, the sentry() middleware exported from @sentry/hono/node no longer accepts configuration options. Instead, you must configure the SDK by calling Sentry.init() in a dedicated instrumentation file that runs before your application code (read more in the Hono SDK readme:

  // instrument.mjs (or instrument.ts)
  import * as Sentry from '@sentry/hono/node';
  Sentry.init({
  dsn: 'DSN',
  tracesSampleRate: 1.0,
  });

• feat(nitro): Add @sentry/nitro SDK (#19224)

  A new @sentry/nitro package provides first-class Sentry support for Nitro applications, with HTTP handler and error instrumentation, middleware tracing, request isolation, and build-time source map uploading via withSentryConfig. Read more in the Nitro SDK docs and the Nitro SDK readme.

Other Changes

... (truncated)

Changelog

Sourced from @​sentry/nextjs's changelog.

10.51.0

Important Changes

• feat(cloudflare): Add trace propagation for RPC method calls (#20343)

  Trace context is now propagated across Cloudflare Workers RPC calls, connecting traces between Workers and Durable Objects. This feature is opt-in and requires setting enableRpcTracePropagation: true in your SDK configuration:

  // Worker
  export default Sentry.withSentry(
    env => ({
      dsn: env.SENTRY_DSN,
      enableRpcTracePropagation: true,
    }),
    handler,
  );
  // Durable Object
  export const MyDurableObject = Sentry.instrumentDurableObjectWithSentry(
  env => ({
  dsn: env.SENTRY_DSN,
  enableRpcTracePropagation: true,
  }),
  MyDurableObjectBase,
  );

• feat(hono)!: Change setup for @sentry/hono/node (init in external file) (#20497)

  To improve Node.js instrumentation, the sentry() middleware exported from @sentry/hono/node no longer accepts configuration options. Instead, you must configure the SDK by calling Sentry.init() in a dedicated instrumentation file that runs before your application code (read more in the Hono SDK readme:

  // instrument.mjs (or instrument.ts)
  import * as Sentry from '@sentry/hono/node';
  Sentry.init({
  dsn: 'DSN',
  tracesSampleRate: 1.0,
  });

• feat(nitro): Add @sentry/nitro SDK (#19224)

  A new @sentry/nitro package provides first-class Sentry support for Nitro applications, with HTTP handler and error instrumentation, middleware tracing, request isolation, and build-time source map uploading via withSentryConfig. Read more in the Nitro SDK docs and the Nitro SDK readme.

Other Changes

... (truncated)

Commits

• dc0b839 release: 10.51.0
• b3cabee Merge pull request #20599 from getsentry/prepare-release/10.51.0
• 3be99a9 meta(changelog): Update changelog for 10.51.0
• bea1aad test(browser): Unflake some more tests (#20591)
• 50aa085 test(node): Unflake postgres tests (#20593)
• 1166839 fix(hono): Distinguish .use() middleware in sub-apps from .all() handlers...
• 217ad4a test(node): Fix flaky ANR test (#20592)
• 91ffb3f test(node): Fix flaky worker thread integration test (#20588)
• c4e3902 chore(ci): Do not report flaky test issues if we cannot find a test name (#20...
• c0005cd test(node): Update timeout for cron integration tests (#20586)
• Additional commits viewable in compare view

Updates @supabase/supabase-js from 2.104.0 to 2.105.1

Release notes

Sourced from @​supabase/supabase-js's releases.

v2.105.1

2.105.1 (2026-04-28)

🩹 Fixes

• postgrest: query reassignment regression (#2292)
• realtime: surface real Error on transport-level CHANNEL_ERROR (#2299)

❤️ Thank You

• Vaibhav @​7ttp

v2.105.1-canary.2

2.105.1-canary.2 (2026-04-28)

🩹 Fixes

• realtime: surface real Error on transport-level CHANNEL_ERROR (#2299)

v2.105.1-canary.1

2.105.1-canary.1 (2026-04-28)

This was a version bump only, there were no code changes.

v2.105.1-canary.0

2.105.1-canary.0 (2026-04-28)

🩹 Fixes

• postgrest: query reassignment regression (#2292)

❤️ Thank You

• Vaibhav @​7ttp

v2.105.0

2.105.0 (2026-04-27)

🚀 Features

• auth: add passkey support with WebAuthn registration, authentication, and management (#2283)
• realtime: Realtime deferred disconnect (#2282)

🩹 Fixes

• postgrest: narrow column types after not(column, is, null) (#2264)
• realtime: annotate Timer/Vsn getters to avoid deep phoenix imports (#2284)
• storage: apply metadata, headers, and cacheControl dedupe to uploadToSignedUrl (#2275)
• storage: forward duplex option for stream uploads via uploadToSignedUrl (#2289)

... (truncated)

Changelog

Sourced from @​supabase/supabase-js's changelog.

2.105.1 (2026-04-28)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

2.105.0 (2026-04-27)

🚀 Features

• auth: add passkey support with WebAuthn registration, authentication, and management (#2283)
• realtime: Realtime deferred disconnect (#2282)

2.104.1 (2026-04-23)

🩹 Fixes

• supabase: propagate custom fetch to realtime client (#2267)

❤️ Thank You

• Katerina Skroumpelou @​mandarini

Commits

• ca8c418 chore(release): version 2.105.0 changelogs (#2290)
• d19e6d3 [patchback] docs(misc): rename anon key → publishable key and service role ke...
• c420456 [patchback] feat(auth): add passkey support with WebAuthn registration, authe...
• bfb18bc [patchback] feat(realtime): Realtime deferred disconnect (#2282)
• ed49eed chore(release): version 2.104.1 changelogs (#2273)
• 122d3a9 fix(supabase): propagate custom fetch to realtime client (#2267)
• 9360d4a chore(release): version 2.104.0 changelogs (#2261)
• See full diff in compare view

Updates @tanstack/react-query from 5.99.2 to 5.100.6

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.100.6

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.6
  • @​tanstack/react-query@​5.100.6

@​tanstack/react-query-next-experimental@​5.100.6

Patch Changes

• Updated dependencies []:
  • @​tanstack/react-query@​5.100.6

@​tanstack/react-query-persist-client@​5.100.6

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.100.6
  • @​tanstack/react-query@​5.100.6

@​tanstack/react-query@​5.100.6

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.6

@​tanstack/react-query-devtools@​5.100.5

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-devtools@​5.100.5
  • @​tanstack/react-query@​5.100.5

@​tanstack/react-query-next-experimental@​5.100.5

Patch Changes

• Updated dependencies []:
  • @​tanstack/react-query@​5.100.5

@​tanstack/react-query-persist-client@​5.100.5

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-persist-client-core@​5.100.5
  • @​tanstack/react-query@​5.100.5

@​tanstack/react-query@​5.100.5

Patch Changes

• Updated dependencies [a53ef97]:

... (truncated)

Changelog

Sourced from @​tanstack/react-query's changelog.

5.100.6

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.6

5.100.5

Patch Changes

• Updated dependencies [a53ef97]:
  • @​tanstack/query-core@​5.100.5

5.100.4

Patch Changes

• Updated dependencies []:
  • @​tanstack/query-core@​5.100.4

5.100.3

Patch Changes

• fix(suspense): skip calling combine when queries would suspend (#10576)

• Updated dependencies [f85d825]:

  • @​tanstack/query-core@​5.100.3

5.100.2

Patch Changes

• Updated dependencies [ea4497e, d6a7bf3, 645d5d1]:
  • @​tanstack/query-core@​5.100.2

5.100.1

Patch Changes

• Updated dependencies [1bb0d23]:
  • @​tanstack/query-core@​5.100.1

5.100.0

Patch Changes

• Updated dependencies [6540a41]:
  • @​tanstack/query-core@​5.100.0

Commits

• 87f7ccf ci: Version Packages (#10604)
• 441204b ci: Version Packages (#10582)
• 55afb3e ci: Version Packages (#10581)
• fe287cc ci: Version Packages (#10579)
• f85d825 Feature/use suspense queries combine (#10576)
• 93b2845 ci: Version Packages (#10575)
• ea4497e fix(query-core): stop wrapping persister generics in NoInfer (#10510)
• 2f9527e ci: Version Packages (#10568)
• ad517e5 ci: Version Packages (#10567)
• 6540a41 feat(core): callback for retryOnMount (#10515)
• Additional commits viewable in compare view

Updates posthog-js from 1.369.3 to 1.372.5

Release notes

Sourced from posthog-js's releases.

posthog-js@1.372.5

1.372.5

Patch Changes

• #3448 c726aae Thanks @​posthog! - fix(exceptions): avoid cross-origin property access when calling the previous window.onunhandledrejection handler (2026-04-29)
• Updated dependencies []:
  • @​posthog/types@​1.372.5
  • @​posthog/core@​1.27.9

posthog-js@1.372.4

1.372.4

Patch Changes

• #3495 5a6b2a5 Thanks @​posthog! - Fix copy autocapture when copying or cutting text from Shadow DOM or document fragment contexts. (2026-04-29)
• Updated dependencies []:
  • @​posthog/types@​1.372.4
  • @​posthog/core@​1.27.8

posthog-js@1.372.3

1.372.3

Patch Changes

• #3488 5b8efc3 Thanks @​lucasheriques! - Add browser survey translation rendering and language tracking. (2026-04-27)
• Updated dependencies []:
  • @​posthog/types@​1.372.3
  • @​posthog/core@​1.27.7

posthog-js@1.372.2

1.372.2

Patch Changes

• #3484 cba2570 Thanks @​veryayskiy! - Fix autofocus (2026-04-27)
• Updated dependencies []:
  • @​posthog/types@​1.372.2
  • @​posthog/core@​1.27.6

posthog-js@1.372.1

1.372.1

Patch Changes

• #3464 70508df Thanks @​dustinbyrne! - Avoid using Blob.stream() for native async gzip compression to prevent Safari NotReadableError stream failures.

... (truncated)

Commits

• d0db43d chore: update versions and lockfile [version bump]
• c726aae fix(exceptions): avoid cross-origin access in wrapUnhandledRejection (#3448)
• 983118f chore: update versions and lockfile [version bump]
• 5a6b2a5 fix(autocapture): guard copy/cut handler against shadow DOM and document frag...
• fe1874d ci: avoid shell injection from github.base_ref in changeset check (#3494)
• a9028a5 chore: update versions and lockfile [version bump]
• eae9407 fix(react-native): include survey responses on dismiss (#3468)
• 1816007 chore: update versions and lockfile [version bump]
• 5b8efc3 feat(surveys): render translated survey copy (#3488)
• 24848fc feat(logs): storage (#3462)
• Additional commits viewable in compare view

Updates posthog-node from 5.29.2 to 5.32.0

Release notes

Sourced from posthog-node's releases.

posthog-node@5.32.0

5.32.0

Minor Changes

• #3474 70ba8f8 Thanks @​patricio-posthog! - feat(flags): support mixed targeting in local evaluation (2026-04-30)

posthog-node@5.31.0

5.31.0

Minor Changes

• #3491 974e4b2 Thanks @​dustinbyrne! - Add Express and NestJS request context support for PostHog tracing headers. (2026-04-29)

posthog-node@5.30.8

5.30.8

Patch Changes

• Updated dependencies []:
  • @​posthog/core@​1.27.9

posthog-node@5.30.7

5.30.7

Patch Changes

• Updated dependencies []:
  • @​posthog/core@​1.27.8

posthog-node@5.30.6

5.30.6

Patch Changes

• Updated dependencies []:
  • @​posthog/core@​1.27.7

posthog-node@5.30.5

5.30.5

Patch Changes

• Updated dependencies []:
  • @​posthog/core@​1.27.6

posthog-node@5.30.4

5.30.4

... (truncated)

Changelog

Sourced from posthog-node's changelog.

5.32.0

Minor Changes

• #3474 70ba8f8 Thanks @​patricio-posthog! - feat(flags): support mixed targeting in local evaluation (2026-04-30)

5.31.0

Minor Changes

• #3491 974e4b2 Thanks @​dustinbyrne! - Add Express and NestJS request context support for PostHog tracing headers. (2026-04-29)

5.30.8

Patch Changes

• Updated dependencies []:
  • @​posthog/core@​1.27.9

5.30.7

Patch Changes

• Updated dependencies []:
  • @​posthog/core@​1.27.8

5.30.6

Patch Changes

• Updated dependencies []:
  • @​posthog/core@​1.27.7

5.30.5

Patch Changes

• Updated dependencies []:
  • @​posthog/core@​1.27.6

5.30.4

Patch Changes

• Updated dependencies [70508df]:
  • @​posthog/core@​1.27.5

5.30.3

... (truncated)

Commits

• b02194b chore: update versions and lockfile [version bump]
• 70ba8f8 feat(flags): support mixed targeting in local evaluation (#3474)
• eb5fc8e chore: update versions and lockfile [version bump]
• 974e4b2 feat(node): add request context tracing headers (#3491)
• d0db43d chore: update versions and lockfile [version bump]
• 983118f chore: update versions and lockfile [version bump]
• 1816007 chore: update versions and lockfile [version bump]
• 1f68496 chore: update versions and lockfile [version bump]
• 782f944 chore: update versions and lockfile [version bump]
• 82b5b19 chore: update versions and lockfile [version bump]
• Additional commits viewable in compare view

[dependabot]

Labels

The following labels could not be found: auto-merge, dependencies, npm. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[byteworthy]

@dependabot recreate